# Solved: Windows 7 slow but low CPU and RAM usage



## jonny109 (Apr 1, 2010)

Hi all,

Over the past 24 hrs my desktop computer has been running really slow with little CPU and RAM usage. I have been reading around on multiple forums and it could be a list of things and hopefully someone on here would be able to help me find the cause.

*Firstly here is my TSG SysInfo:*
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 8154 Mb
Graphics Card: AMD Radeon HD 6800 Series, 1024 Mb
Hard Drives: C: Total - 476837 MB, Free - 292183 MB; S: Total - 5504 MB, Free - 2235 MB;
Motherboard: Gigabyte Technology Co., Ltd., Z77-D3H
Antivirus: AVG AntiVirus Free Edition 2013, Updated and Enabled

*Now here is a list of programs I used before the computer slowdown occurred (Dont know whether this is helpful or not???):*
- Installed GTA IV via steam and installed Microsoft Live ID game played fine computer did not slow down
- Updated and installed Firefox 20 
- Played bioshock infinite all auto saves saved fast with no lag apart from the last one before i closed the game there was considerable lag for about 10 seconds which never happened before. Game closed successfully no crash 
- Went to use Firefox 20 noticed considerable slowdown of pc

*After computer slowdown this is a list of troubleshooting I did to try and fix the problem:*
- Restarted computer which took a lot longer than normally 
- Tried to use Internet Explorer computer was getting even slower 
- Attempted to fix problem by using system restore but on reboot was presented with the mouse and a black screen had to do a hard restart 
- Booted into safe mode and presented with an error message from system restore "System Restore failed to replace the file (C:\Program Files (x86)\Mozilla Firefox\ xul.dll) with its original from the restore point. There was a disk failure during restore. This might be caused by bad sectors on disk" 
- From that point I believed it was a Firefox issue so i uninstalled it in safe mode and rebooted 
- Computer did boot noticeably quicker than previous times but still was very slow compared to usual boot

Sorry for this being so long I hope I have provided enough info you someone to help me with my issue???

Thanks


----------



## Mark1956 (May 7, 2011)

Ok, lets see what we can find and run a check on your hard drive.

Please run these two scans and post the logs:

*SCAN 1*
Click on this link to download : ADWCleaner and save it to your desktop.

*NOTE:* If using Internet Explorer and you get an alert that stops the program downloading click on *Tools > Smartscreen Filter > Turn off Smartscreen Filter* then click on *OK* in the box that opens. Then click on the link again.

Close your browser and click on this icon on your desktop:









You will then see the screen below, click on the *Delete* button (as indicated), accept any prompts that appear and allow it to reboot the PC. When the PC has rebooted you will be presented with the report, copy & paste it into your next post. If the log does not appear you should find it on your C: drive using Windows Explorer as ADWCleaner[S1].










*SCAN 2*
Download RogueKiller (by tigzy) and save direct to your Desktop.
On the web page select the 32bit or 64bit button to match the bit rate of your version of Windows.


Quit all running programs. 
Start RogueKiller.exe by double clicking on the icon. 
Wait until Prescan has finished. 
Ensure all boxes are ticked under "Report" tab. 
Click on Scan. 
Click on Report when complete. Copy/paste the contents of the report and paste into your next reply.
NOTE: *DO NOT attempt to remove anything that the scan detects.*










===========================================================

*Disk Check*


Click on *Start* then type *cmd* in the search box. A menu will pop up with *cmd* at the top, *right click* on it and select *Run as Administrator*. Another box will open, at the prompt type *chkdsk /r* and hit *Enter*._ *Note:* you must include a space between the *k* and the */*_
You will then see the following message:
*chkdsk* cannot run because the volume is in use by another process. Would you like to schedule this volume to be checked the next time the system restarts?* (Y/N)*
Type *Y* for yes, and hit *Enter*. Then reboot the computer. 
*chkdsk* will start when Windows begins loading again. Let all 5 phases run and don't use or turn off the computer. (_The *chkdsk* process may take an hour or more to finish, if it appears to freeze this is normal so *do not* interrupt it. On drives above 500GB it can take several hours._)
When the Disk Check is done, it will finish loading Windows.

Then follow this guide to find the *chkdsk* log. *NOTE:* You need to do the search for *wininit* not *chkdsk*.
Windows 7 Disk Check log

Once the log is in view then click on* Copy* in the right hand pane and select *"Copy details as text".*
You can then *right click* on the message box on this forum and select *Paste* and the log will appear, add any further information asked for and then click on *Submit/Post Quick Reply* and your done.


----------



## jonny109 (Apr 1, 2010)

Hi Mark1956,

I have ran all three programs you requested. Please find all log files below

*ADWCleaner log:*
# AdwCleaner v2.200 - Logfile created 04/03/2013 at 11:22:17

# Updated 02/04/2013 by Xplode

# Operating system : Windows 7 Professional Service Pack 1(64 bits)

# User : Jonathan - JONATHAN-PC

# Boot Mode : Normal

# Running from : C:\Users\Jonathan\Desktop\adwcleaner.exe

# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Folder Deleted :C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\ukrkwvdc.default\jetpack

***** [Registry] *****

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted :HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

Key Deleted : HKLM\Software\Freeze.com

Key Deleted :HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

Key Deleted :HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Key Deleted :HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

File :C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\ukrkwvdc.default\prefs.js

Deleted : user_pref("extensions.aniweather.timeShifted",1378956);

*************************

AdwCleaner[S1].txt - [1386 octets] - [03/04/2013 11:22:17]

########## EOF - C:\AdwCleaner[S1].txt - [1446 octets]##########

*RogueKiller log:*

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback :http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64bits version

Started in : Normal mode

User : Jonathan [Admin rights]

Mode : Scan -- Date : 04/03/2013 11:37:32

| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤

[SUSP PATH] MusicManager.exe -- C:\Users\Jonathan\AppData\Local\Programs\Google\MusicManager\MusicManager.exe[-] -> KILLED [TermProc]

¤¤¤ Registry Entries : 7 ¤¤¤

[RUN][SUSP PATH] HKCU\[...]\Run : MusicManager("C:\Users\Jonathan\AppData\Local\Programs\Google\MusicManager\MusicManager.exe")[-] -> FOUND

[RUN][SUSP PATH]HKUS\S-1-5-21-330368689-3912165379-4251724609-1000[...]\Run : MusicManager("C:\Users\Jonathan\AppData\Local\Programs\Google\MusicManager\MusicManager.exe")[-] -> FOUND

[TASK][SUSP PATH] ROC_REG_JAN_DELETE.job :C:\ProgramData\AVG January 2013 Campaign\ROC.exe /DELETE_FROM_SYSTEM=1 [7]-> FOUND

[TASK][SUSP PATH] ROC_REG_JAN_DELETE : C:\ProgramData\AVGJanuary 2013 Campaign\ROC.exe /DELETE_FROM_SYSTEM=1 [7] -> FOUND

[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) ->FOUND

[HJ DESK] HKLM\[...]\NewStartPanel :{59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel :{20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST500DM002-1BD142 ATA Device +++++

--- User ---

[MBR] 65b93aea55132dc4eb1c716edb9c2ef5

[BSP] 6294cf7d5a6696859175cd17e395b227 : Windows 7/8 MBRCode

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 |Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848| Size: 476838 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_04032013_02d1137.txt>>

RKreport[1]_S_04032013_02d1137.txt

*Disk check Log:*

Checking file system on C:

The type of the file system is NTFS.

A disk check has been scheduled.

Windows will now check thedisk. 

CHKDSK is verifying files (stage 1of 5)...

 285440 file records processed. Fileverification completed.

 371 large file records processed. 0 badfile records processed. 2 EArecords processed. 45 reparse records processed. CHKDSKis verifying indexes (stage 2 of 5)...

 350558 index entries processed. Indexverification completed.

 0 unindexed files scanned. 0unindexed files recovered. CHKDSKis verifying security descriptors (stage 3 of 5)...

 285440 file SDs/SIDs processed. Cleaning up4893 unused index entries from index $SII of file 0x9.

Cleaning up 4893 unused indexentries from index $SDH of file 0x9.

Cleaning up 4893 unused securitydescriptors.

Security descriptor verificationcompleted.

 32560 data files processed. CHKDSK is verifying Usn Journal...

 37242912 USN bytes processed. Usn Journal verification completed.

CHKDSK is verifying file data (stage4 of 5)...

 285424 files processed. File data verification completed.

CHKDSK is verifying free space(stage 5 of 5)...

 74776460 free clusters processed. Freespace verification is complete.

CHKDSK discovered free space markedas allocated in the

master file table (MFT) bitmap.

CHKDSK discovered free space markedas allocated in the volume bitmap.

Windows has made corrections to thefile system.

 488282111 KB total disk space.

 188628540 KB in 251240 files.

 140984 KB in 32561 indexes.

 0 KB in bad sectors.

 406743 KB in use by the system.

 65536 KB occupied by the log file.

 299105844 KB available on disk.

 4096 bytes in each allocation unit.

 122070527 total allocation units on disk.

 74776461 allocation units available on disk.

Internal Info:

00 5b 04 00 a1 54 04 00 ea 08 08 0000 00 00 00 .[...T..........

e4 8a 00 00 2d 00 00 00 00 00 00 0000 00 00 00 ....-...........

00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 ................

Windows has finished checking yourdisk.

Please wait while your computerrestarts.

Hope This Helps


----------



## Mark1956 (May 7, 2011)

For the posting of any future logs please use the normal font.

There is nothing of any significance in the logs above and no indication of bad sectors on the hard drive, but that doesn't give the hard drive the all clear so it is still a suspect from what you stated in your opening post.

Lets see what is on your system:

Please go Here and follow the instructions to run DDS, then *Copy and Paste* both the logs into your next reply. You need not run HJT or GMER.


----------



## jonny109 (Apr 1, 2010)

Here is the two logs from dds:

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16521 BrowserJavaVersion: 10.17.2
Run by Jonathan at 10:53:23 on 2013-04-04
Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.8154.5914 [GMT 1:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\SysWOW64\NlsSrv32.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Program Files (x86)\SugarSync\SugarSync.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Users\Jonathan\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_6_602_180_ActiveX.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [SugarSync] "C:\Program Files (x86)\SugarSync\SugarSync.exe" -startInTray -usedelay=true
uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
uRun: [Google Update] "C:\Users\Jonathan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [MusicManager] "C:\Users\Jonathan\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.11.0.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{49C74E5A-AC0A-4DC3-A088-F94F516E3E13} : DHCPNameServer = 192.168.1.254
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= 
SSODL: WebCheck - <orphaned>
SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll
STS: Virtual Storage Mount Notification - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\System32\SSCbFsMntNtf3.dll
x64-STS: Virtual Storage Mount Notification - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\System32\SSCbFsMntNtf3.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-5-28 16152]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-2-27 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-2-14 239416]
R1 CLBStor;InstantBurn Storage Helper Driver;C:\Windows\System32\drivers\CLBStor.sys [2012-5-28 24560]
R2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/29 21:30:33];C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-10-4 147704]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-2-28 4937264]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-2-19 282624]
R2 CLBUDF;CyberLink InstantBurn UDF Filesystem;C:\Windows\System32\drivers\CLBUDF.sys [2012-5-28 376304]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-11-29 90640]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-11-29 78352]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-11-29 295440]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\System32\NlsSrv32.exe --> C:\Windows\System32\NlsSrv32.exe [?]
R2 ntk_PowerDVD12;ntk_PowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2012-11-29 83704]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-6-27 681056]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2012-5-28 27760]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-5-28 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-5-28 787736]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-5-28 104560]
R3 SSCBFS3;SugarSync CallBack File System driver v3;C:\Windows\System32\drivers\sscbfs3.sys [2013-2-16 347904]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2012-5-28 2196592]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-6-22 135584]
S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2011-12-16 17976]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-15 19456]
S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-6-27 1326176]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2013-1-7 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2013-1-7 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2013-1-7 177640]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-15 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-15 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-28 1255736]
.
=============== Created Last 30 ================
.
2013-04-02 19:40:18 26520 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-hang-ui.exe
2013-04-02 19:40:15 96664 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2013-04-02 19:40:15 170232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2013-04-02 17:57:15 15088 ----a-w- C:\Users\Jonathan\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll
2013-04-02 17:54:13 -------- d-sh--w- C:\ProgramData\SecuROM
2013-04-02 17:53:54 -------- d-----w- C:\Users\Jonathan\AppData\Local\Rockstar Games
2013-04-02 17:53:46 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll
2013-04-02 17:53:19 -------- d-----w- C:\Windows\SysWow64\xlive
2013-04-02 17:53:19 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-03-26 11:50:06 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2013-03-25 14:02:20 282296 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-03-25 14:01:45 -------- d-----w- C:\Users\Jonathan\AppData\Local\PunkBuster
2013-03-25 13:02:49 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2013-03-25 13:02:49 282296 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-03-25 13:02:49 270240 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-03-25 12:43:32 -------- d-----w- C:\Program Files (x86)\EA Games
2013-03-25 12:17:19 -------- d-----w- C:\Users\Jonathan\AppData\Local\SCE
2013-03-23 12:42:57 -------- d-----w- C:\ProgramData\EA Logs
2013-03-23 12:38:02 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-03-22 16:46:57 -------- d-----r- C:\Program Files (x86)\Skype
2013-03-09 11:41:03 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-08 14:45:39 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2013-03-08 14:39:45 -------- d-----w- C:\Program Files (x86)\Origin Games
.
==================== Find3M ====================
.
2013-03-14 19:37:39 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-14 19:37:39 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-03-09 11:40:55 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-03-09 11:40:55 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-02-26 23:40:46 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-02-26 19:17:46 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-14 03:52:46 239416 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-02-08 04:37:56 116536 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2013-02-08 04:37:54 311096 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2013-02-08 04:37:50 71480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2013-02-08 04:37:42 206136 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-02-08 04:37:40 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2013-01-30 13:12:24 143104 ----a-w- C:\Windows\System32\SSCbFsNetRdr3.dll
2013-01-30 13:12:20 225024 ----a-w- C:\Windows\SysWow64\SSCbFsNetRdr3.dll
2013-01-30 13:12:16 192256 ----a-w- C:\Windows\System32\SSCbFsMntNtf3.dll
2013-01-30 13:12:06 159488 ----a-w- C:\Windows\SysWow64\SSCbFsMntNtf3.dll
2013-01-30 13:11:50 347904 ----a-w- C:\Windows\System32\drivers\sscbfs3.sys
2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
.
============= FINISH: 10:56:29.26 ===============

*Second log:*

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional 
Boot Device: \Device\HarddiskVolume1
Install Date: 28/05/2012 12:23:04 PM
System Uptime: 04/04/2013 10:46:47 AM (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | Z77-D3H
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz | Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz | 3801/100mhz
.
==== Disk Partitions =========================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.02)
Adobe Shockwave Player 11.6
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Media Foundation Decoders
ANNO 2070
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
ATI AVIVO64 Codecs
µTorrent
AVG 2013
Battlefield Heroes
BioShock Infinite
Bonjour
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Core Temp 1.0 RC3
CyberLink BD_3D Advisor 2.0
CyberLink Blu-ray Disc Suite
CyberLink InstantBurn
CyberLink LabelPrint
CyberLink MediaShow
CyberLink Power2Go
CyberLink PowerBackup
CyberLink PowerDVD 12
CyberLink PowerProducer
D3DX10
Emergency 4
Euro Truck Simulator 2
FileHippo.com Update Checker
Futuremark SystemInfo
FW LiveUpdate
Google Earth
Google Update Helper
Grand Theft Auto IV
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
HydraVision
Intel(R) USB 3.0 eXtensible Host Controller Driver
iTunes
Java 7 Update 17
Java Auto Updater
LightScribe System Software
Malwarebytes Anti-Malware version 1.70.0.1100
Mass Effect 3
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
MotorM4X: Offroad Extreme
Movie Maker
MSVCRT
MSVCRT110
MSVCRT110_amd64
Music Manager
MyFreeCodec
NVIDIA PhysX
Open PLS in Windows Media Player 2.3.0
OpenAL
Origin
Paint.NET v3.5.10
Photo Common
Photo Gallery
PlanetSide 2
Platform
PunkBuster Services
RaceRoom Racing Experience 
RaceRoom Racing Experience WIP
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Samsung_MonSetup
SCANIA Truck Driving Simulator 1.0.0
Secunia PSI (3.0.0.2004)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition 
Ship Simulator Extremes
SimCity
Skype 6.3
Speccy
SpeedFan (remove only)
Steam
SugarSync
swMSM
System Requirements Lab CYRI
System Requirements Lab for Intel
System Requirements Lab Test
The Sims 3
Total War: SHOGUN 2
Train Simulator 2012
trakAxPC
Ubisoft Game Launcher
Ultra Defragmenter
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VIA Platform Device Manager
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.5
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
.
==== End Of File ===========================


----------



## Mark1956 (May 7, 2011)

Nothing of any significance in the logs, but the DDS Attach.txt log isn't showing any entry for Restore Points or the Error logs which is not normal.

Please run these two scans and post the logs.

Please download *Farbar Service Scanner* and save it to your desktop. Double click on the icon to run the program.


Put a check mark in all the boxes.
Press "*Scan*".
The results will be displayed when the scan completes, please Copy & Paste the entire log into your next reply. It will also save a log on the desktop in a text file.
Please copy and paste the log into your reply.

===============================

Please download MiniToolBox and save it to your desktop.
Double click on the MiniToolBox icon









The window will open as shown below.

Click on each of the boxes as indicated in the list below, then click on the *GO* button.

Copy & Paste the contents of the report that appears into your next post, you can also find a copy of the report on your desktop (Result.txt).

•Flush DNS
•Report IE Proxy Settings
•Report FF Proxy Settings
•List content of Hosts
•List last 10 Event Viewer Errors
•List Devices Check options for *Only Problems*
•List Users, Partitions and Memory size.
•List Minidump Files


----------



## jonny109 (Apr 1, 2010)

Hi mark thanks for all your help so far,

*Here is the log file for FSS:*

Farbar Service Scanner Version: 03-03-2013
Ran by Jonathan (administrator) on 04-04-2013 at 11:32:29
Running from "C:\Users\Jonathan\Desktop"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.

Windows Firewall:
=============
Firewall Disabled Policy: 
==================

System Restore:
============
System Restore Disabled Policy: 
========================

Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy: 
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

*Here is the log for MiniToolBox*:

MiniToolBox by Farbar Version:05-03-2013
Ran by Jonathan (administrator) on 04-04-2013 at 11:33:57
Running from "C:\Users\Jonathan\Desktop"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ============================== 
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================

========================= IP Configuration: ================================
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Connected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

Windows IP Configuration
Host Name . . . . . . . . . . . . : Jonathan-PC
Primary Dns Suffix . . . . . . . : 
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : lan
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 50-E5-49-EC-A9-7B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7564:662c:9772:f76%11(Preferred) 
IPv4 Address. . . . . . . . . . . : 192.168.1.65(Preferred) 
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 04 April 2013 10:47:19 
Lease Expires . . . . . . . . . . : 05 April 2013 10:47:18 
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 240182601
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-55-23-98-50-E5-49-EC-A9-7B
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.lan:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . : 
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2443:2fd6:4323:639f(Preferred) 
Link-local IPv6 Address . . . . . : fe80::2443:2fd6:4323:639f%13(Preferred) 
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: O2wirelessbox.lan
Address: 192.168.1.254
Name: google.com
Addresses: 2a00:1450:4009:802::1001
173.194.41.129
173.194.41.133
173.194.41.131
173.194.41.137
173.194.41.136
173.194.41.130
173.194.41.128
173.194.41.135
173.194.41.132
173.194.41.134
173.194.41.142

Pinging google.com [173.194.41.160] with 32 bytes of data:
Reply from 173.194.41.160: bytes=32 time=31ms TTL=56
Reply from 173.194.41.160: bytes=32 time=30ms TTL=56
Ping statistics for 173.194.41.160:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 30ms, Maximum = 31ms, Average = 30ms
Server: O2wirelessbox.lan
Address: 192.168.1.254
Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Request timed out.
Reply from 98.139.183.24: bytes=32 time=299ms TTL=46
Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 299ms, Maximum = 299ms, Average = 299ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...50 e5 49 ec a9 7b ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.65 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.65 276
192.168.1.65 255.255.255.255 On-link 192.168.1.65 276
192.168.1.255 255.255.255.255 On-link 192.168.1.65 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.65 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.65 276
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:2443:2fd6:4323:639f/128
On-link
11 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::2443:2fd6:4323:639f/128
On-link
11 276 fe80::7564:662c:9772:f76/128
 On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (04/04/2013 10:49:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/03/2013 04:41:14 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/03/2013 11:27:31 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/03/2013 09:35:20 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2013 11:58:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2013 11:44:36 PM) (Source: System Restore) (User: )
Description: System Restore encountered a disk error during the restore (Installed Microsoft Games for Windows - LIVE Redistributable).
Error: (04/02/2013 11:44:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2013 10:05:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2013 07:03:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/02/2013 00:39:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (04/04/2013 11:34:00 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
Error: (04/04/2013 11:33:57 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
Error: (04/04/2013 11:33:52 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
Error: (04/04/2013 11:33:50 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
Error: (04/04/2013 11:33:44 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
Error: (04/04/2013 11:33:42 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
Error: (04/04/2013 11:33:10 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
Error: (04/04/2013 11:33:09 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
Error: (04/04/2013 11:33:09 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
Error: (04/04/2013 11:33:09 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.

Microsoft Office Sessions:
=========================
=========================== Installed Programs ============================
Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.3.0.29082)
7-Zip 9.20
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.71219.1540)
ANNO 2070 (Version: 1.0.0.0)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (Version: 2.0.4.4)
ATI AVIVO64 Codecs (Version: 11.6.0.10524)
AVG 2013 (Version: 13.0.3162)
AVG 2013 (Version: 13.0.3267)
AVG 2013 (Version: 2013.0.3267)
Battlefield Heroes
BioShock Infinite
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.1219.1521.27485)
Catalyst Control Center Graphics Previews Common (Version: 2012.1219.1521.27485)
Catalyst Control Center InstallProxy (Version: 2012.1219.1521.27485)
Catalyst Control Center Localization All (Version: 2012.1219.1521.27485)
CCC Help Chinese Standard (Version: 2012.1219.1520.27485)
CCC Help Chinese Traditional (Version: 2012.1219.1520.27485)
CCC Help Czech (Version: 2012.1219.1520.27485)
CCC Help Danish (Version: 2012.1219.1520.27485)
CCC Help Dutch (Version: 2012.1219.1520.27485)
CCC Help English (Version: 2012.1219.1520.27485)
CCC Help Finnish (Version: 2012.1219.1520.27485)
CCC Help French (Version: 2012.1219.1520.27485)
CCC Help German (Version: 2012.1219.1520.27485)
CCC Help Greek (Version: 2012.1219.1520.27485)
CCC Help Hungarian (Version: 2012.1219.1520.27485)
CCC Help Italian (Version: 2012.1219.1520.27485)
CCC Help Japanese (Version: 2012.1219.1520.27485)
CCC Help Korean (Version: 2012.1219.1520.27485)
CCC Help Norwegian (Version: 2012.1219.1520.27485)
CCC Help Polish (Version: 2012.1219.1520.27485)
CCC Help Portuguese (Version: 2012.1219.1520.27485)
CCC Help Russian (Version: 2012.1219.1520.27485)
CCC Help Spanish (Version: 2012.1219.1520.27485)
CCC Help Swedish (Version: 2012.1219.1520.27485)
CCC Help Thai (Version: 2012.1219.1520.27485)
CCC Help Turkish (Version: 2012.1219.1520.27485)
ccc-utility64 (Version: 2012.1219.1521.27485)
CCleaner (Version: 4.00)
Core Temp 1.0 RC3 (Version: 1.0)
CyberLink BD_3D Advisor 2.0
CyberLink Blu-ray Disc Suite (Version: 7.0.3721)
CyberLink InstantBurn (Version: 5.0.6210)
CyberLink LabelPrint (Version: 2.5.3418)
CyberLink MediaShow (Version: 5.0.1423)
CyberLink Power2Go (Version: 6.1.3802)
CyberLink PowerBackup (Version: 2.5.6023)
CyberLink PowerDVD 12 (Version: 12.0.2118.57)
CyberLink PowerProducer (Version: 5.0.2.2429)
D3DX10 (Version: 15.4.2368.0902)
Emergency 4 (Version: 1.02.001)
Euro Truck Simulator 2 (Version: 1.1.1)
FileHippo.com Update Checker
Futuremark SystemInfo (Version: 4.9.0)
FW LiveUpdate (Version: 2.0.7.2)
Google Earth (Version: 7.0.2.8415)
Google Update Helper (Version: 1.3.21.135)
Grand Theft Auto IV
HydraVision (Version: 4.2.206.0)
Intel(R) USB 3.0 eXtensible Host Controller Driver (Version: 1.0.3.214)
iTunes (Version: 11.0.1.12)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
LightScribe System Software (Version: 1.18.20.1)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Mass Effect 3 (Version: 1.05.0.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE (Version: 3.1.186.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MotorM4X: Offroad Extreme
Movie Maker (Version: 16.4.3505.0912)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
Music Manager
MyFreeCodec
NVIDIA PhysX (Version: 9.11.1107)
Open PLS in Windows Media Player 2.3.0 (Version: 2.3)
OpenAL
Origin (Version: 9.1.11.2678)
Paint.NET v3.5.10 (Version: 3.60.0)
Photo Gallery (Version: 16.4.3505.0912)
PlanetSide 2
Platform (Version: 1.39)
PunkBuster Services (Version: 0.990)
RaceRoom Racing Experience 
RaceRoom Racing Experience WIP
Samsung Kies (Version: 2.3.2.12064_10)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.16.0)
Samsung_MonSetup (Version: 1.00.0000)
SCANIA Truck Driving Simulator 1.0.0 (Version: 1.0.0)
Secunia PSI (3.0.0.2004) (Version: 3.0.0.2004)
Ship Simulator Extremes
SimCity (Version: 1.0.0.0)
Skype 6.3 (Version: 6.3.105)
Speccy (Version: 1.20)
SpeedFan (remove only)
Steam (Version: 1.0.0.0)
SugarSync (Version: 2.0.9.110204)
swMSM (Version: 12.0.0.1)
System Requirements Lab CYRI (Version: 5.0.6.0)
System Requirements Lab for Intel (Version: 4.5.11.0)
System Requirements Lab Test (Version: 5.0.6.0)
The Sims 3 (Version: 1.36.45)
Total War: SHOGUN 2
Train Simulator 2012
trakAxPC (Version: 3.01.1)
Ubisoft Game Launcher (Version: 1.0.0.0)
Ultra Defragmenter (Version: 5.1.2)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VIA Platform Device Manager (Version: 1.39)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.5 (Version: 2.0.5)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
========================= Devices: ================================
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: High Definition Audio Device
Description: High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

========================= Memory info: ===================================
Percentage of memory in use: 25%
Total physical RAM: 8154.06 MB
Available physical RAM: 6113.75 MB
Total Pagefile: 16306.3 MB
Available Pagefile: 14068.55 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.6 MB
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:465.66 GB) (Free:285.07 GB) NTFS
========================= Users: ========================================
User accounts for \\JONATHAN-PC
Administrator Guest Jonathan 
========================= Minidump Files ==================================
No minidump file found
========================= Restore Points ==================================
29-03-2013 17:43:21 Installed DirectX
02-04-2013 17:51:38 Installed DirectX
02-04-2013 17:52:45 Installed DirectX
02-04-2013 17:53:20 Installed DirectX
02-04-2013 17:59:22 Installed Microsoft Games for Windows - LIVE Redistributable
02-04-2013 21:35:24 Restore Operation
**** End of log ****


----------



## Mark1956 (May 7, 2011)

There are some drivers missing, please click on Start > Control Panel > Device Manager.

You should see three items with a yellow warning, click on the small arrow head to expand the list next to each error warning. Right click on the device with the warning and select Update Driver Software.

Then select Search for driver and see if anything is found, if so install it.

===============================================

There is a clear indication that something is wrong with the hard drive or it's controller.
Please run this scan.

Open Internet Explorer and click on this: Seatools

Save the download to your desktop.

In Windows 7 right click the ISO file, select *Open With*, then select* Windows Disc Image Burning Tool* then follow the prompts.
For all other versions of windows (if you do not have an ISO burner) download this free software. ImgBurn Install the program and start the application. Select the top left hand option to *Write image file to disc* and then on the next window click on the small yellow folder icon and browse to the ISO file on your desktop. Then click on the two grey discs with the arrow in between (bottom left) and leave it to complete the operation.

You will need a blank recordable CD or a re-recordable CD. You cannot use this software on a USB flash drive.

When the CD has been burned boot the PC into the Bios setup and set the CD/DVD drive to 1st in the boot sequence. Insert the disk in the drive then reboot and the disc will load into DOS. Click on Basic Tests and select the Long Test.

A full set of instructions can be found here: Seatools instructions

When the test completes it will show a Pass or Fail.


----------



## jonny109 (Apr 1, 2010)

With regards to the drivers that are missing. There is only two the Universal Serial Bus (USB) Controller which I attempted to update but windows could not find driver software for the device and the High Definition Audio Device which I also attempted to update but windows determined that the best driver software for my device is already installed and up-to-date. I am currently installing Seatools and will get back to you as soon as it is finished.
Thanks


----------



## Mark1956 (May 7, 2011)

All the drivers for your motherboard are available from here: http://www.gigabyte.com/products/product-page.aspx?pid=4140#dl


----------



## jonny109 (Apr 1, 2010)

I ran the seatools program via the bootable CD and the log file is below:

Started Long test 4/4/2013 @12:11.26
DST Completed without Error 
Short DST PASSED 4/4/2013 @ 13:28.52
Long Test PASSED 4/4/2013 @ 13:28.52

Any more ideas??
Thanks 
Jonny


----------



## Mark1956 (May 7, 2011)

Ok, go to the link I gave and download and install the drivers you need.

Then please run this scan below:

*STEP 1*
*NOTE:* If you have already used Combofix please delete the icon from your desktop.


Please download DeFogger and save it to your desktop.
Once downloaded, double-click on the *DeFogger* icon to start the tool.
The application window will appear.
You should now click on the *Disable* button to disable your CD Emulation drivers.
When it prompts you whether or not you want to continue, please click on the *Yes* button to continue.
When the program has completed you will see a *Finished!* message. Click on the *OK* button to exit the program.
If CD Emulation programs are present and have been disabled, *DeFogger* will now ask you to reboot the machine. Please allow it to do so by clicking on the *OK* button.

*STEP 2*
Please download *ComboFix*







from one of the locations below and *save it to your Desktop. <-Important!!!*


Download Mirror #1
Download Mirror #2

Be sure to print out and follow these instructions: *A guide and tutorial on using ComboFix*

*Vista*/*Windows 7* users can skip the Recovery Console instructions and use the Windows DVD to boot into the Vista Recovery Environment or Windows 7 System Recovery Options if something goes awry. If you do not have a Windows 7 DVD then please create a Windows 7 Repair Disc. *XP* users need to install the Recovery Console first.


Temporarily *disable* your *anti-virus*, script blocking and any *anti-malware* real-time protection _*before*_ performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause _"unpredictable results"_. Click this link to see a list of such programs and how to disable them.
If ComboFix detects an older version of itself, you will be asked to update the program.
ComboFix will begin by showing a Disclaimer. Read it and click *I Agree* if you want to continue.
Follow the prompts and click on *Yes* to continue scanning for malware.
If using Windows 7 or Vista and you receive a UAC prompt asking if you want to continue running the program, you should press the *Continue* button.
When finished, please copy and paste the contents of C:\*ComboFix.txt* (_which will open after reboot_) in your next reply.
Be sure to *re-enable* your anti-virus and other security programs.

_-- Do not touch your mouse/keyboard until the ComboFix scan has completed, as this may cause the process to stall or the computer to lock.
-- ComboFix will temporarily disable your desktop, and if interrupted may leave it disabled. If this occurs, please reboot to restore it.
-- ComboFix disables autorun of all CD, floppy and USB devices to assist with malware removal and increase security._

If you no longer have access to your Internet connection after running ComboFix, please reboot to restore it. If that does not restore the connection, then follow the instructions for Manually restoring the Internet connection provided in the "_How to Guide_" you printed out earlier. Those instructions only apply to XP, for Vista and Windows 7 go here: Internet connection repair

*NOTE:* if you see a message like this when you attempt to open anything after the reboot *"Illegal Operation attempted on a registry key that has been marked for deletion"* please reboot the system again and the warning should not return.



> *Do NOT use ComboFix* unless you have been instructed to do so by a Malware Removal Expert. It is a powerful tool intended by its creator to be used under the guidance and supervision of an expert, *NOT for general public or personal use*. *Using this tool incorrectly could lead to serious problems with your operating system such as preventing it from ever starting again.* This site, sUBs and myself *will not* be responsible for any damage caused to your machine by misusing or running ComboFix on your own. Please read *ComboFix's Disclaimer*.


----------



## jonny109 (Apr 1, 2010)

I did attempt to find the missing drive but they do not exist on the gigabyte website there is no High definition Audio device driver and I know I have already installed the intel 3.0 but I did not install the etron usb 3.0 which is now installed and working correctly thanks for that. Also I don't know if this would make any difference but if I try to play a flash video e.g. on YouTube or soundcloud internet explorer locks up even worse than it does since this has happened. Would flash player be causing the problem? 

Do you want me to skip out the driver and just run the scan or would you prefer me to have the missing driver?

thanks


----------



## Mark1956 (May 7, 2011)

The sound driver is in the list of drivers as VIA Audio Driver. If you click on the Specifications tab, under Audio it shows it as High Definition Audio.

Is this a home built PC, I'd guess it is, in which case you should have had a drivers disk supplied with the motherboard which would include the drivers that were missing. The logs above also shows a PS2 driver is missing for keyboard and mouse, not a problem if you are using a USB mouse and keyboard.

Have you installed the Chipset drivers for this system? If not I would recommend that you do as it may improve performance.

Irrespective of sorting the drivers out please run the scan above.


----------



## jonny109 (Apr 1, 2010)

Hi mark, 

Been busy the past couple of days so sorry for not getting back to you sooner. When I attempted to create the Windows 7 repair disc on the affected computer I was presented with an error System repair disc could not be created The parameter is incorrect. (0x80070057). I then tried to create the disk on another computer I have and it worked fine. Does it matter which computer I create the system repair disc??

Thanks


----------



## Mark1956 (May 7, 2011)

As long as the PC you made the disk on uses the same bit rate of Windows 7 as the faulty PC it will be fine.


----------



## jonny109 (Apr 1, 2010)

Unfortunately the affected computer is running 64 bit windows 7 and other is running 32 bit windows 7. Is there a solution you could provide for this error?


----------



## Mark1956 (May 7, 2011)

Yup, go here: Windows 7 ISO downloads and download the version of Windows 7 that matches what you have on your PC.

If you do the download on the other Windows 7 PC then all you need to do is right click the ISO file, select *Open With*, then select* Windows Disc Image Burning Tool* then follow the prompts.

You will need a blank DVD to burn the ISO. This will give you a full copy of Windows 7 which can be used to run a full re-install if required or used in place of the Repair disc your tried to make.


----------



## jonny109 (Apr 1, 2010)

Hi Mark,

Sorry for the late reply been away at university all week.

Here is the log file for ComboFix,

ComboFix 13-04-12.02 - Jonathan 12/04/2013 21:36:26.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.8154.6060 [GMT 1:00]
Running from: c:\users\Jonathan\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jonathan\AppData\Roaming\Roaming
c:\users\Jonathan\AppData\Roaming\Roaming\Quest3D\ShipSimExtreme\channels.lst
c:\windows\SysWow64\muzapp.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-03-12 to 2013-04-12 )))))))))))))))))))))))))))))))
.
.
2013-04-12 20:46 . 2013-04-12 20:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-04 15:03 . 2012-08-07 07:09 88832 ----a-w- c:\windows\system32\drivers\EtronXHCI.sys
2013-04-04 15:03 . 2012-08-07 07:09 65152 ----a-w- c:\windows\system32\drivers\EtronHub3.sys
2013-04-04 15:03 . 2013-04-04 15:03 -------- d-----w- c:\program files (x86)\Etron Technology
2013-04-02 17:54 . 2013-04-02 17:54 -------- d-sh--w- c:\programdata\SecuROM
2013-04-02 17:53 . 2013-04-02 17:54 -------- d-----w- c:\users\Jonathan\AppData\Local\Rockstar Games
2013-04-02 17:53 . 2013-04-02 17:53 -------- d--h--r- c:\users\Jonathan\AppData\Roaming\SecuROM
2013-04-02 17:53 . 2013-04-02 17:53 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-04-02 17:53 . 2013-04-02 17:53 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2013-04-02 17:53 . 2013-04-02 17:53 -------- d-----w- c:\windows\SysWow64\xlive
2013-03-26 11:50 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-25 14:02 . 2013-03-26 15:46 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-03-25 14:01 . 2013-03-25 14:01 -------- d-----w- c:\users\Jonathan\AppData\Local\PunkBuster
2013-03-25 13:02 . 2013-03-26 15:46 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-03-25 13:02 . 2013-03-26 15:46 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-03-25 13:02 . 2013-03-25 14:13 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-03-25 12:43 . 2013-03-25 12:43 -------- d-----w- c:\program files (x86)\EA Games
2013-03-25 12:17 . 2013-03-25 12:17 -------- d-----w- c:\users\Jonathan\AppData\Local\SCE
2013-03-23 12:42 . 2013-03-24 22:05 -------- d-----w- c:\programdata\EA Logs
2013-03-23 12:38 . 2013-03-23 12:38 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2013-03-22 16:47 . 2013-03-22 16:51 -------- d-----w- c:\users\Jonathan\AppData\Roaming\Skype
2013-03-22 16:46 . 2013-03-22 16:46 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-03-22 16:46 . 2013-03-22 16:46 -------- d-----r- c:\program files (x86)\Skype
2013-03-22 16:46 . 2013-03-22 16:46 -------- d-----w- c:\programdata\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-14 23:34 . 2012-05-28 13:42 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-14 19:37 . 2012-11-22 21:47 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-14 19:37 . 2012-11-22 21:47 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-09 11:40 . 2013-03-09 11:41 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-09 11:40 . 2012-06-05 21:50 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-09 11:40 . 2012-06-05 21:50 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-26 23:40 . 2013-02-26 23:40 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-02-26 19:18 . 2013-02-26 19:18 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-02-26 19:18 . 2013-02-26 19:18 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-02-26 19:18 . 2013-02-26 19:18 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-02-26 19:18 . 2013-02-26 19:18 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-02-26 19:18 . 2013-02-26 19:18 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-02-26 19:18 . 2013-02-26 19:18 1766912 ----a-w- c:\windows\SysWow64\wininet.dll
2013-02-26 19:18 . 2013-02-26 19:18 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-02-26 19:18 . 2013-02-26 19:18 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-02-26 19:18 . 2013-02-26 19:18 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-02-26 19:18 . 2013-02-26 19:18 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-02-26 19:18 . 2013-02-26 19:18 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-02-26 19:18 . 2013-02-26 19:18 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-02-26 19:18 . 2013-02-26 19:18 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-02-26 19:18 . 2013-02-26 19:18 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-02-26 19:18 . 2013-02-26 19:18 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-02-26 19:18 . 2013-02-26 19:18 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-02-26 19:18 . 2013-02-26 19:18 2877440 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-02-26 19:18 . 2013-02-26 19:18 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-02-26 19:18 . 2013-02-26 19:18 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-02-26 19:18 . 2013-02-26 19:18 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-02-26 19:18 . 2013-02-26 19:18 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-02-26 19:18 . 2013-02-26 19:18 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-02-26 19:18 . 2013-02-26 19:18 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-02-26 19:18 . 2013-02-26 19:18 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-02-26 19:18 . 2013-02-26 19:18 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-02-26 19:18 . 2013-02-26 19:18 2647552 ----a-w- c:\windows\system32\iertutil.dll
2013-02-26 19:18 . 2013-02-26 19:18 197120 ----a-w- c:\windows\system32\msrating.dll
2013-02-26 19:18 . 2013-02-26 19:18 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-02-26 19:18 . 2013-02-26 19:18 81408 ----a-w- c:\windows\system32\icardie.dll
2013-02-26 19:18 . 2013-02-26 19:18 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-02-26 19:18 . 2013-02-26 19:18 67072 ----a-w- c:\windows\system32\iesetup.dll
2013-02-26 19:18 . 2013-02-26 19:18 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-02-26 19:18 . 2013-02-26 19:18 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-02-26 19:18 . 2013-02-26 19:18 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-02-26 19:18 . 2013-02-26 19:18 441856 ----a-w- c:\windows\system32\html.iec
2013-02-26 19:18 . 2013-02-26 19:18 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-02-26 19:18 . 2013-02-26 19:18 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-02-26 19:18 . 2013-02-26 19:18 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-02-26 19:18 . 2013-02-26 19:18 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-02-26 19:18 . 2013-02-26 19:18 235008 ----a-w- c:\windows\system32\url.dll
2013-02-26 19:18 . 2013-02-26 19:18 2240512 ----a-w- c:\windows\system32\wininet.dll
2013-02-26 19:18 . 2013-02-26 19:18 216064 ----a-w- c:\windows\system32\msls31.dll
2013-02-26 19:18 . 2013-02-26 19:18 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-26 19:18 . 2013-02-26 19:18 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-02-26 19:18 . 2013-02-26 19:18 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-02-26 19:18 . 2013-02-26 19:18 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-02-26 19:18 . 2013-02-26 19:18 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-02-26 19:18 . 2013-02-26 19:18 102912 ----a-w- c:\windows\system32\inseng.dll
2013-02-26 19:18 . 2013-02-26 19:18 855552 ----a-w- c:\windows\system32\jscript.dll
2013-02-26 19:18 . 2013-02-26 19:18 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-02-26 19:18 . 2013-02-26 19:18 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-02-26 19:18 . 2013-02-26 19:18 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-02-26 19:18 . 2013-02-26 19:18 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-02-26 19:18 . 2013-02-26 19:18 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-02-26 19:18 . 2013-02-26 19:18 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-02-26 19:18 . 2013-02-26 19:18 19221504 ----a-w- c:\windows\system32\mshtml.dll
2013-02-26 19:18 . 2013-02-26 19:18 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-02-26 19:18 . 2013-02-26 19:18 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-02-26 19:18 . 2013-02-26 19:18 149504 ----a-w- c:\windows\system32\occache.dll
2013-02-26 19:18 . 2013-02-26 19:18 144896 ----a-w- c:\windows\system32\wextract.exe
2013-02-26 19:18 . 2013-02-26 19:18 13824 ----a-w- c:\windows\system32\mshta.exe
2013-02-26 19:18 . 2013-02-26 19:18 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-02-26 19:18 . 2013-02-26 19:18 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-02-26 19:18 . 2013-02-26 19:18 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-02-26 19:18 . 2013-02-26 19:18 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-02-26 19:18 . 2013-02-26 19:18 526848 ----a-w- c:\windows\system32\ieui.dll
2013-02-26 19:18 . 2013-02-26 19:18 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-02-26 19:18 . 2013-02-26 19:18 3958784 ----a-w- c:\windows\system32\jscript9.dll
2013-02-26 19:18 . 2013-02-26 19:18 15407616 ----a-w- c:\windows\system32\ieframe.dll
2013-02-26 19:18 . 2013-02-26 19:18 136704 ----a-w- c:\windows\system32\iesysprep.dll
2013-02-26 19:18 . 2013-02-26 19:18 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-02-26 19:17 . 2013-02-26 19:17 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-26 19:17 . 2013-02-26 19:17 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-26 19:17 . 2013-02-26 19:17 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-26 19:17 . 2013-02-26 19:17 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-26 19:17 . 2013-02-26 19:17 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-26 19:17 . 2013-02-26 19:17 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-26 19:17 . 2013-02-26 19:17 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-26 19:17 . 2013-02-26 19:17 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-26 19:17 . 2013-02-26 19:17 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-26 19:17 . 2013-02-26 19:17 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-26 19:17 . 2013-02-26 19:17 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-26 19:17 . 2013-02-26 19:17 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-26 19:17 . 2013-02-26 19:17 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-26 19:17 . 2013-02-26 19:17 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-26 19:17 . 2013-02-26 19:17 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-26 19:17 . 2013-02-26 19:17 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-26 19:17 . 2013-02-26 19:17 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-02-26 19:17 . 2013-02-26 19:17 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-02-26 19:17 . 2013-02-26 19:17 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-26 19:17 . 2013-02-26 19:17 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-02-26 19:17 . 2013-02-26 19:17 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-02-26 19:17 . 2013-02-26 19:17 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{69925D1B-6A0F-4413-861A-81AB98039DB9}"
[HKEY_CLASSES_ROOT\CLSID\{69925D1B-6A0F-4413-861A-81AB98039DB9}]
2013-01-30 13:12 159488 ----a-w- c:\windows\SysWOW64\SSCbFsMntNtf3.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SugarSync"="c:\program files (x86)\SugarSync\SugarSync.exe" [2013-03-19 12409184]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-05-24 393216]
"MusicManager"="c:\users\Jonathan\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [2013-03-18 7366656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-05-11 5119600]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-27 291608]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-03-13 4394032]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{C28617FD-4FE7-4043-AD51-C8132CE90106}"= "c:\windows\SysWOW64\SSCbFsMntNtf3.dll" [2013-01-30 159488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"EldosMountNotificator"= {C28617FD-4FE7-4043-AD51-C8132CE90106} - c:\windows\SysWOW64\SSCbFsMntNtf3.dll [2013-01-30 159488]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2013-02-27 4937264]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 ALSysIO;ALSysIO;c:\users\Jonathan\AppData\Local\Temp\ALSysIO64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-04-26 135584]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2011-12-16 17976]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-06-27 1326176]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2012-06-27 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2012-06-27 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2012-06-27 177640]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-28 1255736]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2013-02-08 71480]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2013-02-08 311096]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2013-02-08 116536]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2013-02-08 45880]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-01-27 16152]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2013-02-26 246072]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2013-02-08 206136]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2013-02-14 239416]
S1 CLBStor;InstantBurn Storage Helper Driver;c:\windows\system32\DRIVERS\CLBStor.sys [2009-10-07 24560]
S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/11/29 21:30];c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-10-04 15:57 147704]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-12-19 240640]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-02-19 282624]
S2 CLBUDF;CyberLink InstantBurn UDF Filesystem; [x]
S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-10-05 90640]
S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-10-05 78352]
S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-10-05 295440]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\NlsSrv32.exe [x]
S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2012-06-20 83704]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2012-06-27 681056]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2012-05-04 27760]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2012-08-07 65152]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2012-08-07 88832]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-27 356120]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-27 787736]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-08-11 104560]
S3 SSCBFS3;SugarSync CallBack File System driver v3;c:\windows\system32\DRIVERS\sscbfs3.sys [2013-01-30 347904]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2012-05-04 2196592]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-11-22 13:18 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-22 19:37]
.
2013-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-18 18:59]
.
2013-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-18 18:59]
.
2013-04-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-330368689-3912165379-4251724609-1000Core.job
- c:\users\Jonathan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-25 17:47]
.
2013-04-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-330368689-3912165379-4251724609-1000UA.job
- c:\users\Jonathan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-25 17:47]
.
2013-01-23 c:\windows\Tasks\ROC_REG_JAN_DELETE.job
- c:\programdata\AVG January 2013 Campaign\ROC.exe [2013-01-22 21:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{69925D1B-6A0F-4413-861A-81AB98039DB9}"
[HKEY_CLASSES_ROOT\CLSID\{69925D1B-6A0F-4413-861A-81AB98039DB9}]
2013-01-30 13:12 192256 ----a-w- c:\windows\System32\SSCbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2013-03-19 18:27 2198368 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2013-03-19 18:27 2198368 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{39D54CC2-69CF-43b4-B167-577D25E7F496}"
[HKEY_CLASSES_ROOT\CLSID\{39D54CC2-69CF-43b4-B167-577D25E7F496}]
2013-03-19 18:27 2198368 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2013-03-19 18:27 2198368 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncSharedPending]
@="{F7395C2E-A5D8-4a32-9536-5C6A9F1DC450}"
[HKEY_CLASSES_ROOT\CLSID\{F7395C2E-A5D8-4a32-9536-5C6A9F1DC450}]
2013-03-19 18:27 2198368 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{C28617FD-4FE7-4043-AD51-C8132CE90106}"= "c:\windows\system32\SSCbFsMntNtf3.dll" [2013-01-30 192256]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
SSODL-EldosMountNotificator REG_SZ {C28617FD-4FE7-4043-AD51-C8132CE90106}- - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{73526619-C24F-470B-9BED-53D455FBB5C6}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-330368689-3912165379-4251724609-1000\Software\SecuROM\License information*]
"datasecu"=hex:c8,cb,d9,59,cd,6f,7c,4b,bb,a3,90,7d,4e,68,04,45,fc,45,1a,11,56,
e1,0d,bb,6b,c5,94,12,8c,81,2d,5e,79,72,c5,16,b5,51,3c,2d,2a,0d,db,2d,ce,07,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-12 21:51:31
ComboFix-quarantined-files.txt 2013-04-12 20:51
.
Pre-Run: 304,740,270,080 bytes free
Post-Run: 304,637,857,792 bytes free
.
- - End Of File - - D204ABF5E01CEF5BE131BF3D22A41B0E

Please Note that after running combofix internet exploer is now no longer loading and displaying any websites. Just displays a white blank screen.

Thanks 
Jonny


----------



## Mark1956 (May 7, 2011)

Please follow the Combofix instructions for repairing lost internet connection if a reboot does not fix the problem with IE.

Please then run this scan and post the logs.

1. Download Malwarebytes Anti-Rootkit from this link Mbar
2. Unzip the File to a convenient location. (Recommend the Desktop)
3. Open the folder where the contents were unzipped to run *mbar.exe*










4. Double-click on the mbar.exe file, you may receive a User Account Control prompt asking if you are sure you wish to allow the program to run. Please allow the program to run and MBAR will now start to install any necessary drivers that are required for the program to operate correctly. If a rootkit is interfering with the installation of the drivers you will see a message that states that the DDA driver was not installed and that you should reboot your computer to install it. You will see this image:










5. If you receive this message, please click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer. Once the computer is rebooted and you login, MBAR will automatically start and you will now be at the start screen. (If no Rootkit warning you will go from step 4 to 6.)

6. The following image opens, select Next.










7. The following image opens, select Update










8. When the update completes select Next.










9. In the following window ensure "Targets" are ticked. Then select "Scan"










10. If an infection is found select the *"Cleanup Button"* to remove threats, Reboot if prompted. Wait while the system shuts down and the cleanup process is performed.










11. Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click *"Cleanup Button"* once more and repeat the process.
12. If no threats were found you will see the following image, Select *Exit*:










13. Verify that your system is now running normally, making sure that the following items are functional:


Internet access
 Windows Update
 Windows Firewall

14. If there are additional problems with your system, such as any of those listed above or *other system* issues, then run the *'fixdamage'* tool included within Malwarebytes Anti-Rootkit folder.










15. The following Window will open, Select *"Y"* from your Keyboard, tap Enter.










16. The fix will be applied, select any key to Exit.










15. Let me know how your system now responds. Copy and paste the two following logs from the *mbar* folder:

*System - log*
*Mbar - log* Date and time of scan will also be shown


----------



## jonny109 (Apr 1, 2010)

Thanks for all your help mark,

I followed the steps to restore the internet connection mark and unfortunately it still does not work meaning I cant run Malwarebytes rootkit because its needs to update from the internet. I clicked diagnose this connection and let it run and it came back saying "Troubleshooting couldn't identify the problem" Any ideas?? Is it coming to a time where I might need to think about reinstalling windows???

Oh and to add insult to injury 4 windows updates are now not installing. It gets to the point of configuring updates and produces a percentage completed note and then just shuts down then try's again twice and finally gives up and loads windows.


----------



## Mark1956 (May 7, 2011)

Do you have another PC and a Flash Drive you can use to transfer files from one PC to the other?

If you have then please run this scan and post the log.

Please download *Farbar Service Scanner* and save it to your desktop. Double click on the icon to run the program.


Put a check mark in all the boxes.
Press "*Scan*".
The results will be displayed when the scan completes, please Copy & Paste the entire log into your next reply. It will also save a log on the desktop in a text file.
Please copy and paste the log into your reply.

If not, then please run another scan with Combofix as that may fix the problem.

If that does not work try this:

Click on Start and type *cmd* into the search box.
A menu will pop up, right click on *cmd* at the top of the list and select *Run as Administrator*.
Then type this command at the prompt and click on the Enter key on your keyboard.

*netsh int ip reset resetlog.txt*

Wait for confirmation to appear and reboot the system.


----------



## jonny109 (Apr 1, 2010)

Here is the latest FSS log:
Farbar Service Scanner Version: 03-03-2013
Ran by Jonathan (administrator) on 14-04-2013 at 12:25:13
Running from "C:\Users\Jonathan\Desktop"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy: 
==================

System Restore:
============

System Restore Disabled Policy: 
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****


----------



## Mark1956 (May 7, 2011)

That scan shows your internet is connected, what is the present status?


----------



## jonny109 (Apr 1, 2010)

yea I noticed that myself when looking at the log. I still have no internet at this present time


----------



## Mark1956 (May 7, 2011)

That is strange, did you run the second part of post 22?

If that dos not work follow the Mbar instructions from No 14 and see if that can fix it.

Down in the right hand corner of your screen does the internet icon show if it is connected or not? We might be looking at a problem isolated to IE.


----------



## jonny109 (Apr 1, 2010)

I have run the second part of post 22- No change still cannot access the internet via IE

Ran Mbar no infections where found *it was able to update* so your theory about IE seems to be correct also ran the fixdamage and that still did not work. 

Yes in the right hand corner it clearly shows that I am connected to my local network and the internet.


----------



## Mark1956 (May 7, 2011)

Run the Fix it in this link: Internet Explorer Fix-It


----------



## jonny109 (Apr 1, 2010)

I ran it and unfortunately that still has not fixed IE


----------



## Mark1956 (May 7, 2011)

Ok, follow this to uninstall IE10 then let me know if IE9 works: How to uninsall IE10 from Windows 7


----------



## jonny109 (Apr 1, 2010)

Hi Mark, 

Well we finally seem to be making some progress now. The computer is so much faster after uninstalling IE10 and going back to IE9 but I cant help but notice that there is still something (maybe related to IE) that is slowing down the PC. When I was trying to run Steam it was very slow and also when I was on IE 9 the program was very buggy it was slowing down when I attempted to open new tabs or starting programs in the background. Finally after I reinstalled Firefox the computer would hang at time when I was watching videos on youtube and I would get a message at times from Shockwave Flash saying "Shockwave Flash may be busy or stoppped responding. You can stop now or continue to see if it will complete"


----------



## Mark1956 (May 7, 2011)

May be there is still something bad lurking in the system. Try to run Mbar again.


----------



## Mark1956 (May 7, 2011)

Please also run this quick scan and post the log:

Download Security Check by screen317 from Here or Here.
Save it to your Desktop.
Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.
A Notepad document should open automatically called checkup.txt; please Copy & Paste the contents of that document into your next reply.


----------



## jonny109 (Apr 1, 2010)

I have ran malwarebytes:

No threats found

I have ran malwarebytes Anti-rootkit:

No threats found

I have ran SecurityCheck:

Results of screen317's Security Check version 0.99.62 
Windows 7 Service Pack 1 x64 (UAC is enabled) 
Internet Explorer 9 
*``````````````Antivirus/Firewall Check:``````````````* 
Windows Firewall Enabled! 
AVG AntiVirus Free Edition 2013 
Antivirus up to date! 
*`````````Anti-malware/Other Utilities Check:`````````* 
Secunia PSI (3.0.0.2004) 
Malwarebytes Anti-Malware version 1.75.0.1300 
Java 7 Update 17 
Adobe Flash Player 11.6.602.180 
Adobe Reader XI 
Mozilla Firefox (20.0.1) 
*````````Process Check: objlist.exe by Laurent````````* 
AVG avgwdsvc.exe 
*`````````````````System Health check`````````````````* 
Total Fragmentation on Drive C: 6% 
*````````````````````End of Log``````````````````````*

I also ran Hitman pro:

It found a few suspisous, Babylon and 1 tracking cookie file(s):

Report is attached as an JPEG image


----------



## Mark1956 (May 7, 2011)

I think the Babylon items are most probably remnants, the suspicious items relate to PunkBuster which is legitimate.

Try re-installing Flash player and see if that helps:

Run this to remove it: Flash Player Uninstaller Then go to this link Adobe Downloads and select the latest version to download and install. Make sure you uncheck the boxes for any Add-ons.

If that doesn't fix the problem try running IE and Firefox with no Add-ons: How to run Firefox and Internet Explorer with no add-ons


----------



## jonny109 (Apr 1, 2010)

Hi mark, 

I was talking to a friend of mine who has good experience of computer and he suggested looking at the event viewer to see if there was any error. He was right there is so many errors. The error is atapi "The driver detected a controller error on \Device\Ide\IdePort1" so this must be the problem. Any ways to fix this?

Thanks


----------



## Mark1956 (May 7, 2011)

We often see those errors which can sometimes indicate a problem with the hard drive. The earlier logs showed those errors which is why I got you to run Seatools, which passed.

Please go back to post 2 and run the Disk Check again and post the log.

Please also run this:


Windows 7 System File Checker
Click on *Start* and type *cmd* in the search box. Right click on *cmd* in the popup menu and select *Run as Administrator*.
Another box will open, at the Command Prompt, type *sfc /scannow* and press Enter. (Note the gap between the c and the /) 
Let the check run to completion. *DO NOT* reboot the PC or close the *cmd* window.
Copy & Paste the following command at the Command Prompt and press Enter:

* findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt*


This will place a file on your desktop called *sfcdetails.txt* which contains the results of the scan.
Copy the file and Paste it into your next post.


----------



## jonny109 (Apr 1, 2010)

Hi Mark,

Sorry for the late reply I have been busy with uni work

Here is the log for Windows 7 System File Checker 
2013-04-28 11:42:34, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:42:34, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2013-04-28 11:42:36, Info CSI 0000000c [SR] Verify complete
2013-04-28 11:42:36, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:42:36, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2013-04-28 11:42:37, Info CSI 00000010 [SR] Verify complete
2013-04-28 11:42:38, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:42:38, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2013-04-28 11:42:39, Info CSI 00000014 [SR] Verify complete
2013-04-28 11:42:39, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:42:39, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2013-04-28 11:42:41, Info CSI 00000018 [SR] Verify complete
2013-04-28 11:42:41, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:42:41, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2013-04-28 11:42:44, Info CSI 0000001c [SR] Verify complete
2013-04-28 11:42:44, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:42:44, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2013-04-28 11:42:46, Info CSI 00000020 [SR] Verify complete
2013-04-28 11:42:46, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:42:46, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2013-04-28 11:42:48, Info CSI 00000024 [SR] Verify complete
2013-04-28 11:42:48, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:42:48, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2013-04-28 11:42:50, Info CSI 00000028 [SR] Verify complete
2013-04-28 11:42:50, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:42:50, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2013-04-28 11:42:52, Info CSI 0000002c [SR] Verify complete
2013-04-28 11:42:52, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:42:52, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2013-04-28 11:42:54, Info CSI 00000030 [SR] Verify complete
2013-04-28 11:42:54, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:42:54, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2013-04-28 11:42:56, Info CSI 00000034 [SR] Verify complete
2013-04-28 11:42:56, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:42:56, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
2013-04-28 11:42:57, Info CSI 00000038 [SR] Verify complete
2013-04-28 11:42:58, Info CSI 00000039 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:42:58, Info CSI 0000003a [SR] Beginning Verify and Repair transaction
2013-04-28 11:43:00, Info CSI 0000003d [SR] Verify complete
2013-04-28 11:43:01, Info CSI 0000003e [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:43:01, Info CSI 0000003f [SR] Beginning Verify and Repair transaction
2013-04-28 11:43:04, Info CSI 00000044 [SR] Verify complete
2013-04-28 11:43:04, Info CSI 00000045 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:43:04, Info CSI 00000046 [SR] Beginning Verify and Repair transaction
2013-04-28 11:43:07, Info CSI 00000049 [SR] Verify complete
2013-04-28 11:43:07, Info CSI 0000004a [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:43:07, Info CSI 0000004b [SR] Beginning Verify and Repair transaction
2013-04-28 11:43:09, Info CSI 0000004d [SR] Verify complete
2013-04-28 11:43:09, Info CSI 0000004e [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:43:09, Info CSI 0000004f [SR] Beginning Verify and Repair transaction
2013-04-28 11:43:12, Info CSI 00000056 [SR] Verify complete
2013-04-28 11:43:12, Info CSI 00000057 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:43:12, Info CSI 00000058 [SR] Beginning Verify and Repair transaction
2013-04-28 11:43:16, Info CSI 00000078 [SR] Verify complete
2013-04-28 11:43:16, Info CSI 00000079 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:43:16, Info CSI 0000007a [SR] Beginning Verify and Repair transaction
2013-04-28 11:43:20, Info CSI 0000007c [SR] Verify complete
2013-04-28 11:43:20, Info CSI 0000007d [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:43:20, Info CSI 0000007e [SR] Beginning Verify and Repair transaction
2013-04-28 11:43:23, Info CSI 00000080 [SR] Verify complete
2013-04-28 11:43:23, Info CSI 00000081 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:43:23, Info CSI 00000082 [SR] Beginning Verify and Repair transaction
2013-04-28 11:43:25, Info CSI 00000084 [SR] Verify complete
2013-04-28 11:43:26, Info CSI 00000085 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:43:26, Info CSI 00000086 [SR] Beginning Verify and Repair transaction
2013-04-28 11:43:29, Info CSI 00000088 [SR] Verify complete
2013-04-28 11:43:29, Info CSI 00000089 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:43:29, Info CSI 0000008a [SR] Beginning Verify and Repair transaction
2013-04-28 11:43:31, Info CSI 0000008c [SR] Verify complete
2013-04-28 11:43:31, Info CSI 0000008d [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:43:31, Info CSI 0000008e [SR] Beginning Verify and Repair transaction
2013-04-28 11:43:34, Info CSI 00000090 [SR] Verify complete
2013-04-28 11:43:35, Info CSI 00000091 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:43:35, Info CSI 00000092 [SR] Beginning Verify and Repair transaction
2013-04-28 11:43:41, Info CSI 000000b5 [SR] Verify complete
2013-04-28 11:43:41, Info CSI 000000b6 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:43:41, Info CSI 000000b7 [SR] Beginning Verify and Repair transaction
2013-04-28 11:43:45, Info CSI 000000b9 [SR] Verify complete
2013-04-28 11:43:46, Info CSI 000000ba [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:43:46, Info CSI 000000bb [SR] Beginning Verify and Repair transaction
2013-04-28 11:43:52, Info CSI 000000bd [SR] Verify complete
2013-04-28 11:43:53, Info CSI 000000be [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:43:53, Info CSI 000000bf [SR] Beginning Verify and Repair transaction
2013-04-28 11:43:58, Info CSI 000000c3 [SR] Verify complete
2013-04-28 11:43:58, Info CSI 000000c4 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:43:58, Info CSI 000000c5 [SR] Beginning Verify and Repair transaction
2013-04-28 11:43:59, Info  CSI 000000c7 [SR] Verify complete
2013-04-28 11:44:00, Info CSI 000000c8 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:00, Info CSI 000000c9 [SR] Beginning Verify and Repair transaction
2013-04-28 11:44:00, Info CSI 000000cb [SR] Verify complete
2013-04-28 11:44:01, Info CSI 000000cc [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:01, Info CSI 000000cd [SR] Beginning Verify and Repair transaction
2013-04-28 11:44:02, Info CSI 000000cf [SR] Verify complete
2013-04-28 11:44:02, Info CSI 000000d0 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:02, Info CSI 000000d1 [SR] Beginning Verify and Repair transaction
2013-04-28 11:44:07, Info CSI 000000e4 [SR] Verify complete
2013-04-28 11:44:07, Info CSI 000000e5 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:07, Info CSI 000000e6 [SR] Beginning Verify and Repair transaction
2013-04-28 11:44:08, Info CSI 000000e8 [SR] Verify complete
2013-04-28 11:44:08, Info CSI 000000e9 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:08, Info CSI 000000ea [SR] Beginning Verify and Repair transaction
2013-04-28 11:44:10, Info CSI 000000ec [SR] Verify complete
2013-04-28 11:44:11, Info CSI 000000ed [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:11, Info CSI 000000ee [SR] Beginning Verify and Repair transaction
2013-04-28 11:44:12, Info CSI 000000f0 [SR] Verify complete
2013-04-28 11:44:12, Info CSI 000000f1 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:12, Info CSI 000000f2 [SR] Beginning Verify and Repair transaction
2013-04-28 11:44:16, Info CSI 000000f5 [SR] Verify complete
2013-04-28 11:44:16, Info CSI 000000f6 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:16, Info CSI 000000f7 [SR] Beginning Verify and Repair transaction
2013-04-28 11:44:20, Info CSI 000000fa [SR] Verify complete
2013-04-28 11:44:21, Info CSI 000000fb [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:21, Info CSI 000000fc [SR] Beginning Verify and Repair transaction
2013-04-28 11:44:22, Info CSI 000000fe [SR] Verify complete
2013-04-28 11:44:22, Info CSI 000000ff [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:22, Info CSI 00000100 [SR] Beginning Verify and Repair transaction
2013-04-28 11:44:23, Info CSI 00000102 [SR] Verify complete
2013-04-28 11:44:23, Info CSI 00000103 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:23, Info CSI 00000104 [SR] Beginning Verify and Repair transaction
2013-04-28 11:44:26, Info CSI 00000106 [SR] Verify complete
2013-04-28 11:44:27, Info CSI 00000107 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:27, Info CSI 00000108 [SR] Beginning Verify and Repair transaction
2013-04-28 11:44:30, Info CSI 0000010a [SR] Verify complete
2013-04-28 11:44:30, Info CSI 0000010b [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:30, Info CSI 0000010c [SR] Beginning Verify and Repair transaction
2013-04-28 11:44:33, Info CSI 0000010e [SR] Verify complete
2013-04-28 11:44:33, Info CSI 0000010f [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:33, Info CSI 00000110 [SR] Beginning Verify and Repair transaction
2013-04-28 11:44:39, Info CSI 00000128 [SR] Verify complete
2013-04-28 11:44:39, Info CSI 00000129 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:39, Info CSI 0000012a [SR] Beginning Verify and Repair transaction
2013-04-28 11:44:42, Info CSI 0000012c [SR] Verify complete
2013-04-28 11:44:42, Info CSI 0000012d [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:42, Info CSI 0000012e [SR] Beginning Verify and Repair transaction
2013-04-28 11:44:50, Info CSI 00000130 [SR] Verify complete
2013-04-28 11:44:50, Info CSI 00000131 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:50, Info CSI 00000132 [SR] Beginning Verify and Repair transaction
2013-04-28 11:44:53, Info CSI 00000135 [SR] Verify complete
2013-04-28 11:44:54, Info CSI 00000136 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:54, Info CSI 00000137 [SR] Beginning Verify and Repair transaction
2013-04-28 11:44:58, Info CSI 00000139 [SR] Verify complete
2013-04-28 11:44:59, Info CSI 0000013a [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:44:59, Info CSI 0000013b [SR] Beginning Verify and Repair transaction
2013-04-28 11:45:02, Info CSI 0000013d [SR] Verify complete
2013-04-28 11:45:02, Info CSI 0000013e [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:45:02, Info CSI 0000013f [SR] Beginning Verify and Repair transaction
2013-04-28 11:45:05, Info CSI 00000141 [SR] Verify complete
2013-04-28 11:45:05, Info CSI 00000142 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:45:05, Info CSI 00000143 [SR] Beginning Verify and Repair transaction
2013-04-28 11:45:08, Info CSI 00000145 [SR] Verify complete
2013-04-28 11:45:09, Info CSI 00000146 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:45:09, Info CSI 00000147 [SR] Beginning Verify and Repair transaction
2013-04-28 11:45:11, Info CSI 0000014b [SR] Verify complete
2013-04-28 11:45:11, Info CSI 0000014c [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:45:11, Info CSI 0000014d [SR] Beginning Verify and Repair transaction
2013-04-28 11:45:14, Info CSI 0000014f [SR] Verify complete
2013-04-28 11:45:14, Info CSI 00000150 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:45:14, Info CSI 00000151 [SR] Beginning Verify and Repair transaction
2013-04-28 11:45:20, Info CSI 00000153 [SR] Verify complete
2013-04-28 11:45:21, Info CSI 00000154 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:45:21, Info CSI 00000155 [SR] Beginning Verify and Repair transaction
2013-04-28 11:45:24, Info CSI 00000158 [SR] Verify complete
2013-04-28 11:45:25, Info CSI 00000159 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:45:25, Info CSI 0000015a [SR] Beginning Verify and Repair transaction
2013-04-28 11:45:28, Info CSI 0000015d [SR] Verify complete
2013-04-28 11:45:28, Info  CSI 0000015e [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:45:28, Info CSI 0000015f [SR] Beginning Verify and Repair transaction
2013-04-28 11:45:31, Info CSI 00000161 [SR] Verify complete
2013-04-28 11:45:32, Info CSI 00000162 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:45:32, Info CSI 00000163 [SR] Beginning Verify and Repair transaction
2013-04-28 11:45:36, Info CSI 00000166 [SR] Verify complete
2013-04-28 11:45:36, Info CSI 00000167 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:45:36, Info CSI 00000168 [SR] Beginning Verify and Repair transaction
2013-04-28 11:45:39, Info CSI 0000016a [SR] Verify complete
2013-04-28 11:45:39, Info CSI 0000016b [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:45:39, Info CSI 0000016c [SR] Beginning Verify and Repair transaction
2013-04-28 11:45:42, Info CSI 0000016e [SR] Verify complete
2013-04-28 11:45:42, Info CSI 0000016f [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:45:42, Info CSI 00000170 [SR] Beginning Verify and Repair transaction
2013-04-28 11:45:44, Info CSI 00000172 [SR] Verify complete
2013-04-28 11:45:45, Info CSI 00000173 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:45:45, Info CSI 00000174 [SR] Beginning Verify and Repair transaction
2013-04-28 11:45:48, Info CSI 00000177 [SR] Verify complete
2013-04-28 11:45:49, Info CSI 00000178 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:45:49, Info CSI 00000179 [SR] Beginning Verify and Repair transaction
2013-04-28 11:45:51, Info CSI 0000017b [SR] Verify complete
2013-04-28 11:45:51, Info CSI 0000017c [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:45:51, Info CSI 0000017d [SR] Beginning Verify and Repair transaction
2013-04-28 11:45:53, Info CSI 0000017f [SR] Verify complete
2013-04-28 11:45:53, Info CSI 00000180 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:45:53, Info CSI 00000181 [SR] Beginning Verify and Repair transaction
2013-04-28 11:45:56, Info CSI 00000184 [SR] Verify complete
2013-04-28 11:45:56, Info CSI 00000185 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:45:56, Info CSI 00000186 [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:00, Info CSI 00000189 [SR] Verify complete
2013-04-28 11:46:00, Info CSI 0000018a [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:00, Info CSI 0000018b [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:02, Info CSI 0000018e [SR] Verify complete
2013-04-28 11:46:03, Info CSI 0000018f [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:03, Info CSI 00000190 [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:06, Info CSI 00000192 [SR] Verify complete
2013-04-28 11:46:07, Info CSI 00000193 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:07, Info CSI 00000194 [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:10, Info CSI 00000197 [SR] Verify complete
2013-04-28 11:46:10, Info CSI 00000198 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:10, Info CSI 00000199 [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:12, Info CSI 0000019b [SR] Verify complete
2013-04-28 11:46:12, Info CSI 0000019c [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:12, Info CSI 0000019d [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:13, Info CSI 0000019f [SR] Verify complete
2013-04-28 11:46:14, Info CSI 000001a0 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:14, Info CSI 000001a1 [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:16, Info CSI 000001a3 [SR] Verify complete
2013-04-28 11:46:16, Info CSI 000001a4 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:16, Info CSI 000001a5 [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:21, Info CSI 000001a7 [SR] Verify complete
2013-04-28 11:46:21, Info CSI 000001a8 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:21, Info CSI 000001a9 [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:24, Info CSI 000001ab [SR] Verify complete
2013-04-28 11:46:24, Info CSI 000001ac [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:24, Info CSI 000001ad [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:26, Info CSI 000001af [SR] Verify complete
2013-04-28 11:46:26, Info CSI 000001b0 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:26, Info CSI 000001b1 [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:29, Info CSI 000001b3 [SR] Verify complete
2013-04-28 11:46:29, Info CSI 000001b4 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:29, Info CSI 000001b5 [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:37, Info CSI 000001b7 [SR] Verify complete
2013-04-28 11:46:37, Info CSI 000001b8 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:37, Info CSI 000001b9 [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:46, Info CSI 000001bb [SR] Verify complete
2013-04-28 11:46:46, Info CSI 000001bc [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:46, Info CSI 000001bd [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:49, Info CSI 000001bf [SR] Verify complete
2013-04-28 11:46:49, Info CSI 000001c0 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:49, Info CSI 000001c1 [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:51, Info CSI 000001c3 [SR] Verify complete
2013-04-28 11:46:51, Info CSI 000001c4 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:51, Info CSI 000001c5 [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:53, Info CSI 000001c7 [SR] Verify complete
2013-04-28 11:46:53, Info CSI 000001c8 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:53, Info CSI 000001c9 [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:55, Info CSI 000001cb [SR] Verify complete
2013-04-28 11:46:55, Info CSI 000001cc [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:55, Info CSI 000001cd [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:58, Info CSI 000001cf [SR] Verify complete
2013-04-28 11:46:58, Info CSI 000001d0 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:58, Info CSI 000001d1 [SR] Beginning Verify and Repair transaction
2013-04-28 11:46:59, Info CSI 000001d3 [SR] Verify complete
2013-04-28 11:46:59, Info CSI 000001d4 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:46:59, Info CSI 000001d5 [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:00, Info CSI 000001d7 [SR] Verify complete
2013-04-28 11:47:01, Info CSI 000001d8 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:01, Info CSI 000001d9 [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:04, Info CSI 000001e1 [SR] Verify complete
2013-04-28 11:47:04, Info CSI 000001e2 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:04, Info CSI 000001e3 [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:06, Info CSI 000001e5 [SR] Verify complete
2013-04-28 11:47:06, Info CSI 000001e6 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:06, Info CSI 000001e7 [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:08, Info CSI 000001e9 [SR] Verify complete
2013-04-28 11:47:08, Info CSI 000001ea [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:08, Info CSI 000001eb [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:10, Info CSI 000001ed [SR] Verify complete
2013-04-28 11:47:11, Info CSI 000001ee [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:11, Info CSI 000001ef [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:13, Info CSI 000001f1 [SR] Verify complete
2013-04-28 11:47:13, Info CSI 000001f2 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:13, Info CSI 000001f3 [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:16, Info CSI 000001f6 [SR] Verify complete
2013-04-28 11:47:16, Info CSI 000001f7 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:16, Info CSI 000001f8 [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:18, Info CSI 000001fa [SR] Verify complete
2013-04-28 11:47:18, Info CSI 000001fb [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:18, Info CSI 000001fc [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:19, Info CSI 000001fe [SR] Verify complete
2013-04-28 11:47:19, Info CSI 000001ff [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:19, Info CSI 00000200 [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:23, Info CSI 00000203 [SR] Verify complete
2013-04-28 11:47:23, Info CSI 00000204 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:23, Info CSI 00000205 [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:29, Info CSI 00000209 [SR] Verify complete
2013-04-28 11:47:29, Info CSI 0000020a [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:29, Info CSI 0000020b [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:32, Info CSI 00000210 [SR] Verify complete
2013-04-28 11:47:32, Info CSI 00000211 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:32, Info CSI 00000212 [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:35, Info CSI 0000021a [SR] Verify complete
2013-04-28 11:47:35, Info CSI 0000021b [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:35, Info CSI 0000021c [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:39, Info CSI 00000223 [SR] Verify complete
2013-04-28 11:47:39, Info CSI 00000224 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:39, Info CSI 00000225 [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:43, Info CSI 0000022a [SR] Verify complete
2013-04-28 11:47:43, Info CSI 0000022b [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:43, Info CSI 0000022c [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:46, Info CSI 0000022e [SR] Verify complete
2013-04-28 11:47:46, Info CSI 0000022f [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:46, Info CSI 00000230 [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:49, Info CSI 00000234 [SR] Verify complete
2013-04-28 11:47:49, Info CSI 00000235 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:49, Info CSI 00000236 [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:52, Info CSI 00000250 [SR] Verify complete
2013-04-28 11:47:53, Info CSI 00000251 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:53, Info CSI 00000252 [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:56, Info CSI 0000025f [SR] Verify complete
2013-04-28 11:47:56, Info CSI 00000260 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:56, Info CSI 00000261 [SR] Beginning Verify and Repair transaction
2013-04-28 11:47:59, Info CSI 00000263 [SR] Verify complete
2013-04-28 11:47:59, Info CSI 00000264 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:47:59, Info CSI 00000265 [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:03, Info CSI 00000267 [SR] Verify complete
2013-04-28 11:48:03, Info CSI 00000268 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:03, Info CSI 00000269 [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:06, Info CSI 0000026b [SR] Verify complete
2013-04-28 11:48:06, Info CSI 0000026c [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:06, Info CSI 0000026d [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:10, Info CSI 0000027b [SR] Verify complete
2013-04-28 11:48:10, Info CSI 0000027c [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:10, Info CSI 0000027d [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:16, Info CSI 0000027f [SR] Verify complete
2013-04-28 11:48:16, Info CSI 00000280 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:16, Info CSI 00000281 [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:19, Info CSI 0000028f [SR] Verify complete
2013-04-28 11:48:20, Info CSI 00000290 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:20, Info CSI 00000291 [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:21, Info CSI 00000293 [SR] Verify complete
2013-04-28 11:48:21, Info CSI 00000294 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:21, Info CSI 00000295 [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:25, Info CSI 00000298 [SR] Verify complete
2013-04-28 11:48:25, Info CSI 00000299 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:25, Info CSI 0000029a [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:26, Info CSI 0000029c [SR] Verify complete
2013-04-28 11:48:26, Info CSI 0000029d [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:26, Info CSI 0000029e [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:27, Info CSI 000002a0 [SR] Verify complete
2013-04-28 11:48:27, Info CSI 000002a1 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:27, Info CSI 000002a2 [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:31, Info CSI 000002a4 [SR] Verify complete
2013-04-28 11:48:31, Info CSI 000002a5 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:31, Info CSI 000002a6 [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:33, Info CSI 000002a8 [SR] Verify complete
2013-04-28 11:48:33, Info CSI 000002a9 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:33, Info CSI 000002aa [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:37, Info CSI 000002c4 [SR] Verify complete
2013-04-28 11:48:37, Info CSI 000002c5 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:37, Info CSI 000002c6 [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:39, Info CSI 000002c8 [SR] Verify complete
2013-04-28 11:48:39, Info CSI 000002c9 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:39, Info CSI 000002ca [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:47, Info  CSI 000002cc [SR] Verify complete
2013-04-28 11:48:47, Info CSI 000002cd [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:47, Info CSI 000002ce [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:50, Info CSI 000002d0 [SR] Verify complete
2013-04-28 11:48:50, Info CSI 000002d1 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:50, Info CSI 000002d2 [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:52, Info CSI 000002d6 [SR] Verify complete
2013-04-28 11:48:52, Info CSI 000002d7 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:52, Info CSI 000002d8 [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:53, Info CSI 000002da [SR] Verify complete
2013-04-28 11:48:53, Info CSI 000002db [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:53, Info CSI 000002dc [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:56, Info CSI 000002de [SR] Verify complete
2013-04-28 11:48:56, Info CSI 000002df [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:56, Info CSI 000002e0 [SR] Beginning Verify and Repair transaction
2013-04-28 11:48:57, Info CSI 000002e2 [SR] Verify complete
2013-04-28 11:48:57, Info CSI 000002e3 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:48:57, Info CSI 000002e4 [SR] Beginning Verify and Repair transaction
2013-04-28 11:49:00, Info CSI 000002e7 [SR] Verify complete
2013-04-28 11:49:00, Info CSI 000002e8 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:49:00, Info CSI 000002e9 [SR] Beginning Verify and Repair transaction
2013-04-28 11:49:01, Info CSI 000002eb [SR] Verify complete
2013-04-28 11:49:01, Info CSI 000002ec [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:49:01, Info CSI 000002ed [SR] Beginning Verify and Repair transaction
2013-04-28 11:49:03, Info CSI 000002ef [SR] Verify complete
2013-04-28 11:49:03, Info CSI 000002f0 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:49:03, Info CSI 000002f1 [SR] Beginning Verify and Repair transaction
2013-04-28 11:49:06, Info CSI 000002f3 [SR] Verify complete
2013-04-28 11:49:06, Info CSI 000002f4 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:49:06, Info CSI 000002f5 [SR] Beginning Verify and Repair transaction
2013-04-28 11:49:10, Info CSI 000002f8 [SR] Verify complete
2013-04-28 11:49:10, Info CSI 000002f9 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:49:10, Info CSI 000002fa [SR] Beginning Verify and Repair transaction
2013-04-28 11:49:12, Info CSI 000002fc [SR] Verify complete
2013-04-28 11:49:12, Info CSI 000002fd [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:49:12, Info CSI 000002fe [SR] Beginning Verify and Repair transaction
2013-04-28 11:49:16, Info CSI 00000300 [SR] Verify complete
2013-04-28 11:49:16, Info CSI 00000301 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:49:16, Info CSI 00000302 [SR] Beginning Verify and Repair transaction
2013-04-28 11:49:18, Info CSI 00000304 [SR] Verify complete
2013-04-28 11:49:18, Info CSI 00000305 [SR] Verifying 100 (0x0000000000000064) components
2013-04-28 11:49:18, Info CSI 00000306 [SR] Beginning Verify and Repair transaction
2013-04-28 11:49:21, Info CSI 00000308 [SR] Verify complete
2013-04-28 11:49:21, Info CSI 00000309 [SR] Verifying 37 (0x0000000000000025) components
2013-04-28 11:49:21, Info CSI 0000030a [SR] Beginning Verify and Repair transaction
2013-04-28 11:49:22, Info CSI 0000030c [SR] Verify complete
2013-04-28 11:49:22, Info CSI 0000030d [SR] Repairing 0 components
2013-04-28 11:49:22, Info CSI 0000030e [SR] Beginning Verify and Repair transaction
2013-04-28 11:49:22, Info CSI 00000310 [SR] Repair complete

*Here is the log for the Disk Check:

*

Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.

CHKDSK is verifying files (stage 1 of 5)...
294656 file records processed. File verification completed.
364 large file records processed. 0 bad file records processed. 2 EA records processed. 44 reparse records processed. CHKDSK is verifying indexes (stage 2 of 5)...
359982 index entries processed. Index verification completed.
0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 5)...
294656 file SDs/SIDs processed. Cleaning up 420 unused index entries from index $SII of file 0x9.
Cleaning up 420 unused index entries from index $SDH of file 0x9.
Cleaning up 420 unused security descriptors.
Security descriptor verification completed.
32664 data files processed. CHKDSK is verifying Usn Journal...
36885544 USN bytes processed. Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
294640 files processed. File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
75583407 free clusters processed. Free space verification is complete.
Windows has checked the file system and found no problems.

488282111 KB total disk space.
185391644 KB in 249817 files.
140864 KB in 32665 indexes.
0 KB in bad sectors.
415971 KB in use by the system.
65536 KB occupied by the log file.
302333632 KB available on disk.

4096 bytes in each allocation unit.
122070527 total allocation units on disk.
75583408 allocation units available on disk.

Internal Info:
00 7f 04 00 7a 4f 04 00 59 fc 07 00 00 00 00 00 ....zO..Y.......
ee 89 00 00 2c 00 00 00 00 00 00 00 00 00 00 00 ....,...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

Windows has finished checking your disk.
Please wait while your computer restarts.

Thanks 
Jonny


----------



## Mark1956 (May 7, 2011)

Ok, both the scans have come up clean, are the issues you mentioned in post 31 still persisting?


----------



## jonny109 (Apr 1, 2010)

Yea there is still something not right because windows takes a long time to start up which it normally does not and there is nothing in start up that would cause it to be slow. Also when I try to run more than one application the computer does hang from between a few seconds to a few minutes. Any ideas??


----------



## Mark1956 (May 7, 2011)

Ok, run Minitoolbox again, but this time only check the boxes for the items below before running it's scan, then post the results.

List last 10 Event Viewer Errors
List Devices Check options for *Only Problems*


----------



## jonny109 (Apr 1, 2010)

Here you go:

MiniToolBox by Farbar Version:21-04-2013
Ran by Jonathan (administrator) on 28-04-2013 at 12:44:08
Running from "C:\Users\Jonathan\Desktop"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/28/2013 11:24:44 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/27/2013 10:43:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/27/2013 08:38:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2013 03:59:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2013 01:48:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2013 11:32:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2013 08:32:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2013 06:13:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/20/2013 08:09:34 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2013 07:56:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/28/2013 00:19:16 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053

Error: (04/28/2013 00:19:16 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (04/28/2013 00:09:14 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5

Error: (04/27/2013 10:42:13 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5

Error: (04/27/2013 08:42:04 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.

Error: (04/27/2013 08:41:27 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5

Error: (04/21/2013 05:59:07 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5

Error: (04/21/2013 02:19:55 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5

Error: (04/21/2013 00:49:42 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5

Error: (04/20/2013 11:28:10 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-04-12 21:45:09.582
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-12 21:45:09.560
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


========================= Devices: ================================

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: High Definition Audio Device
Description: High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


**** End of log ****


----------



## Mark1956 (May 7, 2011)

We talked about the High Definition Audio device back in post 13 & 14 which I assumed you had installed the driver for, but it is still showing as missing. And looking back to those posts you did not confirm if you had installed all the Motherboard chipset drivers.

Please also tell me if you are using a PS2 keyboard and mouse.

Meanwhile, we need to remove the tools used, please follow these instructions.

To re-enable your CD Emulation drivers if you disabled them, double click *DeFogger.exe* to run the tool again.


The application window will appear.
Click the *Re-enable* button to re-enable your CD Emulation drivers.
Click *Yes* to continue.
A *'Finished!*' message will appear.
Click *OK*.
DeFogger will now ask to reboot the machine...click *OK*.

To uninstall ComboFix, press the *WINKEY + R* keys on your keyboard or click on Start







and type *Run* into the search box and hit *Enter*.
In the *Run* box type: *ComboFix /Uninstall* (Be sure to leave a space before the forward slash).











Click on *OK*.
If you encounter any problems using the switch from the Run dialog box, just rename ComboFix.exe to *Uninstall.exe*, then double-click on it to remove.
This will delete ComboFix's related folders/files, reset the clock settings, hide file extensions/system files, clear the System Restore cache to prevent possible reinfection and *create a new Restore point.*
When it has finished you will see a dialog box stating that _"ComboFix has been uninstalled". _
After that, you can delete the ComboFix.exe program from your computer (Desktop).

*Next*


Download *OTC* by OldTimer and save it to your *desktop.*
Double click







icon to start the program. 
If you are using Vista or Windows 7, please right-click and choose *Run as Administrator*
Then Click the big







button.
You will get a prompt saying "_Begin Cleanup Process_". Please select *Yes*.
Restart your computer when prompted.

-- Doing this will *remove* any specialized tools downloaded and used. If OTC does not delete itself, then delete the file manually when done.
-- Any leftover folders/files related to ComboFix or other tools which OTC did not remove can be deleted manually (right-click on it and choose delete).

*Please post back when this is complete and let me know if you have had any problems.*


----------



## jonny109 (Apr 1, 2010)

I have now installed the High Definition Audio device and all the Motherboard chipset drivers. I am not using a PS2 keyboard and mouse, I am using USB do I need to add the PS2 drivers or can I leave them out?? Also I uninstalled ComboFix and ran OTC. 

Just to let you know I am still getting atapi Event ID 11 and I am getting around 1,000 of these error every time I am using the computer. Only other thing I can think of doing is replacing the SATA cable for the HDD. Any other ideas??

Thanks 
Jonny


----------



## Mark1956 (May 7, 2011)

I'd suggest running an online scan just to be sure there are no other infections on the system and if that comes up clean to try a repair install.

*Eset online scan instructions.*
*IMPORTANT --->* Please make sure you follow the instruction to *uncheck* the box next to *Remove found threats*. Eset will detect anything that looks even remotely suspicious, this can include legitimate program files. If you do not uncheck the box, as instructed, Eset will automatically remove all suspect files which could leave some of your software inoperative. If you make a mistake these files can be restored from quarantine, but it would be preferable not to add any extra work to the clean up of your system.


Disable your existing Anti Virus following these instructions.
Please go here to use the Eset Online Scanner.
When the web page opens click on this button 








If you are not using *Internet Explorer* you will see a message box open asking you to to download the *ESET Smart Installer*, click on the link and allow it to download and then run it. Accept the *Terms of use* and click on *Start*. The required components will download.
If using Internet Explorer the *Terms of use* box will open immediately, accept it and click on *Start*.
After the download is complete the *Computer scan settings* window will open, *IMPORTANT ---->* *uncheck* the box next to *Remove found threats* and click on *Start*. The virus signature database will then download which may take some time depending on the speed of your internet connection. The scan will automatically start when the download is complete.
This is a very thorough scan and may take several hours to complete depending on how much data you have on your hard drive. *Do not* interrupt it, be patient and let it finish.
A Scan Results window will appear at the end of the scan. If it lists any number of Infected Files click on List of found threats. Click on Copy to clipboard, come back to this thread and right click on the message box. Select *Paste* and the report will appear, add any comments you have and post the reply.
Back on the *Eset* window, click the *Back* button and then click on *Finish*.

=============================================================

Only if the scan above comes back clean continue with this:

Windows 7 Repair Install

If you do not have a Windows 7 DVD please go here: Windows 7 ISO downloads and download the version of Windows 7 that matches what you have on your PC.

If you have dowloaded the ISO on a Windows 7 PC right click the ISO file, select *Open With*, then select* Windows Disc Image Burning Tool* then follow the prompts.

For PC's using other versions of Windows you must burn the ISO image to a DVD using an ISO image burner, copying the ISO to a DVD will not work, if you do not have an ISO burner download this free software and follow the instructions below to burn the disc.ImgBurn

Install the program and start the application. Select the top left hand option to burn image file to disk and then on the next window click on the small yellow folder icon and browse to the ISO file you wish to burn. Then click on the two grey discs with the arrow in between (bottom left) and leave it to complete the operation.


----------



## jonny109 (Apr 1, 2010)

Hi mark, 

Well after running the ESEt scanner which found nothing I reinstalled windows and it worked!! all errors have gone and the computer is back up to normal sped with no hangs or lags. Just want to say thanks for all your help


----------



## Mark1956 (May 7, 2011)

You're most welcome.


----------

