Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Excessive CPU usage and Memory consumption with no Apps running


  • Please log in to reply

#1
jerrypowell

jerrypowell

    New Member

  • Member
  • Pip
  • 8 posts

My outdated HP Mini 110 processor runs at 80 - 100% with no applications opened after rebooting.  Memory consumed is between 75 - 90%.  This is a relatively new condition.  It has a 1.6 GHZ processor, 2 GB RAM and is a 32 bit system.  Please take a look at the logs and let me know if something is wrong and if something can be done to free up the resources.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by boss (administrator) on 328995-PC on 23-03-2015 08:21:10
Running from C:\Users\boss\Desktop
Loaded Profiles: boss (Available profiles: boss & Guest)
Platform: Microsoft Windows 7 Starter  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\AEstSrv.exe
(DeviceVM, Inc.) C:\SPLASH.SYS\config\DVMExportService.exe
() C:\Program Files\Microsoft Digital Experience\Microsoft.MDX.AnalyticsService.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\HP\HPBTWD.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Sun Microsystems, Inc.) C:\Program Files\Hewlett-Packard\HP QuickSync\jre\bin\javaw.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1721640 2010-05-27] (Synaptics Incorporated)
HKLM\...\Run: [HP BTW Detect Program] => C:\Program Files\HP\HPBTWD.exe [319488 2009-03-30] ()
HKLM\...\Run: [HP] => C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe [589104 2009-07-14] (Hewlett-Packard)
HKLM\...\Run: [UpdatePRCShortCut] => C:\Program Files\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [467036 2009-08-13] (IDT, Inc.)
HKLM\...\Run: [avast5] => "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-11-11] (Hewlett-Packard)
HKU\S-1-5-21-3218434359-2853041003-3013354023-1005\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe [960688 2015-02-06] (Adobe Systems Incorporated)
HKU\S-1-5-21-3218434359-2853041003-3013354023-1005\...\Policies\system: [WallpaperStyle] 2
HKU\S-1-5-21-3218434359-2853041003-3013354023-1005\...\MountPoints2: E - E:\LaunchU3.exe -a
HKU\S-1-5-21-3218434359-2853041003-3013354023-1005\...\MountPoints2: {de0f278a-34a4-11e2-92da-002655c8dc8a} - E:\LaunchU3.exe -a
HKU\S-1-5-18\...\Policies\system: [WallpaperStyle] 2

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3218434359-2853041003-3013354023-1005\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-3218434359-2853041003-3013354023-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
SearchScopes: HKLM -> DefaultScope {89022F4C-44A1-4FDE-A12D-C4835266CC16} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {89022F4C-44A1-4FDE-A12D-C4835266CC16} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {8B31050B-FBEC-48A3-A4A2-383DD49998BB} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKU\S-1-5-21-3218434359-2853041003-3013354023-1005 -> {8B31050B-FBEC-48A3-A4A2-383DD49998BB} URL =
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: hpBHO Class -> {ABD3B5E1-B268-407B-A150-2641DAB8D898} -> C:\Program Files\Common Files\Homepage Protection\HomepageProtection.dll [2009-06-08] (AOL Products)
BHO: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files\MSN\Toolbar\3.0.0560.0\msneshellx.dll [2009-04-07] (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0560.0\msneshellx.dll [2009-04-07] (Microsoft Corp.)
Toolbar: HKU\S-1-5-21-3218434359-2853041003-3013354023-1005 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\boss\AppData\Roaming\Mozilla\Firefox\Profiles\pcnrfih5.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: hxxp://www.foxnews.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2009-03-19] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-07-22] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-07-22] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: eBay Quick Search - C:\Users\boss\AppData\Roaming\Mozilla\Firefox\Profiles\pcnrfih5.default\Extensions\[email protected]a [2011-08-15]
FF Extension: eBay Sidebar for Firefox - C:\Users\boss\AppData\Roaming\Mozilla\Firefox\Profiles\pcnrfih5.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2011-09-20]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-03-09]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 DvmMDES; C:\SPLASH.SYS\config\DVMExportService.exe [323584 2009-07-08] (DeviceVM, Inc.) [File not signed]
S3 GameConsoleService; C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe [238328 2010-01-04] (WildTangent, Inc.)
R2 HP Support Assistant Service; C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 MDXAnalyticsService; C:\Program Files\Microsoft Digital Experience\Microsoft.MDX.AnalyticsService.exe [26112 2009-09-15] () [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\STacSV.exe [221266 2009-08-13] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 DVMIO; C:\SPLASH.SYS\config\dvmio.sys [16984 2009-07-27] (DeviceVM, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-23 08:21 - 2015-03-23 08:23 - 00012599 _____ () C:\Users\boss\Desktop\FRST.txt
2015-03-23 08:20 - 2015-03-23 08:21 - 00000000 ____D () C:\FRST
2015-03-23 08:19 - 2015-03-23 08:19 - 01135104 _____ (Farbar) C:\Users\boss\Desktop\FRST.exe
2015-03-20 08:26 - 2015-03-20 08:26 - 00000000 ____D () C:\Users\Public\CyberLink
2015-03-20 08:26 - 2015-03-20 08:26 - 00000000 ____D () C:\Users\boss\AppData\Roaming\CyberLink
2015-03-09 09:53 - 2015-03-09 09:54 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-01 10:06 - 2015-03-01 10:06 - 00000000 ____D () C:\Users\boss\AppData\Local\{FE248473-58FB-452B-A858-FF31000D60DC}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-23 08:22 - 2012-07-23 10:13 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-23 08:22 - 2009-09-23 06:17 - 01214397 _____ () C:\Windows\WindowsUpdate.log
2015-03-23 08:21 - 2009-07-13 23:34 - 00016480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-23 08:21 - 2009-07-13 23:34 - 00016480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-23 07:55 - 2009-09-23 07:02 - 00000177 ____H () C:\dvmexp.idx
2015-03-23 07:52 - 2011-03-11 19:31 - 00000000 ___RD () C:\Program Files\Skype
2015-03-22 08:36 - 2013-05-29 19:37 - 00000316 _____ () C:\Windows\Tasks\HPCeeScheduleForboss.job
2015-03-22 08:34 - 2013-09-14 07:49 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-22 08:28 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-22 08:28 - 2009-07-13 23:39 - 00048570 _____ () C:\Windows\setupact.log
2015-03-20 08:30 - 2009-08-28 14:34 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-03-20 08:26 - 2009-08-28 16:48 - 00000000 ____D () C:\ProgramData\CyberLink
2015-03-20 08:26 - 2009-07-13 21:37 - 00000000 ___RD () C:\Users\Public
2015-03-20 08:21 - 2012-07-22 18:50 - 00000000 ____D () C:\Program Files\Real
2015-03-20 08:20 - 2012-07-22 18:50 - 00000000 ____D () C:\Users\boss\AppData\Roaming\Real
2015-03-20 08:20 - 2012-07-22 18:47 - 00000000 ____D () C:\ProgramData\Real
2015-03-17 08:11 - 2009-07-24 11:11 - 00799546 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-13 08:39 - 2014-03-03 08:24 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-11 08:37 - 2012-12-21 18:59 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-03 08:16 - 2010-01-05 23:38 - 00246920 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2011-05-28 18:13 - 2011-07-14 09:39 - 0001849 _____ () C:\Users\boss\AppData\Roaming\GhostObjGAFix.xml
2011-06-30 18:10 - 2011-06-30 18:22 - 0000554 _____ () C:\Users\boss\AppData\Roaming\wklnhst.dat
2014-03-07 09:04 - 2014-12-16 09:05 - 0007604 _____ () C:\Users\boss\AppData\Local\Resmon.ResmonCfg
2011-03-11 19:33 - 2011-03-11 19:33 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-10-22 18:56 - 2011-07-12 09:13 - 0000186 _____ () C:\ProgramData\HPWALog.txt
2009-09-23 06:47 - 2009-09-23 06:47 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-08-28 16:53 - 2009-08-28 16:54 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-09-23 06:46 - 2009-09-23 06:46 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-08-28 16:48 - 2009-08-28 16:52 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log

Some content of TEMP:
====================
C:\Users\boss\AppData\Local\Temp\APNSetup.exe
C:\Users\boss\AppData\Local\Temp\AskSLib.dll
C:\Users\boss\AppData\Local\Temp\eqo3mgkh.dll
C:\Users\boss\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\boss\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\boss\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\boss\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\boss\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\boss\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\boss\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\boss\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\boss\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\boss\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\boss\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\boss\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\boss\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\boss\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\boss\AppData\Local\Temp\lowproc.exe
C:\Users\boss\AppData\Local\Temp\Resource.exe
C:\Users\boss\AppData\Local\Temp\rnsetup0.exe
C:\Users\boss\AppData\Local\Temp\rnupdate0.exe
C:\Users\boss\AppData\Local\Temp\sp52110.exe.exe
C:\Users\boss\AppData\Local\Temp\sp54373.exe
C:\Users\boss\AppData\Local\Temp\sp58915.exe
C:\Users\boss\AppData\Local\Temp\sp64126.exe
C:\Users\boss\AppData\Local\Temp\stubhelper.dll
C:\Users\boss\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\boss\AppData\Local\Temp\UninstallHPTCA.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-09 10:29

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by boss at 2015-03-23 08:24:23
Running from C:\Users\boss\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
ArcSoft WebCam Companion 3 (HKLM\...\{34985F59-8F6F-46F4-9AD5-53E2714294D2}) (Version: 3.0.355 - ArcSoft)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.5 - Atheros Communications Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Homepage Protection (HKLM\...\Homepage Protection) (Version:  - AOL Products)
HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Instant Web (HKLM\...\{53F08287-443D-4FC0-B74D-1169B6B9A71C}) (Version: 1.0.5.0 - DeviceVM, Inc.)
HP QuickSync (HKLM\...\{EEA95E6C-6847-49BE-83C9-ED92D8E18983}) (Version: 5.1.234.4788 - Hewlett-Packard)
HP Setup (HKLM\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Support Assistant (HKLM\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0166 (HKLM\...\{11B7161D-3461-40CD-B31F-84065AC84A4E}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6217.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1912 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Digital Experience (HKLM\...\{B07B2D42-0080-4AA5-9551-9B8F8CF71F5D}) (Version: 1.00.0000 - Microsoft)
Microsoft Live Search Toolbar (HKLM\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.560.0 - Microsoft Live Search Toolbar)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version:  - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PowerRecover (Version: 5.5.1923 - CyberLink Corp.) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.5 - RealNetworks)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30094 - Realtek Semiconductor Corp.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.17.4 - Synaptics Incorporated)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

02-03-2015 08:59:07 Windows Update
05-03-2015 09:30:26 Windows Update
09-03-2015 09:47:52 Windows Update
13-03-2015 08:24:00 Windows Update
17-03-2015 08:29:27 Windows Update
17-03-2015 08:29:32 Removed Java 8 Update 40
17-03-2015 08:37:18 Removed Java 8 Update 40
19-03-2015 08:24:50 Windows Update
20-03-2015 08:23:54 Configured Power2Go
20-03-2015 08:30:45 Configured PowerStarter
23-03-2015 07:50:01 Removed Skype Toolbars
23-03-2015 08:00:00 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:04 - 2009-06-10 16:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {4DC961F2-FA73-400E-A12A-599818E96359} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {55F14379-B473-4FE8-8925-347740E380AF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {5B239ABB-B830-42D2-8B99-CC5FD8022CC7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-14] (Google Inc.)
Task: {68B81C1D-5A9C-4F8C-8EF9-D29719F8125A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
Task: {74E8977B-11EE-46DD-A71C-A2054BC71461} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3218434359-2853041003-3013354023-1005 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {76FDE852-C1B0-4AEC-B87D-0EEF136E362B} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3218434359-2853041003-3013354023-1005 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {785FF5CB-FFFC-429E-9601-664035A73F48} - System32\Tasks\HPCeeScheduleForboss => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {9089F9BC-DED0-4D56-9EF3-29CAE7712128} - System32\Tasks\ReclaimerUpdateFiles_boss => C:\Users\boss\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-20] (RealNetworks, Inc.)
Task: {A6F1CD7E-3487-4C09-8BA5-89F0064B03FF} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3218434359-2853041003-3013354023-1005 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {B47B1346-AF81-4A1A-980E-F75F0D53DEE3} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3218434359-2853041003-3013354023-1005 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {B8F25668-494B-4392-9FD2-7E31B79EABD0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-14] (Google Inc.)
Task: {C0703AD7-DC07-4786-9AE9-6D421205B41F} - System32\Tasks\{1751178E-FCC1-4AB5-8967-766D05B30B7B} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {C506C211-EEE1-4335-A6E5-74F219177FAE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {C528B588-11A8-4D08-9144-4A74B918763E} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3218434359-2853041003-3013354023-1005 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe
Task: {F41E047E-B48D-4E35-865D-673726961641} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3218434359-2853041003-3013354023-1005 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForboss.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) ==============

2009-09-15 18:11 - 2009-09-15 18:11 - 00026112 _____ () C:\Program Files\Microsoft Digital Experience\Microsoft.MDX.AnalyticsService.exe
2009-09-15 18:11 - 2009-09-15 18:11 - 00550912 _____ () C:\Program Files\Microsoft Digital Experience\Microsoft.MDX.Core.dll
2009-08-28 15:04 - 2009-03-30 18:02 - 00319488 _____ () C:\Program Files\HP\HPBTWD.exe
2009-07-01 17:44 - 2009-07-01 17:44 - 00632888 _____ () C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3218434359-2853041003-3013354023-1005\Control Panel\Desktop\\Wallpaper -> %windir%\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-3218434359-2853041003-3013354023-500 - Administrator - Disabled)
boss (S-1-5-21-3218434359-2853041003-3013354023-1005 - Administrator - Enabled) => C:\Users\boss
Guest (S-1-5-21-3218434359-2853041003-3013354023-501 - Limited - Enabled) => C:\Users\Guest

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/20/2015 08:23:52 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {df6e2b2e-0f0c-40f4-a560-40febdf13a73}

Error: (03/20/2015 08:21:36 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: 328995-PC)
Description: Application or service 'RealNetworks Downloader Resolver Service' could not be restarted.

Error: (03/20/2015 08:21:22 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: 328995-PC)
Description: Application or service 'RealPlayer Update Service' could not be restarted.

Error: (03/12/2015 08:15:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TBNotifier.exe, version: 31.16.2.0, time stamp: 0x54de540f
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0xef0
Faulting application start time: 0xTBNotifier.exe0
Faulting application path: TBNotifier.exe1
Faulting module path: TBNotifier.exe2
Report Id: TBNotifier.exe3

Error: (03/11/2015 09:12:34 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (03/11/2015 09:12:34 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (03/11/2015 09:11:56 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (03/11/2015 09:09:28 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (03/11/2015 09:09:16 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/09/2015 10:49:37 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.


System errors:
=============
Error: (03/22/2015 08:28:30 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (03/22/2015 02:56:14 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (03/22/2015 02:56:09 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (03/21/2015 08:17:55 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (03/20/2015 08:34:54 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (03/20/2015 08:20:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The RealPlayer Cloud Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/20/2015 07:57:31 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (03/19/2015 08:28:31 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (03/19/2015 08:19:15 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (03/19/2015 08:16:42 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


Microsoft Office Sessions:
=========================
Error: (03/20/2015 08:23:52 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {df6e2b2e-0f0c-40f4-a560-40febdf13a73}

Error: (03/20/2015 08:21:36 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: 328995-PC)
Description: 0rndlresolversvc.exeRealNetworks Downloader Resolver Service03026217820280

Error: (03/20/2015 08:21:22 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: 328995-PC)
Description: 0RealPlayerUpdateSvc.exeRealPlayer Update Service0302621784200

Error: (03/12/2015 08:15:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: TBNotifier.exe31.16.2.054de540funknown0.0.0.000000000c000000500000000ef001d05c00aa058316C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exeunknownc8fad69a-c8b9-11e4-8219-002655c8dc8a

Error: (03/11/2015 09:12:34 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dllC:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll2

Error: (03/11/2015 09:12:34 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dllC:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll2

Error: (03/11/2015 09:11:56 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (03/11/2015 09:09:28 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dllc:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll2

Error: (03/11/2015 09:09:16 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{6FCD4D5A-20B9-4D79-ABA5-4E7048944025}\recordingmanager.exe

Error: (03/09/2015 10:49:37 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dllC:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll2


==================== Memory info ===========================

Processor: Intel® Atom™ CPU N270 @ 1.60GHz
Percentage of memory in use: 46%
Total physical RAM: 2039.3 MB
Available physical RAM: 1092.94 MB
Total Pagefile: 4078.61 MB
Available Pagefile: 2946.87 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:137.47 GB) (Free:97.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:11.38 GB) (Free:1.91 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: CD68444D)
Partition 1: (Not Active) - (Size=137.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=11.4 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=201 MB) - (Type=07 NTFS)

==================== End Of Log ============================

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP

I'm going on a trip tomorrow so may not get back to you until tomorrow night but your post has been sitting for several days and I guess no one else wants to take it.  There is no obvious sign of malware tho the real player program is causing a lot of problems so I would try to uninstall it.  Then 

 

Get Process Explorer
 
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
 
 
 
 
Get the free version of Speccy:
 
http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  
 
Close all browsers and open progrms before running Speccy.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.)  Save the file and close notepad  Attach the file to your next post as it is usually too large for the forum (Click on More Reply Options then Choose file, select the file, Open, Attach this File) Uninstall Speccy.
 
 
 
Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
 
Reboot. 
 
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
sfc  /scannow
 
(This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:
 
Copy the next two lines:
 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
notepad \windows\logs\cbs\junk.txt 
 
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.
 
Ron

 


  • 0

#3
jerrypowell

jerrypowell

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Thanks for your attention to this topic.  I restored the mini to original condition and all seems just fine now.  Will keep your suggestions and go through them if the problems returns.  I guess for now we can call this issue resolved.  Thanks again.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP