Inactive Computer appears to shut down within 30-60sec of use

R

Ruhbbb

Posts: 7   +0
Alright so, I had just recently bought a pretty expensive computer(6 months ago). It is around 1000$ asus. And about a week ago I decided to leave my computer on while I go write an exam. It was on for about 5-6 hours( went into sleepmode) when I got home and called my friends on skype ,1-2 mins into the call, my screen goes black and I can still hear them for about 10 seconds, and then my computer sounds like a broken record( only from speakers, not from the actually computer). I then preformed a system restore to around november 30th, same problem occurs, get 30-60secs of use, screen goes black and computer restarts.I then preformed a full reinstallation of Windows 8, and I am still getting the same problem. I then check my task manager to see what is going on, and I see Service Host : Local System some with different things following them in brackets I cant remember what it said exactly in the brackets, something about networks. And this Service host process goes up to around (16). I did a google search on this many have this problem where this service host eats their CPU or Memory, this is not the case for me it will hover around 15-20% at most. I cant even use my computer to try and fix this problem as I only have about a minute of use. Please Help!

edit:I found a post about a similar problem on here from about a year ago, a user by the name of Broni helped fix the issue, BRONI WHERE ARE YOU <3
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

====================================

NOTE 1. Use another working computer to download following tool.
NOTE 2. Install Panda USB Vaccine, or BitDefender’s USB Immunizer on GOOD computer to protect it from any infected USB device.

For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

If you are using Vista or Windows 7 enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-12-2013 01
Ran by SYSTEM on MININT-7KIJ7E1 on 13-12-2013 07:41:50
Running from E:\
Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe [213856 2012-07-25] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Titanium] - C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe [1374864 2012-07-25] (Trend Micro Inc.)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-30] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [ASUS Ai Charger] - C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\aprp.exe [3187360 2013-01-14] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\CyberLink\Shared files\brs.exe [78352 2012-05-22] (cyberlink)

==================== Services (Whitelisted) =================

S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
S2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-16] (ASUSTeK Computer Inc.)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-05-23] (CyberLink)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-25] (Microsoft Corporation)
S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [x]

==================== Drivers (Whitelisted) ====================

S3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
S1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-02] ()
S3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )
S1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [106000 2012-07-12] (Trend Micro Inc.)
S0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [173504 2012-07-12] (Trend Micro Inc.)
S0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [46392 2012-08-23] (Trend Micro Inc.)
S3 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [98104 2012-08-24] (Trend Micro Inc.)
S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [33176 2012-07-27] (trend_company_name)
S1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [76672 2012-07-12] (Trend Micro Inc.)
S2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [77112 2012-09-10] (Trend Micro Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-13 07:41 - 2013-12-13 07:41 - 00000000 ____D C:\FRST
2013-12-13 07:35 - 2013-12-13 07:35 - 00297960 _____ C:\Windows\Minidump\121313-12890-01.dmp
2013-12-13 07:18 - 2013-12-13 07:18 - 00000000 ____H C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-12-12 20:17 - 2013-12-13 07:35 - 00000000 ____D C:\Windows\Minidump
2013-12-12 20:17 - 2013-12-12 20:17 - 00310968 _____ C:\Windows\Minidump\121213-14671-01.dmp
2013-12-12 20:12 - 2013-12-13 07:35 - 762279270 _____ C:\Windows\MEMORY.DMP
2013-12-12 19:58 - 2013-12-12 19:58 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1404446066-3111398394-3725099620-1001
2013-12-12 19:58 - 2013-12-12 19:58 - 00001613 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2013-12-12 19:58 - 2013-12-12 19:58 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-12-12 19:58 - 2013-12-12 19:58 - 00000000 ____D C:\Riot Games
2013-12-12 19:58 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-12-12 19:58 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2013-12-12 19:58 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-12-12 19:58 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-12-12 19:58 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-12-12 19:57 - 2013-12-12 19:57 - 00000000 _____ C:\Windows\SysWOW64\Drivers\1043_ASUSTeK_CM6870.alu
2013-12-12 19:56 - 2013-12-12 20:11 - 00000000 ____D C:\Users\Robert\AppData\Local\PMB Files
2013-12-12 19:56 - 2013-12-12 19:56 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Riot Games
2013-12-12 19:56 - 2013-12-12 19:56 - 00000000 ____D C:\ProgramData\PMB Files
2013-12-12 19:56 - 2013-12-12 19:56 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-12-12 19:55 - 2013-12-12 19:56 - 32229024 _____ (Riot Games) C:\Users\Robert\Downloads\LeagueofLegends_NA_Installer_05_07_13.exe
2013-12-12 19:55 - 2013-12-12 19:55 - 00000000 ____D C:\Program Files\ASUS
2013-12-12 19:54 - 2013-12-13 07:40 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-12 19:54 - 2013-12-12 20:01 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-12 19:54 - 2013-12-12 19:54 - 08373576 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-12 19:54 - 2013-12-12 19:54 - 00003884 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-12 19:54 - 2013-12-12 19:54 - 00003648 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-12 19:54 - 2013-12-12 19:54 - 00002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-12 19:54 - 2013-12-12 19:54 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Intel Corporation
2013-12-12 19:54 - 2013-12-12 19:54 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-12 19:53 - 2013-12-12 19:54 - 00000000 ____D C:\Users\Robert\AppData\Local\Google
2013-12-12 19:53 - 2013-12-12 19:53 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Macromedia
2013-12-12 19:53 - 2013-12-12 19:53 - 00000000 ____D C:\Users\Robert\AppData\Local\Deployment
2013-12-12 19:53 - 2013-12-12 19:53 - 00000000 ____D C:\Users\Robert\AppData\Local\Apps\2.0
2013-12-12 19:32 - 2013-12-12 19:32 - 00001452 _____ C:\Users\Robert\Desktop\Trend Micro Titanium Internet Security.lnk
2013-12-12 19:32 - 2013-12-12 19:32 - 00000000 ____D C:\Users\Robert\AppData\Roaming\ASUS WebStorage
2013-12-12 19:32 - 2013-12-12 19:32 - 00000000 ____D C:\ProgramData\CyberLink
2013-12-12 19:31 - 2013-12-12 19:31 - 00000020 ___SH C:\Users\Robert\ntuser.ini
2013-12-12 19:31 - 2013-12-12 19:31 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-12 19:31 - 2013-12-12 19:31 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Adobe
2013-12-12 19:31 - 2013-12-12 19:31 - 00000000 ____D C:\Users\Robert\AppData\Local\VirtualStore
2013-12-12 19:31 - 2013-12-12 19:31 - 00000000 ____D C:\Users\Robert\AppData\Local\Packages
2013-12-12 19:31 - 2013-12-12 19:31 - 00000000 ____D C:\users\Robert
2013-12-05 19:29 - 2013-12-05 19:29 - 00000000 _____ C:\Recovery.txt

==================== One Month Modified Files and Folders =======

2013-12-13 07:41 - 2013-12-13 07:41 - 00000000 ____D C:\FRST
2013-12-13 07:40 - 2013-12-12 19:54 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-13 07:40 - 2013-02-23 03:31 - 01815202 _____ C:\Windows\WindowsUpdate.log
2013-12-13 07:40 - 2012-07-25 23:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-13 07:35 - 2013-12-13 07:35 - 00297960 _____ C:\Windows\Minidump\121313-12890-01.dmp
2013-12-13 07:35 - 2013-12-12 20:17 - 00000000 ____D C:\Windows\Minidump
2013-12-13 07:35 - 2013-12-12 20:12 - 762279270 _____ C:\Windows\MEMORY.DMP
2013-12-13 07:25 - 2013-01-14 18:32 - 00801000 _____ C:\Windows\System32\perfh00A.dat
2013-12-13 07:25 - 2013-01-14 18:32 - 00166710 _____ C:\Windows\System32\perfc00A.dat
2013-12-13 07:25 - 2013-01-14 18:25 - 00789748 _____ C:\Windows\System32\prfh0816.dat
2013-12-13 07:25 - 2013-01-14 18:25 - 00164330 _____ C:\Windows\System32\prfc0816.dat
2013-12-13 07:25 - 2013-01-14 18:20 - 00435896 _____ C:\Windows\System32\prfh0804.dat
2013-12-13 07:25 - 2013-01-14 18:20 - 00136908 _____ C:\Windows\System32\prfc0804.dat
2013-12-13 07:25 - 2013-01-14 18:15 - 00798604 _____ C:\Windows\System32\perfh013.dat
2013-12-13 07:25 - 2013-01-14 18:15 - 00162942 _____ C:\Windows\System32\perfc013.dat
2013-12-13 07:25 - 2013-01-14 18:09 - 00794030 _____ C:\Windows\System32\perfh010.dat
2013-12-13 07:25 - 2013-01-14 18:09 - 00156964 _____ C:\Windows\System32\perfc010.dat
2013-12-13 07:25 - 2013-01-14 18:04 - 00803076 _____ C:\Windows\System32\perfh00C.dat
2013-12-13 07:25 - 2013-01-14 18:04 - 00159440 _____ C:\Windows\System32\perfc00C.dat
2013-12-13 07:25 - 2013-01-14 17:58 - 00554846 _____ C:\Windows\System32\perfh008.dat
2013-12-13 07:25 - 2013-01-14 17:58 - 00093214 _____ C:\Windows\System32\perfc008.dat
2013-12-13 07:25 - 2013-01-14 17:54 - 00754854 _____ C:\Windows\System32\perfh007.dat
2013-12-13 07:25 - 2013-01-14 17:54 - 00159716 _____ C:\Windows\System32\perfc007.dat
2013-12-13 07:25 - 2013-01-14 17:49 - 00450216 _____ C:\Windows\System32\prfh0404.dat
2013-12-13 07:25 - 2013-01-14 17:49 - 00136908 _____ C:\Windows\System32\prfc0404.dat
2013-12-13 07:25 - 2012-07-25 23:28 - 08223984 _____ C:\Windows\System32\PerfStringBackup.INI
2013-12-13 07:18 - 2013-12-13 07:18 - 00000000 ____H C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-12-13 07:18 - 2012-07-25 23:21 - 00020550 _____ C:\Windows\setupact.log
2013-12-12 20:17 - 2013-12-12 20:17 - 00310968 _____ C:\Windows\Minidump\121213-14671-01.dmp
2013-12-12 20:11 - 2013-12-12 19:56 - 00000000 ____D C:\Users\Robert\AppData\Local\PMB Files
2013-12-12 20:09 - 2012-07-25 21:26 - 00262144 ___SH C:\Windows\System32\config\ELAM
2013-12-12 20:06 - 2013-01-14 19:07 - 00002810 _____ C:\Windows\PFRO.log
2013-12-12 20:01 - 2013-12-12 19:54 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-12 19:59 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\LiveKernelReports
2013-12-12 19:58 - 2013-12-12 19:58 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1404446066-3111398394-3725099620-1001
2013-12-12 19:58 - 2013-12-12 19:58 - 00001613 _____ C:\Users\Public\Desktop\Play League of Legends.lnk
2013-12-12 19:58 - 2013-12-12 19:58 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-12-12 19:58 - 2013-12-12 19:58 - 00000000 ____D C:\Riot Games
2013-12-12 19:57 - 2013-12-12 19:57 - 00000000 _____ C:\Windows\SysWOW64\Drivers\1043_ASUSTeK_CM6870.alu
2013-12-12 19:56 - 2013-12-12 19:56 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Riot Games
2013-12-12 19:56 - 2013-12-12 19:56 - 00000000 ____D C:\ProgramData\PMB Files
2013-12-12 19:56 - 2013-12-12 19:56 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-12-12 19:56 - 2013-12-12 19:55 - 32229024 _____ (Riot Games) C:\Users\Robert\Downloads\LeagueofLegends_NA_Installer_05_07_13.exe
2013-12-12 19:55 - 2013-12-12 19:55 - 00000000 ____D C:\Program Files\ASUS
2013-12-12 19:54 - 2013-12-12 19:54 - 08373576 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-12 19:54 - 2013-12-12 19:54 - 00003884 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-12 19:54 - 2013-12-12 19:54 - 00003648 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-12 19:54 - 2013-12-12 19:54 - 00002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-12 19:54 - 2013-12-12 19:54 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Intel Corporation
2013-12-12 19:54 - 2013-12-12 19:54 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-12 19:54 - 2013-12-12 19:53 - 00000000 ____D C:\Users\Robert\AppData\Local\Google
2013-12-12 19:53 - 2013-12-12 19:53 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Macromedia
2013-12-12 19:53 - 2013-12-12 19:53 - 00000000 ____D C:\Users\Robert\AppData\Local\Deployment
2013-12-12 19:53 - 2013-12-12 19:53 - 00000000 ____D C:\Users\Robert\AppData\Local\Apps\2.0
2013-12-12 19:33 - 2013-01-14 19:07 - 00353320 _____ C:\Windows\System32\FNTCACHE.DAT
2013-12-12 19:33 - 2012-07-25 21:26 - 00262144 ___SH C:\Windows\System32\config\BBI
2013-12-12 19:32 - 2013-12-12 19:32 - 00001452 _____ C:\Users\Robert\Desktop\Trend Micro Titanium Internet Security.lnk
2013-12-12 19:32 - 2013-12-12 19:32 - 00000000 ____D C:\Users\Robert\AppData\Roaming\ASUS WebStorage
2013-12-12 19:32 - 2013-12-12 19:32 - 00000000 ____D C:\ProgramData\CyberLink
2013-12-12 19:31 - 2013-12-12 19:31 - 00000020 ___SH C:\Users\Robert\ntuser.ini
2013-12-12 19:31 - 2013-12-12 19:31 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-12 19:31 - 2013-12-12 19:31 - 00000000 ____D C:\Users\Robert\AppData\Roaming\Adobe
2013-12-12 19:31 - 2013-12-12 19:31 - 00000000 ____D C:\Users\Robert\AppData\Local\VirtualStore
2013-12-12 19:31 - 2013-12-12 19:31 - 00000000 ____D C:\Users\Robert\AppData\Local\Packages
2013-12-12 19:31 - 2013-12-12 19:31 - 00000000 ____D C:\users\Robert
2013-12-12 19:31 - 2013-01-14 19:06 - 00000000 ____D C:\Windows\Panther
2013-12-12 19:31 - 2013-01-14 17:40 - 00000000 ____D C:\Windows\SysWOW64\OEM
2013-12-12 19:31 - 2012-07-26 00:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-12-12 19:31 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\WinStore
2013-12-12 19:28 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\rescache
2013-12-05 19:29 - 2013-12-05 19:29 - 00000000 _____ C:\Recovery.txt
2013-12-05 19:29 - 2012-07-26 00:13 - 00262144 _____ C:\Windows\System32\config\BCD-Template
2013-12-05 19:29 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\System32\Recovery

Some content of TEMP:
====================
C:\Users\Robert\AppData\Local\Temp\swt-win32-3349.dll


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

1
Restore point made on: 2013-12-12 19:56:59

==================== Memory info ===========================

Percentage of memory in use: 7%
Total physical RAM: 16334.43 MB
Available physical RAM: 15162.5 MB
Total Pagefile: 16334.43 MB
Available Pagefile: 15168.43 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:150 GB) (Free:93.45 GB) NTFS
Drive d: (Data) (Fixed) (Total:1695.86 GB) (Free:1695.63 GB) NTFS
Drive e: (VANDERHOOF) (Removable) (Total:1.95 GB) (Free:1.95 GB) FAT
Drive j: (070519_2239) (CDROM) (Total:0.12 GB) (Free:0 GB) CDFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 0D1AEC8F)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=2 GB) - (Type=06)


LastRegBack: 2013-01-14 19:07

==================== End Of Log ============================
 
There is nothing malicious there.
Since you reinstalled Windows already I suspect you may have some hardware issue.

In any case....

In this forum, we make sure, your computer is free of malware and your computer is clean :)
Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
You'll get more attention.
 
You're very welcome
p22002759.gif
 
You must log in or register to reply here.

Similar threads

E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
501
eriksnyman1
E
midian182
Study appears to debunk link between internet use and mental health
Replies
9
Views
401
axiomatic13
axiomatic13
L
HP Class Action Lawsuit in 2023
Replies
0
Views
340
lsmartin
L

Latest posts

Back