New Posts  All Forums:Forum Nav:

BSOD help please - Page 4

post #31 of 47
Quote:
Originally Posted by ipv89 View Post

strange it worked for around a week before i had my first BSOD thats why i didnt assume it was that at first

Will be nice to see how it goes when the Driver Verifier is disabled smile.gif
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
post #32 of 47
Thread Starter 
ok it is disabled now and everything seams ok i have rebooted a few times and I re installed power iso and everything is well.

Thank you for taking the time to help me, you have done more than just help fix a BSOD ou have also taught me alot about troubleshooting windows problems. I have taken note of everything here (the old pen a nd paper type) to refer to in the future.

+Rep
Mid range build
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 3570k P8Z77-V ASUS ROG RX480 Corsair 8GB 2x 2GB + kingston hyperx 16gb 
Hard DriveOptical DriveCoolingOS
Samsung Evo SSD 500gb none corsair H80 windows 7 64 
MonitorPowerCaseMouse
Samsung s22b360 corsair tx 750 m NZXT phantom 410 (GM) logitech G400 
  hide details  
Reply
Mid range build
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 3570k P8Z77-V ASUS ROG RX480 Corsair 8GB 2x 2GB + kingston hyperx 16gb 
Hard DriveOptical DriveCoolingOS
Samsung Evo SSD 500gb none corsair H80 windows 7 64 
MonitorPowerCaseMouse
Samsung s22b360 corsair tx 750 m NZXT phantom 410 (GM) logitech G400 
  hide details  
Reply
post #33 of 47
Thread Starter 
spoke to soon lol it had another bsod for accessing bad memory. few more restarts and it stopped doing it again. but it is still only upon reboot.

Next steps I will take
- Check all drivers are up to date
-Check the OS for erros 9 doubt it is this)
-run memtest to eliminate the ram
Mid range build
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 3570k P8Z77-V ASUS ROG RX480 Corsair 8GB 2x 2GB + kingston hyperx 16gb 
Hard DriveOptical DriveCoolingOS
Samsung Evo SSD 500gb none corsair H80 windows 7 64 
MonitorPowerCaseMouse
Samsung s22b360 corsair tx 750 m NZXT phantom 410 (GM) logitech G400 
  hide details  
Reply
Mid range build
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 3570k P8Z77-V ASUS ROG RX480 Corsair 8GB 2x 2GB + kingston hyperx 16gb 
Hard DriveOptical DriveCoolingOS
Samsung Evo SSD 500gb none corsair H80 windows 7 64 
MonitorPowerCaseMouse
Samsung s22b360 corsair tx 750 m NZXT phantom 410 (GM) logitech G400 
  hide details  
Reply
post #34 of 47
Quote:
Originally Posted by ipv89 View Post

ok it is disabled now and everything seams ok i have rebooted a few times and I re installed power iso and everything is well.

Thank you for taking the time to help me, you have done more than just help fix a BSOD ou have also taught me alot about troubleshooting windows problems. I have taken note of everything here (the old pen a nd paper type) to refer to in the future.

+Rep

smile.gif

Quote:
Originally Posted by ipv89 View Post

spoke to soon lol it had another bsod for accessing bad memory. few more restarts and it stopped doing it again. but it is still only upon reboot.

Next steps I will take
- Check all drivers are up to date
-Check the OS for erros 9 doubt it is this)
-run memtest to eliminate the ram

I'd advise to run memtest first before doing the others - your drivers look all up to date.
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
post #35 of 47
Thread Starter 
Memtest has been running for close to 12 hours. Have work in the morning but will be back at 2 so that will be 24hrs but there isn't a very hight chance of finding a error.

I'm going to do a little research into what processes,services and drivers are exactly doing with memory at the point of shutdown or restart. It happens when you can't see your desktop and the windows screen is up it sits on the screen for no longer than 2-3 seconds than BSOD.

I know I could just reformat but I want to figure it out for the sake of learning more about how the os works.
Mid range build
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 3570k P8Z77-V ASUS ROG RX480 Corsair 8GB 2x 2GB + kingston hyperx 16gb 
Hard DriveOptical DriveCoolingOS
Samsung Evo SSD 500gb none corsair H80 windows 7 64 
MonitorPowerCaseMouse
Samsung s22b360 corsair tx 750 m NZXT phantom 410 (GM) logitech G400 
  hide details  
Reply
Mid range build
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 3570k P8Z77-V ASUS ROG RX480 Corsair 8GB 2x 2GB + kingston hyperx 16gb 
Hard DriveOptical DriveCoolingOS
Samsung Evo SSD 500gb none corsair H80 windows 7 64 
MonitorPowerCaseMouse
Samsung s22b360 corsair tx 750 m NZXT phantom 410 (GM) logitech G400 
  hide details  
Reply
post #36 of 47
Quote:
Originally Posted by ipv89 View Post

Memtest has been running for close to 12 hours. Have work in the morning but will be back at 2 so that will be 24hrs but there isn't a very hight chance of finding a error.

I'm going to do a little research into what processes,services and drivers are exactly doing with memory at the point of shutdown or restart. It happens when you can't see your desktop and the windows screen is up it sits on the screen for no longer than 2-3 seconds than BSOD.

I know I could just reformat but I want to figure it out for the sake of learning more about how the os works.

Can you download CPU-Z and post a screenshot of the memory and SPD tabs.

So it sits at "Shutting down" screen, and then BSOD a bit after that? Let's get a Hijack This! log from you as well:

1. Download Trend Micro HijackThis! - http://majorgeeks.com/Trend_Micro_HijackThis_d5554.html
2. Install HijackThis! and run it as administrator (elevated). NOTE: If the Run as administrator option is not available, hold down shift while right-clicking the icon.
3. Choose Do a system scan and save a log file
4. Post that log file along with your next post.
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
post #37 of 47
Thread Starter 
just completed 24 hours of mem test and no errors.

completing other steps soon


Mid range build
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 3570k P8Z77-V ASUS ROG RX480 Corsair 8GB 2x 2GB + kingston hyperx 16gb 
Hard DriveOptical DriveCoolingOS
Samsung Evo SSD 500gb none corsair H80 windows 7 64 
MonitorPowerCaseMouse
Samsung s22b360 corsair tx 750 m NZXT phantom 410 (GM) logitech G400 
  hide details  
Reply
Mid range build
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 3570k P8Z77-V ASUS ROG RX480 Corsair 8GB 2x 2GB + kingston hyperx 16gb 
Hard DriveOptical DriveCoolingOS
Samsung Evo SSD 500gb none corsair H80 windows 7 64 
MonitorPowerCaseMouse
Samsung s22b360 corsair tx 750 m NZXT phantom 410 (GM) logitech G400 
  hide details  
Reply
post #38 of 47
Thread Starter 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:04:29 p.m., on 26/01/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
I:\Installed software\Avast\AvastUI.exe
I:\Installed software\Firefox\firefox.exe
I:\Installed software\Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
I:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - I:\Installed software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - I:\Installed software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [avast] "I:\Installed software\Avast\avastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Core Temp.lnk = C:\Program Files\Core Temp\Core Temp.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\INSTAL~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://F:\INSTAL~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{172ED435-6FDE-4CC6-85DE-B5EBD7BF4C33}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CCS\Services\Tcpip\..\{39102D95-5724-4818-AF89-CDFA1D386895}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{172ED435-6FDE-4CC6-85DE-B5EBD7BF4C33}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{172ED435-6FDE-4CC6-85DE-B5EBD7BF4C33}: NameServer = 208.67.222.222,208.67.220.220
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - I:\Installed software\Avast\AvastSvc.exe
O23 - Service: DTSAudioSvc - DTS, Inc - C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: metasploitPostgreSQL - Unknown owner - C:/METASP~1/POSTGR~1/bin/pg_ctl.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10285 bytes
============================================================================================================================================================


The only things i can spot out of place are

O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com

As I have no idea what they are or why those websites have been added. at a real loss now maybe a fresh install will be the way to go but I will give my self another week to try and get it sorted as i have a few days off work.

