Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer Slow down

Started by LANCE_1313 , Aug 27 2011 03:44 PM

  • Please log in to reply

#1
LANCE_1313
Posted 27 August 2011 - 03:44 PM

LANCE_1313

    Member

  • Member
  • PipPipPip
  • 159 posts
I hoped someone could look at my logs. Over the last few days my computer seems to slow down after being on for about an hour. I've also had an number of crashes in that time frame. I'm actually hoping I"m infected because the alternative is that it's a hardware issue. I run Avast, Malwarebytes free for scans, online armor, spywareblaster, and other recommended stuff from here, and I'm pretty careful where I go, so I'm thinking it's probably hardware but I'd really appreciate a quick glance at the logs. Heres the OTL.

OTL logfile created on: 8/28/2011 7:23:05 AM - Run 1
OTL by OldTimer - Version 3.2.26.6 Folder = C:\Users\LANCE\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.86 Gb Total Physical Memory | 1.94 Gb Available Physical Memory | 50.16% Memory free
7.73 Gb Paging File | 5.44 Gb Available in Paging File | 70.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453.06 Gb Total Space | 282.22 Gb Free Space | 62.29% Space Free | Partition Type: NTFS
Drive D: | 6.99 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: LANCE-LT | User Name: LANCE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/28 07:18:46 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\LANCE\Downloads\OTL.exe
PRC - [2011/08/28 07:18:15 | 000,640,888 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2011/08/17 09:59:55 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/07/04 21:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 21:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/06/06 12:55:30 | 001,480,600 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/06/06 10:26:40 | 000,108,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
PRC - [2011/04/06 13:01:06 | 004,326,472 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Online Armor\oasrv.exe
PRC - [2011/04/06 13:01:06 | 002,477,032 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Online Armor\oaui.exe
PRC - [2011/04/06 13:01:04 | 001,165,336 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Online Armor\OAhlp.exe
PRC - [2011/04/06 13:01:04 | 000,381,512 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Online Armor\OAcat.exe
PRC - [2009/11/13 03:10:06 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/10/27 03:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/10/10 03:27:44 | 006,937,216 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/10/01 12:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/10/01 12:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/09/04 03:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/08/20 13:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/06/25 05:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/06/20 03:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/20 03:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/16 10:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
PRC - [2009/05/19 08:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008/12/30 09:32:54 | 000,237,693 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe
PRC - [2008/12/23 10:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/14 14:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/03/31 19:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007/12/01 04:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 17:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/28 07:14:49 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/08/17 09:59:54 | 001,846,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/06/07 09:30:08 | 002,263,552 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
MOD - [2011/06/07 09:30:08 | 000,101,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
MOD - [2011/06/07 09:29:54 | 011,496,448 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libqt4_plugin.dll
MOD - [2011/06/07 09:29:54 | 002,157,568 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libskins2_plugin.dll
MOD - [2011/06/07 09:29:54 | 001,763,328 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblibass_plugin.dll
MOD - [2011/06/07 09:29:54 | 001,712,128 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libvorbis_plugin.dll
MOD - [2011/06/07 09:29:54 | 001,290,752 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libschroedinger_plugin.dll
MOD - [2011/06/07 09:29:54 | 001,224,192 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmkv_plugin.dll
MOD - [2011/06/07 09:29:54 | 001,137,664 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libxml_plugin.dll
MOD - [2011/06/07 09:29:54 | 001,104,896 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libtaglib_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,640,512 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfreetype_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,368,640 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libtheora_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,338,944 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblua_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,325,632 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libswscale_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,258,048 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfluidsynth_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpng_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,194,048 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmp4_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,135,680 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_rgb_sse2_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,130,048 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libspeex_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,128,000 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpgatofixed32_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,108,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libplaylist_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,093,184 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpc_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libsap_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libzip_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_rgb_mmx_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_rgb_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,048,640 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_yuy2_sse2_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libwaveout_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libhotkeys_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,046,080 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi422_yuy2_sse2_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,041,984 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libflacsys_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libnuv_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,040,448 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libyuy2_i420_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_yuy2_mmx_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libvout_wrapper_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmono_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,038,400 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_yuy2_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpeg_audio_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi422_yuy2_mmx_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libyuy2_i422_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libwav_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libscaletempo_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi422_yuy2_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblpcm_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_filter_rar_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libtta_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libsimple_channel_mixer_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmemcpymmxext_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libglobalhotkeys_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi422_i420_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libgrey_yuv_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libscale_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfloat32_mixer_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libyuvp_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libugly_resampler_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_filter_record_plugin.dll
MOD - [2011/06/07 09:29:54 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfolder_plugin.dll
MOD - [2011/06/07 09:29:52 | 008,135,680 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libavcodec_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,309,760 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfaad_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,265,216 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libflac_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,231,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdvdnav_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,210,944 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdshow_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,178,176 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdtstofloat32_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_bd_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,088,064 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libavi_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libasf_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdirectx_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52tofloat32_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdirect3d_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,057,856 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libblend_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaout_directx_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,045,568 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaraw_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libes_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaudio_format_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfilesystem_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdts_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,037,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfake_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libcdg_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,033,280 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaes3_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libconverter_fixed_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdtstospdif_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdolby_surround_decoder_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdrawable_plugin.dll
MOD - [2011/06/07 09:29:52 | 000,030,720 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52tospdif_plugin.dll
MOD - [2011/06/06 10:26:40 | 000,108,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
MOD - [2011/05/26 13:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/11/13 03:10:06 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/09/04 03:33:14 | 000,054,400 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009/06/03 11:09:06 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2009/03/27 07:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2009/02/07 11:52:24 | 000,073,728 | ---- | M] () -- C:\Windows\SysWOW64\CmdRtr.DLL
MOD - [2007/12/01 04:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007/06/16 03:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007/06/02 10:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/07/04 21:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/07/01 13:06:50 | 000,301,720 | ---- | M] () [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService)
SRV:64bit: - [2009/09/18 04:36:34 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009/07/14 11:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/02 11:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2007/08/08 17:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/06 13:01:06 | 004,326,472 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Online Armor\oasrv.exe -- (SvcOnlineArmor)
SRV - [2011/04/06 13:01:04 | 000,381,512 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Online Armor\OAcat.exe -- (OAcat)
SRV - [2010/11/20 22:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/04/30 04:03:43 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010/04/30 04:03:39 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/01 12:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2009/10/01 12:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2009/06/16 10:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009/06/11 07:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/03/31 19:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/07/04 21:36:56 | 000,600,920 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/07/04 21:36:54 | 000,288,088 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/07/04 21:35:28 | 000,045,400 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/07/04 21:32:35 | 000,031,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/07/04 21:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/07/04 21:32:14 | 000,022,360 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/06 13:01:30 | 000,032,920 | ---- | M] (Emsisoft) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\OAnet.sys -- (OAnet)
DRV:64bit: - [2011/03/11 16:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 16:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 23:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 19:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/04/30 04:01:05 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2009/10/06 02:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/10/02 14:58:57 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/09/18 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®
DRV:64bit: - [2009/08/22 03:54:03 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/08/17 14:15:43 | 000,286,768 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/20 19:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 11:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 11:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 11:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/05 12:27:02 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpe64.sys -- (rixdpcie)
DRV:64bit: - [2009/07/03 01:54:52 | 000,060,416 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspe64.sys -- (rimspci)
DRV:64bit: - [2009/07/01 14:46:51 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/01 14:46:47 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/01 14:46:39 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/06/29 13:53:45 | 000,058,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:64bit: - [2009/06/11 06:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/11 06:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 06:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 06:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 06:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 20:16:29 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/13 11:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009/04/07 17:33:07 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2008/05/24 10:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2007/07/25 04:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2011/04/06 13:02:26 | 000,055,088 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\oahlp64.sys -- (oahlpXX)
DRV - [2011/04/06 13:01:30 | 000,059,176 | ---- | M] () [File_System | System | Running] -- C:\Windows\SysWOW64\drivers\OADriver.sys -- (OADevice)
DRV - [2011/04/06 13:01:30 | 000,038,064 | ---- | M] (Emsisoft) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\OAmon.sys -- (OAmon)
DRV - [2009/07/14 11:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://login.live.c...bcxt=mai&snsc=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?l...en-ca&OCID=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 F3 B4 D4 94 38 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com.au/"

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/07/06 07:31:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/08/17 10:13:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/07/02 18:51:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LANCE\AppData\Roaming\Mozilla\Extensions
[2011/08/20 11:33:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LANCE\AppData\Roaming\Mozilla\Firefox\Profiles\f4j3xeu5.default\extensions
[2011/07/18 22:48:46 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\LANCE\AppData\Roaming\Mozilla\Firefox\Profiles\f4j3xeu5.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011/07/11 12:21:18 | 000,000,000 | ---D | M] (WOT) -- C:\Users\LANCE\AppData\Roaming\Mozilla\Firefox\Profiles\f4j3xeu5.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/07/13 11:55:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/08/17 10:10:01 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\USERS\LANCE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F4J3XEU5.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\LANCE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F4J3XEU5.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\LANCE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F4J3XEU5.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
() (No name found) -- C:\USERS\LANCE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F4J3XEU5.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
[2011/08/17 09:59:55 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/01/01 18:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/15 14:16:26 | 000,618,793 | ---- | M]) - C:\Windows\SysNative\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost #[IPv6]
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 abcstats.com
O1 - Hosts: 127.0.0.1 a.abv.bg
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 ca.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 am1.activemeter.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 16379 more lines...
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [@OnlineArmor GUI] C:\Program Files (x86)\Online Armor\oaui.exe (Emsi Software GmbH)
O4:64bit: - HKLM..\Run: [RunDLLEntry] C:\Windows\SysNative\AmbRunE.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [UpdReg] C:\Windows\UpdReg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/25 14:56:52 | 000,000,046 | -H-- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{0d6b2f1b-a514-11e0-98c3-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0d6b2f1b-a514-11e0-98c3-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Installer.exe -- [2010/05/25 14:56:52 | 002,505,256 | ---- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/08/28 07:12:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/08/28 07:12:04 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/08/28 07:12:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/08/28 07:12:04 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/08/28 07:11:21 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/08/22 17:01:06 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\Diagnostics
[2011/08/17 10:47:24 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\ElevatedDiagnostics
[2011/08/17 10:13:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/08/17 10:13:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/08/03 16:11:41 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/08/03 16:11:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/08/03 16:10:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/08/01 23:18:29 | 000,000,000 | ---D | C] -- C:\Users\LANCE\Documents\ASUS
[2011/08/01 23:18:19 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2011/08/01 23:18:17 | 000,000,000 | ---D | C] -- C:\Users\LANCE\AppData\Local\ASUS
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/08/28 07:18:16 | 000,000,969 | ---- | M] () -- C:\Users\LANCE\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2011/08/28 07:06:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/27 16:14:57 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/27 16:14:57 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/27 16:14:03 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/08/27 16:14:03 | 000,628,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/08/27 16:14:03 | 000,110,612 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/08/27 16:07:15 | 3112,038,400 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/27 15:06:45 | 000,000,386 | -H-- | M] () -- C:\Windows\tasks\My Backup xml.job
[2011/08/26 21:56:39 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2011/08/20 12:02:46 | 000,032,001 | ---- | M] () -- C:\Users\LANCE\Desktop\2012 mbbs student calendar.pdf
[2011/08/19 14:18:22 | 000,369,616 | ---- | M] () -- C:\Users\LANCE\Desktop\McMaster - Lance Salmikivi.PDF
[2011/08/19 06:06:57 | 000,177,731 | ---- | M] () -- C:\Users\LANCE\Desktop\McMaster Application - Lance Salmikivi -41861183.pdf
[2011/08/19 04:21:33 | 000,039,467 | ---- | M] () -- C:\Users\LANCE\Desktop\EA4fk.jpeg.png
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/20 12:02:46 | 000,032,001 | ---- | C] () -- C:\Users\LANCE\Desktop\2012 mbbs student calendar.pdf
[2011/08/19 14:18:20 | 000,369,616 | ---- | C] () -- C:\Users\LANCE\Desktop\McMaster - Lance Salmikivi.PDF
[2011/08/19 06:06:57 | 000,177,731 | ---- | C] () -- C:\Users\LANCE\Desktop\McMaster Application - Lance Salmikivi -41861183.pdf
[2011/08/19 04:21:31 | 000,039,467 | ---- | C] () -- C:\Users\LANCE\Desktop\EA4fk.jpeg.png
[2011/08/01 06:44:14 | 000,045,056 | ---- | C] () -- C:\Windows\SysNative\acovcnt.exe
[2011/07/12 08:33:38 | 000,005,120 | ---- | C] () -- C:\Users\LANCE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/02 20:16:46 | 000,059,176 | ---- | C] () -- C:\Windows\SysWow64\drivers\OADriver.sys
[2011/07/02 20:16:46 | 000,055,088 | ---- | C] () -- C:\Windows\SysWow64\drivers\oahlp64.sys
[2010/04/30 04:03:46 | 000,000,735 | ---- | C] () -- C:\Windows\FF05_Render_Spk_Hp.ini
[2010/04/30 04:03:46 | 000,000,508 | ---- | C] () -- C:\Windows\FF05_not_Spk_Hp.ini
[2010/04/30 04:01:46 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2010/04/30 03:58:33 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010/04/30 03:58:33 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009/07/29 15:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 15:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 12:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 12:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 10:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 09:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/14 07:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 07:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/12/02 11:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2008/10/08 02:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/08 02:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/08 02:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/08 02:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/08 02:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/08 02:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/08 02:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/08 02:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/08 02:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/08 02:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

========== LOP Check ==========

[2011/07/20 18:00:13 | 000,000,000 | ---D | M] -- C:\Users\LANCE\AppData\Roaming\EndNote
[2011/07/04 19:28:03 | 000,000,000 | ---D | M] -- C:\Users\LANCE\AppData\Roaming\mkvtoolnix
[2011/07/02 20:18:57 | 000,000,000 | ---D | M] -- C:\Users\LANCE\AppData\Roaming\OnlineArmor
[2011/07/04 22:36:09 | 000,000,000 | ---D | M] -- C:\Users\LANCE\AppData\Roaming\SC2Builds
[2011/07/02 19:47:20 | 000,000,000 | ---D | M] -- C:\Users\LANCE\AppData\Roaming\Stardock
[2011/08/28 07:28:20 | 000,000,000 | ---D | M] -- C:\Users\LANCE\AppData\Roaming\uTorrent
[2011/08/27 15:06:45 | 000,000,386 | -H-- | M] () -- C:\Windows\Tasks\My Backup xml.job
[2009/07/14 15:08:49 | 000,013,248 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >
  • 0

Advertisements

#2
RKinner
Posted 27 August 2011 - 11:18 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
I don't see anything but we can look a bit deeper:

Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:

http://www.malwarebytes.org/mbam.php

SAVE Malwarebytes' Anti-Malware to your desktop.

