Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please help. Computer keeps restarting on its own


  • Please log in to reply
10 replies to this topic

#1 lodovico

lodovico

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:15 AM

Posted 14 May 2013 - 07:38 PM

I have to type fast because it's going to happen again. I don't have time to search the forum because it restarts every couple of minutes.  Here's a copy of recent event log.  Please help!!

 

 

 

Log Name:      System
Source:        Microsoft-Windows-SpoolerWin32SPL
Date:          5/14/2013 8:29:41 PM
Event ID:      4
Task Category: None
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The print spooler failed to reopen an existing printer connection because it could not read the configuration information from the registry key S-1-5-18\Printers\Connections. The print spooler could not open the registry key. This can occur if the registry key is corrupt or missing, or if the registry recently became unavailable.
Event Xml:
  <System>
    <Provider Name="Microsoft-Windows-SpoolerWin32SPL" Guid="{13E8B4F7-4D1C-4F65-95A2-39C6B26A3012}" EventSourceName="Client Side Rendering Spooler" />
    <EventID Qualifiers="49152">4</EventID>
    <Version>0</Version>
    <Level>3</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:29:41.000Z" />
    <EventRecordID>219069</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">S-1-5-18\Printers\Connections</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Microsoft-Windows-SpoolerWin32SPL
Date:          5/14/2013 8:29:41 PM
Event ID:      4
Task Category: None
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The print spooler failed to reopen an existing printer connection because it could not read the configuration information from the registry key S-1-5-18\Printers\Connections. The print spooler could not open the registry key. This can occur if the registry key is corrupt or missing, or if the registry recently became unavailable.
Event Xml:
  <System>
    <Provider Name="Microsoft-Windows-SpoolerWin32SPL" Guid="{13E8B4F7-4D1C-4F65-95A2-39C6B26A3012}" EventSourceName="Client Side Rendering Spooler" />
    <EventID Qualifiers="49152">4</EventID>
    <Version>0</Version>
    <Level>3</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:29:41.000Z" />
    <EventRecordID>219068</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">S-1-5-18\Printers\Connections</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:29:23 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The Windows Modules Installer service entered the running state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:29:23.000Z" />
    <EventRecordID>219067</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Windows Modules Installer</Data>
    <Data Name="param2">running</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Microsoft-Windows-DistributedCOM
Date:          5/14/2013 8:29:22 PM
Event ID:      10029
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
DCOM  started the service TrustedInstaller with arguments "" in order to run the server:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}
Event Xml:
  <System>
    <Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
    <EventID Qualifiers="49152">10029</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:29:22.000Z" />
    <EventRecordID>219066</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">TrustedInstaller</Data>
    <Data Name="param2">
    </Data>
    <Data Name="param3">{752073A1-23F2-4396-85F0-8FDB879ED0ED}</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Microsoft-Windows-WindowsUpdateClient
Date:          5/14/2013 8:27:20 PM
Event ID:      18
Task Category: Automatic Updates
Level:         Information
Keywords:      Success,Download
User:          SYSTEM
Computer:      Homecomputer
Description:
Installation Ready: The following updates are downloaded and ready for installation. This computer is currently scheduled to install these updates on Wednesday, May 15, 2013 at 3:00 AM: 
- Windows Malicious Software Removal Tool - May 2013 (KB890830)
Event Xml:
  <System>
    <Provider Name="Microsoft-Windows-WindowsUpdateClient" Guid="{945a8954-c147-4acd-923f-40c45405a658}" />
    <EventID>18</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>2</Task>
    <Opcode>12</Opcode>
    <Keywords>0x8000000000000014</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:27:20.241Z" />
    <EventRecordID>219065</EventRecordID>
    <Correlation />
    <Execution ProcessID="1140" ThreadID="5756" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <EventData>
    <Data Name="schedinstalldate">Wednesday, May 15, 2013</Data>
    <Data Name="schedinstalltime">3:00 AM</Data>
    <Data Name="updatelist">
- Windows Malicious Software Removal Tool - May 2013 (KB890830)</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:26:29 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The Windows Update service entered the running state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:26:29.000Z" />
    <EventRecordID>219064</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Windows Update</Data>
    <Data Name="param2">running</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:26:26 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The Application Information service entered the running state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:26:26.000Z" />
    <EventRecordID>219063</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Application Information</Data>
    <Data Name="param2">running</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:26:23 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The Windows Media Center Service Launcher service entered the stopped state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:26:23.000Z" />
    <EventRecordID>219062</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Windows Media Center Service Launcher</Data>
    <Data Name="param2">stopped</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:26:20 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The Security Center service entered the running state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:26:20.000Z" />
    <EventRecordID>219061</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Security Center</Data>
    <Data Name="param2">running</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:26:20 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The KtmRm for Distributed Transaction Coordinator service entered the running state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:26:20.000Z" />
    <EventRecordID>219060</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">KtmRm for Distributed Transaction Coordinator</Data>
    <Data Name="param2">running</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:26:20 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The Windows Media Center Service Launcher service entered the running state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:26:20.000Z" />
    <EventRecordID>219059</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Windows Media Center Service Launcher</Data>
    <Data Name="param2">running</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:26:13 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The Microsoft .NET Framework NGEN v4.0.30319_X86 service entered the stopped state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:26:13.000Z" />
    <EventRecordID>219058</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Microsoft .NET Framework NGEN v4.0.30319_X86</Data>
    <Data Name="param2">stopped</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:26:13 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The Microsoft .NET Framework NGEN v4.0.30319_X86 service entered the running state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:26:13.000Z" />
    <EventRecordID>219057</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Microsoft .NET Framework NGEN v4.0.30319_X86</Data>
    <Data Name="param2">running</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:26:12 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The Background Intelligent Transfer Service service entered the running state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:26:12.000Z" />
    <EventRecordID>219056</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Background Intelligent Transfer Service</Data>
    <Data Name="param2">running</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:25:36 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The Windows Search service entered the running state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:25:36.000Z" />
    <EventRecordID>219055</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Windows Search</Data>
    <Data Name="param2">running</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:24:35 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The Remote Access Connection Manager service entered the running state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:24:35.000Z" />
    <EventRecordID>219054</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Remote Access Connection Manager</Data>
    <Data Name="param2">running</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:24:33 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The Telephony service entered the running state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:24:33.000Z" />
    <EventRecordID>219053</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Telephony</Data>
    <Data Name="param2">running</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Microsoft-Windows-User-PnP
Date:          5/14/2013 8:24:18 PM
Event ID:      20001
Task Category: None
Level:         Information
Keywords:      
User:          SYSTEM
Computer:      Homecomputer
Description:
Driver Management concluded the process to install driver FileRepository\keyboard.inf_a81145df\keyboard.inf for Device Instance ID HID\VID_413C&PID_2105\6&228B39D&0&0000 with the following status: 0.
Event Xml:
  <System>
    <Provider Name="Microsoft-Windows-User-PnP" Guid="{eea178e3-e9d4-41ca-bb56-cede1a476629}" />
    <EventID>20001</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8000000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:24:18.550Z" />
    <EventRecordID>219052</EventRecordID>
    <Correlation />
    <Execution ProcessID="2800" ThreadID="2708" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <UserData>
      <DriverName>FileRepository\keyboard.inf_a81145df\keyboard.inf</DriverName>
      <DriverVersion>6.0.6000.16609</DriverVersion>
      <DriverProvider>Microsoft</DriverProvider>
      <DeviceInstanceID>HID\VID_413C&amp;PID_2105\6&amp;228B39D&amp;0&amp;0000</DeviceInstanceID>
      <SetupClass>{4D36E96B-E325-11CE-BFC1-08002BE10318}</SetupClass>
      <RebootOption>false</RebootOption>
      <UpgradeDevice>false</UpgradeDevice>
      <IsDriverOEM>false</IsDriverOEM>
      <InstallStatus>0</InstallStatus>
      <DriverDescription>HID Keyboard Device</DriverDescription>
    </InstallDeviceID>
  </UserData>
</Event>
 
Log Name:      System
Source:        Microsoft-Windows-User-PnP
Date:          5/14/2013 8:24:18 PM
Event ID:      20003
Task Category: None
Level:         Information
Keywords:      
User:          SYSTEM
Computer:      Homecomputer
Description:
Driver Management has concluded the process to add Service kbdclass for Device Instance ID HID\VID_413C&PID_2105\6&228B39D&0&0000 with the following status: 0.
Event Xml:
  <System>
    <Provider Name="Microsoft-Windows-User-PnP" Guid="{eea178e3-e9d4-41ca-bb56-cede1a476629}" />
    <EventID>20003</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8000000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:24:18.331Z" />
    <EventRecordID>219051</EventRecordID>
    <Correlation />
    <Execution ProcessID="2800" ThreadID="2708" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <UserData>
      <ServiceName>kbdclass</ServiceName>
      <DriverFileName>system32\DRIVERS\kbdclass.sys</DriverFileName>
      <DeviceInstanceID>HID\VID_413C&amp;PID_2105\6&amp;228B39D&amp;0&amp;0000</DeviceInstanceID>
      <PrimaryService>false</PrimaryService>
      <UpdateService>true</UpdateService>
      <AddServiceStatus>0</AddServiceStatus>
    </AddServiceID>
  </UserData>
</Event>
 
Log Name:      System
Source:        Microsoft-Windows-User-PnP
Date:          5/14/2013 8:24:18 PM
Event ID:      20003
Task Category: None
Level:         Information
Keywords:      
User:          SYSTEM
Computer:      Homecomputer
Description:
Driver Management has concluded the process to add Service kbdhid for Device Instance ID HID\VID_413C&PID_2105\6&228B39D&0&0000 with the following status: 0.
Event Xml:
  <System>
    <Provider Name="Microsoft-Windows-User-PnP" Guid="{eea178e3-e9d4-41ca-bb56-cede1a476629}" />
    <EventID>20003</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8000000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:24:18.129Z" />
    <EventRecordID>219050</EventRecordID>
    <Correlation />
    <Execution ProcessID="2800" ThreadID="2708" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <UserData>
      <ServiceName>kbdhid</ServiceName>
      <DriverFileName>system32\DRIVERS\kbdhid.sys</DriverFileName>
      <DeviceInstanceID>HID\VID_413C&amp;PID_2105\6&amp;228B39D&amp;0&amp;0000</DeviceInstanceID>
      <PrimaryService>true</PrimaryService>
      <UpdateService>true</UpdateService>
      <AddServiceStatus>0</AddServiceStatus>
    </AddServiceID>
  </UserData>
</Event>
 
Log Name:      System
Source:        Microsoft-Windows-User-PnP
Date:          5/14/2013 8:24:15 PM
Event ID:      20001
Task Category: None
Level:         Information
Keywords:      
User:          SYSTEM
Computer:      Homecomputer
Description:
Driver Management concluded the process to install driver FileRepository\input.inf_53578522\input.inf for Device Instance ID USB\VID_413C&PID_2105\5&38D57C23&0&2 with the following status: 0.
Event Xml:
  <System>
    <Provider Name="Microsoft-Windows-User-PnP" Guid="{eea178e3-e9d4-41ca-bb56-cede1a476629}" />
    <EventID>20001</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8000000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:24:15.945Z" />
    <EventRecordID>219049</EventRecordID>
    <Correlation />
    <Execution ProcessID="3124" ThreadID="3276" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <UserData>
      <DriverName>FileRepository\input.inf_53578522\input.inf</DriverName>
      <DriverVersion>6.0.6000.16386</DriverVersion>
      <DriverProvider>Microsoft</DriverProvider>
      <DeviceInstanceID>USB\VID_413C&amp;PID_2105\5&amp;38D57C23&amp;0&amp;2</DeviceInstanceID>
      <SetupClass>{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}</SetupClass>
      <RebootOption>false</RebootOption>
      <UpgradeDevice>false</UpgradeDevice>
      <IsDriverOEM>false</IsDriverOEM>
      <InstallStatus>0</InstallStatus>
      <DriverDescription>USB Human Interface Device</DriverDescription>
    </InstallDeviceID>
  </UserData>
</Event>
 
Log Name:      System
Source:        Microsoft-Windows-User-PnP
Date:          5/14/2013 8:24:15 PM
Event ID:      20003
Task Category: None
Level:         Information
Keywords:      
User:          SYSTEM
Computer:      Homecomputer
Description:
Driver Management has concluded the process to add Service HidUsb for Device Instance ID USB\VID_413C&PID_2105\5&38D57C23&0&2 with the following status: 0.
Event Xml:
  <System>
    <Provider Name="Microsoft-Windows-User-PnP" Guid="{eea178e3-e9d4-41ca-bb56-cede1a476629}" />
    <EventID>20003</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8000000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:24:15.757Z" />
    <EventRecordID>219048</EventRecordID>
    <Correlation />
    <Execution ProcessID="3124" ThreadID="3276" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <UserData>
      <ServiceName>HidUsb</ServiceName>
      <DriverFileName>system32\DRIVERS\hidusb.sys</DriverFileName>
      <DeviceInstanceID>USB\VID_413C&amp;PID_2105\5&amp;38D57C23&amp;0&amp;2</DeviceInstanceID>
      <PrimaryService>true</PrimaryService>
      <UpdateService>true</UpdateService>
      <AddServiceStatus>0</AddServiceStatus>
    </AddServiceID>
  </UserData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:24:12 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The Function Discovery Provider Host service entered the running state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:24:12.000Z" />
    <EventRecordID>219047</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Function Discovery Provider Host</Data>
    <Data Name="param2">running</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:24:12 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The iPod Service service entered the running state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:24:12.000Z" />
    <EventRecordID>219046</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">iPod Service</Data>
    <Data Name="param2">running</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:24:12 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The WinHTTP Web Proxy Auto-Discovery Service service entered the running state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:24:12.000Z" />
    <EventRecordID>219045</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">WinHTTP Web Proxy Auto-Discovery Service</Data>
    <Data Name="param2">running</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Microsoft-Windows-DistributedCOM
Date:          5/14/2013 8:24:12 PM
Event ID:      10029
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
DCOM  started the service fdPHost with arguments "" in order to run the server:
{145B4335-FE2A-4927-A040-7C35AD3180EF}
Event Xml:
  <System>
    <Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
    <EventID Qualifiers="49152">10029</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:24:12.000Z" />
    <EventRecordID>219044</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">fdPHost</Data>
    <Data Name="param2">
    </Data>
    <Data Name="param3">{145B4335-FE2A-4927-A040-7C35AD3180EF}</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Microsoft-Windows-DistributedCOM
Date:          5/14/2013 8:24:12 PM
Event ID:      10029
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
DCOM  started the service iPod Service with arguments "" in order to run the server:
{063D34A4-BF84-4B8D-B699-E8CA06504DDE}
Event Xml:
  <System>
    <Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
    <EventID Qualifiers="49152">10029</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:24:12.000Z" />
    <EventRecordID>219043</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">iPod Service</Data>
    <Data Name="param2">
    </Data>
    <Data Name="param3">{063D34A4-BF84-4B8D-B699-E8CA06504DDE}</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:24:12 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The Network Connections service entered the running state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:24:12.000Z" />
    <EventRecordID>219042</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Network Connections</Data>
    <Data Name="param2">running</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:24:12 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The Diagnostic System Host service entered the running state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:24:12.000Z" />
    <EventRecordID>219041</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Diagnostic System Host</Data>
    <Data Name="param2">running</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:24:12 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The Windows Search service entered the running state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:24:12.000Z" />
    <EventRecordID>219040</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Windows Search</Data>
    <Data Name="param2">running</Data>
  </EventData>
</Event>
 
Log Name:      System
Source:        Service Control Manager
Date:          5/14/2013 8:24:12 PM
Event ID:      7036
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      Homecomputer
Description:
The Pure Networks Platform Service service entered the running state.
Event Xml:
  <System>
    <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" />
    <EventID Qualifiers="16384">7036</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-05-15T00:24:12.000Z" />
    <EventRecordID>219039</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Homecomputer</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">Pure Networks Platform Service</Data>
    <Data Name="param2">running</Data>
  </EventData>

 

 

 

 

 

 
 
 
 
Warning 5/14/2013 8:29:41 PM SpoolerWin32SPL 4 None
Warning 5/14/2013 8:29:41 PM SpoolerWin32SPL 4 None
Information 5/14/2013 8:29:23 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:29:22 PM DistributedCOM 10029 None
Information 5/14/2013 8:27:20 PM WindowsUpdateClient 18 Automatic Updates
Information 5/14/2013 8:26:29 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:26:26 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:26:23 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:26:20 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:26:20 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:26:20 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:26:13 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:26:13 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:26:12 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:25:36 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:24:35 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:24:33 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:24:18 PM User-PnP 20001 None
Information 5/14/2013 8:24:18 PM User-PnP 20003 None
Information 5/14/2013 8:24:18 PM User-PnP 20003 None
Information 5/14/2013 8:24:15 PM User-PnP 20001 None
Information 5/14/2013 8:24:15 PM User-PnP 20003 None
Information 5/14/2013 8:24:12 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:24:12 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:24:12 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:24:12 PM DistributedCOM 10029 None
Information 5/14/2013 8:24:12 PM DistributedCOM 10029 None
Information 5/14/2013 8:24:12 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:24:12 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:24:12 PM Service Control Manager Eventlog Provider 7036 None
Information 5/14/2013 8:24:12 PM Service Control Manager Eventlog Provider 7036 None

Edited by hamluis, 23 May 2013 - 09:56 AM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 lodovico

lodovico
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:15 AM

Posted 14 May 2013 - 07:42 PM

I had more time than I thought.  Using Windows Vista and it's been doing this for the past 3 days.  Sometimes it stays on for a minute or two, sometimes 20 minutes.  Tried to untick box that tells it to not restart when there's an error, and it still restarts without ever giving me an error message.  Would so much appreciate some help.  Thanks!



#3 hamluis

hamluis

    Moderator


  • Moderator
  • 56,113 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:02:15 AM

Posted 15 May 2013 - 06:14 AM

Please download MiniToolBox  , save it to your desktop and run it.

 

Checkmark the following checkboxes:

  List last 10 Event Viewer log

  List Installed Programs

 List Users, Partitions and Memory size.

 

Click Go and paste the content into your next post.

 

Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link.  Do not copy/paste data from the report.

 

Louis

 



#4 Adam Pollard

Adam Pollard

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales, UK
  • Local time:08:15 AM

Posted 15 May 2013 - 02:34 PM

Well, do what louis says, but if it isn't stable enough try this..

 

Try pressing F8 when it starts up and going into safe mode with networking. Come back with what happens, i.e does it continue to restart.


Edited by Adam Pollard, 15 May 2013 - 02:36 PM.


#5 lodovico

lodovico
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:15 AM

Posted 22 May 2013 - 09:25 AM

Ok, thanks.  Going to try all of these things tonight and I'll report back.  



#6 lodovico

lodovico
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:15 AM

Posted 22 May 2013 - 05:11 PM

Well, it doesn't restart when it's booted up in safe mode.  Is that a good thing?  Now I'm going to follow the instructions with the mini tool box and I'll post the results.  Hoping I can do this before it restarts again.  Thanks so much for any advice!!



#7 lodovico

lodovico
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:15 AM

Posted 22 May 2013 - 05:18 PM

here's the snapshot from speccy  http://speccy.piriform.com/results/pPWZQNSkDZmtRgwHqivM8ny

 

 

did you also mean for me to post the results of mini tool box?

 

 

MiniToolBox by Farbar  Version:21-04-2013
Ran by John and Amanda (administrator) on 22-05-2013 at 18:12:09
Running from "C:\Users\John and Amanda\Favorites\Downloads"
Windows Vista ™ Home Premium  (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/22/2013 02:28:01 PM) (Source: EventSystem) (User: )
Description: d:\vista_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
 
Error: (05/14/2013 08:45:28 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   26 Homecomputer._airvideoserver._tcp.local. SRV 0 0 45632 Homecomputer.local.
 
Error: (05/14/2013 08:45:28 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.100:5353   26 Homecomputer._airvideoserver._tcp.local. SRV 0 0 45631 Homecomputer.local.
 
Error: (05/14/2013 07:49:53 PM) (Source: EventSystem) (User: )
Description: d:\vista_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
 
Error: (05/14/2013 07:15:08 PM) (Source: EventSystem) (User: )
Description: d:\vista_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
 
Error: (05/04/2013 10:11:19 AM) (Source: usbperf) (User: )
Description: Usbperf data collection failed. Collect function called with usupported Query Type.
 
Error: (05/04/2013 10:05:20 AM) (Source: usbperf) (User: )
Description: Usbperf data collection failed. Collect function called with usupported Query Type.
 
Error: (05/04/2013 10:03:09 AM) (Source: usbperf) (User: )
Description: Usbperf data collection failed. Collect function called with usupported Query Type.
 
Error: (05/04/2013 10:03:05 AM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4
 
Error: (05/04/2013 10:03:04 AM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
 
 
System errors:
=============
Error: (05/22/2013 06:07:21 PM) (Source: Print) (User: NT AUTHORITY)
Description: Windows could not initialize printer Dell Photo AIO Printer 926 because the print processor Dell Photo AIO Printer 926 Print Processor could not be found. Please obtain and install a new version of the driver from the manufacturer (if available), or choose an alternate driver that works with this print device.
 
Error: (05/22/2013 02:28:40 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (05/22/2013 02:28:01 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
 
Error: (05/22/2013 02:28:01 PM) (Source: DCOM) (User: )
Description: 1068netprofm{A47979D2-C419-11D9-A5B4-001185AD2B89}
 
Error: (05/22/2013 02:28:01 PM) (Source: DCOM) (User: )
Description: 1068netman{BA126AD1-2166-11D1-B1D0-00805FC1270E}
 
Error: (05/22/2013 02:28:01 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error: (05/22/2013 02:27:54 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (05/20/2013 07:13:01 AM) (Source: Print) (User: NT AUTHORITY)
Description: Windows could not initialize printer Dell Photo AIO Printer 926 because the print processor Dell Photo AIO Printer 926 Print Processor could not be found. Please obtain and install a new version of the driver from the manufacturer (if available), or choose an alternate driver that works with this print device.
 
Error: (05/20/2013 07:12:15 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:09:57 AM on 5/20/2013 was unexpected.
 
Error: (05/19/2013 08:14:54 PM) (Source: Print) (User: NT AUTHORITY)
Description: Windows could not initialize printer Dell Photo AIO Printer 926 because the print processor Dell Photo AIO Printer 926 Print Processor could not be found. Please obtain and install a new version of the driver from the manufacturer (if available), or choose an alternate driver that works with this print device.
 
 
Microsoft Office Sessions:
=========================
Error: (10/15/2011 11:21:33 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 53274 seconds with 1320 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-05-22 18:07:10.827
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-22 18:07:10.749
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-22 18:07:10.671
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\WI371A~1\Datamngr\datamngr.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-14 20:18:15.070
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-14 20:18:14.988
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-14 20:18:14.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-14 20:18:14.820
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-14 20:17:23.494
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-14 20:17:23.416
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-14 20:17:23.322
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Adobe Photoshop Lightroom 3.4 (Version: 3.4.1)
Adobe Reader 7.0.8 (Version: 7.0.8)
Adobe Shockwave Player 11.5 (Version: 11.5.1.601)
Air Video Server 2.4.3 (Version: 2.4.3)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Control Center (Version: 1.007.2007.0318)
Audacity 1.2.6
AudioConverter
AutoUpdate (Version: 1.1)
AVG Free 8.5
AVI Codec Pack
Banctec Service Agreement (Version: 1.11.0000)
BeerSmith 2
BeerSmith Brewing Software
BitTornado 0.3.17 (Version: 0.3.17)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center Core Implementation (Version: 0108.2146.2565.38893)
Catalyst Control Center Graphics Full Existing (Version: 0108.2146.2565.38893)
Catalyst Control Center Graphics Full New (Version: 0108.2146.2565.38893)
Catalyst Control Center Graphics Light (Version: 0108.2146.2565.38893)
Catalyst Control Center Localization Arabic (Version: 0108.2146.2565.38893)
Catalyst Control Center Localization Chinese Standard (Version: 0108.2146.2565.38893)
Catalyst Control Center Localization Chinese Traditional (Version: 0108.2146.2565.38893)
Catalyst Control Center Localization French (Version: 0108.2146.2565.38893)
Catalyst Control Center Localization German (Version: 0108.2146.2565.38893)
Catalyst Control Center Localization Italian (Version: 0108.2146.2565.38893)
Catalyst Control Center Localization Japanese (Version: 0108.2146.2565.38893)
Catalyst Control Center Localization Korean (Version: 0108.2146.2565.38893)
Catalyst Control Center Localization Spanish (Version: 0108.2146.2565.38893)
CCC Help Chinese Standard (Version: 0108.2146.2564.38893)
CCC Help Chinese Traditional (Version: 0108.2146.2564.38893)
CCC Help English (Version: 0108.2146.2564.38893)
CCC Help French (Version: 0108.2146.2564.38893)
CCC Help German (Version: 0108.2146.2564.38893)
CCC Help Italian (Version: 0108.2146.2564.38893)
CCC Help Japanese (Version: 0108.2146.2564.38893)
CCC Help Korean (Version: 0108.2146.2564.38893)
CCC Help Polish (Version: 0108.2146.2564.38893)
CCC Help Portuguese (Version: 0108.2146.2564.38893)
CCC Help Spanish (Version: 0108.2146.2564.38893)
CCC Help Thai (Version: 0108.2146.2564.38893)
ccc-core-static (Version: 0108.2146.2565.38893)
ccc-utility (Version: 0108.2146.2565.38893)
Cisco Network Magic (Version: 5.5.09195.0)
Conexant D850 PCI V.92 Modem
Coupon Companion (Version: 1.24.151.151)
dBpoweramp m4a Codec
dBpoweramp Music Converter (Version: Release 13.2)
Dell System Customization Wizard (Version: 1.00.0000)
DellSupport (Version: 6.0.3030)
Digital Line Detect (Version: 1.21)
DivX Codec (Version: 6.8.5)
DivX Version Checker (Version: 7.0.0.19)
DivX Web Player (Version: 1.4.2)
Free Video Flip and Rotate version 1.4
Games, Music, & Photos Launcher (Version: 1.00.0000)
Google Chrome (Version: 26.0.1410.64)
Google Desktop (Version: 5.9.0911.03589)
Google Talk Plugin (Version: 3.19.1.13088)
ieSpell (Version: 2.6.3 (build 814))
IMinent Toolbar (Version: 3.26.0)
Inkscape 0.47 (Version: 0.47)
Inspiration 9
Inspiration 9 PDF Driver (novaPDF 7.0 printer)
Intel® Matrix Storage Manager
Intel® Viiv™ Software (Version: 1.6.429.0)
iriver Music Manager (Version: 2.00.000)
iRiver Updater
iTunes (Version: 11.0.2.26)
IZArc 3.81 (Version: 3.81 Build 1550)
Java™ SE Runtime Environment 6 (Version: 1.6.0.0)
KODAK EASYSHARE Gallery Upload ActiveX Control
LeapFrog Connect (Version: 4.0.33.15045)
LeapFrog My Pals Plugin (Version: 4.0.33.15045)
Links Modification (Version: 1.06)
Malwarebytes' Anti-Malware
McAfee Security Scan Plus (Version: 3.0.318.3)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Digital Image Library 9 - Blocker (Version: 9.00.0000)
Microsoft Digital Image Suite 2006 (Version: 11.0.0422)
Microsoft Digital Image Suite 2006 Library (Version: 11.0.0422)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 4.0.51204.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Modem Diagnostic Tool (Version: 1.0.17.8)
Movie Converter V3 (remove only)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NetWaiting (Version: 2.5.44)
Network Magic (Version: 5.5.9195.0)
Pazera Free MP4 to AVI Converter 1.6 (Version: 1.6)
Photomatix Pro version 4.0.2 (Version: 4.0.2)
Picasa 3 (Version: 3.8)
PL-2303 Vista Driver Installer (Version: 3.2.0.0)
Product Documentation Launcher (Version: 1.00.0000)
Pure Networks Platform (Version: 11.2.09195.1)
QuickTime (Version: 7.70.80.34)
Roxio Creator Audio (Version: 3.3.0)
Roxio Creator BDAV Plugin (Version: 3.3.0)
Roxio Creator Copy (Version: 3.3.0)
Roxio Creator Data (Version: 3.3.0)
Roxio Creator DE (Version: 3.3.0)
Roxio Creator Tools (Version: 3.3.0)
Roxio Express Labeler (Version: 2.1.0)
Roxio MyDVD DE (Version: 9.0.116)
Roxio Update Manager (Version: 3.0.0)
Skins (Version: 0108.2146.2565.38893)
Sonic Activation Module (Version: 1.0)
Spotify (Version: 0.9.0.133.gd18ed589)
Switch Sound File Converter
Total Security
Uninstall 1.0.0.1
Unity Web Player (Version: )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
URL Assistant
Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)
User's Guides
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0)
WebEx Support Manager for Internet Explorer (Version: 6.5.4917)
Winamp (Version: 5.571 )
Winamp Application Detect (Version: 1.0.0.1)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows iLivid Toolbar (Version: 3.0.0.118320)
Xvid Video Codec (Version: 1.3.2)
Yontoo 1.10.02 (Version: 1.10.02)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 56%
Total physical RAM: 2045.32 MB
Available physical RAM: 880.89 MB


#8 jacksonbird03

jacksonbird03

  • Banned Spammer
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:45 PM

Posted 23 May 2013 - 02:18 AM

Once you will try to work in sage mode if it works than try to find out the solution for your proble....

If not than It may be possible that your system is affected by virus of trojan...



#9 hamluis

hamluis

    Moderator


  • Moderator
  • 56,113 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:02:15 AM

Posted 23 May 2013 - 09:55 AM

Per your Speccy report:
 
Antivirus: 
Enabled     Company Name: AVG Technologies      Display Name: AVG Anti-Virus Free       Product Version: 8.5      Virus Signature Database:   Not updated

 

Additionally...I see that you are missing many critical updates for Vista, other than the Malicious Sotfware Removal Tool dating back to Sep 2012...and some NET 4.0 updates.

 

Your version of Java is outdated and subject to exploitation.

 

Vista reflects an install date of Jun 2007.  You have neither SP1 nor SP2 installed.

 

On the surface of these things alone...I would say that you have an excellent chance of being infected, as well as having problems with Vista functioning.

 

Moving topic to Am I Infected forum for more intelligent opinions about such.

 

Louis



#10 Adam Pollard

Adam Pollard

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales, UK
  • Local time:08:15 AM

Posted 29 May 2013 - 04:07 PM

You may have already done something by now, but if you don't have any service packs installed, I would advise a clean install of Vista SP2, or if you don't have the disks, take it to a pro, and ask them to do it. If you reset to factory settings, you will have all the crapware that comes preinstalled on the machine plus 100s of updates will be needed. A pro could probably do the reinstall for under $100. Just be sure to get your product key for MS Office before doing this (if you don't have a key card, a pro can get this for you, using a tool like SIW.)

 

To add to what Louis says, your system is full of programs that aren't updated or needed eg Adobe Shockwave player. Also, what is "Total Security?"



#11 deal_ec

deal_ec

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:15 AM

Posted 03 June 2013 - 04:39 PM

Hi!

 

I had a big problem. Hope you can help me.

 

Several Windows XP SP3 machines at my company without security updates (because we need IE6 for a core application and cant update) had a "keep restarting" issue last weekend. Thursday was OK and friday the hell!

 

 

Its weird because the major PC's with the issue belongs to a critical business operative. Not affected all the Win_XP SP3 PC's.

 

We have Checkpoint Firewall with AV and personal Kaspersky 10 AV's updated.

 

Could you help me discovering what was de origin of this problem?

 

The affected computers dont have internet access (only intranet), an no mail client installed.

 

I think this is a virus or an automatic deletion of a virus and then the problem.

 

Thx






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users