Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware, Virus, or Other Issue?


  • Please log in to reply

#1
tigger3370

tigger3370

    Member

  • Member
  • PipPipPip
  • 132 posts
Hi. I recently wiped my old computer and re-installed Vista on it to set it up for my daughter to use. Ever since then, it's been hanging for sometimes minutes on end where I can not do anything or type and ctrl+alt+del does not even work. If anyone can help provide any insight, it would be greatly appreciated. I have no problem wiping it and starting over, but I'd prefer that as a last resort since I finally have it set up just the way I want.

Thanks in advance. OTL log to follow

Jason


OTL logfile created on: 7/24/2011 11:22:38 AM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Samantha\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.94 Gb Total Physical Memory | 2.63 Gb Available Physical Memory | 66.95% Memory free
8.04 Gb Paging File | 6.63 Gb Available in Paging File | 82.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298.09 Gb Total Space | 221.68 Gb Free Space | 74.37% Space Free | Partition Type: NTFS
Drive K: | 914.43 Gb Total Space | 513.89 Gb Free Space | 56.20% Space Free | Partition Type: NTFS

Computer Name: PINKIE0426 | User Name: Samantha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/24 11:22:29 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Samantha\Downloads\OTL.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe


========== Modules (SafeList) ==========

MOD - [2011/07/24 11:22:29 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Samantha\Downloads\OTL.exe
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/05/30 09:49:12 | 000,301,720 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/07/10 06:28:28 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2011/04/19 02:44:40 | 000,993,848 | ---- | M] (Secunia) [Disabled | Stopped] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/04/11 12:23:49 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/07/18 20:58:26 | 000,015,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2011/03/16 16:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/03/01 14:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/02/22 08:12:34 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV:64bit: - [2011/01/07 06:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010/09/01 04:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\psi_mf.sys -- (PSI)
DRV:64bit: - [2010/02/25 00:03:22 | 000,018,360 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\cpqbttn.sys -- (HBtnKey)
DRV:64bit: - [2009/06/25 17:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009/06/25 16:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009/06/25 16:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009/04/11 12:22:03 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2008/10/23 02:16:34 | 001,526,776 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2008/10/23 02:16:34 | 001,526,776 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XV)
DRV:64bit: - [2008/03/28 02:06:00 | 000,324,656 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/03/04 02:32:46 | 000,222,720 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2008/01/20 22:46:57 | 000,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2007/07/10 06:28:16 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2007/06/20 04:32:58 | 001,478,656 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2007/06/20 04:30:18 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2007/06/20 04:29:14 | 000,740,352 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2006/09/18 17:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2006/06/18 15:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 57 B7 0F BE 23 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Users\Samantha\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)



O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Frangipani Flowers.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Frangipani Flowers.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/21 17:05:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/07/21 13:10:20 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/07/21 12:07:51 | 000,000,000 | ---D | C] -- C:\Users\Samantha\AppData\Roaming\OpenOffice.org
[2011/07/20 16:09:05 | 000,000,000 | ---D | C] -- C:\Users\Samantha\AppData\Local\ElevatedDiagnostics
[2011/07/20 15:29:37 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2011/07/19 15:59:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/07/19 15:53:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011/07/19 09:52:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011
[2011/07/19 09:52:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2011/07/19 09:47:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2011/07/18 21:45:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011/07/18 21:11:33 | 000,000,000 | ---D | C] -- C:\Users\Samantha\AppData\Roaming\FixCleaner
[2011/07/18 21:10:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FixCleaner
[2011/07/18 20:58:21 | 000,000,000 | ---D | C] -- C:\Users\Samantha\AppData\Local\SlimWare Utilities Inc
[2011/07/08 23:06:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/07/08 19:43:37 | 000,000,000 | ---D | C] -- C:\Users\Samantha\AppData\Local\WindowsUpdate
[2011/07/08 19:43:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java(55)
[2011/07/08 19:26:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java(65)
[2011/07/08 11:34:42 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011/07/08 11:21:28 | 000,000,000 | ---D | C] -- C:\Users\Samantha\AppData\Local\Apple Computer
[2011/07/08 11:21:27 | 000,000,000 | ---D | C] -- C:\Users\Samantha\AppData\Roaming\Apple Computer
[2011/07/08 11:13:53 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/07/08 11:13:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/07/08 11:13:51 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/07/08 11:08:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour

========== Files - Modified Within 30 Days ==========

[2011/07/24 11:15:54 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/07/24 11:15:54 | 000,604,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/07/24 11:15:54 | 000,104,170 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/07/24 11:08:33 | 000,003,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/24 11:08:32 | 000,003,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/24 11:08:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/24 11:06:39 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/07/24 10:45:22 | 125,221,200 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/07/24 10:43:43 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2093864451-3047129339-3732917902-1000Core.job
[2011/07/24 10:37:56 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2093864451-3047129339-3732917902-1000UA.job
[2011/07/21 16:41:58 | 000,255,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/07/19 09:52:18 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/07/19 09:52:13 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2011/07/19 09:52:13 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2011/07/19 02:40:16 | 000,002,066 | ---- | M] () -- C:\Users\Samantha\Desktop\Google Chrome.lnk
[2011/07/18 20:58:26 | 000,015,672 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2011/07/18 20:13:02 | 000,119,316 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/07/18 20:10:43 | 000,119,316 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/07/06 20:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/07/06 20:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2011/07/24 10:45:22 | 125,221,200 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/07/19 09:52:18 | 000,000,869 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/07/19 09:52:13 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2011/07/19 09:52:13 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2011/07/18 20:58:25 | 000,015,672 | ---- | C] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2011/06/07 22:03:55 | 000,119,316 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011/06/07 22:03:55 | 000,119,316 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011/06/07 19:57:18 | 000,000,680 | ---- | C] () -- C:\Users\Samantha\AppData\Local\d3d9caps.dat
[2011/06/05 03:45:18 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2011/06/05 01:04:59 | 000,001,460 | ---- | C] () -- C:\Users\Samantha\AppData\Local\d3d9caps64.dat
[2009/04/11 12:23:17 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/04/11 12:22:30 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/04/11 12:22:29 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/04/11 12:22:25 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/11/07 00:05:00 | 001,825,792 | ---- | C] () -- C:\Windows\SysWow64\nvwgf2um.dll
[2006/11/02 11:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 08:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 08:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 05:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

========== LOP Check ==========

[2011/06/06 12:44:09 | 000,000,000 | ---D | M] -- C:\Users\Samantha\AppData\Roaming\Auslogics
[2011/06/06 17:27:23 | 000,000,000 | ---D | M] -- C:\Users\Samantha\AppData\Roaming\AVG10
[2011/07/18 21:13:02 | 000,000,000 | ---D | M] -- C:\Users\Samantha\AppData\Roaming\FixCleaner
[2011/07/21 12:07:51 | 000,000,000 | ---D | M] -- C:\Users\Samantha\AppData\Roaming\OpenOffice.org
[2011/06/07 22:20:35 | 000,000,000 | ---D | M] -- C:\Users\Samantha\AppData\Roaming\Softland
[2011/07/24 11:06:40 | 000,017,452 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
Get Process Explorer

http://live.sysinter...com/procexp.exe

Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator). Click once or twice on the CPU column header to sort things by CPU usage with the big hitters at the top. Wait a minute for things to settle down then File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan


On completion of the scan (Note if the Fix button is enabled and tell me) click save log, save it to your desktop and post in your next reply

Ron
  • 0

#3
tigger3370

tigger3370

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
Process Explorer Results:

Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 92.31 0 K 24 K
procexp64.exe 4976 4.62 21,088 K 30,672 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
Interrupts n/a 3.08 0 K 0 K Hardware Interrupts and DPCs
csrss.exe 736 < 0.01 10,724 K 11,464 K Client Server Runtime Process Microsoft Corporation
avgui.exe 4264 < 0.01 22,688 K 22,800 K AVG User Interface AVG Technologies CZ, s.r.o.
iexplore.exe 3856 < 0.01 86,872 K 83,684 K Internet Explorer Microsoft Corporation
System 4 < 0.01 0 K 195,660 K
svchost.exe 824 < 0.01 136,640 K 144,136 K Host Process for Windows Services Microsoft Corporation
explorer.exe 1236 < 0.01 30,672 K 47,448 K Windows Explorer Microsoft Corporation
taskeng.exe 2320 < 0.01 12,024 K 14,452 K Task Scheduler Engine Microsoft Corporation
wmpnetwk.exe 3460 < 0.01 5,796 K 11,616 K Windows Media Player Network Sharing Service Microsoft Corporation
wlanext.exe 1432 < 0.01 2,636 K 6,704 K Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation
avgwdsvc.exe 1928 < 0.01 9,480 K 18,056 K AVG Watchdog Service AVG Technologies CZ, s.r.o.
svchost.exe 1216 < 0.01 27,176 K 32,468 K Host Process for Windows Services Microsoft Corporation
SearchIndexer.exe 1992 < 0.01 109,944 K 24,440 K Microsoft Windows Search Indexer Microsoft Corporation
svchost.exe 860 < 0.01 80,688 K 89,616 K Host Process for Windows Services Microsoft Corporation
avgtray.exe 1904 < 0.01 4,720 K 1,504 K AVG Tray Monitor AVG Technologies CZ, s.r.o.
csrss.exe 664 < 0.01 2,760 K 7,336 K Client Server Runtime Process Microsoft Corporation
iexplore.exe 4340 < 0.01 18,076 K 27,976 K Internet Explorer Microsoft Corporation
svchost.exe 520 < 0.01 5,008 K 8,940 K Host Process for Windows Services Microsoft Corporation
avgrsa.exe 3628 < 0.01 1,464 K 748 K AVG Resident Shield Service AVG Technologies CZ, s.r.o.
avgchsva.exe 2612 < 0.01 46,444 K 2,104 K AVG Cache Server AVG Technologies CZ, s.r.o.
SynTPEnh.exe 2856 < 0.01 3,680 K 9,984 K Synaptics TouchPad Enhancements Synaptics, Inc.
spoolsv.exe 1588 < 0.01 8,384 K 15,412 K Spooler SubSystem App Microsoft Corporation
wmpnscfg.exe 3260 2,312 K 6,928 K Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation
WmiPrvSE.exe 4016 3,696 K 7,188 K WMI Provider Host Microsoft Corporation
winlogon.exe 892 2,920 K 8,416 K Windows Logon Application Microsoft Corporation
wininit.exe 724 1,708 K 5,224 K Windows Start-Up Application Microsoft Corporation
taskeng.exe 2304 2,772 K 7,564 K Task Scheduler Engine Microsoft Corporation
taskeng.exe 2068 1,980 K 5,368 K Task Scheduler Engine Microsoft Corporation
SynTPHelper.exe 3248 1,312 K 3,232 K Synaptics Pointing Device Helper Synaptics, Inc.
svchost.exe 1056 11,696 K 18,208 K Host Process for Windows Services Microsoft Corporation
svchost.exe 12 17,288 K 17,296 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1620 22,200 K 27,672 K Host Process for Windows Services Microsoft Corporation
svchost.exe 3560 2,096 K 12,516 K Host Process for Windows Services Microsoft Corporation
svchost.exe 340 3,660 K 8,180 K Host Process for Windows Services Microsoft Corporation
svchost.exe 760 2,380 K 5,940 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1960 2,728 K 4,440 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2024 3,060 K 6,944 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1148 5,556 K 8,452 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1896 1,764 K 4,360 K Host Process for Windows Services Microsoft Corporation
smss.exe 500 476 K 1,028 K Windows Session Manager Microsoft Corporation
SLsvc.exe 984 9,512 K 13,528 K Microsoft Software Licensing Service Microsoft Corporation
services.exe 772 3,248 K 8,216 K Services and Controller app Microsoft Corporation
procexp.exe 3408 2,680 K 7,516 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
lsm.exe 800 3,000 K 5,252 K Local Session Manager Service Microsoft Corporation
lsass.exe 784 4,648 K 5,520 K Local Security Authority Process Microsoft Corporation
jusched.exe 2408 2,720 K 8,788 K Java™ Update Scheduler Sun Microsystems, Inc.
hpwuschd2.exe 3020 1,252 K 4,360 K hpwuSchd Application Hewlett-Packard
GoogleUpdate.exe 3296 3,288 K 1,656 K Google Installer Google Inc.
dwm.exe 2784 2,000 K 6,124 K Desktop Window Manager Microsoft Corporation
avgcsrva.exe 936 21,396 K 1,660 K AVG Scanning Core Module - Server Part AVG Technologies CZ, s.r.o.
audiodg.exe 788 13,440 K 16,580 K Windows Audio Device Graph Isolation Microsoft Corporation

MBR Results: FixMBR Button is ENABLED

aswMBR version 0.9.8.978 Copyright© 2011 AVAST Software
Run date: 2011-08-01 21:43:47
-----------------------------
21:43:47.231 OS Version: Windows x64 6.0.6002 Service Pack 2
21:43:47.231 Number of processors: 2 586 0x4802
21:43:47.231 ComputerName: PINKIE0426 UserName: Samantha
21:43:50.523 Initialize success
21:44:03.526 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000060
21:44:03.541 Disk 0 Vendor: ST932032 SD23 Size: 305245MB BusType: 6
21:44:05.616 Disk 0 MBR read successfully
21:44:05.632 Disk 0 MBR scan
21:44:05.647 Disk 0 Windows VISTA default MBR code
21:44:05.647 Service scanning
21:44:07.784 Modules scanning
21:44:07.784 Disk 0 trace - called modules:
21:44:07.878 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys storport.sys hal.dll nvstor64.sys
21:44:07.894 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005122790]
21:44:07.894 3 CLASSPNP.SYS[fffffa60007d0c33] -> nt!IofCallDriver -> [0xfffffa8004ed7e40]
21:44:07.909 5 acpi.sys[fffffa60008fffde] -> nt!IofCallDriver -> \Device\00000060[0xfffffa8004f244d0]
21:44:07.925 Scan finished successfully
21:46:01.808 Disk 0 MBR has been saved successfully to "C:\Users\Samantha\Documents\MBR.dat"
21:46:01.823 The log file has been saved successfully to "C:\Users\Samantha\Documents\aswMBR.txt"
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
Something is using too many interrupts:

Interrupts n/a 3.08 0 K 0 K Hardware Interrupts and DPCs

The 3.08 number is usually less than 1.00. With a laptop it's often caused by a weak main battery. With a desktop a bad driver or a drive not in the right mode.

Try Start, Programs, Accessories, then right click on Command Prompt and Run As Administrator.

Type with an Enter after the line:

msconfig

Check the Diagnostic Startup button then Apply and reboot. Cancel msconfig when it comes up and check to see if your PC is faster. Run Process Explorer and check to see what
Interrupts n/a says now. If it helps then go back into msconfig and check normal startup then:
Go to Services tab and click on the box to hide Microsoft Services then uncheck
everything that remains. Go to Startup tab and uncheck everything. OK and
reboot. If it doesn't run faster then go back into msconfig and recheck the
things you turned off. If it helps then go back and turn on a few items each
time until you find the culprit.

Also let's check your event logs:

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc /scannow

(SPACE after sfc. This will check your critical system files. If it asks for a CD and you don't have one or it doesn't like your CD just tell it to SKIP.)

sigverif

Press Start in the new window. This will check your drivers. If you just get a few when it finishes tell me what they are. If you get a lot just look for those with newish dates (since about the time the problem started.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.



Ron
  • 0

#5
tigger3370

tigger3370

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
The laptop battery is bad. Should I remove it? Would that help? I'm running the steps in your e-mail and I will post the results. I'm trying to do it before we go on vacation. Thanks for your help so far.
  • 0

#6
tigger3370

tigger3370

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
Check the Diagnostic Startup button then Apply and reboot. Cancel msconfig when it comes up and check to see if your PC is faster. Run Process Explorer and check to see what
Interrupts n/a says now.

Interrupts n/a < 0.01 0K 0K Hardware Interrupts and DPCs

Go to Services tab and click on the box to hide Microsoft Services then uncheck
everything that remains.

AVG Watchdog was the only service running.

Go to Startup tab and uncheck everything. OK and
reboot.

Trying unchecking all and then will try a few things at a time to see if I can find the culprit. Will update after this step is done.

Thanks for your help so far.
  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
Remove the bad battery. Sometimes that is all it takes.
  • 0

#8
tigger3370

tigger3370

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
Removed the battery and tried to stop all services and start-up programs and I was still getting interrupts of up to 3.85.

Cleared all logs files.

Ran sfc. Windows Resource Protection found corrupt files but was unable to fix some of them. Details are included in the CBS.LOG. Attaching the CBS.log

Ran sigverif. Found 316 files and 10 unsigned: nvcpl.chm, nvcpl.cpl, nvcplui.exe, nvcpluir.dll, nvapi64.dll, nvd3dumx.dll, nvoglv64.dll, nvlddmkm.sys, nvapi.dll, ncd3dum.dll .

Ran Event Viewer Tool. Attaching the logs.

Thanks again for your help and patience.

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 08/08/2011 7:13:11 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 08/08/2011 10:28:44 PM
Type: Error Category: 0
Event: 7032 Source: Service Control Manager
The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Modules Installer service, but this action failed with the following error: An instance of the service is already running.

Log: 'System' Date/Time: 08/08/2011 10:26:44 PM
Type: Error Category: 0
Event: 7031 Source: Service Control Manager
The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 08/08/2011 10:54:40 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:53:36 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:52:35 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:51:34 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:50:33 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:49:20 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:48:18 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:47:17 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:46:08 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:45:03 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:44:02 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:43:01 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:42:00 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:40:58 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:39:58 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:38:57 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:24:29 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:23:28 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:20:45 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Log: 'System' Date/Time: 08/08/2011 10:19:07 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 08/08/2011 7:14:35 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 08/08/2011 10:22:04 PM
Type: Error Category: 3
Event: 3013 Source: Microsoft-Windows-Search
The entry <C:\CONFIG.MSI\84F4A.RBS> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 08/08/2011 10:42:01 PM
Type: Warning Category: 7
Event: 510 Source: ESENT
Windows (1780) Windows: A request to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" at offset 37249024 (0x0000000002386000) for 8192 (0x00002000) bytes succeeded, but took an abnormally long time (60 seconds) to be serviced by the OS. In addition, 8 other I/O requests to this file have also taken an abnormally long time to be serviced since the last message regarding this problem was posted 61 seconds ago. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 08/08/2011 10:42:01 PM
Type: Warning Category: 7
Event: 510 Source: ESENT
Windows (1780) Windows: A request to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log" at offset 78336 (0x0000000000013200) for 512 (0x00000200) bytes succeeded, but took an abnormally long time (60 seconds) to be serviced by the OS. In addition, 0 other I/O requests to this file have also taken an abnormally long time to be serviced since the last message regarding this problem was posted 61 seconds ago. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 08/08/2011 10:40:59 PM
Type: Warning Category: 7
Event: 510 Source: ESENT
Windows (1780) Windows: A request to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" at offset 2686976 (0x0000000000290000) for 8192 (0x00002000) bytes succeeded, but took an abnormally long time (178 seconds) to be serviced by the OS. In addition, 14 other I/O requests to this file have also taken an abnormally long time to be serviced since the last message regarding this problem was posted 0 seconds ago. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 08/08/2011 10:40:59 PM
Type: Warning Category: 7
Event: 510 Source: ESENT
Windows (1780) Windows: A request to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" at offset 34250752 (0x00000000020aa000) for 8192 (0x00002000) bytes succeeded, but took an abnormally long time (118 seconds) to be serviced by the OS. In addition, 1 other I/O requests to this file have also taken an abnormally long time to be serviced since the last message regarding this problem was posted 0 seconds ago. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 08/08/2011 10:40:59 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
Windows (1780) Windows: A request to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" at offset 21372928 (0x0000000001462000) for 8192 (0x00002000) bytes succeeded, but took an abnormally long time (60 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 08/08/2011 10:40:59 PM
Type: Warning Category: 7
Event: 508 Source: ESENT
Windows (1780) Windows: A request to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log" at offset 71168 (0x0000000000011600) for 7168 (0x00001c00) bytes succeeded, but took an abnormally long time (177 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Attached Files


  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
The CBS log didn't look too bad.

This looks like your hang problem.

Log: 'System' Date/Time: 08/08/2011 10:54:40 PM
Type: Warning Category: 0
Event: 129 Source: nvstor64
Reset to device, \Device\RaidPort0, was issued.

Let's take a closer look:

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Attach the file to your next post.

Also tell me the make and model of your PC.

Ron
  • 0

#10
tigger3370

tigger3370

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
The computer is a HP Pavilion dv2000 (RD140AV) and I'm attaching the speccy file.
  • 0

Advertisements


#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
(I have downloaded and removed the attachment as it might contain sensitive data.)

Have you already downloaded and installed the Chipset utility?

http://h10025.www1.h...177437&sw_lang=

If not do so now. Then clear your events;

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot.

Then run Vino's Event Viewer again and post the results.

Ron
  • 0

#12
tigger3370

tigger3370

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
I wasn't sure if I'd downloaded the Chipset Utility or not, so I downloaded it and rebooted. Cleared the events and rebooted. Finally, ran Vino's Event Viewer again and I'm attaching the files.

Attached Files


  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
Run Vino's one more time. Just the System one will do.

Ron
  • 0

#14
tigger3370

tigger3370

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 132 posts
Here it is.

Attached Files


  • 0

#15
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
No new events anyway. Have you had any more hangs?

Ron
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP