1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Resolved Strange startup notice.

Discussion in 'Windows 8' started by bananaball, 2013/12/22.

  1. 2013/12/22
    bananaball

    bananaball Inactive Thread Starter

    Joined:
    2003/11/05
    Messages:
    94
    Likes Received:
    0
    Trophy Points:
    81
    Location:
    Pennsylvania
    Computer Experience:
    Intermediate
    Windows 8.1 using ClassicShell
    I get an extra (unwanted) notice on startup which asks what program I want to use to "open this file ". When I select a program it then says it can't find the file (start.txt or start.jpg or start.whatever).
    So I created a start.txt file so now it opens that when i select notepad.
    I would like to get rid of this but cannot find what is causing it.
     
  2. 2013/12/22
    retiredlearner

    retiredlearner SuperGeek WindowsBBS Team Member

    Joined:
    2004/06/25
    Messages:
    5,462
    Likes Received:
    295
    Trophy Points:
    1,093
    Location:
    New Zealand
    Computer Experience:
    intermediate
    Hi bananaball, I'm running this comp with W8.1 Pro and my HP Notebook W8.1. Both 64bit and using Classic Shell Version 4.0.2 and no problems.
    I've set them both with automatic Login - no Password setup initially and it's quick to get into your email or web sites.
    If the comps go to sleep - I then have to login with my password.
    I'm wondering whether it would pay you to uninstall Classic Shell and Download and install the latest version. Neil.
     

  3. to hide this advert.

  4. 2013/12/23
    TonyT

    TonyT SuperGeek Staff

    Joined:
    2002/01/18
    Messages:
    8,714
    Likes Received:
    365
    Trophy Points:
    1,093
    Location:
    Fairfax, VA
    Computer Experience:
    echo $experienced;
    As far as I know there should not be anything like that loading at startup, unless it's needed by a legitimate 3rd party software. Reinstalling the software that needs & uses such files should fix the problem.

    However, I am unaware of any software that uses those. Start a thread in the Removing Malware forum here just for precaution.
     
  5. 2013/12/23
    Bill

    Bill SuperGeek WindowsBBS Team Member

    Joined:
    2002/01/11
    Messages:
    2,579
    Likes Received:
    246
    Trophy Points:
    843
    Location:
    Nebraska, USA
    Computer Experience:
    Built. Broke. Fixed.
    I don't see where Classic Shell would help here. Unless I am missing something, I am not aware it does anything with file associations and what is loading at boot. The problem appears to be something is set to load or open during boot.

    Do you get it when booting into Safe Mode?

    I agree with TonyT and think you need to eliminate malware as a possible cause first. You might also look in your Startup Folder to see if something is trying to load. The below are all enhanced Task Manager type programs that will show you what is running on your computer. Each is nice in its own way. What's Running is probably the easiest, with AutoRuns for the more experienced, and Process Explorer the most popular. With these, for example, you can see what processes are using each of those various svchost.exe images.

     
    Bill,
    #4
    nolacs22 likes this.
  6. 2013/12/23
    bananaball

    bananaball Inactive Thread Starter

    Joined:
    2003/11/05
    Messages:
    94
    Likes Received:
    0
    Trophy Points:
    81
    Location:
    Pennsylvania
    Computer Experience:
    Intermediate
    It doesn't happen in safe mode.
    In the task manager I found under 'Details' an entry 'openwith.exe' which if this task is ended the notice goes away.
    I'm guessing there is some other entity calling up this openwith.exe but I can't find it
     
  7. 2013/12/23
    Bill

    Bill SuperGeek WindowsBBS Team Member

    Joined:
    2002/01/11
    Messages:
    2,579
    Likes Received:
    246
    Trophy Points:
    843
    Location:
    Nebraska, USA
    Computer Experience:
    Built. Broke. Fixed.
    openwith.exe is a Windows program, but it should be located under windows\system32\ and should not normally be running.
     
    Bill,
    #6
  8. 2013/12/23
    bananaball

    bananaball Inactive Thread Starter

    Joined:
    2003/11/05
    Messages:
    94
    Likes Received:
    0
    Trophy Points:
    81
    Location:
    Pennsylvania
    Computer Experience:
    Intermediate
    How do I find out what made it run ?
     
  9. 2013/12/23
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,591
    Likes Received:
    471
    Trophy Points:
    1,093
    Location:
    Walnut Creek, California, United States
    Computer Experience:
    Intermediate+
    Hi bananaball. Lets see what is going on with your machine.

    Please download Autoruns from the link that Bill posted. After you download the zipped folder on your desktop, right click the zipped folder and click Extract All. After the folder has been extracted open the regular folder. Run the autoruns.exe program by right clicking on it and selecting Run as administrator. When you open the program click the Logon Tab and then post a screenshot of all the startup entries in your next reply.
     
  10. 2013/12/23
    bananaball

    bananaball Inactive Thread Starter

    Joined:
    2003/11/05
    Messages:
    94
    Likes Received:
    0
    Trophy Points:
    81
    Location:
    Pennsylvania
    Computer Experience:
    Intermediate
    OK Here's the autorun results
    autorun.PNG
     
  11. 2013/12/23
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,591
    Likes Received:
    471
    Trophy Points:
    1,093
    Location:
    Walnut Creek, California, United States
    Computer Experience:
    Intermediate+
    Yikes. :eek: You have a lot of startup entries.

    Remove the following entries from the startup list in Autoruns:

    BtPreLoad
    HotKeyCommands
    IgfxTray
    Persistance
    Realtek HD Audio Manager
    Adobe ARM
    All Conduit items
    All items that are highlighted in yellow
    All Windows Mail entries
    MySQL Notifier
    NextLive

    After that is done you have some junk programs that are installed that we need to remove.

    1. Please download AdwCleaner and save it to your desktop. Run the program by right clicking on it and selecting Run as administrator.

    2. When the program opens click on the Scan button.

    3. Then when the program has finished scanning, click on the Clean button. The program will reboot the computer. Attach the AdwCleaner log in your next reply.

    4. Next, download the Junkware Removal Tooland save it to your desktop. Run the program by right clicking on it and selecting Run as administrator and attach the JRT log in your next reply.

    5. Then, download HijackThis to your desktop. Run the program by right clicking on it and selecting Run as administrator and on the Main Menu click the button that says Do a system scan and save a logfile. Attach the HijackThis log in your next reply.

    6. Finally, please download MiniToolBox and save it to your desktop. Run the program by right clicking on it and selecting Run as administrator.

    7. When the program opens check the following boxes:

    Flush DNS
    Reset FF proxy Settings
    Reset IE Proxy Settings
    Report IE Proxy Settings
    Report FF Proxy Settings
    List content of Hosts
    List IP configuration
    List Winsock Entries
    List last 10 Event Viewer log
    List Installed Programs
    List Users, Partitions and Memory size
    List Devices (problems only)


    8. Click the Go button and also attach the MiniToolBox log in your next reply.

    Also please post a fresh screenshot of the Autoruns Logon Tab and let me know if that strange startup entry is still coming up.
     
  12. 2013/12/23
    bananaball

    bananaball Inactive Thread Starter

    Joined:
    2003/11/05
    Messages:
    94
    Likes Received:
    0
    Trophy Points:
    81
    Location:
    Pennsylvania
    Computer Experience:
    Intermediate
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.0.8 (11.05.2013:1)
    OS: Windows 8.1 x64
    Ran by Paul on Mon 12/23/2013 at 19:52:51.68
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{03A4B59E-8163-425A-8572-C09236001CBA}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F41E78F4-5BDC-4D8A-83C7-8F25F2736F81}



    ~~~ Files



    ~~~ Folders

    Successfully deleted: [Folder] "C:\Users\Paul\appdata\local\cre "



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Mon 12/23/2013 at 19:58:02.67
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    # AdwCleaner v3.016 - Report created 23/12/2013 at 19:41:21
    # Updated 23/12/2013 by Xplode
    # Operating System : Windows 8.1 (64 bits)
    # Username : Paul - DX4870-UB17
    # Running from : C:\Users\Paul\Downloads\adwcleaner (3).exe
    # Option : Clean

    ***** [ Services ] *****

    Service Deleted : CltMngSvc

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\Conduit
    Folder Deleted : C:\Program Files (x86)\Conduit
    Folder Deleted : C:\Program Files (x86)\Mobogenie
    Folder Deleted : C:\Program Files (x86)\MyPC Backup
    Folder Deleted : C:\Program Files (x86)\Searchprotect
    Folder Deleted : C:\Program Files (x86)\Connect_DLC_5
    Folder Deleted : C:\Users\Paul\AppData\Local\Conduit
    Folder Deleted : C:\Users\Paul\AppData\Local\Mobogenie
    Folder Deleted : C:\Users\Paul\AppData\Local\NativeMessaging
    Folder Deleted : C:\Users\Paul\AppData\Local\TBHostSupport
    Folder Deleted : C:\Users\Paul\AppData\Local\Temp\NativeMessaging
    Folder Deleted : C:\Users\Paul\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\Paul\AppData\LocalLow\Connect_DLC_5
    Folder Deleted : C:\Users\Paul\AppData\Roaming\Searchprotect
    Folder Deleted : C:\Users\Paul\Documents\Mobogenie
    Folder Deleted : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\lipgolpfajiadodbcbljdpmbmbdmfcil
    File Deleted : C:\END
    File Deleted : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
    File Deleted : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
    File Deleted : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
    File Deleted : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
    File Deleted : C:\WINDOWS\System32\Tasks\BackgroundContainer Startup Task

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKCU\Software\Google\Chrome\Extensions\lipgolpfajiadodbcbljdpmbmbdmfcil
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lipgolpfajiadodbcbljdpmbmbdmfcil
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\AdpeakProxy.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3153924
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3306061
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{24C1F23B-0796-4C3A-8E00-BAB4D876D4A9}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{24C1F23B-0796-4C3A-8E00-BAB4D876D4A9}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{05B27718-7DC2-42EE-8657-D0DC8FCC508C}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57BC270E-60F2-4903-A5F9-8D6F9A7781BB}
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\SearchProtect
    Key Deleted : HKCU\Software\AppDataLow\Toolbar
    Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
    Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
    Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
    Key Deleted : HKCU\Software\AppDataLow\Software\Connect_DLC_5
    Key Deleted : HKLM\Software\Adpeak, Inc.
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\Software\nationzoomSoftware
    Key Deleted : HKLM\Software\SearchProtect
    Key Deleted : HKLM\Software\Connect_DLC_5
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
    Key Deleted : [x64] HKLM\SOFTWARE\Scorpion Saver

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16384

    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
    Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
    Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
    Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
    Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

    -\\ Google Chrome v31.0.1650.63

    [ File : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Deleted : homepage
    Deleted : icon_url
    Deleted : search_url
    Deleted : suggest_url
    Deleted : keyword
    Deleted : urls_to_restore_on_startup

    *************************

    AdwCleaner[R0].txt - [4528 octets] - [01/12/2013 17:49:55]
    AdwCleaner[R1].txt - [5902 octets] - [23/12/2013 19:40:31]
    AdwCleaner[S0].txt - [4588 octets] - [01/12/2013 17:50:27]
    AdwCleaner[S1].txt - [5139 octets] - [23/12/2013 19:41:21]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [5199 octets] ##########
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 8:02:02 PM, on 12/23/2013
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.9600.16384)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
    C:\Program Files (x86)\A Better Calendar\abc-cal.exe
    C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Users\Paul\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: (no name) - AutorunsDisabled - (no file)
    O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
    O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
    O2 - BHO: GreatArcadeHits Add-on - {D0C21091-FF8E-432C-9006-0540E81BA9D7} - C:\Users\Paul\AppData\Local\GreatArcadeHits\GreatArcadeHitsIE.dll
    O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
    O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe "
    O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
    O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
    O4 - HKCU\..\Run: [DymoQuickPrint] "C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup
    O4 - Startup: abc-cal - Shortcut.lnk = C:\Program Files (x86)\A Better Calendar\abc-cal.exe
    O4 - Startup: MyHotKeys - Shortcut.lnk = D:\Passwords\MyHotKeys.exe
    O4 - Global Startup: Citrus Alarm Clock.lnk = C:\Program Files (x86)\Citrus Alarm Clock\Citrus Alarm Clock.exe
    O4 - Global Startup: Secunia PSI Tray.lnk = ?
    O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
    O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
    O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
    O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
    O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
    O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
    O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
    O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
    O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
    O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: DYMO PnP Service (DymoPnpService) - Sanford, L.P. - C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
    O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
    O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
    O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
    O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
    O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
    O23 - Service: McAfee Online Backup (MOBKbackup) - McAfee, Inc. - C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: MySQL56 - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
    O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
    O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 12763 bytes
    MiniToolBox by Farbar Version: 18-12-2013
    Ran by Paul (administrator) on 23-12-2013 at 20:05:24
    Running from "C:\Users\Paul\Downloads "
    Microsoft Windows 8.1 (X64)
    Boot Mode: Normal
    ***************************************************************************

    ========================= Flush DNS: ===================================

    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.

    "Reset IE Proxy Settings ": IE Proxy Settings were reset.
    ========================= Hosts content: =================================



    ========================= IP Configuration: ================================

    Qualcomm Atheros AR5BWB222 Wireless Network Adapter = Wi-Fi (Connected)
    Intel(R) 82579V Gigabit Network Connection = Ethernet (Media disconnected)
    Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4

    reset
    set global icmpredirects=enabled
    set interface interface= "Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface= "Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface= "Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface= "Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface= "Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
    set interface interface= "ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


    popd
    # End of IPv4 configuration



    Windows IP Configuration

    Host Name . . . . . . . . . . . . : DX4870-UB17
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : home

    Wireless LAN adapter Local Area Connection* 12:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
    Physical Address. . . . . . . . . : 1E-D0-5A-72-32-12
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Ethernet adapter Bluetooth Network Connection:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
    Physical Address. . . . . . . . . : 2C-D0-5A-72-44-D2
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Wireless LAN adapter Wi-Fi:

    Connection-specific DNS Suffix . : home
    Description . . . . . . . . . . . : Qualcomm Atheros AR5BWB222 Wireless Network Adapter
    Physical Address. . . . . . . . . : 2C-D0-5A-72-32-12
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    Link-local IPv6 Address . . . . . : fe80::4916:98a8:3330:2f35%4(Preferred)
    IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Lease Obtained. . . . . . . . . . : Monday, December 23, 2013 7:44:09 PM
    Lease Expires . . . . . . . . . . : Tuesday, December 24, 2013 7:44:08 PM
    Default Gateway . . . . . . . . . : 192.168.1.1
    DHCP Server . . . . . . . . . . . : 192.168.1.1
    DHCPv6 IAID . . . . . . . . . . . : 355258458
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-F9-25-58-70-54-D2-E3-91-CB
    DNS Servers . . . . . . . . . . . : 192.168.1.1
    71.242.0.12
    NetBIOS over Tcpip. . . . . . . . : Enabled

    Ethernet adapter Ethernet:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Intel(R) 82579V Gigabit Network Connection
    Physical Address. . . . . . . . . : 70-54-D2-E3-91-CB
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter isatap.home:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . : home
    Description . . . . . . . . . . . : Microsoft ISATAP Adapter
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 2:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:4f2:20d1:9f1c:f4b(Preferred)
    Link-local IPv6 Address . . . . . : fe80::4f2:20d1:9f1c:f4b%9(Preferred)
    Default Gateway . . . . . . . . . : ::
    DHCPv6 IAID . . . . . . . . . . . : 150994944
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-F9-25-58-70-54-D2-E3-91-CB
    NetBIOS over Tcpip. . . . . . . . : Disabled
    Server: Wireless_Broadband_Router.home
    Address: 192.168.1.1

    Name: google.com
    Addresses: 2607:f8b0:4004:801::100e
    74.125.228.135
    74.125.228.133
    74.125.228.137
    74.125.228.142
    74.125.228.134
    74.125.228.128
    74.125.228.131
    74.125.228.130
    74.125.228.132
    74.125.228.129
    74.125.228.136


    Pinging google.com [74.125.228.133] with 32 bytes of data:
    Reply from 74.125.228.133: bytes=32 time=449ms TTL=57
    Reply from 74.125.228.133: bytes=32 time=12ms TTL=57

    Ping statistics for 74.125.228.133:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 12ms, Maximum = 449ms, Average = 230ms
    Server: Wireless_Broadband_Router.home
    Address: 192.168.1.1

    Name: yahoo.com
    Addresses: 98.139.183.24
    98.138.253.109
    206.190.36.45


    Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
    Reply from 206.190.36.45: bytes=32 time=184ms TTL=49
    Reply from 206.190.36.45: bytes=32 time=156ms TTL=49

    Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 156ms, Maximum = 184ms, Average = 170ms

    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
    10...1e d0 5a 72 32 12 ......Microsoft Wi-Fi Direct Virtual Adapter
    6...2c d0 5a 72 44 d2 ......Bluetooth Device (Personal Area Network)
    4...2c d0 5a 72 32 12 ......Qualcomm Atheros AR5BWB222 Wireless Network Adapter
    3...70 54 d2 e3 91 cb ......Intel(R) 82579V Gigabit Network Connection
    1...........................Software Loopback Interface 1
    7...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
    9...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 25
    127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
    127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
    127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    192.168.1.0 255.255.255.0 On-link 192.168.1.4 281
    192.168.1.4 255.255.255.255 On-link 192.168.1.4 281
    192.168.1.255 255.255.255.255 On-link 192.168.1.4 281
    224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
    224.0.0.0 240.0.0.0 On-link 192.168.1.4 281
    255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
    255.255.255.255 255.255.255.255 On-link 192.168.1.4 281
    ===========================================================================
    Persistent Routes:
    None

    IPv6 Route Table
    ===========================================================================
    Active Routes:
    If Metric Network Destination Gateway
    9 306 ::/0 On-link
    1 306 ::1/128 On-link
    9 306 2001::/32 On-link
    9 306 2001:0:5ef5:79fb:4f2:20d1:9f1c:f4b/128
    On-link
    4 281 fe80::/64 On-link
    9 306 fe80::/64 On-link
    9 306 fe80::4f2:20d1:9f1c:f4b/128
    On-link
    4 281 fe80::4916:98a8:3330:2f35/128
    On-link
    1 306 ff00::/8 On-link
    4 281 ff00::/8 On-link
    9 306 ff00::/8 On-link
    ===========================================================================
    Persistent Routes:
    None
    ========================= Winsock entries =====================================

    Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
    Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
    Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
    Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
    Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
    Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
    Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [84480] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
    x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
    x64-Catalog9 11 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (12/23/2013 07:46:18 PM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {87db0c30-d44a-43b6-8996-89feb3bb8ede}

    Error: (12/23/2013 05:01:59 PM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {106171e7-f3e7-4abc-a040-503a0b42f9e5}

    Error: (12/23/2013 04:59:46 PM) (Source: CltMngSvc) (User: )
    Description: CltMngSvcServiceMain Version 2. (Error: 87)

    Error: (12/23/2013 04:39:01 PM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {268a0efc-b09c-4d44-8a17-f2a3279b0555}

    Error: (12/23/2013 04:36:48 PM) (Source: CltMngSvc) (User: )
    Description: CltMngSvcServiceMain Version 2. (Error: 87)

    Error: (12/23/2013 04:23:58 PM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {5e168b06-a4cd-400a-9c44-96dc2443384f}

    Error: (12/23/2013 04:21:43 PM) (Source: CltMngSvc) (User: )
    Description: CltMngSvcServiceMain Version 2. (Error: 87)

    Error: (12/23/2013 03:47:30 PM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {6dcff28b-1c98-4f3a-8466-db157019bf42}

    Error: (12/23/2013 03:45:19 PM) (Source: CltMngSvc) (User: )
    Description: CltMngSvcServiceMain Version 2. (Error: 87)

    Error: (12/23/2013 03:35:53 PM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {eaff68e1-8d4b-462e-87df-4e47b8166f92}


    System errors:
    =============
    Error: (12/23/2013 07:47:07 PM) (Source: DCOM) (User: NT AUTHORITY)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (12/23/2013 07:44:16 PM) (Source: DCOM) (User: DX4870-UB17)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DX4870-UB17PaulS-1-5-21-3621218647-2415035067-1218551212-1001LocalHost (Using LRPC)UnavailableUnavailable

    Error: (12/23/2013 07:44:16 PM) (Source: DCOM) (User: DX4870-UB17)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DX4870-UB17PaulS-1-5-21-3621218647-2415035067-1218551212-1001LocalHost (Using LRPC)UnavailableUnavailable

    Error: (12/23/2013 07:44:16 PM) (Source: DCOM) (User: DX4870-UB17)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DX4870-UB17PaulS-1-5-21-3621218647-2415035067-1218551212-1001LocalHost (Using LRPC)UnavailableUnavailable

    Error: (12/23/2013 07:44:16 PM) (Source: DCOM) (User: DX4870-UB17)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DX4870-UB17PaulS-1-5-21-3621218647-2415035067-1218551212-1001LocalHost (Using LRPC)UnavailableUnavailable

    Error: (12/23/2013 05:03:14 PM) (Source: DCOM) (User: NT AUTHORITY)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (12/23/2013 04:59:58 PM) (Source: DCOM) (User: DX4870-UB17)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DX4870-UB17PaulS-1-5-21-3621218647-2415035067-1218551212-1001LocalHost (Using LRPC)UnavailableUnavailable

    Error: (12/23/2013 04:59:58 PM) (Source: DCOM) (User: DX4870-UB17)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DX4870-UB17PaulS-1-5-21-3621218647-2415035067-1218551212-1001LocalHost (Using LRPC)UnavailableUnavailable

    Error: (12/23/2013 04:59:58 PM) (Source: DCOM) (User: DX4870-UB17)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DX4870-UB17PaulS-1-5-21-3621218647-2415035067-1218551212-1001LocalHost (Using LRPC)UnavailableUnavailable

    Error: (12/23/2013 04:59:58 PM) (Source: DCOM) (User: DX4870-UB17)
    Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DX4870-UB17PaulS-1-5-21-3621218647-2415035067-1218551212-1001LocalHost (Using LRPC)UnavailableUnavailable


    Microsoft Office Sessions:
    =========================
    Error: (12/23/2013 07:46:18 PM) (Source: VSS)(User: )
    Description: 0x80070005, Access is denied.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {87db0c30-d44a-43b6-8996-89feb3bb8ede}

    Error: (12/23/2013 05:01:59 PM) (Source: VSS)(User: )
    Description: 0x80070005, Access is denied.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {106171e7-f3e7-4abc-a040-503a0b42f9e5}

    Error: (12/23/2013 04:59:46 PM) (Source: CltMngSvc)(User: )
    Description: CltMngSvcServiceMain Version 2. (Error: 87)

    Error: (12/23/2013 04:39:01 PM) (Source: VSS)(User: )
    Description: 0x80070005, Access is denied.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {268a0efc-b09c-4d44-8a17-f2a3279b0555}

    Error: (12/23/2013 04:36:48 PM) (Source: CltMngSvc)(User: )
    Description: CltMngSvcServiceMain Version 2. (Error: 87)

    Error: (12/23/2013 04:23:58 PM) (Source: VSS)(User: )
    Description: 0x80070005, Access is denied.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {5e168b06-a4cd-400a-9c44-96dc2443384f}

    Error: (12/23/2013 04:21:43 PM) (Source: CltMngSvc)(User: )
    Description: CltMngSvcServiceMain Version 2. (Error: 87)

    Error: (12/23/2013 03:47:30 PM) (Source: VSS)(User: )
    Description: 0x80070005, Access is denied.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {6dcff28b-1c98-4f3a-8466-db157019bf42}

    Error: (12/23/2013 03:45:19 PM) (Source: CltMngSvc)(User: )
    Description: CltMngSvcServiceMain Version 2. (Error: 87)

    Error: (12/23/2013 03:35:53 PM) (Source: VSS)(User: )
    Description: 0x80070005, Access is denied.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {eaff68e1-8d4b-462e-87df-4e47b8166f92}


    =========================== Installed Programs ============================

    A Better Calendar for Windows
    Adobe Reader XI (11.0.05) (Version: 11.0.05)
    AutoHotkey 1.1.13.01 (Version: 1.1.13.01)
    CameraHelperMsi (Version: 13.51.815.0)
    Canon Easy-WebPrint EX (Version: 1.3.5.0)
    Canon IJ Scan Utility
    Canon MG3500 series MP Drivers (Version: 1.00)
    Canon MG3500 series On-screen Manual (Version: 7.6.1)
    Canon MG3500 series User Registration
    Canon My Image Garden (Version: 2.0.1)
    Canon My Image Garden Design Files (Version: 2.0.0)
    Canon My Printer (Version: 3.1.0)
    Canon Quick Menu (Version: 2.2.1)
    Citrus Alarm Clock 2.4
    Classic Shell (Version: 4.0.2)
    Cobian Backup 10
    Connect DLC 5 Toolbar for IE (Version: 6.17.2.8)
    CyberLink MediaEspresso 6.5 (Version: 6.5.3318_45364)
    CyberLink PowerDVD 10 (Version: 10.0.4220.52)
    D3DX10 (Version: 15.4.2368.0902)
    DYMO Label v.8 (Version: 8.5.0.1751)
    erLT (Version: 1.20.138.34)
    Evernote v. 5.0.3 (Version: 5.0.3.1614)
    Fund Manager
    Gateway Power Management (Version: 7.00.3006)
    Gateway Recovery Management (Version: 6.00.3011)
    Google Chrome (Version: 31.0.1650.63)
    Google Earth (Version: 7.1.2.2041)
    Google Update Helper (Version: 1.3.22.3)
    GreatArcadeHits (Version: 1.0)
    Hotkey Utility (Version: 3.00.3004)
    HTML-Kit 292 (Version: 1.0)
    Identity Card (Version: 2.00.3004)
    Intel(R) Control Center (Version: 1.2.1.1008)
    Intel(R) Management Engine Components (Version: 8.1.0.1281)
    Intel(R) Network Connections 17.2.153.0 (Version: 17.2.153.0)
    Intel(R) Processor Graphics (Version: 10.18.10.3316)
    Intel(R) Rapid Storage Technology (Version: 11.5.4.1001)
    Intel(R) SDK for OpenCL - CPU Only Runtime Package (Version: 2.0.0.37149)
    Intel® Trusted Connect Service Client (Version: 1.24.738.1)
    Java 7 Update 45 (Version: 7.0.450)
    Java Auto Updater (Version: 2.1.9.8)
    Junk Mail filter update (Version: 16.4.3508.0205)
    Live Updater (Version: 2.00.3004)
    Logitech Webcam Software (Version: 2.80)
    LWS Facebook (Version: 13.50.854.0)
    LWS Gallery (Version: 13.51.827.0)
    LWS Help_main (Version: 13.51.828.0)
    LWS Launcher (Version: 13.51.828.0)
    LWS Motion Detection (Version: 13.51.815.0)
    LWS Pictures And Video (Version: 13.51.815.0)
    LWS Twitter (Version: 13.30.1346.0)
    LWS Webcam Software (Version: 13.51.815.0)
    LWS WLM Plugin (Version: 1.30.1201.0)
    LWS YouTube Plugin (Version: 13.31.1038.0)
    McAfee Online Backup (Version: 1.16.4.0)
    McAfee Total Protection (Version: 12.8.856)
    Microsoft Application Error Reporting (Version: 12.0.6015.5000)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
    MSVCRT (Version: 15.4.2862.0708)
    MSVCRT_amd64 (Version: 15.4.2862.0708)
    MSVCRT110 (Version: 16.4.1108.0727)
    MSVCRT110_amd64 (Version: 16.4.1109.0912)
    MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
    MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
    MySQL Connector C++ 1.1.3 (Version: 1.1.3)
    MySQL Connector J (Version: 5.1.27)
    MySQL Connector Net 6.7.4 (Version: 6.7.4)
    MySQL Connector/ODBC 5.2 (Version: 5.2.6)
    MySQL Documents 5.6 (Version: 5.6.15)
    MySQL Examples and Samples 5.6 (Version: 5.6.15)
    MySQL Installer (Version: 1.3.4.0)
    MySQL Notifier 1.1.4 (Version: 1.1.4)
    MySQL Server 5.6 (Version: 5.6.15)
    MySQL Utilities (Version: 1.3.5)
    MySQL Workbench 6.0 CE (Version: 6.0.8)
    Nero 12 Essentials OEM.a01 (Version: 12.5.00000)
    Nero BackItUp (Version: 12.0.0016)
    Nero BackItUp 12 Essentials OEM.a01 (Version: 12.5.00000)
    Nero BackItUp Help (CHM) (Version: 12.0.1000)
    Nero ControlCenter (Version: 11.0.14500.0.45)
    Nero ControlCenter Help (CHM) (Version: 12.0.0003)
    Nero Core Components (Version: 11.0.16900.1.27)
    Nero Express (Version: 12.0.16001)
    Nero Express Help (CHM) (Version: 12.0.1000)
    Nero Launcher (Version: 12.0.3000)
    Nero RescueAgent (Version: 12.0.3001)
    Nero RescueAgent Help (CHM) (Version: 12.0.1000)
    Nero Update (Version: 11.0.11500.28.0)
    OpenOffice 4.0.1 (Version: 4.01.9714)
    Prerequisite installer (Version: 12.0.0002)
    Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.214)
    Qualcomm Atheros WLAN and Bluetooth Client Installation Program (Version: 11.31)
    Quicken 2014 (Version: 23.1.4.3)
    Realtek High Definition Audio Driver (Version: 6.0.1.6680)
    Realtek USB 2.0 Card Reader (Version: 6.2.8400.30137)
    Secunia PSI (3.0.0.9015) (Version: 3.0.0.9015)
    Severe Weather Alerts (Version: 1.23.0.0)
    Skypeâ„¢ 6.11 (Version: 6.11.102)
    SpeedCrunch 0.10
    SpyHunter (Version: 4.16.5.4290)
    What's Running 2.2 (Version: 2.2)
    Windows Live Communications Platform (Version: 16.4.3508.0205)
    Windows Live Essentials (Version: 16.4.3508.0205)
    Windows Live Installer (Version: 16.4.3508.0205)
    Windows Live Mail (Version: 16.4.3508.0205)
    Windows Live MIME IFilter (Version: 16.4.3508.0205)
    Windows Live Photo Common (Version: 16.4.3508.0205)
    Windows Live PIMT Platform (Version: 16.4.3508.0205)
    Windows Live SOXE (Version: 16.4.3508.0205)
    Windows Live SOXE Definitions (Version: 16.4.3508.0205)
    Windows Live UX Platform (Version: 16.4.3508.0205)
    Windows Live UX Platform Language Pack (Version: 16.4.3508.0205)
    Windows Live Writer (Version: 16.4.3508.0205)
    Windows Live Writer Resources (Version: 16.4.3508.0205)

    ========================= Memory info: ===================================

    Percentage of memory in use: 27%
    Total physical RAM: 6015.45 MB
    Available physical RAM: 4354.02 MB
    Total Pagefile: 12159.45 MB
    Available Pagefile: 9713.61 MB
    Total Virtual: 4095.88 MB
    Available Virtual: 3969.45 MB

    ========================= Partitions: =====================================

    1 Drive c: (Gateway) (Fixed) (Total:327.56 GB) (Free:281.11 GB) NTFS
    2 Drive d: (Data) (Fixed) (Total:29.3 GB) (Free:27.73 GB) NTFS
    3 Drive e: (Pictures) (Fixed) (Total:29.3 GB) (Free:24.1 GB) NTFS

    ========================= Users: ========================================

    User accounts for \\DX4870-UB17

    Administrator Guest Paul


    **** End of log ****
     
  13. 2013/12/23
    bananaball

    bananaball Inactive Thread Starter

    Joined:
    2003/11/05
    Messages:
    94
    Likes Received:
    0
    Trophy Points:
    81
    Location:
    Pennsylvania
    Computer Experience:
    Intermediate
    autorun2.PNG

    The strange startup notice no longer appears - Thank You
     
  14. 2013/12/23
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,591
    Likes Received:
    471
    Trophy Points:
    1,093
    Location:
    Walnut Creek, California, United States
    Computer Experience:
    Intermediate+
    Ok, great.

    In Control Panel< Uninstall a program, remove the following items:

    CyberLink MediaEspresso 6.5
    CyberLink PowerDVD 10

    Are you paying for your McAfee security suite by the way?
     
  15. 2013/12/23
    bananaball

    bananaball Inactive Thread Starter

    Joined:
    2003/11/05
    Messages:
    94
    Likes Received:
    0
    Trophy Points:
    81
    Location:
    Pennsylvania
    Computer Experience:
    Intermediate
    OK Done
    Yes I do pay for McAfee
     
  16. 2013/12/23
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,591
    Likes Received:
    471
    Trophy Points:
    1,093
    Location:
    Walnut Creek, California, United States
    Computer Experience:
    Intermediate+
    Are you happy with paying a subscription each year for it or would you rather use a free alternative security program?
     
  17. 2013/12/23
    bananaball

    bananaball Inactive Thread Starter

    Joined:
    2003/11/05
    Messages:
    94
    Likes Received:
    0
    Trophy Points:
    81
    Location:
    Pennsylvania
    Computer Experience:
    Intermediate
    Yes - I use it on multiple computers and I also use Avast on others
     
  18. 2013/12/23
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,591
    Likes Received:
    471
    Trophy Points:
    1,093
    Location:
    Walnut Creek, California, United States
    Computer Experience:
    Intermediate+
    Ok, cool. Just wanted to make sure.

    Do you have any other questions or are you all set?
     
  19. 2013/12/23
    bananaball

    bananaball Inactive Thread Starter

    Joined:
    2003/11/05
    Messages:
    94
    Likes Received:
    0
    Trophy Points:
    81
    Location:
    Pennsylvania
    Computer Experience:
    Intermediate
    Yes - I use McAfee on multiple computers. I also use Avast on another computer.
     
  20. 2013/12/23
    Evan Omo

    Evan Omo Computer Support Technician Staff

    Joined:
    2006/09/10
    Messages:
    7,591
    Likes Received:
    471
    Trophy Points:
    1,093
    Location:
    Walnut Creek, California, United States
    Computer Experience:
    Intermediate+
    Ok you repeated what you said in your previous post.

     
  21. 2013/12/24
    bananaball

    bananaball Inactive Thread Starter

    Joined:
    2003/11/05
    Messages:
    94
    Likes Received:
    0
    Trophy Points:
    81
    Location:
    Pennsylvania
    Computer Experience:
    Intermediate
    I'm all set and do appreciate your help - many,many thanks
     

Share This Page