Jump to content


Photo

Laptop freeze


  • This topic is locked This topic is locked
79 replies to this topic

#1 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 03 January 2010 - 10:46 PM

My husband's laptop freezes literally three minutes after booting up. It operates on Vista. We suspect the problem is a Logitech V450 Nano Cordless Laser mouse; the problem began immediately after he installed it. Removing the mouse has not resolved the problem, however. Below is the Hijackthis scan:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:36:21 PM, on 1/3/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Camera Assistant Software for Gateway\traybar.exe
C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\John\Downloads\HijackThis(6).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gate...&m=md7818u&c=BB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...&m=md7818u&c=BB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gate...&m=md7818u&c=BB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...&m=md7818u&c=BB
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Gateway\traybar.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Ad-Watch] "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)

--
End of file - 8193 bytes


Thanks in advance for your help!

#2 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,533 posts

Posted 06 January 2010 - 10:58 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.

If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.


[this is an automated reply]
This is an automated message. It does not count as help.

#3 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 11 January 2010 - 11:34 AM

Hi Nimrod001, and Welcome to SWI.

Download OTL.exe by OldTimer to your Desktop.
  • Close all windows and double click OTL.exe.
  • Click Run Scan and let the program run uninterrupted.
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.

c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#4 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 12 January 2010 - 10:03 PM

Hi Nimrod001, and Welcome to SWI.

Download OTL.exe by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe.
  • Click Run Scan and let the program run uninterrupted.
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.



Thanks for the welcome! I've actually been here before with a nasty virus problem *hangs head in shame* you guys did such a great job I'm back (and will donate again too).
These actually posted in eight - count 'em eight - notepads, nothing saved to the desktop. I'm not sure if perhaps it duplicated itself? I will post each. I'll probably be using a few posts to get it all in. Notepad #1 (listed as an OTL.tx:
OTL logfile created on: 1/12/2010 7:31:09 PM - Run 1
OTL by OldTimer - Version 3.1.24.0 Folder = C:\Users\John\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 83.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 227.88 Gb Total Space | 175.59 Gb Free Space | 77.05% Space Free | Partition Type: NTFS
Drive D: | 227.88 Gb Total Space | 227.55 Gb Free Space | 99.85% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JOHN-PC
Current User Name: John
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/01/12 19:30:31 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Users\John\Downloads\OTL.exe
PRC - [2009/11/07 21:15:50 | 00,788,368 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/11/07 21:15:49 | 01,179,232 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/10/29 06:54:44 | 01,218,008 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
PRC - [2009/10/27 11:19:46 | 00,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MPF\MpfSrv.exe
PRC - [2009/09/22 23:55:40 | 00,707,704 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWWSC.exe
PRC - [2009/07/09 23:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe


========== Modules (SafeList) ==========

MOD - [2010/01/12 19:30:31 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Users\John\Downloads\OTL.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/09/24 17:26:26 | 01,142,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/09/16 10:23:32 | 00,696,848 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2009/09/16 09:15:32 | 00,155,456 | ---- | M] (McAfee, Inc.) [Unknown | Stopped] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV:64bit: - [2009/04/10 23:11:13 | 00,053,760 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (BthServ)
SRV:64bit: - [2008/06/11 11:18:30 | 00,024,576 | ---- | M] () [Auto | Stopped] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/01/20 18:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/10/17 07:37:22 | 00,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2009/11/07 21:15:49 | 01,179,232 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/10/27 11:19:46 | 00,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/09/16 08:28:38 | 00,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/07/09 23:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/07/08 10:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 18:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/05/21 20:21:18 | 00,248,832 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009/03/29 20:39:54 | 00,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2008/07/20 17:45:06 | 00,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/05/05 14:25:46 | 00,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/03/25 20:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) [Auto | Stopped] -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008/03/25 20:23:58 | 00,894,976 | ---- | M] (Hewlett-Packard Co.) [Auto | Stopped] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2007/02/12 00:43:44 | 00,065,536 | ---- | M] (O2Micro International) [Auto | Stopped] -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2006/11/02 05:34:14 | 00,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/01 22:35:15 | 00,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/01 22:35:15 | 00,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2009/09/23 04:55:23 | 00,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\Lbd.sys -- (Lbd)
DRV:64bit: - [2009/09/16 09:22:40 | 00,308,296 | ---- | M] (McAfee, Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009/09/16 09:22:40 | 00,102,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2009/09/16 09:22:40 | 00,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2009/09/16 09:15:38 | 00,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2009/07/16 11:32:26 | 00,176,144 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\Mpfp.sys -- (MPFP)
DRV:64bit: - [2008/07/28 19:44:20 | 00,314,880 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2008/07/20 17:44:54 | 00,402,456 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/07/15 00:39:24 | 00,062,296 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2mdx64.sys -- (O2MDRDR)
DRV:64bit: - [2008/07/10 18:29:08 | 07,912,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/07/10 01:52:38 | 00,325,680 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/06/29 13:52:44 | 00,126,976 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2008/06/26 16:24:20 | 00,020,520 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:64bit: - [2008/06/11 17:29:30 | 00,051,800 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2sdx64.sys -- (O2SDRDR)
DRV:64bit: - [2008/04/29 00:00:00 | 00,392,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/04/28 18:10:55 | 00,276,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHport.sys -- (BTHPORT)
DRV:64bit: - [2008/04/28 18:10:51 | 00,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHUSB.sys -- (BTHUSB)
DRV:64bit: - [2008/04/27 14:38:12 | 04,730,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel®
DRV:64bit: - [2008/01/20 18:47:27 | 00,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo)
DRV:64bit: - [2008/01/20 18:47:25 | 00,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 18:47:03 | 00,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\BthEnum.sys -- (BthEnum)
DRV:64bit: - [2008/01/20 18:47:02 | 00,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
DRV:64bit: - [2008/01/20 18:46:57 | 00,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008/01/20 18:46:55 | 00,111,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2008/01/20 18:46:52 | 00,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV:64bit: - [2008/01/20 18:46:51 | 00,017,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2007/10/31 10:22:50 | 01,481,216 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2007/10/31 10:19:46 | 00,293,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2007/10/31 10:18:32 | 00,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2007/10/17 07:37:10 | 00,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2006/11/01 21:28:10 | 00,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2006/06/18 06:27:24 | 00,017,024 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - [2008/06/11 11:13:24 | 00,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)
DRV - [2006/09/18 13:36:40 | 00,003,066 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006/09/18 13:35:23 | 00,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2006/06/18 06:26:50 | 00,094,208 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\mdmxsdk.dll -- (mdmxsdk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gate...&m=md7818u&c=BB
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...&m=md7818u&c=BB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gate...&m=md7818u&c=BB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...&m=md7818u&c=BB

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gate...&m=md7818u&c=BB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...&m=md7818u&c=BB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.msn.com"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546


FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/09/29 18:53:25 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/01/12 19:26:03 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/01/12 19:26:03 | 00,000,000 | ---D | M]

[2009/05/18 19:02:23 | 00,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mozilla\Extensions
[2010/01/11 22:28:25 | 00,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\3w94jkea.default\extensions
[2009/11/03 16:23:16 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\3w94jkea.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/05/29 19:15:36 | 00,001,703 | ---- | M] () -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\3w94jkea.default\searchplugins\live-search.xml
[2010/01/11 22:28:24 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions

O1 HOSTS File: (761 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Gateway\traybar.exe (Chicony)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: 25 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/03 00:52:36 | 00,000,000 | -HSD | C] -- C:\found.002
[2010/01/02 23:17:39 | 00,000,000 | ---D | C] -- C:\Users\John\Desktop\Includes
[2010/01/02 20:29:41 | 00,000,000 | -HSD | C] -- C:\found.001
[2010/01/01 06:45:44 | 00,000,000 | -HSD | C] -- C:\found.000

========== Files - Modified Within 30 Days ==========

[2010/01/12 19:32:45 | 02,097,152 | -HS- | M] () -- C:\Users\John\ntuser.dat
[2010/01/12 19:22:34 | 00,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010/01/12 19:22:33 | 00,007,749 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2010/01/12 19:22:02 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/01/12 00:27:10 | 00,524,288 | -HS- | M] () -- C:\Users\John\ntuser.dat{dcf0be2f-ff40-11de-939f-00238b5e8e70}.TMContainer00000000000000000001.regtrans-ms
[2010/01/12 00:27:10 | 00,065,536 | -HS- | M] () -- C:\Users\John\ntuser.dat{dcf0be2f-ff40-11de-939f-00238b5e8e70}.TM.blf
[2010/01/11 22:08:46 | 00,524,288 | -HS- | M] () -- C:\Users\John\ntuser.dat{dcf0be2f-ff40-11de-939f-00238b5e8e70}.TMContainer00000000000000000002.regtrans-ms
[2010/01/11 22:08:41 | 00,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/11 22:08:41 | 00,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/11 22:08:38 | 00,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2010/01/11 22:08:36 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/01/03 20:48:32 | 00,524,288 | -HS- | M] () -- C:\Users\John\ntuser.dat{467b2c48-f843-11de-ba3e-00238b5e8e70}.TMContainer00000000000000000001.regtrans-ms
[2010/01/03 20:48:32 | 00,065,536 | -HS- | M] () -- C:\Users\John\ntuser.dat{467b2c48-f843-11de-ba3e-00238b5e8e70}.TM.blf
[2010/01/03 01:10:05 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/01/03 00:38:22 | 00,524,288 | -HS- | M] () -- C:\Users\John\ntuser.dat{467b2c48-f843-11de-ba3e-00238b5e8e70}.TMContainer00000000000000000002.regtrans-ms
[2010/01/02 23:14:03 | 00,524,288 | -HS- | M] () -- C:\Users\John\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2010/01/02 23:14:03 | 00,065,536 | -HS- | M] () -- C:\Users\John\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2009/12/31 12:55:27 | 00,595,684 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/12/31 12:55:20 | 00,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/12/31 12:55:20 | 00,101,350 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

========== Files Created - No Company Name ==========

[2010/01/11 22:17:57 | 00,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010/01/11 22:08:46 | 00,524,288 | -HS- | C] () -- C:\Users\John\ntuser.dat{dcf0be2f-ff40-11de-939f-00238b5e8e70}.TMContainer00000000000000000002.regtrans-ms
[2010/01/11 22:08:46 | 00,524,288 | -HS- | C] () -- C:\Users\John\ntuser.dat{dcf0be2f-ff40-11de-939f-00238b5e8e70}.TMContainer00000000000000000001.regtrans-ms
[2010/01/11 22:08:46 | 00,065,536 | -HS- | C] () -- C:\Users\John\ntuser.dat{dcf0be2f-ff40-11de-939f-00238b5e8e70}.TM.blf
[2010/01/03 00:38:22 | 00,524,288 | -HS- | C] () -- C:\Users\John\ntuser.dat{467b2c48-f843-11de-ba3e-00238b5e8e70}.TMContainer00000000000000000002.regtrans-ms
[2010/01/03 00:38:22 | 00,524,288 | -HS- | C] () -- C:\Users\John\ntuser.dat{467b2c48-f843-11de-ba3e-00238b5e8e70}.TMContainer00000000000000000001.regtrans-ms
[2010/01/03 00:38:22 | 00,065,536 | -HS- | C] () -- C:\Users\John\ntuser.dat{467b2c48-f843-11de-ba3e-00238b5e8e70}.TM.blf
[2009/12/03 15:46:02 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/12/03 15:45:10 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/09/29 20:37:54 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/09/29 18:46:09 | 00,002,783 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009/05/16 21:59:36 | 00,026,311 | ---- | C] () -- C:\Users\John\AppData\Roaming\UserTile.png
[2009/05/16 21:47:23 | 00,003,584 | ---- | C] () -- C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/16 20:27:33 | 00,005,115 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2008/01/20 18:50:05 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2003/01/07 14:05:08 | 00,002,695 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5C321E34
< End of report >
SRV:64bit: - [2009/09/24 17:26:26 | 01,142,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/09/16 10:23:32 | 00,696,848 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2009/09/16 09:15:32 | 00,155,456 | ---- | M] (McAfee, Inc.) [Unknown | Stopped] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV:64bit: - [2009/04/10 23:11:13 | 00,053,760 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (BthServ)
SRV:64bit: - [2008/06/11 11:18:30 | 00,024,576 | ---- | M] () [Auto | Stopped] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/01/20 18:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/10/17 07:37:22 | 00,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2009/11/07 21:15:49 | 01,179,232 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/10/27 11:19:46 | 00,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/09/16 08:28:38 | 00,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/07/09 23:26:20 | 00,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/07/08 10:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 18:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/05/21 20:21:18 | 00,248,832 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009/03/29 20:39:54 | 00,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2008/07/20 17:45:06 | 00,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/05/05 14:25:46 | 00,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/03/25 20:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) [Auto | Stopped] -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008/03/25 20:23:58 | 00,894,976 | ---- | M] (Hewlett-Packard Co.) [Auto | Stopped] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2007/02/12 00:43:44 | 00,065,536 | ---- | M] (O2Micro International) [Auto | Stopped] -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2006/11/02 05:34:14 | 00,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/01 22:35:15 | 00,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/01 22:35:15 | 00,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2009/09/23 04:55:23 | 00,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\Lbd.sys -- (Lbd)
DRV:64bit: - [2009/09/16 09:22:40 | 00,308,296 | ---- | M] (McAfee, Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009/09/16 09:22:40 | 00,102,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2009/09/16 09:22:40 | 00,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2009/09/16 09:15:38 | 00,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2009/07/16 11:32:26 | 00,176,144 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\Mpfp.sys -- (MPFP)
DRV:64bit: - [2008/07/28 19:44:20 | 00,314,880 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2008/07/20 17:44:54 | 00,402,456 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/07/15 00:39:24 | 00,062,296 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2mdx64.sys -- (O2MDRDR)
DRV:64bit: - [2008/07/10 18:29:08 | 07,912,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/07/10 01:52:38 | 00,325,680 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/06/29 13:52:44 | 00,126,976 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2008/06/26 16:24:20 | 00,020,520 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:64bit: - [2008/06/11 17:29:30 | 00,051,800 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2sdx64.sys -- (O2SDRDR)
DRV:64bit: - [2008/04/29 00:00:00 | 00,392,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/04/28 18:10:55 | 00,276,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHport.sys -- (BTHPORT)
DRV:64bit: - [2008/04/28 18:10:51 | 00,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHUSB.sys -- (BTHUSB)
DRV:64bit: - [2008/04/27 14:38:12 | 04,730,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel®
DRV:64bit: - [2008/01/20 18:47:27 | 00,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo)
DRV:64bit: - [2008/01/20 18:47:25 | 00,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 18:47:03 | 00,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\BthEnum.sys -- (BthEnum)
DRV:64bit: - [2008/01/20 18:47:02 | 00,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
DRV:64bit: - [2008/01/20 18:46:57 | 00,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008/01/20 18:46:55 | 00,111,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2008/01/20 18:46:52 | 00,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV:64bit: - [2008/01/20 18:46:51 | 00,017,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2007/10/31 10:22:50 | 01,481,216 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2007/10/31 10:19:46 | 00,293,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2007/10/31 10:18:32 | 00,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2007/10/17 07:37:10 | 00,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2006/11/01 21:28:10 | 00,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2006/06/18 06:27:24 | 00,017,024 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - [2008/06/11 11:13:24 | 00,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)
DRV - [2006/09/18 13:36:40 | 00,003,066 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006/09/18 13:35:23 | 00,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2006/06/18 06:26:50 | 00,094,208 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\mdmxsdk.dll -- (mdmxsdk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gate...&m=md7818u&c=BB
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...&m=md7818u&c=BB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gate...&m=md7818u&c=BB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...&m=md7818u&c=BB

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gate...&m=md7818u&c=BB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...&m=md7818u&c=BB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.msn.com"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546


FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/09/29 18:53:25 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/01/12 19:26:03 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.17\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/01/12 19:26:03 | 00,000,000 | ---D | M]

[2009/05/18 19:02:23 | 00,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mozilla\Extensions
[2010/01/11 22:28:25 | 00,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\3w94jkea.default\extensions
[2009/11/03 16:23:16 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\3w94jkea.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/05/29 19:15:36 | 00,001,703 | ---- | M] () -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\3w94jkea.default\searchplugins\live-search.xml
[2010/01/11 22:28:24 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions

O1 HOSTS File: (761 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Gateway\traybar.exe (Chicony)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: 25 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/03 00:52:36 | 00,000,000 | -HSD | C] -- C:\found.002
[2010/01/02 23:17:39 | 00,000,000 | ---D | C] -- C:\Users\John\Desktop\Includes
[2010/01/02 20:29:41 | 00,000,000 | -HSD | C] -- C:\found.001
[2010/01/01 06:45:44 | 00,000,000 | -HSD | C] -- C:\found.000

========== Files - Modified Within 30 Days ==========

[2010/01/12 19:32:45 | 02,097,152 | -HS- | M] () -- C:\Users\John\ntuser.dat
[2010/01/12 19:22:34 | 00,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010/01/12 19:22:33 | 00,007,749 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2010/01/12 19:22:02 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/01/12 00:27:10 | 00,524,288 | -HS- | M] () -- C:\Users\John\ntuser.dat{dcf0be2f-ff40-11de-939f-00238b5e8e70}.TMContainer00000000000000000001.regtrans-ms
[2010/01/12 00:27:10 | 00,065,536 | -HS- | M] () -- C:\Users\John\ntuser.dat{dcf0be2f-ff40-11de-939f-00238b5e8e70}.TM.blf
[2010/01/11 22:08:46 | 00,524,288 | -HS- | M] () -- C:\Users\John\ntuser.dat{dcf0be2f-ff40-11de-939f-00238b5e8e70}.TMContainer00000000000000000002.regtrans-ms
[2010/01/11 22:08:41 | 00,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/11 22:08:41 | 00,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/11 22:08:38 | 00,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2010/01/11 22:08:36 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/01/03 20:48:32 | 00,524,288 | -HS- | M] () -- C:\Users\John\ntuser.dat{467b2c48-f843-11de-ba3e-00238b5e8e70}.TMContainer00000000000000000001.regtrans-ms
[2010/01/03 20:48:32 | 00,065,536 | -HS- | M] () -- C:\Users\John\ntuser.dat{467b2c48-f843-11de-ba3e-00238b5e8e70}.TM.blf
[2010/01/03 01:10:05 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/01/03 00:38:22 | 00,524,288 | -HS- | M] () -- C:\Users\John\ntuser.dat{467b2c48-f843-11de-ba3e-00238b5e8e70}.TMContainer00000000000000000002.regtrans-ms
[2010/01/02 23:14:03 | 00,524,288 | -HS- | M] () -- C:\Users\John\

#5 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 13 January 2010 - 11:29 AM

Hi again Nimrod001!.. :).

Logs look clean to me... We'll just remove a few leftovers, empty temp folders and run an online scan... Let me know if your problem persists after performing the steps below:

Please run OTL.exe.
  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :OTL
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
    O4 - HKLM..\Run: [eRecoveryService] File not found
    O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
    :Commands
    [EmptyTemp]

  • Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Let's run an Eset's online scanner as well:

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer (32 bit version - Start --> All programs --> Internet Explorer) for this scan. Internet Explorer must be run as administrator - right click and choose: Run as administrator.
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan
    Wait for the scan to finish
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic

c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#6 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 14 January 2010 - 12:18 AM

I ran the OTL as instructed, but failed in posting the log as I hit the restart prompt before posting. #%^##

I was more successful with the ESET log:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=7f5c69bab8f31440ad080700686052de
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-01-14 06:01:56
# local_time=2010-01-13 10:01:56 (-0800, Pacific Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5121 16776574 100 82 3841081 16280246 0 0
# compatibility_mode=5892 16776573 100 56 21158 100045828 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=141395
# found=0
# cleaned=0
# scan_time=1794

I'm doing a restart now and will repost when I know whether I can run outside of Safe Mode.

#7 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 14 January 2010 - 12:24 AM

I ran the OTL as instructed, but failed in posting the log as I hit the restart prompt before posting. #%^##

I was more successful with the ESET log:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=7f5c69bab8f31440ad080700686052de
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-01-14 06:01:56
# local_time=2010-01-13 10:01:56 (-0800, Pacific Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5121 16776574 100 82 3841081 16280246 0 0
# compatibility_mode=5892 16776573 100 56 21158 100045828 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=141395
# found=0
# cleaned=0
# scan_time=1794

I'm doing a restart now and will repost when I know whether I can run outside of Safe Mode.



