Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer Slow down


  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Crashing without a blue screen is usually a hardware issue. Overheating, bad hard drive, bad memory, bad power, bad motherboard. This time I do not see that the CPU slowed down ahead of the crash.

I see this:
Log: 'System' Date/Time: 06/09/2011 10:57:47 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

So I assume this was the time of your last crash. (or a couple of minutes after the crash)(Time is usually GMT so the hours will look wrong to you but should match up to the last reboot)

This one:
Log: 'Application' Date/Time: 06/09/2011 10:58:29 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Happens during a boot or shortly thereafter so probably not part of the problem.

This is the only thing that looks really bad that happened the same day:
Log: 'Application' Date/Time: 06/09/2011 8:57:18 AM
Type: Warning Category: 7
Event: 508 Source: ESENT
wlmail (6008) WindowsLiveMail0: A request to write to the file "C:\Users\LANCE\AppData\Local\Microsoft\Windows Live Mail\Mail.MSMessageStore" at offset 3801088 (0x00000000003a0000) for 8192 (0x00002000) bytes succeeded, but took an abnormally long time (22651 seconds) to be serviced by the OS. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

How big is the file at C:\Users\LANCE\AppData\Local\Microsoft\Windows Live Mail\Mail.MSMessageStore
I don't use Windows Live Mail so have no experience with it but I used to use Microsoft Outlook and the stupid program would grow the message storage file to a gigantic size that took forever to load and to write to. Find the file and right click on it and select Properties. It should tell you the size.


I am seeing a lot of Bonjour errors so I think you should just uninstall it. It's something from Apple. You can download it from them again if you ever decide you need it.

Let's clear the error logs to make it easier to spot new errors:
Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.

Run the builtin memory test:
Open Memory Diagnostics Tool by clicking the Start button Picture of the Start button, and then clicking Control Panel. In the search box, type Memory, and then click Diagnose your computer's memory problems.‌ Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.

Choose when to run the tool.

(I think it has to reboot to do this and it should run for a while)

Go to the Seagate site (they make your hard drive which is a ST9500420AS) and download seatools for windows.

http://www.seagate.c...000dd04090aRCRD

Have it run an extended test of your drive.

See what it says about your drive.

Keep Speccy running when in regular mode and watch the temperatures. Are they climbing the longer it is on?

Try running with the laptop without the battery. Sometimes a bad battery will load down the power supply.

Ron
  • 0

Advertisements


#17
LANCE_1313

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
Sorry for the slow reply. I had a couple of super busy days, and was only able to work on this today. Thanks again for the help.

Okay one point at a time.
1) Uninstalled Bonjour - it just got installed by accident with itunes anyways
2) Cleared the logs like you asked
3) I've only started using windows live mail for about a week but that file you asked about is 12 megabytes
4) Ran the seagate scanning tool with the below results
--------------- SeaTools for Windows v1.2.0.5 ---------------
10/09/2011 10:10:18 AM
Model: ST9500420AS
Serial Number: 5VJ4783Z
Firmware Revision: 0002SDM1
Long Generic - Started 10/09/2011 10:10:18 AM
Long Generic - Pass 10/09/2011 12:25:28 PM
Long Generic - Started 10/09/2011 3:00:40 PM
Long Generic - Pass 10/09/2011 4:56:58 PM

I ran it twice because on the first run I thought the comp crashed during the first run. It must have finished and then crashed, I wasn't looking at the screen at the time. This crash actually was a BSOD but the BSOD said there was some error that didn't let it finish the protective shutdown process and therefore didn't create a log. I have changed it so the logs appear on my desktop and there's nothing there.

5) I tried to run the memory test but when my comp restarts to perform the task it says some error has occurred and it is unable to do so. It does offer to let me put in the windows disk and repair my computer but I thought I'd check with you before I went down that path.

6) I've been running without my battery in, and other than the BSOD which actually seemed very different to other crashes things have been a bit better. Like I said before, the other crashes didn't have a blue screen. I have noticed one thing though. When the old crashes happened whatever sound was playing would freeze at that point and continue as a buzz. Now without the battery in sometimes I get a hiccup with a buzz that only lasts for .5 of a second or so. It seems kinda like the same crashing process is happening but without the battery in the laptop recovers. Not sure if that means anything to you.

Again, Thanks for the help.
  • 0

#18
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
5) I tried to run the memory test but when my comp restarts to perform the task it says some error has occurred and it is unable to do so. It does offer to let me put in the windows disk and repair my computer but I thought I'd check with you before I went down that path.

If you have the disk that is the way to go.

Ron
  • 0

#19
LANCE_1313

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
Bah...

I don't actually have the windows install disc. I only have the ASUS recovery disc that I had to make at first log on when I first got the Computer. It doesn't seem to work in the same way. Any suggestions?
  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Download

http://ad13.geekstogo.com/MBRCheck.exe

Save it and run it. It will produce a log MBRCheck(date).txt on your desktop. Copy and paste it into a reply.

Ron
  • 0

#21
LANCE_1313

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: PEGATRON CORPORATION
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: ASUSTek Computer Inc.
System Product Name: G60JX
Logical Drives Mask: 0x0000000c

Kernel Drivers (total 204):
0x0345A000 \SystemRoot\system32\ntoskrnl.exe
0x03411000 \SystemRoot\system32\hal.dll
0x00BA2000 \SystemRoot\system32\kdcom.dll
0x00C50000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00C9F000 \SystemRoot\system32\PSHED.dll
0x00CB3000 \SystemRoot\system32\CLFS.SYS
0x00D11000 \SystemRoot\system32\CI.dll
0x00EB5000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F59000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F68000 \SystemRoot\system32\drivers\ACPI.sys
0x00FBF000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00FC8000 \SystemRoot\system32\drivers\msisadrv.sys
0x00E00000 \SystemRoot\system32\drivers\pci.sys
0x00E33000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00E40000 \SystemRoot\System32\drivers\partmgr.sys
0x00E55000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x00E5E000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00E6A000 \SystemRoot\system32\drivers\volmgr.sys
0x01018000 \SystemRoot\System32\drivers\volmgrx.sys
0x01074000 \SystemRoot\system32\drivers\pciide.sys
0x0107B000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x0108B000 \SystemRoot\System32\drivers\mountmgr.sys
0x012E5000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x014ED000 \SystemRoot\system32\drivers\atapi.sys
0x014F6000 \SystemRoot\system32\drivers\ataport.SYS
0x01520000 \SystemRoot\system32\drivers\msahci.sys
0x0152B000 \SystemRoot\system32\drivers\amdxata.sys
0x01536000 \SystemRoot\system32\drivers\fltmgr.sys
0x01582000 \SystemRoot\system32\drivers\fileinfo.sys
0x01596000 \SystemRoot\System32\Drivers\AsDsm.sys
0x01615000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01200000 \SystemRoot\System32\Drivers\msrpc.sys
0x017B8000 \SystemRoot\System32\Drivers\ksecdd.sys
0x0125E000 \SystemRoot\System32\Drivers\cng.sys
0x017D3000 \SystemRoot\System32\drivers\pcw.sys
0x017E4000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x010A5000 \SystemRoot\system32\drivers\ndis.sys
0x01198000 \SystemRoot\system32\drivers\NETIO.SYS
0x015A3000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x0183A000 \SystemRoot\System32\drivers\tcpip.sys
0x01A3E000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01A88000 \SystemRoot\system32\drivers\volsnap.sys
0x01AD4000 \SystemRoot\System32\Drivers\spldr.sys
0x01ADC000 \SystemRoot\System32\drivers\rdyboost.sys
0x01B16000 \SystemRoot\System32\Drivers\mup.sys
0x01B28000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01B31000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01B6B000 \SystemRoot\system32\DRIVERS\disk.sys
0x01B81000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x0445F000 \SystemRoot\system32\drivers\cdrom.sys
0x04489000 \SystemRoot\System32\Drivers\aswSnx.SYS
0x04521000 \SystemRoot\System32\Drivers\Null.SYS
0x0452A000 \SystemRoot\System32\Drivers\Beep.SYS
0x04531000 \SystemRoot\System32\drivers\vga.sys
0x0453F000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x04564000 \SystemRoot\System32\drivers\watchdog.sys
0x04574000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x0457D000 \SystemRoot\system32\drivers\rdpencdd.sys
0x04586000 \SystemRoot\system32\drivers\rdprefmp.sys
0x0458F000 \SystemRoot\System32\Drivers\Msfs.SYS
0x0459A000 \SystemRoot\System32\Drivers\Npfs.SYS
0x045AB000 \SystemRoot\system32\DRIVERS\tdx.sys
0x045CD000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x045DA000 \??\C:\Windows\SysWOW64\Drivers\OAmon.sys
0x045E6000 \SystemRoot\System32\Drivers\aswTdi.SYS
0x0469D000 \SystemRoot\system32\drivers\afd.sys
0x04726000 \SystemRoot\System32\Drivers\aswRdr.SYS
0x04730000 \SystemRoot\System32\DRIVERS\netbt.sys
0x04775000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x0477E000 \SystemRoot\system32\DRIVERS\pacer.sys
0x047A4000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x047BA000 \SystemRoot\system32\DRIVERS\netbios.sys
0x047C9000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x047E4000 \SystemRoot\system32\drivers\termdd.sys
0x04600000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x04651000 \??\C:\Windows\syswow64\drivers\oahlp64.sys
0x0465D000 \??\C:\Windows\SysWow64\Drivers\OADriver.sys
0x04680000 \SystemRoot\system32\drivers\nsiproxy.sys
0x0468C000 \SystemRoot\system32\drivers\mssmbios.sys
0x04200000 \SystemRoot\System32\drivers\discache.sys
0x0420F000 \SystemRoot\System32\Drivers\dfsc.sys
0x0422D000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x00C00000 \SystemRoot\System32\Drivers\aswSP.SYS
0x01BBF000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x05837000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x0635B000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x04A90000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04B84000 \SystemRoot\System32\drivers\dxgmms1.sys
0x04BCA000 \SystemRoot\system32\drivers\HDAudBus.sys
0x04BEE000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x04A00000 \SystemRoot\system32\drivers\usbehci.sys
0x04A11000 \SystemRoot\system32\drivers\USBPORT.SYS
0x0401A000 \SystemRoot\system32\DRIVERS\athrx.sys
0x04197000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x041A4000 \SystemRoot\system32\drivers\sdbus.sys
0x041C4000 \SystemRoot\system32\DRIVERS\rimspe64.sys
0x0635D000 \SystemRoot\system32\DRIVERS\rixdpe64.sys
0x063B3000 \SystemRoot\system32\drivers\1394ohci.sys
0x041DD000 \SystemRoot\system32\DRIVERS\L1C62x64.sys
0x04A67000 \SystemRoot\system32\drivers\i8042prt.sys
0x04CE0000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x04D2C000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x04D2E000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x04D3D000 \SystemRoot\system32\DRIVERS\kbfiltr.sys
0x04D45000 \SystemRoot\system32\drivers\kbdclass.sys
0x04D54000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x04D61000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x04D66000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x04D7C000 \SystemRoot\system32\DRIVERS\ATK64AMD.sys
0x04D84000 \SystemRoot\system32\drivers\CompositeBus.sys
0x04D94000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x04DAA000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x04DCE000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x04C00000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x04C2F000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x04C4A000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04C6B000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x04C85000 \SystemRoot\system32\DRIVERS\oanet.sys
0x04C90000 \SystemRoot\system32\drivers\swenum.sys
0x04C92000 \SystemRoot\system32\drivers\ks.sys
0x04DDA000 \SystemRoot\system32\drivers\umbus.sys
0x052E7000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x05341000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05356000 \SystemRoot\system32\drivers\nvhda64v.sys
0x0536E000 \SystemRoot\system32\drivers\portcls.sys
0x053AB000 \SystemRoot\system32\drivers\drmk.sys
0x053CD000 \SystemRoot\system32\drivers\ksthunk.sys
0x06A0A000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x00060000 \SystemRoot\System32\win32k.sys
0x053D3000 \SystemRoot\System32\drivers\Dxapi.sys
0x004B0000 \SystemRoot\System32\TSDDD.dll
0x00660000 \SystemRoot\System32\cdd.dll
0x05200000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x0423E000 \SystemRoot\system32\DRIVERS\snp2uvc.sys
0x0521D000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0x06A00000 \SystemRoot\system32\DRIVERS\sncduvc.SYS
0x0522E000 \SystemRoot\system32\drivers\luafv.sys
0x05251000 \??\C:\Windows\system32\drivers\aswMonFlt.sys
0x0528B000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0x05294000 \SystemRoot\system32\drivers\WudfPf.sys
0x052B5000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x043F6000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x052CA000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x04000000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x05800000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x053ED000 \SystemRoot\System32\Drivers\crashdmp.sys
0x06ED3000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x070DB000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x070EE000 \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys
0x070F5000 \SystemRoot\system32\drivers\HTTP.sys
0x071BE000 \SystemRoot\system32\DRIVERS\bowser.sys
0x071DC000 \SystemRoot\System32\drivers\mpsdrv.sys
0x06E00000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x06E2D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x06E7B000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x0869F000 \SystemRoot\system32\drivers\peauth.sys
0x08745000 \SystemRoot\System32\Drivers\secdrv.SYS
0x08750000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x08781000 \SystemRoot\System32\drivers\tcpipreg.sys
0x08793000 \SystemRoot\System32\DRIVERS\srv2.sys
0x08600000 \SystemRoot\System32\DRIVERS\srv.sys
0x0AE19000 \SystemRoot\system32\DRIVERS\udfs.sys
0x0AE6E000 \SystemRoot\System32\Drivers\fastfat.SYS
0x0C50E000 \SystemRoot\system32\DRIVERS\monitor.sys
0x76FD0000 \Windows\System32\ntdll.dll
0x47ED0000 \Windows\System32\smss.exe
0xFF2F0000 \Windows\System32\apisetschema.dll
0xFF660000 \Windows\System32\autochk.exe
0x771A0000 \Windows\System32\psapi.dll
0xFF210000 \Windows\System32\usp10.dll
0xFF190000 \Windows\System32\shlwapi.dll
0x77190000 \Windows\System32\normaliz.dll
0xFEF80000 \Windows\System32\ole32.dll
0xFEF20000 \Windows\System32\Wldap32.dll
0xFEDF0000 \Windows\System32\rpcrt4.dll
0xFED10000 \Windows\System32\oleaut32.dll
0xFEC30000 \Windows\System32\advapi32.dll
0xFEC10000 \Windows\System32\imagehlp.dll
0xFEB00000 \Windows\System32\msctf.dll
0xFEAB0000 \Windows\System32\ws2_32.dll
0x76ED0000 \Windows\System32\user32.dll
0x76DB0000 \Windows\System32\kernel32.dll
0xFEAA0000 \Windows\System32\lpk.dll
0xFEA00000 \Windows\System32\comdlg32.dll
0xFE9D0000 \Windows\System32\imm32.dll
0x76C60000 \Windows\System32\urlmon.dll
0x76A50000 \Windows\System32\iertutil.dll
0xFE930000 \Windows\System32\msvcrt.dll
0xFE920000 \Windows\System32\nsi.dll
0xFDB90000 \Windows\System32\shell32.dll
0xFDB70000 \Windows\System32\sechost.dll
0x768F0000 \Windows\System32\wininet.dll
0xFDAF0000 \Windows\System32\difxapi.dll
0xFD910000 \Windows\System32\setupapi.dll
0xFD870000 \Windows\System32\clbcatq.dll
0xFD800000 \Windows\System32\gdi32.dll
0xFD7C0000 \Windows\System32\wintrust.dll
0xFD750000 \Windows\System32\KernelBase.dll
0xFD730000 \Windows\System32\devobj.dll
0xFD690000 \Windows\System32\comctl32.dll
0xFD520000 \Windows\System32\crypt32.dll
0xFD4E0000 \Windows\System32\cfgmgr32.dll
0xFD4D0000 \Windows\System32\msasn1.dll
0x77180000 \Windows\SysWOW64\normaliz.dll

Processes (total 92):
0 System Idle Process
4 System
352 C:\Windows\System32\smss.exe
516 csrss.exe
564 C:\Windows\System32\wininit.exe
588 csrss.exe
632 C:\Windows\System32\services.exe
652 C:\Windows\System32\lsass.exe
660 C:\Windows\System32\lsm.exe
756 C:\Windows\System32\svchost.exe
828 C:\Windows\System32\nvvsvc.exe
868 C:\Windows\System32\svchost.exe
944 C:\Windows\System32\winlogon.exe
988 C:\Windows\System32\svchost.exe
372 C:\Windows\System32\svchost.exe
520 C:\Windows\System32\svchost.exe
852 C:\Windows\System32\audiodg.exe
1060 C:\Windows\System32\svchost.exe
1152 C:\Windows\System32\svchost.exe
1240 C:\Program Files (x86)\Online Armor\oacat.exe
1316 C:\Program Files (x86)\Online Armor\oasrv.exe
1332 C:\Windows\System32\nvvsvc.exe
1560 C:\Windows\System32\dwm.exe
1608 C:\Windows\explorer.exe
1700 C:\Windows\System32\FBAgent.exe
1724 C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
1760 C:\Program Files\ATKGFNEX\GFNEXSrv.exe
1792 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
424 C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
1540 C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
1832 C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
1480 C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
1476 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1940 C:\Windows\System32\rundll32.exe
1604 C:\Program Files (x86)\Online Armor\oaui.exe
1392 C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
2104 C:\Program Files (x86)\Skype\Phone\Skype.exe
2160 C:\Windows\System32\spoolsv.exe
2232 C:\Windows\System32\svchost.exe
2372 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2392 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2428 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
2476 C:\Windows\System32\svchost.exe
2524 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
2576 C:\Program Files\Macrium\Reflect\ReflectService.exe
2636 C:\Windows\System32\taskhost.exe
2648 C:\Windows\System32\svchost.exe
2824 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
3224 C:\Windows\System32\taskeng.exe
3336 C:\Windows\System32\svchost.exe
3380 C:\Windows\System32\StikyNot.exe
3452 C:\Program Files\P4G\BatteryLife.exe
3532 C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
3540 C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
3552 C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
3564 C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
3576 C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
3608 C:\Windows\System32\SearchIndexer.exe
3892 C:\Program Files (x86)\Online Armor\oahlp.exe
3984 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
4044 C:\Windows\SysWOW64\ACEngSvr.exe
3948 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
4272 C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
4416 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
4520 C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
4656 C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
4692 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
4704 C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
4740 C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
4764 C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe
4816 C:\Program Files\AVAST Software\Avast\AvastUI.exe
5000 C:\Program Files (x86)\iTunes\iTunesHelper.exe
5028 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
3728 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
4164 C:\Program Files\iPod\bin\iPodService.exe
5880 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
5956 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
6060 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
4172 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
4244 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
5292 C:\Windows\System32\svchost.exe
2804 C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
5864 C:\Windows\System32\SearchProtocolHost.exe
5256 C:\Windows\System32\svchost.exe
5340 C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
5992 C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
5168 C:\Windows\System32\SearchFilterHost.exe
6096 <unknown>
5400 dllhost.exe
3640 C:\Users\LANCE\Downloads\MBRCheck.exe
2144 C:\Windows\System32\conhost.exe
6008 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`2c900000 (NTFS)

PhysicalDrive0 Model Number: ST9500420AS, Rev: 0002SDM1

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!
  • 0

#22
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
MBR seems OK. Let's see if we can get Memtest86 to run.

http://www.memtest86...86-4.0a.iso.zip

Download the above file and save it. Right click on it and Extract All. It will create a folder of the same name. Inside the folder should be a .iso file. You need to burn a bootable CD with this file. IF you don't know how then download, save and run freeisoburner. http://www.freeisoburner.com/ Run it and point it at the .iso file.

Boot from the CD you made and let the tests run for a few hours. It should tell you if it sees any errors. (Instructions and commands http://www.memtest86.com/ then Technical Info)

Ron
  • 0

#23
LANCE_1313

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
Ok, I ran that and let it have a few passes. It said there were no errors. I'll probably let it run all night tonight but I doubt that will turn anything else up. I've still had the battery out and it's probably been about 4 days now. It seems to be running quite well. I'm thinking that's the problem. If that is the case, will buying a new battery fix the issue permanently or will any battery cause the same error.
  • 0

#24
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
A new battery should fix the problem. Old batteries load down the power supply so that things get marginal.

Ron
  • 0

#25
LANCE_1313

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
I thought everything was settled but unfortunately I had another blue screen of death. It also got stuck doing the BSOD and didn't create a dump file. Anything else I should check?

thanks again
  • 0

Advertisements


#26
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Did you get the error number from the BSOD?
  • 0

#27
LANCE_1313

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
sorry i didn't write it down
  • 0

#28
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,001 posts
  • MVP
Run Vino's Event Viewer again as before and post the logs. Perhaps there will be a clue there.

