Jump to content

ev47715

Members
  • Posts

    4
  • Joined

  • Last visited

Everything posted by ev47715

  1. I wish it was that easy. There are no restore points listed except for the ones I created a few days ago, which won't help.
  2. This is the message that I get when the laptop tries to perform a chkdsk after reboot. Cannot open volume for direct access. Autochk cannot run due to an error caused by a recently installed software package. Use the system restore feature from the control panel to restore the system to a point prior to the recent software package installation. An unspecified error occured (766f6c756d652e63 3f1).
  3. This is my mothers laptop. The last time updates were installed was 2012.. lol. She has been complaining that it been "slow" for some time now.
  4. Scans with Malwarebytes and Avast show nothing. However, I'm unable to download and install Windows 7 updates. Any help is appreciated! Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-03-2016Ran by admin (administrator) on ADMIN-PC (03-03-2016 15:31:17)Running from C:\Users\admin\DownloadsLoaded Profiles: admin (Available Profiles: admin)Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: English (United States)Internet Explorer Version 9 (Default browser: FF)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.2.241.0\BBSvc.EXE(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe(SEIKO EPSON CORPORATION) C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe(SafeNet Inc.) C:\Windows\System32\hasplms.exe(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe(AMD) C:\Windows\System32\atieclxx.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe(Carbonite, Inc.) C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe(Hewlett-Packard Company) C:\Program Files\PictureMover\Bin\PictureMover.exe(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\System32\wuauclt.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-28] (Realtek Semiconductor)HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-20] (Synaptics Incorporated)HKLM\...\Run: [iJNetworkScanUtility] => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [136544 2009-05-19] (CANON INC.)HKLM\...\Run: [Windows Mobile Device Center] => C:\windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)HKLM\...\Run: [Carbonite Backup] => C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe [1016464 2011-09-08] (Carbonite, Inc.)HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-13] (AVAST Software)ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-22] (AVAST Software)ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2011-09-08] (Carbonite, Inc.)ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2011-09-08] (Carbonite, Inc.)ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2011-09-08] (Carbonite, Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2011-02-13]ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk [2013-12-07]ShortcutTarget: Snapfish PictureMover.lnk -> C:\Program Files\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1Tcpip\..\Interfaces\{5F4D49A4-0C59-43A3-B2BB-461DFA693CFA}: [DhcpNameServer] 192.168.1.1Tcpip\..\Interfaces\{98F0A2DD-7FA4-4F1B-BD5E-0044E33B8CD4}: [DhcpNameServer] 192.168.1.1 Internet Explorer:==================HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTIONHKU\S-1-5-21-3709177842-1407763618-372791389-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTIONHKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNAHKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhomeHKU\S-1-5-21-3709177842-1407763618-372791389-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchSearchScopes: HKLM -> {0EF3D5EE-B833-43EC-8265-E0B5C71D50AB} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNASearchScopes: HKU\S-1-5-21-3709177842-1407763618-372791389-1000 -> DefaultScope {0EF3D5EE-B833-43EC-8265-E0B5C71D50AB} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_enUS358SearchScopes: HKU\S-1-5-21-3709177842-1407763618-372791389-1000 -> {0EF3D5EE-B833-43EC-8265-E0B5C71D50AB} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_enUS358BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No FileBHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-22] (AVAST Software)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll [2013-07-23] (Microsoft Corporation.)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-01] (Sun Microsystems, Inc.)BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.2.241.0\BingExt.dll [2013-07-23] (Microsoft Corporation.)DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cabHandler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) FireFox:========FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\joorn68q.defaultFF Homepage: hxxp://www.google.com/FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-21] ()FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)FF Plugin: @microsoft.com/GENUINE -> disabled [No File]FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-02-13] [not signed]FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FFFF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-15]FF HKU\S-1-5-21-3709177842-1407763618-372791389-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: =======CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No FileCHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\48.0.2564.116\pdf.dll => No FileCHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\48.0.2564.116\gcswf32.dll => No FileCHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32.dll => No FileCHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (Java Deployment Toolkit 6.0.140.8) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.)CHR Plugin: (Java Platform SE 6 U14) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll => No FileCHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll => No FileCHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No FileCHR Plugin: (MSN® Toolbar) - C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll => No FileCHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll => No FileCHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Chrome Web Store Payments) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-14]CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-22] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-03-27] (LSI Corporation)R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-22] (AVAST Software)R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-07-22] (Avast Software)R2 CarboniteService; C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe [3908752 2011-09-08] (Carbonite, Inc. (www.carbonite.com))R2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2009-08-10] (TOSHIBA CORPORATION)R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [521600 2011-06-09] (SEIKO EPSON CORPORATION)R2 hasplms; C:\windows\system32\hasplms.exe [4665168 2015-09-24] (SafeNet Inc.)S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)R2 Net Driver HPZ12; C:\windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]R2 Pml Driver HPZ12; C:\windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]R2 RSELSVC; C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe [62832 2009-07-07] (TOSHIBA Corporation)S3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [51512 2009-08-17] (TOSHIBA Corporation)R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [185712 2009-08-11] (TOSHIBA Corporation)S3 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2009-09-17] (TOSHIBA Corporation)S3 TPCHSrv; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [685424 2009-08-06] (TOSHIBA Corporation)R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aksfridge; C:\windows\System32\DRIVERS\aksfridge.sys [438640 2015-09-24] (SafeNet Inc.)S3 akshasp; C:\windows\System32\DRIVERS\akshasp.sys [238208 2012-06-15] (Aladdin Knowledge Systems Ltd.)S3 akshhl; C:\windows\System32\DRIVERS\akshhl.sys [46720 2012-06-15] (SafeNet Inc.)S3 aksusb; C:\windows\System32\DRIVERS\aksusb.sys [289152 2012-06-15] (SafeNet Inc.)R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24016 2015-07-22] (AVAST Software)R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [76000 2015-07-22] (AVAST Software)R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81728 2015-07-22] (AVAST Software)R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49776 2015-07-22] (AVAST Software)R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [794952 2015-11-13] (AVAST Software)R1 aswSP; C:\windows\system32\drivers\aswSP.sys [435464 2015-11-13] (AVAST Software)R2 aswStm; C:\windows\system32\drivers\aswStm.sys [113592 2015-07-22] (AVAST Software)R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [208664 2015-07-22] (AVAST Software)R2 hardlock; C:\windows\system32\drivers\hardlock.sys [618352 2015-09-24] (SafeNet Inc.)R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)R0 ngvss; C:\windows\system32\Drivers\ngvss.sys [95112 2015-07-22] (AVAST Software)R3 PGEffect; C:\windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation)R3 RTL8187Se; C:\windows\System32\DRIVERS\RTL8187Se.sys [372736 2009-08-13] (Realtek Semiconductor Corporation )S3 ssrangdr; C:\windows\System32\DRIVERS\ssrangdr.sys [2560 2009-11-06] (SupportSoft Inc.)R2 TVALZFL; C:\windows\System32\DRIVERS\TVALZFL.sys [12920 2009-06-19] (TOSHIBA Corporation)R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-07-22] (Avast Software)U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)S3 catchme; \??\C:\Users\admin\AppData\Local\Temp\catchme.sys [X]S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-03-03 15:31 - 2016-03-03 15:32 - 00018614 _____ C:\Users\admin\Downloads\FRST.txt2016-03-03 15:30 - 2016-03-03 15:31 - 00000000 ____D C:\FRST2016-03-03 15:30 - 2016-03-03 15:30 - 01722368 _____ (Farbar) C:\Users\admin\Downloads\FRST.exe2016-03-02 16:40 - 2016-03-02 16:40 - 00347816 _____ (Microsoft Corporation) C:\Users\admin\Downloads\MicrosoftFixit.wu.MATSKB.Run.exe2016-03-02 16:35 - 2016-03-02 16:35 - 00302011 _____ C:\Users\admin\Downloads\WindowsUpdateDiagnostic (2).diagcab2016-03-02 16:31 - 2016-03-02 16:34 - 239126136 _____ C:\Users\admin\Downloads\Windows6.1-KB947821-v34-x86.msu2016-03-02 14:41 - 2016-03-02 14:41 - 00012872 _____ (SurfRight B.V.) C:\windows\system32\bootdelete.exe2016-03-02 14:12 - 2016-03-02 14:43 - 00000000 ____D C:\ProgramData\HitmanPro2016-03-02 14:11 - 2016-03-02 14:12 - 10457272 _____ (SurfRight B.V.) C:\Users\admin\Downloads\HitmanPro.exe2016-03-02 14:06 - 2016-03-02 14:06 - 00302011 _____ C:\Users\admin\Downloads\WindowsUpdateDiagnostic (1).diagcab2016-03-02 13:55 - 2016-03-02 13:55 - 00302011 _____ C:\Users\admin\Downloads\WindowsUpdateDiagnostic.diagcab2016-03-02 13:18 - 2016-03-02 13:18 - 00012006 _____ C:\ComboFix.txt2016-03-01 15:08 - 2016-03-01 15:08 - 00000000 ____D C:\Program Files\Common Files\SafeNet Sentinel2016-03-01 15:07 - 2015-09-24 05:17 - 00208328 _____ (Aladdin Knowledge Systems Ltd.) C:\windows\system32\hlvdd.dll2016-03-01 15:01 - 2016-03-01 15:05 - 15442136 _____ C:\Users\admin\Downloads\Sentinel_LDK_Run-time_setup.zip2016-02-21 13:58 - 2016-03-02 11:13 - 00000000 ____D C:\Program Files\Mozilla Firefox ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-03-03 15:28 - 2009-12-25 10:31 - 00000882 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job2016-03-03 15:27 - 2009-12-25 10:31 - 00000886 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job2016-03-03 15:26 - 2009-07-13 22:53 - 00000006 ____H C:\windows\Tasks\SA.DAT2016-03-03 15:14 - 2013-01-21 18:20 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job2016-03-02 18:51 - 2009-07-13 22:34 - 00015792 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02016-03-02 18:51 - 2009-07-13 22:34 - 00015792 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02016-03-02 16:42 - 2009-07-13 20:37 - 00000000 ____D C:\windows\system32\NDF2016-03-02 14:06 - 2011-03-13 16:09 - 00000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics2016-03-02 13:18 - 2014-09-06 09:46 - 00000000 ____D C:\Qoobox2016-03-02 13:16 - 2009-07-13 20:04 - 00000215 _____ C:\windows\system.ini2016-03-02 12:59 - 2014-09-06 11:12 - 00000000 ____D C:\AdwCleaner2016-03-02 12:59 - 2009-09-01 23:32 - 00726316 _____ C:\windows\system32\PerfStringBackup.INI2016-03-02 12:59 - 2009-07-13 20:37 - 00000000 ____D C:\windows\inf2016-03-02 12:57 - 2014-09-06 09:42 - 00001420 _____ C:\Users\admin\Desktop\Rkill.txt2016-03-02 11:20 - 2014-09-06 12:50 - 00170200 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys2016-03-02 11:19 - 2014-09-06 12:50 - 00001031 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2016-03-02 11:19 - 2014-09-06 12:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2016-03-02 11:19 - 2014-09-06 12:50 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware2016-03-02 11:13 - 2012-10-29 18:38 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service2016-03-01 15:06 - 2009-07-13 20:37 - 00000000 ____D C:\windows\system32\Setup2016-03-01 13:42 - 2010-01-02 12:33 - 00000000 ____D C:\Program Files\BERNINA2016-03-01 13:42 - 2009-09-01 23:30 - 00000000 ___HD C:\Program Files\InstallShield Installation Information2016-03-01 13:41 - 2010-01-02 12:37 - 00000000 ____D C:\My Designs - Embroidery Software 62016-02-21 13:39 - 2013-01-21 18:20 - 00796864 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe2016-02-21 13:39 - 2011-07-10 13:58 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl2016-02-21 13:31 - 2012-05-14 18:07 - 00002129 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk2016-02-21 13:31 - 2012-05-14 18:07 - 00002100 _____ C:\Users\Public\Desktop\Google Chrome.lnk2016-02-21 13:24 - 2009-07-13 22:52 - 00000000 ____D C:\windows\system32\FxsTmp2016-02-03 18:03 - 2011-02-13 22:20 - 00000000 ____D C:\Users\admin\AppData\LocalLow\HPAppData ==================== Files in the root of some directories ======= 2015-05-06 07:42 - 2015-05-06 07:42 - 0004096 ____H () C:\Users\admin\AppData\Local\keyfile3.drm2011-02-13 17:29 - 2011-03-13 16:15 - 0001604 _____ () C:\ProgramData\hpzinstall.log2010-01-02 12:42 - 2014-11-14 10:42 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\windows\explorer.exe => File is digitally signedC:\windows\system32\winlogon.exe => File is digitally signedC:\windows\system32\wininit.exe => File is digitally signedC:\windows\system32\svchost.exe => File is digitally signedC:\windows\system32\services.exe => File is digitally signedC:\windows\system32\User32.dll => File is digitally signedC:\windows\system32\userinit.exe => File is digitally signedC:\windows\system32\rpcss.dll => File is digitally signedC:\windows\system32\dnsapi.dll => File is digitally signedC:\windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-25 00:52 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version:02-03-2016Ran by admin (2016-03-03 15:33:08)Running from C:\Users\admin\DownloadsMicrosoft Windows 7 Home Premium Service Pack 1 (X86) (2009-12-14 19:33:07)Boot Mode: Normal========================================================== ==================== Accounts: ============================= admin (S-1-5-21-3709177842-1407763618-372791389-1000 - Administrator - Enabled) => C:\Users\adminAdministrator (S-1-5-21-3709177842-1407763618-372791389-500 - Administrator - Disabled)Guest (S-1-5-21-3709177842-1407763618-372791389-501 - Limited - Disabled)HomeGroupUser$ (S-1-5-21-3709177842-1407763618-372791389-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) HiddenAdobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)Adobe Reader 9.1 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)ATI Catalyst Install Manager (HKLM\...\{B4BB4CF2-F475-FB20-7AFA-F8AED032BFF8}) (Version: 3.0.732.0 - ATI Technologies, Inc.)Avast Free Antivirus (HKLM\...\avast) (Version: 10.3.2223 - AVAST Software)BERNINA Universal Communication Server (HKLM\...\{CF27C964-3902-4CA3-9C71-B0EAEB302AB5}) (Version: 1.1.2 - BERNINA)Bing Bar (HKLM\...\{D322A9E3-758B-4D60-A7C4-65C88FD378D0}) (Version: 7.2.241.0 - Microsoft Corporation)BufferChm (Version: 140.0.212.000 - Hewlett-Packard) HiddenC310 (Version: 140.0.304.000 - Hewlett-Packard) HiddenCanon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: - )Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version: - )Carbonite (HKLM\...\Carbonite Backup) (Version: 4.1.1 build 406 (Sep-08-2011) - Carbonite)ccc-core-static (Version: 2009.0729.2238.38827 - ATI) HiddenCompatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) HiddenCorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) HiddenCorelDRAW Essentials 4 - Extra Content (HKLM\...\_{806422F8-8E0A-494A-A369-0F34F1B89160}) (Version: - Corel Corporation)CorelDRAW Essentials 4 - Extra Content (Version: 4.0 - Corel Corporation) HiddenCorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) HiddenCorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) HiddenCorelDRAW Essentials 4 - IPM - VBA (Version: 4.0 - Corel Corporation) HiddenCorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) HiddenCorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) HiddenCorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) HiddenCorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) HiddenCorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) HiddenCorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) HiddenCorelDRAW Essentials 4 - Lang JP (Version: 4.0 - Corel Corporation) HiddenCorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) HiddenCorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) HiddenCorelDRAW Essentials 4 - VBA (Version: 4.0 - Corel Corporation) HiddenCorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version: - Corel Corporation)CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) HiddenCorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version: - Corel Corporation)CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) HiddenDestinations (Version: 140.0.77.000 - Hewlett-Packard) HiddenDeviceDiscovery (Version: 140.0.212.000 - Hewlett-Packard) HiddenEpson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)Epson FAX Utility (HKLM\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.46.00 - SEIKO EPSON CORPORATION)Epson PC-FAX Driver (HKLM\...\EPSON PC-FAX Driver 2) (Version: - )EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)EPSON WorkForce 545 Series Printer Uninstall (HKLM\...\EPSON WorkForce 545 Series) (Version: - SEIKO EPSON Corporation)EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)Google Update Helper (Version: 1.3.25.11 - Google Inc.) HiddenGoogle Update Helper (Version: 1.3.29.5 - Google Inc.) HiddenGoToMeeting 4.5.0.457 (HKU\S-1-5-21-3709177842-1407763618-372791389-1000\...\GoToMeeting) (Version: - )GPBaseService2 (Version: 140.0.211.000 - Hewlett-Packard) HiddenHP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)HP Photosmart Prem C310 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{4E484899-4F93-4086-88BA-56BDDF47A776}) (Version: 14.0 - HP)HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)HP Update (HKLM\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)HPAppStudio (Version: 140.0.95.000 - Hewlett-Packard) HiddenHPPhotoGadget (Version: 140.0.524.000 - Hewlett-Packard) HiddenHPProductAssistant (Version: 140.0.212.000 - Hewlett-Packard) HiddenHPSSupply (Version: 140.0.211.000 - Hewlett-Packard) HiddenJava 6 Update 14 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) HiddenLabel@Once 1.0 (HKLM\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)LSI V92 MOH Application (HKLM\...\LTMOH) (Version: - LSI Corporation)Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) HiddenMicrosoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)Mozilla Firefox 43.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)MyToshiba (HKLM\...\{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}) (Version: 2.2.0.3 - Toshiba)Network (Version: 140.0.215.000 - Hewlett-Packard) HiddenNetZero Launcher (HKLM\...\{9AEAF9CC-390B-49C0-8F7F-14092BF163B6}) (Version: 2.01 - TOSHIBA Corporation)PictureMover (HKLM\...\{6B074646-5977-4a00-A942-8E51B675EEB6}) (Version: 3.6.0.6 - Hewlett-Packard Company)PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)PS_AIO_07_C310_SW_Min (Version: 140.0.304.000 - Hewlett-Packard) HiddenQuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) HiddenRealtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0008 - Realtek)Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.)Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.)Realtek WLAN Driver (HKLM\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)Scan (Version: 140.0.80.000 - Hewlett-Packard) HiddenSentinel Runtime (HKLM\...\{84D2090E-5F36-491F-8D57-D8D01E2D7EB5}) (Version: 7.41.1.56613 - SafeNet Inc.)Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)Skype Launcher (HKLM\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) HiddenSoftware Updater (HKLM\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)SolutionCenter (Version: 140.0.214.000 - Hewlett-Packard) HiddenStatus (Version: 140.0.256.000 - Hewlett-Packard) HiddenSynaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.6.1 - Synaptics Incorporated)Toolbox (Version: 140.0.428.000 - Hewlett-Packard) HiddenToshiba Application and Driver Installer (HKLM\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.0.9 - Toshiba)TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.11 - TOSHIBA)TOSHIBA ConfigFree (HKLM\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.21 - TOSHIBA Corporation)TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.1 - TOSHIBA Corporation)TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.0.07-A - TOSHIBA Corporation)TOSHIBA eco Utility (HKLM\...\InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}) (Version: 1.1.7.0 - TOSHIBA Corporation)TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - TOSHIBA Corporation)TOSHIBA Face Recognition (HKLM\...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 3.1.0.32 - TOSHIBA Corporation)TOSHIBA Hardware Setup (HKLM\...\{D0387727-C89D-4774-B643-B9333EAA09DE}) (Version: 2.00.11 - TOSHIBA Corporation)TOSHIBA HDD/SSD Alert (HKLM\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.0.2 - TOSHIBA Corporation)TOSHIBA Internal Modem Region Select Utility (HKLM\...\InstallShield_{89F7D66C-777D-473B-AA11-319C0F190EAC}) (Version: 2.3.0.01 - TOSHIBA Corporation)Toshiba Online Backup (HKLM\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.35 - Toshiba)TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.4.1.0 - TOSHIBA Corporation)Toshiba Quality Application (HKLM\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.001.0000 - Toshiba)TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.2 - TOSHIBA Corporation)TOSHIBA Service Station (HKLM\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.33 - TOSHIBA)TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: 1.00.2518 - )TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - )TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - )TOSHIBA Supervisor Password (HKLM\...\{A208044D-A88B-4ACF-AE95-E4F213E6EDC0}) (Version: 2.00.09 - TOSHIBA Corporation)TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.2.26 - TOSHIBA Corporation)TOSHIBA Web Camera Application (HKLM\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.4 - TOSHIBA Corporation)ToshibaRegistration (HKLM\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.3 - Toshiba)TrayApp (Version: 140.0.212.000 - Hewlett-Packard) HiddenUpdate for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)WebReg (Version: 140.0.212.017 - Hewlett-Packard) HiddenWindows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3709177842-1407763618-372791389-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\457\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0951AA77-FED9-4659-AC02-0BC94C8A92F9} - System32\Tasks\Ad-Aware Update (Daily 1) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exeTask: {0F5F9705-E97C-4471-AF9E-85971F7829AD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)Task: {152F4F4F-581B-4BA9-91DB-CFD301EFEF94} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-21] (Adobe Systems Incorporated)Task: {398CA71F-0EDD-4C25-916B-ED624CC240D9} - System32\Tasks\Ad-Aware Update (Daily 4) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exeTask: {431CBDD0-E60A-46AA-BF66-8935B1090FB2} - System32\Tasks\{29E38B0A-ECB7-4FA3-8F7C-AF56018269B5} => C:\Program Files\BERNINA\Embroidery Software 6\BIN\DESLOADR.EXETask: {4B7CCBE4-768A-4E11-83A1-AF8AF7FF22E7} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [2009-07-13] (TOSHIBA CORPORATION)Task: {55AB36CC-6568-471B-BD5A-0377AA5B7805} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)Task: {6BD66DAD-673D-4F06-B502-A09852CA53F9} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exeTask: {73CACA19-6F15-4A8B-98CA-F86ED24DC2B8} - System32\Tasks\{72DF3AF1-879B-47FC-A0AC-88B3E7900273} => C:\Program Files\BERNINA\Embroidery Software 6\BIN\DESLOADR.EXETask: {74B5B0D6-DF01-48A4-BD8D-9204BBD5CE1A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-22] (AVAST Software)Task: {93093D2D-CCBE-4295-B361-75C452BA40B5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-21] (AVAST Software)Task: {AAB2649D-DEBA-451B-B50D-6F915D80F225} - System32\Tasks\Ad-Aware Update (Daily 3) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exeTask: {BBFDC0DE-5ABB-48AA-8F69-A4CFE4A93146} - System32\Tasks\{0340498A-F6C9-4E5E-B21C-345B98B5FB50} => pcalua.exe -a C:\Users\admin\Desktop\HASPUserSetup.exe -d C:\Users\admin\DesktopTask: {E9009972-3363-4241-83A8-B6D18B58131B} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exeTask: {F2FC3CE3-D7C2-49C3-B2F6-F63110E5C949} - System32\Tasks\{BC49AA86-D30B-4F7B-9E31-6AE191D1C685} => C:\Program Files\BERNINA\Embroidery Software 6\BIN\DESLOADR.EXETask: {F921280C-5D71-4B92-B699-996CA367B06C} - System32\Tasks\Ad-Aware Update (Daily 2) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-07-22 17:50 - 2015-07-22 17:50 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll2015-07-22 17:49 - 2015-07-22 17:49 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll2016-03-03 15:15 - 2016-03-03 15:15 - 02838016 _____ () C:\Program Files\AVAST Software\Avast\defs\16030301\algo.dll2015-07-22 17:50 - 2015-07-22 17:50 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll2013-12-07 16:41 - 2012-02-16 15:01 - 12290432 _____ () C:\Users\admin\AppData\Roaming\PictureMover\Bin\Core.dll2009-07-13 15:03 - 2009-07-13 19:15 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll2013-12-07 16:41 - 2012-02-16 15:09 - 01699200 _____ () C:\Users\admin\AppData\Roaming\PictureMover\EN-US\Presentation.dll2016-02-21 13:30 - 2016-02-17 22:14 - 01630360 _____ () C:\Program Files\Google\Chrome\Application\48.0.2564.116\libglesv2.dll2016-02-21 13:30 - 2016-02-17 22:14 - 00085656 _____ () C:\Program Files\Google\Chrome\Application\48.0.2564.116\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 20:04 - 2014-09-06 10:56 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3709177842-1407763618-372791389-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpgDNS Servers: 192.168.1.1HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: 00TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exeMSCONFIG\startupreg: EPLTarget => MSCONFIG\startupreg: FUFAXRCV => "C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe"MSCONFIG\startupreg: FUFAXSTM => "C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe"MSCONFIG\startupreg: LtMoh => C:\Program Files\ltmoh\Ltmoh.exeMSCONFIG\startupreg: MyTOSHIBA => "C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe" /AUTOMSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDEDMSCONFIG\startupreg: SmartFaceVWatcher => %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exeMSCONFIG\startupreg: SmoothView => %ProgramFiles%\Toshiba\SmoothView\SmoothView.exeMSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunMSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /rMSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exeMSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exeMSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXEMSCONFIG\startupreg: TWebCamera => "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{4C04F02E-01D6-4B04-8EC2-A3DE3763BF13}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exeFirewallRules: [{A324DA70-2623-42DF-8B3F-DBC2404A1C06}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exeFirewallRules: [{EEF08182-FF23-46DE-A90B-560A9D3E1F30}] => (Allow) svchost.exeFirewallRules: [{6684ABBE-2F13-4560-BBC4-712006BE97ED}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exeFirewallRules: [TCP Query User{B53697F0-67A0-46D4-9B87-F52710F5F3A8}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exeFirewallRules: [uDP Query User{2F11A705-29D1-42F4-8855-F8122DDB268A}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exeFirewallRules: [{4FE4FE06-DA5B-436B-A394-56AD9A9C09FE}] => (Allow) D:\setup\hpznui01.exeFirewallRules: [{21B36C9E-3E2B-4B41-9D96-7ABED81181C3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeFirewallRules: [{EFADD345-2004-4DC4-BBFE-2B05DBE90750}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exeFirewallRules: [{0B22C0D1-DB93-4F79-AD1B-93A097393155}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exeFirewallRules: [{3DFAF124-54F1-492D-8725-381A854C379C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exeFirewallRules: [{3D225D50-1EBF-4A01-B993-65C9805C0348}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exeFirewallRules: [{A94CF39E-FF23-41CE-9A17-CFF55CA9CBCC}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exeFirewallRules: [{6F432DFB-5EB2-48A6-B101-49EAAB3BDC11}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exeFirewallRules: [{611EF59E-14FE-47D3-B470-FA2DC8703856}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exeFirewallRules: [{83BA7677-6B47-44AE-836E-18D01CB1C5C8}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exeFirewallRules: [{2E4B55A1-2999-4DB3-816E-7BBB2AEB03FD}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exeFirewallRules: [{B5B50149-4E84-4B17-8D82-BB870544237C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exeFirewallRules: [{6790CF26-3F41-472B-ACE1-9FC85994FB8A}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exeFirewallRules: [{C367907D-C07C-41A6-8114-A401A90575A8}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exeFirewallRules: [{31BA08D8-3788-4DB1-9112-DAA7A076E16A}] => (Allow) C:\Windows\System32\hasplms.exeFirewallRules: [{69B58F7B-5C67-4880-B45C-6A616BF13AF5}] => (Allow) C:\Windows\System32\hasplms.exeFirewallRules: [{91569241-6381-40E1-A636-98D8958027AA}] => (Allow) C:\Users\admin\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exeFirewallRules: [{63CC79D6-A5AE-43F0-906B-BB5F249DBF9B}] => (Allow) C:\Users\admin\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exeFirewallRules: [{662664AA-01B8-451C-B325-F7E3834990FE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exeFirewallRules: [{8C88DA73-D440-4BAF-BB07-B0B448EF23FE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exeFirewallRules: [TCP Query User{8222E36D-74B7-4800-B6AB-D169AA05C265}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exeFirewallRules: [uDP Query User{F1E7A273-7F23-4D4E-AC14-373F89B82E8D}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exeFirewallRules: [{BFBBE943-5C0D-4ED0-A937-378520F5A6CC}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exeFirewallRules: [{52B24D84-9077-4FDA-90D3-85D195BFE607}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exeFirewallRules: [{15183D6A-7B5D-4A7F-9BD3-AE5753DCB60A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exeFirewallRules: [{7B18D5A8-3B40-42CD-B8D8-290974860CCC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exeFirewallRules: [{D088A90E-9C33-463B-B88D-CD2E6B3D38EC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exeFirewallRules: [{0E388663-D65F-4215-A8D9-2BD6493EEAEF}] => (Allow) C:\windows\system32\hasplms.exe ==================== Restore Points ========================= 01-03-2016 13:40:52 Removed BERNINA Embroidery Software01-03-2016 15:06:33 Installed Sentinel Runtime02-03-2016 14:40:11 Checkpoint by HitmanPro02-03-2016 14:41:16 Checkpoint by HitmanPro ==================== Faulty Device Manager Devices ============= Name: Officejet 6500 E710n-zDescription: Officejet 6500 E710n-zClass Guid: {4d36e971-e325-11ce-bfc1-08002be10318}Manufacturer: HPService: Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors:==================Error: (03/02/2016 04:44:24 PM) (Source: VSS) (EventID: 8193) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000224,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,008AEC9C.64). hr = 0x80070005, Access is denied.. Error: (03/02/2016 04:44:24 PM) (Source: VSS) (EventID: 8193) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000224,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,008AEC9C.64). hr = 0x80070005, Access is denied.. Error: (03/02/2016 04:35:55 PM) (Source: VSS) (EventID: 8193) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000894,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssapiPublisher,0,REG_BINARY,06B3FD34.64). hr = 0x80070005, Access is denied.. Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (03/02/2016 04:35:55 PM) (Source: VSS) (EventID: 8193) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000298,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,0090F3D0.64). hr = 0x80070005, Access is denied.. Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (03/02/2016 04:35:55 PM) (Source: VSS) (EventID: 8193) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000298,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,0090F3D0.64). hr = 0x80070005, Access is denied.. Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (03/02/2016 04:35:55 PM) (Source: VSS) (EventID: 8193) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000224,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,0090F378.64). hr = 0x80070005, Access is denied.. Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (03/02/2016 04:35:55 PM) (Source: VSS) (EventID: 8193) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000224,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,0090F378.64). hr = 0x80070005, Access is denied.. Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (03/02/2016 04:35:55 PM) (Source: VSS) (EventID: 8193) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000298,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,0090F3D4.64). hr = 0x80070005, Access is denied.. Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (03/02/2016 04:35:53 PM) (Source: VSS) (EventID: 8193) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000298,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,0090F3D4.64). hr = 0x80070005, Access is denied.. Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (03/02/2016 04:35:53 PM) (Source: VSS) (EventID: 8193) (User: )Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000224,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,0090F378.64). hr = 0x80070005, Access is denied.. Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet System errors:=============Error: (03/03/2016 03:27:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service. Error: (03/03/2016 03:27:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AMD External Events Utility service. Error: (03/03/2016 03:26:21 PM) (Source: atikmdag) (EventID: 10261) (User: )Description: Display is not active Error: (03/03/2016 03:26:21 PM) (Source: atikmdag) (EventID: 19468) (User: )Description: CPLIB :: General - Invalid Parameter Error: (03/03/2016 03:25:19 PM) (Source: Service Control Manager) (EventID: 7043) (User: )Description: The Windows Update service did not shut down properly after receiving a preshutdown control. Error: (03/03/2016 03:14:49 PM) (Source: atikmdag) (EventID: 10261) (User: )Description: Display is not active Error: (03/02/2016 08:15:40 PM) (Source: atikmdag) (EventID: 10261) (User: )Description: Display is not active Error: (03/02/2016 06:51:31 PM) (Source: atapi) (EventID: 11) (User: )Description: The driver detected a controller error on \Device\Ide\IdePort1. Error: (03/02/2016 06:42:50 PM) (Source: atikmdag) (EventID: 10261) (User: )Description: Display is not active Error: (03/02/2016 06:42:50 PM) (Source: atikmdag) (EventID: 19468) (User: )Description: CPLIB :: General - Invalid Parameter ==================== Memory info =========================== Processor: AMD Turion II Dual-Core Mobile M500Percentage of memory in use: 46%Total physical RAM: 2812.17 MBAvailable physical RAM: 1492.58 MBTotal Virtual: 5622.63 MBAvailable Virtual: 4262.43 MB ==================== Drives ================================ Drive c: (TI103426W0D) (Fixed) (Total:288.71 GB) (Free:243.98 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 89E6579C)Partition 1: (Active) - (Size=1.5 GB) - (Type=27)Partition 2: (Not Active) - (Size=288.7 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=7.9 GB) - (Type=17) ==================== End of Addition.txt ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.