Rightclick on Malwarebytes' Anti-Malware and select Run As Administrator and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.

* Once the program has loaded, select Perform Quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.



ComboFix

You must first uninstall AVG before running Combofix then download and run the AVG removal tool.
http://download.avg....6_2011_1322.exe

:!: If you have a previous version of Combofix.exe, delete it and download a fresh copy. :!:

:!: It must be saved to your desktop, do not run it :!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Rightclick on ComboFix and select Run As Administrator to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix. Allow it to install the Recovery Console then Continue. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.


A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.


Download TDSSKiller:
http://support.kaspe.../tdsskiller.exe
Save it to your desktop then right click and Run as Administrator

If TDSSKiller alerts you that the system needs to reboot, please consent.
When done, a log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.


Download aswMBR.exe ( 511KB ) to your desktop.

Right click and Run As Administrator the aswMBR.exe to run it

Click the "Scan" button to start scan

On completion of the scan (Note if the Fix button is enabled and tell me) click save log, save it to your desktop and post in your next reply


If it's not an infection I expect it's a heat issue. Following programs might tell us more.



Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot.


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.


When it slows down:

Get Process Explorer

http://live.sysinter...com/procexp.exe

Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator). Click once or twice on the CPU column header to sort things by CPU usage with the big hitters at the top. Close all programs and then wait about 60 seconds for things to settle down. File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.

Also:
Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Attach the file to your next post.

Ron
  • 0

#3
LANCE_1313
Posted 28 August 2011 - 03:21 PM

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
Thanks very much for the help. I've done everything other then the process logs and speccy as it's running ok right now. Here are the logs.

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7593

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

28/08/2011 9:14:09 PM
mbam-log-2011-08-28 (21-14-09).txt

Scan type: Quick scan
Objects scanned: 171988
Time elapsed: 2 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)








ComboFix 11-08-27.01 - LANCE 28/08/2011 21:41:20.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.3957.2371 [GMT 10:00]
Running from: c:\users\LANCE\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: Online Armor Firewall *Enabled* {32E71E58-6AAE-2557-2ABD-EA739069CE41}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-07-28 to 2011-08-28 )))))))))))))))))))))))))))))))
.
.
2011-08-28 11:49 . 2011-08-28 11:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-27 21:12 . 2011-08-27 21:12 -------- d-----w- c:\program files\iTunes
2011-08-27 21:12 . 2011-08-27 21:12 -------- d-----w- c:\program files (x86)\iTunes
2011-08-27 21:12 . 2011-08-27 21:12 -------- d-----w- c:\program files\iPod
2011-08-26 08:18 . 2011-08-12 04:10 8862544 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{286609B3-255D-48B7-9882-EFA70C5D48E3}\mpengine.dll
2011-08-24 06:57 . 2011-07-09 05:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-24 06:57 . 2011-07-09 04:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-08-22 07:01 . 2011-08-22 07:01 -------- d-----w- c:\users\LANCE\AppData\Local\Diagnostics
2011-08-17 00:47 . 2011-08-17 00:47 -------- d-----w- c:\users\LANCE\AppData\Local\ElevatedDiagnostics
2011-08-17 00:13 . 2011-08-17 00:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2011-08-17 00:13 . 2011-08-17 00:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2011-08-17 00:13 . 2011-08-17 00:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2011-08-17 00:13 . 2011-08-17 00:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2011-08-17 00:13 . 2011-08-17 00:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2011-08-17 00:13 . 2011-08-17 00:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2011-08-17 00:13 . 2011-08-17 00:13 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2011-08-17 00:13 . 2011-08-17 00:13 -------- d-----w- c:\program files (x86)\QuickTime
2011-08-15 21:20 . 2011-08-15 21:20 4892320 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2011-08-13 04:52 . 2011-07-16 05:41 362496 ----a-w- c:\windows\system32\wow64win.dll
2011-08-13 04:51 . 2011-06-23 04:33 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-08-13 04:51 . 2011-06-23 05:43 5561216 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-13 04:51 . 2011-06-23 04:33 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-08-03 06:11 . 2011-08-03 06:11 -------- d-----w- c:\program files\Bonjour
2011-08-03 06:11 . 2011-08-03 06:11 -------- d-----w- c:\program files (x86)\Bonjour
2011-08-01 13:18 . 2011-08-01 13:18 -------- d-----w- c:\programdata\ASUS
2011-08-01 13:18 . 2011-08-01 13:18 -------- d-----w- c:\users\LANCE\AppData\Local\ASUS
2011-07-31 20:44 . 2011-08-26 11:56 45056 ----a-w- c:\windows\system32\acovcnt.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-27 21:52 . 2011-07-02 09:01 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-03 06:07 . 2011-07-02 09:03 627600 ----a-w- c:\windows\system32\deployJava1.dll
2011-07-16 04:26 . 2011-08-13 04:52 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-12 01:34 . 2011-07-12 01:34 96104 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 01:34 . 2011-07-12 01:34 85864 ----a-w- c:\windows\system32\dnssd.dll
2011-07-12 01:34 . 2011-07-12 01:34 61288 ----a-w- c:\windows\system32\jdns_sd.dll
2011-07-12 01:34 . 2011-07-12 01:34 212840 ----a-w- c:\windows\system32\dnssdX.dll
2011-07-12 01:20 . 2011-07-12 01:20 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe
2011-07-12 01:20 . 2011-07-12 01:20 73064 ----a-w- c:\windows\SysWow64\dnssd.dll
2011-07-12 01:20 . 2011-07-12 01:20 50536 ----a-w- c:\windows\SysWow64\jdns_sd.dll
2011-07-12 01:20 . 2011-07-12 01:20 178536 ----a-w- c:\windows\SysWow64\dnssdX.dll
2011-07-06 09:52 . 2011-07-02 09:59 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-06 09:52 . 2011-07-02 09:59 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-05 08:37 . 2011-07-05 08:37 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-07-05 08:37 . 2011-07-05 08:37 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2011-07-04 11:43 . 2011-07-02 09:26 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2011-07-02 09:26 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-07-04 11:43 . 2011-07-02 09:26 253888 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-07-02 09:26 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2011-07-02 09:26 288088 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2011-07-02 09:26 45400 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:32 . 2011-07-02 09:26 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2011-07-02 09:26 64856 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-04 11:32 . 2011-07-02 09:26 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-04 08:21 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-07-04 08:21 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-07-02 13:07 . 2011-07-02 13:07 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-07-02 13:07 . 2011-07-02 13:07 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-07-02 13:07 . 2011-07-02 13:07 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-07-02 13:07 . 2011-07-02 13:07 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-07-02 13:07 . 2011-07-02 13:07 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-07-02 13:07 . 2011-07-02 13:07 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-07-02 13:07 . 2011-07-02 13:07 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-07-02 13:07 . 2011-07-02 13:07 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-07-02 13:07 . 2011-07-02 13:07 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-07-02 13:07 . 2011-07-02 13:07 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-07-02 13:07 . 2011-07-02 13:07 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-07-02 13:07 . 2011-07-02 13:07 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-07-02 13:07 . 2011-07-02 13:07 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-07-02 13:07 . 2011-07-02 13:07 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-07-02 13:07 . 2011-07-02 13:07 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-07-02 13:07 . 2011-07-02 13:07 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-07-02 13:07 . 2011-07-02 13:07 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-07-02 13:07 . 2011-07-02 13:07 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-07-02 13:07 . 2011-07-02 13:07 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-07-02 13:07 . 2011-07-02 13:07 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-07-02 13:07 . 2011-07-02 13:07 222208 ----a-w- c:\windows\system32\msls31.dll
2011-07-02 13:07 . 2011-07-02 13:07 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-07-02 13:07 . 2011-07-02 13:07 12288 ----a-w- c:\windows\system32\mshta.exe
2011-07-02 13:07 . 2011-07-02 13:07 114176 ----a-w- c:\windows\system32\admparse.dll
2011-07-02 13:07 . 2011-07-02 13:07 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-07-02 13:07 . 2011-07-02 13:07 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-07-02 13:07 . 2011-07-02 13:07 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-07-02 13:07 . 2011-07-02 13:07 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-07-02 13:07 . 2011-07-02 13:07 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-07-02 13:07 . 2011-07-02 13:07 448512 ----a-w- c:\windows\system32\html.iec
2011-07-02 13:07 . 2011-07-02 13:07 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-07-02 13:07 . 2011-07-02 13:07 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-07-02 13:07 . 2011-07-02 13:07 160256 ----a-w- c:\windows\system32\wextract.exe
2011-07-02 13:07 . 2011-07-02 13:07 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-07-02 13:07 . 2011-07-02 13:07 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-07-02 13:07 . 2011-07-02 13:07 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-07-02 10:56 . 2011-07-02 10:56 20288000 ----a-w- c:\windows\system32\imageres.dll
2011-07-01 03:07 . 2011-07-01 03:07 13464 ----a-w- c:\windows\system32\drivers\PSVolAcc.sys
2011-07-01 03:07 . 2011-07-01 03:07 40600 ----a-w- c:\windows\system32\drivers\psmounter.sys
2011-06-11 03:07 . 2011-07-13 01:18 3137536 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-08-18 17360520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-10-09 6937216]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"VolPanel"="c:\program files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" [2008-12-29 237693]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-18 421736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-2 1079584]
FancyStart daemon.lnk - c:\windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe [2010-4-30 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-04-29 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-04-29 79360]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 OADevice;OADriver;c:\windows\SysWow64\Drivers\OADriver.sys [2011-04-06 59176]
S1 oahlpXX;Online Armor helper driver;c:\windows\syswow64\drivers\oahlp64.sys [2011-04-06 55088]
S1 OAmon;OAmon;c:\windows\SysWOW64\Drivers\OAmon.sys [2011-04-06 38064]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 OAcat;Online Armor Helper Service;c:\program files (x86)\Online Armor\OAcat.exe [2011-04-06 381512]
S2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [2011-07-01 301720]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [x]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe64.sys [x]
S2 SvcOnlineArmor;Online Armor;c:\program files (x86)\Online Armor\oasrv.exe [2011-04-06 4326472]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 OAnet;OnlineArmor Service;c:\windows\system32\DRIVERS\oanet.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-27 c:\windows\Tasks\My Backup xml.job
- c:\program files\Macrium\Reflect\reflect.exe [2011-07-01 03:01]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RunDLLEntry"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
"@OnlineArmor GUI"="c:\program files (x86)\Online Armor\oaui.exe" [2011-04-06 2477032]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://login.live.c...bcxt=mai&snsc=1
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\LANCE\AppData\Roaming\Mozilla\Firefox\Profiles\f4j3xeu5.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-ASUS_ScreenSaver_GSeries - c:\windows\system32\ASUS_ScreenSaver_GSeries.scr
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
@Denied: (A 2) (Everyone)
@="FlashProp Class"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
"Licence0"="04F0D21-79D8-7A25-D702-433F"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-08-29 06:34:45
ComboFix-quarantined-files.txt 2011-08-28 20:34
.
Pre-Run: 303,226,593,280 bytes free
Post-Run: 302,802,116,608 bytes free
.
- - End Of File - - 414DB3A533F51C0F6760046529FD8E3C











2011/08/29 06:37:51.0728 2040 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/08/29 06:37:53.0730 2040 ================================================================================
2011/08/29 06:37:53.0730 2040 SystemInfo:
2011/08/29 06:37:53.0730 2040
2011/08/29 06:37:53.0730 2040 OS Version: 6.1.7601 ServicePack: 1.0
2011/08/29 06:37:53.0730 2040 Product type: Workstation
2011/08/29 06:37:53.0730 2040 ComputerName: LANCE-LT
2011/08/29 06:37:53.0730 2040 UserName: LANCE
2011/08/29 06:37:53.0730 2040 Windows directory: C:\Windows
2011/08/29 06:37:53.0730 2040 System windows directory: C:\Windows
2011/08/29 06:37:53.0731 2040 Running under WOW64
2011/08/29 06:37:53.0731 2040 Processor architecture: Intel x64
2011/08/29 06:37:53.0731 2040 Number of processors: 4
2011/08/29 06:37:53.0731 2040 Page size: 0x1000
2011/08/29 06:37:53.0731 2040 Boot type: Normal boot
2011/08/29 06:37:53.0731 2040 ================================================================================
2011/08/29 06:37:54.0082 2040 Initialize success
2011/08/29 06:37:58.0984 4628 ================================================================================
2011/08/29 06:37:58.0984 4628 Scan started
2011/08/29 06:37:58.0984 4628 Mode: Manual;
2011/08/29 06:37:58.0984 4628 ================================================================================
2011/08/29 06:38:00.0070 4628 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/08/29 06:38:00.0150 4628 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/08/29 06:38:00.0193 4628 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/08/29 06:38:00.0252 4628 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/08/29 06:38:00.0284 4628 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/08/29 06:38:00.0306 4628 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/08/29 06:38:00.0406 4628 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
2011/08/29 06:38:00.0457 4628 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/08/29 06:38:00.0511 4628 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/08/29 06:38:00.0545 4628 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/08/29 06:38:00.0596 4628 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/08/29 06:38:00.0619 4628 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/08/29 06:38:00.0671 4628 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2011/08/29 06:38:00.0711 4628 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/08/29 06:38:00.0741 4628 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2011/08/29 06:38:00.0809 4628 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/08/29 06:38:00.0878 4628 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/08/29 06:38:00.0930 4628 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/08/29 06:38:00.0968 4628 AsDsm (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys
2011/08/29 06:38:01.0072 4628 ASMMAP64 (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys
2011/08/29 06:38:01.0138 4628 aswFsBlk (55353cd0da287b2c3782485740965b54) C:\Windows\system32\drivers\aswFsBlk.sys
2011/08/29 06:38:01.0191 4628 aswMonFlt (b38061cdefb71361e0c7547ac60527e8) C:\Windows\system32\drivers\aswMonFlt.sys
2011/08/29 06:38:01.0222 4628 aswRdr (91e7aca95933633b2557f47cdfdb74c3) C:\Windows\system32\drivers\aswRdr.sys
2011/08/29 06:38:01.0264 4628 aswSnx (2b15499f68fad60ce69264a327e9b0f0) C:\Windows\system32\drivers\aswSnx.sys
2011/08/29 06:38:01.0308 4628 aswSP (4d939ecb19dc930056593390d1c87c43) C:\Windows\system32\drivers\aswSP.sys
2011/08/29 06:38:01.0337 4628 aswTdi (d633426c5a207ce21767569aa4946891) C:\Windows\system32\drivers\aswTdi.sys
2011/08/29 06:38:01.0376 4628 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/08/29 06:38:01.0446 4628 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/08/29 06:38:01.0533 4628 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
2011/08/29 06:38:01.0655 4628 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/08/29 06:38:01.0700 4628 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/08/29 06:38:01.0759 4628 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/08/29 06:38:01.0817 4628 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/08/29 06:38:01.0906 4628 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/08/29 06:38:01.0929 4628 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/08/29 06:38:01.0954 4628 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/08/29 06:38:01.0986 4628 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/08/29 06:38:02.0008 4628 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/08/29 06:38:02.0033 4628 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/08/29 06:38:02.0055 4628 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/08/29 06:38:02.0139 4628 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
2011/08/29 06:38:02.0215 4628 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/08/29 06:38:02.0242 4628 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
2011/08/29 06:38:02.0289 4628 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
2011/08/29 06:38:02.0327 4628 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
2011/08/29 06:38:02.0373 4628 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys
2011/08/29 06:38:02.0410 4628 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\DRIVERS\btwavdt.sys
2011/08/29 06:38:02.0458 4628 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/08/29 06:38:02.0490 4628 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/08/29 06:38:02.0526 4628 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/08/29 06:38:02.0594 4628 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
2011/08/29 06:38:02.0649 4628 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/08/29 06:38:02.0689 4628 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/08/29 06:38:02.0768 4628 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/08/29 06:38:02.0822 4628 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/08/29 06:38:02.0883 4628 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/08/29 06:38:02.0921 4628 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/08/29 06:38:02.0989 4628 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/08/29 06:38:03.0026 4628 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/08/29 06:38:03.0122 4628 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/08/29 06:38:03.0162 4628 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/08/29 06:38:03.0194 4628 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/08/29 06:38:03.0247 4628 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/08/29 06:38:03.0316 4628 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/08/29 06:38:03.0419 4628 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/08/29 06:38:03.0548 4628 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/08/29 06:38:03.0606 4628 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/08/29 06:38:03.0641 4628 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/08/29 06:38:03.0692 4628 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/08/29 06:38:03.0725 4628 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/08/29 06:38:03.0767 4628 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/08/29 06:38:03.0791 4628 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/08/29 06:38:03.0822 4628 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/08/29 06:38:03.0881 4628 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/08/29 06:38:03.0970 4628 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/08/29 06:38:04.0014 4628 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/08/29 06:38:04.0047 4628 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/08/29 06:38:04.0078 4628 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/08/29 06:38:04.0108 4628 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/08/29 06:38:04.0143 4628 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/08/29 06:38:04.0218 4628 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/08/29 06:38:04.0291 4628 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/08/29 06:38:04.0342 4628 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
2011/08/29 06:38:04.0377 4628 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/08/29 06:38:04.0420 4628 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/08/29 06:38:04.0473 4628 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/08/29 06:38:04.0522 4628 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
2011/08/29 06:38:04.0578 4628 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/08/29 06:38:04.0660 4628 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/08/29 06:38:04.0739 4628 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/08/29 06:38:04.0817 4628 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/08/29 06:38:04.0863 4628 iaStor (631fa8935163b01fc0c02966cb3adb92) C:\Windows\system32\DRIVERS\iaStor.sys
2011/08/29 06:38:04.0920 4628 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2011/08/29 06:38:04.0957 4628 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/08/29 06:38:05.0059 4628 IntcAzAudAddService (52d9171838bb92319f23656f502916e9) C:\Windows\system32\drivers\RTKVHD64.sys
2011/08/29 06:38:05.0116 4628 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/08/29 06:38:05.0147 4628 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/08/29 06:38:05.0216 4628 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/08/29 06:38:05.0280 4628 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/08/29 06:38:05.0308 4628 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/08/29 06:38:05.0386 4628 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/08/29 06:38:05.0456 4628 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/08/29 06:38:05.0509 4628 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/08/29 06:38:05.0552 4628 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
2011/08/29 06:38:05.0595 4628 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
2011/08/29 06:38:05.0642 4628 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
2011/08/29 06:38:05.0711 4628 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/08/29 06:38:05.0791 4628 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/08/29 06:38:05.0823 4628 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/08/29 06:38:05.0870 4628 L1C (01c711667abedf8148998f3ac91991db) C:\Windows\system32\DRIVERS\L1C62x64.sys
2011/08/29 06:38:05.0920 4628 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/08/29 06:38:05.0986 4628 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/08/29 06:38:06.0012 4628 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/08/29 06:38:06.0035 4628 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/08/29 06:38:06.0066 4628 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/08/29 06:38:06.0103 4628 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/08/29 06:38:06.0144 4628 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/08/29 06:38:06.0193 4628 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/08/29 06:38:06.0235 4628 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/08/29 06:38:06.0302 4628 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/08/29 06:38:06.0361 4628 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/08/29 06:38:06.0433 4628 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/08/29 06:38:06.0497 4628 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/08/29 06:38:06.0573 4628 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/08/29 06:38:06.0611 4628 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/08/29 06:38:06.0679 4628 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/08/29 06:38:06.0743 4628 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/08/29 06:38:06.0796 4628 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/08/29 06:38:06.0834 4628 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/08/29 06:38:06.0868 4628 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/08/29 06:38:06.0897 4628 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/08/29 06:38:06.0937 4628 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/08/29 06:38:06.0964 4628 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/08/29 06:38:07.0001 4628 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/08/29 06:38:07.0067 4628 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/08/29 06:38:07.0097 4628 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/08/29 06:38:07.0120 4628 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/08/29 06:38:07.0187 4628 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/08/29 06:38:07.0222 4628 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/08/29 06:38:07.0248 4628 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/08/29 06:38:07.0273 4628 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/08/29 06:38:07.0324 4628 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
2011/08/29 06:38:07.0350 4628 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/08/29 06:38:07.0400 4628 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/08/29 06:38:07.0484 4628 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/08/29 06:38:07.0548 4628 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/08/29 06:38:07.0594 4628 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/08/29 06:38:07.0658 4628 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/08/29 06:38:07.0719 4628 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/08/29 06:38:07.0786 4628 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/08/29 06:38:07.0816 4628 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/08/29 06:38:07.0878 4628 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/08/29 06:38:07.0947 4628 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/08/29 06:38:07.0992 4628 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/08/29 06:38:08.0025 4628 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/08/29 06:38:08.0086 4628 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2011/08/29 06:38:08.0148 4628 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/08/29 06:38:08.0209 4628 NVHDA (ad37248bd442d41c9a896e53eb8a85ee) C:\Windows\system32\drivers\nvhda64v.sys
2011/08/29 06:38:08.0466 4628 nvlddmkm (fd39b98ff1bb8ed3848781497e9d02e0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/08/29 06:38:08.0785 4628 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2011/08/29 06:38:08.0820 4628 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2011/08/29 06:38:08.0934 4628 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/08/29 06:38:09.0020 4628 OADevice (76aa576a6abceea31dc05e959bd51e15) C:\Windows\SysWow64\Drivers\OADriver.sys
2011/08/29 06:38:09.0065 4628 oahlpXX (89113f98156e9120d78f018cdfc5bec4) C:\Windows\syswow64\drivers\oahlp64.sys
2011/08/29 06:38:09.0098 4628 OAmon (ecd517bc4fa048fbe3da2d12147c104e) C:\Windows\SysWOW64\Drivers\OAmon.sys
2011/08/29 06:38:09.0133 4628 OAnet (3c1c4645a61f2d5cd4f85b2013fd182f) C:\Windows\system32\DRIVERS\oanet.sys
2011/08/29 06:38:09.0176 4628 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/08/29 06:38:09.0250 4628 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/08/29 06:38:09.0314 4628 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/08/29 06:38:09.0353 4628 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/08/29 06:38:09.0380 4628 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/08/29 06:38:09.0418 4628 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/08/29 06:38:09.0451 4628 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/08/29 06:38:09.0501 4628 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/08/29 06:38:09.0660 4628 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/08/29 06:38:09.0694 4628 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/08/29 06:38:09.0766 4628 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/08/29 06:38:09.0819 4628 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/08/29 06:38:09.0896 4628 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/08/29 06:38:09.0932 4628 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/08/29 06:38:09.0956 4628 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/08/29 06:38:09.0998 4628 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/08/29 06:38:10.0061 4628 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/08/29 06:38:10.0120 4628 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/08/29 06:38:10.0158 4628 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/08/29 06:38:10.0241 4628 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/08/29 06:38:10.0284 4628 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/08/29 06:38:10.0340 4628 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/08/29 06:38:10.0379 4628 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/08/29 06:38:10.0413 4628 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/08/29 06:38:10.0480 4628 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/08/29 06:38:10.0566 4628 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/08/29 06:38:10.0671 4628 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/08/29 06:38:10.0717 4628 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\Windows\system32\DRIVERS\rimspe64.sys
2011/08/29 06:38:10.0766 4628 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\Windows\system32\DRIVERS\rixdpe64.sys
2011/08/29 06:38:10.0822 4628 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/08/29 06:38:10.0880 4628 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/08/29 06:38:10.0936 4628 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/08/29 06:38:11.0007 4628 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
2011/08/29 06:38:11.0059 4628 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/08/29 06:38:11.0128 4628 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/08/29 06:38:11.0155 4628 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/08/29 06:38:11.0221 4628 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/08/29 06:38:11.0275 4628 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/08/29 06:38:11.0302 4628 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/08/29 06:38:11.0328 4628 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/08/29 06:38:11.0359 4628 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/08/29 06:38:11.0422 4628 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
2011/08/29 06:38:11.0458 4628 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/08/29 06:38:11.0491 4628 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/08/29 06:38:11.0526 4628 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/08/29 06:38:11.0619 4628 SNP2UVC (7aec460dbdd193680f0e77724e40e7b6) C:\Windows\system32\DRIVERS\snp2uvc.sys
2011/08/29 06:38:11.0694 4628 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/08/29 06:38:11.0773 4628 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
2011/08/29 06:38:11.0844 4628 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
2011/08/29 06:38:11.0878 4628 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
2011/08/29 06:38:11.0925 4628 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/08/29 06:38:12.0001 4628 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/08/29 06:38:12.0049 4628 SynTP (0faa1933fbcf916c301ff94acc623031) C:\Windows\system32\DRIVERS\SynTP.sys
2011/08/29 06:38:12.0158 4628 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
2011/08/29 06:38:12.0306 4628 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
2011/08/29 06:38:12.0409 4628 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/08/29 06:38:12.0464 4628 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/08/29 06:38:12.0486 4628 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/08/29 06:38:12.0547 4628 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/08/29 06:38:12.0589 4628 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/08/29 06:38:12.0713 4628 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/08/29 06:38:12.0776 4628 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/08/29 06:38:12.0846 4628 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/08/29 06:38:12.0883 4628 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/08/29 06:38:12.0955 4628 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/08/29 06:38:13.0046 4628 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/08/29 06:38:13.0108 4628 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2011/08/29 06:38:13.0155 4628 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/08/29 06:38:13.0227 4628 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
2011/08/29 06:38:13.0274 4628 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/08/29 06:38:13.0313 4628 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/08/29 06:38:13.0353 4628 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
2011/08/29 06:38:13.0401 4628 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
2011/08/29 06:38:13.0438 4628 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
2011/08/29 06:38:13.0488 4628 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/08/29 06:38:13.0535 4628 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/08/29 06:38:13.0572 4628 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
2011/08/29 06:38:13.0643 4628 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
2011/08/29 06:38:13.0726 4628 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/08/29 06:38:13.0767 4628 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/08/29 06:38:13.0804 4628 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/08/29 06:38:13.0839 4628 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/08/29 06:38:13.0903 4628 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/08/29 06:38:13.0935 4628 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/08/29 06:38:13.0997 4628 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/08/29 06:38:14.0041 4628 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/08/29 06:38:14.0087 4628 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/08/29 06:38:14.0128 4628 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/08/29 06:38:14.0165 4628 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/08/29 06:38:14.0206 4628 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/08/29 06:38:14.0262 4628 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/29 06:38:14.0278 4628 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/08/29 06:38:14.0346 4628 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/08/29 06:38:14.0400 4628 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
2011/08/29 06:38:14.0441 4628 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/08/29 06:38:14.0545 4628 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/08/29 06:38:14.0598 4628 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/08/29 06:38:14.0633 4628 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/08/29 06:38:14.0772 4628 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/08/29 06:38:14.0846 4628 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/08/29 06:38:14.0941 4628 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/08/29 06:38:14.0992 4628 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/08/29 06:38:15.0071 4628 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/08/29 06:38:15.0094 4628 Boot (0x1200) (3b6b15cf02bddbf24b8fcc2615989fbf) \Device\Harddisk0\DR0\Partition0
2011/08/29 06:38:15.0098 4628 ================================================================================
2011/08/29 06:38:15.0098 4628 Scan finished
2011/08/29 06:38:15.0098 4628 ================================================================================
2011/08/29 06:38:15.0110 4572 Detected object count: 0
2011/08/29 06:38:15.0110 4572 Actual detected object count: 0
2011/08/29 06:38:45.0796 1936 Deinitialize success









aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-08-29 06:39:09
-----------------------------
06:39:09.859 OS Version: Windows x64 6.1.7601 Service Pack 1
06:39:09.859 Number of processors: 4 586 0x2502
06:39:09.859 ComputerName: LANCE-LT UserName: LANCE
06:39:10.946 Initialze error C0000034 - driver not loaded
06:39:11.195 AVAST engine defs: 11082801
06:40:05.451 Service scanning
06:40:06.922 Modules scanning
06:40:06.926 Disk 0 trace - called modules:
06:40:06.930
06:40:09.789 AVAST engine scan C:\Windows
06:40:12.156 AVAST engine scan C:\Windows\system32
06:41:32.567 AVAST engine scan C:\Windows\system32\drivers
06:41:41.865 AVAST engine scan C:\Users\LANCE
06:55:56.796 AVAST engine scan C:\ProgramData
06:56:36.572 The log file has been saved successfully to "C:\Users\LANCE\Desktop\aswMBR.txt"






Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 29/08/2011 7:14:17 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/08/2011 9:02:22 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 28/08/2011 9:02:22 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/08/2011 9:00:57 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.









Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 29/08/2011 7:15:15 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 28/08/2011 9:01:59 PM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 28/08/2011 9:00:46 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 19 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1696 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1696 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1696 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1696 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Root
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\trust
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\My
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\CA
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
  • 0

#4
RKinner
Posted 28 August 2011 - 03:52 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
No sign of malware. Some problems with Online Armor and ASUS FastBoot. One strange thing with S Channel which I'm not really sure about.

Download the latest version of Online armor - http://www.online-ar...-armor-free.php

Uninstall the old online armor and reboot then reinstall it. Make sure you right click and Run As Administrator when you install it.

Also uninstall ASUS Fastboot
Download the latest version (Version V1.0.10) from
http://support.asus....tBoot&p=3&os=29
(Make sure you tell it you want the Win 7 64 bit version)

Make sure you right click and Run As Administrator when you install it.

Ron
  • 0

#5
LANCE_1313
Posted 29 August 2011 - 04:53 AM

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
I've uninstalled and updated both of those programs. So far I'm on a good streak and haven't had any slow down problems but I'm sure it will occur. I haven't had the comp on for too long in the last 2 days. If it happens I'll run speccy and the other program you suggested.

Unless you have any other suggestions in the mean time I think that's all.

Thank you for the help.
  • 0

#6
RKinner
Posted 29 August 2011 - 08:38 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
I just opened two 5 year old desktop computers to update their RAM and decided to give them a good cleaning since I was there. The heatsink under the cpu fan was almost totally clogged with dust in both cases. Had to remove the fan and then use a vacuum cleaner hose to suck clean. Amazing how much dust gets in there and that they were still running.
  • 0

#7
LANCE_1313
Posted 31 August 2011 - 03:43 AM

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
So I've just had a slow down but before I could run the diagnostics you wanted me to the comp crashed. Is there any way that I can see why it crashed from some log. I figure if I find why it crashed that will be the solution to the overall problem.

Thanks
  • 0

#8
RKinner
Posted 31 August 2011 - 09:01 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Run VEW as before and let's see if it left any record.

Just in case it happens again uncheck Automatically Restart and make sure it has Small Memory Dump set under Write Debugging Information:

http://blog.nirsoft....-files-on-bsod/

You can also change the Memory Dump Location to your desktop to make them easier to find.

%userprofile%\Desktop

OK

You can look in C:\windows\system32\minidump and see if you got lucky and it created one last time but usually it won't until you tell it to.

Go ahead and run speccy and post the log.

Ron
  • 0

#9
LANCE_1313
Posted 31 August 2011 - 02:30 PM

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
Here's what you asked for. When I looked for the minidump file it didn't exist. I assume windows creates it the first time it creates one.

Thanks again



Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 01/09/2011 6:22:32 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 31/08/2011 8:03:03 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 31/08/2011 8:03:03 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 30/08/2011 8:21:18 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 30/08/2011 8:21:17 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 29/08/2011 8:26:09 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 29/08/2011 8:26:09 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 29/08/2011 11:38:42 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: Skype.exe, version: 5.5.0.114, time stamp: 0x4e4d3784 Faulting module name: Skype.exe, version: 5.5.0.114, time stamp: 0x4e4d3784 Exception code: 0xc0000005 Fault offset: 0x00812b3d Faulting process id: 0x730 Faulting application start time: 0x01cc663685d3e1ae Faulting application path: C:\Program Files (x86)\Skype\Phone\Skype.exe Faulting module path: C:\Program Files (x86)\Skype\Phone\Skype.exe Report Id: 71a3c3a0-d233-11e0-8360-e0cb4e5b9aca

Log: 'Application' Date/Time: 29/08/2011 10:31:28 AM
Type: Error Category: 0
Event: 10005 Source: MsiInstaller
Product: Fast Boot -- This version cannot be installed on 64-bit operating system.

Log: 'Application' Date/Time: 29/08/2011 8:54:58 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 29/08/2011 8:54:58 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 29/08/2011 8:32:57 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 29/08/2011 8:32:57 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 31/08/2011 9:17:29 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 29/08/2011 10:30:05 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 29/08/2011 10:28:35 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1448 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts


Log: 'Application' Date/Time: 28/08/2011 9:01:59 PM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 28/08/2011 9:00:46 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 19 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1696 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1696 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1696 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1696 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Root
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\trust
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\My
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\CA
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates






Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 01/09/2011 6:21:47 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 31/08/2011 9:16:04 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 31/08/2011 9:18:22 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 31/08/2011 9:18:22 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 31/08/2011 9:16:19 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 7:14:47 PM on ?31/?08/?2011 was unexpected.

Log: 'System' Date/Time: 31/08/2011 8:52:28 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 30/08/2011 11:39:00 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 30/08/2011 11:39:00 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 30/08/2011 8:36:39 AM
Type: Error Category: 0
Event: 4199 Source: Tcpip
The system detected an address conflict for IP address 0.0.0.0 with the system having network hardware address 00-24-1D-19-0E-D1. Network operations on this system may be disrupted as a result.

Log: 'System' Date/Time: 30/08/2011 7:12:45 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 29/08/2011 11:39:01 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 29/08/2011 11:39:01 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 29/08/2011 10:30:44 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 29/08/2011 10:30:44 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 28/08/2011 9:02:22 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 28/08/2011 9:02:22 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 30/08/2011 8:37:16 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 30/08/2011 8:37:10 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dsn11.d.skype.net timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 30/08/2011 8:00:47 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 2 seconds since the last report.

Log: 'System' Date/Time: 30/08/2011 8:00:47 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 2 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 2 seconds since the last report.

Log: 'System' Date/Time: 30/08/2011 8:00:47 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 2 seconds since the last report.

Log: 'System' Date/Time: 30/08/2011 8:00:47 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 3 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 2 seconds since the last report.

Log: 'System' Date/Time: 29/08/2011 11:55:51 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.scohs.on.ca timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 29/08/2011 10:28:38 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 28/08/2011 9:00:57 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.






Summary
Operating System
MS Windows 7 Home Premium 64-bit SP1
CPU
Intel Core i5 @ 2.27GHz 48 °C
Arrandale 32nm Technology
RAM
4.00 GB Dual-Channel DDR3 @ 533MHz (7-7-7-20)
Motherboard
PEGATRON CORPORATION G60JX (Socket 989) 49 °C
Graphics
HSD160PHW1 (1366x768@60Hz)
1024MB GeForce GTS 360M (ASUStek Computer Inc) 54 °C
Hard Drives
488GB Seagate ST9500420AS (SATA) 28 °C
Optical Drives
HL-DT-ST DVDRAM GT30N
Audio
Realtek High Definition Audio
Operating System
MS Windows 7 Home Premium 64-bit SP1
Installation Date: 02 July 2011, 18:40

Windows Security Center
User Account Control (UAC) Enabled
Notify level 2 - Default
Firewall Disabled
Windows Update
AutoUpdate Download Automatically and Install at Set Scheduled time
Schedule Frequency Every day
Schedule Time 3 am
Windows Defender
Windows Defender Enabled
Environment Variables
USERPROFILE C:\Users\LANCE
SystemRoot C:\Windows
User Variables
TEMP C:\Users\LANCE\AppData\Local\Temp
TMP C:\Users\LANCE\AppData\Local\Temp
Machine Variables
ComSpec C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK NO
OS Windows_NT
Path
C:\Windows\system32
C:\Windows
C:\Windows\system32\wbem
%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
C:\Program Files\WIDCOMM\Bluetooth Software
C:\Program Files\WIDCOMM\Bluetooth Software\syswow64
C:\Program Files (x86)\MKVtoolnix
C:\Program Files (x86)\QuickTime\QTSystem
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE AMD64
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
windir C:\Windows
PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
NUMBER_OF_PROCESSORS 4
PROCESSOR_LEVEL 6
PROCESSOR_IDENTIFIER Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
PROCESSOR_REVISION 2502
configsetroot C:\Windows\ConfigSetRoot
asl.log Destination=file
CLASSPATH
.
C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip
QTJAVA C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip
Process List
acengsvr.exe
Process ID 3976
User LANCE
Domain LANCE-LT
Path C:\Windows\SysWOW64\ACEngSvr.exe
Memory Usage 16 MB
Peak Memory Usage 16 MB
acmon.exe
Process ID 3584
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
Memory Usage 528 KB
Peak Memory Usage 10 MB
acrord32.exe
Process ID 3728
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
Memory Usage 22 MB
Peak Memory Usage 39 MB
acrord32.exe
Process ID 3108
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
Memory Usage 8.59 MB
Peak Memory Usage 15 MB
adsmsrv.exe
Process ID 4820
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
Memory Usage 3.29 MB
Peak Memory Usage 4.79 MB
adsmtray.exe
Process ID 2500
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
Memory Usage 4.18 MB
Peak Memory Usage 7.82 MB
alu.exe
Process ID 3460
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
Memory Usage 528 KB
Peak Memory Usage 8.04 MB
applemobiledeviceservice.exe
Process ID 3860
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Memory Usage 5.19 MB
Peak Memory Usage 7.80 MB
armsvc.exe
Process ID 3836
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
Memory Usage 2.20 MB
Peak Memory Usage 4.30 MB
asldrsrv.exe
Process ID 1728
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
Memory Usage 2.81 MB
Peak Memory Usage 4.25 MB
atkosd.exe
Process ID 2108
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
Memory Usage 3.31 MB
Peak Memory Usage 6.21 MB
atkosd2.exe
Process ID 2992
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
Memory Usage 7.85 MB
Peak Memory Usage 25 MB
audiodg.exe
Process ID 6420
avastsvc.exe
Process ID 1784
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Memory Usage 28 MB
Peak Memory Usage 73 MB
avastui.exe
Process ID 3060
User LANCE
Domain LANCE-LT
Path C:\Program Files\AVAST Software\Avast\AvastUI.exe
Memory Usage 3.05 MB
Peak Memory Usage 11 MB
batterylife.exe
Process ID 3700
User LANCE
Domain LANCE-LT
Path C:\Program Files\P4G\BatteryLife.exe
Memory Usage 528 KB
Peak Memory Usage 12 MB
bttray.exe
Process ID 1412
User LANCE
Domain LANCE-LT
Path C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Memory Usage 15 MB
Peak Memory Usage 16 MB
btwdins.exe
Process ID 3912
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
Memory Usage 4.89 MB
Peak Memory Usage 7.10 MB
controldeckstartup.exe
Process ID 3556
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
Memory Usage 440 KB
Peak Memory Usage 6.35 MB
csrss.exe
Process ID 512
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 2.79 MB
Peak Memory Usage 4.29 MB
csrss.exe
Process ID 588
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 33 MB
Peak Memory Usage 47 MB
dmedia.exe
Process ID 3012
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
Memory Usage 3.71 MB
Peak Memory Usage 7.05 MB
dwm.exe
Process ID 1584
User LANCE
Domain LANCE-LT
Path C:\Windows\system32\Dwm.exe
Memory Usage 29 MB
Peak Memory Usage 43 MB
excel.exe
Process ID 5356
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
Memory Usage 21 MB
Peak Memory Usage 36 MB
explorer.exe
Process ID 1608
User LANCE
Domain LANCE-LT
Path C:\Windows\Explorer.EXE
Memory Usage 90 MB
Peak Memory Usage 97 MB
fbagent.exe
Process ID 1704
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\FBAgent.exe
Memory Usage 7.04 MB
Peak Memory Usage 14 MB
firefox.exe
Process ID 4168
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Memory Usage 645 MB
Peak Memory Usage 683 MB
gfnexsrv.exe
Process ID 1756
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\ATKGFNEX\GFNEXSrv.exe
Memory Usage 2.04 MB
Peak Memory Usage 3.78 MB
hcontrol.exe
Process ID 364
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
Memory Usage 4.58 MB
Peak Memory Usage 7.26 MB
hcontroluser.exe
Process ID 2960
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
Memory Usage 3.36 MB
Peak Memory Usage 6.33 MB
iexplore.exe
Process ID 1904
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\Internet Explorer\iexplore.exe
Memory Usage 21 MB
Peak Memory Usage 29 MB
iexplore.exe
Process ID 1716
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\Internet Explorer\iexplore.exe
Memory Usage 67 MB
Peak Memory Usage 100 MB
ipodservice.exe
Process ID 4632
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\iPod\bin\iPodService.exe
Memory Usage 5.34 MB
Peak Memory Usage 8.39 MB
ituneshelper.exe
Process ID 2716
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\iTunes\iTunesHelper.exe
Memory Usage 9.36 MB
Peak Memory Usage 15 MB
kbfiltr.exe
Process ID 2144
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
Memory Usage 2.50 MB
Peak Memory Usage 4.63 MB
lms.exe
Process ID 4024
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
Memory Usage 3.46 MB
Peak Memory Usage 5.27 MB
lsass.exe
Process ID 648
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsass.exe
Memory Usage 8.21 MB
Peak Memory Usage 12 MB
lsm.exe
Process ID 656
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsm.exe
Memory Usage 3.72 MB
Peak Memory Usage 5.41 MB
mdnsresponder.exe
Process ID 3884
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Bonjour\mDNSResponder.exe
Memory Usage 4.03 MB
Peak Memory Usage 5.76 MB
nvvsvc.exe
Process ID 880
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\nvvsvc.exe
Memory Usage 2.98 MB
Peak Memory Usage 4.83 MB
nvvsvc.exe
Process ID 1140
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\nvvsvc.exe
Memory Usage 5.39 MB
Peak Memory Usage 9.68 MB
oacat.exe
Process ID 1304
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Online Armor\OAcat.exe
Memory Usage 2.81 MB
Peak Memory Usage 11 MB
oahlp.exe
Process ID 1672
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\Online Armor\OAhlp.exe
Memory Usage 1.00 MB
Peak Memory Usage 15 MB
oasrv.exe
Process ID 1340
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Online Armor\oasrv.exe
Memory Usage 12 MB
Peak Memory Usage 57 MB
oaui.exe
Process ID 1984
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\Online Armor\oaui.exe
Memory Usage 7.30 MB
Peak Memory Usage 19 MB
plugin-container.exe
Process ID 5332
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Memory Usage 40 MB
Peak Memory Usage 57 MB
plugin-container.exe
Process ID 3648
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Memory Usage 6.24 MB
Peak Memory Usage 12 MB
plugin-container.exe
Process ID 3288
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Memory Usage 31 MB
Peak Memory Usage 93 MB
plugin-container.exe
Process ID 5528
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Memory Usage 21 MB
Peak Memory Usage 53 MB
ravcpl64.exe
Process ID 2528
User LANCE
Domain LANCE-LT
Path C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
Memory Usage 7.79 MB
Peak Memory Usage 15 MB
reflectservice.exe
Process ID 3516
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Macrium\Reflect\ReflectService.exe
Memory Usage 4.06 MB
Peak Memory Usage 6.06 MB
richvideo.exe
Process ID 5040
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
Memory Usage 2.70 MB
Peak Memory Usage 4.78 MB
rundll32.exe
Process ID 1968
User LANCE
Domain LANCE-LT
Path C:\Windows\System32\rundll32.exe
Memory Usage 4.73 MB
Peak Memory Usage 8.48 MB
searchfilterhost.exe
Process ID 5124
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchFilterHost.exe
Memory Usage 9.13 MB
Peak Memory Usage 9.13 MB
searchindexer.exe
Process ID 4904
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchIndexer.exe
Memory Usage 26 MB
Peak Memory Usage 30 MB
searchprotocolhost.exe
Process ID 5980
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchProtocolHost.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
sensorsrv.exe
Process ID 3612
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
Memory Usage 528 KB
Peak Memory Usage 7.48 MB
services.exe
Process ID 632
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\services.exe
Memory Usage 8.19 MB
Peak Memory Usage 15 MB
skype.exe
Process ID 2028
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\Skype\Phone\Skype.exe
Memory Usage 104 MB
Peak Memory Usage 161 MB
smss.exe
Process ID 352
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 784 KB
Peak Memory Usage 1.27 MB
speccy64.exe
Process ID 6912
User LANCE
Domain LANCE-LT
Path C:\Program Files\Speccy\Speccy64.exe
Memory Usage 21 MB
Peak Memory Usage 54 MB
spoolsv.exe
Process ID 2324
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 7.80 MB
Peak Memory Usage 12 MB
sppsvc.exe
Process ID 7012
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\sppsvc.exe
Memory Usage 12 MB
Peak Memory Usage 15 MB
svchost.exe
Process ID 804
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 7.23 MB
Peak Memory Usage 11 MB
svchost.exe
Process ID 2556
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 76 MB
svchost.exe
Process ID 3964
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 17 MB
svchost.exe
Process ID 3520
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 4.32 MB
Peak Memory Usage 6.60 MB
svchost.exe
Process ID 920
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 7.12 MB
Peak Memory Usage 9.91 MB
svchost.exe
Process ID 2036
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 3.69 MB
Peak Memory Usage 6.54 MB
svchost.exe
Process ID 1200
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 21 MB
Peak Memory Usage 25 MB
svchost.exe
Process ID 1092
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 9.94 MB
Peak Memory Usage 13 MB
svchost.exe
Process ID 440
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 38 MB
Peak Memory Usage 176 MB
svchost.exe
Process ID 4080
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 31 MB
Peak Memory Usage 97 MB
svchost.exe
Process ID 1012
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 17 MB
Peak Memory Usage 21 MB
svchost.exe
Process ID 384
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 117 MB
Peak Memory Usage 151 MB
svchost.exe
Process ID 5368
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 4.04 MB
Peak Memory Usage 4.04 MB
syntpenh.exe
Process ID 1956
User LANCE
Domain LANCE-LT
Path C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Memory Usage 11 MB
Peak Memory Usage 18 MB
syntphelper.exe
Process ID 3524
User LANCE
Domain LANCE-LT
Path C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
Memory Usage 3.53 MB
Peak Memory Usage 6.66 MB
system
Process ID 4
system idle process
Process ID 0
systempropertiesadvanced.exe
Process ID 3720
User LANCE
Domain LANCE-LT
Path C:\Windows\system32\systempropertiesadvanced.exe
Memory Usage 12 MB
Peak Memory Usage 13 MB
taskeng.exe
Process ID 3320
User LANCE
Domain LANCE-LT
Path C:\Windows\system32\taskeng.exe
Memory Usage 4.98 MB
Peak Memory Usage 9.03 MB
taskhost.exe
Process ID 2340
User LANCE
Domain LANCE-LT
Path C:\Windows\system32\taskhost.exe
Memory Usage 8.29 MB
Peak Memory Usage 12 MB
trustedinstaller.exe
Process ID 3176
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\servicing\TrustedInstaller.exe
Memory Usage 9.07 MB
Peak Memory Usage 27 MB
uns.exe
Process ID 3680
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
Memory Usage 7.41 MB
Peak Memory Usage 9.21 MB
updatechecker.exe
Process ID 2008
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
Memory Usage 20 MB
Peak Memory Usage 37 MB
vew.exe
Process ID 2516
User LANCE
Domain LANCE-LT
Path C:\Users\LANCE\Downloads\VEW.exe
Memory Usage 9.09 MB
Peak Memory Usage 9.12 MB
vlc.exe
Process ID 1156
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
Memory Usage 27 MB
Peak Memory Usage 72 MB
volpanlu.exe
Process ID 3032
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe
Memory Usage 9.18 MB
Peak Memory Usage 15 MB
wcourier.exe
Process ID 3632
User LANCE
Domain LANCE-LT
Path C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
Memory Usage 1.27 MB
Peak Memory Usage 9.84 MB
wdc.exe
Process ID 2152
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
Memory Usage 3.04 MB
Peak Memory Usage 5.60 MB
wininit.exe
Process ID 564
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wininit.exe
Memory Usage 2.82 MB
Peak Memory Usage 5.53 MB
winlogon.exe
Process ID 740
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\winlogon.exe
Memory Usage 5.73 MB
Peak Memory Usage 9.22 MB
wmiprvse.exe
Process ID 5536
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 5.32 MB
Peak Memory Usage 5.58 MB
TimeZone
TimeZone GMT +10 Hours
Language English
Country Canada
Currency $
Date Format dd/MM/yyyy
Time Format h:mm:ss tt
Power Profile
Active power scheme Home/Office Desk
Hibernation Enabled
Scheduler
03/09/2011 3:00 PM;At 3:00 PM every Sat of every week, starting 09/07/2011 My Backup xml
Hotfixes
30/08/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.1045.0)
26/08/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.775.0)
24/08/2011 Update for Windows 7 for x64-based Systems (KB2570791)
23/08/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.490.0)
19/08/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.216.0)
17/08/2011 Definition Update for Windows Defender - KB915597 (Definition 1.111.35.0)
16/08/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.1918.0)
15/08/2011 Microsoft Office File Validation Add-in
14/08/2011 Update for Windows 7 for x64-based Systems (KB2563227)
14/08/2011 Security Update for Windows 7 for x64-based Systems (KB2560656)
14/08/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2586924)
14/08/2011 Security Update for Windows 7 for x64-based Systems (KB2536276)
14/08/2011 Update Rollup for ActiveX Killbits for Windows 7 for x64-based Systems (KB2562937)
14/08/2011 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2539635)
14/08/2011 Windows Malicious Software Removal Tool x64 - August 2011 (KB890830)
14/08/2011 Security Update for Windows 7 for x64-based Systems (KB2567680)
14/08/2011 Security Update for Windows 7 for x64-based Systems (KB2563894)
14/08/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2539636)
14/08/2011 Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2559049)
14/08/2011 Security Update for Windows 7 for x64-based Systems (KB2556532)
13/08/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.1657.0)
09/08/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.1371.0)
05/08/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.1136.0)
02/08/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.869.0)
29/07/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.625.0)
26/07/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.351.0)
22/07/2011 Definition Update for Windows Defender - KB915597 (Definition 1.109.116.0)
19/07/2011 Definition Update for Windows Defender - KB915597 (Definition 1.107.2067.0)
15/07/2011 Definition Update for Windows Defender - KB915597 (Definition 1.107.1837.0)
13/07/2011 Windows Malicious Software Removal Tool x64 - July 2011 (KB890830)
13/07/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2553975)
13/07/2011 Security Update for Windows 7 for x64-based Systems (KB2507938)
13/07/2011 Update for Windows 7 for x64-based Systems (KB2529073)
13/07/2011 Security Update for Windows 7 for x64-based Systems (KB2532531)
13/07/2011 Security Update for Windows 7 for x64-based Systems (KB2555917)
13/07/2011 Update for Windows 7 for x64-based Systems (KB982018)
13/07/2011 Update for Windows 7 for x64-based Systems (KB2533623)
12/07/2011 Definition Update for Windows Defender - KB915597 (Definition 1.107.1567.0)
09/07/2011 Definition Update for Windows Defender - KB915597 (Definition 1.107.1308.0)
07/07/2011 Update for Microsoft Office Outlook 2007 (KB2509470)
07/07/2011 Security Update for Microsoft Office InfoPath 2007 (KB2510061)
07/07/2011 Security Update for Microsoft Office Excel 2007 (KB2541007)
07/07/2011 Update for Microsoft Office 2007 System (KB2539530)
07/07/2011 Security Update for Microsoft Office Publisher 2007 (KB2284697)
07/07/2011 Update for Microsoft Office OneNote 2007 (KB980729)
07/07/2011 Security Update for the 2007 Microsoft Office System (KB2345043)
07/07/2011 Security Update for the 2007 Microsoft Office System (KB2288621)
07/07/2011 Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
07/07/2011 Security Update for Microsoft Office Word 2007 (KB2344993)
07/07/2011 Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
07/07/2011 Security Update for Microsoft Office InfoPath 2007 (KB979441)
07/07/2011 Security Update for the 2007 Microsoft Office System (KB972581)
07/07/2011 Security Update for the 2007 Microsoft Office System (KB2541012)
07/07/2011 Security Update for Microsoft Office 2007 System (KB2509488)
07/07/2011 Security Update for Microsoft Office Access 2007 (KB979440)
07/07/2011 Security Update for the 2007 Microsoft Office System (KB976321)
07/07/2011 Security Update for the 2007 Microsoft Office System (KB969559)
07/07/2011 Security Update for the 2007 Microsoft Office System (KB974234)
07/07/2011 Security Update for Microsoft Office 2007 System (KB2288931)
07/07/2011 Update for the 2007 Microsoft Office System (KB2284654)
07/07/2011 Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
07/07/2011 Security Update for Groove 2007 (KB2494047)
07/07/2011 Security Update for Microsoft Office Outlook 2007 (KB2288953)
06/07/2011 Update for Microsoft Office OneNote 2007 Help (KB963670)
06/07/2011 Update for Microsoft Office Publisher 2007 Help (KB963667)
06/07/2011 Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)
06/07/2011 Update for Microsoft Office 2007 System (KB2508958)
06/07/2011 Update for Microsoft Office PowerPoint 2007 Help (KB963669)
06/07/2011 Update for the 2007 Microsoft Office System Help for Common Features (KB963673)
06/07/2011 Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2536413)
06/07/2011 Update for Microsoft Office Word 2007 Help (KB963665)
06/07/2011 Update for Microsoft Office Outlook 2007 Help (KB963677)
06/07/2011 Update for the 2007 Microsoft Office System (KB967642)
06/07/2011 Update for Microsoft Office Excel 2007 Help (KB963678)
06/07/2011 Update for Microsoft Office InfoPath 2007 Help (KB963662)
06/07/2011 The 2007 Microsoft Office Suite Service Pack 2 (SP2)
06/07/2011 Update for Microsoft Office Access 2007 Help (KB963663)
06/07/2011 Update for Microsoft Script Editor Help (KB963671)
05/07/2011 Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2518869)
05/07/2011 Update for Windows 7 for x64-based Systems (KB2533552)
05/07/2011 Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2478662)
05/07/2011 Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2446710)
05/07/2011 Definition Update for Windows Defender - KB915597 (Definition 1.107.1036.0)
04/07/2011 Update for Windows 7 for x64-based Systems (KB2547666)
04/07/2011 Update for Windows 7 for x64-based Systems (KB2547666)
04/07/2011 Update for Windows 7 for x64-based Systems (KB2545698)
04/07/2011 Windows 7 Service Pack 1 for x64-based Systems (KB976932)
04/07/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2518870)
03/07/2011 Western Digital Technologies - Other hardware - WD SES Device
03/07/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2478663)
03/07/2011 Security Update for Microsoft .NET Framework 4 on Windows XP, Windows Server 2003, Windows Vista, Windows 7, Windows Server 2008, Windows Server 2008 R2 for x64-based Systems (KB2446708)
02/07/2011 Update for Windows 7 for x64-based Systems (KB976422)
02/07/2011 Microsoft .NET Framework 4 Client Profile for Windows 7 x64-based Systems (KB982670)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2505438)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2533552)
02/07/2011 Windows Internet Explorer 9 for Windows 7 for x64-based Systems
02/07/2011 Update for Windows 7 for x64-based Systems (KB2492386)
02/07/2011 Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2518867)
02/07/2011 Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2478661)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2506928)
02/07/2011 Windows Malicious Software Removal Tool x64 - June 2011 (KB890830)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2425227)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB979482)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2535512)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2387530)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2552343)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2443685)
02/07/2011 Update for Windows 7 for x64-based Systems (KB980846)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2515325)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2479943)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB982132)
02/07/2011 Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2447568)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB979687)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2305420)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2547666)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB979688)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2503665)
02/07/2011 Update for Windows 7 for x64-based Systems (KB974431)
02/07/2011 Update for Rights Management Services Client for Windows 7 for x64-based Systems (KB979099)
02/07/2011 Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2544521)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB975467)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2286198)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB978542)
02/07/2011 Cumulative Update for Media Center for Windows 7 x64-based Systems (KB2284742)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB972270)
02/07/2011 Security Update for .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB2446709)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2536276)
02/07/2011 Microsoft .NET Framework 3.5 SP1 Security Update for Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB979916)
02/07/2011 Cumulative Security Update for ActiveX Killbits for Windows 7 for x64-based Systems (KB2508272)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2511250)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2525694)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2545698)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2534366)
02/07/2011 Cumulative Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2530548)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2207566)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2296011)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2510531)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2467023)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2522422)
02/07/2011 Update for Windows 7 for x64-based Systems (KB977074)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2506212)
02/07/2011 Update for Windows 7 for x64-based Systems (KB978637)
02/07/2011 Update for Windows 7 for x64-based Systems (KB981981)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB982799)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2524375)
02/07/2011 Microsoft .NET Framework 3.5 SP1 Update for Windows 7 and Windows Server 2008 R2 for x64-based Systems (KB982526)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2484033)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2347290)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2507618)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2487426)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2454826)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2385678)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2541014)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB982665)
02/07/2011 Update for Windows 7 for x64-based Systems (KB975496)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2509553)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2032276)
02/07/2011 Security Update for Microsoft .NET Framework 3.5.1, Windows 7, and Windows Server 2008 R2 for x64-based Systems (KB2416471)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2281679)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB975560)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2488113)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2536275)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2388210)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2393802)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2423089)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2079403)
02/07/2011 Update for Windows 7 for x64-based Systems (KB980408)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2506014)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2476490)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2387149)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB974571)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2483614)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2378111)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2491683)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2544893)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2442962)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2511455)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB2419640)
02/07/2011 Update for Windows 7 for x64-based Systems (KB2345886)
02/07/2011 Update for Windows 7 for x64-based Systems (KB979538)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB978601)
02/07/2011 Security Update for Windows 7 for x64-based Systems (KB979309)
02/07/2011 Update for Windows (KB971033)
Battery
AC line Online
Battery full time Unknown
Battery Charge % 97 %
Battery State High
Amount of time remaining (sec) Unknown
Services
Running Adobe Acrobat Update Service
Running ADSM Service
Running AFBAgent
Running Apple Mobile Device
Running Application Experience
Running Application Information
Running ASLDR Service
Running ATKGFNEX Service
Running avast! Antivirus
Running Base Filtering Engine
Running Bluetooth Service
Running Bonjour Service
Running CNG Key Isolation
Running COM+ Event System
Running Computer Browser
Running Cryptographic Services
Running Cyberlink RichVideo Service(CRVS)
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic Service Host
Running Distributed Link Tracking Client
Running DNS Client
Running Extensible Authentication Protocol
Running Function Discovery Resource Publication
Running Group Policy Client
Running IKE and AuthIP IPsec Keying Modules
Running Intel® Management & Security Application User Notification Service
Running Intel® Management and Security Application Local Management Service
Running IP Helper
Running iPod Service
Running IPsec Policy Agent
Running Macrium Reflect Image Mounting Service
Running Multimedia Class Scheduler
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running NVIDIA Display Driver Service
Running Online Armor
Running Online Armor Helper Service
Running Peer Name Resolution Protocol
Running Peer Networking Identity Manager
Running Plug and Play
Running Power
Running Print Spooler
Running Program Compatibility Assistant Service
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running RPC Endpoint Mapper
Running Secondary Logon
Running Secure Socket Tunneling Protocol Service
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running Software Protection
Running Superfetch
Running System Event Notification Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Themes
Running User Profile Service
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Defender
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Image Acquisition (WIA)
Running Windows Management Instrumentation
Running Windows Modules Installer
Running Windows Search
Running Windows Update
Running WinHTTP Web Proxy Auto-Discovery Service
Running WLAN AutoConfig
Running Workstation
Stopped ActiveX Installer (AxInstSV)
Stopped Adaptive Brightness
Stopped Application Identity
Stopped Application Layer Gateway Service
Stopped Background Intelligent Transfer Service
Stopped BitLocker Drive Encryption Service
Stopped Block Level Backup Engine Service
Stopped Bluetooth Support Service
Stopped Certificate Propagation
Stopped COM+ System Application
Stopped Creative ALchemy AL6 Licensing Service
Stopped Creative Audio Engine Licensing Service
Stopped Credential Manager
Stopped Diagnostic System Host
Stopped Disk Defragmenter
Stopped Distributed Transaction Coordinator
Stopped Encrypting File System (EFS)
Stopped Fax
Stopped Function Discovery Provider Host
Stopped Health Key and Certificate Management
Stopped HomeGroup Listener
Stopped HomeGroup Provider
Stopped Human Interface Device Access
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped KtmRm for Distributed Transaction Coordinator
Stopped Link-Layer Topology Discovery Mapper
Stopped Media Center Extender Service
Stopped Microsoft .NET Framework NGEN v2.0.50727_X64
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X64
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Office Diagnostics Service
Stopped Microsoft Office Groove Audit Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped Office Source Engine
Stopped Parental Controls
Stopped Peer Networking Grouping
Stopped Performance Counter DLL Host
Stopped Performance Logs & Alerts
Stopped PnP-X IP Bus Enumerator
Stopped PNRP Machine Name Publication Service
Stopped Portable Device Enumerator Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Protected Storage
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Desktop Configuration
Stopped Remote Desktop Services
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped SPP Notification Service
Stopped SSDP Discovery
Stopped Tablet PC Input Service
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped UPnP Device Host
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped WebClient
Stopped Windows Activation Technologies Service
Stopped Windows Backup
Stopped Windows Biometric Service
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Connect Now - Config Registrar
Stopped Windows Error Reporting Service
Stopped Windows Event Collector
Stopped Windows Installer
Stopped Windows Media Center Receiver Service
Stopped Windows Media Center Scheduler Service
Stopped Windows Media Player Network Sharing Service
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped Windows Time
Stopped Wired AutoConfig
Stopped WMI Performance Adapter
Stopped WWAN AutoConfig
Device Tree
ACPI x64-based PC
Microsoft ACPI-Compliant System
System board
Intel® Core™ i5 CPU M 430 @ 2.27GHz
Intel® Core™ i5 CPU M 430 @ 2.27GHz
Intel® Core™ i5 CPU M 430 @ 2.27GHz
Intel® Core™ i5 CPU M 430 @ 2.27GHz
ATK0100 ACPI UTILITY
ACPI Thermal Zone
ACPI Lid
ACPI Sleep Button
ACPI Fixed Feature Button
PCI bus
PCI standard host CPU bridge
Intel® Management Engine Interface
Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 1 - 3B42
Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 3 - 3B46
Intel® 82801 PCI Bridge - 2448
Intel® 5 Series/3400 Series Chipset Family SMBus Controller - 3B30
Intel® 5 Series/3400 Series Chipset Family Thermal Subsystem - 3B32
Motherboard resources
Motherboard resources
Microsoft AC Adapter
Microsoft ACPI-Compliant Control Method Battery
PCI Express standard Root Port
NVIDIA GeForce GTS 360M
Generic PnP Monitor
High Definition Audio Controller
NVIDIA High Definition Audio
NVIDIA High Definition Audio
NVIDIA High Definition Audio
NVIDIA High Definition Audio
Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B3C
USB Root Hub
Generic USB Hub
USB Composite Device
USB 2.0 1.3M UVC WebCam
High Definition Audio Controller
Realtek High Definition Audio
Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 2 - 3B44
Atheros AR9285 Wireless Network Adapter
Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 5 - 3B4A
SDA Standard Compliant SD Host Controller
Ricoh PCIe Memory Stick Host Controller
Ricoh PCIe xD-Picture Card Controller
Ricoh 1394 OHCI Compliant Host Controller
Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 6 - 3B4C
Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20) #2
Intel® 5 Series/3400 Series Chipset Family USB Enhanced Host Controller - 3B34
USB Root Hub
Generic USB Hub
Intel® HM55 Express Chipset LPC Interface Controller - 3B09
Direct memory access controller
Intel® 82802 Firmware Hub Device
High precision event timer
Programmable interrupt controller
Numeric data processor
Motherboard resources
System CMOS/real time clock
System timer
Motherboard resources
Motherboard resources
Synaptics PS/2 Port TouchPad
Keyboard Device Filter
Motherboard resources
Microsoft ACPI-Compliant Embedded Controller
Intel® 5 Series 4 Port SATA AHCI Controller
ST9500420AS
HL-DT-ST DVDRAM GT30N
PCI bus
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
CPU
Intel Core i5
Cores 2
Threads 4
Name Intel Core i5
Code Name Arrandale
Package Socket 989 rPGA
Technology 32nm
Specification Intel® Core™ i5 CPU M 430 @ 2.27GHz
Family 6
Extended Family 6
Model 5
Extended Model 25
Stepping 2
Revision C2
Instructions MMX, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, Intel 64
Virtualization Supported, Enabled
Hyperthreading Supported, Enabled
Bus Speed 133.4 MHz
Rated Bus Speed 2400.4 MHz
Stock Core Speed 2266 MHz
Stock Bus Speed 133 MHz
Average Temperature 48 °C
Caches
L1 Data Cache Size 2 x 32 KBytes
L1 Instructions Cache Size 2 x 32 KBytes
L2 Unified Cache Size 2 x 256 KBytes
L3 Unified Cache Size 3072 KBytes
Core 0
Core Speed 2533.9 MHz
Multiplier x 19.0
Bus Speed 133.4 MHz
Rated Bus Speed 2400.4 MHz
Temperature 47 °C
Thread 1
APIC ID 0
Thread 2
APIC ID 1
Core 1
Core Speed 1333.6 MHz
Multiplier x 10.0
Bus Speed 133.4 MHz
Rated Bus Speed 2400.4 MHz
Temperature 49 °C
Thread 1
APIC ID 4
Thread 2
APIC ID 5
RAM
Memory slots
Total memory slots 2
Used memory slots 2
Free memory slots 0
Memory
Type DDR3
Size 4096 MBytes
Channels # Dual
DRAM Frequency 533.4 MHz
CAS# Latency (CL) 7 clocks
RAS# to CAS# Delay (tRCD) 7 clocks
RAS# Precharge (tRP) 7 clocks
Cycle Time (tRAS) 20 clocks
Command Rate (CR) 1T
Physical Memory
Memory Usage 62 %
Total Physical 3.86 GB
Available Physical 1.47 GB
Total Virtual 8.00 TB
Available Virtual 3.81 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR3
Size 2048 MBytes
Manufacturer Hyundai Electronics
Max Bandwidth PC3-8500F (533 MHz)
Part Number HMT125S6BFR8C-G7
Serial Number 0EA210F1
Week/year 48 / 09
SPD Ext. EPP
JEDEC #3
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 23
tRC 31
Voltage 1.500 V
JEDEC #2
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1.500 V
JEDEC #1
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 18
tRC 24
Voltage 1.500 V
Slot #2
Type DDR3
Size 2048 MBytes
Manufacturer Hyundai Electronics
Max Bandwidth PC3-8500F (533 MHz)
Part Number HMT125S6BFR8C-G7
Serial Number 0E521162
Week/year 48 / 09
SPD Ext. EPP
JEDEC #3
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 23
tRC 31
Voltage 1.500 V
JEDEC #2
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1.500 V
JEDEC #1
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 18
tRC 24
Voltage 1.500 V
Motherboard
Manufacturer PEGATRON CORPORATION
Model G60JX
Version 1.0
Chipset Vendor Intel
Chipset Model Havendale/Clarkdale Host Bridge
Chipset Revision 12
Southbridge Vendor Intel
Southbridge Model HM55
Southbridge Revision 06
System Temperature 49 °C
BIOS
Brand American Megatrends Inc.
Version 206
Date 03/15/2010
PCI Data
Slot Unknown
Slot Type Unknown
Slot Usage In Use
Data But Width 8192 bit
Slot Designation J5C1
Slot Number 0
Slot Unknown
Slot Type Unknown
Slot Usage Available
Data But Width 256 bit
Slot Designation J6C2
Slot Number 1
Slot Unknown
Slot Type Unknown
Slot Usage In Use
Data But Width 256 bit
Slot Designation J6D2
Slot Number 2
Slot Unknown
Slot Type Unknown
Slot Usage Available
Data But Width 256 bit
Slot Designation J7C1
Slot Number 3
Slot Unknown
Slot Type Unknown
Slot Usage Available
Data But Width 256 bit
Slot Designation J7D2
Slot Number 4
Slot Unknown
Slot Type Unknown
Slot Usage In Use
Data But Width 256 bit
Slot Designation J6C1
Slot Number 5
Slot Unknown
Slot Type Unknown
Slot Usage In Use
Data But Width 32 bit
Slot Designation J8C2
Slot Number 6
Graphics
Monitor
Name HSD160PHW1 on NVIDIA GeForce GTS 360M
Current Resolution 1366x768 pixels
Work Resolution 1366x728 pixels
State enabled, primary
Monitor Width 1366
Monitor Height 768
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
GeForce GTS 360M
GPU GT215
Device ID 10DE-0CB1
Revision A3
Subvendor ASUStek Computer Inc (1043)
Current Performance Level Level 1
Current GPU Clock 135 MHz
Current Memory Clock 135 MHz
Current Shader Clock 270 MHz
Die Size 133 nm²
Release Date Nov 17, 2009
DirectX Support 10.1
OpenGL Support 4.1
Bus Interface PCI Express x1
Temperature 54 °C
ForceWare version 187.66
BIOS Version 70.15.39.00.04
ROPs 8
Shaders 96 unified
Physical Memory 1024 MB
Virtual Memory 2752 MB
Count of performance levels : 3
Level 1 - "Default"
GPU Clock 135 MHz
Memory Clock 135 MHz
Shader Clock 270 MHz
Level 2 - "2D Desktop"
GPU Clock 405 MHz
Memory Clock 324 MHz
Shader Clock 810 MHz
Level 3 - "3D Applications"
GPU Clock 550 MHz
Memory Clock 1800 MHz
Shader Clock 1323 MHz
Hard Drives
ST9500420AS
Manufacturer Seagate
Form Factor 2.5"
Cache Size 16MB
Heads 16
Cylinders 16383
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
48-bit LBA Supported
Serial Number 5VJ4783Z
Interface SATA
Capacity 488GB
Real size 500,107,862,016 bytes
RAID Type None
S.M.A.R.T
01 Read Error Rate 117 (099 worst) Data 00076AFF57
03 Spin-Up Time 098 (098) Data 0000000000
04 Start/Stop Count 100 (100) Data 0000000368
05 Reallocated Sectors Count 100 (100) Data 0000000000
07 Seek Error Rate 072 (060) Data 000381199E
09 Power-On Hours (POH) 100 (098) Data 00000002A9
0A Spin Retry Count 100 (100) Data 0000000000
0C Device Power Cycle Count 100 (037) Data 0000000366
B8 100 (100) Data 0000000000
BB 100 (100) Data 0000000000
BC 100 (099) Data 000000000A
BD High Fly Writes (WDC) 100 (100) Data 0000000000
BE Temperature Difference from 100 072 (046) Data 001C11001C
BF G-sense error rate 100 (100) Data 0000000010
C0 Power-off Retract Count 100 (100) Data 000000000D
C1 Load/Unload Cycle Count 094 (094) Data 0000003092
C2 Temperature 028 (054) Data 000000001C
C3 Hardware ECC Recovered 048 (038) Data 00076AFF57
C5 Current Pending Sector Count 100 (100) Data 0000000000
C6 Uncorrectable Sector Count 100 (100) Data 0000000000
C7 UltraDMA CRC Error Count 200 (200) Data 0000000001
F0 Head Flying Hours 100 (253) Data 0000000AA3
F1 100 (253) Data 003B2C3119
F2 100 (253) Data 000CEFEE2E
FE Free Fall Protection 100 (100) Data 0000000000
Temperature 28 °C
Temperature Range ok (less than 50 °C)
Status Good
Partition 0
Partition ID Disk #0, Partition #0
Size 12.6 GB
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number 8E54A217
Size 453GB
Used Space 173GB (39%)
Free Space 280GB (61%)
Optical Drives
HL-DT-ST DVDRAM GT30N
Media Type DVD Writer
Name HL-DT-ST DVDRAM GT30N
Availability Running/Full Power
Capabilities Random Access, Supports Writing, Supports Removable Media
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive D:
Media Loaded TRUE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 0
SCSI Target Id 1
Size 6.98 GB
Status OK
Volume Name SC2-L100-D1
Volume Serial Number FE42CF44
Audio
Sound Cards
NVIDIA High Definition Audio
Realtek High Definition Audio
NVIDIA High Definition Audio
NVIDIA High Definition Audio
NVIDIA High Definition Audio
Playback Devices
Speakers (Realtek High Definition Audio) (default)
Realtek Digital Output (Realtek High Definition Audio)
Recording Device
Microphone (Realtek High Definition Audio)
Speaker Configuration
Speaker type Stereo
Peripherals
Keyboard Device Filter
Device Kind Keyboard
Device Name Keyboard Device Filter
Location plugged into keyboard port
Driver
Date 7-20-2009
Version 1.0.0.3
File C:\Windows\system32\DRIVERS\kbfiltr.sys
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
Synaptics PS/2 Port TouchPad
Device Kind Mouse
Device Name Synaptics PS/2 Port TouchPad
Location plugged into PS/2 mouse port
Driver
Date 8-17-2009
Version 14.0.1.1
File C:\Windows\system32\DRIVERS\SynTP.sys
File C:\Windows\system32\SynTPAPI.dll
File C:\Windows\system32\SynCOM.dll
File C:\Windows\system32\SynCtrl.dll
File C:\Program Files\Synaptics\SynTP\SynTPRes.dll
File C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
File C:\Program Files\Synaptics\SynTP\SynCntxt.rtf
File C:\Program Files\Synaptics\SynTP\SynZMetr.exe
File C:\Program Files\Synaptics\SynTP\SynMood.exe
File C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
File C:\Program Files\Synaptics\SynTP\SynTPCOM.dll
File C:\Program Files\Synaptics\SynTP\Tutorial.exe
File C:\Program Files\Synaptics\SynTP\InstNT.exe
File C:\Program Files\Synaptics\SynTP\SynISDLL.dll
File C:\Program Files\Synaptics\SynTP\SynUnst.ini
File C:\Program Files\Synaptics\SynTP\SynChiralRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynFlick.mpg
File C:\Program Files\Synaptics\SynTP\SynPinch.mpg
File C:\Program Files\Synaptics\SynTP\SynMomentum.mpg
File C:\Program Files\Synaptics\SynTP\SynLinearVHScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynChiralVHScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynTwoFingerVHScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynPivotRotate_ChiralRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynThreeFingerFlick.mpg
File C:\Program Files\Synaptics\SynTP\SynThreeFingersDown.mpg
File C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
File C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
File C:\Program Files\Synaptics\SynTP\SynPivotRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynFlickMaxMin.mpg
File C:\Program Files\Synaptics\SynTP\SynFlickLR.mpg
File C:\Program Files\Synaptics\SynTP\SynThreeFingerHFlick.mpg
File C:\Windows\SysWOW64\SynCOM.dll
File C:\Windows\SysWOW64\SynCtrl.dll
File C:\Windows\SysWOW64\SynTPCOM.dll
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
File C:\Windows\system32\SynTPCo4.dll
File C:\Windows\system32\WdfCoInstaller01009.dll
USB 2.0 1.3M UVC WebCam
Device Kind Camera/scanner
Device Name USB 2.0 1.3M UVC WebCam
Vendor Unknown
Comment USB 2.0 1.3M UVC WebCam
Location 0000.001a.0000.001.006.000.000.000.000
Driver
Date 6-5-2009
Version 61.5.200.270
File C:\Windows\system32\drivers\snp2uvc.sys
File C:\Windows\system32\drivers\sncduvc.sys
File C:\Windows\DrvInst.exe
File C:\Windows\Uninstuxga.bat
File C:\Windows\Uninstsxga.bat
File C:\Windows\Uninstvga.bat
File C:\Windows\Uninstuxga.reg
File C:\Windows\Uninstsxga.reg
File C:\Windows\Uninstvga.reg
Network
You are connected to the internet
Connected through Atheros AR9285 Wireless Network Adapter
IP Address 192.168.0.5
Subnet mask 255.255.255.0
Gateway server 192.168.0.1
Preferred DNS server 192.168.0.1
DHCP Enabled
DHCP server 192.168.0.1
External IP Address 123.243.186.173
Adapter Type IEEE 802.11 wireless
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 0 kbps
Computer Name
NetBIOS Name LANCE-LT
DNS Name LANCE-LT
Domain Name LANCE-LT
Remote Desktop
Console
State Active
Domain LANCE-LT
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Using native Wi-Fi API version 2
Available access points count 1
Wi-Fi (BUTLER)
SSID BUTLER
Frequency 2437000 kHz
Channel Number 6
Name No name
Signal Strength/Quality 60
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags Currently Connected to this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time WPA algorithm that uses preshared keys (PSK)
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout 60000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout 30000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Disabled
File and Printer Sharing Disabled
Media Sharing Disabled
Adapters List
Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20) #2
IP Address 0.0.0.0
Subnet mask 0.0.0.0
Gateway server 0.0.0.0
Atheros AR9285 Wireless Network Adapter
IP Address 192.168.0.5
Subnet mask 255.255.255.0
Gateway server 192.168.0.1
Network Shares
No network shares
  • 0

#10
RKinner
Posted 31 August 2011 - 03:46 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Log: 'System' Date/Time: 30/08/2011 8:00:47 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 2 seconds since the last report.

You usually get these when the CPU is getting too hot. Cleaning time I would think. Got to get rid of the dust.
  • 0

Advertisements

#11
LANCE_1313
Posted 01 September 2011 - 02:05 AM

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
Crappy. It's an Asus laptop and I have no idea on how to go about this. I'll try and google a dedusting guide later.

Thanks for the info
  • 0

#12
RKinner
Posted 01 September 2011 - 09:29 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
You can try just hitting the vents with a vacuum cleaner hose (try to concentrate the vacuum so that it has to suck from the vents and not from the air). Sometimes you get lucky. If you run Speccy, on its front page it shows the current temperature. If you run an anti-virus scan or watch a video or other CPU intensive task you should see the temperature climbing. The speccy scan you posted showed things at a normal (below 50 C) temp but I assume you had just turned it on?

Another possibility is one of the little fan trays you set the laptop on which help keep it cool. I got one the other day at Big Lots for $10.

Some laptops were built using a thermal pad between the CPU and the heatsink. Turned out this was a bad idea because the pad dries out over time. Don't know if yours was like that but on a lot of the early Compaqs we used to have to pull off the heatsink, discard the pad and clean the cpu and heatsink then add a light covering of arctic silver thermal paste and reassemble.

Ron
  • 0

#13
LANCE_1313
Posted 04 September 2011 - 04:02 AM

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
Okay, last time I bother you guys I think. I just had 2 crashes over the last hour or so. Thought I'd post one more log to see if it's the same issue as above. Thanks for the help

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 04/09/2011 7:56:15 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 03/09/2011 4:17:32 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 03/09/2011 4:17:32 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 02/09/2011 10:03:18 PM
Type: Error Category: 0
Event: 10005 Source: MsiInstaller
Product: Skype™ 5.5 -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2761. The arguments are: , ,

Log: 'Application' Date/Time: 02/09/2011 10:01:28 PM
Type: Error Category: 0
Event: 1041 Source: MsiInstaller
Failed to begin a Windows Installer transaction WLSetup. Error 1618 occurred while beginning the transaction.

Log: 'Application' Date/Time: 31/08/2011 8:03:03 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 31/08/2011 8:03:03 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 30/08/2011 8:21:18 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 30/08/2011 8:21:17 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 29/08/2011 8:26:09 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 29/08/2011 8:26:09 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 29/08/2011 11:38:42 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: Skype.exe, version: 5.5.0.114, time stamp: 0x4e4d3784 Faulting module name: Skype.exe, version: 5.5.0.114, time stamp: 0x4e4d3784 Exception code: 0xc0000005 Fault offset: 0x00812b3d Faulting process id: 0x730 Faulting application start time: 0x01cc663685d3e1ae Faulting application path: C:\Program Files (x86)\Skype\Phone\Skype.exe Faulting module path: C:\Program Files (x86)\Skype\Phone\Skype.exe Report Id: 71a3c3a0-d233-11e0-8360-e0cb4e5b9aca

Log: 'Application' Date/Time: 29/08/2011 10:31:28 AM
Type: Error Category: 0
Event: 10005 Source: MsiInstaller
Product: Fast Boot -- This version cannot be installed on 64-bit operating system.

Log: 'Application' Date/Time: 29/08/2011 8:54:58 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 29/08/2011 8:54:58 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 29/08/2011 8:32:57 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 29/08/2011 8:32:57 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 04/09/2011 9:52:19 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 04/09/2011 7:22:04 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 03/09/2011 10:10:25 AM
Type: Warning Category: 7
Event: 508 Source: ESENT
wlmail (5324) WindowsLiveMail0: A request to write to the file "C:\Users\LANCE\AppData\Local\Microsoft\Windows Live Mail\Mail.MSMessageStore" at offset 9388032 (0x00000000008f4000) for 8192 (0x00002000) bytes succeeded, but took an abnormally long time (6503 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 02/09/2011 10:00:49 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Skype\Phone\Skype.exe' (pid 2648) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 02/09/2011 9:53:17 PM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 02/09/2011 9:52:00 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 5 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1704 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1704 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1704 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1704 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Process 1704 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer


Log: 'Application' Date/Time: 31/08/2011 9:17:29 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 29/08/2011 10:30:05 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 29/08/2011 10:28:35 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1448 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts


Log: 'Application' Date/Time: 28/08/2011 9:01:59 PM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 28/08/2011 9:00:46 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 19 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1696 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1696 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1696 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1696 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Root
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\trust
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\My
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\CA
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates




Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 04/09/2011 7:56:56 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 04/09/2011 9:51:46 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 04/09/2011 7:21:26 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 31/08/2011 9:16:04 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 04/09/2011 9:53:22 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 04/09/2011 9:53:22 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 04/09/2011 9:51:56 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 7:50:26 PM on ?04/?09/?2011 was unexpected.

Log: 'System' Date/Time: 04/09/2011 7:21:39 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 5:20:36 PM on ?04/?09/?2011 was unexpected.

Log: 'System' Date/Time: 03/09/2011 10:05:57 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 03/09/2011 10:05:57 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 03/09/2011 12:13:27 PM
Type: Error Category: 0
Event: 8032 Source: BROWSER
The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{2A5D3F54-F991-49B7-8E0F-C76A1C607010}. The backup browser is stopping.

Log: 'System' Date/Time: 03/09/2011 10:10:20 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Log: 'System' Date/Time: 02/09/2011 10:05:56 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 02/09/2011 10:05:56 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 02/09/2011 10:05:43 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 02/09/2011 10:05:43 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 02/09/2011 9:54:32 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 02/09/2011 9:54:32 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 02/09/2011 9:18:20 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 02/09/2011 9:18:20 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 02/09/2011 7:54:16 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 02/09/2011 7:54:11 AM
Type: Error Category: 0
Event: 4199 Source: Tcpip
The system detected an address conflict for IP address 192.168.0.5 with the system having network hardware address 00-24-1D-19-0E-D1. Network operations on this system may be disrupted as a result.

Log: 'System' Date/Time: 01/09/2011 9:18:17 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 01/09/2011 9:18:17 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 04/09/2011 9:51:47 AM
Type: Warning Category: 0
Event: 17 Source: i8042prt
The device sent an incorrect response(s) following a keyboard reset.

Log: 'System' Date/Time: 03/09/2011 12:12:26 PM
Type: Warning Category: 0
Event: 8021 Source: BROWSER
The browser service was unable to retrieve a list of servers from the browser master \\OMAR-PC on the network \Device\NetBT_Tcpip_{2A5D3F54-F991-49B7-8E0F-C76A1C607010}. Browser master: \\OMAR-PC Network: \Device\NetBT_Tcpip_{2A5D3F54-F991-49B7-8E0F-C76A1C607010} This event may be caused by a temporary loss of network connectivity. If this message appears again, verify that the server is still connected to the network. The return code is in the Data text box.

Log: 'System' Date/Time: 03/09/2011 6:07:02 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dsn10.d.skype.net timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 03/09/2011 12:29:18 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 02/09/2011 9:55:13 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 3 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 8 seconds since the last report.

Log: 'System' Date/Time: 02/09/2011 9:55:13 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 8 seconds since the last report.

Log: 'System' Date/Time: 02/09/2011 9:55:13 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 2 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 8 seconds since the last report.

Log: 'System' Date/Time: 02/09/2011 9:55:13 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 9 seconds since the last report.

Log: 'System' Date/Time: 02/09/2011 9:52:13 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 02/09/2011 8:58:38 PM
Type: Warning Category: 0
Event: 16393 Source: Microsoft-Windows-Bits-Client
BITS has encountered an error communicating with an Internet Gateway Device. Please check that the device is functioning properly. BITS will not attempt to use this device until the next system reboot. Error code: 0x80072EFD.

Log: 'System' Date/Time: 02/09/2011 8:58:08 PM
Type: Warning Category: 0
Event: 16393 Source: Microsoft-Windows-Bits-Client
BITS has encountered an error communicating with an Internet Gateway Device. Please check that the device is functioning properly. BITS will not attempt to use this device until the next system reboot. Error code: 0x80072EFD.

Log: 'System' Date/Time: 02/09/2011 12:39:38 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 3 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 02/09/2011 12:39:38 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 02/09/2011 12:39:37 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 2 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 02/09/2011 12:39:37 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report.

Log: 'System' Date/Time: 01/09/2011 9:11:18 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 01/09/2011 7:35:57 AM
Type: Warning Category: 0
Event: 51 Source: cdrom
An error was detected on device \Device\CdRom0 during a paging operation.

Log: 'System' Date/Time: 30/08/2011 8:37:16 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 30/08/2011 8:37:10 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dsn11.d.skype.net timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 30/08/2011 8:00:47 AM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 2 seconds since the last report.
  • 0

#14
RKinner
Posted 04 September 2011 - 07:25 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Only two alarms from today are:
Log: 'Application' Date/Time: 04/09/2011 9:52:19 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 04/09/2011 7:22:04 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

And I don't think they are crashes. Nothing about heat today but if you keep speccy running it will tell you the current temps on its front page.

You need to find out what the blue screen of death says if there is one.

Click on the Start button and then on Control Panel.

Tip: In a hurry? Type system in the search box after clicking Start. Choose System under the Control Panel heading in the list of results and then skip to Step 4.

Click on the System and Security link.

Note: If you're viewing the Small icons or Large icons view of Control Panel, you won't see this link. Simply double-click on the System icon and proceed to Step 4.

Click on the System link.

In the task pane on the left, click the Advanced system settings link.

Locate the Startup and Recovery section near the bottom of the window and click on the Settings button.

In the Startup and Recovery window, locate and uncheck the check box next to Automatically restart.


Also tell it to write to the event log and to leave a minidump. I like to change the location of the minidump to the desktop so I don't have to go looking for it.

Then next time you get a crash there should be a minidump you can zip up and attach (or rename to .txt and attach) along with a log entry. Also an Error number to write down from the blue screen and if you are lucky it will even tell you what driver it doesn't like.

Ron
  • 0

#15
LANCE_1313
Posted 06 September 2011 - 05:07 AM

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
And I'm back. So I followed the above suggestions. My comp froze about 5 minutes ago but didn't crash this time. I'm thinking it's because I unchecked the "automatically restart" button as instructed. As a side note, there has never been a blue screen of death. It's always just crashed and restarted on it's own. In the past it has frozen and forced me to restart it by physically shutting off the power as well. That's what happened this time. When i rebooted thought, there was no file on my desktop like you thought there would be. Not sure what that means.

Here are those logs again.
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 06/09/2011 8:59:36 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 06/09/2011 8:58:10 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 06/09/2011 8:58:10 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 05/09/2011 8:51:35 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 05/09/2011 8:51:32 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 03/09/2011 4:17:32 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 03/09/2011 4:17:32 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 02/09/2011 10:03:18 PM
Type: Error Category: 0
Event: 10005 Source: MsiInstaller
Product: Skype™ 5.5 -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2761. The arguments are: , ,

Log: 'Application' Date/Time: 02/09/2011 10:01:28 PM
Type: Error Category: 0
Event: 1041 Source: MsiInstaller
Failed to begin a Windows Installer transaction WLSetup. Error 1618 occurred while beginning the transaction.

Log: 'Application' Date/Time: 31/08/2011 8:03:03 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 31/08/2011 8:03:03 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 30/08/2011 8:21:18 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 30/08/2011 8:21:17 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 29/08/2011 8:26:09 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 29/08/2011 8:26:09 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 29/08/2011 11:38:42 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: Skype.exe, version: 5.5.0.114, time stamp: 0x4e4d3784 Faulting module name: Skype.exe, version: 5.5.0.114, time stamp: 0x4e4d3784 Exception code: 0xc0000005 Fault offset: 0x00812b3d Faulting process id: 0x730 Faulting application start time: 0x01cc663685d3e1ae Faulting application path: C:\Program Files (x86)\Skype\Phone\Skype.exe Faulting module path: C:\Program Files (x86)\Skype\Phone\Skype.exe Report Id: 71a3c3a0-d233-11e0-8360-e0cb4e5b9aca

Log: 'Application' Date/Time: 29/08/2011 10:31:28 AM
Type: Error Category: 0
Event: 10005 Source: MsiInstaller
Product: Fast Boot -- This version cannot be installed on 64-bit operating system.

Log: 'Application' Date/Time: 29/08/2011 8:54:58 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 29/08/2011 8:54:58 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 29/08/2011 8:32:57 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Log: 'Application' Date/Time: 29/08/2011 8:32:57 AM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 06/09/2011 10:58:29 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 06/09/2011 8:57:18 AM
Type: Warning Category: 7
Event: 508 Source: ESENT
wlmail (6008) WindowsLiveMail0: A request to write to the file "C:\Users\LANCE\AppData\Local\Microsoft\Windows Live Mail\Mail.MSMessageStore" at offset 3801088 (0x00000000003a0000) for 8192 (0x00002000) bytes succeeded, but took an abnormally long time (22651 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 04/09/2011 9:52:19 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 04/09/2011 7:22:04 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 03/09/2011 10:10:25 AM
Type: Warning Category: 7
Event: 508 Source: ESENT
wlmail (5324) WindowsLiveMail0: A request to write to the file "C:\Users\LANCE\AppData\Local\Microsoft\Windows Live Mail\Mail.MSMessageStore" at offset 9388032 (0x00000000008f4000) for 8192 (0x00002000) bytes succeeded, but took an abnormally long time (6503 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Log: 'Application' Date/Time: 02/09/2011 10:00:49 PM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Skype\Phone\Skype.exe' (pid 2648) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 02/09/2011 9:53:17 PM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 02/09/2011 9:52:00 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 5 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1704 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1704 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1704 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1704 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Process 1704 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer


Log: 'Application' Date/Time: 31/08/2011 9:17:29 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 29/08/2011 10:30:05 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 29/08/2011 10:28:35 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1448 (\Device\HarddiskVolume2\Windows\System32\msiexec.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts


Log: 'Application' Date/Time: 28/08/2011 9:01:59 PM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 28/08/2011 9:00:46 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 19 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1696 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1696 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1696 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1696 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Root
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\trust
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\My
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\CA
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1256 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates




Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 06/09/2011 9:00:46 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 06/09/2011 10:57:47 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 04/09/2011 9:51:46 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 04/09/2011 7:21:26 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 31/08/2011 9:16:04 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 06/09/2011 10:59:24 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 06/09/2011 10:59:23 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 06/09/2011 10:57:57 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 8:54:43 PM on ?06/?09/?2011 was unexpected.

Log: 'System' Date/Time: 06/09/2011 9:53:18 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 06/09/2011 9:53:18 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 05/09/2011 9:53:20 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 05/09/2011 9:53:20 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 04/09/2011 11:29:35 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 04/09/2011 11:29:35 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 04/09/2011 9:53:22 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 04/09/2011 9:53:22 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 04/09/2011 9:51:56 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 7:50:26 PM on ?04/?09/?2011 was unexpected.

Log: 'System' Date/Time: 04/09/2011 7:21:39 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 5:20:36 PM on ?04/?09/?2011 was unexpected.

Log: 'System' Date/Time: 03/09/2011 10:05:57 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 03/09/2011 10:05:57 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 03/09/2011 12:13:27 PM
Type: Error Category: 0
Event: 8032 Source: BROWSER
The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{2A5D3F54-F991-49B7-8E0F-C76A1C607010}. The backup browser is stopping.

Log: 'System' Date/Time: 03/09/2011 10:10:20 AM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Log: 'System' Date/Time: 02/09/2011 10:05:56 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 02/09/2011 10:05:56 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 02/09/2011 10:05:43 PM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 06/09/2011 2:39:17 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC)

Log: 'System' Date/Time: 05/09/2011 8:51:31 PM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC)

Log: 'System' Date/Time: 05/09/2011 8:13:48 PM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC)

Log: 'System' Date/Time: 05/09/2011 12:11:49 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 05/09/2011 12:11:34 PM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC)

Log: 'System' Date/Time: 05/09/2011 12:09:25 PM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC)

Log: 'System' Date/Time: 05/09/2011 12:09:25 PM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC)

Log: 'System' Date/Time: 05/09/2011 12:09:22 PM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC)

Log: 'System' Date/Time: 04/09/2011 8:43:19 PM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC)

Log: 'System' Date/Time: 04/09/2011 8:43:17 PM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC)

Log: 'System' Date/Time: 04/09/2011 11:50:14 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC)

Log: 'System' Date/Time: 04/09/2011 11:50:06 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC)

Log: 'System' Date/Time: 04/09/2011 11:20:46 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC)

Log: 'System' Date/Time: 04/09/2011 9:51:47 AM
Type: Warning Category: 0
Event: 17 Source: i8042prt
The device sent an incorrect response(s) following a keyboard reset.

Log: 'System' Date/Time: 03/09/2011 12:12:26 PM
Type: Warning Category: 0
Event: 8021 Source: BROWSER
The browser service was unable to retrieve a list of servers from the browser master \\OMAR-PC on the network \Device\NetBT_Tcpip_{2A5D3F54-F991-49B7-8E0F-C76A1C607010}. Browser master: \\OMAR-PC Network: \Device\NetBT_Tcpip_{2A5D3F54-F991-49B7-8E0F-C76A1C607010} This event may be caused by a temporary loss of network connectivity. If this message appears again, verify that the server is still connected to the network. The return code is in the Data text box.

Log: 'System' Date/Time: 03/09/2011 6:07:02 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dsn10.d.skype.net timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 03/09/2011 12:29:18 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 02/09/2011 9:55:13 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 3 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 8 seconds since the last report.

Log: 'System' Date/Time: 02/09/2011 9:55:13 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 8 seconds since the last report.

Log: 'System' Date/Time: 02/09/2011 9:55:13 PM
Type: Warning Category: 7
Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 2 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 8 seconds since the last report.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP