Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Lock ups in Win7


  • Please log in to reply

#31
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,019 posts
  • MVP
Sorry for the delay. I'm at a Microsoft conference this week.

How is it running now? Any better?


Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).
sfc  /scannow

(This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

Advertisements


#32
brycrip

brycrip

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 395 posts
No problem Ron... you're helping me!

I'll get on with your request but wanted to mention a couple of issues: Things seem better but I spent three hours writing in Open Office yesterday afternoon before the cursor froze up. Ctrl-Alt-Del did nothing and I had to re-boot. I held my breath as Open Office attempted to recover my document. It did, but sometimes I lose it... very frustrating. Also, this morning I find that my AVG anti virus software is gone! No desktop icon, no program installed. It was there yesterday but not today!

I'm reloading it as soon as I send this off...

Thanks again,
Bry
  • 0

#33
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,019 posts
  • MVP
Instead of AVG get the free version of Avast


Download and save the AVG removal tool
http://download.avg....6_2011_1184.exe

Download and save the free (Basic) version of Avast:
http://www.avast.com...ivirus-download

Uninstall AVG

Run the Avg Remover

Reboot

Install Avast. (right click and Run As Administrator.) (Register when it asks you - they will try to talk you into buying the full product but the free version is what we want.)
Once you have it installed and it has updated:

Then that night while you sleep, let it run a full boot-time scan:

First mute the speakers so it won't wake you up when windows loads. Then click on the orange Avast ball.
Click on Scan then change the Quick Scan to Boot-time Scan but don't hit Start yet. Click on Settings, Where it says Heuristic Sensivity: click on 4th vertical bar which is gray and change it to Orange
Make sure both boxes are checked. Change the Ask to Move to Chest. OK. Now click on Start and reboot.
It should tell you when it first starts where it will save the report. Usually it is: C:\ProgramData\Avast Software\Avast\report\aswboot.txt if not then write down the path. Once it finishes it should load windows. Click on the Avast ball and then on Scan then on Scan History, select the Boot-time scan report then View Results and it will tell you if it found anything. A text version of the report is at: C:\ProgramData\Avast Software\Avast\report\aswboot.txt

The boot-time scan will take from 2 to 7 hours. If it completes then your PC hardware is in pretty good shape. If it fails then I would start looking at Memory or overheating.

Heading home today so will be able to concentrate on your problem tomorrow.
  • 0

#34
brycrip

brycrip

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 395 posts
Here's the VEW scan: Cursor froze up once again... twice today... required reboot. Please remember, I'm doing this from a small bar in the DR. A scan that may take up to 7 hours is a lot of beer!

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 21/11/2013 2:51:43 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 21/11/2013 7:12:28 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

Log: 'System' Date/Time: 21/11/2013 7:10:27 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
  • 0

#35
brycrip

brycrip

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 395 posts
And the second scan:

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 21/11/2013 3:01:43 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 21/11/2013 7:12:25 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#36
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,019 posts
  • MVP
No power on the boat? It does not need to be connected to the Internet while it runs.

Even if you can't do a boot-time scan please switch to Avast. I think it's a better anti-virus and it's less likely to stop working like AVG.


When it locks up are there any error messages in the event log? (other than those we just saw?) Are the temps staying below 60 C? Does it just lock up in Open Office? Does BlueScreenView show anything?

If you run the memory test for an hour or so does it lock up?

http://www.sevenforu...stics-tool.html

Do you get lockups in Safe Mode with Networking?

(Reboot and when you see the maker's logo, hear a beep or it talks about F8, start tapping the F8 key slowly. Keep tapping until the Safe Mode Menu appears and choose Safe Mode with Networking. Login with your usual login.)
  • 0

#37
brycrip

brycrip

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 395 posts
My turn to apologize... no power in the Village yesterday and only 12V on the boat and I don't have a transformer.

Ok... I now have Avast. The memory test didn't find any problems. This thing locks up in Open Office, Note Pad, and when I'm writing you! Sorry... you'll have to walk me through this other stuff: When it locks up are there any error messages in the event log? (other than those we just saw?) Are the temps staying below 60 C? Does it just lock up in Open Office? Does BlueScreenView show anything?

I'm beginning to lose my patience here and have loaded my files onto my external hard drive. Would blowing this thing clean and going back to the original factory settings solve anything?

Thanks,
Bry
  • 0

#38
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,019 posts
  • MVP
If you start over you will probably need to download some 130+ updates but it might be the fastest way to go if it's a software issue. Obviously not going to help if it's hardware.

To check your temps:

Try speedfan
http://www.filehippo...nload_speedfan/

Download, save and Install it (Win 7 or Vista right click and Run As Admin.) then run it.

It will tell you your temps. If they seem hot (over 50) then check Automatic Fan Speed.
Leave it running and see if the temps drop.


To check Events:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

(Look for one or more events which happened at the time of the crash. Note that the event log may use Universal time and not be adjusted for your local time zone.)

Please post the Output log in your next reply then repeat but select Application.


Bluescreenview:

Download BlueScreenView
http://www.nirsoft.n...creen_view.html

Double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit, Select All.

Go File, Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.


You might also keep Process Explorer running. Sometimes a lockup is actually a process taking 100% of the CPU. Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top. Then shrink its window and move it to one side. Run your Open Office or Browser in a smaller window so you can still see the Process Explorer top line. Normally we expect to see System Idle at the top with over 90% of the CPU usage. When it locks up, look at Process Explorer and see what it has on the top line.

Wait a full minute then:

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
  • 0

#39
brycrip

brycrip

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 395 posts
Just lost a 20,000 word document. Not pleased!
Bry
  • 0

#40
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,019 posts
  • MVP
If you go into Writer and select Tools, Options, Load/Save, General, then check Save AutoRecovery Information Every and change the 30 minutes to something like 10 or 15 minutes then it should automatically save your working document every 10 or 15 minutes so you won't lose as much if it hangs.
  • 0

Advertisements


#41
brycrip

brycrip

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 395 posts
More lock-ups. Did a system restore but hasn't helped. Un-installed Open Office and now attempting to download it again.
Thanks.
  • 0

#42
brycrip

brycrip

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 395 posts
That didn't work either! I'm done for today! Never liked Open Office but can't find anything better...
  • 0

#43
brycrip

brycrip

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 395 posts
Can I assume that a virus is not the cause of my problems?
  • 0

#44
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,019 posts
  • MVP
Can you run a FRST scan one more time? I want to make sure the Zero Access is not showing any more.
  • 0

#45
brycrip

brycrip

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 395 posts
Here you go, and thank you:


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-11-2013 01
Ran by BC (administrator) on CHINOOK on 25-11-2013 15:19:25
Running from C:\Users\BC\AppData\Desktop
Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Registration\GREGsvc.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Egis Technology Inc.) C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Program Files\Unlocker\UnlockerAssistant.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
() C:\Program Files\WordWeb\wweb32.exe
(FreeDownloadManager.ORG) C:\Program Files\Free Download Manager\fdm.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaUI.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(COMPANYVERS_NAME) C:\Program Files\SafePCRepair_89\bar\1.bin\89barsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10025576 2011-02-11] (Realtek Semiconductor)
HKLM\...\Run: [SuiteTray] - C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
HKLM\...\Run: [EgisTecPMMUpdate] - C:\Program Files\EgisTec IPS\PmmUpdate.exe [408432 2011-03-28] (Egis Technology Inc.)
HKLM\...\Run: [EgisUpdate] - C:\Program Files\EgisTec IPS\EgisUpdate.exe [202608 2011-03-28] (Egis Technology Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1934632 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [Power Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [715368 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [UnlockerAssistant] - C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [AVG_UI] - "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
HKLM\...\Run: [SafePCRepair Search Scope Monitor] - C:\Program Files\SafePCRepair_89\bar\1.bin\89SrchMn.exe [44784 2013-11-25] (MindSpark)
HKCU\...\Run: [WordWeb] - C:\Program Files\WordWeb\wweb32.exe [77064 2012-04-21] ()
HKCU\...\Run: [Free Download Manager] - C:\Program Files\Free Download Manager\fdm.exe [6950400 2013-10-25] (FreeDownloadManager.ORG)
HKCU\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files\Acer\Screensaver\run_Acer.exe [ 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files\Acer\Screensaver\run_Acer.exe [ 2010-07-29] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\BC\AppData\Roaming\Mozilla\Firefox\Profiles\sevjm9wi.default-1384098992043
FF user.js: detected! => C:\Users\BC\AppData\Roaming\Mozilla\Firefox\Profiles\sevjm9wi.default-1384098992043\user.js
FF NewTab: user_pref("browser.newtab.url", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @SafePCRepair_89.com/Plugin - C:\Program Files\SafePCRepair_89\bar\1.bin\NP89Stub.dll (MindSpark)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

Chrome:
=======
CHR HomePage: hxxp://start.search.us.com/v/2/?guid={54B51BB6-D4BF-48D7-8A97-B424C1127420}&serpv=5
CHR RestoreOnStartup: "hxxp://start.search.us.com/v/2/?guid={54B51BB6-D4BF-48D7-8A97-B424C1127420}&serpv=5"]}},"browser":{"clear_lso_data_enabled":true,"last_known_google_url":"https://www.google.c...om/favicon.ico"
CHR Extension: (Google Docs) - C:\Users\BC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\BC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\BC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\BC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (avast! WebRep) - C:\Users\BC\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\BC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0
CHR Extension: (Gmail) - C:\Users\BC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx

========================== Services (Whitelisted) =================

S3 EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [173424 2011-04-02] (Egis Technology Inc. )
R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [739944 2011-05-10] (Acer Incorporated)
R2 GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2011-03-07] (Realsil Microelectronics Inc.)
S3 ioloService; C:\Program Files\SafePCRepair\ioloToolService.exe [2625800 2013-04-05] (iolo technologies, LLC)
R2 Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [255376 2012-04-05] (Acer Incorporated)
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [185632 2009-11-26] (Ralink Technology, Corp.)
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)
R2 SafePCRepair_89Service; C:\Program Files\SafePCRepair_89\bar\1.bin\89barsvc.exe [44752 2013-11-25] (COMPANYVERS_NAME)

==================== Drivers (Whitelisted) ====================

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120632 2013-09-25] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [223032 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-10-16] (AVG Technologies)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [21600 2011-08-09] (Egis Technology Inc.)
R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16936 2011-08-09] (Egis Technology Inc.)
R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [62240 2011-08-09] (Egis Technology Inc.)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [827904 2009-11-26] (Ralink Technology Corp.)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7435264 2011-01-03] (Intel Corporation)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [252520 2011-03-06] (Realtek Semiconductor Corp.)
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
S4 aswSP; No ImagePath
S0 AVGIDSHX; system32\DRIVERS\avgidshx.sys [x]
S1 AVGIDSShim; system32\DRIVERS\avgidsshimx.sys [x]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-25 15:17 - 2013-11-25 15:17 - 00000000 ____D C:\FRST
2013-11-25 15:16 - 2013-11-25 15:17 - 01091605 _____ (Farbar) C:\Users\BC\Downloads\FRST.exe
2013-11-25 14:07 - 2013-11-25 14:11 - 00000000 ____D C:\Users\BC\AppData\Roaming\OfficeRecovery
2013-11-25 14:07 - 2013-11-25 14:07 - 00000000 ____D C:\ProgramData\OfficeRecovery.d7cc0641
2013-11-25 13:36 - 2013-11-25 13:36 - 00000000 ____D C:\Users\BC\AppData\Local\iolo
2013-11-25 13:36 - 2013-11-25 13:36 - 00000000 ____D C:\ProgramData\iolo
2013-11-25 13:36 - 2013-11-25 13:36 - 00000000 ____D C:\Program Files\SafePCRepair
2013-11-25 13:33 - 2013-11-25 13:33 - 00000000 ____D C:\Program Files\SafePCRepair_89
2013-11-25 13:31 - 2013-11-25 13:31 - 00000000 ____D C:\Program Files\SafePCRepair_89EI
2013-11-24 17:42 - 2013-11-25 12:24 - 00000224 _____ C:\Windows\setupact.log
2013-11-24 17:42 - 2013-11-24 17:42 - 00000000 _____ C:\Windows\setuperr.log
2013-11-24 15:25 - 2013-11-24 15:25 - 00001070 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2013-11-24 15:24 - 2013-11-24 15:24 - 00000000 ____D C:\Program Files\OpenOffice 4
2013-11-22 10:24 - 2013-11-22 10:24 - 00000000 ____D C:\Users\BC\AppData\Roaming\AVAST Software
2013-11-22 10:24 - 2013-11-22 10:23 - 00178304 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-22 10:23 - 2013-11-22 10:23 - 00000000 ____D C:\Program Files\AVAST Software
2013-11-21 13:37 - 2013-11-21 13:37 - 00063007 _____ C:\Users\BC\Documents\Untitled 1.odt
2013-11-17 15:27 - 2013-11-17 15:27 - 00000000 ____D C:\2ded7b3cf452d17edf0e7189072a
2013-11-16 12:45 - 2013-11-16 12:45 - 00000000 ____D C:\Users\BC\AppData\Roaming\CrystalIdea Software
2013-11-15 13:06 - 2013-11-15 13:08 - 04066921 _____ (FreeDownloadManager.ORG ) C:\Users\BC\Downloads\fdminst-lite.exe
2013-11-15 13:06 - 2013-11-15 13:06 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-14 15:40 - 2013-10-03 20:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 15:40 - 2013-10-03 20:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 15:40 - 2013-10-03 20:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 15:39 - 2013-09-24 21:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 15:39 - 2013-09-24 21:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 15:39 - 2013-09-24 20:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 15:39 - 2013-09-24 20:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 15:39 - 2013-09-24 20:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 15:39 - 2013-09-24 20:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 15:39 - 2013-09-24 20:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 15:39 - 2013-09-24 19:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 15:39 - 2013-09-24 19:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 15:39 - 2013-07-04 07:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-14 15:38 - 2013-10-02 20:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 15:37 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 15:37 - 2013-10-11 21:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 15:37 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 15:37 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 13:16 - 2013-11-14 13:16 - 00000000 ____D C:\Users\BC\AppData\Roaming\Malwarebytes
2013-11-14 13:16 - 2013-11-14 13:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-13 14:13 - 2013-11-25 14:49 - 00000000 ____D C:\Users\BC\AppData\Roaming\Free Download Manager
2013-11-13 14:13 - 2013-11-15 13:08 - 00000000 ____D C:\Program Files\Free Download Manager
2013-11-13 13:27 - 2013-11-13 13:27 - 00013697 _____ C:\ComboFix.txt
2013-11-13 13:00 - 2013-11-13 13:27 - 00000000 ____D C:\Qoobox
2013-11-13 12:59 - 2013-11-13 13:24 - 00000000 ____D C:\Windows\erdnt
2013-11-10 11:58 - 2013-11-10 11:58 - 00000000 ____D C:\Users\BC\AppData\Roaming\AVG2014
2013-11-10 11:54 - 2013-11-21 15:13 - 00000000 ____D C:\Users\BC\AppData\Local\Avg2014
2013-11-08 13:46 - 2013-11-08 13:46 - 00000988 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-08 13:38 - 2013-11-08 13:43 - 24278649 _____ C:\Users\BC\Downloads\vlc-2.1.0-win32.exe
2013-11-08 13:23 - 2013-11-08 14:18 - 00041698 _____ C:\Users\BC\Downloads\Extras.Txt
2013-11-07 17:54 - 2013-11-07 17:54 - 00000000 ____D C:\Users\BC\AppData\Local\{3B375EDC-7B9F-4182-95FB-B5720A3E1B76}
2013-11-07 15:32 - 2013-11-10 11:12 - 00016431 _____ C:\Users\BC\Downloads\Addition.txt
2013-11-07 15:25 - 2013-11-07 15:25 - 00003621 _____ C:\Users\BC\Desktop\JRT.txt
2013-11-07 15:15 - 2013-11-07 15:15 - 00000000 ____D C:\Windows\ERUNT
2013-11-07 13:24 - 2013-11-07 13:24 - 02143832 _____ C:\Users\BC\Downloads\instsf449(1).exe
2013-11-07 13:23 - 2013-11-07 13:23 - 02143832 _____ C:\Users\BC\Downloads\instsf449.exe
2013-11-07 13:20 - 2013-11-07 13:20 - 00000000 ____D C:\Users\BC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2013-11-07 12:55 - 2013-11-07 13:24 - 00000929 _____ C:\Users\BC\Desktop\SpeedFan.lnk
2013-11-07 12:55 - 2013-11-07 13:24 - 00000045 _____ C:\Windows\system32\initdebug.nfo
2013-11-05 12:15 - 2013-11-05 12:15 - 00661184 _____ (Sysinternals - www.sysinternals.com) C:\Users\BC\Downloads\autoruns.exe
2013-10-30 15:05 - 2013-10-30 15:06 - 07752897 _____ (FreeDownloadManager.ORG ) C:\Users\BC\Downloads\fdminst.exe
2013-10-30 14:56 - 2013-10-30 15:01 - 00000000 ____D C:\Program Files\FlashGet
2013-10-30 14:56 - 2013-10-30 14:56 - 00000000 ____D C:\Users\BC\AppData\Roaming\FlashGet
2013-10-30 14:54 - 2013-10-30 14:55 - 04653240 _____ C:\Users\BC\Downloads\flashget196en.exe
2013-10-30 14:36 - 2013-11-25 14:46 - 01210172 _____ C:\Windows\WindowsUpdate.log
2013-10-30 14:34 - 2013-10-30 14:34 - 00000000 ____D C:\Users\BC\AppData\Roaming\GetGo Software
2013-10-30 14:31 - 2013-10-30 14:48 - 00000000 ____D C:\Program Files\GetGo Software
2013-10-30 14:27 - 2013-11-15 17:42 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-30 14:27 - 2013-11-14 15:35 - 00001069 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-30 13:56 - 2013-10-31 09:30 - 00003734 _____ C:\Program Files\Mozilla Firefoxavg-secure-search.xml

==================== One Month Modified Files and Folders =======

2013-11-25 15:17 - 2013-11-25 15:17 - 00000000 ____D C:\FRST
2013-11-25 15:17 - 2013-11-25 15:16 - 01091605 _____ (Farbar) C:\Users\BC\Downloads\FRST.exe
2013-11-25 14:49 - 2013-11-13 14:13 - 00000000 ____D C:\Users\BC\AppData\Roaming\Free Download Manager
2013-11-25 14:46 - 2013-10-30 14:36 - 01210172 _____ C:\Windows\WindowsUpdate.log
2013-11-25 14:31 - 2012-06-12 14:28 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-25 14:11 - 2013-11-25 14:07 - 00000000 ____D C:\Users\BC\AppData\Roaming\OfficeRecovery
2013-11-25 14:07 - 2013-11-25 14:07 - 00000000 ____D C:\ProgramData\OfficeRecovery.d7cc0641
2013-11-25 13:36 - 2013-11-25 13:36 - 00000000 ____D C:\Users\BC\AppData\Local\iolo
2013-11-25 13:36 - 2013-11-25 13:36 - 00000000 ____D C:\ProgramData\iolo
2013-11-25 13:36 - 2013-11-25 13:36 - 00000000 ____D C:\Program Files\SafePCRepair
2013-11-25 13:33 - 2013-11-25 13:33 - 00000000 ____D C:\Program Files\SafePCRepair_89
2013-11-25 13:31 - 2013-11-25 13:31 - 00000000 ____D C:\Program Files\SafePCRepair_89EI
2013-11-25 12:32 - 2009-07-13 23:34 - 00016160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-25 12:32 - 2009-07-13 23:34 - 00016160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-25 12:24 - 2013-11-24 17:42 - 00000224 _____ C:\Windows\setupact.log
2013-11-25 12:24 - 2009-07-13 23:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-24 20:02 - 2011-12-09 17:28 - 00000000 ____D C:\Users\BC\AppData\Roaming\vlc
2013-11-24 17:42 - 2013-11-24 17:42 - 00000000 _____ C:\Windows\setuperr.log
2013-11-24 15:28 - 2011-12-09 16:04 - 00064768 _____ C:\Users\BC\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-24 15:28 - 2009-07-13 23:33 - 00289520 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-24 15:25 - 2013-11-24 15:25 - 00001070 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2013-11-24 15:24 - 2013-11-24 15:24 - 00000000 ____D C:\Program Files\OpenOffice 4
2013-11-24 14:43 - 2011-12-09 16:03 - 00000000 ____D C:\Users\BC
2013-11-24 14:43 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\system32\wfp
2013-11-24 14:42 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\registration
2013-11-24 13:37 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\system32\LogFiles
2013-11-22 10:24 - 2013-11-22 10:24 - 00000000 ____D C:\Users\BC\AppData\Roaming\AVAST Software
2013-11-22 10:23 - 2013-11-22 10:24 - 00178304 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-22 10:23 - 2013-11-22 10:23 - 00000000 ____D C:\Program Files\AVAST Software
2013-11-22 10:22 - 2013-03-16 13:05 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-22 09:58 - 2011-12-09 16:17 - 00000000 ____D C:\ProgramData\MFAData
2013-11-22 09:52 - 2013-03-17 10:38 - 00000000 ____D C:\Users\BC\AppData\Roaming\Skype
2013-11-21 15:13 - 2013-11-10 11:54 - 00000000 ____D C:\Users\BC\AppData\Local\Avg2014
2013-11-21 14:04 - 2011-12-09 16:03 - 00000000 ____D C:\Users\BC\AppData\Local\VirtualStore
2013-11-21 13:37 - 2013-11-21 13:37 - 00063007 _____ C:\Users\BC\Documents\Untitled 1.odt
2013-11-21 09:26 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\system32\NDF
2013-11-20 12:02 - 2010-11-20 16:01 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-17 15:27 - 2013-11-17 15:27 - 00000000 ____D C:\2ded7b3cf452d17edf0e7189072a
2013-11-17 11:55 - 2011-12-13 20:25 - 00000000 ____D C:\VirusTrap1
2013-11-16 12:45 - 2013-11-16 12:45 - 00000000 ____D C:\Users\BC\AppData\Roaming\CrystalIdea Software
2013-11-16 12:39 - 2012-03-28 16:51 - 00000000 ____D C:\Program Files\WordWeb
2013-11-15 17:42 - 2013-10-30 14:27 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-15 13:08 - 2013-11-15 13:06 - 04066921 _____ (FreeDownloadManager.ORG ) C:\Users\BC\Downloads\fdminst-lite.exe
2013-11-15 13:08 - 2013-11-13 14:13 - 00000000 ____D C:\Program Files\Free Download Manager
2013-11-15 13:06 - 2013-11-15 13:06 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-15 12:50 - 2009-07-13 23:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-15 12:45 - 2013-07-20 07:13 - 00000000 ____D C:\Windows\system32\MRT
2013-11-15 12:38 - 2011-12-16 19:04 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-14 15:35 - 2013-10-30 14:27 - 00001069 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-14 15:21 - 2009-07-13 21:37 - 00000000 ___RD C:\Users\Public
2013-11-14 13:16 - 2013-11-14 13:16 - 00000000 ____D C:\Users\BC\AppData\Roaming\Malwarebytes
2013-11-14 13:16 - 2013-11-14 13:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-13 13:27 - 2013-11-13 13:27 - 00013697 _____ C:\ComboFix.txt
2013-11-13 13:27 - 2013-11-13 13:00 - 00000000 ____D C:\Qoobox
2013-11-13 13:24 - 2013-11-13 12:59 - 00000000 ____D C:\Windows\erdnt
2013-11-10 11:58 - 2013-11-10 11:58 - 00000000 ____D C:\Users\BC\AppData\Roaming\AVG2014
2013-11-10 11:56 - 2013-10-16 13:21 - 00000000 ____D C:\ProgramData\AVG2014
2013-11-10 11:12 - 2013-11-07 15:32 - 00016431 _____ C:\Users\BC\Downloads\Addition.txt
2013-11-08 14:18 - 2013-11-08 13:23 - 00041698 _____ C:\Users\BC\Downloads\Extras.Txt
2013-11-08 13:46 - 2013-11-08 13:46 - 00000988 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-11-08 13:44 - 2011-12-09 17:25 - 00000000 ____D C:\Program Files\VideoLAN
2013-11-08 13:43 - 2013-11-08 13:38 - 24278649 _____ C:\Users\BC\Downloads\vlc-2.1.0-win32.exe
2013-11-07 17:54 - 2013-11-07 17:54 - 00000000 ____D C:\Users\BC\AppData\Local\{3B375EDC-7B9F-4182-95FB-B5720A3E1B76}
2013-11-07 15:25 - 2013-11-07 15:25 - 00003621 _____ C:\Users\BC\Desktop\JRT.txt
2013-11-07 15:15 - 2013-11-07 15:15 - 00000000 ____D C:\Windows\ERUNT
2013-11-07 13:24 - 2013-11-07 13:24 - 02143832 _____ C:\Users\BC\Downloads\instsf449(1).exe
2013-11-07 13:24 - 2013-11-07 12:55 - 00000929 _____ C:\Users\BC\Desktop\SpeedFan.lnk
2013-11-07 13:24 - 2013-11-07 12:55 - 00000045 _____ C:\Windows\system32\initdebug.nfo
2013-11-07 13:23 - 2013-11-07 13:23 - 02143832 _____ C:\Users\BC\Downloads\instsf449.exe
2013-11-07 13:20 - 2013-11-07 13:20 - 00000000 ____D C:\Users\BC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2013-11-05 12:15 - 2013-11-05 12:15 - 00661184 _____ (Sysinternals - www.sysinternals.com) C:\Users\BC\Downloads\autoruns.exe
2013-10-31 09:30 - 2013-10-30 13:56 - 00003734 _____ C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2013-10-30 15:06 - 2013-10-30 15:05 - 07752897 _____ (FreeDownloadManager.ORG ) C:\Users\BC\Downloads\fdminst.exe
2013-10-30 15:01 - 2013-10-30 14:56 - 00000000 ____D C:\Program Files\FlashGet
2013-10-30 14:56 - 2013-10-30 14:56 - 00000000 ____D C:\Users\BC\AppData\Roaming\FlashGet
2013-10-30 14:55 - 2013-10-30 14:54 - 04653240 _____ C:\Users\BC\Downloads\flashget196en.exe
2013-10-30 14:48 - 2013-10-30 14:31 - 00000000 ____D C:\Program Files\GetGo Software
2013-10-30 14:34 - 2013-10-30 14:34 - 00000000 ____D C:\Users\BC\AppData\Roaming\GetGo Software

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-20 16:18

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-11-2013 01
Ran by BC at 2013-11-25 15:20:40
Running from C:\Users\BC\AppData\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acer Crystal Eye Webcam (Version: 1.0.1904)
Acer ePower Management (Version: 6.00.3007)
Acer eRecovery Management (Version: 5.00.3502)
Acer Registration (Version: 1.04.3502)
Acer ScreenSaver (Version: 1.1.0617.2011)
Acer Updater (Version: 1.02.3500)
Acer VCM (Version: 4.05.3501)
Adobe AIR (Version: 3.7.0.1860)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader XI (11.0.05) (Version: 11.0.05)
CCleaner (Version: 4.00)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
D3DX10 (Version: 15.4.2368.0902)
Free Download Manager 3.9.3
Galerie de photos Windows Live (Version: 15.4.3502.0922)
iCall (Version: 7.1.524)
Identity Card (Version: 1.00.3501)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.14.10.2230)
Intel® Rapid Storage Technology (Version: 10.1.0.1008)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 5.1.4)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 25.0.1 (x86 en-US) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
MSVCRT (Version: 15.4.2862.0708)
MyWinLocker 4 (Version: 4.0.14.25)
MyWinLocker Suite (Version: 4.0.14.15)
OpenOffice 4.0.1 (Version: 4.01.9714)
Ralink RT2870 Wireless LAN Card (Version: 1.5.6.0)
Realtek Ethernet Controller Driver (Version: 7.37.1229.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6307)
Realtek PCIE Card Reader (Version: 6.1.7600.78)
SelectionLinks (Version: 1.0)
Shredder (Version: 2.0.8.9)
Skype™ 6.6 (Version: 6.6.106)
SpeedFan (remove only)
Synaptics Pointing Device Driver (Version: 15.1.18.0)
Unlocker 1.9.1 (Version: 1.9.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
VLC media player 2.1.0 (Version: 2.1.0)
Welcome Center (Version: 1.02.3503)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WordWeb (Version: 6)

==================== Restore Points =========================

30-10-2013 18:54:12 Installed AVG 2014
07-11-2013 20:58:09 OTL Restore Point - 11/7/2013 3:58:05 PM
08-11-2013 17:58:08 OTL Restore Point - 11/8/2013 12:58:03 PM
10-11-2013 16:05:13 Removed AVG 2014
10-11-2013 16:09:06 Removed AVG 2014
10-11-2013 16:50:54 Installed AVG 2014
10-11-2013 16:54:19 Installed AVG 2014
12-11-2013 17:40:38 Windows Update
13-11-2013 18:32:39 Windows Update
13-11-2013 20:05:14 Windows Update
14-11-2013 20:18:05 Restore Operation
15-11-2013 17:37:34 Windows Update
17-11-2013 20:27:19 Windows Update
19-11-2013 15:18:55 Windows Update
19-11-2013 16:09:33 Windows Update
21-11-2013 15:16:29 Installed AVG 2014
22-11-2013 15:22:56 avast! antivirus system restore point
24-11-2013 19:38:27 Restore Operation
24-11-2013 19:47:17 Removed OpenOffice 4.0.1
24-11-2013 20:23:18 Installed OpenOffice 4.0.1
25-11-2013 19:06:11 Installed Recovery for Writer 1.7.20461.2 Demo License
25-11-2013 19:20:22 Removed Recovery for Writer 1.7.20461.2 Demo License

==================== Hosts content: ==========================

2009-07-13 21:04 - 2013-03-25 12:17 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {00B7BDB0-B402-40C1-A4CB-D569BBDC1A4E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)
Task: {3C61BF98-B1A3-445D-813B-4B8B80A5F2E7} - System32\Tasks\{2F8EB3EA-875C-4E36-8380-B9F8CF6B71B2} => C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {3FD60D5F-A872-4150-835E-A0B1D7A891A6} - System32\Tasks\{423C745D-CEB9-4720-834B-5910ADC6F8D5} => C:\Program Files\tinySpell\tinyspell.exe
Task: {4A0CE86E-3B42-4A6A-8F59-93EF2A9C3340} - System32\Tasks\{47C8FCC1-4B89-44C5-A945-3D30301AE89B} => Firefox.exe
Task: {56D88B04-85C7-4410-BAEB-912E432705C3} - System32\Tasks\Adobe ARM => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-05-11] (Adobe Systems Incorporated)
Task: {7BAA9F29-A535-41A3-ADCB-FD77A7459241} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1434271250-535229840-3131482536-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {82A70256-A65B-45B0-A289-2F52D670FF40} - System32\Tasks\{6977321E-CE53-4746-8B61-77A4D12D0423} => Firefox.exe
Task: {8E432221-B688-49C4-8CCA-6611CFA9F602} - System32\Tasks\{16C26C30-E35C-44AE-AFED-771B87A2A222} => C:\Program Files\OpenOffice.org
Task: {92FB80DF-3D46-471B-A2A6-DC3D2FB09EF5} - System32\Tasks\{764A393D-633B-439A-9593-6364EADF016A} => C:\Program Files\Moyea\FLV Editor Lite\FlvEditorLite.exe
Task: {9B8F7347-CAB4-4C1B-82A3-2B0CF9EE341F} - System32\Tasks\{C978A38F-7358-4587-9AE2-A8C10C5E6928} => C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
Task: {A369E454-F732-460B-BE75-6CEBF9561A1D} - System32\Tasks\{7A078B64-317B-47E5-AEED-6DA886061D18} => Firefox.exe
Task: {B0E4A562-7DF8-4567-92AD-2FAE0D3847C9} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1434271250-535229840-3131482536-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {B2C2BB7E-05B6-47C1-AA76-7D8BBA82DA03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {D5E81E6D-48AE-44AC-9B70-500CE81575B1} - System32\Tasks\{A82B7F6C-83D4-4711-AAFD-454886EA6197} => C:\Program Files\iCall\iCall.exe [2012-06-18] ()
Task: {F20CEC57-E01D-465D-92D5-565DC7849943} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {F417EE00-20DF-4F86-8D2B-967557058F93} - System32\Tasks\{3E9059AE-66C4-4070-B46D-2D805B2D2D4D} => C:\Program Files\tinySpell\tinyspell.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-07-04 16:32 - 2010-07-04 16:32 - 00004608 _____ () C:\Program Files\Unlocker\UnlockerHook.dll
2010-07-04 16:32 - 2010-07-04 16:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2012-03-28 16:51 - 2012-07-15 11:27 - 02216480 ____N () C:\Windows\wweb32.dll
2012-03-28 16:51 - 2012-07-15 11:25 - 00022800 ____N () C:\Program Files\WordWeb\WUCNT.dll
2012-03-28 16:51 - 2012-07-15 11:25 - 00581480 ____N () C:\Program Files\WordWeb\wwextdb.dll
2011-12-21 17:40 - 2009-11-26 17:02 - 00918816 _____ () C:\Program Files\Ralink\Common\RaWLAPI.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: AVGIDSShim
Description: AVGIDSShim
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AVGIDSShim
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/25/2013 00:24:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/24/2013 07:00:10 PM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location D:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (11/24/2013 06:14:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/24/2013 05:42:53 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/24/2013 05:42:53 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/24/2013 05:42:53 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/24/2013 05:42:53 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (11/24/2013 05:42:53 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/24/2013 05:42:53 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (11/24/2013 05:42:53 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (11/25/2013 00:24:58 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AVGIDSHX
AVGIDSShim

Error: (11/24/2013 06:14:18 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AVGIDSHX
AVGIDSShim

Error: (11/24/2013 06:14:13 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:12:25 PM on ‎11/‎24/‎2013 was unexpected.

Error: (11/24/2013 05:42:53 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (11/24/2013 05:42:53 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (11/24/2013 05:42:16 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AVGIDSHX
AVGIDSShim

Error: (11/24/2013 03:28:17 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AVGIDSHX
AVGIDSShim

Error: (11/24/2013 03:04:47 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AVGIDSHX
AVGIDSShim

Error: (11/24/2013 02:55:17 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AVGIDSHX
AVGIDSShim

Error: (11/24/2013 02:55:11 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 2:53:18 PM on ‎11/‎24/‎2013 was unexpected.


Microsoft Office Sessions:
=========================
Error: (11/25/2013 00:24:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/24/2013 07:00:10 PM) (Source: Windows Backup)(User: )
Description: D:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)

Error: (11/24/2013 06:14:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/24/2013 05:42:53 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/24/2013 05:42:53 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/24/2013 05:42:53 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/24/2013 05:42:53 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (11/24/2013 05:42:53 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (11/24/2013 05:42:53 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (11/24/2013 05:42:53 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt


==================== Memory info ===========================

Percentage of memory in use: 52%
Total physical RAM: 1011.87 MB
Available physical RAM: 481.22 MB
Total Pagefile: 2035.87 MB
Available Pagefile: 1252.52 MB
Total Virtual: 2047.88 MB
Available Virtual: 1928.64 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:219.79 GB) (Free:172.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: E2768EF3)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=220 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP