Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

recieveing an secuity alert from NIS 2010 "Tidserv Activity 2"


  • This topic is locked This topic is locked

#16
ßGéè Gêë

ßGéè Gêë

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
ok i got the pragram to run here are the logs



OTL logfile created on: 1/19/2012 9:09:43 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = J:\Users\gee221\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.94 Gb Total Physical Memory | 2.04 Gb Available Physical Memory | 69.49% Memory free
6.09 Gb Paging File | 5.26 Gb Available in Paging File | 86.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = J: | %SystemRoot% = J:\Windows | %ProgramFiles% = J:\Program Files
Drive C: | 1792.24 Gb Total Space | 1407.91 Gb Free Space | 78.56% Space Free | Partition Type: NTFS
Drive J: | 149.05 Gb Total Space | 91.40 Gb Free Space | 61.32% Space Free | Partition Type: NTFS

Computer Name: GEE221-PC | User Name: gee221 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/19 19:08:09 | 000,584,192 | ---- | M] (OldTimer Tools) -- J:\Users\gee221\Desktop\OTL.exe
PRC - [2012/01/02 09:14:02 | 000,325,728 | ---- | M] (BillP Studios) -- J:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2011/04/16 17:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- J:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- J:\Windows\explorer.exe
PRC - [2007/03/28 21:01:51 | 000,302,592 | ---- | M] (TrustSoft Inc.) -- J:\Program Files\HistoryKill 2007\histkill.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/08 12:50:36 | 000,573,100 | ---- | M] () -- J:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2008/09/16 19:18:06 | 000,132,608 | ---- | M] () -- J:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/08/05 12:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- J:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2011/08/05 12:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- J:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2011/08/05 12:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- J:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2011/04/16 17:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- J:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe -- (NIS)
SRV - [2008/10/28 23:08:44 | 000,326,192 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- J:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2008/10/28 23:07:56 | 000,113,200 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- J:\Program Files\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2008/10/28 23:07:20 | 000,399,920 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- J:\Windows\System32\vmnat.exe -- (VMware NAT Service)
SRV - [2008/10/02 18:25:42 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- J:\Program Files\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2008/09/08 10:10:20 | 000,450,560 | ---- | M] () [Disabled | Stopped] -- J:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2008/09/08 10:09:40 | 000,184,320 | ---- | M] () [Disabled | Stopped] -- J:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2008/08/29 09:00:30 | 000,033,752 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- J:\Program Files\NOS\bin\getPlus_HelperSvc.exe -- (getPlus® Helper) getPlus®
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- J:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2012/01/14 03:19:47 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- J:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120117.017\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/01/14 03:19:47 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- J:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/01/14 03:19:47 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- J:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/01/14 03:19:47 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- J:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120117.017\NAVENG.SYS -- (NAVENG)
DRV - [2012/01/13 16:28:14 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- J:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120117.002\IDSvix86.sys -- (IDSVix86)
DRV - [2011/12/23 22:17:32 | 000,820,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- J:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20111223.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/07/24 15:31:00 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- J:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/03/30 20:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- J:\Windows\System32\Drivers\NIS\1206000.01D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 20:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- J:\Windows\system32\drivers\NIS\1206000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/21 17:39:49 | 000,331,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- J:\Windows\system32\drivers\NIS\1206000.01D\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2011/03/14 19:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- J:\Windows\system32\drivers\NIS\1206000.01D\SYMEFA.SYS -- (SymEFA)
DRV - [2011/01/26 23:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- J:\Windows\system32\drivers\NIS\1206000.01D\SYMDS.SYS -- (SymDS)
DRV - [2010/11/15 18:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- J:\Windows\system32\drivers\NIS\1206000.01D\Ironx86.SYS -- (SymIRON)
DRV - [2009/04/10 21:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- J:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2008/10/28 23:08:58 | 000,054,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- J:\Windows\System32\drivers\vmci.sys -- (vmci)
DRV - [2008/10/28 23:08:58 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- J:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2008/10/28 23:08:56 | 000,023,216 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- J:\Windows\System32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2008/10/28 23:08:54 | 000,857,392 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- J:\Windows\System32\drivers\vmx86.sys -- (vmx86)