Thanks for your ongoing help Tompsonn
Mid range build
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 3570k P8Z77-V ASUS ROG RX480 Corsair 8GB 2x 2GB + kingston hyperx 16gb 
Hard DriveOptical DriveCoolingOS
Samsung Evo SSD 500gb none corsair H80 windows 7 64 
MonitorPowerCaseMouse
Samsung s22b360 corsair tx 750 m NZXT phantom 410 (GM) logitech G400 
  hide details  
Reply
Mid range build
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 3570k P8Z77-V ASUS ROG RX480 Corsair 8GB 2x 2GB + kingston hyperx 16gb 
Hard DriveOptical DriveCoolingOS
Samsung Evo SSD 500gb none corsair H80 windows 7 64 
MonitorPowerCaseMouse
Samsung s22b360 corsair tx 750 m NZXT phantom 410 (GM) logitech G400 
  hide details  
Reply
post #39 of 47
The log looks OK - not related to your issue, but lets go a head and fix those 015's:

1. Run Hijack This! elevated (run as administrator). NOTE: If the Run as administrator option is not available, hold down shift while right-clicking the icon.
2. Choose Do a system scan only
3. Place a check next to the following entries and click Fix checked:
Code:
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com

4. Restart your computer.

Can you post the Memory tab of CPU-Z as well please smile.gif

Additionally, does the BSOD occur in safe mode? I need to clarify once more - the BSOD is only occurring during shutdown, is that correct? How reproducible is it?

There's two more things I'd like to do:

1. Your system doesn't LOOK infected, but I'd like to run ComboFix and get a log from that too.
2. Please create a new set of log files from http://www.overclock.net/t/1288510/blue-screen-of-death-bsod-posting-instructions-windows-8-7-vista/0_50 and attach them here.

--

Download ComboFix from here to your Desktop.

== Note: It is important that it is saved directly to your desktop and run from the desktop and not any other folder on your computer ==
1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Warning: Temporarily disable your anti-virus and anti-malware real-time protection and any script blocking components of them or your firewall before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results" or stop combofix running at all
Remember to re enable the protection again after combofix has finished


2. Close any open browsers and any other programs you might have running
  • Double click on combofix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" file here.

== Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ==

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

  • If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.
  • If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal
  • If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)


Post the log in next reply please smile.gif
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
post #40 of 47
Thread Starter 
Warning: Combo Fix Log! (Click to show)
ComboFix 13-01-24.02 - Mike 26/01/2013 17:08:39.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.64.1033.18.8139.6552 [GMT 13:00]
Running from: c:\users\Mike\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-12-26 to 2013-01-26 )))))))))))))))))))))))))))))))
.
.
2013-01-26 04:11 . 2013-01-26 04:11
d
w- c:\users\Default\AppData\Local\temp
2013-01-26 02:11 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7EC003B3-ECCD-4D0E-BA53-72BC33B58696}\mpengine.dll
2013-01-26 01:28 . 2013-01-26 01:28
d
w- c:\windows\system32\temp
2013-01-26 01:28 . 2013-01-26 01:28
d
w- c:\programdata\PassMark
2013-01-26 01:28 . 2013-01-26 01:28
d
w- c:\program files\BurnInTest
2013-01-24 22:30 . 2013-01-24 22:30
d
w- c:\program files\DVD Maker
2013-01-24 22:26 . 2013-01-24 22:26
d
w- c:\users\Mike\AppData\Local\ElevatedDiagnostics
2013-01-23 23:40 . 2013-01-23 23:40 2434856 ----a-w- c:\windows\SysWow64\pbsvc_bc2.exe
2013-01-23 23:32 . 2011-06-15 08:30 93240 ----a-w- c:\windows\system32\drivers\scdemu.sys
2013-01-23 23:32 . 2013-01-23 23:32
d
w- c:\program files (x86)\PowerISO
2013-01-22 03:54 . 2012-10-30 22:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-01-22 03:54 . 2012-10-30 22:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-01-22 03:54 . 2012-10-30 22:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-01-22 03:54 . 2012-10-30 22:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-01-22 03:54 . 2012-10-30 22:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-01-22 03:54 . 2012-10-15 15:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-01-22 03:54 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2013-01-22 03:54 . 2012-10-30 22:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2013-01-21 21:08 . 2013-01-21 21:08
d
w- c:\programdata\Orbit
2013-01-21 07:35 . 2013-01-21 07:35
d
w- c:\users\Mike\AppData\Roaming\ATI
2013-01-21 07:35 . 2013-01-21 07:35
d
w- c:\users\Mike\AppData\Local\ATI
2013-01-21 07:35 . 2013-01-21 07:35 0 ----a-w- c:\windows\ativpsrm.bin
2013-01-21 07:32 . 2013-01-21 07:32
d
w- c:\program files (x86)\AMD APP
2013-01-21 07:31 . 2013-01-21 07:31
d
w- c:\program files\Common Files\ATI Technologies
2013-01-21 07:31 . 2013-01-22 03:20
d
w- c:\program files (x86)\ATI Technologies
2013-01-21 07:31 . 2013-01-21 07:31
d
w- c:\program files\ATI
2013-01-21 06:20 . 2013-01-21 06:20
d
w- c:\users\Mike\AppData\Roaming\PowerISO
2013-01-21 00:16 . 2013-01-21 00:17
d
w- c:\users\Mike\AppData\Local\Origin
2013-01-14 22:47 . 2013-01-14 22:48
d
w- c:\users\Mike\AppData\Roaming\Notepad++
2013-01-14 22:47 . 2013-01-14 22:47
d
w- c:\program files (x86)\Notepad++
2013-01-10 21:10 . 2013-01-14 22:06
d
w- c:\users\Mike\AppData\Local\Emit
2013-01-10 21:09 . 2013-01-10 21:09
d
w- c:\users\Mike\AppData\Local\Programs
2013-01-09 01:25 . 2013-01-09 01:49 1048576 ----a-w- c:\windows\PE_Rom.dll
2013-01-09 01:25 . 2013-01-09 01:25
d
w- c:\programdata\ASUS OC Profiles
2013-01-09 01:24 . 2013-01-09 01:24
d
w- c:\programdata\ASUS PowerControl Profiles
2013-01-09 01:21 . 2010-08-03 00:21 14464 ----a-w- c:\windows\SysWow64\drivers\AsUpIO.sys
2013-01-09 01:21 . 2013-01-09 01:21
d
w- c:\program files\ASUS
2013-01-09 01:21 . 2011-09-19 23:25 46152 ----a-w- c:\windows\SysWow64\drivers\ASUSFILTER.sys
2013-01-09 01:20 . 2012-06-24 21:42 15168 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll
2013-01-09 01:20 . 2013-01-09 01:20
d
w- c:\programdata\Intel
2013-01-09 01:20 . 2013-01-09 01:20
d
w- c:\program files (x86)\Common Files\postureAgent
2013-01-09 01:19 . 2012-04-18 20:19 14848 ----a-w- c:\windows\SysWow64\drivers\AiChargerPlus.sys
2013-01-09 01:18 . 2012-05-17 05:57 26136 ----a-w- c:\windows\system32\drivers\ICCWDT.sys
2013-01-09 01:18 . 2012-05-17 05:57 1721576 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2013-01-09 00:04 . 2013-01-09 00:05
d
w- c:\programdata\regid.1986-12.com.adobe
2013-01-09 00:02 . 2013-01-09 00:02
d
w- c:\program files (x86)\Common Files\Adobe AIR
2013-01-08 23:28 . 2013-01-08 23:29
d
w- c:\program files\Core Temp
2013-01-08 23:28 . 2013-01-08 23:28
d
w- c:\programdata\APN
2013-01-08 22:33 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-08 22:33 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-01-08 22:33 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2013-01-08 22:33 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-01-08 22:33 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-01-08 22:33 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-01-08 22:33 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-01-08 22:33 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-08 22:33 . 2012-11-22 05:44 800768 ----a-w- c:\windows\system32\usp10.dll
2013-01-08 22:33 . 2012-11-22 04:45 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2013-01-05 09:17 . 2013-01-22 23:19
d
w- c:\users\Mike\AppData\Roaming\HandBrake
2013-01-05 09:16 . 2013-01-05 09:16
d
w- c:\program files\Handbrake
2013-01-05 04:44 . 2013-01-05 04:44
d
w- c:\users\Mike\AppData\Local\Western Digital
2013-01-02 21:53 . 2013-01-02 21:54
d
w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-01-02 21:53 . 2013-01-02 21:54
d
w- c:\program files\iTunes
2013-01-02 21:53 . 2013-01-02 21:53
d
w- c:\program files\iPod
2013-01-02 21:47 . 2013-01-02 21:47
dc----w- c:\windows\system32\DRVSTORE
2013-01-02 21:47 . 2012-08-21 00:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-01-02 21:47 . 2013-01-02 21:53
d
w- c:\programdata\Apple Computer
2013-01-02 21:47 . 2013-01-02 21:47
d
w- c:\users\Mike\AppData\Local\Apple
2013-01-02 21:47 . 2013-01-02 21:47
d
w- c:\program files (x86)\Apple Software Update
2013-01-02 21:47 . 2013-01-02 21:47
d
w- c:\program files\Common Files\Apple
2013-01-02 21:47 . 2013-01-02 21:47
d
w- c:\program files\Bonjour
2013-01-02 21:47 . 2013-01-02 21:47
d
w- c:\program files (x86)\Bonjour
2013-01-02 21:46 . 2013-01-02 21:53
d
w- c:\program files (x86)\Common Files\Apple
2013-01-02 10:14 . 2013-01-08 04:28
d
w- c:\users\Mike\AppData\Roaming\Bioshock2
2013-01-02 10:13 . 2013-01-02 10:13
d--h--r- c:\users\Mike\AppData\Roaming\SecuROM
2013-01-02 05:34 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2013-01-02 05:34 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-01-02 05:33 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2013-01-02 05:33 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-24 02:40 . 2009-07-13 23:28 6656 ----a-w- c:\windows\system32\lpcio.dll
2013-01-24 02:23 . 2012-11-09 06:49 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-01-24 02:23 . 2012-11-09 05:18 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-01-24 01:01 . 2012-11-09 05:18 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-01-24 00:53 . 2012-11-09 05:18 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-01-14 21:58 . 2012-10-26 10:05 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-14 21:58 . 2012-10-26 10:05 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-11 14:30 . 2012-12-10 23:40 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-08 22:34 . 2012-10-26 12:00 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-28 00:17 . 2012-12-04 09:05 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-12-13 02:54 . 2011-03-28 05:36 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-12-10 23:40 . 2012-12-10 23:40 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-12-10 23:40 . 2012-12-10 23:40 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-11-30 04:45 . 2013-01-08 22:34 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-30 22:51 . 2012-12-26 23:54 21136 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-10-30 22:50 . 2012-11-26 03:28 285328 ----a-w- c:\windows\system32\aswBoot.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"avast"="i:\installed software\Avast\avastUI.exe" [2012-10-30 4297136]
.
c:\users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Core Temp.lnk - c:\program files\Core Temp\Core Temp.exe [2013-1-9 854480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 metasploitPostgreSQL;metasploitPostgreSQL;C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N metasploitPostgreSQL -D C:/METASP~1/POSTGR~1/data [x]
R3 AiChargerPlus;AiChargerPlus;SysWow64\drivers\AiChargerPlus.sys [x]
R3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-05-26 160768]
R3 IpfwMP;IpfwMP;c:\windows\system32\DRIVERS\ipfw.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-27 53760]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-27 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;i:\files\Tools\RealTemp_370\WinRing0x64.sys [2008-07-26 14544]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-09-28 239616]
R4 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-10-26 920736]
R4 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-10-26 951936]
R4 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-10-26 149120]
R4 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe [2012-10-26 324608]
R4 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-08-21 846448]
R4 VMwareHostd;VMware Workstation Server;i:\installed software\VMware Workstation\vmware-hostd.exe [2011-08-22 11837440]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys [2012-01-05 49760]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys [2012-09-01 647736]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys [2012-09-01 28216]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-05-20 19264]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [2011-08-08 116336]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2010-12-27 21992]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-01-23 233328]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-09-01 14904]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2012-06-05 190824]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-24 166720]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi10-shared.sys [x]
S3 ALSysIO;ALSysIO;c:\users\Mike\AppData\Local\Temp\ALSysIO64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-11-02 130536]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-11-02 395752]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys [2012-05-17 26136]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-05-20 357184]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-05-20 789824]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys [2012-02-07 66328]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ALSYSIO
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-22 c:\windows\Tasks\ReclaimerUpdateFiles_Mike.job
- c:\users\Mike\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-23 03:08]
.
2013-01-23 c:\windows\Tasks\ReclaimerUpdateXML_Mike.job
- c:\users\Mike\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-23 03:08]
.
2013-01-26 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_Mike.job
- c:\users\Mike\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe [2012-12-23 03:08]
.
.
X64 Entries
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- i:\installed software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-06-07 1212048]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2012-07-24 6900024]
.
Supplementary Scan
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - f:\instal~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - f:\instal~1\MICROS~1\Office14\ONBttnIE.dll/105
LSP: %SystemRoot%\system32\vsocklib.dll
TCP: Interfaces\{172ED435-6FDE-4CC6-85DE-B5EBD7BF4C33}: NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{39102D95-5724-4818-AF89-CDFA1D386895}: NameServer = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\j1bujt8f.default\
FF - ExtSQL: 2012-11-27 07:26; adblockpopups@jessehakanen.net; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\j1bujt8f.default\extensions\adblockpopups@jessehakanen.net.xpi
FF - ExtSQL: 2013-01-22 16:54; wrc@avast.com; i:\installed software\Avast\WebRep\FF
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
AddRemove-VLC Setup Helper_is1 - c:\program files (x86)\Hobbyist Software\VLC Setup Helper\unins000.exe
AddRemove-{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88} - c:\program files (x86)\InstallShield Installation Information\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\metasploitPostgreSQL]
"ImagePath"="C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N \"metasploitPostgreSQL\" -D \"C:/METASP~1/POSTGR~1/data\""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\metasploitPostgreSQL]
"ImagePath"="C:/METASP~1/POSTGR~1/bin/pg_ctl.exe runservice -N \"metasploitPostgreSQL\" -D \"C:/METASP~1/POSTGR~1/data\""
.
LOCKED REGISTRY KEYS
.
[HKEY_USERS\S-1-5-21-3232905825-3055323868-2890479307-1000\Software\SecuROM\License information*]
"datasecu"=hex:5d,b3,73,73,bd,a5,0a,19,3b,1f,61,64,0d,44,14,61,43,c3,0a,07,40,
16,e2,79,8d,38,f8,be,55,bc,b1,b1,5d,c0,52,6d,55,c4,a3,5a,1b,f8,71,26,a0,7d,\
"rkeysecu"=hex:93,41,71,e8,5f,90,ad,fc,10,fd,26,8c,aa,8b,a7,c9
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-01-26 17:12:23
ComboFix-quarantined-files.txt 2013-01-26 04:12
ComboFix2.txt 2013-01-26 03:06
.
Pre-Run: 29,079,707,648 bytes free
Post-Run: 29,023,633,408 bytes free
.
- - End Of File - - CB3EC29595EC300AFF2047F47C2973C9

It is hard to replicate, I had a few days where every restart would BS now it hasent happened in the last day or so, all ways on restart or shutdown but I have not experienced it in safe mode and i have gone into safe mode alot since it started BSODing.



New report.zip 2595k .zip file
Mid range build
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 3570k P8Z77-V ASUS ROG RX480 Corsair 8GB 2x 2GB + kingston hyperx 16gb 
Hard DriveOptical DriveCoolingOS
Samsung Evo SSD 500gb none corsair H80 windows 7 64 
MonitorPowerCaseMouse
Samsung s22b360 corsair tx 750 m NZXT phantom 410 (GM) logitech G400 
  hide details  
Reply
Mid range build
(12 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 3570k P8Z77-V ASUS ROG RX480 Corsair 8GB 2x 2GB + kingston hyperx 16gb 
Hard DriveOptical DriveCoolingOS
Samsung Evo SSD 500gb none corsair H80 windows 7 64 
MonitorPowerCaseMouse
Samsung s22b360 corsair tx 750 m NZXT phantom 410 (GM) logitech G400 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Crash Analysis and Debugging