MiniToolBox by Farbar Version: 17-06-2016 Ran by markm (administrator) on 30-05-2020 at 09:35:59 Running from "C:\Users\markm\Desktop" Microsoft Windows 10 Pro (X64) Model: MS-7B98 Manufacturer: Micro-Star International Co., Ltd. Boot Mode: Normal *************************************************************************** ========================= Event log errors: =============================== Application errors: ================== Error: (05/30/2020 01:56:58 AM) (Source: VSS) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] Error: (05/28/2020 04:42:26 PM) (Source: VSS) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (05/28/2020 04:42:26 PM) (Source: VSS) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] Error: (05/28/2020 02:08:50 PM) (Source: Microsoft-Windows-Perflib) (User: NT AUTHORITY) Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 29256 and the required size was 36536. Error: (05/26/2020 10:04:12 PM) (Source: VSS) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, A device attached to the system is not functioning. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (05/25/2020 04:15:40 PM) (Source: Application Error) (User: ) Description: Faulting application name: cavwp.exe, version: 12.2.2.7036, time stamp: 0x5e565074 Faulting module name: ntdll.dll, version: 10.0.18362.815, time stamp: 0xb29ecf52 Exception code: 0xc0000005 Fault offset: 0x0000000000024f32 Faulting process id: 0x3388 Faulting application start time: 0xcavwp.exe0 Faulting application path: cavwp.exe1 Faulting module path: cavwp.exe2 Report Id: cavwp.exe3 Faulting package full name: cavwp.exe4 Faulting package-relative application ID: cavwp.exe5 Error: (05/24/2020 10:45:07 AM) (Source: VSS) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (05/24/2020 10:45:07 AM) (Source: VSS) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] Error: (05/24/2020 10:45:07 AM) (Source: VSS) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (05/24/2020 10:45:07 AM) (Source: VSS) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] System errors: ============= Error: (05/30/2020 02:04:26 AM) (Source: DCOM) (User: DESKTOP-0UOTHHV) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (05/30/2020 02:04:26 AM) (Source: DCOM) (User: DESKTOP-0UOTHHV) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (05/30/2020 02:04:26 AM) (Source: DCOM) (User: DESKTOP-0UOTHHV) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (05/30/2020 02:04:26 AM) (Source: DCOM) (User: DESKTOP-0UOTHHV) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (05/30/2020 02:04:26 AM) (Source: DCOM) (User: DESKTOP-0UOTHHV) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (05/30/2020 02:04:26 AM) (Source: DCOM) (User: DESKTOP-0UOTHHV) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (05/30/2020 02:04:26 AM) (Source: DCOM) (User: DESKTOP-0UOTHHV) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (05/30/2020 02:04:26 AM) (Source: DCOM) (User: DESKTOP-0UOTHHV) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (05/30/2020 02:04:26 AM) (Source: DCOM) (User: DESKTOP-0UOTHHV) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (05/30/2020 02:04:26 AM) (Source: DCOM) (User: DESKTOP-0UOTHHV) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Microsoft Office Sessions: ========================= Error: (05/30/2020 01:56:58 AM) (Source: VSS)(User: ) Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x8007045b, A system shutdown is in progress. Error: (05/28/2020 04:42:26 PM) (Source: VSS)(User: ) Description: CoCreateInstance0x8007045b, A system shutdown is in progress. Error: (05/28/2020 04:42:26 PM) (Source: VSS)(User: ) Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x8007045b, A system shutdown is in progress. Error: (05/28/2020 02:08:50 PM) (Source: Microsoft-Windows-Perflib)(User: NT AUTHORITY) Description: C:\Windows\System32\perfts.dllLSM2925636536 Error: (05/26/2020 10:04:12 PM) (Source: VSS)(User: ) Description: QueryFullProcessImageNameW0x8007001f, A device attached to the system is not functioning. Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (05/25/2020 04:15:40 PM) (Source: Application Error)(User: ) Description: cavwp.exe12.2.2.70365e565074ntdll.dll10.0.18362.815b29ecf52c00000050000000000024f32338801d632d142abe499C:\Program Files\COMODO\COMODO Internet Security\cavwp.exeC:\Windows\SYSTEM32\ntdll.dll73588c6b-6a17-4dad-bfad-15a1dbd69a7a Error: (05/24/2020 10:45:07 AM) (Source: VSS)(User: ) Description: CoCreateInstance0x8007045b, A system shutdown is in progress. Error: (05/24/2020 10:45:07 AM) (Source: VSS)(User: ) Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x8007045b, A system shutdown is in progress. Error: (05/24/2020 10:45:07 AM) (Source: VSS)(User: ) Description: CoCreateInstance0x8007045b, A system shutdown is in progress. Error: (05/24/2020 10:45:07 AM) (Source: VSS)(User: ) Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x8007045b, A system shutdown is in progress. CodeIntegrity Errors: =================================== Date: 2020-05-30 09:33:33.910 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-30 09:33:33.797 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-30 09:33:33.527 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-30 09:33:33.327 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-30 09:33:33.301 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-30 09:33:33.272 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-30 09:33:33.250 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-30 09:33:33.223 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-30 09:33:30.407 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-05-30 09:33:29.753 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. =========================== Installed Programs ============================ Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.009.20065 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.1.0.407 - Adobe Systems Incorporated) Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_1_3) (Version: 21.1.3 - Adobe Inc.) Affinity Designer (HKLM\...\{6F0DC7EB-161A-409C-9B26-3EB3FE9ED69D}) (Version: 1.8.3.641 - Serif (Europe) Ltd) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach) Cisco Webex Meetings Desktop App (HKLM-x32\...\{EFE0FC39-2FF3-49BF-88E4-B74DB1E7EB74}) (Version: 40.4.10.8 - Cisco Webex LLC) COMODO Antivirus (HKLM\...\{0E9AFD45-C3BA-41D1-B54B-495A22CB3409}) (Version: 12.2.2.7036 - COMODO Security Solutions Inc.) Hidden COMODO Antivirus (HKLM\...\COMODO Internet Security) (Version: 12.2.2.7036 - COMODO Security Solutions Inc.) CrystalDiskInfo 8.5.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.5.2 - Crystal Dew World) FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.61 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden HitFilm Express (HKLM\...\{9878FC34-063A-4B70-BAC5-2D188AC11678}) (Version: 14.3.9931.38452 - FXHOME) Intel(R) Chipset Device Software (HKLM-x32\...\{c4a581e8-a702-448c-80c7-4b6192985db2}) (Version: 10.1.18228.8176 - Intel(R) Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.7.0.1006 - Intel Corporation) Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{AA90D357-23D3-44C1-954D-7105B0C08F38}) (Version: 17.7.0.1006 - Intel Corporation) Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.37 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - ) Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.11929.20776 - Microsoft Corporation) Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation) Microsoft Teams (HKCU\...\Teams) (Version: 1.3.00.9267 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) NVIDIA Graphics Driver 442.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.50 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20776 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20776 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11929.20776 - Microsoft Corporation) Hidden Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.1.0.170 - Samsung Electronics) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.9267 - Microsoft Corporation) Telegram Desktop version 2.1.6 (HKCU\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.1.6 - Telegram FZ-LLC) Zoom (HKCU\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.) ========================= Devices: ================================ ========================= Memory info: =================================== Percentage of memory in use: 22% Total physical RAM: 16322.36 MB Available physical RAM: 12579.57 MB Total Virtual: 19266.36 MB Available Virtual: 13672.92 MB ========================= Partitions: ===================================== 1 Drive c: () (Fixed) (Total:930.88 GB) (Free:869.91 GB) NTFS ========================= Users: ======================================== User accounts for \\DESKTOP-0UOTHHV Administrator DefaultAccount Guest markm WDAGUtilityAccount **** End of log ****