DRV - [2008/10/28 23:08:52 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- J:\Windows\System32\drivers\hcmon.sys -- (hcmon)
DRV - [2008/10/28 17:03:28 | 000,031,280 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- J:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2008/10/28 17:03:28 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- J:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2008/10/02 18:24:48 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- J:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2008/08/01 18:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- J:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/07/22 10:11:00 | 000,024,608 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- J:\Windows\system32\DRIVERS\NVAMACPI.sys -- (nvamacpi)
DRV - [2008/05/22 20:49:00 | 007,465,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- J:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/05/08 04:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- J:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 04:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- J:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/10/26 17:51:24 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- J:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/10/18 06:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- J:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/08/22 18:51:28 | 009,611,520 | ---- | M] () [Kernel | On_Demand | Stopped] -- J:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- J:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2006/11/02 00:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- J:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4047874029-3753604312-375325555-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = J:\Users\gee221\Desktop
IE - HKU\S-1-5-21-4047874029-3753604312-375325555-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-4047874029-3753604312-375325555-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4047874029-3753604312-375325555-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: J:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: J:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: J:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: J:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: J:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\ [2011/10/20 18:56:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: J:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_4_3 [2012/01/19 19:57:17 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - J:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - J:\Program Files\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - J:\Program Files\Norton Internet Security\Engine\18.6.0.29\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - J:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - J:\Program Files\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-4047874029-3753604312-375325555-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - J:\Program Files\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [WinPatrol] J:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] J:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] J:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4047874029-3753604312-375325555-1000..\Run: [Aim6] File not found
O4 - HKU\S-1-5-21-4047874029-3753604312-375325555-1000..\Run: [HistoryKill] J:\Program Files\HistoryKill 2007\histkill.exe (TrustSoft Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - J:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - J:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - J:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - J:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - J:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - J:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - J:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - J:\Windows\System32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - J:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - J:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...ctDetection.cab (GMNRev Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.co...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.ado...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C73EC53A-31A6-4D6E-A87E-C71FB6A5B997}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) -J:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (J:\Windows\system32\userinit.exe) -J:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: J:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: J:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/07 02:44:31 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - J:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/19 19:08:12 | 000,584,192 | ---- | C] (OldTimer Tools) -- J:\Users\gee221\Desktop\OTL.exe
[2012/01/17 19:40:58 | 000,000,000 | ---D | C] -- J:\ProgramData\InstallMate
[2012/01/17 17:44:01 | 000,000,000 | ---D | C] -- J:\Users\gee221\Desktop\resume
[2012/01/17 17:42:13 | 000,000,000 | ---D | C] -- J:\Users\gee221\Desktop\picz and art
[2012/01/17 14:22:25 | 000,000,000 | ---D | C] -- J:\Users\gee221\Desktop\malware tools
[2012/01/15 19:30:20 | 000,000,000 | ---D | C] -- J:\Windows\System32\ms-MY
[2012/01/15 15:02:17 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- J:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/01/14 16:49:02 | 000,000,000 | ---D | C] -- J:\Users\gee221\{35aa7ec1-be51-49a8-b1d1-02ab546f8387}
[2012/01/14 16:48:56 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
[2012/01/14 03:15:29 | 002,382,848 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\mshtml.tlb
[2012/01/14 03:15:27 | 001,798,144 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\jscript9.dll