#8 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 14 January 2010 - 12:25 AM

When it restarted a notepad popped up that appears to be the OTL log. I'm posting it fast in case I get the 3 minute freeze:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\eRecoveryService deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: John
->Temp folder emptied: 299236624 bytes
->Temporary Internet Files folder emptied: 37343237 bytes
->Java cache emptied: 25594576 bytes
->FireFox cache emptied: 61420179 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 97218503 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 12384 bytes

Total Files Cleaned = 497.00 mb


OTL by OldTimer - Version 3.1.24.0 log created on 01132010_212152

Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\mcafee_bPKwLLJMabWPt9u not found!
File\Folder C:\Windows\temp\mcafee_u9cZfAXpWv50LmU not found!
File\Folder C:\Windows\temp\mcmsc_La6CRtbex6eCfzx not found!
File\Folder C:\Windows\temp\mcmsc_n5QLT5juq6aKIZT not found!

Registry entries deleted on Reboot...

#9 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 14 January 2010 - 12:35 AM

Nope, still gets all jammed up. Does it make a difference to know that the screen becomes pale, as though the page you're looking at is in the background, and the timer pops up and appears to be in search mode?

#10 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 14 January 2010 - 05:32 AM

Hi again and thank you for the fix logfile and Eset's scanner results... :)..

Nope, still gets all jammed up. Does it make a difference to know that the screen becomes pale, as though the page you're looking at is in the background, and the timer pops up and appears to be in search mode?

HHmmm, what kind of timer??.. :think: Are you able to provide a screenshot or a photo of that situation??..
When your laptop freezes you can do nothing but reboot the computer??..

Let's check if the same situation happens in the Safe Mode... Please boot into Safe Mode as instructed here: How to Boot to the Advanced Boot Options in Vista
Does it also freeze in the Safe Mode??..
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#11 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 14 January 2010 - 03:03 PM

Hi again and thank you for the fix logfile and Eset's scanner results... :)..


Nope, still gets all jammed up. Does it make a difference to know that the screen becomes pale, as though the page you're looking at is in the background, and the timer pops up and appears to be in search mode?

HHmmm, what kind of timer??.. :think: Are you able to provide a screenshot or a photo of that situation??..
When your laptop freezes you can do nothing but reboot the computer??..

Let's check if the same situation happens in the Safe Mode... Please boot into Safe Mode as instructed here: How to Boot to the Advanced Boot Options in Vista
Does it also freeze in the Safe Mode??..


All that's been done has been done in Safe Mode....otherwise, the computer freezes up w/in 3 minutes, making it impossible to download or run the programs you're asking for. The timer I'm referring to is the little icon that pops up indicating the computer is working -- such as opening an internet page. You know what I mean, right? However, I assume this is a Vista feature, instead of a timer it's illustrated by a blue ring. Does that make sense? I'm certain I can't do a screen shot, the laptop is completely frozen up, I'm unable to do anything but a hard shut down. Oddly though, the timer (blue circle) continues to move in a circle, indicating it's searching.

#12 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 14 January 2010 - 04:42 PM

Hi again!.. :).

The timer I'm referring to is the little icon that pops up indicating the computer is working -- such as opening an internet page. You know what I mean, right? However, I assume this is a Vista feature, instead of a timer it's illustrated by a blue ring. Does that make sense?

Yep, loud and clear now... :D..

This looks like either a software conflict or a driver issue to me...

McAfee may be a culprit here... We've seen many cases in the past where it was causing severe problems with computers: What's up with McAfee lately?
I'd like to ask you to uninstall McAfee temporarily and see if the problem is resolved - provided that you'll be able to install McAfee back without losing a subscription if it's not a culprit here...
Let me know if it helps... If not, we'll look into other possibilities... ;)..
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#13 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 15 January 2010 - 03:04 AM

Hi again!.. :).


The timer I'm referring to is the little icon that pops up indicating the computer is working -- such as opening an internet page. You know what I mean, right? However, I assume this is a Vista feature, instead of a timer it's illustrated by a blue ring. Does that make sense?

Yep, loud and clear now... :D..

This looks like either a software conflict or a driver issue to me...

McAfee may be a culprit here... We've seen many cases in the past where it was causing severe problems with computers: What's up with McAfee lately?
I'd like to ask you to uninstall McAfee temporarily and see if the problem is resolved - provided that you'll be able to install McAfee back without losing a subscription if it's not a culprit here...
Let me know if it helps... If not, we'll look into other possibilities... ;)..


Uninstalling didn't help. Rebooted after uninstalling and I got that same frozen computer after that same 3 minute period.

This problem started immediately after installing a mouse (the laptop hadn't had one previously), I can't remember the name of the mouse off the top of my head, but it's in my original post.

#14 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 15 January 2010 - 04:46 AM

Hi again!.. :).

Ok, we'll look for any remnants of that mouse in the registry (the previous OTL log did not show any of them)...

Please do the following:
Please run OTL.exe.
  • Check Processes, Modules, Standard registry, Extra registry, Files created within and Files modified within to None
  • Check Services and Drivers to All
  • Copy the commands below to the clipboard by highlighting it and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    logitech /RS

  • Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  • Click the blue Run Scan button.
  • A scan may take a while...
  • A log in Notepad will appear. Copy the contents of the log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe

c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#15 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 17 January 2010 - 01:06 PM

Hi again!.. :).

Ok, we'll look for any remnants of that mouse in the registry (the previous OTL log did not show any of them)...

Please do the following:
Please run OTL.exe.

  • Check Processes, Modules, Standard registry, Extra registry, Files created within and Files modified within to None
  • Check Services and Drivers to All
  • Copy the commands below to the clipboard by highlighting it and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    logitech /RS

  • Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  • Click the blue Run Scan button.
  • A scan may take a while...
  • A log in Notepad will appear. Copy the contents of the log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe


Hi again ~
I inadvertantly checked "all" instead of "use safelist" in the standard registry section, so I imagine you'll be looking through more than you wanted to, sorry about that. Here are the results:

OTl Notepad:

OTL logfile created on: 1/17/2010 10:55:35 AM - Run 3
OTL by OldTimer - Version 3.1.24.0 Folder = C:\Users\John\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 82.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 93.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 227.88 Gb Total Space | 176.25 Gb Free Space | 77.34% Space Free | Partition Type: NTFS
Drive D: | 227.88 Gb Total Space | 227.55 Gb Free Space | 99.85% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JOHN-PC
Current User Name: John
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/01/12 19:30:31 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Users\John\Downloads\OTL.exe
PRC - [2010/01/12 19:26:01 | 00,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/11/07 21:15:50 | 00,788,368 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/11/07 21:15:49 | 01,179,232 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/09/22 23:55:40 | 00,707,704 | ---- | M] () -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWWSC.exe


========== Modules (SafeList) ==========

MOD - [2010/01/12 19:30:31 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Users\John\Downloads\OTL.exe


========== Win32 Services (All) ==========

SRV:64bit: - [2009/09/30 16:51:40 | 00,107,008 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wpdbusenum.dll -- (WPDBusEnum)
SRV:64bit: - [2009/09/24 17:26:26 | 01,142,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/08/06 18:24:17 | 02,424,024 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2009/07/11 11:11:20 | 00,615,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2009/06/15 05:15:02 | 00,011,264 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/06/15 05:15:02 | 00,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
SRV:64bit: - [2009/06/15 05:15:02 | 00,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (Netlogon)
SRV:64bit: - [2009/06/15 05:15:02 | 00,011,264 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/06/10 03:53:17 | 00,203,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
SRV:64bit: - [2009/04/10 23:11:31 | 01,092,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM)
SRV:64bit: - [2009/04/10 23:11:31 | 00,074,752 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2009/04/10 23:11:29 | 00,221,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2009/04/10 23:11:28 | 01,491,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (Eventlog)
SRV:64bit: - [2009/04/10 23:11:28 | 00,581,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc)
SRV:64bit: - [2009/04/10 23:11:28 | 00,572,416 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2009/04/10 23:11:28 | 00,218,624 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\webclnt.dll -- (WebClient)
SRV:64bit: - [2009/04/10 23:11:27 | 00,372,736 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\w32time.dll -- (W32Time)
SRV:64bit: - [2009/04/10 23:11:27 | 00,313,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2009/04/10 23:11:27 | 00,032,768 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\uxsms.dll -- (UxSms)
SRV:64bit: - [2009/04/10 23:11:26 | 00,886,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sysmain.dll -- (SysMain)
SRV:64bit: - [2009/04/10 23:11:26 | 00,547,328 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\termsrv.dll -- (TermService)
SRV:64bit: - [2009/04/10 23:11:26 | 00,480,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/04/10 23:11:26 | 00,318,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/04/10 23:11:25 | 00,176,640 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2009/04/10 23:11:24 | 00,301,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\shsvcs.dll -- (Themes)
SRV:64bit: - [2009/04/10 23:11:24 | 00,301,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV:64bit: - [2009/04/10 23:11:24 | 00,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SLUINotify.dll -- (SLUINotify)
SRV:64bit: - [2009/04/10 23:11:23 | 00,843,776 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2009/04/10 23:11:23 | 00,719,872 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2009/04/10 23:11:23 | 00,719,872 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2009/04/10 23:11:23 | 00,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:64bit: - [2009/04/10 23:11:23 | 00,147,968 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\SCardSvr.dll -- (SCardSvr)
SRV:64bit: - [2009/04/10 23:11:22 | 01,081,856 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2009/04/10 23:11:22 | 00,409,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qagentRT.dll -- (napagent)
SRV:64bit: - [2009/04/10 23:11:22 | 00,309,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2009/04/10 23:11:22 | 00,178,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2009/04/10 23:11:20 | 00,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/04/10 23:11:20 | 00,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/04/10 23:11:20 | 00,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (p2psvc)
SRV:64bit: - [2009/04/10 23:11:20 | 00,836,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/04/10 23:11:15 | 00,719,360 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\gpsvc.dll -- (gpsvc)
SRV:64bit: - [2009/04/10 23:11:15 | 00,603,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mpssvc.dll -- (MpsSvc)
SRV:64bit: - [2009/04/10 23:11:15 | 00,533,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\ipsecsvc.dll -- (PolicyAgent)
SRV:64bit: - [2009/04/10 23:11:15 | 00,454,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\ikeext.dll -- (IKEEXT)
SRV:64bit: - [2009/04/10 23:11:15 | 00,223,744 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\iphlpsvc.dll -- (iphlpsvc)
SRV:64bit: - [2009/04/10 23:11:15 | 00,024,064 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/04/10 23:11:14 | 00,399,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\emdmgmt.dll -- (EMDMgmt)
SRV:64bit: - [2009/04/10 23:11:14 | 00,361,984 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV:64bit: - [2009/04/10 23:11:14 | 00,268,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcsvc.dll -- (Dhcp)
SRV:64bit: - [2009/04/10 23:11:14 | 00,208,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/04/10 23:11:14 | 00,166,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2009/04/10 23:11:14 | 00,117,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/04/10 23:11:13 | 00,458,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bfe.dll -- (BFE)
SRV:64bit: - [2009/04/10 23:11:13 | 00,446,464 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\Audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2009/04/10 23:11:13 | 00,446,464 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\Audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2009/04/10 23:11:13 | 00,053,760 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (BthServ)
SRV:64bit: - [2009/04/10 23:11:13 | 00,049,664 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\certprop.dll -- (SCPolicySvc)
SRV:64bit: - [2009/04/10 23:11:13 | 00,049,664 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\certprop.dll -- (CertPropSvc)
SRV:64bit: - [2009/04/10 23:11:10 | 00,209,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV:64bit: - [2009/04/10 23:11:03 | 01,433,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vssvc.exe -- (VSS)
SRV:64bit: - [2009/04/10 23:11:00 | 00,454,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vds.exe -- (vds)
SRV:64bit: - [2009/04/10 23:10:56 | 00,268,288 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2009/04/10 23:10:50 | 00,597,504 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\SearchIndexer.exe -- (WSearch)
SRV:64bit: - [2009/04/10 23:10:35 | 02,582,016 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\SLsvc.exe -- (slsvc)
SRV:64bit: - [2009/04/10 23:10:29 | 00,125,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/04/10 23:10:08 | 03,433,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DFSR.exe -- (DFSR)
SRV:64bit: - [2008/07/18 12:15:18 | 00,089,600 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Windows\SysNative\HPZipm12.dll -- (Pml Driver HPZ12)
SRV:64bit: - [2008/07/18 12:15:16 | 00,071,680 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Windows\SysNative\HPZinw12.dll -- (Net Driver HPZ12)
SRV:64bit: - [2008/06/11 11:18:30 | 00,024,576 | ---- | M] () [Auto | Stopped] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/01/20 18:52:15 | 01,216,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:64bit: - [2008/01/20 18:52:00 | 00,173,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpcsvc.dll -- (WPCSvc)
SRV:64bit: - [2008/01/20 18:51:33 | 00,067,072 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:64bit: - [2008/01/20 18:51:19 | 00,141,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sstpsvc.dll -- (SstpSvc)
SRV:64bit: - [2008/01/20 18:51:16 | 00,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\UI0Detect.exe -- (UI0Detect)
SRV:64bit: - [2008/01/20 18:51:03 | 00,117,248 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\trkwks.dll -- (TrkWks)
SRV:64bit: - [2008/01/20 18:51:01 | 00,344,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\upnphost.dll -- (upnphost)
SRV:64bit: - [2008/01/20 18:50:59 | 01,373,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pla.dll -- (pla)
SRV:64bit: - [2008/01/20 18:50:34 | 00,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\iscsiexe.dll -- (MSiSCSI)
SRV:64bit: - [2008/01/20 18:50:27 | 00,206,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2008/01/20 18:50:17 | 00,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2008/01/20 18:50:14 | 00,296,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lltdsvc.dll -- (lltdsvc)
SRV:64bit: - [2008/01/20 18:50:09 | 00,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WUDFSvc.dll -- (wudfsvc)
SRV:64bit: - [2008/01/20 18:50:06 | 00,024,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lmhsvc.dll -- (lmhosts)
SRV:64bit: - [2008/01/20 18:49:59 | 00,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sessenv.dll -- (SessionEnv)
SRV:64bit: - [2008/01/20 18:49:56 | 00,037,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (THREADORDER)
SRV:64bit: - [2008/01/20 18:49:56 | 00,037,888 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2008/01/20 18:49:46 | 00,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ssdpsrv.dll -- (SSDPSRV)
SRV:64bit: - [2008/01/20 18:49:42 | 00,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2008/01/20 18:49:33 | 00,061,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sens.dll -- (SENS)
SRV:64bit: - [2008/01/20 18:49:15 | 00,081,920 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\wdi.dll -- (WdiSystemHost)
SRV:64bit: - [2008/01/20 18:49:15 | 00,081,920 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\wdi.dll -- (WdiServiceHost)
SRV:64bit: - [2008/01/20 18:49:11 | 00,103,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2008/01/20 18:49:09 | 00,139,264 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\dps.dll -- (DPS)
SRV:64bit: - [2008/01/20 18:49:09 | 00,028,672 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2008/01/20 18:49:04 | 00,086,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\kmsvc.dll -- (hkmsvc)
SRV:64bit: - [2008/01/20 18:49:02 | 00,120,832 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\WerSvc.dll -- (WerSvc)
SRV:64bit: - [2008/01/20 18:49:02 | 00,065,536 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\tbssvc.dll -- (TBS)
SRV:64bit: - [2008/01/20 18:48:40 | 00,304,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV:64bit: - [2008/01/20 18:48:39 | 00,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wecsvc.dll -- (Wecsvc)
SRV:64bit: - [2008/01/20 18:48:29 | 00,015,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fdPHost.dll -- (fdPHost)
SRV:64bit: - [2008/01/20 18:48:26 | 00,088,064 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:64bit: - [2008/01/20 18:48:24 | 00,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2008/01/20 18:48:21 | 00,093,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipbusenum.dll -- (IPBusEnum)
SRV:64bit: - [2008/01/20 18:48:19 | 00,395,264 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\msdtckrm.dll -- (KtmRm)
SRV:64bit: - [2008/01/20 18:48:19 | 00,106,496 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\msdtc.exe -- (MSDTC)
SRV:64bit: - [2008/01/20 18:48:17 | 00,045,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2008/01/20 18:48:16 | 00,080,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2008/01/20 18:48:10 | 00,348,160 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2008/01/20 18:48:03 | 00,342,016 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2008/01/20 18:47:55 | 00,079,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\pcasvc.dll -- (PcaSvc)
SRV:64bit: - [2008/01/20 18:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2008/01/20 18:47:30 | 00,284,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qwave.dll -- (QWAVE)
SRV:64bit: - [2008/01/20 18:47:28 | 00,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SDRSVC.dll -- (SDRSVC)
SRV:64bit: - [2007/10/17 07:37:22 | 00,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV:64bit: - [2006/11/02 07:03:19 | 00,084,992 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\TabSvc.dll -- (TabletInputService)
SRV:64bit: - [2006/11/02 03:19:10 | 00,085,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wercplsupport.dll -- (wercplsupport)
SRV:64bit: - [2006/11/02 03:19:10 | 00,039,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WcsPlugInService.dll -- (WcsPlugInService)
SRV:64bit: - [2006/11/02 03:17:22 | 00,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fdrespub.dll -- (FDResPub)
SRV:64bit: - [2006/11/02 03:16:28 | 00,026,624 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2006/11/02 03:16:12 | 00,014,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\snmptrap.exe -- (SNMPTRAP)
SRV:64bit: - [2006/11/02 03:15:56 | 00,008,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\locator.exe -- (RpcLocator)
SRV:64bit: - [2006/11/02 03:15:49 | 00,008,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dllhost.exe -- (COMSysApp)
SRV - [2009/11/07 21:15:49 | 01,179,232 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/08/24 03:36:45 | 00,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009/05/21 20:21:18 | 00,248,832 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009/04/10 23:10:58 | 00,042,496 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2009/04/10 22:28:26 | 00,747,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM) Windows Remote Management (WS-Management)
SRV - [2009/04/10 22:28:25 | 00,413,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wcncsvc.dll -- (wcncsvc)
SRV - [2009/04/10 22:28:25 | 00,199,680 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient)
SRV - [2009/04/10 22:28:25 | 00,140,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc)
SRV - [2009/04/10 22:28:24 | 00,247,296 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\shsvcs.dll -- (Themes)
SRV - [2009/04/10 22:28:24 | 00,247,296 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/04/10 22:28:24 | 00,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV - [2009/04/10 22:28:24 | 00,095,232 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysWOW64\SCardSvr.dll -- (SCardSvr)
SRV - [2009/04/10 22:28:23 | 00,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (PNRPsvc)
SRV - [2009/04/10 22:28:23 | 00,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (PNRPAutoReg)
SRV - [2009/04/10 22:28:23 | 00,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (p2psvc)
SRV - [2009/04/10 22:28:23 | 00,644,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\p2psvc.dll -- (p2pimsvc)
SRV - [2009/04/10 22:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\netlogon.dll -- (Netlogon)
SRV - [2009/04/10 22:28:19 | 00,268,800 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV - [2009/04/10 22:28:19 | 00,026,112 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV - [2009/04/10 22:28:18 | 00,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/10 22:28:18 | 00,129,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV - [2009/04/10 22:27:59 | 00,441,344 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWow64\SearchIndexer.exe -- (WSearch)
SRV - [2009/04/10 22:27:45 | 00,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV - [2009/03/29 20:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/29 20:39:54 | 00,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009/02/18 10:40:04 | 00,042,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2009/02/18 10:39:11 | 00,857,432 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/07/20 17:45:06 | 00,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/05/05 14:25:46 | 00,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/03/25 20:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) [Auto | Stopped] -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008/03/25 20:23:58 | 00,894,976 | ---- | M] (Hewlett-Packard Co.) [Auto | Stopped] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2008/01/20 18:51:36 | 00,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2008/01/20 18:51:36 | 00,153,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2008/01/20 18:51:00 | 00,019,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
SRV - [2008/01/20 18:50:38 | 00,084,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
SRV - [2008/01/20 18:50:07 | 00,047,104 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\Sens.dll -- (SENS)
SRV - [2008/01/20 18:50:01 | 00,073,728 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost)
SRV - [2008/01/20 18:50:01 | 00,073,728 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost)
SRV - [2008/01/20 18:49:21 | 00,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV - [2008/01/20 18:49:09 | 00,068,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2008/01/20 18:48:26 | 00,259,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
SRV - [2008/01/20 18:48:23 | 01,502,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\pla.dll -- (pla)
SRV - [2008/01/20 18:47:35 | 00,243,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE)
SRV - [2007/02/12 00:43:44 | 00,065,536 | ---- | M] (O2Micro International) [Auto | Stopped] -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2006/11/02 07:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/11/02 05:34:14 | 00,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/02 01:46:13 | 00,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2006/11/02 01:46:05 | 00,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV - [2006/11/02 01:45:02 | 00,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\dllhost.exe -- (COMSysApp)
SRV - [2006/11/01 22:35:15 | 00,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/01 22:35:15 | 00,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (All) ==========

DRV:64bit: - [2009/11/09 03:05:10 | 00,620,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HTTP.sys -- (HTTP)
DRV:64bit: - [2009/09/24 17:27:18 | 00,893,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:64bit: - [2009/09/23 04:55:23 | 00,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\Lbd.sys -- (Lbd)
DRV:64bit: - [2009/09/16 09:22:40 | 00,308,296 | ---- | M] (McAfee, Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009/09/16 09:22:40 | 00,102,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2009/09/16 09:22:40 | 00,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2009/09/16 09:15:38 | 00,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2009/09/14 01:45:26 | 00,174,592 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\srv2.sys -- (srv2)
DRV:64bit: - [2009/08/14 08:39:38 | 01,425,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tcpip.sys -- (Tcpip6)
DRV:64bit: - [2009/08/14 08:39:38 | 01,425,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
DRV:64bit: - [2009/08/14 06:09:29 | 00,040,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
DRV:64bit: - [2009/06/15 22:00:45 | 00,515,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\ksecdd.sys -- (KSecDD)
DRV:64bit: - [2009/04/10 23:15:53 | 00,067,048 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)
DRV:64bit: - [2009/04/10 23:15:53 | 00,062,440 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\termdd.sys -- (TermDD)
DRV:64bit: - [2009/04/10 23:15:52 | 00,408,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
DRV:64bit: - [2009/04/10 23:15:45 | 00,269,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
DRV:64bit: - [2009/04/10 23:15:36 | 00,019,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\spldr.sys -- (spldr)
DRV:64bit: - [2009/04/10 23:15:34 | 01,515,496 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\ntfs.sys -- (Ntfs)
DRV:64bit: - [2009/04/10 23:15:34 | 00,738,264 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
DRV:64bit: - [2009/04/10 23:15:33 | 00,361,448 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- C:\Windows\SysNative\CLFS.sys -- (CLFS) Common Log (CLFS)
DRV:64bit: - [2009/04/10 23:15:32 | 00,325,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
DRV:64bit: - [2009/04/10 23:15:32 | 00,310,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msrpc.sys -- (MsRPC)
DRV:64bit: - [2009/04/10 23:15:32 | 00,275,432 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltmgr.sys -- (FltMgr)
DRV:64bit: - [2009/04/10 23:15:31 | 00,215,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\msiscsi.sys -- (iScsiPrt)
DRV:64bit: - [2009/04/10 23:15:31 | 00,178,664 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
DRV:64bit: - [2009/04/10 23:15:30 | 00,155,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ecache.sys -- (Ecache)
DRV:64bit: - [2009/04/10 23:15:25 | 00,073,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
DRV:64bit: - [2009/04/10 23:15:25 | 00,067,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (disk)
DRV:64bit: - [2009/04/10 23:15:24 | 00,059,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\mup.sys -- (Mup)
DRV:64bit: - [2009/04/10 21:48:33 | 00,209,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpwd.sys -- (RDPWD)
DRV:64bit: - [2009/04/10 21:44:24 | 00,406,016 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
DRV:64bit: - [2009/04/10 21:43:46 | 00,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rassstp.sys -- (RasSstp) WAN Miniport (SSTP)
DRV:64bit: - [2009/04/10 21:43:40 | 00,169,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ndiswan.sys -- (NdisWan)
DRV:64bit: - [2009/04/10 21:43:39 | 00,098,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV:64bit: - [2009/04/10 21:43:39 | 00,086,528 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\DRIVERS\wanarp.sys -- (Wanarpv6)
DRV:64bit: - [2009/04/10 21:43:39 | 00,086,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wanarp.sys -- (Wanarp)
DRV:64bit: - [2009/04/10 21:43:38 | 00,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV:64bit: - [2009/04/10 21:43:33 | 00,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\raspppoe.sys -- (RasPppoe)
DRV:64bit: - [2009/04/10 21:43:27 | 00,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipfltdrv.sys -- (IpFilterDriver)
DRV:64bit: - [2009/04/10 21:43:00 | 00,094,720 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\tdx.sys -- (tdx)
DRV:64bit: - [2009/04/10 21:42:56 | 00,094,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\pacer.sys -- (PSched)
DRV:64bit: - [2009/04/10 21:42:33 | 00,248,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\netbt.sys -- (netbt)
DRV:64bit: - [2009/04/10 21:42:19 | 00,088,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\smb.sys -- (Smb) Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)
DRV:64bit: - [2009/04/10 21:40:20 | 00,187,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\nwifi.sys -- (NativeWifiP)
DRV:64bit: - [2009/04/10 21:39:52 | 00,273,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbhub.sys -- (usbhub)
DRV:64bit: - [2009/04/10 21:39:41 | 00,948,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HDAudBus.sys -- (HDAudBus)
DRV:64bit: - [2009/04/10 21:39:36 | 00,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbehci.sys -- (usbehci)
DRV:64bit: - [2009/04/10 21:39:32 | 00,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\hidusb.sys -- (HidUsb)
DRV:64bit: - [2009/04/10 21:34:39 | 00,079,872 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\cdrom.sys -- (cdrom)
DRV:64bit: - [2009/04/10 20:57:56 | 00,440,832 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\srv.sys -- (srv)
DRV:64bit: - [2009/04/10 20:57:29 | 00,143,360 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\srvnet.sys -- (srvnet)
DRV:64bit: - [2009/04/10 20:55:42 | 00,139,264 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
DRV:64bit: - [2009/04/10 20:55:34 | 00,135,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mrxsmb.sys -- (mrxsmb)
DRV:64bit: - [2009/04/10 20:55:26 | 00,105,984 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mrxsmb20.sys -- (mrxsmb20)
DRV:64bit: - [2009/04/10 20:55:24 | 00,287,744 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\rdbss.sys -- (rdbss)
DRV:64bit: - [2009/04/10 20:55:24 | 00,273,408 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mrxsmb10.sys -- (mrxsmb10)
DRV:64bit: - [2009/04/10 20:54:44 | 00,097,792 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\dfsc.sys -- (DfsC)
DRV:64bit: - [2009/04/10 20:54:22 | 00,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\npfs.sys -- (Npfs)
DRV:64bit: - [2009/04/10 20:54:21 | 00,299,008 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\udfs.sys -- (udfs)
DRV:64bit: - [2009/04/10 20:54:11 | 00,187,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\exfat.sys -- (exfat)
DRV:64bit: - [2009/04/10 20:54:10 | 00,198,144 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fastfat.sys -- (fastfat)
DRV:64bit: - [2008/07/28 19:44:20 | 00,314,880 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2008/07/20 17:44:54 | 00,402,456 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/07/15 00:39:24 | 00,062,296 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2mdx64.sys -- (O2MDRDR)
DRV:64bit: - [2008/07/10 18:29:08 | 07,912,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/07/10 01:52:38 | 00,325,680 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/06/29 13:52:44 | 00,126,976 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2008/06/26 16:24:20 | 00,020,520 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:64bit: - [2008/06/11 17:29:30 | 00,051,800 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2sdx64.sys -- (O2SDRDR)
DRV:64bit: - [2008/04/29 00:00:00 | 00,392,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/04/28 18:10:55 | 00,276,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHport.sys -- (BTHPORT)
DRV:64bit: - [2008/04/28 18:10:51 | 00,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHUSB.sys -- (BTHUSB)
DRV:64bit: - [2008/04/27 14:38:12 | 04,730,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel®
DRV:64bit: - [2008/01/20 18:51:14 | 00,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdtcp.sys -- (TDTCP)
DRV:64bit: - [2008/01/20 18:51:14 | 00,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdpipe.sys -- (TDPIPE)
DRV:64bit: - [2008/01/20 18:51:07 | 00,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\DRIVERS\RDPCDD.sys -- (RDPCDD)
DRV:64bit: - [2008/01/20 18:51:01 | 00,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\asyncmac.sys -- (AsyncMac)
DRV:64bit: - [2008/01/20 18:50:59 | 00,070,200 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
DRV:64bit: - [2008/01/20 18:50:45 | 00,090,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bowser.sys -- (bowser)
DRV:64bit: - [2008/01/20 18:50:45 | 00,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
DRV:64bit: - [2008/01/20 18:50:39 | 00,881,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
DRV:64bit: - [2008/01/20 18:50:39 | 00,090,624 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\SysNative\DRIVERS\cdfs.sys -- (cdfs)
DRV:64bit: - [2008/01/20 18:50:39 | 00,026,112 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\msfs.sys -- (Msfs)
DRV:64bit: - [2008/01/20 18:50:25 | 00,070,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (MountMgr)
DRV:64bit: - [2008/01/20 18:50:10 | 00,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\tssecsrv.sys -- (tssecsrv)
DRV:64bit: - [2008/01/20 18:50:04 | 00,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
DRV:64bit: - [2008/01/20 18:49:58 | 00,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ndisuio.sys -- (Ndisuio)
DRV:64bit: - [2008/01/20 18:49:52 | 00,011,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSKSSRV.sys -- (MSKSSRV)
DRV:64bit: - [2008/01/20 18:49:52 | 00,007,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MSTEE.sys -- (MSTEE)
DRV:64bit: - [2008/01/20 18:49:51 | 00,028,672 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vga.sys -- (VgaSave)
DRV:64bit: - [2008/01/20 18:49:48 | 00,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\rdpencdd.sys -- (RDPENCDD)
DRV:64bit: - [2008/01/20 18:49:42 | 00,081,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
DRV:64bit: - [2008/01/20 18:49:42 | 00,024,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
DRV:64bit: - [2008/01/20 18:49:42 | 00,020,992 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2008/01/20 18:49:16 | 00,109,568 | ---- | M] (Microsoft Corporation) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
DRV:64bit: - [2008/01/20 18:49:15 | 00,075,776 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\rspndr.sys -- (rspndr)
DRV:64bit: - [2008/01/20 18:49:15 | 00,059,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\lltdio.sys -- (lltdio)
DRV:64bit: - [2008/01/20 18:49:00 | 00,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
DRV:64bit: - [2008/01/20 18:48:45 | 00,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipnat.sys -- (IPNAT)
DRV:64bit: - [2008/01/20 18:48:45 | 00,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndproxy.sys -- (NDProxy)
DRV:64bit: - [2008/01/20 18:48:45 | 00,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tunnel.sys -- (tunnel)
DRV:64bit: - [2008/01/20 18:48:45 | 00,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ndistapi.sys -- (NdisTapi)
DRV:64bit: - [2008/01/20 18:48:45 | 00,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tunmp.sys -- (tunmp)
DRV:64bit: - [2008/01/20 18:48:28 | 00,033,280 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
DRV:64bit: - [2008/01/20 18:48:27 | 00,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\netbios.sys -- (NetBIOS)
DRV:64bit: - [2008/01/20 18:48:24 | 00,014,848 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\rasacd.sys -- (RasAcd)
DRV:64bit: - [2008/01/20 18:47:30 | 00,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:64bit: - [2008/01/20 18:47:28 | 00,076,288 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ipmidrv.sys -- (IPMIDRV)
DRV:64bit: - [2008/01/20 18:47:28 | 00,035,896 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\i2omp.sys -- (i2omp)
DRV:64bit: - [2008/01/20 18:47:27 | 00,185,912 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\adpu320.sys -- (adpu320)
DRV:64bit: - [2008/01/20 18:47:27 | 00,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo)
DRV:64bit: - [2008/01/20 18:47:27 | 00,064,000 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\i8042prt.sys -- (i8042prt)
DRV:64bit: - [2008/01/20 18:47:27 | 00,042,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\kbdclass.sys -- (kbdclass)
DRV:64bit: - [2008/01/20 18:47:27 | 00,024,120 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\wd.sys -- (Wd)
DRV:64bit: - [2008/01/20 18:47:27 | 00,020,480 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\kbdhid.sys -- (kbdhid)
DRV:64bit: - [2008/01/20 18:47:26 | 00,128,056 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\mpio.sys -- (mpio)
DRV:64bit: - [2008/01/20 18:47:26 | 00,078,392 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)
DRV:64bit: - [2008/01/20 18:47:25 | 00,149,048 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)
DRV:64bit: - [2008/01/20 18:47:25 | 00,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\fdc.sys -- (fdc)
DRV:64bit: - [2008/01/20 18:47:25 | 00,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbuhci.sys -- (usbuhci)
DRV:64bit: - [2008/01/20 18:47:25 | 00,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 18:47:04 | 00,113,720 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\msdsm.sys -- (msdsm)
DRV:64bit: - [2008/01/20 18:47:04 | 00,055,296 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\blbdrive.sys -- (blbdrive)
DRV:64bit: - [2008/01/20 18:47:03 | 00,041,984 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\circlass.sys -- (circlass)
DRV:64bit: - [2008/01/20 18:47:03 | 00,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\BthEnum.sys -- (BthEnum)
DRV:64bit: - [2008/01/20 18:47:02 | 00,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
DRV:64bit: - [2008/01/20 18:47:01 | 00,113,720 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:64bit: - [2008/01/20 18:47:01 | 00,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbccgp.sys -- (usbccgp)
DRV:64bit: - [2008/01/20 18:47:00 | 00,091,192 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)
DRV:64bit: - [2008/01/20 18:47:00 | 00,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\monitor.sys -- (monitor)
DRV:64bit: - [2008/01/20 18:47:00 | 00,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\vgapnp.sys -- (vga)
DRV:64bit: - [2008/01/20 18:47:00 | 00,014,848 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sffdisk.sys -- (sffdisk)
DRV:64bit: - [2008/01/20 18:47:00 | 00,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV:64bit: - [2008/01/20 18:47:00 | 00,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_sd.sys -- (sffp_sd)
DRV:64bit: - [2008/01/20 18:46:59 | 00,397,368 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\elxstor.sys -- (elxstor)
DRV:64bit: - [2008/01/20 18:46:59 | 00,290,872 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iastorv.sys -- (iaStorV)
DRV:64bit: - [2008/01/20 18:46:59 | 00,068,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gagp30kx.sys -- (gagp30kx)
DRV:64bit: - [2008/01/20 18:46:59 | 00,067,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uagp35.sys -- (uagp35)
DRV:64bit: - [2008/01/20 18:46:59 | 00,047,672 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hpcisss.sys -- (HpCISSs)
DRV:64bit: - [2008/01/20 18:46:59 | 00,039,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\mouclass.sys -- (mouclass)
DRV:64bit: - [2008/01/20 18:46:59 | 00,035,896 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)
DRV:64bit: - [2008/01/20 18:46:59 | 00,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)
DRV:64bit: - [2008/01/20 18:46:59 | 00,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\mouhid.sys -- (mouhid)
DRV:64bit: - [2008/01/20 18:46:57 | 00,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008/01/20 18:46:56 | 00,438,328 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\megasr.sys -- (MegaSR)
DRV:64bit: - [2008/01/20 18:46:56 | 00,284,728 | ---- | M] (ULi Electroni

#16 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 18 January 2010 - 11:34 AM

Hi again Nimrod001!.. :).

Well, the scan did not come up with what I wanted - no mention of logitech in the registry... :search:

Let's try a different tool to look through the files and registry on your computer:

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :filefind
    *logitech*
    :folderfind
    *logitech*
    :regfind
    logitech
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found at on your Desktop entitled SystemLook.txt

In the meantime, no harm trying other things as well... I suggest you Run Check Disk at Startup in Vista...

:thumbsup:
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#17 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 18 January 2010 - 01:37 PM

Hi ~

Here's the Systemlook results:

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 11:17 on 18/01/2010 by John (Administrator - Elevation successful)

========== filefind ==========

Searching for "*logitech*"
No files found.

========== folderfind ==========

Searching for "*logitech*"
No folders found.

========== regfind ==========

Searching for "logitech"
No data found.

-=End Of File=-

I ran the registry check and it found huge problems: 148 system related errors and 29 user related errors. It didn't pop up with a report....am I to click "fix"?

Edited by Nimrod001, 18 January 2010 - 02:05 PM.


#18 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 18 January 2010 - 03:30 PM

Hi!.. :).

I ran the registry check and it found huge problems: 148 system related errors and 29 user related errors. It didn't pop up with a report....am I to click "fix"?

Yes, repair the errors please...
If you run chkdsk /f (method two), it does it automatically...

Let me know how it goes!.. :).
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#19 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 18 January 2010 - 03:41 PM

Hi!.. :).


I ran the registry check and it found huge problems: 148 system related errors and 29 user related errors. It didn't pop up with a report....am I to click "fix"?

Yes, repair the errors please...
If you run chkdsk /f (method two), it does it automatically...

Let me know how it goes!.. :).


chkdsk /f? Where do I find that? I'll do the Registry fix if I have to, but it's $30, so if I can find the same elsewhere for free, I'm all for that.

#20 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 18 January 2010 - 04:55 PM

Hi again!.. :).

chkdsk /f? Where do I find that? I'll do the Registry fix if I have to, but it's $30, so if I can find the same elsewhere for free, I'm all for that.

In one of my last posts, I recommended you to run chkdsk (check disk)... And I thought it was check disk which found these errors... Do you mean these errors were found by a program of some sort??.. We do not have a good opinion about such programs - registry is a very complex "database", some programs can do more harm than good when messing with it... Also, it tells you it found "huge problems" but we do not actually know what the program means by it... :huh:

Let's try check disk first: How to Run Check Disk at Startup in Vista - use Method Two - run chkdsk /f from command prompt...

One more thing worth trying... Access this link via Internet Explorer: http://bertk.mvps.or...estoresysv.html - we may trying using System Restore... Check if it gives you an option to go back to the System Restore point created more than 5 days ago... If yes, maybe one of the points would be created before your problem started... :unsure:

If it doesn't help, running Selective Startup using System Configuration comes to my mind... However, this is not an easy thing to do and may require quite a lot of time...

Let me know how it goes... :).
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#21 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 18 January 2010 - 06:04 PM

Ah, my bad, when you access the link you directed me to (How to run check disk at startup in Vista) the very first thing accessible is "Vista - Check Disk - chkdsk" and directly below that are the words "recommended fix" with the following link underneath: http://www.liutiliti...er/vistax64/rb/ now I see that it's an advertisment, not what you were directing me to. The scan was free, but the fix, of course, was not. Going to perform the check disk you WERE directing me to now. :)
Glad I asked!

#22 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 18 January 2010 - 10:01 PM

Ah, my bad, when you access the link you directed me to (How to run check disk at startup in Vista) the very first thing accessible is "Vista - Check Disk - chkdsk" and directly below that are the words "recommended fix" with the following link underneath: http://www.liutiliti...er/vistax64/rb/ now I see that it's an advertisment, not what you were directing me to. The scan was free, but the fix, of course, was not. Going to perform the check disk you WERE directing me to now. :)
Glad I asked!


Ok, I ran the chkdsk/f but did not gain anything from that. I did the system restore and it seemed to fix the problem. Remember, the laptop froze up literally and exactly 3 minutes after starting every time. After doing the restore, it ran fine for a half hour. At that time, I planned to reinstall the McAfee system, but accidentally hit the microsoft updates instead. After the updates were loaded I moved on to reinstalling McAfee. But...halfway into the install, the computer froze up. I thought maybe it was the updates, so did another restore, made SURE I ignored the microsoft updates and went to the McAfee, but before I could get there, the system had frozen up again -- back to the 3 minute freeze. *sigh* Beginning to think that perhaps the best route is the extended warranty - one hard drop to the floor and they'll replace the laptop......


Argh! I thought we were done!

Edited by Nimrod001, 18 January 2010 - 11:30 PM.


#23 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 19 January 2010 - 05:29 AM

Hi again!.. :)..

*sigh* Beginning to think that perhaps the best route is the extended warranty - one hard drop to the floor and they'll replace the laptop......

If the problem does not persist in Safe Mode, this is most likely a problem with Drivers or software... Dropping it to the floor would be too violent, I think... :spiteful:

Argh! I thought we were done!

Me too!..

Ok, this is a little like trying to find a needle in a stack...
Let's try a Startup Repair in Vista first... (of course I do not mean that "recommended fix"... ;).)

If it doesn't help, run an Event Viewer - Open Computer Management by right-clicking the Computer icon on the start menu (or on the Desktop if you have it enabled) and select Manage. Navigate to the Event Viewer.

Going through the entries is pretty easy... Check the "Custom Views", Windows and Application Logs... Take a look at the most recent entries, during a time when your computer froze... Is there an error telling us what might have happened??..

Let me know how it goes... ;).
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#24 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 20 January 2010 - 12:20 AM

Hi again!.. :)..


*sigh* Beginning to think that perhaps the best route is the extended warranty - one hard drop to the floor and they'll replace the laptop......

If the problem does not persist in Safe Mode, this is most likely a problem with Drivers or software... Dropping it to the floor would be too violent, I think... :spiteful:

Argh! I thought we were done!

Me too!..

Ok, this is a little like trying to find a needle in a stack...
Let's try a Startup Repair in Vista first... (of course I do not mean that "recommended fix"... ;).)

If it doesn't help, run an Event Viewer - Open Computer Management by right-clicking the Computer icon on the start menu (or on the Desktop if you have it enabled) and select Manage. Navigate to the Event Viewer.

Going through the entries is pretty easy... Check the "Custom Views", Windows and Application Logs... Take a look at the most recent entries, during a time when your computer froze... Is there an error telling us what might have happened??..

Let me know how it goes... ;).


Ugh. Ran the start up repair, the report seemed to indicate no problems, HOWEVER, it only took a second to run and upon completion it gave me a message that "If you have recently attached a device to this computer, such as a camera or portable music player, remove it and restart your computer. If you continue to see this message, contact your system administrator or computer manufacturer for assistance". No camera, Ipod, or anything else was attached. I closed, rebooted and ran again, got the same message.

On to event viewer. Easy? Your kidding, right? You asked if I can see anything at the time I know the computer froze....well....it's "freezing" is what caused me to shut it down and put it away last night, so the last events would be the capturing the freeze, right? I have errors at 9:22:03, 9:22:05, two at 9:22:18, 9:22:26, 9:22:37, two at 9:22:03, 9:22:42, six at 9:22:50, and 9:22:34, warnings at 9:22:04, 9:22:25, 9:22:03, 9:22:33, 9:22:34 and 9:22:35. Shoot, all I've done today is boot and reboot to run the programs you suggested and I have 34 errors and 9 warnings. Bear in mind I'm booting in Safemode every time. Maybe that has something to do with all the errors? Hoping, maybe?

#25 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 20 January 2010 - 01:15 PM

Hi again!.. :)..

When replying to your topic, please use the Posted Image button.
I do not need to see my previous post.

Ugh. Ran the start up repair, the report seemed to indicate no problems, HOWEVER, it only took a second to run and upon completion it gave me a message that (..)

If that message does not vanish in the very near future, you'll need to perform a System Restore... :think:
Strange that repair causes troubles... :hmmm:

On to event viewer. Easy? Your kidding, right? You asked if I can see anything at the time I know the computer froze....well....it's "freezing" is what caused me to shut it down and put it away last night, so the last events would be the capturing the freeze, right?

Hopefully... If that makes you happy, I can assure you that my Windows Vista 64bit, although it runs very smoothly, produces errors and warnings (visible in the Event Viewer) every day...

The text of there errors and warnings can be easily copied (text in Polish, unfortunately):

Posted Image

Open Event Viewer, navigate to Custom Views... Choose a few errors and warnings (from Administrative Events and System Rebooting Events) from around the time your computer froze and for every one of them do:
- right-click, Copy, Copy details as text...
- paste it (right-click Paste) to the form on my site: Upload a log
- you may take a look if there are any errors produced in the Windows Logs section...

When you're finished, click Upload... Do not post a link to the "log" here, just let me know once you do this...


Also, let's try Selective Startup using System Configuration... In Normal Mode (before it freezes):
Open System Configuration - write msconfig.exe in the search box and press Enter...

Posted Image

Under General tab, click Selective startup, and then clear the Load startup items check box. Click Apply, and then OK...

Posted Image

It will prompt you for a reboot, please do so... Does a problem persist with no startup items loaded as well??..

Let me know!.. :thumbsup:
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#26 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 21 January 2010 - 10:28 PM

Here's the link to the log entries I uploaded to your site:

http://snemelk.hekko...-22_052525.html

One of the logs I chose I chose because it was a "plug and play". I don't know if that's helpful, but since the mouse that was installed at the beginning of all this trouble is a "plug and play" item, I thought it might be significant.

Sorry about having replied in such a tedious manner. Thanks for cluing me in, it won't happen again!

When I run the laptop without startup items it stays up longer before freezing. Generally, it freezes up in 3 minutes, without startup items it stayed up for about a half hour.

There are some other differences as well:

With startup items, when it freezes up, it's locked solid, the only movement is the "timer" icon that indicates it's searching/loading, but nothing happens The page "whites out", it appears to be in the background, if that makes sense. If I try to click on something else, there's a hesitation, as thought it's going to complete your command, but then the screen gets even more faded and you're still completed jammed.

Without startup items, the timer icon again comes up and appears active, but at the left top of the page, instead of indicating he page you're on, it says "Firefox (not responding) - that doesn't happen with a "startup items included" start. When I try closing the page by clicking the "x" at the upper right hand corner, it indicates it's being accessed by changing color when I click. Also when I hover over icons on the page the pop up box comes up indicating what they are (for instance, "McAfee" and "Ad-Aware"). I was able to minimize the page, and after several attempts, it maximized again. But, I couldn't close it and had to do a hard shut down in the end.

I hope I explained that in a way that makes sense.

Thanks again for all your help!

Edited by Nimrod001, 21 January 2010 - 10:45 PM.


#27 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 22 January 2010 - 06:42 PM

Hi again Nimrod001!.. Thank you for the logs entries and your report!.. :)..

Let's try 2 things then...

1. Go to your laptop manufacturer's web site... Check if it offers driver updates for your laptop... If yes, please update the drivers (for motherboard or display drivers, etc. ...)...

If the problem persists after performing those updates (and a reboot), please do the following as well:

2. To find out if one of the Services is the culprit... Write services.msc in the search box and press Enter...
Find the Windows Search Service on the list... Right-click the name and choose Properties...
There should be a possibility to Stop this Service, and change a Boot Mode (?) of it - set it to Disabled...
Apply the changes and click OK... Reboot... Does it help??.. ;)..
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#28 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 22 January 2010 - 09:41 PM

Hi again ~

There were driver updates available for the motherboard and I installed them. Upon restart, it was up and running for 40 minutes before it froze up.

I guess I don't know what search box you're referring to as the box I search for the services.msc on comes up with nothing. I'm using the search that's accessed by right clicking the start button. Help?

Edited by Nimrod001, 23 January 2010 - 01:48 AM.


#29 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 23 January 2010 - 03:50 AM

Hi again!.. :).

I guess I don't know what search box you're referring to as the box I search for the services.msc on comes up with nothing. I'm using the search that's accessed by right clicking the start button. Help?

Sorry, I was not clear... Write it in the same search box you wrote msconfig.exe in:

Posted Image

This time, however, just write services.msc and click Enter... ;)..
For additional help, see this article: How to Disable or Enable Vista Services

Then just stop the Windows Search Service and set it to disabled... We'll see if it helps... :unsure:
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#30 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 24 January 2010 - 02:13 PM

Have I thanked you lately for your help? I really do appreciate all your efforts!

Did as you asked and found that the windows search service status is already set at stopped. HOWEVER, the "startup type" has three choices: Automatic, Automatic (delayed started) Manual and Disabled. It was set at "automatic" and I changed that to "disabled'.

I will restart and see what happens.

#31 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 24 January 2010 - 03:13 PM

No good. Still freezing up.

Thinking of that extended warranty again....Maybe a cup of coffee gently poured over the keyboard would be a less violent death than dropping the laptop to the floor?

#32 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 24 January 2010 - 03:59 PM

Hi again!.. :).

Have I thanked you lately for your help? I really do appreciate all your efforts!

Thanks!.. However, I'm a little troubled that we are not making any progress... :(..

No good. Still freezing up.

Heh... Ok, you may re-set the Windows Search Service back to Automatic start...

Ok, we excluded startup items as causing a problem here... Time for Services... We'll Run Selective Startup once again...

In Normal Mode:
1. Open msconfig.exe...
2. General tab, click Selective startup, and then clear the Load startup items check box only...
3. Go to the Services tab, on the bottom you should find a check box: Hide all Microsoft Services - check that box... A list of Services should me shorter now...
4. Click Disable all ( on the right)...
5. Clear the Hide all Microsoft Services box... With the next boot, only Windows Services should load...
6. Apply the changes, click OK, reboot when prompted...

Let me know if problem persists... :thumbsup:

Thinking of that extended warranty again....Maybe a cup of coffee gently poured over the keyboard would be a less violent death than dropping the laptop to the floor?

Hehe, to say the truth, I have no idea... You'd have to check the terms of warranty... ;)..
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#33 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 25 January 2010 - 01:44 AM

I am excited to tell you that after doing that last window services only change, the computer stayed up and unfrozen for two full hours. I'm shutting it down now as I need to go to bed, but I have to (want to?) think it would have stayed up forever if I'd left it. yay!

#34 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 25 January 2010 - 05:24 PM

Hi again!.. ;).

I am excited to tell you that after doing that last window services only change, the computer stayed up and unfrozen for two full hours. yay!

Ok, keep your fingers crossed... :D..

So, it seems one of the third-party Services is causing a problem... You'll need to perform a few tests/reboots to find out which one...

1. Open msconfig.exe...
2. General tab, under Selective startup, check the Load startup items check box... (as we know that startup items don't cause a problem here)
3. Go to the Services tab, on the bottom you should find a check box: Hide all Microsoft Services - check that box... A list of Services should be shorter now...
4. Only third-party Services (non-Microsoft) should be visible... Make sure all of them are disabled first...
5. Then, place a check mark next to the first half of the Services... Apply the changes, click OK, reboot when prompted...
6. If it freezes once again after reboot - it means one of the Services you checked is the culprit... If it doesn't freeze, the faulty Service is in the second group...
7. Narrow it down to the faulty Service - a few reboots may be required as you check and uncheck the Services...

Let me know if you need more help with this and how it goes!.. :)..
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#35 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 25 January 2010 - 07:54 PM

Hmmm...perhaps I spoke too soon. I checked for your reply upon getting home from work, then sat down for dinner before doing the latest task. I didn't turn the laptop off but did shut down the internet as I'm still running with no virus protection. After dinner the laptop wouldn't load an internet window; it didn't freeze up, but I got nothing but that "timer" indicating it's trying/loading. Hope it was just an unrelated fluke. I'm heading to do as you direct now.

Got the 3-minute freeze on the first load. The items are:

Empowering Technology Services (unknown mfg)
Game Console Service (WildTangent)
Intel Matrix Storage Event (Intel)


Will remove these from load and run the other three now

Removed the first three and added the last three, the computer froze up in 45 minutes.

Last 3 items are:

Laasoft Adaware Service (Lavasoft)
02 Microflash Memory Card 02 Micro International)
XAudioService(Conexant Systems Incl)

Now what?

Edited by Nimrod001, 25 January 2010 - 10:21 PM.


#36 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 27 January 2010 - 09:55 AM

Hi again!.. :)..

Now what?

Well, that's a good question... :think:

Back to the 3 minute freeze... :crazy:

Ok, let's go back to the instructions from the post #32 - all startup items disabled and all non-Microsoft Services disabled...

We need to make sure it runs fine with those items disabled (last time 2 hours without a freeze)... Let me know... :thumbsup:
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#37 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 28 January 2010 - 05:04 PM

Sigh. I do not understand. Took the laptop to work with me so I could monitor it. I disabled all the non-Microsoft start items, the laptop stayed up for four hours, then froze up. Again this time, I was able to minimize the screen, control+alt+delete brought up the screen that asked what I wanted to do, I chose "task manager" (planning to close the non-responsive program (Word), but no task manager appeared. Trying to close via the normal method was unsuccessful as well as there was no response when I clicked on the "start" button. I'm frustrated and I'm sure you are too. Argh!

#38 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 28 January 2010 - 07:09 PM

Hi again!.. :)..

Sigh. I do not understand.

I'm a little confused as well... :crazy:

Ok, let's try performing an online test (leave Startup items and non-Microsoft Services still disabled, if possible - so that you have time to perform a test)... There is a slightly chance it will show us some valuable information...

Please run the CA PC Security and Performance Scanner here. When the tests are complete, a results page will pop up. Copy and paste the URL of the Results screen and post it here for me.
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#39 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 28 January 2010 - 08:31 PM

Man, I am doing my best to do what you're asking and get it back to you a) before the laptop freezes and b) so you can see the results as soon as possible, but, the test you've asked me to run - CA PC is NOWHERE on that page. I have clicked every link and scanned every page, I do not find anything that remotely resembles "CA PC". The tests are titled things like "Overdrive" and PC Matic. I need some direction.

Edited by Nimrod001, 28 January 2010 - 09:04 PM.


#40 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 29 January 2010 - 09:51 AM

Hi again!.. :).

Man, I am doing my best to do what you're asking and get it back to you

And I'm doing my best to help you...

CA PC is NOWHERE on that page. I have clicked every link and scanned every page, I do not find anything that remotely resembles "CA PC". The tests are titled things like "Overdrive" and PC Matic. I need some direction.

It's possible that a name of the test has changed once again... Please perform a PC Pitstop OverDrive test in Internet Explorer... You may want to set up a free account or run the test anonymously (bottom of the page)... :thumbsup:

Edit: OOhh, I seem to have found an error, the correct link to the CA PC Security and Performance Scanner is here: CA PC Security and Performance Scanner - please run that scan in Internet Explorer...
Sorry for a confusion... :unsure:

Edited by snemelk, 29 January 2010 - 09:58 AM.

c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#41 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 29 January 2010 - 07:34 PM

Your link takes me to the same default page as before. Still can't find the test you want me to run. Can you tell me where to go from the default page to find it?

Thanks for your help ~

#42 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 30 January 2010 - 08:39 AM

Hi again!.. :)..

Your link takes me to the same default page as before.

Sorry for a confusion, but it seems CA makes a fool of us - CA PC Security and Performance Scanner can be accessed from this site: http://shop.ca.com/ (center, near the bottom of that page)... You may notice that you'll be taken to the same link I posted in my previous post, however, the site itself will be different (they probably detect from what link you accessed their site)...

Open Internet Explorer as administrator: right-click, choose Run as administrator... Go to the CA page: http://shop.ca.com/ and click: Free Security and performance scan... It will ask you for a software install, allow it... Once the scan is completed, copy the link to the results page (from the address bar) and post it here for me to see...
Hope it's clear now... :thumbsup:
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#43 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 30 January 2010 - 11:27 AM

Done. Here's the link to the results:

http://pcpitstop.com...?conid=23267307

(Edited because I realized that the first time I ran it I didn't run "as administrator".)

Edited by Nimrod001, 30 January 2010 - 01:07 PM.


#44 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 31 January 2010 - 08:24 AM

Hi again!.. :).

Thanks!. Let me go back to you in a day or two - I'm checking with experts...
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#45 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 31 January 2010 - 02:18 PM

Ok, I'll wait to hear from you.

You know, I'm beginning to think maybe dropping the laptop to the ground "accidentally" and getting it replaced under the added warranty I bought on it might not be such a bad thing....

Thanks for all your hard work!

#46 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 03 February 2010 - 01:52 PM

Hi again and sorry for a late reply!..

PCPitStop test didn't show anything interesting, unfortunately...
Data on your laptop is fragmented much, however, it should not cause such problems...
The outdated Drivers are not crucial, so I don't think this is a cause here either...

You know, I'm beginning to think maybe dropping the laptop to the ground "accidentally" and getting it replaced under the added warranty I bought on it might not be such a bad thing....

Well, this might be an idea at the end... However, I'm not sure if actually damaging a laptop is a good idea... Cannot you just take it back to the store and tell them it doesn't work properly??..

Ok... There is one another thing we may want to try...
Open msconfig.exe, in the General tab check Normal startup... Apply the changes, click Ok, reboot if prompted...

Before getting the 3 minute freeze, please do the following:
- open Task Manager
- go to the Processes tab...
- on the left bottom part of the Task Manager window, click Show all users' processes...
- this will display all processes running (some processes may be listed several times, it's normal)... Please maximize the Task Manager Windows, so that you see most of them...
- when your computer freezes, does one of the processes spike up suddenly??.. If yes, could you give me a name of it??..

Note: If this is one of the svchost.exe processes, you'll probably need to remember which one spiked up... Then, after a reboot, you'll need to go once again to the Processes tab, right-click that process and choose: Go to Services... It will go automatically to the Services tab, with some (one or more) Services "clicked" (they'll have a characteristic background - like if you've clicked them manually)... I'll need the list of those "clicked" Services...

Hope it's clear... If unsure, ask... ;)..
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#47 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 05 February 2010 - 12:44 AM

Hi - sorry I've let this go, I actually have been checking for your reply, but as it bumped to a new page, I didn't realize you'd been back! It's late tonight, so I'll take care of what you've asked tomorrow. But, in reply to some of what you've said....

"Cannot you just take it back to the store and tell them it doesn't work properly??.. "

It sounds like you think I need to stop trying to resolve this here and take it in to be looked at, yes?

The laptop is only 8 months old. My husband said it did jam occasionally, very infrequently, but when he installed the plug and play style mouse, it froze up hard three minutes after powering up. You said the last results showed a lot of framentation. I know you said that shouldn't cause a problem, but isn't that unusual for an 8-month old laptop?

I'll be back tomorrow.

#48 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 05 February 2010 - 08:03 AM

Hi again Nimrod001!!.. :)..

It's late tonight, so I'll take care of what you've asked tomorrow.

No problem!.. :thumbsup:

It sounds like you think I need to stop trying to resolve this here and take it in to be looked at, yes?


It may be an idea if we do not find the culprit...
I consulted your case with experts... One of them told me that taking it back to the store may be the best idea, since it's still under warranty... It's a complex case, it seems, hard to diagnose...
I'm not a US citizen, so I know nothing about warranty terms there... However, if you say that it did jam occasionally earlier, taking it back to the store may seems like the best idea - let them repair what they screwed up... ;)..

You said the last results showed a lot of framentation. I know you said that shouldn't cause a problem, but isn't that unusual for an 8-month old laptop?

Hmmm, it depends on what programs you run on it... If there are quite a few programs handling large files, it can end up like that...
My system hasn't ever been defragmented (running for 2 years now) and the PCPitStop test shows:
Data Fragmentation: 29%
File Fragmentation: 0%

We may try defragmentation later...

One question came to my mind - when it freezes, does the hard disk seem to be operating (a flash light pulsing - indicating the data is read from the hard disk)??...
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

#49 Nimrod001

Nimrod001

    Member

  • Full Member
  • Pip
  • 78 posts

Posted 08 February 2010 - 01:03 AM

No such luck. While I wasn't viewing the task manager at the exact moment the freeze began, I was able to get there pretty quickly and didn't see anything dramatic. I'd actually printed out a screen shot of the "before" task manager processes so I could easily compare it to the "after" with certainty. No system was over 1,000K more than they had been before.

In regard to the warranty, I've misspoken to some degree. What I have is a extra warranty that covers breakage, dropped laptop, drink spills on keyboard, that kind of thing. But....the laptop is less than a year old, so I imagine it is still under factory warranty as well. It never occurred to me to take it back as "not working", as it seems something beyond the fault of the manufacturer likely caused the problem.

In regard to the large amount of fragmentation, there are no large programs on the computer. This is my husband's computer and he's a pretty basic guy, a novice user, really. All he uses it for is to check his email and search the net for long distance running stuff. That's really it. I insisted on installing Microsoft Office (Word, Excel and Powerpoint), Norton Symantec, Ad-aware and Spywareblaster and got him using Firefox instead of IE.

I did get a problem message I've never received before while waiting for the freeze. I'm sure it was in reference to an HP printer that is wirelessly connected to the laptop. In case it sheds some light, I've coped verbatum what it said below:

"The program or feature “\??\C:\Program Files (x86)\HP\HP Software Update\HPWICli.exe” cannot start or run due to incompatibility with 64-bit version of windows. Please contact the software vendor to as if a 64-bit Windows compatibility version is available."

I hope this is helpful, but suspect it is not.

#50 snemelk

snemelk

    inżynier

  • Expert
  • PipPipPipPipPip
  • 3,099 posts

Posted 08 February 2010 - 05:54 PM

Hi again Nimrod001!!.. :).

No such luck. While I wasn't viewing the task manager at the exact moment the freeze began, I was able to get there pretty quickly and didn't see anything dramatic. I'd actually printed out a screen shot of the "before" task manager processes so I could easily compare it to the "after" with certainty. No system was over 1,000K more than they had been before.

Ok, thanks for the info!..

Let's try something new... I asked my colleague to take a ("fresh") look at this thread... She came up with a few ideas...

1. Let's try a special boot time defragmentation...

We may use this tool: PerfectDisk 10 - download a free trial please...
Install the program... Perform an Offline Defragmentation as instructed in their guide: GetStartGuide.pdf

Let me know if it changes anything...

2. Generate a System Health Report In Vista please...
When the reuslts are shown, click File --> Save as --> give it a name, choose a folder you want to save it to and click Ok - this should export this report to html...

Zip that report up (add to archive), if possible, and upload it for me to see: you may use this site for that: http://www.speedyshare.com/
Post the link to the file... :thumbsup:

Ask if something is unclear to you...
c18903e63196580f.gif

snemelk.hekko.pl - - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.




Member of UNITE
Support SpywareInfo Forum - click the button