HP p7-110, WIndows 7 Home Premium SP! 64 bit
A friend starting having trouble with Office 2010 requiring license key on accessing documents. The program would not accept her code as valid. Then she started having trouble with Live Mail. She received some "help" from a supposed Microsoft support agent before terminating their remote connection. She also asked her ISP for help. They suggested she get someone with hands on the computer because they couldn't resolve the issues. She was using Trend Micro Titanium as her Antivirus. I have replaced it with AVAST Free in case Trend Micro was interfering with the computer cleanup.
This computer has me stumped. Usually use of some good malware tools cleans up a computer, but not this one. I've gotten as much cleaned up as I can, but Windows Update doesn't run because the service installer can not be started. Other services such as scannow and system restore won't work either. I can connect to the internet, but can't run Panda Online Scan. Tweaking.com did not clear up problems with the windows services. Easy Recovery Virus scan found 2 instances of win.worm.palevo-4055 associated with Power2Go and 1 Trojan. Adwcleaner removed a lot of malware as did JRT. JRT reestablished a wired network connection. I tried to run an in place "upgrade" repair of Windows 7, but the program reports it's not able to obtain information from the computer discs.
=============================
I am trying to insert the logs instead, but have not been successful.
aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2015-07-30 19:46:55
-----------------------------
19:46:55.570 OS Version: Windows x64 6.1.7601 Service Pack 1
19:46:55.570 Number of processors: 4 586 0x2A07
19:46:55.570 ComputerName: CAROLVANDENBOSC UserName:
19:46:58.878 Initialize success
19:46:58.893 VM: initialized successfully
19:46:58.909 VM: Intel CPU BiosDisabled
19:47:02.434 AVAST engine defs: 15073003
19:47:12.746 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:47:12.762 Disk 0 Vendor: ST310005 HP63 Size: 953869MB BusType: 3
19:47:12.871 Disk 0 MBR read successfully
19:47:12.871 Disk 0 MBR scan
19:47:12.871 Disk 0 Windows 7 default MBR code
19:47:12.886 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:47:12.886 Disk 0 Boot: NTFS code=1
19:47:12.886 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 941808 MB offset 206848
19:47:12.918 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11959 MB offset 1929029632
19:47:12.964 Disk 0 scanning C:\Windows\system32\drivers
19:47:22.278 Service scanning
19:47:36.786 Modules scanning
19:47:36.786 Disk 0 trace - called modules:
19:47:36.817 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
19:47:36.832 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800888b060]
19:47:36.832 3 CLASSPNP.SYS[fffff88000db043f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80060fd050]
19:47:39.531 AVAST engine scan C:\Windows
19:47:41.403 AVAST engine scan C:\Windows\system32
19:49:55.080 AVAST engine scan C:\Windows\system32\drivers
19:50:06.577 AVAST engine scan C:\Users\carol vandenbosch
19:58:40.380 AVAST engine scan C:\ProgramData
20:04:46.278 Disk 0 statistics 5132453/0/0 @ 2.96 MB/s
20:04:46.278 Scan finished successfully
20:25:51.908 Disk 0 MBR has been saved successfully to "C:\Users\carol vandenbosch\Downloads\MBR.dat"
20:25:51.908 The log file has been saved successfully to "C:\Users\carol vandenbosch\Downloads\aswMBR.txt"
I am attaching logs from aswMBR and FRST64. I'm not sure if I should be posting in the Windows forum or here. We would really appreciate your help.
Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-07-2015
Ran by carol vandenbosch (2015-07-30 20:33:16)
Running from C:\Users\carol vandenbosch\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1993600733-451308219-2223829884-500 - Administrator - Enabled) => C:\Users\Administrator
ASPNET (S-1-5-21-1993600733-451308219-2223829884-1004 - Limited - Enabled)
carol vandenbosch (S-1-5-21-1993600733-451308219-2223829884-1000 - Administrator - Enabled) => C:\Users\carol vandenbosch
Guest (S-1-5-21-1993600733-451308219-2223829884-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1993600733-451308219-2223829884-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.01.18.0 - Ralink)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Amazon Kindle (HKU\S-1-5-21-1993600733-451308219-2223829884-1000\...\Amazon Kindle) (Version: - Amazon)
AndreaMosaic 3.33.0 (HKLM-x32\...\AndreaMosaic) (Version: - )
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AuthenTec TrueAPI (Version: 1.3.0.116 - AuthenTec, Inc.) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blio (HKLM-x32\...\{9EAAB95B-17B6-43CF-B4E9-4A90937C83FD}) (Version: 3.2.9594 - K-NFB Reading Technology, Inc.)
BookSmart® 3.4.3 3.4.3 (HKLM-x32\...\BookSmart® 3.4.3 3.4.3) (Version: - Blurb, Inc)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
ChromecastApp (HKU\S-1-5-21-1993600733-451308219-2223829884-1000\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Elevated Installer (x32 Version: 4.0.19.0 - Garmin Ltd or its subsidiaries) Hidden
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Garmin Communicator Plugin (HKLM-x32\...\{8ED02445-D491-414C-A56D-2ED6BBB7239A}) (Version: 3.0.1 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{3ee9d193-ab0b-47f1-a31c-cce4678679ce}) (Version: 4.0.19.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.0.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.0.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
HD Tune 2.54 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HP Deskjet 3520 series Basic Device Software (HKLM\...\{E80963EC-EED7-411A-8AC0-149EC57FB0F9}) (Version: 27.0.847.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Help (HKLM-x32\...\{C13E1F46-84FE-4D3B-8581-0F2F624C7EEC}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Product Improvement Study (HKLM\...\{177F4FEE-E119-4AB7-9B32-ECF6A1D03719}) (Version: 27.0.847.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard Company)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12412 - HP)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP SimplePass PE 2011 (HKLM-x32\...\{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}) (Version: 5.3.0.194 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Jacquie Lawson Quick Send Widget (HKLM-x32\...\JLQuickSendWidget) (Version: 1.0.7 - MicroCourt Limited)
Jacquie Lawson Quick Send Widget (x32 Version: 1.0.7 - MicroCourt Limited) Hidden
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 1.6 - Kobo Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3925 - CyberLink Corp.) Hidden
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1993600733-451308219-2223829884-1000\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Publishing Wizard 1.52 (HKLM-x32\...\WebPost) (Version: - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5331 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5331 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.10.1217.0 - NewspaperDirect Inc.)
PrintMaster 2.0 Gold (HKLM-x32\...\6485-4051-8654-1628) (Version: - Encore Software Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6378 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4222 - CyberLink Corp.) Hidden
RegCure Pro (HKLM-x32\...\{C547F361-5750-4CD1-9FB6-BC93827CB6C1}) (Version: 3.1.0.0 - ParetoLogic, Inc.) <==== ATTENTION
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Slingo Supreme (x32 Version: 2.2.0.97 - WildTangent) Hidden
The Print Shop 22 (HKLM-x32\...\{1D2AB963-7FF4-4446-BF22-822101AA550F}) (Version: 22.00.0000 - Broderbund Software)
The Print Shop 3.0 Fonts (HKLM-x32\...\{2C3060F6-F0DC-4F63-A70F-2070BE57EEDC}) (Version: 1.0 - Encore)
TPS 3.0 Standard (HKLM-x32\...\{E8BAA8B9-DCFE-4589-B11F-2C88F317C5D8}) (Version: 3.0.3 - Encore)
Trend Micro Titanium (Version: 6.00 - Trend Micro Inc.) Hidden
Trend Micro Titanium Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 6.0 - Trend Micro Inc.)
TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version: - Intuit, Inc)
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.3.1 - Tweaking.com)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
VIP Access SDK (1.0.1.4) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.4 - Symantec Inc.)
Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.31 - WildTangent) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1993600733-451308219-2223829884-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\carol vandenbosch\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1993600733-451308219-2223829884-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\carol vandenbosch\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1993600733-451308219-2223829884-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\carol vandenbosch\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1993600733-451308219-2223829884-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\carol vandenbosch\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1993600733-451308219-2223829884-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\carol vandenbosch\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1993600733-451308219-2223829884-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\carol vandenbosch\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1993600733-451308219-2223829884-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\carol vandenbosch\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1993600733-451308219-2223829884-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\carol vandenbosch\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1993600733-451308219-2223829884-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\carol vandenbosch\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1993600733-451308219-2223829884-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\carol vandenbosch\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1993600733-451308219-2223829884-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\carol vandenbosch\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1993600733-451308219-2223829884-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\carol vandenbosch\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1993600733-451308219-2223829884-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\carol vandenbosch\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1993600733-451308219-2223829884-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\carol vandenbosch\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1993600733-451308219-2223829884-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\carol vandenbosch\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1993600733-451308219-2223829884-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\carol vandenbosch\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
Check "winmgmt" service or repair WMI.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2015-07-30 18:15 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C6B026D-7817-4F6A-AD83-8BA0D267CC24} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2015-07-28] ()
Task: {3896D8B7-4CCA-4F47-B8C7-F1E7E999D7D1} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {4BD45377-B45E-49E0-A7EE-AF2E183746BB} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {58D99919-6300-4740-B360-55542FAB68B2} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe [2015-07-28] (Hewlett-Packard Co.)
Task: {7C528F4A-E0A3-47EA-ABAA-5C3A07403D1F} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2015-07-28] ()
Task: {8BB1031E-2EC1-4848-98FA-7B2E5B910CCC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1993600733-451308219-2223829884-1000Core => C:\Users\carol vandenbosch\AppData\Local\Google\Update\GoogleUpdate.exe [2015-07-28] (Google Inc.)
Task: {914A016D-2295-499C-BF74-850F375071E3} - System32\Tasks\{C1E12FD3-3DC6-4186-BB2D-EAEE54786E1A} => pcalua.exe -a "C:\Users\carol vandenbosch\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MHXNW4UM\wlsetup-web.exe" -d "C:\Users\carol vandenbosch\Desktop"
Task: {A3BF6CB6-47AB-46DC-9FE2-1EADCB576AD1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-28] (Piriform Ltd)
Task: {AC4CD605-9A16-437A-9197-BCDBA601EE12} - System32\Tasks\{C3F0B690-1810-4A2A-B9C0-C9E849065A21} => pcalua.exe -a E:\setup.exe -d E:\
Task: {B5CA4C80-CFD0-45CE-97BC-6F0C740452E6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1993600733-451308219-2223829884-1000UA => C:\Users\carol vandenbosch\AppData\Local\Google\Update\GoogleUpdate.exe [2015-07-28] (Google Inc.)
Task: {C0C25E62-7CB4-49CF-A4AE-E12E6711F1B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {C1BE735B-295D-4FD9-8673-5CED6AA5A20C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {C3D500B0-791F-42DF-BC8C-BC10B09B3DBE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-29] (AVAST Software)
Task: {E1B5A13B-2129-42CB-AED1-8A956FA1B878} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-28] (Google Inc.)
Task: {E7B2D904-EF72-4C92-8514-FB78C0B55DD2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-28] (Google Inc.)
Task: {F367F87F-9F14-4A31-970C-315FB3E873C9} - System32\Tasks\HPCeeScheduleForCAROLVANDENBOSC$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-07-28] (Hewlett-Packard)
Task: {FDC85282-8AD6-40AD-9A88-74161B2CF118} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-28] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1993600733-451308219-2223829884-1000Core.job => C:\Users\carol vandenbosch\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1993600733-451308219-2223829884-1000UA.job => C:\Users\carol vandenbosch\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\HPCeeScheduleForCAROLVANDENBOSC$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (Whitelisted) ==============
2011-10-07 04:39 - 2015-07-28 17:26 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2015-07-29 22:14 - 2015-07-29 22:14 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-29 22:14 - 2015-07-29 22:14 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-30 17:03 - 2015-07-30 17:03 - 02959360 _____ () C:\Program Files\AVAST Software\Avast\defs\15073003\algo.dll
2015-07-29 22:14 - 2015-07-29 22:14 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\carol vandenbosch\Documents\Children.eml:OECustomProperty
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LMIRescueUA_2035275 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1993600733-451308219-2223829884-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\carol vandenbosch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.67.222.222 - 20.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^carol vandenbosch^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Jacquie Lawson Quick Send Widget.lnk => C:\windows\pss\Jacquie Lawson Quick Send Widget.lnk.Startup
MSCONFIG\startupfolder: C:^Users^carol vandenbosch^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\carol vandenbosch\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{14D0A45A-5968-498B-8B43-73E92C3F7A5F}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{2139DE1B-4E27-44BB-A7F2-6D1B7AAF1651}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{7F23DF94-13D1-47CF-9DD0-36CA416FFECA}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{67667954-F8A4-4594-9F7D-ADB185FA2A32}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe
FirewallRules: [{B7EE9ADC-A3F9-4513-A8EC-074BC04FEEBE}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{A4A4F2CC-7B91-433D-A38E-8E05C0AE7DDC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{45D75326-683D-4B67-BF50-20508DA16D6A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{768E1C0A-11CE-4C26-83ED-BB909B446BA0}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{9C03B427-C81B-4C47-AC72-B371EA6F9C34}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe
FirewallRules: [{EA32974C-4AD2-4EEB-8C85-09EB1A3177B9}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{931A44A5-954C-46E8-9B0C-C01281525F6E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [{F1905AE5-ED2D-4598-A4A1-C1B4672FED52}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{11E7E2AF-BE6E-464F-81A3-44A3215F8027}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{4D3195D2-2C15-43C9-855D-80531351A328}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{AD82EF58-57BE-4DAA-B201-4C9525327D8E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{115CB39F-BF17-4352-9FBB-84D515821046}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{D61C4883-463C-4639-9804-C4531B2168B1}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{FB5E89EC-AC52-4485-BD0B-9D20EBBFA24F}] => (Allow) C:\Users\carol vandenbosch\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{5CF74C28-F2DC-4FA3-AFEE-DB1211AE8323}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6F5AE17D-8DC1-49B4-8F89-A0BE2E021AC1}] => (Allow) LPort=2869
FirewallRules: [{8C12B527-FED0-449A-B4F3-C39D5415BB7F}] => (Allow) LPort=1900
FirewallRules: [{8F8C6F22-303D-4A30-96FC-9D650D0A6761}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{32725373-7CA1-4B05-9CE9-FFAA7BB2B989}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2A66F169-0334-47FE-B35F-CE8D94D26316}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{2AC794BD-7E6E-4F59-A196-FD1D4C95CB7B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{1FEA7CDE-97A0-4F4A-AC1D-F25C9F288515}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{09C48E5D-98DC-4CB3-9B4E-F813FFF0B52E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/30/2015 07:19:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040154, Class not registered
.
Operation:
Instantiating VSS server
Error: (07/30/2015 07:19:33 PM) (Source: VSS) (EventID: 22) (User: )
Description: Volume Shadow Copy Service error: A critical component required by the Volume Shadow Copy service is not registered.
This might happened if an error occurred during Windows setup or during installation of a Shadow Copy provider.
The error returned from CoCreateInstance on class with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and Name IVssCoordinatorEx2 is [0x80040154, Class not registered
].
Operation:
Instantiating VSS server
Error: (07/30/2015 07:19:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040154, Class not registered
.
Operation:
Instantiating VSS server
Error: (07/30/2015 07:19:32 PM) (Source: VSS) (EventID: 22) (User: )
Description: Volume Shadow Copy Service error: A critical component required by the Volume Shadow Copy service is not registered.
This might happened if an error occurred during Windows setup or during installation of a Shadow Copy provider.
The error returned from CoCreateInstance on class with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and Name IVssCoordinatorEx2 is [0x80040154, Class not registered
].
Operation:
Instantiating VSS server
Error: (07/30/2015 07:19:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040154, Class not registered
.
Operation:
Instantiating VSS server
Error: (07/30/2015 07:19:32 PM) (Source: VSS) (EventID: 22) (User: )
Description: Volume Shadow Copy Service error: A critical component required by the Volume Shadow Copy service is not registered.
This might happened if an error occurred during Windows setup or during installation of a Shadow Copy provider.
The error returned from CoCreateInstance on class with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and Name IVssCoordinatorEx2 is [0x80040154, Class not registered
].
Operation:
Instantiating VSS server
Error: (07/30/2015 06:44:20 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040154, Class not registered
.
Operation:
Subscribing Writer
Context:
Writer Class Id: {4969d978-be47-48b0-b100-f328f07ac1e0}
Writer Name: BITS Writer
Writer Instance ID: {1066fd5b-9e44-4ce5-a018-f7005aad0985}
Error: (07/30/2015 06:44:20 PM) (Source: VSS) (EventID: 22) (User: )
Description: Volume Shadow Copy Service error: A critical component required by the Volume Shadow Copy service is not registered.
This might happened if an error occurred during Windows setup or during installation of a Shadow Copy provider.
The error returned from CoCreateInstance on class with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and Name CEventSystem is [0x80040154, Class not registered
].
Operation:
Subscribing Writer
Context:
Writer Class Id: {4969d978-be47-48b0-b100-f328f07ac1e0}
Writer Name: BITS Writer
Writer Instance ID: {1066fd5b-9e44-4ce5-a018-f7005aad0985}
Error: (07/30/2015 06:42:08 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (07/30/2015 06:42:05 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
System errors:
=============
Error: (07/30/2015 06:45:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® Management and Security Application User Notification Service service failed to start due to the following error:
%%1053
Error: (07/30/2015 06:45:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® Management and Security Application User Notification Service service to connect.
Error: (07/30/2015 06:45:25 PM) (Source: WMPNetworkSvc) (EventID: 14333) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly due to error '0x80040154'. Restart your computer, and then try to restart the service.
Error: (07/30/2015 06:44:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error:
%%2
Error: (07/30/2015 06:41:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Live ID Sign-in Assistant service failed to start due to the following error:
%%1053
Error: (07/30/2015 06:41:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.
Error: (07/30/2015 06:41:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® Identity Protection Technology Host Interface Service service failed to start due to the following error:
%%1053
Error: (07/30/2015 06:41:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® Identity Protection Technology Host Interface Service service to connect.
Error: (07/30/2015 06:41:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Garmin Device Interaction Service service failed to start due to the following error:
%%1053
Error: (07/30/2015 06:41:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Device Interaction Service service to connect.
Microsoft Office:
=========================
Error: (07/30/2015 07:19:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80040154, Class not registered
Operation:
Instantiating VSS server
Error: (07/30/2015 07:19:33 PM) (Source: VSS) (EventID: 22) (User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80040154, Class not registered
Operation:
Instantiating VSS server
Error: (07/30/2015 07:19:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80040154, Class not registered
Operation:
Instantiating VSS server
Error: (07/30/2015 07:19:32 PM) (Source: VSS) (EventID: 22) (User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80040154, Class not registered
Operation:
Instantiating VSS server
Error: (07/30/2015 07:19:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80040154, Class not registered
Operation:
Instantiating VSS server
Error: (07/30/2015 07:19:32 PM) (Source: VSS) (EventID: 22) (User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x80040154, Class not registered
Operation:
Instantiating VSS server
Error: (07/30/2015 06:44:20 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80040154, Class not registered
Operation:
Subscribing Writer
Context:
Writer Class Id: {4969d978-be47-48b0-b100-f328f07ac1e0}
Writer Name: BITS Writer
Writer Instance ID: {1066fd5b-9e44-4ce5-a018-f7005aad0985}
Error: (07/30/2015 06:44:20 PM) (Source: VSS) (EventID: 22) (User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80040154, Class not registered
Operation:
Subscribing Writer
Context:
Writer Class Id: {4969d978-be47-48b0-b100-f328f07ac1e0}
Writer Name: BITS Writer
Writer Instance ID: {1066fd5b-9e44-4ce5-a018-f7005aad0985}
Error: (07/30/2015 06:42:08 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
Error: (07/30/2015 06:42:05 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
==================== Memory info ===========================
Processor: Intel® Core i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 34%
Total physical RAM: 6050.52 MB
Available physical RAM: 3961.17 MB
Total Virtual: 12099.24 MB
Available Virtual: 9978.59 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:919.73 GB) (Free:829.32 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.68 GB) (Free:0.34 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive j: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS ==>[system with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5BC53D8B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)
==================== End of log ============================
I may not be able to insert the farbar main results. I've not been successful yet.
Edited by MsMagoo, 31 July 2015 - 08:46 AM.