Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win 7 laptop freezes randomly


  • Please log in to reply
8 replies to this topic

#1 Joxtersenior

Joxtersenior

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male

Posted 05 February 2016 - 01:08 PM

First here is the url for the Speccy analysis of the offending laptop -

http://speccy.piriform.com/results/h7eqw8nYqnvOuirakwuwdY5

 

L/top runs for about an hour then either the keyboard/ mouse/ touchpad freeze up in the middle of a task or it shuts down to a nice blue screen but not a BSOD.  It can be restarted soon after by powering up, opening at the Safe mode choices screen where I use 'Open Windows normally.'  We're back to the desktop.  An hour or so later produces a repeat performance.

Thought it was possibly overheating, ran Speedfan with nil problems.  Also ran the usual C/Cleaner, Spybot and Malwarebytes with no indicated problems.  Also updated the video driver.

Then ran Minitools with the following result which is a bit unnerving.

 

 

"MiniToolBox by Farbar  Version: 03-02-2016 01
Ran by joxter (administrator) on 04-02-2016 at 20:37:11
Running from "C:\Users\joxter\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: HP G62 Notebook PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/02/2016 06:08:02 PM) (Source: MsiInstaller) (User: joxter-HP)
Description: Product: CCC Help Dutch -- Error 1704.An installation for Microsoft .NET Framework 4.6.1 is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?

Error: (01/31/2016 09:32:50 AM) (Source: Application Error) (User: )
Description: Faulting application name: HPMSGSVC.exe, version: 2.6.3.0, time stamp: 0x4f2791fa
Faulting module name: HPMSGSVC.exe, version: 2.6.3.0, time stamp: 0x4f2791fa
Exception code: 0xc0000005
Fault offset: 0x0000399f
Faulting process id: 0x904
Faulting application start time: 0xHPMSGSVC.exe0
Faulting application path: HPMSGSVC.exe1
Faulting module path: HPMSGSVC.exe2
Report Id: HPMSGSVC.exe3

Error: (01/31/2016 09:32:30 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_LanmanServer, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: srvsvc.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c9ea
Exception code: 0xc0000005
Fault offset: 0x0000000000006f14
Faulting process id: 0x1bc
Faulting application start time: 0xsvchost.exe_LanmanServer0
Faulting application path: svchost.exe_LanmanServer1
Faulting module path: svchost.exe_LanmanServer2
Report Id: svchost.exe_LanmanServer3

Error: (01/28/2016 09:06:02 AM) (Source: Software Protection Platform Service) (User: )
Description: Acquisition of genuine ticket failed (hr=0x80072EE2) for template Id 66c92734-d682-4d71-983e-d6ec3f16059f

Error: (01/28/2016 09:06:02 AM) (Source: Software Protection Platform Service) (User: )
Description: License acquisition failure details.
hr=0x80072EE2

Error: (01/28/2016 09:01:43 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (01/28/2016 08:30:11 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_LanmanServer, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: srvsvc.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c9ea
Exception code: 0xc0000005
Fault offset: 0x0000000000006f14
Faulting process id: 0x1c4
Faulting application start time: 0xsvchost.exe_LanmanServer0
Faulting application path: svchost.exe_LanmanServer1
Faulting module path: svchost.exe_LanmanServer2
Report Id: svchost.exe_LanmanServer3

Error: (01/27/2016 09:41:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (01/26/2016 03:36:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (01/24/2016 10:07:08 PM) (Source: Application Hang) (User: )
Description: The program Skype.exe version 7.0.0.102 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: b68

Start Time: 01d156f315b7b539

Termination Time: 10

Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe

Report Id:


System errors:
=============
Error: (02/04/2016 08:28:37 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (02/04/2016 08:26:10 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 17:49:15 on ‎04/‎02/‎2016 was unexpected.

Error: (02/04/2016 05:21:10 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (02/04/2016 05:03:21 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (02/04/2016 12:44:47 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (02/04/2016 11:19:46 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (02/04/2016 09:55:35 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (02/04/2016 09:53:46 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 09:18:18 on ‎04/‎02/‎2016 was unexpected.

Error: (02/04/2016 09:12:55 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058

Error: (02/04/2016 07:29:12 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058


Microsoft Office Sessions:
=========================
Error: (02/02/2016 06:08:02 PM) (Source: MsiInstaller)(User: joxter-HP)
Description: Product: CCC Help Dutch -- Error 1704.An installation for Microsoft .NET Framework 4.6.1 is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/31/2016 09:32:50 AM) (Source: Application Error)(User: )
Description: HPMSGSVC.exe2.6.3.04f2791faHPMSGSVC.exe2.6.3.04f2791fac00000050000399f90401d15c0a372d1629C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe97e7a4ca-c7fd-11e5-b532-78acc0c72907

Error: (01/31/2016 09:32:30 AM) (Source: Application Error)(User: )
Description: svchost.exe_LanmanServer6.1.7600.163854a5bc3c1srvsvc.dll6.1.7601.175144ce7c9eac00000050000000000006f141bc01d15c0a21f9d4bcC:\Windows\system32\svchost.exec:\windows\system32\srvsvc.dll8c1fb552-c7fd-11e5-b532-78acc0c72907

Error: (01/28/2016 09:06:02 AM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x80072EE266c92734-d682-4d71-983e-d6ec3f16059f

Error: (01/28/2016 09:06:02 AM) (Source: Software Protection Platform Service)(User: )
Description: hr=0x80072EE200010001(0x00000000, 09:03:58:144 - http://go.microsoft.com/fwlink/?LinkId=151642)
00020001(0x00000000, 09:03:58:222)
00030001(0x00000000, 09:03:58:222 - http://go.microsoft.com)
00030002(0x00000000, 09:03:58:222 - 0)
00040001(0x00000000, 09:03:58:222 - http://go.microsoft.com)
00040002(0x00000000, 09:03:58:238 - 1, <NULL>, <NULL>, <NULL>)
00040004(0x80072F94, 09:04:00:546 - <NULL>)
00040006(0x00000000, 09:04:00:546 - 1, http://go.microsoft.com, <NULL>, <local>)
00020005(0x00000000, 09:04:00:546 - 0)
0002000C(0x00000000, 09:04:00:640 - 302)
0002000E(0x00000000, 09:04:00:640 - https://validation.sls.microsoft.com/SLWGA/slwga.asmx)
00020001(0x00000000, 09:04:00:640)
00030001(0x00000000, 09:04:00:640 - https://validation.sls.microsoft.com)
00030002(0x00000000, 09:04:00:640 - 0)
00040001(0x00000000, 09:04:00:640 - https://validation.sls.microsoft.com)
00040002(0x00000000, 09:04:00:656 - 1, <NULL>, <NULL>, <NULL>)
00040004(0x80072F94, 09:04:02:980 - <NULL>)
00040006(0x00000000, 09:04:02:980 - 1, https://validation.sls.microsoft.com, <NULL>, <local>)
00020005(0x00000000, 09:04:02:980 - 0)
00020009(0x80072EE2, 09:06:02:648)
00010002(0x80072EE2, 09:06:02:648 - <NULL>)
00010003(0x80072EE2, 09:06:02:648)

Error: (01/28/2016 09:01:43 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (01/28/2016 08:30:11 AM) (Source: Application Error)(User: )
Description: svchost.exe_LanmanServer6.1.7600.163854a5bc3c1srvsvc.dll6.1.7601.175144ce7c9eac00000050000000000006f141c401d159a5da959a29C:\Windows\system32\svchost.exec:\windows\system32\srvsvc.dll58790420-c599-11e5-8f1f-78acc0c72907

Error: (01/27/2016 09:41:18 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (01/26/2016 03:36:24 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (01/24/2016 10:07:08 PM) (Source: Application Hang)(User: )
Description: Skype.exe7.0.0.102b6801d156f315b7b53910C:\Program Files (x86)\Skype\Phone\Skype.exe


CodeIntegrity Errors:
===================================
  Date: 2016-02-04 17:29:34.718
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-04 12:48:45.247
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-03 17:00:00.798
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-31 11:23:47.704
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-31 10:10:48.968
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-28 21:21:39.742
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-26 14:15:22.718
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-23 18:06:39.620
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-22 13:57:36.894
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-20 18:33:57.267
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1999584494.48.56.45616498 - Audible, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.4217 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2511 - CyberLink Corp.)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.97 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{28FE073B-1230-4BF6-830C-7434FD0C0069}) (Version: 4.1.13.1 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  - )
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 43.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 43.0.2 (x64 en-GB)) (Version: 43.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.2 - Mozilla)
Nectar Toolbar (HKLM-x32\...\Nectar Toolbar) (Version: 1.0.3 - AIMIA Coalition Loyalty UK Ltd)
OpenOffice 4.1.1 (HKLM-x32\...\{86F2B095-3998-41D5-833D-1C5075300950}) (Version: 4.11.9775 - Apache Software Foundation)
PhotoNow! (HKLM-x32\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6066 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.3023 - CyberLink Corp.) Hidden
RtVOsd (HKLM\...\{F3D7AC17-1FF4-41A8-BB18-3FC39C65AEB9}) (Version: 1.0.3 - Realtek Semiconductor Corp.)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Trend Micro RUBotted 2.0 Beta (HKLM-x32\...\{54D4EAF5-4C80-4878-B4AC-5AE454A02E3C}_is1) (Version: 2.0.0.1034 - Trend Micro, Inc.)
VC 9.0 Runtime (HKLM-x32\...\{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}) (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
ZoneAlarm Firewall (HKLM-x32\...\{6ADCBB79-7B9A-449B-AE31-E1C7116042B9}) (Version: 11.0.000.038 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 11.0.000.038 - Check Point)
ZoneAlarm LTD Toolbar (HKLM\...\ZoneAlarm LTD Toolbar) (Version:  - Check Point Software Technologies)
ZoneAlarm Security (HKLM-x32\...\{325988C2-8D7B-460E-8F6F-4747129CA495}) (Version: 11.0.000.038 - Check Point Software Technologies Ltd.) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 2810.9 MB
Available physical RAM: 1540.82 MB
Total Virtual: 5620.01 MB
Available Virtual: 3513.17 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:449.13 GB) (Free:379.98 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:16.34 GB) (Free:2.36 GB) NTFS

========================= Users: ========================================

User accounts for \\JOXTER-HP

Administrator            Guest                    joxter                   


**** End of log ***  *"

 

What to do now please?

 

Joxter
 



BC AdBot (Login to Remove)

 


#2 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:02:17 AM

Posted 07 February 2016 - 05:55 AM

I'm guessing that this is a networking problem, but there's some other low-level stuff going on also.

Could you be infected?  It's possible that malware has corrupted your current protection, so please try a couple of these, independent scans (from this link: https://www.us-cert.gov/ncas/alerts/TA15-286A ).  This is in case your current protection is compromised by malware and giving false results:

           F-Secure
           https://www.f-secure.com/en/web/home_global/online-scanner (link is external)

           McAfee
           http://www.mcafee.com/uk/downloads/free-tools/stinger.aspx (link is external)

           Microsoft
           http://www.microsoft.com/security/scanner/en-us/default.aspx (link is external)

           Sophos
           https://www.sophos.com/en-us/products/free-tools/virus-removal-tool.aspx (link is external)

           Trend Micro
           http://housecall.trendmicro.com/ (link is external)

    The above are examples only and do not constitute an exhaustive list. The U.S. Government does not endorse or support any particular product or vendor.
If you do find infections, I'd suggest posting over in the Am I Infected forum to ensure that all the bad stuff has been removed:  http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/
Please read the pinned topics at the top of the forum for instructions on how to post there.

Beyond that, let's try looking at these reports:

1)  Please run this report collecting tool (even though you may not be reporting BSOD's) so we can provide a complete analysis:  http://omgdebugging.com/bsod-inspector/
When done a Notepad document will open with the name of the file and it's location.
By default it'll be a .zip file located on your Desktop
Simply upload the .zip file with your next post and we'll move on from there.

2)  Please do the following:
- open Event Viewer (run eventvwr.msc from the "Run" dialog)
- expand the Custom Views category (left click on the > next to the words "Custom Views")
- right click on the "Administrative Events" heading
- select "Save all Events in Custom View as..."
- save the file as Admin.evtx
- zip up the file (right click on it, select "Send to", select "Compressed (zipped) folder")
- upload it with your next post (if it's too big, then upload it to a free file-hosting service and post a link here).

FYI - If we're looking for Event ID 41 errors (unexplained shutdowns), there's more info on that here:  http://support.microsoft.com/kb/2028504

While waiting for a reply, please monitor your temps with this free utility:  http://www.cpuid.com/softwares/hwmonitor.html
 
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#3 Joxtersenior

Joxtersenior
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male

Posted 08 February 2016 - 05:18 PM

Tks for the fulsome suggestions!

I've attached the zip files for the BSOD analysis and  zip file for the bsod analysis and the Eventvwr assessment.

 

The temps seem to be within range and running 2 of the A/V programs showed no problems.  (In fact while running the Sophos prog, the machine abruptly froze.

I also took the back plates off to check for any muck int the system but it's all clean.

I have one item to mention:  M/S Office was on the machine but not activated as my wife uses Apache Open Office.  She came across the Office list of languages and decided to remove one of them.  Rather than just deleting, it also involved .Net and took some time to finish.  I removed Office as it served no purpose, subsequently.

(this reporting is being done on my desktop.)

 

Glad of your help.



#4 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:02:17 AM

Posted 09 February 2016 - 06:10 AM

Sorry, but I don't see the zip files.


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#5 Joxtersenior

Joxtersenior
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male

Posted 09 February 2016 - 11:07 AM

Sorry;  I clicked of 'Reply to this topic' then 'More reply Options' which offers the attachment facility.  2 .zip files added.  Is this the wrong way to go about it?



#6 Willy22

Willy22

  • Members
  • 945 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Planet Earth
  • Local time:07:17 AM

Posted 09 February 2016 - 12:11 PM

I have seen this problem before. I think it could be a memory problem. A memory of 3 GB for a Win 7 system is not that much. As time goes by memory usage grows and grows.

- Did this problem emerge after you installed one particular program ? E.g. Firefox ?

- Did you tell Windows to have a fixed size for the pagefile ? If so, then let Windows manage the size of the pagefile. That can be THE solution for this problem.

- Install PcWinTech's Cleanmem. It reduces memory usage every 15 minutes and that increases overall system performance.



#7 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:02:17 AM

Posted 10 February 2016 - 07:46 AM

Still don't see the attached files.

If you're still having problems with this, try uploading them to a free file-hosting service such as OneDrive or DropBox.  Then ensure that they are shared, and post a link to them here.


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#8 Joxtersenior

Joxtersenior
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male

Posted 10 February 2016 - 09:18 AM

Hope the files move this time

Attached Files



#9 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:02:17 AM

Posted 10 February 2016 - 04:00 PM

The Admin log shows networking and HP Support Framework problems just prior to each of the restarts.
I'd suggest uninstalling the HP Support Assistant and the HP Support Framework and see if that helps (you can reinstall a fresh copy from the HP website if needed).

I also see ZoneAlarm issues - so please uninstall that.  Please only use one antivirus and one firewall at a time.

 

Although you appear to have a reasonable number of Windows Update hotfixes for this version of your OS, please double check for any new Windows Updates.  It only takes one update to cause a problem, so it's essential that you have all of them.

Please uninstall SpyBot Search and Destroy (in particular remove the TeaTimer)

See if that helps - just a hunch on my part.

 

I see some virus removal tools on the system.  Was the system infected?

Have you had any other problems since the infection?


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users