Ron
  • 0

#29
LANCE_1313

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 17/09/2011 2:38:33 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 16/09/2011 9:01:47 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: witcher.EXE, version: 1.0.0.1101, time stamp: 0x46f6c2f2 Faulting module name: witcher.EXE, version: 1.0.0.1101, time stamp: 0x46f6c2f2 Exception code: 0xc0000005 Fault offset: 0x00350ed5 Faulting process id: 0x860 Faulting application start time: 0x01cc746e65defebf Faulting application path: C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Faulting module path: C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Report Id: 1674375d-e0a7-11e0-aa22-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 6:22:35 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7 Faulting module name: AcGenral.DLL, version: 6.1.7601.17514, time stamp: 0x4ce7b6ff Exception code: 0xc0000005 Fault offset: 0x00046d2c Faulting process id: 0x1160 Faulting application start time: 0x01cc7439048a4986 Faulting application path: C:\Windows\SysWOW64\explorer.exe Faulting module path: C:\Windows\AppPatch\AcGenral.DLL Report Id: 43b3b092-e02c-11e0-a167-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 6:02:36 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program TWEE_Upgrade(1).exe version 14.0.0.162 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1314 Start Time: 01cc7435cc220113 Termination Time: 2 Application Path: C:\Users\LANCE\Downloads\TWEE_Upgrade(1).exe Report Id: 76514bdc-e029-11e0-834b-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 6:02:05 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x15c8 Faulting application start time: 0x01cc743627922c43 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 66ed677b-e029-11e0-834b-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:58:55 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x6b111488 Faulting process id: 0xfe4 Faulting application start time: 0x01cc7435b6828fd6 Faulting application path: C:\Windows\SysWOW64\explorer.exe Faulting module path: unknown Report Id: f58f5bc7-e028-11e0-834b-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:40:43 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7 Faulting module name: AcGenral.DLL, version: 6.1.7601.17514, time stamp: 0x4ce7b6ff Exception code: 0xc0000005 Fault offset: 0x001d6c6a Faulting process id: 0xe78 Faulting application start time: 0x01cc74332c43cb2d Faulting application path: C:\Windows\SysWOW64\explorer.exe Faulting module path: C:\Windows\AppPatch\AcGenral.DLL Report Id: 6a7a7f4c-e026-11e0-834b-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:36:01 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7 Faulting module name: AcGenral.DLL, version: 6.1.7601.17514, time stamp: 0x4ce7b6ff Exception code: 0xc0000005 Fault offset: 0x001d6c6a Faulting process id: 0xd4c Faulting application start time: 0x01cc743283ed49ac Faulting application path: C:\Windows\SysWOW64\explorer.exe Faulting module path: C:\Windows\AppPatch\AcGenral.DLL Report Id: c2724600-e025-11e0-834b-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:30:35 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: Skype.exe, version: 5.5.0.115, time stamp: 0x4e57808b Faulting module name: Skype.exe, version: 5.5.0.115, time stamp: 0x4e57808b Exception code: 0xc0000005 Fault offset: 0x001a3170 Faulting process id: 0x310 Faulting application start time: 0x01cc7431bfc4b74d Faulting application path: C:\Program Files (x86)\Skype\Phone\Skype.exe Faulting module path: C:\Program Files (x86)\Skype\Phone\Skype.exe Report Id: 005f24a9-e025-11e0-834b-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:27:45 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program TWEE_Upgrade(1).exe version 14.0.0.162 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1410 Start Time: 01cc74307c963f5b Termination Time: 0 Application Path: C:\Users\LANCE\Downloads\TWEE_Upgrade(1).exe Report Id: 99253c91-e024-11e0-afdf-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:25:53 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x4a4 Faulting application start time: 0x01cc74311a508da2 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 581e6bc7-e024-11e0-afdf-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:25:18 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x10a8 Faulting application start time: 0x01cc7431054a8657 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 431ac5db-e024-11e0-afdf-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:23:51 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x218 Faulting application start time: 0x01cc7430d00ee056 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 0f5e5d67-e024-11e0-afdf-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 4:45:39 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program TWEE_Upgrade(1).exe version 14.0.0.162 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1b10 Start Time: 01cc742ac24a5ad4 Termination Time: 23 Application Path: C:\Users\LANCE\Downloads\TWEE_Upgrade(1).exe Report Id: b84279d0-e01e-11e0-afb7-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 4:44:22 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x4f0 Faulting application start time: 0x01cc742b4d7b09e3 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 8b4c6b06-e01e-11e0-afb7-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 4:42:31 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x1940 Faulting application start time: 0x01cc742b09f0c607 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 4949b746-e01e-11e0-afb7-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 4:37:50 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program TWEE_Upgrade(1).exe version 14.0.0.162 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 6e0 Start Time: 01cc741cfb2781ad Termination Time: 19 Application Path: C:\Users\LANCE\Downloads\TWEE_Upgrade(1).exe Report Id: a0bdcd1e-e01d-11e0-afb7-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 4:37:17 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x77c Faulting application start time: 0x01cc742a5052a4f0 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 8e2d7c17-e01d-11e0-afb7-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 4:36:33 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x840 Faulting application start time: 0x01cc742a36092227 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 74139580-e01d-11e0-afb7-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 4:34:12 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x1828 Faulting application start time: 0x01cc7429e0cfefe3 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 1fbd4c7e-e01d-11e0-afb7-e0cb4e5b9aca

Log: 'Application' Date/Time: 15/09/2011 11:18:46 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: witcher.EXE, version: 1.0.0.1101, time stamp: 0x46f6c2f2 Faulting module name: witcher.EXE, version: 1.0.0.1101, time stamp: 0x46f6c2f2 Exception code: 0xc0000005 Fault offset: 0x00085a90 Faulting process id: 0x1064 Faulting application start time: 0x01cc737e3223c2eb Faulting application path: C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Faulting module path: C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Report Id: 79ef5e8f-df8c-11e0-af29-e0cb4e5b9aca

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 17/09/2011 2:28:42 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Skype\Phone\Skype.exe' (pid 3920) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 16/09/2011 7:03:26 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 6:05:41 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 6:04:34 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 20 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Root
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\trust
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\My
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\CA
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer


Log: 'Application' Date/Time: 16/09/2011 5:29:45 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 5:28:35 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 11 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1728 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1728 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Root
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\trust
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\My
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\CA
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates


Log: 'Application' Date/Time: 16/09/2011 4:57:09 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 4:56:06 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1708 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1708 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000


Log: 'Application' Date/Time: 16/09/2011 4:47:26 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 4:46:21 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1728 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1728 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000


Log: 'Application' Date/Time: 16/09/2011 2:03:10 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 2:01:55 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1724 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1724 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000


Log: 'Application' Date/Time: 16/09/2011 1:57:20 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 1:55:59 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1736 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1736 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000


Log: 'Application' Date/Time: 15/09/2011 12:28:35 PM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 15/09/2011 12:27:29 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1716 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1716 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000


Log: 'Application' Date/Time: 15/09/2011 12:08:22 PM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 15/09/2011 12:07:00 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 17 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Root
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\trust
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\My
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\CA
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates


Log: 'Application' Date/Time: 15/09/2011 8:04:38 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 15/09/2011 8:03:17 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 11 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1416 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1416 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1416 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Root
Process 1416 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1416 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\trust
Process 1416 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\My
Process 1416 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\CA
Process 1416 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1416 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates




Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 17/09/2011 2:39:50 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/09/2011 7:02:52 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 14/09/2011 9:49:53 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 14/09/2011 8:03:15 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 13/09/2011 6:59:03 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 10/09/2011 2:55:18 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 17/09/2011 2:33:38 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 17/09/2011 2:33:38 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 17/09/2011 2:33:24 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 10:45:51 PM
Type: Error Category: 0
Event: 8003 Source: bowser
The master browser has received a server announcement from the computer PC2010100320ADX that believes that it is the master browser for the domain on transport NetBT_Tcpip_{2A5D3F54-F991-49B7-8E0F-C76A1C607010}. The master browser is stopping or an election is being forced.

Log: 'System' Date/Time: 16/09/2011 11:21:25 AM
Type: Error Category: 0
Event: 8003 Source: bowser
The master browser has received a server announcement from the computer PC2010100320ADX that believes that it is the master browser for the domain on transport NetBT_Tcpip_{2A5D3F54-F991-49B7-8E0F-C76A1C607010}. The master browser is stopping or an election is being forced.

Log: 'System' Date/Time: 16/09/2011 7:04:18 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 7:04:18 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 7:03:15 AM
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-WER-SystemErrorReporting
The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff6f840021198, 0x0000000000000000, 0xfffff800034704a2, 0x0000000000000005). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 091611-27097-01.

Log: 'System' Date/Time: 16/09/2011 7:03:11 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 5:00:26 PM on ?16/?09/?2011 was unexpected.

Log: 'System' Date/Time: 16/09/2011 6:06:12 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 6:06:12 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 4:57:35 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 4:57:35 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 4:48:04 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 4:48:04 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 2:25:16 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 2:25:15 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 2:03:53 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 2:03:53 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 1:57:59 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/09/2011 11:21:25 AM
Type: Warning Category: 0
Event: 8005 Source: bowser
The browser has received a server announcement indicating that the computer LANCE-LT is a master browser, but this computer is not a master browser.

Log: 'System' Date/Time: 16/09/2011 8:56:13 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 16/09/2011 8:17:34 AM
Type: Warning Category: 0
Event: 16393 Source: Microsoft-Windows-Bits-Client
BITS has encountered an error communicating with an Internet Gateway Device. Please check that the device is functioning properly. BITS will not attempt to use this device until the next system reboot. Error code: 0x80072EFD.

Log: 'System' Date/Time: 16/09/2011 8:15:49 AM
Type: Warning Category: 0
Event: 16393 Source: Microsoft-Windows-Bits-Client
BITS has encountered an error communicating with an Internet Gateway Device. Please check that the device is functioning properly. BITS will not attempt to use this device until the next system reboot. Error code: 0x80072EFD.

Log: 'System' Date/Time: 16/09/2011 6:04:39 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 16/09/2011 5:28:38 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 16/09/2011 5:28:00 AM
Type: Warning Category: 0
Event: 1073 Source: USER32
The attempt by user LANCE-LT\LANCE to restart/shutdown computer LANCE-LT failed

Log: 'System' Date/Time: 16/09/2011 4:56:08 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 16/09/2011 4:46:24 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 16/09/2011 2:01:58 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 16/09/2011 1:56:12 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 15/09/2011 12:27:33 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 15/09/2011 12:26:49 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 15/09/2011 12:07:15 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 15/09/2011 11:19:29 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name tankafetast.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 15/09/2011 4:56:54 AM
Type: Warning Category: 223
Event: 225 Source: Microsoft-Windows-Kernel-PnP
The application System with process id 4 stopped the removal or ejection for the device USB\VID_1058&PID_071A\575850314136305336393132.

Log: 'System' Date/Time: 15/09/2011 2:54:20 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.phagepress.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 14/09/2011 9:57:53 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 14/09/2011 9:40:22 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 14/09/2011 5:57:14 AM
Type: Warning Category: 0
Event: 16393 Source: Microsoft-Windows-Bits-Client
BITS has encountered an error communicating with an Internet Gateway Device. Please check that the device is functioning properly. BITS will not attempt to use this device until the next system reboot. Error code: 0x80072EFD.
  • 0

#30
LANCE_1313

LANCE_1313

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 159 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 17/09/2011 2:38:33 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 16/09/2011 9:01:47 PM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: witcher.EXE, version: 1.0.0.1101, time stamp: 0x46f6c2f2 Faulting module name: witcher.EXE, version: 1.0.0.1101, time stamp: 0x46f6c2f2 Exception code: 0xc0000005 Fault offset: 0x00350ed5 Faulting process id: 0x860 Faulting application start time: 0x01cc746e65defebf Faulting application path: C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Faulting module path: C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Report Id: 1674375d-e0a7-11e0-aa22-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 6:22:35 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7 Faulting module name: AcGenral.DLL, version: 6.1.7601.17514, time stamp: 0x4ce7b6ff Exception code: 0xc0000005 Fault offset: 0x00046d2c Faulting process id: 0x1160 Faulting application start time: 0x01cc7439048a4986 Faulting application path: C:\Windows\SysWOW64\explorer.exe Faulting module path: C:\Windows\AppPatch\AcGenral.DLL Report Id: 43b3b092-e02c-11e0-a167-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 6:02:36 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program TWEE_Upgrade(1).exe version 14.0.0.162 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1314 Start Time: 01cc7435cc220113 Termination Time: 2 Application Path: C:\Users\LANCE\Downloads\TWEE_Upgrade(1).exe Report Id: 76514bdc-e029-11e0-834b-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 6:02:05 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x15c8 Faulting application start time: 0x01cc743627922c43 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 66ed677b-e029-11e0-834b-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:58:55 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x6b111488 Faulting process id: 0xfe4 Faulting application start time: 0x01cc7435b6828fd6 Faulting application path: C:\Windows\SysWOW64\explorer.exe Faulting module path: unknown Report Id: f58f5bc7-e028-11e0-834b-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:40:43 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7 Faulting module name: AcGenral.DLL, version: 6.1.7601.17514, time stamp: 0x4ce7b6ff Exception code: 0xc0000005 Fault offset: 0x001d6c6a Faulting process id: 0xe78 Faulting application start time: 0x01cc74332c43cb2d Faulting application path: C:\Windows\SysWOW64\explorer.exe Faulting module path: C:\Windows\AppPatch\AcGenral.DLL Report Id: 6a7a7f4c-e026-11e0-834b-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:36:01 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7 Faulting module name: AcGenral.DLL, version: 6.1.7601.17514, time stamp: 0x4ce7b6ff Exception code: 0xc0000005 Fault offset: 0x001d6c6a Faulting process id: 0xd4c Faulting application start time: 0x01cc743283ed49ac Faulting application path: C:\Windows\SysWOW64\explorer.exe Faulting module path: C:\Windows\AppPatch\AcGenral.DLL Report Id: c2724600-e025-11e0-834b-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:30:35 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: Skype.exe, version: 5.5.0.115, time stamp: 0x4e57808b Faulting module name: Skype.exe, version: 5.5.0.115, time stamp: 0x4e57808b Exception code: 0xc0000005 Fault offset: 0x001a3170 Faulting process id: 0x310 Faulting application start time: 0x01cc7431bfc4b74d Faulting application path: C:\Program Files (x86)\Skype\Phone\Skype.exe Faulting module path: C:\Program Files (x86)\Skype\Phone\Skype.exe Report Id: 005f24a9-e025-11e0-834b-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:27:45 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program TWEE_Upgrade(1).exe version 14.0.0.162 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1410 Start Time: 01cc74307c963f5b Termination Time: 0 Application Path: C:\Users\LANCE\Downloads\TWEE_Upgrade(1).exe Report Id: 99253c91-e024-11e0-afdf-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:25:53 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x4a4 Faulting application start time: 0x01cc74311a508da2 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 581e6bc7-e024-11e0-afdf-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:25:18 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x10a8 Faulting application start time: 0x01cc7431054a8657 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 431ac5db-e024-11e0-afdf-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 5:23:51 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x218 Faulting application start time: 0x01cc7430d00ee056 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 0f5e5d67-e024-11e0-afdf-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 4:45:39 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program TWEE_Upgrade(1).exe version 14.0.0.162 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1b10 Start Time: 01cc742ac24a5ad4 Termination Time: 23 Application Path: C:\Users\LANCE\Downloads\TWEE_Upgrade(1).exe Report Id: b84279d0-e01e-11e0-afb7-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 4:44:22 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x4f0 Faulting application start time: 0x01cc742b4d7b09e3 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 8b4c6b06-e01e-11e0-afb7-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 4:42:31 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x1940 Faulting application start time: 0x01cc742b09f0c607 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 4949b746-e01e-11e0-afb7-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 4:37:50 AM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program TWEE_Upgrade(1).exe version 14.0.0.162 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 6e0 Start Time: 01cc741cfb2781ad Termination Time: 19 Application Path: C:\Users\LANCE\Downloads\TWEE_Upgrade(1).exe Report Id: a0bdcd1e-e01d-11e0-afb7-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 4:37:17 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x77c Faulting application start time: 0x01cc742a5052a4f0 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 8e2d7c17-e01d-11e0-afb7-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 4:36:33 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x840 Faulting application start time: 0x01cc742a36092227 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 74139580-e01d-11e0-afb7-e0cb4e5b9aca

Log: 'Application' Date/Time: 16/09/2011 4:34:12 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Faulting module name: vpatch.exe, version: 3.0.2.0, time stamp: 0x474af5e1 Exception code: 0xc0000005 Fault offset: 0x00127b80 Faulting process id: 0x1828 Faulting application start time: 0x01cc7429e0cfefe3 Faulting application path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Faulting module path: C:\Users\LANCE\AppData\Local\Temp\_ir_vp2_temp_0\vpatch.exe Report Id: 1fbd4c7e-e01d-11e0-afb7-e0cb4e5b9aca

Log: 'Application' Date/Time: 15/09/2011 11:18:46 AM
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: witcher.EXE, version: 1.0.0.1101, time stamp: 0x46f6c2f2 Faulting module name: witcher.EXE, version: 1.0.0.1101, time stamp: 0x46f6c2f2 Exception code: 0xc0000005 Fault offset: 0x00085a90 Faulting process id: 0x1064 Faulting application start time: 0x01cc737e3223c2eb Faulting application path: C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Faulting module path: C:\Program Files (x86)\The Witcher\SYSTEM\witcher.EXE Report Id: 79ef5e8f-df8c-11e0-af29-e0cb4e5b9aca

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 17/09/2011 2:28:42 AM
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Skype\Phone\Skype.exe' (pid 3920) cannot be restarted - Application SID does not match Conductor SID..

Log: 'Application' Date/Time: 16/09/2011 7:03:26 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 6:05:41 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 6:04:34 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 20 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Root
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\trust
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\My
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\CA
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1420 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\Windows\CurrentVersion\Explorer


Log: 'Application' Date/Time: 16/09/2011 5:29:45 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 5:28:35 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 11 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1728 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1728 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Root
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\trust
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\My
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\CA
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1308 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates


Log: 'Application' Date/Time: 16/09/2011 4:57:09 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 4:56:06 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1708 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1708 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000


Log: 'Application' Date/Time: 16/09/2011 4:47:26 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 4:46:21 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1728 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1728 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000


Log: 'Application' Date/Time: 16/09/2011 2:03:10 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 2:01:55 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1724 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1724 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000


Log: 'Application' Date/Time: 16/09/2011 1:57:20 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 16/09/2011 1:55:59 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1736 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1736 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000


Log: 'Application' Date/Time: 15/09/2011 12:28:35 PM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 15/09/2011 12:27:29 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 2 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1716 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1716 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000


Log: 'Application' Date/Time: 15/09/2011 12:08:22 PM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 15/09/2011 12:07:00 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 17 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Root
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\trust
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\My
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\CA
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 3508 (\Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates


Log: 'Application' Date/Time: 15/09/2011 8:04:38 AM
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 15/09/2011 8:03:17 AM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 11 user registry handles leaked from \Registry\User\S-1-5-21-3071241727-2624829447-66053563-1000:
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1712 (\Device\HarddiskVolume2\Windows\System32\FBAgent.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1416 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1416 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000
Process 1416 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\Root
Process 1416 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 1416 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\trust
Process 1416 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\My
Process 1416 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Microsoft\SystemCertificates\CA
Process 1416 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates
Process 1416 (\Device\HarddiskVolume2\Program Files (x86)\Online Armor\oasrv.exe) has opened key \REGISTRY\USER\S-1-5-21-3071241727-2624829447-66053563-1000\Software\Policies\Microsoft\SystemCertificates




Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 17/09/2011 2:39:50 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/09/2011 7:02:52 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 14/09/2011 9:49:53 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 14/09/2011 8:03:15 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 13/09/2011 6:59:03 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 10/09/2011 2:55:18 AM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 17/09/2011 2:33:38 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 17/09/2011 2:33:38 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 17/09/2011 2:33:24 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 10:45:51 PM
Type: Error Category: 0
Event: 8003 Source: bowser
The master browser has received a server announcement from the computer PC2010100320ADX that believes that it is the master browser for the domain on transport NetBT_Tcpip_{2A5D3F54-F991-49B7-8E0F-C76A1C607010}. The master browser is stopping or an election is being forced.

Log: 'System' Date/Time: 16/09/2011 11:21:25 AM
Type: Error Category: 0
Event: 8003 Source: bowser
The master browser has received a server announcement from the computer PC2010100320ADX that believes that it is the master browser for the domain on transport NetBT_Tcpip_{2A5D3F54-F991-49B7-8E0F-C76A1C607010}. The master browser is stopping or an election is being forced.

Log: 'System' Date/Time: 16/09/2011 7:04:18 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 7:04:18 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 7:03:15 AM
Type: Error Category: 0
Event: 1001 Source: Microsoft-Windows-WER-SystemErrorReporting
The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff6f840021198, 0x0000000000000000, 0xfffff800034704a2, 0x0000000000000005). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 091611-27097-01.

Log: 'System' Date/Time: 16/09/2011 7:03:11 AM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 5:00:26 PM on ?16/?09/?2011 was unexpected.

Log: 'System' Date/Time: 16/09/2011 6:06:12 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 6:06:12 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 4:57:35 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 4:57:35 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 4:48:04 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 4:48:04 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 2:25:16 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 2:25:15 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 2:03:53 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 2:03:53 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

Log: 'System' Date/Time: 16/09/2011 1:57:59 AM
Type: Error Category: 0
Event: 36888 Source: Schannel
The following fatal alert was generated: 10. The internal error state is 10.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 16/09/2011 11:21:25 AM
Type: Warning Category: 0
Event: 8005 Source: bowser
The browser has received a server announcement indicating that the computer LANCE-LT is a master browser, but this computer is not a master browser.

Log: 'System' Date/Time: 16/09/2011 8:56:13 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 16/09/2011 8:17:34 AM
Type: Warning Category: 0
Event: 16393 Source: Microsoft-Windows-Bits-Client
BITS has encountered an error communicating with an Internet Gateway Device. Please check that the device is functioning properly. BITS will not attempt to use this device until the next system reboot. Error code: 0x80072EFD.

Log: 'System' Date/Time: 16/09/2011 8:15:49 AM
Type: Warning Category: 0
Event: 16393 Source: Microsoft-Windows-Bits-Client
BITS has encountered an error communicating with an Internet Gateway Device. Please check that the device is functioning properly. BITS will not attempt to use this device until the next system reboot. Error code: 0x80072EFD.

Log: 'System' Date/Time: 16/09/2011 6:04:39 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 16/09/2011 5:28:38 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 16/09/2011 5:28:00 AM
Type: Warning Category: 0
Event: 1073 Source: USER32
The attempt by user LANCE-LT\LANCE to restart/shutdown computer LANCE-LT failed

Log: 'System' Date/Time: 16/09/2011 4:56:08 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 16/09/2011 4:46:24 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 16/09/2011 2:01:58 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 16/09/2011 1:56:12 AM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 15/09/2011 12:27:33 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 15/09/2011 12:26:49 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 15/09/2011 12:07:15 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 15/09/2011 11:19:29 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name tankafetast.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 15/09/2011 4:56:54 AM
Type: Warning Category: 223
Event: 225 Source: Microsoft-Windows-Kernel-PnP
The application System with process id 4 stopped the removal or ejection for the device USB\VID_1058&PID_071A\575850314136305336393132.

Log: 'System' Date/Time: 15/09/2011 2:54:20 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name www.phagepress.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 14/09/2011 9:57:53 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 14/09/2011 9:40:22 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 14/09/2011 5:57:14 AM
Type: Warning Category: 0
Event: 16393 Source: Microsoft-Windows-Bits-Client
BITS has encountered an error communicating with an Internet Gateway Device. Please check that the device is functioning properly. BITS will not attempt to use this device until the next system reboot. Error code: 0x80072EFD.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP