1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Computer starts up fine but freezes a few minutes later

Discussion in 'Windows 7' started by Rose_farha, Nov 30, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. Rose_farha

    Rose_farha Thread Starter

    Joined:
    Nov 30, 2013
    Messages:
    16
    Hi, I would like to start off by my PC's specifications, I have a HP Mini 210-3002SA notebook, originally it had a 250GB Hard drive and a 1GB RAM, Windows 7 Started OS, my previous hard drive got corrupt :eek: and stopped working so I purchased a new 1TB hard drive :cool: in which the windows 7 starter was installed by a technician and I had upgraded the RAM to a 2GB:cool: . My PC was working fine until recently it kept coming up with an error for a missing Conduit BackgroundContainer.DLL :eek: file every time I started the PC, so I downloaded auto run from Microsoft website and had deleted the missing DLL file and checked the PC for viruses and there was one virus from Bettersurf and my antivirus software removed it. I started my PC again and it starts up fine :) but it freezes when I open any applications, :( SafeMode will not let me run the antivirus with or without networking :confused: and I have no idea what's happening.:confused: I uninstalled recently downloaded programs which were MS Visual Basic and Team Viewer before deleting the entire conduit file using auto run. So please :( please :( please :( help me... I appreciate your efforts and your help (y) (y) (y)...

    PS. Since the new hard drive had only the window 7 OS installed, I had installed all the necessary software drivers that originally came installed in the PC from the HP Website using a USB for transferring the drivers from one PC to another until Wi-Fi was enabled. It still was not like how it' was originally with the speakers making crackling sounds. The applications freeze all the time saying Not Responding.

    PS. Again, I have installed the latest windows update available...

    Thank you very very much to whoever that replies to this thread :rolleyes:

    Farha :eek:
     
  2. Sponsor

  3. Lance1

    Lance1

    Joined:
    Aug 4, 2003
    Messages:
    5,598
    UMMM, Is this a Microsoft exam question? This is reminiscent of my old MCSE exam days back in 2000. Being multiple choice and all.

    OK, why did you stay with windows 7 starter? Use the Windows Anytime Upgrade. and get up to speed. That DLL file is a Toolbar Auto Updater and is Malware. You need to completely remove it. I am going to ask a specialist to assist in this post as I am not qualified for that here at TSG.
     
  4. Rose_farha

    Rose_farha Thread Starter

    Joined:
    Nov 30, 2013
    Messages:
    16
    Nope, I had no idea a similar thing would be in an exam, but no its not a Microsoft Exam question, I am having this problem, and I stayed with windows 7 starter since it would be costly to upgrade, the technician installed it at a discount price... Thank you for replying to this thread :) I appreciate it... I will wait for a specialist then... :)
     
  5. Lance1

    Lance1

    Joined:
    Aug 4, 2003
    Messages:
    5,598
    I sent a message to Mark1956. One of our resident malware pro's. Be patient and wait for him to show up.
     
  6. Rose_farha

    Rose_farha Thread Starter

    Joined:
    Nov 30, 2013
    Messages:
    16
    Ok :) So be patient and wait it is! (y)
     
  7. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Hi, lets start by running a scan for Adware to make sure Conduit and Bettersurf have gone and to be sure there is nothing else lurking in the system. Please also run FRST and post both the logs. If you cannot get these programs to run in Normal Mode try them in Safe Mode.

    Please also run the System File Checker as detailed below and Copy & Paste the text file into your next reply.

    Click on this link to download : ADWCleaner Click on the Download Now button and save it to your desktop.

    NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

    Close your browser and double click on this icon on your desktop: [​IMG]

    You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.

    [​IMG]

    =============================================

    Please download Farbar Recovery Scan Tool (FRST) and save it to your desktop. Do not get tempted to download Regclean Pro.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The first time the tool is run, it makes another log (Addition.txt). Please also copy and paste that into your reply.


    ============================================


    System File Checker

    • Click on Start and type cmd in the search box. Right click on cmd in the popup menu and select Run as Administrator.
    • Another box will open, at the Command Prompt, type sfc /scannow and press Enter. (Note the gap between the c and the /)
    • Let the check run to completion. DO NOT reboot the PC or close the cmd window.
    • Copy & Paste the following command at the Command Prompt and press Enter:

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt

    • This will place a file on your desktop called sfcdetails.txt which contains the results of the scan.
    • Copy and Paste the contents of the file into your next post.
     
  8. Rose_farha

    Rose_farha Thread Starter

    Joined:
    Nov 30, 2013
    Messages:
    16
    Hi Mark

    I have done all the scans and check and as requested here are the reports...
    Should I delete the programs now or should I keep them?

    Adware Cleaner Report
    # AdwCleaner v3.013 - Report created 01/12/2013 at 15:08:32
    # Updated 24/11/2013 by Xplode
    # Operating System : Windows 7 Starter Service Pack 1 (32 bits)
    # Username : user - FARHA-PC
    # Running from : C:\Users\user\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\AVG Secure Search
    Folder Deleted : C:\ProgramData\Conduit
    Folder Deleted : C:\Program Files\AVG Secure Search
    Folder Deleted : C:\Program Files\BetterSurf
    Folder Deleted : C:\Program Files\Conduit
    Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
    Folder Deleted : C:\users\user\AppData\Local\AVG Secure Search
    Folder Deleted : C:\users\user\AppData\Local\Conduit
    Folder Deleted : C:\users\user\AppData\LocalLow\AVG Secure Search
    Folder Deleted : C:\users\user\AppData\LocalLow\Conduit
    File Deleted : C:\END
    File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
    File Deleted : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
    Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
    Key Deleted : HKLM\SOFTWARE\Classes\S
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Key Deleted : HKCU\Software\AVG Secure Search
    Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
    Key Deleted : HKLM\Software\AVG Secure Search
    Key Deleted : HKLM\Software\AVG Security Toolbar
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16428

    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

    -\\ Google Chrome v31.0.1650.57

    [ File : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [6143 octets] - [01/12/2013 15:00:40]
    AdwCleaner[S0].txt - [6133 octets] - [01/12/2013 15:08:32]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6193 octets] ##########

    FRST Report

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-12-2013
    Ran by user (administrator) on FARHA-PC on 01-12-2013 15:43:57
    Running from C:\Users\user\Desktop
    Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: English(US)
    Internet Explorer Version 11
    Boot Mode: Safe Mode (with Networking)

    ==================== Processes (Whitelisted) ===================

    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [1138780 2011-06-30] (IDT, Inc.)
    HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
    HKLM\...\Run: [AtherosBtStack] - C:\Program Files\Bluetooth Suite\BtvStack.exe [498848 2011-05-09] (Atheros Commnucations)
    HKLM\...\Run: [AthBtTray] - C:\Program Files\Bluetooth Suite\AthBtTray.exe [302240 2011-05-09] (Atheros Commnucations)
    HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
    HKLM\...\Run: [HPConnectionManager] - C:\Program Files\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [88576 2011-04-13] (Hewlett-Packard Development Company L.P.)
    HKLM\...\Run: [] - [x]
    HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
    HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
    HKLM\...\Run: [EKStatusMonitor] - C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
    HKLM\...\Run: [Conime] - %windir%\system32\conime.exe
    HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-05] (Hewlett-Packard)
    HKCU\...\RunOnce: [Report] - C:\AdwCleaner\AdwCleaner[S0].txt [6273 2013-12-01] ()
    Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x867F5E1DDDB9CE01
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
    SearchScopes: HKLM - DefaultScope value is missing.
    SearchScopes: HKCU - {6BA9EEB1-658B-4738-BD4B-13701D74B2AA} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289847&CUI=UN21106666487801867&UM=2
    BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
    BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.dll (Symantec Corporation)
    BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
    BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
    Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

    Chrome:
    =======
    CHR HomePage: hxxp://www.google.co.uk/
    CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
    CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
    CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
    CHR Extension: (AVG Do Not Track) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\epojjbofkhffmihobdncmbhdocjljhpi\13.0.0.2718_0
    CHR Extension: (AdBlock) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.14_0
    CHR Extension: (Webcam Toy) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.5_0
    CHR Extension: (Norton Identity Protection) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.0.27_0
    CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
    CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
    CHR HKLM\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files\BetterSurf\ch\Chrome.crx
    CHR HKLM\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\user\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx
    CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx

    ========================== Services (Whitelisted) =================

    S2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395640 2013-03-15] (Eastman Kodak Company)
    S2 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [780152 2013-01-15] (Eastman Kodak Company)
    S2 N360; C:\Program Files\Norton 360\Engine\21.1.0.18\diMaster.dll [567600 2013-10-08] (Symantec Corporation)
    S2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [282706 2011-06-30] (IDT, Inc.)
    S2 vToolbarUpdater17.1.2; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe [x]

    ==================== Drivers (Whitelisted) ====================

    S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2013-04-18] (LG Electronics Inc.)
    S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2013-06-28] (LG Electronics Inc.)
    R3 AR5416; C:\Windows\System32\DRIVERS\athw.sys [1968640 2011-04-21] (Atheros Communications, Inc.)
    S3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [34976 2011-05-09] (Atheros)
    R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-11-10] (AVG Technologies)
    S1 BHDrvx86; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20131002.001\BHDrvx86.sys [1097304 2013-09-26] (Symantec Corporation)
    S3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [259232 2011-05-09] (Atheros)
    R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [24736 2011-05-09] (Atheros)
    S3 BTATH_HCRP; C:\Windows\System32\DRIVERS\btath_hcrp.sys [175776 2011-05-09] (Atheros)
    S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [49312 2011-05-09] (Atheros)
    S3 BTATH_RCP; C:\Windows\System32\DRIVERS\btath_rcp.sys [141088 2011-05-09] (Atheros)
    S3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [243872 2011-05-09] (Atheros)
    S1 ccSet_N360; C:\Windows\system32\drivers\N360\1501000.012\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation)
    S1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-11-29] (Symantec Corporation)
    S3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-11-29] (Symantec Corporation)
    S1 IDSVix86; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20131128.001\IDSvix86.sys [393816 2013-11-28] (Symantec Corporation)
    S3 NAVENG; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20131129.009\NAVENG.SYS [93272 2013-11-29] (Symantec Corporation)
    S3 NAVEX15; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20131129.009\NAVEX15.SYS [1612376 2013-11-29] (Symantec Corporation)
    S1 SRTSP; C:\Windows\system32\drivers\N360\1501000.012\SRTSP.SYS [651352 2013-09-27] (Symantec Corporation)
    S1 SRTSPX; C:\Windows\system32\drivers\N360\1501000.012\SRTSPX.SYS [32344 2013-09-10] (Symantec Corporation)
    R0 SymDS; C:\Windows\System32\drivers\N360\1501000.012\SYMDS.SYS [367704 2013-09-10] (Symantec Corporation)
    R0 SymEFA; C:\Windows\System32\drivers\N360\1501000.012\SYMEFA.SYS [935512 2013-09-27] (Symantec Corporation)
    S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2013-11-30] (Symantec Corporation)
    S1 SymIRON; C:\Windows\system32\drivers\N360\1501000.012\Ironx86.SYS [206936 2013-09-27] (Symantec Corporation)
    S1 SymNetS; C:\Windows\system32\drivers\N360\1501000.012\SYMNETS.SYS [446552 2013-09-26] (Symantec Corporation)

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-12-01 15:43 - 2013-12-01 15:44 - 00009520 _____ C:\Users\user\Desktop\FRST.txt
    2013-12-01 15:43 - 2013-12-01 15:43 - 00000000 ____D C:\FRST
    2013-12-01 15:25 - 2013-12-01 15:25 - 01092187 _____ (Farbar) C:\Users\user\Desktop\FRST.exe
    2013-12-01 15:00 - 2013-12-01 15:23 - 00000000 ____D C:\AdwCleaner
    2013-12-01 14:59 - 2013-12-01 14:59 - 01091882 _____ C:\Users\user\Downloads\AdwCleaner.exe
    2013-11-30 14:04 - 2013-11-30 14:04 - 00754600 _____ C:\Windows\Minidump\113013-60263-01.dmp
    2013-11-30 14:04 - 2013-11-30 14:04 - 00000000 ____D C:\Windows\Minidump
    2013-11-30 14:03 - 2013-11-30 14:03 - 272395204 _____ C:\Windows\MEMORY.DMP
    2013-11-30 11:02 - 2013-11-30 14:27 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
    2013-11-30 11:02 - 2013-11-30 11:02 - 00142936 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
    2013-11-30 11:02 - 2013-11-30 11:02 - 00008194 _____ C:\Windows\system32\Drivers\SYMEVENT.CAT
    2013-11-30 11:02 - 2013-11-30 11:02 - 00002313 _____ C:\Users\Public\Desktop\Norton 360.lnk
    2013-11-30 11:01 - 2013-11-30 11:01 - 00000000 ____D C:\Windows\system32\Drivers\N360
    2013-11-30 11:00 - 2013-11-30 11:11 - 00000000 ____D C:\ProgramData\Norton
    2013-11-30 11:00 - 2013-11-30 11:01 - 00000000 ____D C:\Program Files\Norton 360
    2013-11-30 10:54 - 2013-11-30 10:57 - 211811872 ____N (Symantec Corporation) C:\Users\user\Downloads\N360-TW-21.1.0-EN-UK.exe
    2013-11-29 21:59 - 2013-11-29 22:00 - 00000000 ____D C:\a497be204ce14b0ccfe3005d8e
    2013-11-29 21:24 - 2013-09-04 01:15 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
    2013-11-29 21:24 - 2013-09-04 01:14 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
    2013-11-29 21:24 - 2013-09-04 01:14 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
    2013-11-29 21:24 - 2013-09-04 01:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
    2013-11-29 21:24 - 2013-09-04 01:14 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
    2013-11-29 21:24 - 2013-09-04 01:14 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
    2013-11-29 21:24 - 2013-09-04 01:14 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
    2013-11-29 20:04 - 2013-11-29 20:04 - 00182936 _____ (Microsoft Corporation) C:\Users\user\Downloads\rdpclip_hotfix.exe
    2013-11-29 19:59 - 2013-11-29 19:59 - 00000000 ____D C:\Users\user\Desktop\Autoruns
    2013-11-27 16:16 - 2013-11-27 18:00 - 00002850 _____ C:\Users\user\Desktop\avgrep.txt
    2013-11-27 15:05 - 2013-11-28 05:08 - 00000000 ____D C:\08d818e26d672172d2
    2013-11-27 14:44 - 2013-11-28 05:08 - 00000000 ____D C:\8740cbcf4ad5d682dc43d67421730b3f
    2013-11-27 12:20 - 2013-11-28 05:08 - 00000000 ____D C:\fc4bcea93098f649c9831c244b
    2013-11-27 12:17 - 2013-11-27 12:17 - 00000000 ___HT C:\Windows\wusa.lock
    2013-11-27 12:14 - 2013-11-28 16:49 - 00000000 ____D C:\ProgramData\Package Cache
    2013-11-21 19:30 - 2013-11-28 05:04 - 00000000 ____D C:\Program Files\TeamViewer
    2013-11-18 16:24 - 2013-11-18 16:24 - 00000000 _____ C:\extensions.sqlite
    2013-11-17 00:45 - 2013-11-17 00:45 - 17142784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 11220992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 04240384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2013-11-17 00:45 - 2013-11-17 00:45 - 02166272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 01926656 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2013-11-17 00:45 - 2013-11-17 00:45 - 01818112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 01156608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
    2013-11-17 00:45 - 2013-11-17 00:45 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2013-11-17 00:45 - 2013-11-17 00:45 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2013-11-17 00:45 - 2013-11-17 00:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2013-11-17 00:44 - 2013-11-17 00:49 - 00007983 _____ C:\Windows\IE11_main.log
    2013-11-13 18:46 - 2013-10-04 01:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
    2013-11-13 18:46 - 2013-10-04 01:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
    2013-11-13 18:46 - 2013-10-04 01:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
    2013-11-13 18:45 - 2013-10-12 02:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
    2013-11-13 18:45 - 2013-10-12 02:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
    2013-11-13 18:45 - 2013-10-12 02:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
    2013-11-13 18:45 - 2013-10-05 19:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2013-11-13 18:45 - 2013-10-03 01:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2013-11-13 18:45 - 2013-09-25 02:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2013-11-13 18:45 - 2013-09-25 02:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2013-11-13 18:45 - 2013-09-25 01:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2013-11-13 18:45 - 2013-09-25 01:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2013-11-13 18:45 - 2013-09-25 01:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2013-11-13 18:45 - 2013-09-25 01:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2013-11-13 18:45 - 2013-09-25 01:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2013-11-13 18:45 - 2013-09-25 00:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2013-11-13 18:45 - 2013-09-25 00:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2013-11-13 18:45 - 2013-07-04 12:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2013-11-10 19:06 - 2013-11-10 19:09 - 00000000 ____D C:\Users\user\AppData\Roaming\LG Electronics
    2013-11-10 18:22 - 2013-11-10 18:22 - 00001164 _____ C:\Users\Public\Desktop\LG PC Suite.lnk
    2013-11-10 18:20 - 2013-11-28 05:04 - 00000000 ____D C:\Users\user\AppData\Local\LG Electronics
    2013-11-10 18:18 - 2013-11-28 05:04 - 00000000 ____D C:\Program Files\LG Electronics
    2013-11-10 18:18 - 2013-11-10 18:18 - 00096464 _____ C:\Users\user\Downloads\Information Systems lesson 2.pptx

    ==================== One Month Modified Files and Folders =======

    2013-12-01 15:44 - 2013-12-01 15:43 - 00009520 _____ C:\Users\user\Desktop\FRST.txt
    2013-12-01 15:43 - 2013-12-01 15:43 - 00000000 ____D C:\FRST
    2013-12-01 15:25 - 2013-12-01 15:25 - 01092187 _____ (Farbar) C:\Users\user\Desktop\FRST.exe
    2013-12-01 15:23 - 2013-12-01 15:00 - 00000000 ____D C:\AdwCleaner
    2013-12-01 15:15 - 2013-09-29 11:43 - 00000000 ____D C:\Users\user\AppData\Roaming\Dropbox
    2013-12-01 15:12 - 2013-10-18 20:35 - 00000000 ____D C:\ProgramData\Kodak
    2013-12-01 15:12 - 2013-09-29 12:04 - 00000000 ___RD C:\Users\user\Dropbox
    2013-12-01 15:12 - 2013-09-25 11:13 - 00000878 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-12-01 15:12 - 2009-07-14 04:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2013-12-01 15:12 - 2009-07-14 04:39 - 00034422 _____ C:\Windows\setupact.log
    2013-12-01 14:59 - 2013-12-01 14:59 - 01091882 _____ C:\Users\user\Downloads\AdwCleaner.exe
    2013-11-30 20:55 - 2010-11-20 21:48 - 00150296 _____ C:\Windows\PFRO.log
    2013-11-30 20:40 - 2013-09-25 11:13 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-11-30 20:26 - 2009-07-14 04:34 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-11-30 20:24 - 2009-07-14 04:34 - 00016752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-11-30 20:19 - 2013-09-24 14:42 - 01564583 _____ C:\Windows\WindowsUpdate.log
    2013-11-30 14:27 - 2013-11-30 11:02 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
    2013-11-30 14:18 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\Microsoft.NET
    2013-11-30 14:11 - 2010-11-20 21:01 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
    2013-11-30 14:04 - 2013-11-30 14:04 - 00754600 _____ C:\Windows\Minidump\113013-60263-01.dmp
    2013-11-30 14:04 - 2013-11-30 14:04 - 00000000 ____D C:\Windows\Minidump
    2013-11-30 14:03 - 2013-11-30 14:03 - 272395204 _____ C:\Windows\MEMORY.DMP
    2013-11-30 12:37 - 2013-10-28 19:42 - 00000316 _____ C:\Windows\Tasks\HPCeeScheduleForuser.job
    2013-11-30 11:42 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\NDF
    2013-11-30 11:11 - 2013-11-30 11:00 - 00000000 ____D C:\ProgramData\Norton
    2013-11-30 11:09 - 2013-09-25 10:58 - 00000000 ____D C:\ProgramData\AVG2014
    2013-11-30 11:09 - 2013-09-25 10:53 - 00000000 ____D C:\ProgramData\MFAData
    2013-11-30 11:02 - 2013-11-30 11:02 - 00142936 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
    2013-11-30 11:02 - 2013-11-30 11:02 - 00008194 _____ C:\Windows\system32\Drivers\SYMEVENT.CAT
    2013-11-30 11:02 - 2013-11-30 11:02 - 00002313 _____ C:\Users\Public\Desktop\Norton 360.lnk
    2013-11-30 11:01 - 2013-11-30 11:01 - 00000000 ____D C:\Windows\system32\Drivers\N360
    2013-11-30 11:01 - 2013-11-30 11:00 - 00000000 ____D C:\Program Files\Norton 360
    2013-11-30 10:57 - 2013-11-30 10:54 - 211811872 ____N (Symantec Corporation) C:\Users\user\Downloads\N360-TW-21.1.0-EN-UK.exe
    2013-11-29 22:00 - 2013-11-29 21:59 - 00000000 ____D C:\a497be204ce14b0ccfe3005d8e
    2013-11-29 20:04 - 2013-11-29 20:04 - 00182936 _____ (Microsoft Corporation) C:\Users\user\Downloads\rdpclip_hotfix.exe
    2013-11-29 19:59 - 2013-11-29 19:59 - 00000000 ____D C:\Users\user\Desktop\Autoruns
    2013-11-29 13:59 - 2013-09-24 15:41 - 00090704 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
    2013-11-29 13:55 - 2009-07-14 04:33 - 00341568 _____ C:\Windows\system32\FNTCACHE.DAT
    2013-11-28 16:49 - 2013-11-27 12:14 - 00000000 ____D C:\ProgramData\Package Cache
    2013-11-28 05:09 - 2009-07-14 02:37 - 00000000 __RSD C:\Windows\Media
    2013-11-28 05:09 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\wfp
    2013-11-28 05:08 - 2013-11-27 15:05 - 00000000 ____D C:\08d818e26d672172d2
    2013-11-28 05:08 - 2013-11-27 14:44 - 00000000 ____D C:\8740cbcf4ad5d682dc43d67421730b3f
    2013-11-28 05:08 - 2013-11-27 12:20 - 00000000 ____D C:\fc4bcea93098f649c9831c244b
    2013-11-28 05:08 - 2013-10-12 14:36 - 00000000 ____D C:\Program Files\Bonjour
    2013-11-28 05:08 - 2013-09-25 19:29 - 00000000 ____D C:\Program Files\Bluetooth Suite
    2013-11-28 05:08 - 2013-09-24 15:51 - 00000000 ____D C:\ProgramData\Atheros
    2013-11-28 05:07 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\registration
    2013-11-28 05:05 - 2013-09-28 17:07 - 00000000 ____D C:\Users\user\AppData\Roaming\Adobe
    2013-11-28 05:04 - 2013-11-21 19:30 - 00000000 ____D C:\Program Files\TeamViewer
    2013-11-28 05:04 - 2013-11-10 18:20 - 00000000 ____D C:\Users\user\AppData\Local\LG Electronics
    2013-11-28 05:04 - 2013-11-10 18:18 - 00000000 ____D C:\Program Files\LG Electronics
    2013-11-28 05:04 - 2013-10-18 20:45 - 00000000 ____D C:\ProgramData\Visan
    2013-11-28 05:04 - 2013-10-18 20:45 - 00000000 ____D C:\ProgramData\PrintProjects
    2013-11-28 05:04 - 2013-10-18 20:42 - 00000000 ____D C:\Users\user\AppData\Local\Eastman_Kodak_Company
    2013-11-28 05:04 - 2013-10-18 20:38 - 00000000 ____D C:\Program Files\Kodak
    2013-11-28 05:04 - 2013-10-12 14:38 - 00000000 ____D C:\Program Files\Apple Software Update
    2013-11-28 05:04 - 2013-10-12 14:35 - 00000000 ____D C:\ProgramData\Apple
    2013-11-28 05:04 - 2013-10-12 14:35 - 00000000 ____D C:\Program Files\Common Files\Apple
    2013-11-28 05:04 - 2013-10-06 15:33 - 00000000 ____D C:\Program Files\Common Files\Adobe
    2013-11-28 05:04 - 2013-10-06 15:33 - 00000000 ____D C:\Program Files\Adobe
    2013-11-28 05:04 - 2013-10-06 15:32 - 00000000 ____D C:\ProgramData\Adobe
    2013-11-28 05:04 - 2013-09-29 14:49 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2013-11-28 05:04 - 2013-09-28 15:43 - 00000000 ____D C:\Program Files\Microsoft.NET
    2013-11-28 05:04 - 2013-09-28 15:14 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
    2013-11-28 05:04 - 2013-09-28 15:03 - 00000000 ____D C:\Program Files\Microsoft Office
    2013-11-28 05:04 - 2013-09-28 15:02 - 00000000 __RHD C:\MSOCache
    2013-11-28 05:04 - 2013-09-25 20:42 - 00000000 ____D C:\Users\user\AppData\Local\Hewlett-Packard
    2013-11-28 05:04 - 2013-09-25 20:13 - 00000000 ____D C:\ProgramData\Hewlett-Packard
    2013-11-28 05:04 - 2013-09-25 12:26 - 00000000 ____D C:\Program Files\Synaptics
    2013-11-27 18:11 - 2013-10-06 13:24 - 00000000 ____D C:\Users\user\AppData\Local\CrashDumps
    2013-11-27 18:00 - 2013-11-27 16:16 - 00002850 _____ C:\Users\user\Desktop\avgrep.txt
    2013-11-27 12:17 - 2013-11-27 12:17 - 00000000 ___HT C:\Windows\wusa.lock
    2013-11-24 13:10 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\rescache
    2013-11-18 19:53 - 2013-09-28 14:43 - 00000052 _____ C:\Windows\system32\DOErrors.log
    2013-11-18 19:52 - 2013-09-28 14:42 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
    2013-11-18 19:29 - 2013-09-25 11:15 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2013-11-18 16:24 - 2013-11-18 16:24 - 00000000 _____ C:\extensions.sqlite
    2013-11-17 00:49 - 2013-11-17 00:44 - 00007983 _____ C:\Windows\IE11_main.log
    2013-11-17 00:45 - 2013-11-17 00:45 - 17142784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 11220992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 04240384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2013-11-17 00:45 - 2013-11-17 00:45 - 02166272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 01926656 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2013-11-17 00:45 - 2013-11-17 00:45 - 01818112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 01156608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
    2013-11-17 00:45 - 2013-11-17 00:45 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2013-11-17 00:45 - 2013-11-17 00:45 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2013-11-17 00:45 - 2013-11-17 00:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2013-11-17 00:45 - 2013-11-17 00:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2013-11-17 00:45 - 2013-11-17 00:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2013-11-16 14:01 - 2013-09-28 15:03 - 00000000 ____D C:\ProgramData\Microsoft Help
    2013-11-16 13:52 - 2013-10-02 16:14 - 00000000 ____D C:\Windows\system32\MRT
    2013-11-16 13:45 - 2013-10-02 16:14 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2013-11-10 23:00 - 2013-09-25 10:59 - 00037664 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
    2013-11-10 19:22 - 2013-10-12 14:44 - 00000000 ____D C:\Users\user\AppData\Roaming\Apple Computer
    2013-11-10 19:09 - 2013-11-10 19:06 - 00000000 ____D C:\Users\user\AppData\Roaming\LG Electronics
    2013-11-10 18:22 - 2013-11-10 18:22 - 00001164 _____ C:\Users\Public\Desktop\LG PC Suite.lnk
    2013-11-10 18:18 - 2013-11-10 18:18 - 00096464 _____ C:\Users\user\Downloads\Information Systems lesson 2.pptx
    2013-11-10 17:12 - 2013-10-26 11:26 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

    ==================== Bamital & volsnap Check =================

    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2013-11-20 15:11

    Addition Report

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-12-2013
    Ran by user at 2013-12-01 15:45:35
    Running from C:\Users\user\Desktop
    Boot Mode: Safe Mode (with Networking)
    ==========================================================


    ==================== Security Center ========================

    AV: Norton 360 (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Norton 360 (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton 360 (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

    ==================== Installed Programs ======================

    Adobe Reader XI (11.0.05) (Version: 11.0.05)
    aioscnnr (Version: 7.6.13.10)
    Apple Application Support (Version: 2.3.6)
    Apple Software Update (Version: 2.1.3.127)
    Atheros Driver Installation Program (Version: 9.2)
    Bluetooth Win7 Suite (Version: 7.2.0.80)
    Bonjour (Version: 3.0.0.10)
    center (Version: 7.7.2.0)
    Cisco EAP-FAST Module (Version: 2.2.14)
    Cisco LEAP Module (Version: 1.0.19)
    Cisco PEAP Module (Version: 1.1.6)
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    Dropbox (HKCU Version: 2.0.26)
    essentials (Version: 7.7.2.0)
    Google Chrome (Version: 31.0.1650.57)
    Google Update Helper (Version: 1.3.22.3)
    Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000)
    HP Camera (Version: 3.2.3.132)
    HP Connection Manager (Version: 4.1.12.1)
    HP Customer Experience Enhancements (Version: 6.0.1.7)
    HP Software Framework (Version: 4.5.10.1)
    HP Support Assistant (Version: 7.0.39.15)
    IDT Audio (Version: 1.0.6351.0)
    Intel(R) Control Center (Version: 1.2.1.1007)
    Intel(R) Graphics Media Accelerator Driver (Version: 8.14.10.2230)
    Intel(R) Rapid Storage Technology (Version: 10.1.0.1008)
    Kodak AIO Printer (Version: 7.7.2.0)
    KODAK AiO Software (Version: 7.7.6.0)
    LG PC Suite (Version: 5.3.06.20130913)
    LG United Mobile Drivers (Version: 3.10.1.0)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
    Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Home and Student 2010 (Version: 14.0.7015.1000)
    Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Single Image 2010 (Version: 14.0.7015.1000)
    Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Silverlight (Version: 5.1.20913.0)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (Version: 11.0.60610.1)
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
    Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005)
    Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (Version: 12.0.21005)
    Norton 360 (Version: 21.1.0.18)
    ocr (Version: 6.2.3.50)
    PreReq (Version: 6.2.4.0)
    PrintProjects (Version: 1.0.0.9282)
    Realtek Ethernet Controller Driver (Version: 7.34.1130.2010)
    Realtek USB 2.0 Card Reader (Version: 6.1.7600.30127)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
    Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
    Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
    Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
    Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
    Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
    Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)

    ==================== Restore Points =========================

    29-11-2013 21:58:25 Windows Update
    29-11-2013 22:16:49 Windows Update
    29-11-2013 23:32:11 Windows Update

    ==================== Hosts content: ==========================

    2009-07-14 02:04 - 2009-06-10 21:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {01456B05-0A8F-40B6-891D-72BE3726CFD4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {1BB9C864-CBCC-46DC-90D4-62BA2C12C967} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
    Task: {358250A7-78D1-49CB-BDBF-9993AADD50FB} - System32\Tasks\HPCeeScheduleForuser => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
    Task: {429CBD47-DDE2-4ED2-BBD9-954EFBAFECBB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {55039AE4-2AAC-4067-95B6-A0005C297DBF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {6FC33179-22C3-4FC6-979D-74EE3594F1D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {7B7D5E2E-CD5A-416D-80B5-0B8EF2C84EBB} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files\Norton 360\Engine\21.1.0.18\symerr.exe [2013-08-01] (Symantec Corporation)
    Task: {7D142285-C574-4095-9C15-15CC5E86F16B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
    Task: {85485C6E-EA59-45F2-AFBF-4374B1385D2E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-25] (Google Inc.)
    Task: {990CD1A4-7FB6-4D69-8530-30671AFE8FD2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company)
    Task: {BF432619-2613-4D27-85FD-974E489B413F} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files\Norton 360\Engine\21.1.0.18\symerr.exe [2013-08-01] (Symantec Corporation)
    Task: {BFB5DE68-5958-4E1B-A797-A366075DD117} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton 360\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
    Task: {FE884DC7-A07C-4475-AE4B-7FFE10751AE4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-25] (Google Inc.)
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForuser.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-11-18 19:29 - 2013-11-14 11:29 - 04055504 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll
    2013-11-18 19:29 - 2013-11-14 11:29 - 00399312 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
    2013-11-18 19:29 - 2013-11-14 11:28 - 01619408 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll

    ==================== Alternate Data Streams (whitelisted) =========


    ==================== Safe Mode (whitelisted) ===================

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

    ==================== Faulty Device Manager Devices =============

    Name: Security Processor Loader Driver
    Description: Security Processor Loader Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: spldr
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (12/01/2013 03:20:25 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (12/01/2013 03:13:00 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (12/01/2013 02:53:57 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (11/30/2013 08:56:56 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (11/30/2013 08:19:59 PM) (Source: Application Error) (User: )
    Description: Faulting application name: hpCMSrv.exe, version: 4.1.12.1, time stamp: 0x4da62ef4
    Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb10c6
    Exception code: 0xe06d7363
    Fault offset: 0x0000812f
    Faulting process id: 0x1714
    Faulting application start time: 0xhpCMSrv.exe0
    Faulting application path: hpCMSrv.exe1
    Faulting module path: hpCMSrv.exe2
    Report Id: hpCMSrv.exe3

    Error: (11/30/2013 08:16:24 PM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (11/30/2013 06:30:21 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 957581

    Error: (11/30/2013 06:30:21 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 957581

    Error: (11/30/2013 06:30:21 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (11/30/2013 06:30:20 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 956583


    System errors:
    =============
    Error: (12/01/2013 03:21:10 PM) (Source: Service Control Manager) (User: )
    Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
    %%1068

    Error: (12/01/2013 03:19:54 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (12/01/2013 03:19:54 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (12/01/2013 03:19:53 PM) (Source: Service Control Manager) (User: )
    Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
    %%1068

    Error: (12/01/2013 03:19:53 PM) (Source: DCOM) (User: )
    Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

    Error: (12/01/2013 03:19:53 PM) (Source: DCOM) (User: )
    Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

    Error: (12/01/2013 03:19:51 PM) (Source: DCOM) (User: )
    Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

    Error: (12/01/2013 03:19:45 PM) (Source: DCOM) (User: )
    Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

    Error: (12/01/2013 03:19:11 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068

    Error: (12/01/2013 03:19:11 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
    %%1068


    Microsoft Office Sessions:
    =========================
    Error: (12/01/2013 03:20:25 PM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (12/01/2013 03:13:00 PM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (12/01/2013 02:53:57 PM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (11/30/2013 08:56:56 PM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (11/30/2013 08:19:59 PM) (Source: Application Error)(User: )
    Description: hpCMSrv.exe4.1.12.14da62ef4KERNELBASE.dll6.1.7601.1822951fb10c6e06d73630000812f171401ceee096c351336C:\Program Files\Hewlett-Packard\HP Connection Manager\hpCMSrv.exeC:\Windows\system32\KERNELBASE.dllc8ca049e-59fc-11e3-ad94-68a3c4d1b3e8

    Error: (11/30/2013 08:16:24 PM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (11/30/2013 06:30:21 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 957581

    Error: (11/30/2013 06:30:21 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 957581

    Error: (11/30/2013 06:30:21 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (11/30/2013 06:30:20 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 956583


    ==================== Memory info ===========================

    Percentage of memory in use: 32%
    Total physical RAM: 2035.87 MB
    Available physical RAM: 1375.92 MB
    Total Pagefile: 4071.73 MB
    Available Pagefile: 3451.7 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1900.02 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:931.41 GB) (Free:858 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: FD6380C3)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================

    SFC Report

    2013-12-01 15:48:55, Info CSI 00000009 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:48:55, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
    2013-12-01 15:49:00, Info CSI 0000000c [SR] Verify complete
    2013-12-01 15:49:01, Info CSI 0000000d [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:49:01, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
    2013-12-01 15:49:07, Info CSI 00000010 [SR] Verify complete
    2013-12-01 15:49:07, Info CSI 00000011 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:49:07, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:49:15, Info CSI 00000014 [SR] Verify complete
    2013-12-01 15:49:16, Info CSI 00000015 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:49:16, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:49:18, Info CSI 00000018 [SR] Verify complete
    2013-12-01 15:49:19, Info CSI 00000019 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:49:19, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
    2013-12-01 15:49:22, Info CSI 0000001c [SR] Verify complete
    2013-12-01 15:49:22, Info CSI 0000001d [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:49:22, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
    2013-12-01 15:49:30, Info CSI 00000020 [SR] Verify complete
    2013-12-01 15:49:32, Info CSI 00000021 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:49:32, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:49:37, Info CSI 00000024 [SR] Verify complete
    2013-12-01 15:49:38, Info CSI 00000025 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:49:38, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:49:42, Info CSI 00000028 [SR] Verify complete
    2013-12-01 15:49:43, Info CSI 00000029 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:49:43, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
    2013-12-01 15:49:48, Info CSI 0000002c [SR] Verify complete
    2013-12-01 15:49:49, Info CSI 0000002d [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:49:49, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
    2013-12-01 15:49:53, Info CSI 00000030 [SR] Verify complete
    2013-12-01 15:49:54, Info CSI 00000031 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:49:54, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:49:58, Info CSI 00000034 [SR] Verify complete
    2013-12-01 15:49:59, Info CSI 00000035 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:49:59, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:50:04, Info CSI 00000038 [SR] Verify complete
    2013-12-01 15:50:05, Info CSI 00000039 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:50:05, Info CSI 0000003a [SR] Beginning Verify and Repair transaction
    2013-12-01 15:50:15, Info CSI 0000003c [SR] Verify complete
    2013-12-01 15:50:16, Info CSI 0000003d [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:50:16, Info CSI 0000003e [SR] Beginning Verify and Repair transaction
    2013-12-01 15:50:25, Info CSI 00000041 [SR] Verify complete
    2013-12-01 15:50:26, Info CSI 00000042 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:50:26, Info CSI 00000043 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:50:33, Info CSI 00000046 [SR] Verify complete
    2013-12-01 15:50:34, Info CSI 00000047 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:50:34, Info CSI 00000048 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:50:42, Info CSI 0000004a [SR] Verify complete
    2013-12-01 15:50:42, Info CSI 0000004b [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:50:42, Info CSI 0000004c [SR] Beginning Verify and Repair transaction
    2013-12-01 15:50:59, Info CSI 00000054 [SR] Verify complete
    2013-12-01 15:51:00, Info CSI 00000055 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:51:00, Info CSI 00000056 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:51:16, Info CSI 0000005c [SR] Verify complete
    2013-12-01 15:51:16, Info CSI 0000005d [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:51:16, Info CSI 0000005e [SR] Beginning Verify and Repair transaction
    2013-12-01 15:51:26, Info CSI 00000060 [SR] Verify complete
    2013-12-01 15:51:27, Info CSI 00000061 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:51:27, Info CSI 00000062 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:51:35, Info CSI 00000064 [SR] Verify complete
    2013-12-01 15:51:36, Info CSI 00000065 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:51:36, Info CSI 00000066 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:51:46, Info CSI 00000068 [SR] Verify complete
    2013-12-01 15:51:47, Info CSI 00000069 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:51:47, Info CSI 0000006a [SR] Beginning Verify and Repair transaction
    2013-12-01 15:51:53, Info CSI 0000006c [SR] Verify complete
    2013-12-01 15:51:54, Info CSI 0000006d [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:51:54, Info CSI 0000006e [SR] Beginning Verify and Repair transaction
    2013-12-01 15:52:12, Info CSI 00000072 [SR] Verify complete
    2013-12-01 15:52:13, Info CSI 00000073 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:52:13, Info CSI 00000074 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:52:27, Info CSI 00000076 [SR] Verify complete
    2013-12-01 15:52:28, Info CSI 00000077 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:52:28, Info CSI 00000078 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:53:02, Info CSI 0000007a [SR] Verify complete
    2013-12-01 15:53:03, Info CSI 0000007b [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:53:03, Info CSI 0000007c [SR] Beginning Verify and Repair transaction
    2013-12-01 15:53:17, Info CSI 0000007e [SR] Verify complete
    2013-12-01 15:53:18, Info CSI 0000007f [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:53:18, Info CSI 00000080 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:53:23, Info CSI 00000082 [SR] Verify complete
    2013-12-01 15:53:24, Info CSI 00000083 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:53:24, Info CSI 00000084 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:53:27, Info CSI 00000086 [SR] Verify complete
    2013-12-01 15:53:28, Info CSI 00000087 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:53:28, Info CSI 00000088 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:53:53, Info CSI 000000a2 [SR] Verify complete
    2013-12-01 15:53:54, Info CSI 000000a3 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:53:54, Info CSI 000000a4 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:54:02, Info CSI 000000aa [SR] Verify complete
    2013-12-01 15:54:03, Info CSI 000000ab [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:54:03, Info CSI 000000ac [SR] Beginning Verify and Repair transaction
    2013-12-01 15:54:06, Info CSI 000000ae [SR] Verify complete
    2013-12-01 15:54:07, Info CSI 000000af [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:54:07, Info CSI 000000b0 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:54:15, Info CSI 000000b2 [SR] Verify complete
    2013-12-01 15:54:16, Info CSI 000000b3 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:54:16, Info CSI 000000b4 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:54:25, Info CSI 000000b6 [SR] Verify complete
    2013-12-01 15:54:25, Info CSI 000000b7 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:54:25, Info CSI 000000b8 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:54:44, Info CSI 000000ba [SR] Verify complete
    2013-12-01 15:54:45, Info CSI 000000bb [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:54:45, Info CSI 000000bc [SR] Beginning Verify and Repair transaction
    2013-12-01 15:54:59, Info CSI 000000bf [SR] Verify complete
    2013-12-01 15:55:00, Info CSI 000000c0 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:55:00, Info CSI 000000c1 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:55:02, Info CSI 000000c3 [SR] Verify complete
    2013-12-01 15:55:03, Info CSI 000000c4 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:55:03, Info CSI 000000c5 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:55:08, Info CSI 000000c7 [SR] Verify complete
    2013-12-01 15:55:09, Info CSI 000000c8 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:55:09, Info CSI 000000c9 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:55:20, Info CSI 000000cb [SR] Verify complete
    2013-12-01 15:55:21, Info CSI 000000cc [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:55:21, Info CSI 000000cd [SR] Beginning Verify and Repair transaction
    2013-12-01 15:55:30, Info CSI 000000cf [SR] Verify complete
    2013-12-01 15:55:31, Info CSI 000000d0 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:55:31, Info CSI 000000d1 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:55:48, Info CSI 000000d4 [SR] Verify complete
    2013-12-01 15:55:49, Info CSI 000000d5 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:55:49, Info CSI 000000d6 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:56:13, Info CSI 000000fb [SR] Verify complete
    2013-12-01 15:56:14, Info CSI 000000fc [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:56:14, Info CSI 000000fd [SR] Beginning Verify and Repair transaction
    2013-12-01 15:56:31, Info CSI 000000ff [SR] Verify complete
    2013-12-01 15:56:31, Info CSI 00000100 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:56:31, Info CSI 00000101 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:57:21, Info CSI 00000103 [SR] Verify complete
    2013-12-01 15:57:22, Info CSI 00000104 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:57:22, Info CSI 00000105 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:57:32, Info CSI 00000107 [SR] Verify complete
    2013-12-01 15:57:33, Info CSI 00000108 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:57:33, Info CSI 00000109 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:57:44, Info CSI 0000010b [SR] Verify complete
    2013-12-01 15:57:45, Info CSI 0000010c [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:57:45, Info CSI 0000010d [SR] Beginning Verify and Repair transaction
    2013-12-01 15:57:53, Info CSI 0000010f [SR] Verify complete
    2013-12-01 15:57:54, Info CSI 00000110 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:57:54, Info CSI 00000111 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:58:02, Info CSI 00000113 [SR] Verify complete
    2013-12-01 15:58:03, Info CSI 00000114 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:58:03, Info CSI 00000115 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:58:13, Info CSI 00000118 [SR] Verify complete
    2013-12-01 15:58:14, Info CSI 00000119 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:58:14, Info CSI 0000011a [SR] Beginning Verify and Repair transaction
    2013-12-01 15:58:49, Info CSI 0000011c [SR] Verify complete
    2013-12-01 15:58:50, Info CSI 0000011d [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:58:50, Info CSI 0000011e [SR] Beginning Verify and Repair transaction
    2013-12-01 15:59:00, Info CSI 00000120 [SR] Verify complete
    2013-12-01 15:59:01, Info CSI 00000121 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:59:01, Info CSI 00000122 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:59:12, Info CSI 00000124 [SR] Verify complete
    2013-12-01 15:59:13, Info CSI 00000125 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:59:13, Info CSI 00000126 [SR] Beginning Verify and Repair transaction
    2013-12-01 15:59:25, Info CSI 00000128 [SR] Verify complete
    2013-12-01 15:59:26, Info CSI 00000129 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:59:26, Info CSI 0000012a [SR] Beginning Verify and Repair transaction
    2013-12-01 15:59:42, Info CSI 0000012d [SR] Verify complete
    2013-12-01 15:59:43, Info CSI 0000012e [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:59:43, Info CSI 0000012f [SR] Beginning Verify and Repair transaction
    2013-12-01 15:59:54, Info CSI 00000131 [SR] Verify complete
    2013-12-01 15:59:55, Info CSI 00000132 [SR] Verifying 100 (0x00000064) components
    2013-12-01 15:59:55, Info CSI 00000133 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:00:02, Info CSI 00000135 [SR] Verify complete
    2013-12-01 16:00:03, Info CSI 00000136 [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:00:03, Info CSI 00000137 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:00:13, Info CSI 0000013a [SR] Verify complete
    2013-12-01 16:00:14, Info CSI 0000013b [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:00:14, Info CSI 0000013c [SR] Beginning Verify and Repair transaction
    2013-12-01 16:00:21, Info CSI 0000013e [SR] Verify complete
    2013-12-01 16:00:22, Info CSI 0000013f [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:00:22, Info CSI 00000140 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:00:29, Info CSI 00000142 [SR] Verify complete
    2013-12-01 16:00:30, Info CSI 00000143 [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:00:30, Info CSI 00000144 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:00:43, Info CSI 00000146 [SR] Verify complete
    2013-12-01 16:00:44, Info CSI 00000147 [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:00:44, Info CSI 00000148 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:00:56, Info CSI 0000014b [SR] Verify complete
    2013-12-01 16:00:57, Info CSI 0000014c [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:00:57, Info CSI 0000014d [SR] Beginning Verify and Repair transaction
    2013-12-01 16:01:14, Info CSI 0000014f [SR] Verify complete
    2013-12-01 16:01:15, Info CSI 00000150 [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:01:15, Info CSI 00000151 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:01:29, Info CSI 00000153 [SR] Verify complete
    2013-12-01 16:01:30, Info CSI 00000154 [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:01:30, Info CSI 00000155 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:01:41, Info CSI 00000157 [SR] Verify complete
    2013-12-01 16:01:42, Info CSI 00000158 [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:01:42, Info CSI 00000159 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:01:45, Info CSI 0000015b [SR] Verify complete
    2013-12-01 16:01:46, Info CSI 0000015c [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:01:46, Info CSI 0000015d [SR] Beginning Verify and Repair transaction
    2013-12-01 16:01:55, Info CSI 0000015f [SR] Verify complete
    2013-12-01 16:01:56, Info CSI 00000160 [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:01:56, Info CSI 00000161 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:02:02, Info CSI 00000163 [SR] Verify complete
    2013-12-01 16:02:03, Info CSI 00000164 [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:02:03, Info CSI 00000165 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:02:11, Info CSI 00000167 [SR] Verify complete
    2013-12-01 16:02:12, Info CSI 00000168 [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:02:12, Info CSI 00000169 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:02:18, Info CSI 0000016b [SR] Verify complete
    2013-12-01 16:02:19, Info CSI 0000016c [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:02:19, Info CSI 0000016d [SR] Beginning Verify and Repair transaction
    2013-12-01 16:02:28, Info CSI 0000016f [SR] Verify complete
    2013-12-01 16:02:29, Info CSI 00000170 [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:02:29, Info CSI 00000171 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:02:50, Info CSI 00000173 [SR] Verify complete
    2013-12-01 16:02:51, Info CSI 00000174 [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:02:51, Info CSI 00000175 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:03:20, Info CSI 00000177 [SR] Verify complete
    2013-12-01 16:03:21, Info CSI 00000178 [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:03:21, Info CSI 00000179 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:03:28, Info CSI 0000017b [SR] Verify complete
    2013-12-01 16:03:29, Info CSI 0000017c [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:03:29, Info CSI 0000017d [SR] Beginning Verify and Repair transaction
    2013-12-01 16:03:36, Info CSI 0000017f [SR] Verify complete
    2013-12-01 16:03:37, Info CSI 00000180 [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:03:37, Info CSI 00000181 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:03:41, Info CSI 00000183 [SR] Verify complete
    2013-12-01 16:03:42, Info CSI 00000184 [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:03:42, Info CSI 00000185 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:03:47, Info CSI 00000187 [SR] Verify complete
    2013-12-01 16:03:48, Info CSI 00000188 [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:03:48, Info CSI 00000189 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:03:55, Info CSI 0000018b [SR] Verify complete
    2013-12-01 16:03:56, Info CSI 0000018c [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:03:56, Info CSI 0000018d [SR] Beginning Verify and Repair transaction
    2013-12-01 16:03:59, Info CSI 0000018f [SR] Verify complete
    2013-12-01 16:04:00, Info CSI 00000190 [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:04:00, Info CSI 00000191 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:04:01, Info CSI 00000193 [SR] Verify complete
    2013-12-01 16:04:02, Info CSI 00000194 [SR] Verifying 100 (0x00000064) components
    2013-12-01 16:04:02, Info CSI 00000195 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:04:14, Info CSI 00000197 [SR] Verify complete
    2013-12-01 16:04:15, Info CSI 00000198 [SR] Verifying 34 (0x00000022) components
    2013-12-01 16:04:15, Info CSI 00000199 [SR] Beginning Verify and Repair transaction
    2013-12-01 16:04:17, Info CSI 0000019b [SR] Verify complete
    2013-12-01 16:04:17, Info CSI 0000019c [SR] Repairing 0 components
    2013-12-01 16:04:17, Info CSI 0000019d [SR] Beginning Verify and Repair transaction
    2013-12-01 16:04:17, Info CSI 0000019f [SR] Repair complete

    Thanks

    Farha
     
  9. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    No sign of anything bad in the logs, but a couple of things that need to be taken care of.

    Looks like you used to have AVG Anti Virus installed as it has left some remnants behind including a service that is still running. Please go here AVG Removal tool You must select the correct tool to match the version of AVG installed and the bit rate (32 or 64bit), download and run it. Your system shows you had AVG 2014 32bit.

    As ADWCleaner found a few items of Adware we need to run it again to make sure everything has gone, please run another scan, just as you did before, and post the new log.

    I can also see in the system you had a recent system crash and a memory dump has been saved, this is likely to be connected with the problems you are having so may give us some clues.

    Please follow this small guide to attach your minidump files so they can be analysed.

    First locate your minidump files, open Windows Explorer and click on the C: drive in the left pane, in the right pane look down the list of folders and double click on Windows to view its contents. NOTE: If your operating system is installed under a different drive letter then look there. Scroll down the contents of the Windows folder and look for a folder called minidump and double click on it. You should now see the minidump files which will have a .dmp extension.

    Zip up at least 6 of the most recent files into one zip folder (if there are less then just zip up what you have).

    NOTE: To zip up the files in Windows (all versions). Right click the file, click on Send To, and then click
    Compressed (zipped) Folder. That will create a zip folder containing a copy of the file, you should see it appear.


    If there is more than one .dmp file click on the first one, hold down the shift key and then click on the last one. That should highlight all the files. Then right click in the highlighted area, click on Send To, and then click Compressed (zipped) Folder.

    • Below the Message Box click on Go Advanced. Then scroll down until you see a button, Manage Attachments. Click on that and a new window opens.
    • Click on the Browse button, find the zip folder you made earlier and click on it so it becomes highlighted and click on Open.
    • Now click on the Upload button. Wait for the Upload to complete, it will appear just below the Browse box.
    • When done, click on the Close this window button at the top of the page.
    • Enter your message-text in the message box, then click on Submit Message/Reply.
     
  10. Rose_farha

    Rose_farha Thread Starter

    Joined:
    Nov 30, 2013
    Messages:
    16
    Hi

    This is the Scan Report

    # AdwCleaner v3.013 - Report created 01/12/2013 at 18:02:10
    # Updated 24/11/2013 by Xplode
    # Operating System : Windows 7 Starter Service Pack 1 (32 bits)
    # Username : user - FARHA-PC
    # Running from : C:\Users\user\Downloads\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    # AdwCleaner v3.013 - Report created 01/12/2013 at 18:07:57
    # Updated 24/11/2013 by Xplode
    # Operating System : Windows 7 Starter Service Pack 1 (32 bits)
    # Username : user - FARHA-PC
    # Running from : C:\Users\user\Downloads\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****


    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16428


    -\\ Google Chrome v31.0.1650.57

    [ File : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [6143 octets] - [01/12/2013 15:00:40]
    AdwCleaner[R1].txt - [874 octets] - [01/12/2013 15:21:44]
    AdwCleaner[R2].txt - [1520 octets] - [01/12/2013 17:47:59]
    AdwCleaner[R3].txt - [1215 octets] - [01/12/2013 18:02:10]
    AdwCleaner[S0].txt - [6273 octets] - [01/12/2013 15:08:32]
    AdwCleaner[S1].txt - [994 octets] - [01/12/2013 17:57:44]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1394 octets] ##########

    And this is the Clean Report

    # AdwCleaner v3.013 - Report created 01/12/2013 at 18:10:38
    # Updated 24/11/2013 by Xplode
    # Operating System : Windows 7 Starter Service Pack 1 (32 bits)
    # Username : user - FARHA-PC
    # Running from : C:\Users\user\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****


    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16428


    -\\ Google Chrome v31.0.1650.57

    [ File : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [6143 octets] - [01/12/2013 15:00:40]
    AdwCleaner[R1].txt - [874 octets] - [01/12/2013 15:21:44]
    AdwCleaner[R2].txt - [1520 octets] - [01/12/2013 17:47:59]
    AdwCleaner[R3].txt - [1474 octets] - [01/12/2013 18:02:10]
    AdwCleaner[S0].txt - [6273 octets] - [01/12/2013 15:08:32]
    AdwCleaner[S1].txt - [994 octets] - [01/12/2013 17:57:44]
    AdwCleaner[S2].txt - [975 octets] - [01/12/2013 18:10:38]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1034 octets] ##########

    And I only found one dump file so I am attaching that with this reply

    Many Thanks

    Farha
     

    Attached Files:

  11. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    The minidump is inconclusive, the error code of 9F is invariably due to a faulty driver but the one named is a windows driver that has been checked by the System File Checker without finding an error, so that has made us none the wiser. But, I ran the minidump through three different debugging tools and one of them pointed at usbhub.sys which shows in the FRST log as having been added one day before the minidump was created on 29th November, so we may need to look deeper into that. What date did the problem first start?

    The ADWCleaner log is clean now so that is the Adware dealt with. We now need to run some more scans, the FRST log shows there may be a problem with some of the systems services so they need to be checked, has there been any improvement since removing the Adware.


    SCAN 1
    Please download RKill
    There are three buttons to choose from with different names on, select the first one and save it to your desktop.


    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7, right-click on it and select Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply.
    • If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
    • If the tool does not run from any of the links provided, please let me know.

    SCAN 2
    DO NOT reboot, download Malwarebytes from here if you do not already have it: Malwarebytes. Install the program, run it and let it update. If you already have Malwarebytes launch the program.

    • Select Perform full scan and click on the Scan button. When the scan completes click on Show Results.
    • If the scan does not find any infections the log will appear as soon as it completes, please Copy & Paste it into your next reply.
    • If items are detected it will stay on the Scanner window and you will see Objects detected: 1 (the number may be higher).
    • Click on Show Results and put a check mark next to all the items displayed in the list by clicking on each one in turn <--- very important, then click on Remove Selected.
    • The log will appear, Copy & Paste it into your next post.
    • Click on OK and close the window.
     
  12. Rose_farha

    Rose_farha Thread Starter

    Joined:
    Nov 30, 2013
    Messages:
    16
    msg to Mark1956

    I don't exactly know when the problem started with my PC but I would say around 1 week or so and there has been no improvements so far in my PC, I cant run the PC on normal mode because it keeps freezing after a few minutes and the only way I can run it is on Safe Mode... So far the MalwareBytes app has detected 2 Objects, it is still scanning and here is the result of RKILL....

    Rkill 2.6.3 by Lawrence Abrams (Grinler)
    http://www.bleepingcomputer.com/
    Copyright 2008-2013 BleepingComputer.com
    More Information about Rkill can be found at this link:
    http://www.bleepingcomputer.com/forums/topic308364.html

    Program started at: 12/01/2013 10:11:16 PM in x86 mode. (Safe Mode)
    Windows Version: Windows 7 Starter Service Pack 1

    Checking for Windows services to stop:

    * No malware services found to stop.

    Checking for processes to terminate:

    * No malware processes found to kill.

    Checking Registry for malware related settings:

    * No issues found in the Registry.

    Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

    Performing miscellaneous checks:

    * Windows Defender Disabled

    [HKLM\SOFTWARE\Microsoft\Windows Defender]
    "DisableAntiSpyware" = dword:00000001

    Hi Mark

    The above message is from yesterday when you asked me to perform a couple of scans, I successfully ran the Rkill scan and have posted the results and I have tried to perform a full scan using malware bytes but for some reason it keeps freezing on safe mode too. I am going to try again now and see what happens/
     
  13. Rose_farha

    Rose_farha Thread Starter

    Joined:
    Nov 30, 2013
    Messages:
    16
    Hi Mark,

    I have managed to perform the full scan and here are the results as requested.

    This is after the Removal
    Malwarebytes Anti-Malware (Trial) 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.12.01.07

    Windows 7 Service Pack 1 x86 NTFS (Safe Mode/Networking)
    Internet Explorer 11.0.9600.16428
    user :: FARHA-PC [administrator]

    Protection: Disabled

    02/12/2013 19:15:29
    mbam-log-2013-12-02 (19-15-29).txt

    Scan type: Full scan (C:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 275541
    Time elapsed: 2 hour(s), 24 minute(s), 37 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 2
    HKCR\Typelib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F} (PUP.Optional.GetNow.A) -> Quarantined and deleted successfully.
    HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967} (PUP.Optional.GetNow.A) -> Quarantined and deleted successfully.

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)

    Thank You very much

    Farha
     
  14. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Both of the above logs are fine and all Malwarebytes found was some Adware.

    I'd now suggest running the system with Selective Startup, this should allow you to boot into Normal Mode. You can make the settings in Safe Mode then boot it into Normal Mode and let me know if the freezing still happens.

    Selective Startup (Clean Boot)

    • Click on Start [​IMG] then type msconfig into the Search box and hit the Enter key.
    • This screen should appear with the settings as shown:

    [​IMG]

    • Click on the Services tab and you should see this, click on the box next to Hide all Microsoft Services so a check mark appears.

    [​IMG]

    • Now click on the General tab and check the boxes as shown:

    [​IMG]

    • When done click on Apply and then OK.
    • The window will close and you will see a notification with two choices, click on Restart.
     
  15. Rose_farha

    Rose_farha Thread Starter

    Joined:
    Nov 30, 2013
    Messages:
    16
    Sorry for the late reply, I am going to follow the above steps now, I have just booted my PC on SafeMode. I did boot my PC up on normal mode yesterday and it didn't freeze, however when I tried opening applications it wont and I tried opening applications from the start menu, task ba and desktop and then it did freeze but then it restarted. For some reason it didn't restart on SafeMode so I am going to do that on normal mode.

    Ok, the PC did boot but it still freezes, there is no sound coming from the PC and the user interface is frozen, I can't even move my mouse...
     
  16. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Ok, we have checked for Malware, Adware, faulty services and system files and although some Adware has been removed nothing obvious has come to light. I think we now need to run some checks on your hardware, if that comes up clean we will next try a Repair Install so I should just ask if you have the original Windows 7 disc that was used to install from.

    In Safe Mode cancel the selective startup by following the original instructions to get the first screen up and then click the buton next to Normal Startup, click on Apply and allow it to reboot and go back into Safe Mode.

    Please run these two diagnostic scans.

    You can create the Seatools disc on any fully functional PC with a CD burner or use any PC to create the Flash Drive.

    Open Internet Explorer and click on this: Seatools

    Save the download to your desktop.

    In Windows 7 right click the ISO file, select Open With, then select Windows Disc Image Burning Tool then follow the prompts.
    For all other versions of windows (if you do not have an ISO burner) download this free software. ImgBurn Install the program (make sure you uncheck any boxes that will install bundled software) and start the application. Select the top left hand option to Write image file to disc and then on the next window click on the small yellow folder icon and browse to the ISO file on your desktop. Then click on the two grey discs with the arrow in between (bottom left) and leave it to complete the operation.

    You will need a blank recordable CD or a re-recordable CD. If your PC has no CD/DVD drive or you would prefer to run Seatools from a Flash Drive follow this guide: How to run Seatools from a USB Flash Drive

    When the CD has been burned boot the PC into the Bios setup and set the CD/DVD drive to 1st in the boot sequence Bios Boot Order Guide. Insert the disk in the drive then reboot and the disc will load into DOS. Click on Basic Tests and select the Long Test. If using a Flash Drive you need to set USB to 1st in the boot order, if there is no USB available in the boot order you will have to run the test from a CD.

    A full set of instructions can be found here: Seatools instructions

    When the test completes it will show a Pass or Fail.

    =====================================================

    Download Memtest86+ from here
    If you wish to run the test from a USB flash drive use this link Auto installer for USB key
    When the download is complete right click the file and select Extract Here and burn the image to a CD.

    In windows 7 right click the extracted file, select Open With, then select Windows Disc Image Burning Tool then follow the prompts.
    For all other versions of windows (if you do not have an ISO burner) download this free software. ImgBurn
    Install the program (make sure you uncheck any boxes to stop any bundled software from installing) and start the application. Select the top left hand option to Write image file to disk and then on the next window click on the small yellow folder icon and browse to the ISO file you have downloaded. Then click on the two grey discs with the arrow in between (bottom left) and leave it to complete the operation.

    Testing

    • Boot the PC into the Bios setup and set the CD/DVD drive to 1st in the boot sequence.
    • Insert the disk in the drive then reboot and the disc will load into dos.
    • Leave the test to run through at least 8 passes or until it is showing some errors.
    • If errors show in the test, stop the test and remove all but one of your RAM sticks then start the test again. Repeat the test on each stick until you find the one that is faulty.

    NOTE: This is a long slow test and for convenience should ideally be run overnight.

    The memtest will not be 100% accurate but should easily detect any major faults.
     
  17. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1114248