[2012/01/14 03:15:27 | 000,231,936 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\url.dll
[2012/01/14 03:15:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\ieui.dll
[2012/01/14 03:15:27 | 000,065,024 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\jsproxy.dll
[2012/01/14 03:15:24 | 001,427,456 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\inetcpl.cpl
[2012/01/13 21:02:56 | 003,602,816 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\ntkrnlpa.exe
[2012/01/13 21:02:56 | 003,550,080 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\ntoskrnl.exe
[2012/01/13 21:02:53 | 000,023,552 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\mciseq.dll
[2012/01/13 21:02:46 | 000,429,056 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\EncDec.dll
[2012/01/13 21:02:36 | 000,066,560 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\packager.dll
[2012/01/13 21:02:33 | 000,376,320 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\winsrv.dll
[2012/01/13 21:02:18 | 002,043,904 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\win32k.sys
[2012/01/13 21:02:15 | 000,049,152 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\csrsrv.dll
[2012/01/13 21:02:13 | 001,314,816 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\quartz.dll
[2012/01/13 21:02:13 | 000,497,152 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\qdvd.dll
[2012/01/13 21:02:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\tzres.dll
[2009/08/30 14:59:33 | 000,184,320 | ---- | C] ( ) -- J:\Windows\System32\rsnp2uvc.dll
[2009/08/30 14:59:32 | 000,176,128 | ---- | C] ( ) -- J:\Windows\System32\csnp2uvc.dll
[2008/12/09 20:10:01 | 000,047,360 | ---- | C] (VSO Software) -- J:\Users\gee221\AppData\Roaming\pcouffin.sys
[1 J:\Windows\*.tmp files -> J:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/19 20:01:25 | 000,609,852 | ---- | M] () -- J:\Windows\System32\perfh009.dat
[2012/01/19 20:01:25 | 000,106,018 | ---- | M] () -- J:\Windows\System32\perfc009.dat
[2012/01/19 19:54:52 | 000,003,952 | -H-- | M] () -- J:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/19 19:54:52 | 000,003,952 | -H-- | M] () -- J:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/19 19:54:29 | 000,067,584 | --S- | M] () -- J:\Windows\bootstat.dat
[2012/01/19 19:54:16 | 3152,580,608 | -HS- | M] () -- J:\hiberfil.sys
[2012/01/19 19:27:36 | 000,000,680 | ---- | M] () -- J:\Users\gee221\AppData\Local\d3d9caps.dat
[2012/01/19 19:08:09 | 000,584,192 | ---- | M] (OldTimer Tools) -- J:\Users\gee221\Desktop\OTL.exe
[2012/01/15 15:02:17 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- J:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/01/14 16:48:56 | 000,000,847 | ---- | M] () -- J:\Users\Public\Desktop\Zune.lnk
[2012/01/14 06:16:16 | 000,248,568 | ---- | M] () -- J:\Windows\System32\FNTCACHE.DAT
[1 J:\Windows\*.tmp files -> J:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/19 19:37:07 | 3152,580,608 | -HS- | C] () -- J:\hiberfil.sys
[2012/01/14 16:48:56 | 000,000,847 | ---- | C] () -- J:\Users\Public\Desktop\Zune.lnk
[2011/01/07 14:02:25 | 000,001,940 | ---- | C] () -- J:\Users\gee221\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/11/17 18:12:27 | 000,063,098 | ---- | C] () -- J:\Users\gee221\AppData\Roaming\SQLite3.dll
[2010/11/17 18:12:09 | 000,000,000 | ---- | C] () -- J:\Users\gee221\AppData\Roaming\chrtmp
[2010/01/19 12:57:17 | 000,055,856 | ---- | C] () -- J:\Windows\System32\vnetinst.dll
[2009/08/30 14:59:32 | 009,611,520 | ---- | C] () -- J:\Windows\System32\drivers\snp2uvc.sys
[2009/08/30 14:59:32 | 000,028,160 | ---- | C] () -- J:\Windows\System32\drivers\sncduvc.sys
[2009/08/30 14:59:32 | 000,015,497 | ---- | C] () -- J:\Windows\snp2uvc.ini
[2009/07/30 09:10:04 | 000,117,248 | ---- | C] () -- J:\Windows\System32\EhStorAuthn.dll
[2009/07/30 09:10:04 | 000,107,612 | ---- | C] () -- J:\Windows\System32\StructuredQuerySchema.bin
[2009/03/28 08:34:13 | 000,000,510 | ---- | C] () -- J:\Windows\WORDPAD.INI
[2008/12/09 20:43:16 | 000,000,040 | -HS- | C] () -- J:\ProgramData\.zreglib
[2008/12/09 20:10:01 | 000,087,608 | ---- | C] () -- J:\Users\gee221\AppData\Roaming\inst.exe
[2008/12/09 20:10:01 | 000,007,887 | ---- | C] () -- J:\Users\gee221\AppData\Roaming\pcouffin.cat
[2008/12/09 20:10:01 | 000,001,144 | ---- | C] () -- J:\Users\gee221\AppData\Roaming\pcouffin.inf
[2008/11/27 16:46:15 | 000,000,120 | ---- | C] () -- J:\Users\gee221\AppData\Roaming\FixVTS.ini
[2008/11/14 19:28:38 | 000,011,776 | ---- | C] () -- J:\Users\gee221\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/31 02:00:50 | 000,018,904 | ---- | C] () -- J:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/09/22 16:38:27 | 000,000,680 | ---- | C] () -- J:\Users\gee221\AppData\Local\d3d9caps.dat
[2008/09/21 09:42:00 | 000,004,984 | ---- | C] () -- J:\Windows\System32\drivers\nvphy.bin
[2006/11/02 05:57:28 | 000,067,584 | --S- | C] () -- J:\Windows\bootstat.dat
[2006/11/02 05:47:37 | 000,248,568 | ---- | C] () -- J:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- J:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:33:01 | 000,609,852 | ---- | C] () -- J:\Windows\System32\perfh009.dat
[2006/11/02 03:33:01 | 000,287,440 | ---- | C] () -- J:\Windows\System32\perfi009.dat
[2006/11/02 03:33:01 | 000,106,018 | ---- | C] () -- J:\Windows\System32\perfc009.dat
[2006/11/02 03:33:01 | 000,030,674 | ---- | C] () -- J:\Windows\System32\perfd009.dat
[2006/11/02 03:23:21 | 000,215,943 | ---- | C] () -- J:\Windows\System32\dssec.dat
[2006/11/02 01:58:30 | 000,043,131 | ---- | C] () -- J:\Windows\mib.bin
[2006/11/02 01:19:00 | 000,000,741 | ---- | C] () -- J:\Windows\System32\NOISE.DAT
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- J:\Windows\System32\pacerprf.ini
[2006/11/02 00:25:31 | 000,673,088 | ---- | C] () -- J:\Windows\System32\mlang.dat
[2006/07/13 12:10:30 | 000,003,169 | -H-- | C] () -- J:\Users\gee221\AppData\Roaming\logs.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> J:\Windows:906F4FCD79F90F09

< End of report >


------------------------------------------------------------------------------------------------------------------------------------------------------------------



OTL Extras logfile created on: 1/19/2012 9:13:42 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = J:\Users\gee221\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.94 Gb Total Physical Memory | 2.04 Gb Available Physical Memory | 69.49% Memory free
6.09 Gb Paging File | 5.26 Gb Available in Paging File | 86.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = J: | %SystemRoot% = J:\Windows | %ProgramFiles% = J:\Program Files
Drive C: | 1792.24 Gb Total Space | 1407.91 Gb Free Space | 78.56% Space Free | Partition Type: NTFS
Drive J: | 149.05 Gb Total Space | 91.40 Gb Free Space | 61.32% Space Free | Partition Type: NTFS

Computer Name: GEE221-PC | User Name: gee221 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- J:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- J:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "J:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "J:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-4047874029-3753604312-375325555-1000]
"EnableNotificationsRef" = 2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{D4DCA197-59C8-44D1-AB5A-5E50CE1D0997}" = lport=6004 | protocol=17 | dir=in | app=j:\program files\microsoft office\office14\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A243C2C-D567-4650-B534-8179BF1FE1F8}" = protocol=6 | dir=in | app=j:\program files\aim6\aim6.exe |
"{435460EE-B82A-43D1-BCF0-82A8CF93495D}" = protocol=17 | dir=in | app=j:\program files\common files\aol\loader\aolload.exe |
"{51DBCB42-A96B-4F64-B81F-E0455A01B17B}" = protocol=17 | dir=in | app=j:\program files\vmware\vmware workstation\vmware-authd.exe |
"{528760E2-613E-40E8-8DB5-477EB624CA4E}" = protocol=6 | dir=in | app=j:\program files\common files\aol\loader\aolload.exe |
"{705C98B0-DC97-4B61-9EA5-664008EFE4A3}" = protocol=6 | dir=in | app=j:\program files\yahoo!\messenger\yahoomessenger.exe |
"{8B23D766-B852-4AEC-854A-A7B7541EEE44}" = protocol=17 | dir=in | app=j:\program files\aim6\aim6.exe |
"{E7594C37-5050-435E-9C20-242B576B91B9}" = protocol=17 | dir=in | app=j:\program files\yahoo!\messenger\yahoomessenger.exe |
"{EF941366-249D-4014-BBD5-2C0609E34BEE}" = protocol=6 | dir=in | app=j:\program files\vmware\vmware workstation\vmware-authd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{007811BF-E310-4285-BFC6-55DB29B3EDDE}" = WinPatrol
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX310_series" = Canon MX310 series
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = USB2.0 1.3MP UVC Camera
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92317FD2-8A6B-4CEE-B03D-18CA3244E157}" = Windows Phone Intro Video (ENU)
"{9579E862-5FC7-4337-B1CC-5E37451524C5}" = Motorola Driver Installation
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus® for Adobe
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AIM_6" = AIM 6
"BitLord" = BitLord 1.1
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1" = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.1.2.2
"DVDFab 6_is1" = DVDFab 6.2.1.8 (31/12/2009)
"gBurner" = gBurner
"HijackThis" = HijackThis 1.99.0
"InstallShield_{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NIS" = Norton Internet Security
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"Product_Name" = HistoryKill 2007
"ViewpointMediaPlayer" = Viewpoint Media Player
"WinPatrol" = WinPatrol 2009
"WinRAR archiver" = WinRAR archiver
"Yahoo! Messenger" = Yahoo! Messenger
"Zune" = Zune

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/19/2012 10:41:55 PM | Computer Name = gee221-PC | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 6c0 Start Time: 01ccd71cac582d52 Termination Time: 32

Error - 1/19/2012 10:42:08 PM | Computer Name = gee221-PC | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: dd8 Start Time: 01ccd71d12a6753c Termination Time: 0

Error - 1/19/2012 10:42:27 PM | Computer Name = gee221-PC | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 330 Start Time: 01ccd71d1aa54690 Termination Time: 797

Error - 1/19/2012 10:42:59 PM | Computer Name = gee221-PC | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: ce4 Start Time: 01ccd71d25708c06 Termination Time: 15

Error - 1/19/2012 10:43:44 PM | Computer Name = gee221-PC | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 6a8 Start Time: 01ccd71d38f82f40 Termination Time: 15

Error - 1/19/2012 10:44:32 PM | Computer Name = gee221-PC | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: c24 Start Time: 01ccd71d537bf626 Termination Time: 15

Error - 1/19/2012 10:45:34 PM | Computer Name = gee221-PC | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: ae0 Start Time: 01ccd71d729986b8 Termination Time: 15

Error - 1/19/2012 10:46:03 PM | Computer Name = gee221-PC | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 6c0 Start Time: 01ccd71d95057a18 Termination Time: 31

Error - 1/19/2012 10:47:54 PM | Computer Name = gee221-PC | Source = Application Hang | ID = 1002
Description = The program explorer.exe version 6.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: b84 Start Time: 01ccd71da68097fa Termination Time: 13938

Error - 1/19/2012 11:06:31 PM | Computer Name = gee221-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.31.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 12b0 Start Time: 01ccd720613b2e79 Termination Time: 0

[ System Events ]
Error - 1/19/2012 10:39:53 PM | Computer Name = gee221-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 1/19/2012 10:39:53 PM | Computer Name = gee221-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 1/19/2012 10:41:59 PM | Computer Name = gee221-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 1/19/2012 10:41:59 PM | Computer Name = gee221-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 1/19/2012 10:48:24 PM | Computer Name = gee221-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 1/19/2012 10:49:13 PM | Computer Name = gee221-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 1/19/2012 10:57:03 PM | Computer Name = gee221-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 1/19/2012 10:57:03 PM | Computer Name = gee221-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 1/19/2012 10:59:07 PM | Computer Name = gee221-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 1/19/2012 10:59:07 PM | Computer Name = gee221-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >
  • 0

Advertisements


#17
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi ßGéè Gêë,

Step 1

Let's install the free Avast:

http://www.avast.com...ivirus-download

Once you have it installed and it has updated, right click on it and select Open Avast! User Interface then click on Scan Computer, then on Boot-Time Scan then Schedule Now. Reboot and let it run a scan. It will take many hours (like overnight) and unfortunately you may need to

Step 2

  • Go to Start -> My Computer
  • Right click on C: disk and clik on Properties
  • Click on tab Tools and click on Check now... button
  • Check Automatically fix system errors and Scan for and attempt recovery of bad sectors
  • Click Start button
  • Confirm schedule disk check next time computer starts with Yes button
  • Restart your system and wait while system checks your disk for errors
This step usually fix some errors related to BSOD.check back with it once in a while to see if it needs an input from you. If the scan hangs that may indicate a hardware problem.

Step 3


Please don't forget to include these items in your reply:

  • Did avast found anything and did it manage to remove it?
  • How is your system after running Check disk?
It would be helpful if you could post each log in separate post
  • 0

#18
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi ßGéè Gêë,

Did you manage to run scans? How is your system now?
  • 0

#19
ßGéè Gêë

ßGéè Gêë

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
yes i did and the system is running a little better, but still having problems with NIS the live update won't work manually
  • 0

#20
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi ßGéè Gêë,

NIS the live update won't work manually


Did you try to reinstall it. Save your license key and uninstal NIS then install it again. See if that works. Your system is clean as far as I can see. Let's try to speed it a little more by running Puran Defrag:

Download and run Puran Disc Defragmenter
Click on Boot Time Defrag button and choose Restart-Defrag-Restart

Posted Image
  • 0

#21
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP