Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

BSOD and recent Projeckt1 error messages

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

BSOD and recent Projeckt1 error messages

Unread postby AnyColourYouLike » May 16th, 2011, 3:06 pm

I've recently had a error message pop up at start up:
Projekt1 (in the header)

Run-time error '5' -or something similar.

After reading around i thought i found the culprit and used hijackthis to clean/delete... The error message hasn't showed since but now today my computer just logged off in the middle of browsing and playing itunes. After about 20 minutes on. Then upon restart after loading firefox and clicking a few links it flashed BSOD and shut down again.

So here i am, hoping to have some assistance, im new to PC :( never had to deal with Malware/Viruses. Thank you all for taking the time to read this, cant imagine what i'd do without the help.

.
DDS (Ver_11-03-05.01) - NTFS_AMD64 NETWORK
Run by AnyColour at 13:56:41.61 on Mon 05/16/2011
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8169.7069 [GMT -5:00]
.
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\AnyColour\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
uRun: [Video Library] C:\Windows\system32\rundll32.exe C:\Users\ANYCOL~1\AppData\Local\Temp\Rpcqt.dll,Sets
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download with GetRight - C:\Program Files (x86)\GetRight\GRdownload.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Open with GetRight Browser - C:\Program Files (x86)\GetRight\GRbrowse.htm
IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
IFEO: consumer_cpl.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IFEO: crysis.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IFEO: crysis64.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IFEO: excel.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IFEO: groove.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
TB-X64: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
mRun-x64: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
mRun-x64: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
mRun-x64: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
mRun-x64: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
mRun-x64: [MacDrive 8 application] "C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe"
IE-X64: {7815BE26-237D-41A8-A98F-F7BD75F71086}
STS-X64: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - No File
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
IFEO-X64: consumer_cpl.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IFEO-X64: crysis.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IFEO-X64: crysis64.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IFEO-X64: excel.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IFEO-X64: groove.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ANYCOL~1\AppData\Roaming\Mozilla\Firefox\Profiles\246jbym9.default\
FF - prefs.js: browser.startup.homepage - hxxp://kotaku.com/
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\AnyColour\AppData\Roaming\Mozilla\Firefox\Profiles\246jbym9.default\extensions\maps@ovi.com\plugins\npNMapNPR.dll
FF - plugin: C:\Users\AnyColour\AppData\Roaming\Mozilla\Firefox\Profiles\246jbym9.default\extensions\maps@ovi.com\plugins\npNMapNPRresources.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\System32\drivers\aswNdis.sys [2011-5-14 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\System32\drivers\aswNdis2.sys [2011-5-14 253784]
R0 MDPMGRNT;MacDrive Partition Driver;C:\Windows\System32\drivers\MDPMGRNT.SYS [2011-5-3 32424]
R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2010-8-27 297000]
R1 aswFW;avast! TDI Firewall driver;C:\Windows\System32\drivers\aswFW.sys [2011-5-14 127832]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-4-8 254528]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2010-10-27 31080]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;C:\Windows\System32\drivers\e1c62x64.sys [2011-4-8 313520]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);C:\Windows\System32\drivers\ICCWDT.sys [2010-8-17 26136]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-4-8 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-9-30 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-9-30 180736]
R3 RzSynapse;Razer Driver;C:\Windows\System32\drivers\RzSynapse.sys [2010-10-15 115200]
S0 MDFSYSNT;MacDrive file system driver;C:\Windows\System32\drivers\MDFSYSNT.SYS [2010-10-7 307888]
S1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-5-14 600920]
S1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-5-14 287576]
S1 CBDisk;CBDisk;C:\Windows\System32\drivers\CBDisk.sys [2011-5-3 70344]
S1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-10-24 188928]
S2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-3 918144]
S2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2010-12-1 915584]
S2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-4-13 586880]
S2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-5-14 22360]
S2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-5-14 64344]
S2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-10-27 52896]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-5-14 42184]
S2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2011-5-14 121000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2011-4-8 133800]
S2 M4LIC;Mediafour M4LIC service;C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE [2009-7-29 205312]
S2 MacDrive8Service;MacDrive 8 service;C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe [2010-10-8 149504]
S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-5-11 2218600]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-4-7 378472]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-3-30 2026304]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2010-10-27 38248]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2010-10-27 55336]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2010-10-27 301680]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2010-10-27 203624]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2010-10-27 58992]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2010-10-27 156520]
S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2010-10-27 279152]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2011-4-9 97552]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2010-10-24 40832]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 72064]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2011-5-11 174184]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-4-9 20992]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-4-9 59392]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-2-10 11856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-2-18 51712]
S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\System32\drivers\wacmoumonitor.sys [2011-4-22 18288]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-9 1255736]
S4 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 30963576]
S4 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-4-22 5790064]
S4 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-4-22 487280]
.
=============== Created Last 30 ================
.
2011-05-16 18:10:58 8802128 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{F148C7DF-6742-49A1-B64F-80F03D2A80B0}\mpengine.dll
2011-05-15 06:56:36 -------- d-----w- C:\Downloads
2011-05-15 06:51:21 -------- d-----w- C:\Users\ANYCOL~1\AppData\Roaming\GetRight
2011-05-15 06:51:06 -------- d-----w- C:\Program Files (x86)\GetRight
2011-05-15 01:18:09 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-15 01:10:50 127832 ----a-w- C:\Windows\System32\drivers\aswFW.sys
2011-05-15 01:10:33 253784 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys
2011-05-15 01:10:31 600920 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-05-15 01:10:29 64344 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-05-15 01:10:11 12368 ----a-w- C:\Windows\System32\drivers\aswNdis.sys
2011-05-15 01:10:06 40112 ----a-w- C:\Windows\avastSS.scr
2011-05-15 01:09:59 -------- d-----w- C:\Program Files\AVAST Software
2011-05-15 01:09:59 -------- d-----w- C:\PROGRA~3\AVAST Software
2011-05-15 00:29:26 388096 ----a-r- C:\Users\ANYCOL~1\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-05-15 00:29:26 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-05-14 21:54:15 -------- d-----w- C:\Users\ANYCOL~1\AppData\Roaming\SPORE
2011-05-14 20:56:51 -------- d-----w- C:\PROGRA~3\Media Center Programs
2011-05-14 20:50:32 -------- d-----w- C:\Program Files (x86)\Mass Effect
2011-05-14 20:11:07 -------- d-----w- C:\Program Files (x86)\StarCraft II
2011-05-14 20:11:07 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2011-05-14 20:11:07 -------- d-----w- C:\PROGRA~3\Blizzard Entertainment
2011-05-14 19:21:10 -------- d-----w- C:\Program Files (x86)\PCSX2 0.9.8
2011-05-14 04:36:37 -------- d--h--w- C:\Windows\msdownld.tmp
2011-05-14 04:36:34 -------- d-----w- C:\Windows\SysWow64\directx
2011-05-14 04:35:11 -------- d-----w- C:\Program Files (x86)\Telltale Games
2011-05-12 17:54:03 34624 ----a-w- C:\Windows\System32\TURegOpt.exe
2011-05-12 17:53:58 36160 ----a-w- C:\Windows\System32\uxtuneup.dll
2011-05-12 17:53:58 29504 ----a-w- C:\Windows\SysWow64\uxtuneup.dll
2011-05-12 17:53:58 25920 ----a-w- C:\Windows\System32\authuitu.dll
2011-05-12 17:53:58 21312 ----a-w- C:\Windows\SysWow64\authuitu.dll
2011-05-12 17:53:39 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2011
2011-05-12 17:53:13 -------- d-sh--w- C:\PROGRA~3\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-05-12 06:11:47 -------- d-----w- C:\Program Files (x86)\Rainmeter
2011-05-12 05:54:29 -------- d-----w- C:\Users\ANYCOL~1\AppData\Roaming\Rainmeter
2011-05-12 05:54:12 -------- d-----w- C:\Program Files\Rainmeter
2011-05-12 02:43:41 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-05-12 02:43:41 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2011-05-10 22:22:57 2434856 ----a-w- C:\Windows\SysWow64\pbsvc_bc2.exe
2011-05-10 20:26:57 3584 ----a-r- C:\Users\ANYCOL~1\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2011-05-10 20:26:57 -------- d-----w- C:\Program Files (x86)\Windows Installer Clean Up
2011-05-10 20:26:32 -------- d-----w- C:\Program Files (x86)\MSECACHE
2011-05-10 19:12:55 5562240 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-05-10 19:12:54 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-05-10 19:12:54 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-05-10 19:12:04 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2011-05-10 19:12:04 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2011-05-10 19:12:04 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2011-05-10 19:12:04 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2011-05-10 19:12:04 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2011-05-10 19:12:04 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2011-05-10 19:12:04 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2011-05-08 01:07:36 -------- d-----w- C:\Program Files\CCleaner
2011-05-06 20:46:06 -------- d-----w- C:\Users\ANYCOL~1\AppData\Roaming\TrueCrypt
2011-05-06 20:38:09 230352 ----a-w- C:\Windows\System32\drivers\truecrypt.sys
2011-05-06 20:38:07 -------- d-----w- C:\Program Files\TrueCrypt
2011-05-05 19:18:40 -------- d-----w- C:\Program Files (x86)\Viva Media
2011-05-05 18:21:52 -------- d-----w- C:\Users\ANYCOL~1\AppData\Roaming\AVS4YOU
2011-05-05 18:20:38 10915840 ----a-w- C:\Windows\SysWow64\libmfxhw32.dll
2011-05-05 18:20:38 10833920 ----a-w- C:\Windows\SysWow64\libmfxsw32.dll
2011-05-05 18:20:32 24576 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2011-05-05 18:20:32 1700352 ----a-w- C:\Windows\SysWow64\GdiPlus.dll
2011-05-05 18:20:32 -------- d-----w- C:\Program Files (x86)\Common Files\AVSMedia
2011-05-05 18:20:32 -------- d-----w- C:\Program Files (x86)\AVS4YOU
2011-05-05 18:20:32 -------- d-----w- C:\PROGRA~3\AVS4YOU
2011-05-05 18:08:16 -------- d-----w- C:\Users\ANYCOL~1\AppData\Roaming\Xilisoft
2011-05-05 18:08:16 -------- d-----w- C:\Program Files (x86)\Xilisoft
2011-05-05 09:31:50 -------- d-----w- C:\Users\ANYCOL~1\AppData\Local\{196A9647-487B-4C7E-810E-9481289078F8}
2011-05-05 09:31:49 -------- d-----w- C:\Users\ANYCOL~1\AppData\Local\{FE4683DD-1DD9-4866-A387-E7CB3E7647AD}
2011-05-05 09:31:35 -------- d-----w- C:\Users\AnyColour\Tracing
2011-05-05 06:47:24 -------- d-----w- C:\Users\ANYCOL~1\AppData\Local\Geckofx
2011-05-05 06:22:59 -------- d-----w- C:\Users\ANYCOL~1\AppData\Roaming\HandBrake
2011-05-05 06:22:59 -------- d-----w- C:\Users\ANYCOL~1\AppData\Local\HandBrake
2011-05-05 06:14:43 -------- d-----w- C:\Program Files (x86)\Handbrake
2011-05-05 06:11:00 70656 ----a-w- C:\Windows\SysWow64\yv12vfw.dll
2011-05-05 06:11:00 70656 ----a-w- C:\Windows\SysWow64\i420vfw.dll
2011-05-05 06:11:00 27648 ----a-w- C:\Windows\SysWow64\AVSredirect.dll
2011-05-05 06:11:00 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5
2011-05-05 06:08:34 -------- d-----w- C:\Program Files (x86)\eRightSoft
2011-05-05 04:47:48 -------- d-----w- C:\Program Files (x86)\Microsoft XNA
2011-05-05 04:40:51 -------- d-----w- C:\Program Files (x86)\Alientrap Games Inc
2011-05-04 02:14:41 32424 ----a-w- C:\Windows\System32\drivers\MDPMGRNT.SYS
2011-05-04 01:56:51 70344 ----a-w- C:\Windows\System32\drivers\CBDisk.sys
2011-05-04 01:56:46 -------- d-----w- C:\Program Files\Mediafour
2011-05-04 01:56:46 -------- d-----w- C:\Program Files\Common Files\Mediafour
2011-05-04 01:56:46 -------- d-----w- C:\Program Files (x86)\Common Files\Mediafour
2011-05-04 01:56:46 -------- d-----w- C:\PROGRA~3\Mediafour
2011-05-04 01:56:05 -------- d-----w- C:\Program Files (x86)\Mediafour
2011-05-03 18:43:50 -------- d-----w- C:\Users\ANYCOL~1\AppData\Roaming\CD Art Display
2011-05-03 18:43:47 94208 ----a-w- C:\Windows\SysWow64\wmpuice.dll
2011-05-03 18:43:47 69632 ----a-w- C:\Windows\cadSSaver.scr
2011-05-03 18:43:44 -------- d-----w- C:\Program Files (x86)\CD Art Display
2011-05-03 17:27:05 -------- d-----w- C:\Program Files (x86)\Bowtie Remote
2011-05-03 17:08:27 -------- d-----w- C:\Users\ANYCOL~1\AppData\Local\Steven_McTainsh
2011-05-03 17:06:24 -------- d-----w- C:\Program Files (x86)\UnderCover
2011-05-03 04:15:01 280768 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-05-03 03:33:23 -------- d-----w- C:\PROGRA~3\Nexon
2011-05-03 02:00:05 -------- d-----w- C:\Users\ANYCOL~1\AppData\Local\GPUMonitor
2011-05-03 01:54:08 201728 ----a-w- C:\Windows\SysWow64\HarryPotter7Screensaver.scr
2011-05-03 01:54:08 -------- d-----w- C:\Windows\SysWow64\HarryPotter7Screensaver dir
2011-04-30 21:25:58 -------- d-----w- C:\Users\ANYCOL~1\AppData\Local\Microsoft Games
2011-04-30 20:10:48 16728 ----a-w- C:\Program Files (x86)\setup_BlackShot_GarenaMessenger_Install_2_108_A.exe
2011-04-30 20:01:35 710888456 ----a-w- C:\Program Files (x86)\BlackShot_GarenaMessenger_Install_2_108_A.exe
2011-04-30 20:01:16 -------- d-----w- C:\Users\ANYCOL~1\AppData\Local\Garena
2011-04-30 16:49:15 -------- d-----w- C:\Program Files (x86)\Combat Arms
2011-04-30 16:49:14 -------- d-----w- C:\PROGRA~3\NexonUS
2011-04-30 08:15:12 -------- d-----w- C:\Users\ANYCOL~1\AppData\Local\PMB Files
2011-04-30 08:15:11 -------- d-----w- C:\PROGRA~3\PMB Files
2011-04-30 08:14:59 -------- d-----w- C:\Program Files (x86)\Pando Networks
2011-04-30 01:12:26 -------- d-----w- C:\Program Files (x86)\MonitorDriver
2011-04-30 01:10:28 -------- d-----w- C:\Samsung
2011-04-29 02:18:31 -------- d-----w- C:\Users\ANYCOL~1\AppData\Roaming\Razer
2011-04-28 01:00:42 -------- d-----w- C:\Users\AnyColour\.yawcam
2011-04-28 01:00:31 -------- d-----w- C:\Program Files (x86)\Yawcam
2011-04-26 21:34:23 -------- d-----w- C:\Program Files\iTunes
2011-04-26 21:34:23 -------- d-----w- C:\Program Files\iPod
2011-04-26 21:34:23 -------- d-----w- C:\Program Files (x86)\iTunes
2011-04-26 21:33:26 -------- d-----w- C:\Program Files\Bonjour
2011-04-26 21:33:26 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-04-24 04:22:32 -------- d-----w- C:\Program Files (x86)\Codemasters
2011-04-23 04:33:34 -------- d-----w- C:\Users\ANYCOL~1\AppData\Roaming\WTablet
2011-04-23 04:33:33 749936 ----a-w- C:\Windows\System32\Pen_Touch_Tablet.dll
2011-04-23 04:33:33 642928 ----a-w- C:\Windows\SysWow64\Pen_Touch_Tablet.dll
2011-04-23 04:33:29 -------- d-----w- C:\Program Files (x86)\TabletPlugins
2011-04-23 04:33:27 18288 ----a-w- C:\Windows\System32\drivers\wacmoumonitor.sys
2011-04-23 04:33:20 12848 ----a-w- C:\Windows\System32\drivers\wacommousefilter.sys
2011-04-23 04:33:12 16168 ----a-w- C:\Windows\System32\drivers\wacomvhid.sys
2011-04-23 04:33:10 756592 ----a-w- C:\Windows\System32\Pen_Tablet.dll
2011-04-23 04:33:10 650096 ----a-w- C:\Windows\SysWow64\Pen_Tablet.dll
2011-04-23 04:33:10 600432 ----a-w- C:\Windows\System32\Wintab32.dll
2011-04-23 04:33:10 506736 ----a-w- C:\Windows\SysWow64\Wintab32.dll
2011-04-23 04:33:09 -------- d-----w- C:\Program Files\Tablet
2011-04-23 04:09:10 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2011-04-23 04:08:41 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-04-23 04:06:22 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-04-23 04:05:43 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2011-04-23 04:05:21 -------- d-----w- C:\Users\ANYCOL~1\AppData\Local\Microsoft Help
2011-04-22 20:12:01 -------- d-----w- C:\Program Files\Microsoft IntelliPoint
2011-04-20 20:35:20 -------- d-----w- C:\Program Files (x86)\Super Meatboy
2011-04-20 07:24:58 -------- d-----w- C:\Program Files (x86)\Valve
2011-04-18 19:24:42 -------- d-----w- C:\Program Files (x86)\Zone Labs
2011-04-18 19:24:41 337560 ----a-w- C:\Windows\System32\drivers\vsdatant.sys
2011-04-18 19:23:52 -------- d-----w- C:\PROGRA~3\CheckPoint
2011-04-18 19:23:47 -------- d-----w- C:\Windows\Internet Logs
2011-04-18 02:55:22 -------- d-----w- C:\Program Files (x86)\Infogrames Interactive
.
==================== Find3M ====================
.
2011-05-13 02:24:30 280768 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-05-13 02:19:13 280768 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-05-11 05:33:02 119296 ----a-w- C:\Windows\SysWow64\zlib.dll
2011-05-10 22:34:52 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-04-30 09:15:54 3360624 ----a-w- C:\Windows\SysWow64\pbsvc.exe
2011-04-13 21:22:40 1032144 ----a-w- C:\Windows\PE_Rom.dll
2011-04-13 20:39:30 16896 ----a-w- C:\Windows\AsTaskSched.dll
2011-04-13 20:04:38 45432 ----a-w- C:\Windows\System32\drivers\point64.sys
2011-04-13 20:04:38 23960 ----a-w- C:\Windows\System32\drivers\nuidfltr.sys
2011-04-13 20:04:38 1721576 ----a-w- C:\Windows\System32\wdfcoinstaller01009.dll
2011-04-09 23:55:44 15453336 ----a-w- C:\Windows\SysWow64\xlive.dll
2011-04-09 23:55:42 13642904 ----a-w- C:\Windows\SysWow64\xlivefnt.dll
2011-04-09 22:54:35 1002728 ----a-w- C:\Windows\System32\WinUSBCoInstaller2.dll
2011-04-09 22:54:28 74752 ----a-w- C:\Windows\System32\CLEyeDevices.dll
2011-04-09 10:04:32 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-04-09 10:04:31 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-04-09 08:36:57 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll
2011-04-09 04:00:28 464896 ----a-w- C:\Windows\System32\ipcoin815.dll
2011-04-09 04:00:20 47616 ----a-w- C:\Windows\System32\drivers\dc3d.sys
2011-04-08 21:29:33 254528 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2011-04-08 04:19:38 117864 ----a-w- C:\Windows\System32\nvmctray.dll
2011-04-08 04:19:36 797288 ----a-w- C:\Windows\System32\easyUpdatusAPIU64.dll
2011-04-08 04:19:36 1012328 ----a-w- C:\Windows\System32\nvvsvc.exe
2011-04-08 04:19:26 6338152 ----a-w- C:\Windows\System32\nvcpl.dll
2011-04-08 04:19:08 3041384 ----a-w- C:\Windows\System32\nvsvc64.dll
2011-04-06 21:26:58 96544 ----a-w- C:\Windows\System32\dnssd.dll
2011-04-06 21:26:58 69408 ----a-w- C:\Windows\System32\jdns_sd.dll
2011-04-06 21:26:58 237856 ----a-w- C:\Windows\System32\dnssdX.dll
2011-04-06 21:26:58 119584 ----a-w- C:\Windows\System32\dns-sd.exe
2011-04-06 21:20:16 91424 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-04-06 21:20:16 75040 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2011-04-06 21:20:16 197920 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2011-04-06 21:20:16 107808 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-03-12 12:08:49 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-03-12 11:23:45 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-03-11 06:41:37 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-03-11 06:41:34 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-03-11 06:41:34 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-03-11 06:41:34 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-03-11 06:41:26 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-03-11 06:41:12 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-03-11 06:41:12 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-03-11 06:34:51 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-03-11 06:34:50 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-03-11 06:33:29 2565632 ----a-w- C:\Windows\System32\esent.dll
2011-03-11 06:30:28 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-03-11 05:33:59 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-03-11 05:33:59 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-03-11 05:33:09 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2011-03-11 05:31:07 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2011-03-09 20:31:12 434560 ----a-w- C:\Windows\SysWow64\RzMwApi.dll
2011-03-08 06:29:32 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-03-08 05:28:29 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-03-04 06:19:28 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:19:27 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 15:59:24 29288 ----a-w- C:\Windows\System32\nvhdap64.dll
2011-03-03 15:59:18 174184 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2011-03-03 15:59:17 1359976 ----a-w- C:\Windows\System32\nvhdagenco642040.dll
2011-03-03 06:24:16 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-03-03 06:21:57 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-03-03 05:36:16 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-03-03 03:52:08 3135488 ----a-w- C:\Windows\System32\win32k.sys
2011-02-25 06:19:30 2871808 ----a-w- C:\Windows\explorer.exe
2011-02-25 05:30:54 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
2011-02-24 06:15:44 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-02-24 05:38:54 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-02-23 13:28:00 1614440 ----a-w- C:\Windows\System32\nvdispco642090.dll
2011-02-23 13:28:00 1359976 ----a-w- C:\Windows\System32\nvgenco642040.dll
2011-02-23 04:56:31 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-02-23 04:56:27 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-02-23 04:56:03 411648 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-02-23 04:55:47 167936 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-02-23 04:55:12 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-02-23 04:55:12 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-02-23 04:55:04 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-02-19 12:05:15 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-02-19 12:04:37 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-02-19 12:04:17 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-02-19 12:03:46 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-02-19 09:00:32 367616 ----a-w- C:\Windows\System32\atmfd.dll
2011-02-19 06:30:51 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-02-19 06:30:50 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-02-19 06:30:46 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-02-19 04:34:54 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-02-18 21:36:58 51712 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2011-02-18 21:36:58 4184352 ----a-w- C:\Windows\System32\usbaaplrc.dll
2011-02-18 10:51:16 31232 ----a-w- C:\Windows\System32\prevhost.exe
2011-02-18 05:39:44 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
.
============= FINISH: 13:58:42.09 ===============

Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows SideShow Managed Runtime 1.0
Xilisoft Video Converter Ultimate 6
Yawcam 0.3.6
.
==== Event Viewer Messages From Past Week ========
.
5/16/2011 2:40:39 AM, Error: mv91xx [9] - The device, \Device\Scsi\mv91xx1, did not respond within the timeout period.
5/16/2011 1:56:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service NVSvc with arguments "" in order to run the server: {DCAB0989-1301-4319-BE5F-ADE89F88581C}
5/16/2011 1:56:05 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
5/16/2011 1:56:05 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
5/16/2011 1:53:40 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
5/16/2011 1:52:10 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
5/16/2011 1:52:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
5/16/2011 1:52:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
5/16/2011 1:52:08 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
5/16/2011 1:52:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/16/2011 1:51:53 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
5/16/2011 1:51:40 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AsIO AsUpIO aswSnx aswSP aswTdi CBDisk discache MDFSYSNT MpFilter spldr truecrypt Wanarpv6
5/16/2011 1:51:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
5/16/2011 1:51:37 PM, Error: Service Control Manager [7001] - The Media Center Extender Service service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
5/16/2011 1:43:48 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
5/16/2011 1:42:37 PM, Error: Microsoft-Windows-Eventlog [23] - The event logging service encountered an error (res=23) while initializing logging resources for channel Microsoft-Windows-BranchCacheSMB/Operational.
5/16/2011 1:01:21 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
5/16/2011 1:00:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the avast! Antivirus service to connect.
5/16/2011 1:00:15 PM, Error: Service Control Manager [7000] - The avast! Antivirus service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/15/2011 1:18:47 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MsMpSvc service.
5/15/2011 1:18:14 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
5/14/2011 9:26:52 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
5/14/2011 8:16:19 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
5/13/2011 10:09:03 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
5/13/2011 10:09:03 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/12/2011 4:15:50 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer IMAC-E2B180 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3864E8B0-051E-48E8-89F8-A890F4EF7BD1}. The master browser is stopping or an election is being forced.
5/12/2011 12:54:03 PM, Error: Service Control Manager [7000] - The TuneUp Theme Extension service failed to start due to the following error: The executable program that this service is configured to run in does not implement the service.
5/11/2011 12:33:15 AM, Error: Service Control Manager [7034] - The PinnacleUpdate Service service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
AnyColourYouLike
Active Member
 
Posts: 8
Joined: May 14th, 2011, 8:48 pm
Advertisement
Register to Remove

Re: BSOD and recent Projeckt1 error messages

Unread postby Gary R » May 19th, 2011, 1:43 am

Looking over your log, back soon.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: BSOD and recent Projeckt1 error messages

Unread postby Gary R » May 19th, 2011, 2:00 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.


Unless informed of in advance, failure to post replies within 3 days will result in this thread being closed.


Hi

I'm Gary R, I'll be glad to help you with your computer problems.

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

I'd also recommend that you create a System Restore Point that we can restore to if necessary.

  • Click Start, and type Create a restore point into the Search programs and files box.
  • Now click on the Create a restore point icon at the top of the find list.
  • This will open a System Properties box, with the System Protection tab open ...
    • Click on the Create button in the lower part of the window.
    • Type Pre Malware Cleanup into the description box, then click Create.
    • Windows will now create a Restore Point and notify you when finished.
    • Exit any open windows.

Please observe these rules while we work:
  • Perform all actions in the order given.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with it till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.
If you can do these things, everything should go smoothly.
  • As you're using Vista or Windows7, it will be necessary to right click all tools we use and select ----> Run as Administrator

It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.


Your DDS logs show you have 2 AV programs on your computer ....

avast! Internet Security
Microsoft Security Essentials


This is a recipe for disaster. Because of the way they work, 2 such programs will conflict with each other causing all sorts of problems, and will give you less not more protection.

You must choose which one you want to keep and Uninstall the other using Control Panel > Programs > Uninstall a program

When finished reboot your computer.

Next

Download OTL by OldTimer to your Desktop.

Alternative Download

If you already have a copy of OTL delete it and use this version.

  • Double click OTL.exe to launch the programme.
  • Check the following.
    • Scan all users.
    • Standard Output.
    • Lop check.
    • Purity check.
  • Under Extra Registry section, select Use SafeList
  • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
  • When finished it will produce two logs.
    • OTL.txt (open on your desktop).
    • Extras.txt (minimised in your taskbar)
  • Please post me both logs.

Next

Download TDSSKiller.zip and extract it to your Desktop.
  • Double click on TDSSKiller.exe to launch it.
    • If using Vista or Windows7, when prompted by UAC allow the prompt.
  • Click on Start Scan
  • The scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • Post the contents in your next reply please.
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT

Summary of the logs I need from you in your next post:
  • OTL.txt
  • Extras.txt
  • TDSSKiller log


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: BSOD and recent Projeckt1 error messages

Unread postby AnyColourYouLike » May 19th, 2011, 1:20 pm

Thanks for the reply.
Heres the logs you request:

OTL logfile created on: 5/19/2011 12:08:50 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\AnyColour\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 69.00% Memory free
16.00 Gb Paging File | 13.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 533.33 Gb Free Space | 57.26% Space Free | Partition Type: NTFS
Drive E: | 148.73 Gb Total Space | 140.62 Gb Free Space | 94.55% Space Free | Partition Type: HFSJ
Drive F: | 297.77 Gb Total Space | 0.97 Gb Free Space | 0.32% Space Free | Partition Type: HFSJ

Computer Name: BEAST | User Name: AnyColour | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/19 12:07:45 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\AnyColour\Desktop\OTL.exe
PRC - [2011/05/10 17:34:52 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/04/30 11:49:57 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/04/08 00:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/04/07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/12/01 21:15:14 | 000,915,584 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
PRC - [2010/11/03 04:30:14 | 000,918,144 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
PRC - [2010/10/21 04:52:26 | 000,586,880 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
PRC - [2010/10/20 14:48:04 | 000,232,896 | ---- | M] (Vuze Inc.) -- C:\Program Files (x86)\Vuze\Azureus.exe
PRC - [2009/10/30 12:34:12 | 001,916,248 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files (x86)\Smith Micro\StuffIt 2010\ArcNameService.exe
PRC - [2009/07/29 10:54:36 | 000,205,312 | ---- | M] (Mediafour Corporation) -- C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE


========== Modules (SafeList) ==========

MOD - [2011/05/19 12:07:45 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\AnyColour\Desktop\OTL.exe
MOD - [2010/11/20 06:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/11/11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010/11/11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/10/21 09:38:38 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV:64bit: - [2010/10/21 09:38:38 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Disabled | Stopped] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV:64bit: - [2010/10/08 14:08:42 | 000,149,504 | ---- | M] (Mediafour Corporation) [Auto | Running] -- C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe -- (MacDrive8Service)
SRV:64bit: - [2010/08/12 15:00:20 | 000,133,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel® PROSet Monitoring Service)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011/05/13 22:08:40 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/05/10 17:34:52 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/04/08 00:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/04/07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/12/01 21:15:14 | 000,915,584 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010/11/23 00:32:24 | 000,430,080 | ---- | M] (PowerUp Software, LLC) [Disabled | Stopped] -- C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe -- (PinnacleUpdateSvc)
SRV - [2010/11/03 04:30:14 | 000,918,144 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe -- (asComSvc)
SRV - [2010/10/27 16:18:52 | 000,052,896 | ---- | M] (Atheros Commnucations) [Disabled | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010/10/21 04:52:26 | 000,586,880 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/30 12:34:12 | 001,916,248 | ---- | M] (Smith Micro Software, Inc.) [Auto | Running] -- C:\Program Files (x86)\Smith Micro\StuffIt 2010\ArcNameService.exe -- (Stuffit Archive Name Service)
SRV - [2009/07/29 10:54:36 | 000,205,312 | ---- | M] (Mediafour Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE -- (M4LIC)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/06 15:38:09 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2011/04/13 15:04:38 | 000,045,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/04/13 15:04:38 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2011/04/08 23:00:20 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/04/08 16:29:33 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/03 10:59:18 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 06:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/05 23:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/27 15:50:28 | 000,301,680 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2010/10/27 15:50:28 | 000,279,152 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2010/10/27 15:50:28 | 000,203,624 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2010/10/27 15:50:28 | 000,156,520 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2010/10/27 15:50:28 | 000,058,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2010/10/27 15:50:28 | 000,055,336 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2010/10/27 15:50:28 | 000,038,248 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2010/10/27 15:50:28 | 000,031,080 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010/10/24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/10/21 16:00:02 | 000,032,424 | ---- | M] (Mediafour Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MDPMGRNT.SYS -- (MDPMGRNT)
DRV:64bit: - [2010/10/21 15:11:04 | 000,097,552 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2010/10/19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010/10/15 09:24:56 | 000,115,200 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse)
DRV:64bit: - [2010/10/05 13:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2010/10/05 13:26:02 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:64bit: - [2010/10/05 13:26:00 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2010/09/30 00:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/09/30 00:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/09/21 01:34:18 | 000,313,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel(R)
DRV:64bit: - [2010/08/27 12:53:22 | 000,297,000 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:64bit: - [2010/08/17 12:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT) Intel(R) Watchdog Timer Driver (Intel(R) WDT)
DRV:64bit: - [2010/08/10 04:29:16 | 000,120,920 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2010/01/13 11:15:54 | 000,070,344 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CBDisk.sys -- (CBDisk)
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1379661372-1466855195-1069677922-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = astroburn-search.com
IE - HKU\S-1-5-21-1379661372-1466855195-1069677922-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-1379661372-1466855195-1069677922-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-1379661372-1466855195-1069677922-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C8 22 D2 19 C3 14 CC 01 [binary data]
IE - HKU\S-1-5-21-1379661372-1466855195-1069677922-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1379661372-1466855195-1069677922-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1379661372-1466855195-1069677922-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://kotaku.com/"


FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/04/30 11:50:05 | 000,000,000 | ---D | M]

[2011/05/15 00:59:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AnyColour\AppData\Roaming\Mozilla\Extensions
[2011/05/17 20:41:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\AnyColour\AppData\Roaming\Mozilla\Firefox\Profiles\246jbym9.default\extensions
[2011/05/17 20:41:39 | 000,000,000 | ---D | M] ("Astroburn Toolbar") -- C:\Users\AnyColour\AppData\Roaming\Mozilla\Firefox\Profiles\246jbym9.default\extensions\AstroToolbar@toolbarnet.com
[2011/04/26 14:29:13 | 000,000,000 | ---D | M] (Ovi Maps 3D browser plugin) -- C:\Users\AnyColour\AppData\Roaming\Mozilla\Firefox\Profiles\246jbym9.default\extensions\maps@ovi.com
[2011/05/17 20:41:32 | 000,002,071 | ---- | M] () -- C:\Users\AnyColour\AppData\Roaming\Mozilla\Firefox\Profiles\246jbym9.default\searchplugins\absearch-search.xml
[2011/04/09 15:23:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/04/09 14:53:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/04/09 15:23:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\ANYCOLOUR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\246JBYM9.DEFAULT\EXTENSIONS\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.XPI
() (No name found) -- C:\USERS\ANYCOLOUR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\246JBYM9.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\ANYCOLOUR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\246JBYM9.DEFAULT\EXTENSIONS\CANITBECHEAPER@TRAFFICBROKER.CO.UK.XPI
() (No name found) -- C:\USERS\ANYCOLOUR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\246JBYM9.DEFAULT\EXTENSIONS\EXIF_VIEWER@MOZILLA.DOSLASH.ORG.XPI
() (No name found) -- C:\USERS\ANYCOLOUR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\246JBYM9.DEFAULT\EXTENSIONS\JOHN@VELVETCACHE.ORG.XPI
() (No name found) -- C:\USERS\ANYCOLOUR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\246JBYM9.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
[2011/04/30 11:49:56 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O3:64bit: - HKLM\..\Toolbar: (Astroburn Toolbar) - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - C:\Program Files (x86)\Astroburn Toolbar\ABToolbar64.dll ()
O3 - HKLM\..\Toolbar: (Astroburn Toolbar) - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - C:\Program Files (x86)\Astroburn Toolbar\ABToolbar.dll ()
O3 - HKU\S-1-5-21-1379661372-1466855195-1069677922-1000\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MacDrive 8 application] C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe (Mediafour Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1379661372-1466855195-1069677922-1006..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-1379661372-1466855195-1069677922-1006..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22:64bit: - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - Reg Error: Key error. File not found
O27:64bit: - HKLM IFEO\crysis.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\crysis64.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\excel.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\groove.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\infopath.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\justcause2.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\justcause2_game.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\launchgtaiv.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\msaccess.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\msoxmled.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\mspub.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\mstore.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\onenote.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\outlook.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\pinnacle_updater.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\powerpnt.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\rct2.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\unins000.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\win7ui.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\Winword.exe: Debugger - File not found
O27 - HKLM IFEO\crysis.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\crysis64.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\excel.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\groove.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\infopath.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\justcause2.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\justcause2_game.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\launchgtaiv.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\msaccess.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\msoxmled.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\mspub.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\mstore.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\onenote.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\outlook.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\pinnacle_updater.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\powerpnt.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\rct2.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\unins000.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\win7ui.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\Winword.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1c762942-6220-11e0-be3a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1c762942-6220-11e0-be3a-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Bin\ASSETUP.exe
O33 - MountPoints2\{d29d6f52-7064-11e0-82e8-00268314d352}\Shell - "" = AutoRun
O33 - MountPoints2\{d29d6f52-7064-11e0-82e8-00268314d352}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{e605a86b-6221-11e0-92e0-00268314d352}\Shell - "" = AutoRun
O33 - MountPoints2\{e605a86b-6221-11e0-92e0-00268314d352}\Shell\AutoRun\command - "" = H:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/19 12:07:42 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\AnyColour\Desktop\OTL.exe
[2011/05/19 00:59:51 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo
[2011/05/17 21:04:14 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2011/05/17 20:41:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Astroburn Toolbar
[2011/05/17 20:41:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astroburn Lite
[2011/05/17 20:41:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Astroburn Lite
[2011/05/17 20:41:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Astroburn Lite
[2011/05/17 11:41:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/05/17 11:15:12 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/05/17 10:57:19 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\Downloads
[2011/05/17 10:56:23 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/05/17 10:56:18 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/05/16 22:49:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/16 19:22:43 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\Malwarebytes
[2011/05/16 19:22:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/16 19:22:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/05/16 18:34:44 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Local\Apps
[2011/05/15 01:56:36 | 000,000,000 | ---D | C] -- C:\Downloads
[2011/05/15 01:51:21 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\GetRight
[2011/05/15 01:51:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetRight
[2011/05/15 01:51:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GetRight
[2011/05/14 20:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/05/14 20:09:59 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/14 19:29:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/05/14 16:54:20 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\Documents\My Spore Creations
[2011/05/14 16:54:15 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\SPORE
[2011/05/14 15:56:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2011/05/14 15:56:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect
[2011/05/14 15:50:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mass Effect
[2011/05/14 15:21:12 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2011/05/14 15:11:07 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\Documents\StarCraft II
[2011/05/14 15:11:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2011/05/14 15:11:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2011/05/14 15:11:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/05/14 15:11:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2011/05/14 14:24:16 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\Documents\PCSX2
[2011/05/14 14:21:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCSX2 0.9.8
[2011/05/13 23:36:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2011/05/13 23:35:52 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\Documents\Telltale Games
[2011/05/13 23:35:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Telltale Games
[2011/05/12 13:44:33 | 000,000,000 | R--D | C] -- C:\Users\AnyColour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2011/05/12 12:53:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011/05/12 01:11:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rainmeter
[2011/05/12 00:54:29 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\Documents\Rainmeter
[2011/05/12 00:54:29 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\Rainmeter
[2011/05/12 00:54:15 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rainmeter
[2011/05/12 00:54:12 | 000,000,000 | ---D | C] -- C:\Program Files\Rainmeter
[2011/05/11 21:43:41 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011/05/11 21:43:41 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011/05/11 21:08:39 | 020,700,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2011/05/11 21:08:39 | 018,578,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2011/05/11 21:08:39 | 015,227,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011/05/11 21:08:39 | 013,007,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011/05/11 21:08:39 | 012,934,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2011/05/11 21:08:39 | 010,071,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2011/05/11 21:08:39 | 006,974,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2011/05/11 21:08:39 | 005,183,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011/05/11 21:08:39 | 002,893,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2011/05/11 21:08:39 | 002,765,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011/05/11 21:08:39 | 002,204,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2011/05/11 21:08:39 | 002,074,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011/05/11 21:08:39 | 001,619,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420140.dll
[2011/05/11 21:08:39 | 001,404,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642060.dll
[2011/05/11 21:08:39 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco642040.dll
[2011/05/11 21:08:39 | 000,174,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2011/05/11 21:08:39 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011/05/11 21:08:39 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011/05/11 21:08:39 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2011/05/11 21:08:39 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2011/05/10 17:23:32 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\Documents\BFBC2
[2011/05/10 15:26:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Installer Clean Up
[2011/05/10 15:26:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECACHE
[2011/05/10 14:12:55 | 005,562,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/05/10 14:12:54 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011/05/10 14:12:54 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011/05/10 14:12:04 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2011/05/10 14:12:04 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2011/05/07 20:07:36 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/05/06 15:46:06 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\TrueCrypt
[2011/05/06 15:38:09 | 000,230,352 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2011/05/06 15:38:07 | 000,000,000 | ---D | C] -- C:\Program Files\TrueCrypt
[2011/05/06 00:00:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011/05/05 15:07:15 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\Documents\BlackMirrorIII
[2011/05/05 14:18:40 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viva Media
[2011/05/05 14:18:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Viva Media
[2011/05/05 13:21:52 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\AVS4YOU
[2011/05/05 13:21:11 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2011/05/05 13:20:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2011/05/05 13:20:38 | 010,915,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\libmfxhw32.dll
[2011/05/05 13:20:38 | 010,833,920 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\libmfxsw32.dll
[2011/05/05 13:20:32 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2011/05/05 13:20:32 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2011/05/05 13:20:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2011/05/05 13:20:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2011/05/05 13:20:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU
[2011/05/05 13:08:37 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilisoft
[2011/05/05 13:08:16 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\Xilisoft
[2011/05/05 13:08:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xilisoft
[2011/05/05 04:31:50 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Local\{196A9647-487B-4C7E-810E-9481289078F8}
[2011/05/05 04:31:49 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Local\{FE4683DD-1DD9-4866-A387-E7CB3E7647AD}
[2011/05/05 04:31:35 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\Tracing
[2011/05/05 01:47:24 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Local\Geckofx
[2011/05/05 01:47:19 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
[2011/05/05 01:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
[2011/05/05 01:22:59 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\HandBrake
[2011/05/05 01:22:59 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Local\HandBrake
[2011/05/05 01:14:43 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
[2011/05/05 01:14:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
[2011/05/05 01:14:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Handbrake
[2011/05/05 01:11:00 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2011/05/05 01:11:00 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\i420vfw.dll
[2011/05/05 01:11:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2011/05/05 01:09:07 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\Real
[2011/05/05 01:08:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eRightSoft
[2011/05/04 23:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2011/05/04 23:41:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alientrap Games Inc
[2011/05/04 23:40:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alientrap Games Inc
[2011/05/03 21:14:41 | 000,032,424 | ---- | C] (Mediafour Corporation) -- C:\Windows\SysNative\drivers\MDPMGRNT.SYS
[2011/05/03 20:56:51 | 000,070,344 | ---- | C] (EldoS Corporation) -- C:\Windows\SysNative\drivers\CBDisk.sys
[2011/05/03 20:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MacDrive 8
[2011/05/03 20:56:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Mediafour
[2011/05/03 20:56:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mediafour
[2011/05/03 20:56:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Mediafour
[2011/05/03 20:56:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Mediafour
[2011/05/03 20:56:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mediafour
[2011/05/03 13:43:50 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\CD Art Display
[2011/05/03 13:43:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD Art Display
[2011/05/03 13:43:47 | 000,094,208 | ---- | C] (MediaTexX) -- C:\Windows\SysWow64\wmpuice.dll
[2011/05/03 13:43:47 | 000,069,632 | ---- | C] (CD Art Display) -- C:\Windows\cadSSaver.scr
[2011/05/03 13:43:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CD Art Display
[2011/05/03 12:27:29 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bowtie Remote
[2011/05/03 12:27:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bowtie Remote
[2011/05/03 12:27:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bowtie Remote
[2011/05/03 12:08:27 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Local\Steven_McTainsh
[2011/05/03 12:06:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UnderCover
[2011/05/02 22:33:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2011/05/02 21:00:05 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Local\GPUMonitor
[2011/05/02 20:54:08 | 000,201,728 | ---- | C] (ScreenTime Media) -- C:\Windows\SysWow64\HarryPotter7Screensaver.scr
[2011/05/02 20:54:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\HarryPotter7Screensaver dir
[2011/04/30 16:25:58 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Local\Microsoft Games
[2011/04/30 15:01:16 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Local\Garena
[2011/04/30 11:52:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2011/04/30 11:49:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Combat Arms
[2011/04/30 11:49:14 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS
[2011/04/30 03:15:12 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Local\PMB Files
[2011/04/30 03:15:11 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011/04/30 03:14:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2011/04/29 21:31:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
[2011/04/29 20:12:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MonitorDriver
[2011/04/29 20:10:28 | 000,000,000 | ---D | C] -- C:\Samsung
[2011/04/28 21:18:31 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\Razer
[2011/04/28 21:11:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2011/04/28 21:10:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2011/04/27 20:00:42 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\.yawcam
[2011/04/27 20:00:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yawcam
[2011/04/27 20:00:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yawcam
[2011/04/26 16:44:34 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/04/26 16:44:34 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011/04/26 16:44:33 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/04/26 16:44:33 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/04/26 16:44:25 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011/04/26 16:44:25 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011/04/26 16:44:24 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011/04/26 16:44:24 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011/04/26 16:44:24 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011/04/26 16:44:24 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011/04/26 16:44:24 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011/04/26 16:44:22 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011/04/26 16:44:22 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011/04/26 16:34:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/04/26 16:34:23 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/04/26 16:34:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/04/26 16:34:23 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/04/26 16:33:26 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/04/26 16:33:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/04/23 23:22:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Codemasters
[2011/04/22 23:33:34 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Roaming\WTablet
[2011/04/22 23:33:33 | 000,749,936 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Touch_Tablet.dll
[2011/04/22 23:33:33 | 000,642,928 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Touch_Tablet.dll
[2011/04/22 23:33:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins
[2011/04/22 23:33:27 | 000,018,288 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys
[2011/04/22 23:33:20 | 000,012,848 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacommousefilter.sys
[2011/04/22 23:33:12 | 000,016,168 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomvhid.sys
[2011/04/22 23:33:10 | 000,756,592 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.dll
[2011/04/22 23:33:10 | 000,650,096 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Tablet.dll
[2011/04/22 23:33:10 | 000,600,432 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wintab32.dll
[2011/04/22 23:33:10 | 000,506,736 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wintab32.dll
[2011/04/22 23:33:09 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet
[2011/04/22 23:09:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011/04/22 23:09:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/04/22 23:09:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011/04/22 23:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2011/04/22 23:08:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2011/04/22 23:08:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/04/22 23:06:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011/04/22 23:05:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/04/22 23:05:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2011/04/22 23:05:21 | 000,000,000 | ---D | C] -- C:\Users\AnyColour\AppData\Local\Microsoft Help
[2011/04/22 23:05:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011/04/22 23:05:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/04/22 23:05:02 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011/04/22 15:12:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse
[2011/04/22 15:12:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint
[2011/04/20 15:35:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Super Meatboy
[2011/04/20 02:38:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve
[2011/04/20 02:24:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Valve
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/19 12:07:45 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\AnyColour\Desktop\OTL.exe
[2011/05/19 11:47:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/18 20:28:25 | 000,017,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/18 20:28:25 | 000,017,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/18 20:22:23 | 2129,334,271 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/17 20:14:42 | 000,007,607 | ---- | M] () -- C:\Users\AnyColour\AppData\Local\Resmon.ResmonCfg
[2011/05/17 18:47:52 | 000,002,495 | ---- | M] () -- C:\Users\AnyColour\Desktop\    .lnk
[2011/05/17 13:18:36 | 000,795,798 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/05/17 13:18:36 | 000,671,094 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/05/17 13:18:36 | 000,126,180 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/05/17 12:15:32 | 001,032,144 | ---- | M] () -- C:\Windows\PE_Rom.dll
[2011/05/17 12:15:25 | 000,003,349 | ---- | M] () -- C:\Windows\MB.idx
[2011/05/17 12:15:23 | 000,000,462 | ---- | M] () -- C:\Windows\Path.idx
[2011/05/17 11:15:12 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/05/17 10:49:19 | 000,000,282 | ---- | M] () -- C:\Windows\tasks\RCT2.job
[2011/05/17 10:48:46 | 004,974,384 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/05/14 16:35:42 | 000,002,148 | ---- | M] () -- C:\Users\AnyColour\Desktop\BackToTheFuture101.lnk
[2011/05/14 16:35:16 | 000,001,438 | ---- | M] () -- C:\Users\AnyColour\Desktop\StarCraft II.lnk
[2011/05/14 16:35:08 | 000,001,764 | ---- | M] () -- C:\Users\AnyColour\Desktop\masseffect.101.cracked.lnk
[2011/05/14 15:56:50 | 000,001,106 | ---- | M] () -- C:\Users\AnyColour\Application Data\Microsoft\Internet Explorer\Quick Launch\Mass Effect.lnk
[2011/05/12 21:24:30 | 000,280,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/05/12 21:24:30 | 000,280,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/05/12 21:19:13 | 000,280,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/05/12 13:54:47 | 000,002,524 | ---- | M] () -- C:\Users\AnyColour\Desktop\   .lnk
[2011/05/12 13:44:32 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2011/05/11 00:33:02 | 000,119,296 | ---- | M] () -- C:\Windows\SysWow64\zlib.dll
[2011/05/10 17:34:52 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/05/10 17:22:57 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011/05/07 18:19:02 | 000,000,132 | ---- | M] () -- C:\Users\AnyColour\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/05/06 15:38:09 | 000,230,352 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2011/05/05 18:45:00 | 000,001,986 | ---- | M] () -- C:\Users\AnyColour\Desktop\   .lnk
[2011/05/05 02:27:18 | 000,000,362 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/05/05 01:46:34 | 000,002,999 | ---- | M] () -- C:\Users\AnyColour\Desktop\   .lnk
[2011/05/04 23:59:50 | 000,001,726 | ---- | M] () -- C:\Users\AnyColour\Desktop\   .lnk
[2011/05/02 20:54:08 | 000,201,728 | ---- | M] (ScreenTime Media) -- C:\Windows\SysWow64\HarryPotter7Screensaver.scr
[2011/04/30 15:10:48 | 000,016,728 | ---- | M] () -- C:\Program Files (x86)\setup_BlackShot_GarenaMessenger_Install_2_108_A.exe
[2011/04/30 15:09:26 | 710,888,456 | ---- | M] () -- C:\Program Files (x86)\BlackShot_GarenaMessenger_Install_2_108_A.exe
[2011/04/30 04:15:54 | 003,360,624 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/04/28 21:28:38 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01005.Wdf
[2011/04/28 21:15:03 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzSynapse_01007.Wdf
[2011/04/28 16:40:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/04/23 23:56:32 | 000,002,909 | ---- | M] () -- C:\Users\AnyColour\Desktop\   .lnk
[2011/04/22 14:50:17 | 000,002,085 | ---- | M] () -- C:\Users\AnyColour\Desktop\          .lnk
[2011/04/20 20:55:05 | 000,002,747 | ---- | M] () -- C:\Users\AnyColour\Desktop\        .lnk
[2011/04/20 16:42:40 | 000,002,006 | ---- | M] () -- C:\Users\AnyColour\Desktop\ .lnk
[2011/04/19 13:48:41 | 000,002,248 | ---- | M] () -- C:\Users\AnyColour\Desktop\       .lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/16 14:41:48 | 000,007,607 | ---- | C] () -- C:\Users\AnyColour\AppData\Local\Resmon.ResmonCfg
[2011/05/14 16:35:42 | 000,002,148 | ---- | C] () -- C:\Users\AnyColour\Desktop\BackToTheFuture101.lnk
[2011/05/14 16:35:16 | 000,001,438 | ---- | C] () -- C:\Users\AnyColour\Desktop\StarCraft II.lnk
[2011/05/14 16:35:08 | 000,001,764 | ---- | C] () -- C:\Users\AnyColour\Desktop\masseffect.101.lnk
[2011/05/14 15:56:50 | 000,001,106 | ---- | C] () -- C:\Users\AnyColour\Application Data\Microsoft\Internet Explorer\Quick Launch\Mass Effect.lnk
[2011/05/12 13:52:22 | 000,002,524 | ---- | C] () -- C:\Users\AnyColour\Desktop\   .lnk
[2011/05/10 17:22:57 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011/05/10 15:26:57 | 000,002,873 | ---- | C] () -- C:\Users\AnyColour\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk
[2011/05/05 14:18:40 | 000,001,986 | ---- | C] () -- C:\Users\AnyColour\Desktop\   .lnk
[2011/05/05 01:11:00 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011/05/04 23:59:50 | 000,001,726 | ---- | C] () -- C:\Users\AnyColour\Desktop\   .lnk
[2011/05/04 23:40:00 | 000,002,999 | ---- | C] () -- C:\Users\AnyColour\Desktop\   .lnk
[2011/05/02 23:15:01 | 000,280,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/04/30 15:10:48 | 000,016,728 | ---- | C] () -- C:\Program Files (x86)\setup_BlackShot_GarenaMessenger_Install_2_108_A.exe
[2011/04/30 15:01:35 | 710,888,456 | ---- | C] () -- C:\Program Files (x86)\BlackShot_GarenaMessenger_Install_2_108_A.exe
[2011/04/29 21:31:49 | 000,002,503 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
[2011/04/28 22:53:13 | 000,000,362 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/04/28 21:28:38 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01005.Wdf
[2011/04/28 21:15:03 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzSynapse_01007.Wdf
[2011/04/28 16:40:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/04/23 23:53:32 | 000,002,909 | ---- | C] () -- C:\Users\AnyColour\Desktop\   .lnk
[2011/04/22 13:07:54 | 000,002,085 | ---- | C] () -- C:\Users\AnyColour\Desktop\          .lnk
[2011/04/20 20:54:43 | 000,002,747 | ---- | C] () -- C:\Users\AnyColour\Desktop\        .lnk
[2011/04/20 15:38:41 | 000,002,006 | ---- | C] () -- C:\Users\AnyColour\Desktop\ .lnk
[2011/04/19 13:47:46 | 000,002,248 | ---- | C] () -- C:\Users\AnyColour\Desktop\       .lnk
[2011/04/19 13:47:29 | 000,000,282 | ---- | C] () -- C:\Windows\tasks\RCT2.job
[2011/04/18 13:32:26 | 000,000,132 | ---- | C] () -- C:\Users\AnyColour\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/04/13 16:13:59 | 001,032,144 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2011/04/13 16:01:27 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\IccLibDll.dll
[2011/04/13 15:53:03 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011/04/13 15:53:01 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/04/09 02:54:55 | 000,119,296 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2011/04/09 02:54:55 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ADsSecurity.dll
[2011/04/09 02:54:55 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dxinputdll.dll
[2011/04/09 00:07:47 | 000,000,097 | ---- | C] () -- C:\Users\AnyColour\AppData\Local\fusioncache.dat
[2011/04/08 15:39:38 | 000,782,454 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/04/08 15:38:14 | 000,280,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/04/08 15:38:13 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/04/08 15:38:13 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/04/08 14:53:35 | 000,040,991 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2011/04/08 14:52:26 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011/04/08 14:52:22 | 000,026,612 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010/08/03 00:21:24 | 000,014,464 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/02 07:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2008/01/04 00:34:42 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys

========== LOP Check ==========

[2011/05/19 12:06:57 | 000,000,000 | ---D | M] -- C:\Users\AnyColour\AppData\Roaming\Azureus
[2011/05/12 14:57:06 | 000,000,000 | ---D | M] -- C:\Users\AnyColour\AppData\Roaming\CD Art Display
[2011/04/08 15:30:35 | 000,000,000 | ---D | M] -- C:\Users\AnyColour\AppData\Roaming\DAEMON Tools Lite
[2011/05/17 10:46:53 | 000,000,000 | ---D | M] -- C:\Users\AnyColour\AppData\Roaming\GetRight
[2011/05/05 01:24:57 | 000,000,000 | ---D | M] -- C:\Users\AnyColour\AppData\Roaming\HandBrake
[2011/04/13 17:04:36 | 000,000,000 | ---D | M] -- C:\Users\AnyColour\AppData\Roaming\MotioninJoy
[2011/04/15 11:36:49 | 000,000,000 | ---D | M] -- C:\Users\AnyColour\AppData\Roaming\Party Buffalo Drive Explorer
[2011/04/09 03:10:49 | 000,000,000 | ---D | M] -- C:\Users\AnyColour\AppData\Roaming\PowerUp Software
[2011/05/12 14:15:08 | 000,000,000 | ---D | M] -- C:\Users\AnyColour\AppData\Roaming\Rainmeter
[2011/04/29 02:34:51 | 000,000,000 | ---D | M] -- C:\Users\AnyColour\AppData\Roaming\Razer
[2011/05/14 16:54:29 | 000,000,000 | ---D | M] -- C:\Users\AnyColour\AppData\Roaming\SPORE
[2011/04/09 17:08:36 | 000,000,000 | ---D | M] -- C:\Users\AnyColour\AppData\Roaming\Stardock
[2011/04/09 15:01:34 | 000,000,000 | ---D | M] -- C:\Users\AnyColour\AppData\Roaming\SystemRequirementsLab
[2011/05/06 15:47:10 | 000,000,000 | ---D | M] -- C:\Users\AnyColour\AppData\Roaming\TrueCrypt
[2011/05/12 12:53:47 | 000,000,000 | ---D | M] -- C:\Users\AnyColour\AppData\Roaming\TuneUp Software
[2011/05/05 13:08:16 | 000,000,000 | ---D | M] -- C:\Users\AnyColour\AppData\Roaming\Xilisoft
[2011/04/10 18:58:07 | 000,000,000 | ---D | M] -- C:\Users\AnyColour\AppData\Roaming\XWindows Dock
[2011/05/17 10:49:19 | 000,000,282 | ---- | M] () -- C:\Windows\Tasks\RCT2.job
[2009/07/14 00:08:49 | 000,030,888 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation

< End of report >
AnyColourYouLike
Active Member
 
Posts: 8
Joined: May 14th, 2011, 8:48 pm

Re: BSOD and recent Projeckt1 error messages

Unread postby AnyColourYouLike » May 19th, 2011, 1:21 pm

OTL Extras logfile created on: 5/19/2011 12:08:50 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\AnyColour\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 69.00% Memory free
16.00 Gb Paging File | 13.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 533.33 Gb Free Space | 57.26% Space Free | Partition Type: NTFS
Drive E: | 148.73 Gb Total Space | 140.62 Gb Free Space | 94.55% Space Free | Partition Type: HFSJ
Drive F: | 297.77 Gb Total Space | 0.97 Gb Free Space | 0.32% Space Free | Partition Type: HFSJ

Computer Name: BEAST | User Name: AnyColour | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1379661372-1466855195-1069677922-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.7
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{26A7FC57-FC21-4CA9-85BD-4324B3294D8B}" = StuffIt 2010
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3ED4AD02-F631-4A4C-AAC8-2325996E5A56}" = Microsoft IntelliPoint 8.1
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{954AB6B3-B4B4-43C0-9355-DE8A888446D4}" = MacDrive 8
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 270.61
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.1.34
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.22.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCCC97EE-E162-448C-8847-59718FF29B04}" = Intel(R) Network Connections 15.6.25.0
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E77543EE-6FB5-4FF6-AB70-635392C8C756}" = Microsoft Security Client
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.1" = Microsoft IntelliPoint 8.1
"Microsoft Security Client" = Microsoft Security Essentials
"Pen Tablet Driver" = Bamboo
"PROSetDX" = Intel(R) Network Connections 15.6.25.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1A1FA4C1-2701-401C-8CE1-FDDE45304FF5}" = ASUS nVidia Driver
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{3516C69A-024D-42A8-B948-FFAA7B9CC49A}" = Windows SideShow Managed Runtime 1.0
"{39006A03-F77C-411F-8A31-421AD9E99F96}_is1" = Batman Arkham Asylum
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT)
"{434D083E-7E9A-4D3A-914B-121000008100}" = Operation Flashpoint ®: Red River
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{49BF48CC-ABB6-4795-9B35-B5DE005D8612}" = Pinnacle Game Profiler
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8303}" = Grand Theft Auto IV
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{580AEA6C-E35C-4470-818F-0F0A083EE1AD}" = Razer Lachesis 5600
"{597DE5BD-C24B-4D0F-BA2D-F5D591D800DA}" = AccuWeather SideShow Gadget
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65761BAE-11E8-48FE-B30F-1F01011AB906}" = The Sims™ 3 Create a World Tool - Beta
"{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6CDC43A5-83FD-42F2-A6C1-92BEC6A0698E}" = Razer BlackWidow Ultimate Firmware Updater
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{733075B6-30B0-4CC5-A7B3-2F497DFE799D}_is1" = Metro 2033
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89173B88-384A-459B-B687-9C0BBC934EF4}" = The Sims™ 3 Create a Sim
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1" = Yawcam 0.3.6
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFC9F871-7C40-40B6-BE4A-B98A5B309716}" = Adobe Flash Professional CS5
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3AC9740-66D4-412F-AE55-DD0428F78175}" = Razer BlackWidow Ultimate
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Fast Lane Stuff
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Astroburn Lite" = Astroburn Lite
"Astroburn Toolbar" = Astroburn Toolbar
"AviSynth" = AviSynth 2.5
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 7
"Black Mirror 3" = Black Mirror 3
"Bowtie Remote" = Bowtie Remote 1.0
"Capsized_is1" = Capsized
"CD Art Display_is1" = CD Art Display 3.0.1472 Beta
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CL-Eye Driver" = CL-Eye Driver
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Combat Arms" = Combat Arms
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dexter The Game" = Dexter The Game
"EADM" = EA Download Manager
"Episode 1" = Back to the Future The Game - Episode 1
"Fallout New Vegas_is1" = Fallout New Vegas
"GFWL_{434D083E-7E9A-4D3A-914B-121000008100}" = Operation Flashpoint ®: Red River
"Half-Life 2" = Half-Life 2
"HandBrake" = HandBrake 0.9.5
"HarryPotter7Screensaver" = HarryPotter7Screensaver
"Homefront_is1" = Homefront
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"Just Cause 2_is1" = Just Cause 2
"KeyTweak" = KeyTweak - Keyboard Remapper (remove only)
"Mafia II_is1" = Mafia II
"MagniDriver" = marvell 91xx console driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"pcsx2-r4600" = PCSX2 - Playstation 2 Emulator
"Postal 2_is1" = Portal 2
"PunkBusterSvc" = PunkBuster Services
"Rainmeter" = Rainmeter
"Roller Coaster Tycoon 2 (Full)_is1" = Roller Coaster Tycoon 2 (Full)
"Sniper Ghost Warrior Update 2_is1" = Sniper Ghost Warrior Update 2
"Sniper Ghost Warrior Update 3_is1" = Sniper Ghost Warrior Update 3
"Sniper Ghost Warrior_is1" = Sniper Ghost Warrior
"StarCraft II" = StarCraft II
"Steam App 13140" = America's Army 3
"Steam App 240" = Counter-Strike: Source
"Steam App 24960" = Battlefield: Bad Company 2
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 340" = Half-Life 2: Lost Coast
"SystemRequirementsLab" = System Requirements Lab
"TrueCrypt" = TrueCrypt
"VLC media player" = VLC media player 1.1.9
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1379661372-1466855195-1069677922-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Episode 2" = Back to the Future The Game - Episode 2
"Episode 3" = Back to the Future The Game - Episode 3
"Episode 4" = Back to the Future The Game - Episode 4
"Xilisoft Video Converter Ultimate 6" = Xilisoft Video Converter Ultimate 6

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
AnyColourYouLike
Active Member
 
Posts: 8
Joined: May 14th, 2011, 8:48 pm

Re: BSOD and recent Projeckt1 error messages

Unread postby AnyColourYouLike » May 19th, 2011, 1:24 pm

2011/05/19 12:21:33.0017 2320 TDSS rootkit removing tool 2.5.1.0 May 13 2011 13:20:29
2011/05/19 12:21:33.0498 2320 ================================================================================
2011/05/19 12:21:33.0498 2320 SystemInfo:
2011/05/19 12:21:33.0498 2320
2011/05/19 12:21:33.0498 2320 OS Version: 6.1.7601 ServicePack: 1.0
2011/05/19 12:21:33.0498 2320 Product type: Workstation
2011/05/19 12:21:33.0498 2320 ComputerName: BEAST
2011/05/19 12:21:33.0498 2320 UserName: AnyColour
2011/05/19 12:21:33.0498 2320 Windows directory: C:\Windows
2011/05/19 12:21:33.0498 2320 System windows directory: C:\Windows
2011/05/19 12:21:33.0498 2320 Running under WOW64
2011/05/19 12:21:33.0498 2320 Processor architecture: Intel x64
2011/05/19 12:21:33.0498 2320 Number of processors: 8
2011/05/19 12:21:33.0498 2320 Page size: 0x1000
2011/05/19 12:21:33.0498 2320 Boot type: Normal boot
2011/05/19 12:21:33.0498 2320 ================================================================================
2011/05/19 12:21:36.0899 2320 Initialize success
2011/05/19 12:22:29.0766 5744 ================================================================================
2011/05/19 12:22:29.0766 5744 Scan started
2011/05/19 12:22:29.0767 5744 Mode: Manual;
2011/05/19 12:22:29.0767 5744 ================================================================================
2011/05/19 12:22:31.0002 5744 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/05/19 12:22:31.0049 5744 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/05/19 12:22:31.0094 5744 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/05/19 12:22:31.0154 5744 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/05/19 12:22:31.0189 5744 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/05/19 12:22:31.0210 5744 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/05/19 12:22:31.0272 5744 AFD (d31dc7a16dea4a9baf179f3d6fbdb38c) C:\Windows\system32\drivers\afd.sys
2011/05/19 12:22:31.0295 5744 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/05/19 12:22:31.0318 5744 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/05/19 12:22:31.0513 5744 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/05/19 12:22:31.0545 5744 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/05/19 12:22:31.0554 5744 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/05/19 12:22:31.0591 5744 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2011/05/19 12:22:31.0605 5744 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/05/19 12:22:31.0615 5744 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2011/05/19 12:22:31.0648 5744 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/05/19 12:22:31.0685 5744 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/05/19 12:22:31.0701 5744 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/05/19 12:22:31.0753 5744 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/19 12:22:31.0776 5744 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/05/19 12:22:31.0827 5744 AthBTPort (aaae03f8eda817ec28c5445193ea8bf3) C:\Windows\system32\DRIVERS\btath_flt.sys
2011/05/19 12:22:31.0857 5744 ATHDFU (4ecc791539f23982411864037d1ac8fc) C:\Windows\system32\Drivers\AthDfu.sys
2011/05/19 12:22:32.0051 5744 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/05/19 12:22:32.0107 5744 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/05/19 12:22:32.0158 5744 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/05/19 12:22:32.0193 5744 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/05/19 12:22:32.0258 5744 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/19 12:22:32.0268 5744 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/05/19 12:22:32.0278 5744 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/05/19 12:22:32.0306 5744 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/05/19 12:22:32.0332 5744 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/05/19 12:22:32.0542 5744 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/05/19 12:22:32.0553 5744 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/05/19 12:22:32.0596 5744 BTATH_A2DP (3b1b573371b206d1d5f25e0ef5fcd6d6) C:\Windows\system32\drivers\btath_a2dp.sys
2011/05/19 12:22:32.0659 5744 BTATH_BUS (2d0446336d9db55a742b999ec16adf15) C:\Windows\system32\DRIVERS\btath_bus.sys
2011/05/19 12:22:32.0682 5744 BTATH_HCRP (9a9694bbeb2849eaf95dffcae5df02ad) C:\Windows\system32\DRIVERS\btath_hcrp.sys
2011/05/19 12:22:32.0716 5744 BTATH_LWFLT (fc0a8075ddf2e9c66267aec91e0676f9) C:\Windows\system32\DRIVERS\btath_lwflt.sys
2011/05/19 12:22:32.0735 5744 BTATH_RCP (5eb4815cbddba4541f2380dae6e269ab) C:\Windows\system32\DRIVERS\btath_rcp.sys
2011/05/19 12:22:32.0860 5744 BtFilter (0ecede7b33cfd9a52a61220abbd09a50) C:\Windows\system32\DRIVERS\btfilter.sys
2011/05/19 12:22:32.0893 5744 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/05/19 12:22:32.0909 5744 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/05/19 12:22:32.0951 5744 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
2011/05/19 12:22:33.0003 5744 BTHPORT (0d25b6d300ba26a5f2c3b2a8e96b158b) C:\Windows\system32\Drivers\BTHport.sys
2011/05/19 12:22:33.0023 5744 BTHUSB (1f9912f8ec5bfa53432e71e150636a8a) C:\Windows\system32\Drivers\BTHUSB.sys
2011/05/19 12:22:33.0080 5744 CBDisk (b99d91e4cd9017f213645aa2e80eb425) C:\Windows\system32\drivers\CBDisk.sys
2011/05/19 12:22:33.0090 5744 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/19 12:22:33.0101 5744 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/19 12:22:33.0129 5744 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/05/19 12:22:33.0258 5744 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/05/19 12:22:33.0278 5744 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/19 12:22:33.0295 5744 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/05/19 12:22:33.0341 5744 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/05/19 12:22:33.0379 5744 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/19 12:22:33.0397 5744 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/05/19 12:22:33.0462 5744 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/05/19 12:22:33.0502 5744 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
2011/05/19 12:22:33.0629 5744 dc3d (15c2afd86d8a58354fc100434c78b621) C:\Windows\system32\DRIVERS\dc3d.sys
2011/05/19 12:22:33.0661 5744 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/05/19 12:22:33.0679 5744 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/05/19 12:22:33.0703 5744 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/05/19 12:22:33.0784 5744 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/05/19 12:22:33.0886 5744 dtsoftbus01 (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
2011/05/19 12:22:33.0949 5744 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/19 12:22:33.0992 5744 e1cexpress (6bafd9819d9fec2edbaebc8493c711a4) C:\Windows\system32\DRIVERS\e1c62x64.sys
2011/05/19 12:22:34.0080 5744 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/05/19 12:22:34.0184 5744 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/05/19 12:22:34.0230 5744 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/05/19 12:22:34.0270 5744 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/05/19 12:22:34.0308 5744 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/05/19 12:22:34.0323 5744 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/19 12:22:34.0347 5744 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/05/19 12:22:34.0365 5744 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/05/19 12:22:34.0375 5744 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/19 12:22:34.0394 5744 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/05/19 12:22:34.0420 5744 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/05/19 12:22:34.0431 5744 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/19 12:22:34.0493 5744 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/05/19 12:22:34.0520 5744 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/05/19 12:22:34.0595 5744 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/05/19 12:22:34.0607 5744 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/05/19 12:22:34.0665 5744 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/05/19 12:22:34.0690 5744 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/05/19 12:22:34.0700 5744 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/05/19 12:22:34.0725 5744 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/05/19 12:22:34.0758 5744 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/05/19 12:22:34.0772 5744 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/19 12:22:34.0880 5744 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/05/19 12:22:34.0932 5744 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/05/19 12:22:34.0962 5744 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/05/19 12:22:34.0982 5744 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/05/19 12:22:35.0014 5744 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
2011/05/19 12:22:35.0056 5744 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2011/05/19 12:22:35.0091 5744 ICCWDT (c1010add3ddae1196ed21057af7b2aae) C:\Windows\system32\DRIVERS\ICCWDT.sys
2011/05/19 12:22:35.0122 5744 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/05/19 12:22:35.0152 5744 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/05/19 12:22:35.0162 5744 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/19 12:22:35.0278 5744 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/19 12:22:35.0300 5744 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/05/19 12:22:35.0325 5744 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/05/19 12:22:35.0380 5744 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/05/19 12:22:35.0402 5744 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/05/19 12:22:35.0438 5744 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/05/19 12:22:35.0490 5744 JRAID (a577f5db30f70eca9708c07c2eacbd9d) C:\Windows\system32\DRIVERS\jraid.sys
2011/05/19 12:22:35.0505 5744 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/19 12:22:35.0515 5744 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/19 12:22:35.0552 5744 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/19 12:22:35.0705 5744 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/05/19 12:22:35.0779 5744 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/05/19 12:22:35.0810 5744 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/19 12:22:35.0837 5744 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/05/19 12:22:35.0894 5744 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/05/19 12:22:35.0941 5744 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/05/19 12:22:35.0997 5744 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/05/19 12:22:36.0096 5744 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/05/19 12:22:36.0213 5744 MDFSYSNT (99875732a0c1373316af28ed79c168cc) C:\Windows\system32\drivers\MDFSYSNT.sys
2011/05/19 12:22:36.0252 5744 MDPMGRNT (8d3b834090836a01f49b97f22ae9c83c) C:\Windows\system32\DRIVERS\MDPMGRNT.SYS
2011/05/19 12:22:36.0298 5744 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/05/19 12:22:36.0342 5744 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/05/19 12:22:36.0385 5744 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
2011/05/19 12:22:36.0416 5744 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/05/19 12:22:36.0507 5744 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/19 12:22:36.0574 5744 MotioninJoyXFilter (027bc94441e980d96321fcd2722c8afa) C:\Windows\system32\DRIVERS\MijXfilt.sys
2011/05/19 12:22:36.0574 5744 Suspicious file (Forged): C:\Windows\system32\DRIVERS\MijXfilt.sys. Real md5: 027bc94441e980d96321fcd2722c8afa, Fake md5: 23239e0085130b85b7c6234d404d630f
2011/05/19 12:22:36.0577 5744 MotioninJoyXFilter - detected ForgedFile.Multi.Generic (1)
2011/05/19 12:22:36.0615 5744 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/19 12:22:36.0629 5744 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/19 12:22:36.0656 5744 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/05/19 12:22:36.0684 5744 MpFilter (e6ba8e5a4a871899e23d64573ef58ee9) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/05/19 12:22:36.0758 5744 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/05/19 12:22:36.0783 5744 MpNWMon (98b09a4f2c462441030b83a80a3f6fb3) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/05/19 12:22:36.0800 5744 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/19 12:22:36.0893 5744 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/05/19 12:22:36.0914 5744 mrxsmb (c2b4651001a867ff3f8865863b592991) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/19 12:22:36.0987 5744 mrxsmb10 (7e79946afc5f799ab62982282be5ac13) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/19 12:22:37.0035 5744 mrxsmb20 (5fb954100cea2bfec6446fbbecaa3f79) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/19 12:22:37.0046 5744 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/05/19 12:22:37.0078 5744 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/05/19 12:22:37.0097 5744 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/05/19 12:22:37.0114 5744 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/05/19 12:22:37.0125 5744 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/05/19 12:22:37.0164 5744 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/19 12:22:37.0177 5744 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/19 12:22:37.0189 5744 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/05/19 12:22:37.0227 5744 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/05/19 12:22:37.0314 5744 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/05/19 12:22:37.0345 5744 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/05/19 12:22:37.0357 5744 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/05/19 12:22:37.0370 5744 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/05/19 12:22:37.0435 5744 mv91xx (34d08c9c64f657d194961e96c47e9c69) C:\Windows\system32\DRIVERS\mv91xx.sys
2011/05/19 12:22:37.0508 5744 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/19 12:22:37.0583 5744 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/05/19 12:22:37.0616 5744 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/05/19 12:22:37.0646 5744 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/19 12:22:37.0739 5744 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/19 12:22:37.0776 5744 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/19 12:22:37.0821 5744 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/05/19 12:22:37.0853 5744 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/19 12:22:37.0896 5744 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/19 12:22:37.0954 5744 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/05/19 12:22:38.0006 5744 NisDrv (3713e8452b88d3e0be095e06b6fbc776) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/05/19 12:22:38.0025 5744 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/05/19 12:22:38.0040 5744 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/19 12:22:38.0490 5744 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2011/05/19 12:22:38.0603 5744 NuidFltr (317020d31f1696334679b9d0416eb62e) C:\Windows\system32\DRIVERS\NuidFltr.sys
2011/05/19 12:22:38.0624 5744 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/05/19 12:22:38.0674 5744 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys
2011/05/19 12:22:38.0733 5744 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys
2011/05/19 12:22:38.0787 5744 NVHDA (f2662fdc20518ee8a8eed4f61ba42349) C:\Windows\system32\drivers\nvhda64v.sys
2011/05/19 12:22:39.0266 5744 nvlddmkm (a963c2c276a97b088ded5d7a83be8052) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/05/19 12:22:39.0575 5744 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2011/05/19 12:22:39.0594 5744 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2011/05/19 12:22:39.0659 5744 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/05/19 12:22:39.0695 5744 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/05/19 12:22:39.0821 5744 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/05/19 12:22:39.0860 5744 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/05/19 12:22:39.0876 5744 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/05/19 12:22:39.0889 5744 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/05/19 12:22:39.0921 5744 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/05/19 12:22:39.0934 5744 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/05/19 12:22:39.0983 5744 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/05/19 12:22:40.0064 5744 Point64 (33328fa8a580885ab0065be6db266e9f) C:\Windows\system32\DRIVERS\point64.sys
2011/05/19 12:22:40.0091 5744 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/19 12:22:40.0175 5744 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/05/19 12:22:40.0223 5744 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/19 12:22:40.0311 5744 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/05/19 12:22:40.0344 5744 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/05/19 12:22:40.0364 5744 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/19 12:22:40.0390 5744 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/19 12:22:40.0452 5744 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/05/19 12:22:40.0484 5744 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/19 12:22:40.0500 5744 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/19 12:22:40.0561 5744 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/19 12:22:40.0593 5744 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/19 12:22:40.0607 5744 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/05/19 12:22:40.0622 5744 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/19 12:22:40.0663 5744 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
2011/05/19 12:22:40.0676 5744 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/19 12:22:40.0692 5744 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/05/19 12:22:40.0761 5744 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
2011/05/19 12:22:40.0838 5744 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/05/19 12:22:40.0884 5744 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/05/19 12:22:41.0008 5744 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/05/19 12:22:41.0032 5744 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/19 12:22:41.0089 5744 RzSynapse (bedafaf4524c00edc068de3adf151f9d) C:\Windows\system32\DRIVERS\RzSynapse.sys
2011/05/19 12:22:41.0119 5744 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
2011/05/19 12:22:41.0146 5744 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/05/19 12:22:41.0195 5744 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/05/19 12:22:41.0280 5744 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/05/19 12:22:41.0311 5744 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/05/19 12:22:41.0408 5744 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/05/19 12:22:41.0437 5744 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/05/19 12:22:41.0502 5744 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/05/19 12:22:41.0519 5744 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/19 12:22:41.0539 5744 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/05/19 12:22:41.0567 5744 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/19 12:22:41.0611 5744 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/05/19 12:22:41.0633 5744 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/05/19 12:22:41.0646 5744 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/05/19 12:22:41.0685 5744 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/05/19 12:22:41.0723 5744 srv (65bbf4920148c2ee279055da7228fc7b) C:\Windows\system32\DRIVERS\srv.sys
2011/05/19 12:22:41.0810 5744 srv2 (da939f762a1ccc2d77428621ddbd40a7) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/19 12:22:41.0831 5744 srvnet (3f847c9dc87299516f7dc82fb6572865) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/19 12:22:41.0864 5744 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/05/19 12:22:41.0882 5744 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
2011/05/19 12:22:41.0895 5744 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
2011/05/19 12:22:41.0921 5744 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/05/19 12:22:42.0227 5744 Tcpip (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\drivers\tcpip.sys
2011/05/19 12:22:42.0269 5744 TCPIP6 (509383e505c973ed7534a06b3d19688d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/19 12:22:42.0330 5744 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/19 12:22:42.0362 5744 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/05/19 12:22:42.0381 5744 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/05/19 12:22:42.0420 5744 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/19 12:22:42.0434 5744 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/05/19 12:22:42.0534 5744 truecrypt (ea43de1743c1ba0d2d17b8db90c91d88) C:\Windows\system32\drivers\truecrypt.sys
2011/05/19 12:22:42.0701 5744 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/19 12:22:42.0723 5744 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/05/19 12:22:42.0783 5744 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/19 12:22:42.0807 5744 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/05/19 12:22:42.0838 5744 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/19 12:22:42.0888 5744 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/19 12:22:42.0901 5744 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
2011/05/19 12:22:42.0953 5744 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/05/19 12:22:43.0038 5744 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
2011/05/19 12:22:43.0086 5744 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
2011/05/19 12:22:43.0144 5744 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/19 12:22:43.0183 5744 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/05/19 12:22:43.0205 5744 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
2011/05/19 12:22:43.0230 5744 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/19 12:22:43.0261 5744 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
2011/05/19 12:22:43.0292 5744 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/19 12:22:43.0338 5744 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/19 12:22:43.0371 5744 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
2011/05/19 12:22:43.0437 5744 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/05/19 12:22:43.0474 5744 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/19 12:22:43.0493 5744 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/05/19 12:22:43.0556 5744 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/05/19 12:22:43.0600 5744 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/05/19 12:22:43.0643 5744 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
2011/05/19 12:22:43.0666 5744 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
2011/05/19 12:22:43.0679 5744 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/05/19 12:22:43.0710 5744 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/05/19 12:22:43.0903 5744 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/05/19 12:22:43.0932 5744 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/05/19 12:22:43.0982 5744 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/05/19 12:22:44.0075 5744 wacmoumonitor (43ce14e1e17da81ea71dfe686805ed07) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
2011/05/19 12:22:44.0116 5744 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
2011/05/19 12:22:44.0141 5744 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/05/19 12:22:44.0179 5744 wacomvhid (ec1ceb237e365330c1fcfc4876aa0ac0) C:\Windows\system32\DRIVERS\wacomvhid.sys
2011/05/19 12:22:44.0202 5744 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/19 12:22:44.0210 5744 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/19 12:22:44.0319 5744 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/05/19 12:22:44.0383 5744 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/19 12:22:44.0436 5744 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/05/19 12:22:44.0454 5744 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/05/19 12:22:44.0535 5744 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
2011/05/19 12:22:44.0565 5744 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/19 12:22:44.0601 5744 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/19 12:22:44.0767 5744 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/05/19 12:22:44.0792 5744 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/19 12:22:44.0851 5744 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
2011/05/19 12:22:44.0961 5744 ================================================================================
2011/05/19 12:22:44.0961 5744 Scan finished
2011/05/19 12:22:44.0961 5744 ================================================================================
2011/05/19 12:22:44.0966 3680 Detected object count: 1
2011/05/19 12:23:21.0777 3680 ForgedFile.Multi.Generic(MotioninJoyXFilter) - User select action: Skip
AnyColourYouLike
Active Member
 
Posts: 8
Joined: May 14th, 2011, 8:48 pm

Re: BSOD and recent Projeckt1 error messages

Unread postby Gary R » May 19th, 2011, 4:48 pm

Please go to Control Panel > Programs > Uninstall a program and Uninstall the following:

Astroburn Toolbar
Vuze


Astroburn Toolbar comes with Astroburn Lite, it is not necessary to the function of that program, and reports your browsing habits.

Vuze is a P2P program .... I'd like you to read the MRU policy for P2P Programs.

Once you've uninstalled both programs reboot your computer.

Next

  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:OTL
IE - HKU\S-1-5-21-1379661372-1466855195-1069677922-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = astroburn-search.com
IE - HKU\S-1-5-21-1379661372-1466855195-1069677922-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - Reg Error: Key error. File not found
[2011/05/17 20:41:32 | 000,002,071 | ---- | M] () -- C:\Users\AnyColour\AppData\Roaming\Mozilla\Firefox\Profiles\246jbym9.default\searchplugins\absearch-search.xml
[2011/04/09 14:53:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\ANYCOLOUR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\246JBYM9.DEFAULT\EXTENSIONS\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.XPI
() (No name found) -- C:\USERS\ANYCOLOUR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\246JBYM9.DEFAULT\EXTENSIONS\CANITBECHEAPER@TRAFFICBROKER.CO.UK.XPI
O3:64bit: - HKLM\..\Toolbar: (Astroburn Toolbar) - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - C:\Program Files (x86)\Astroburn Toolbar\ABToolbar64.dll ()
O3 - HKLM\..\Toolbar: (Astroburn Toolbar) - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - C:\Program Files (x86)\Astroburn Toolbar\ABToolbar.dll ()
O3 - HKU\S-1-5-21-1379661372-1466855195-1069677922-1000\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-21-1379661372-1466855195-1069677922-1006..\RunOnce: [mctadmin] File not found
O22:64bit: - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - Reg Error: Key error. File not found
O27:64bit: - HKLM IFEO\crysis.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\crysis64.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\excel.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\groove.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\infopath.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\justcause2.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\justcause2_game.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\launchgtaiv.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\msaccess.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\msoxmled.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\mspub.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\mstore.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\onenote.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\outlook.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\pinnacle_updater.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\powerpnt.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\rct2.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\unins000.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\win7ui.exe: Debugger - File not found
O27:64bit: - HKLM IFEO\Winword.exe: Debugger - File not found
O27 - HKLM IFEO\crysis.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\crysis64.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\excel.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\groove.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\infopath.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\justcause2.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\justcause2_game.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\launchgtaiv.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\msaccess.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\msoxmled.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\mspub.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\mstore.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\onenote.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\outlook.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\pinnacle_updater.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\powerpnt.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\rct2.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\unins000.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\win7ui.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O27 - HKLM IFEO\Winword.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" File not found
O33 - MountPoints2\{1c762942-6220-11e0-be3a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1c762942-6220-11e0-be3a-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Bin\ASSETUP.exe
O33 - MountPoints2\{d29d6f52-7064-11e0-82e8-00268314d352}\Shell - "" = AutoRun
O33 - MountPoints2\{d29d6f52-7064-11e0-82e8-00268314d352}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{e605a86b-6221-11e0-92e0-00268314d352}\Shell - "" = AutoRun
O33 - MountPoints2\{e605a86b-6221-11e0-92e0-00268314d352}\Shell\AutoRun\command - "" = H:\Autorun.exe

:Files
C:\ProgramData\AVAST Software
C:\Program Files\AVAST Software
C:\Program Files (x86)\Vuze

:Commands
[emptytemp]
[emptyflash]
[resethosts]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

Next

I'd like you to check a file for Viruses.
C:\Windows\system32\DRIVERS\MijXfilt.sys

  • Copy/Paste the first filepath in the quote box above into the white Upload a file box.
  • Click Send/Submit, and the file will upload to VirusTotal/Jotti, where it will be scanned by several anti-virus programmes.
  • After a while, a window will open, with details of what the scans found.
  • Note details of any viruses found.
  • Post me the details please.

Next

Please run a scan with ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go HERE then click on: Image
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Copy and paste that log in your next reply please.
  • Now click on: Image (Selecting Uninstall application on close if you so wish)

Summary of the logs I need from you in your next post:
  • OTL log
  • Results from VirusTotal or Jotti's
  • E-Set log


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: BSOD and recent Projeckt1 error messages

Unread postby AnyColourYouLike » May 19th, 2011, 9:53 pm

The driver MijXfilt.sys is from Motion Joy. I checked it and 0/20 found malware.

All processes killed
========== OTL ==========
HKU\S-1-5-21-1379661372-1466855195-1069677922-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1379661372-1466855195-1069677922-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
C:\Users\AnyColour\AppData\Roaming\Mozilla\Firefox\Profiles\246jbym9.default\searchplugins\absearch-search.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} folder moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EFEED92A-A33D-4873-BA8F-32BAA631E54D} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFEED92A-A33D-4873-BA8F-32BAA631E54D}\ deleted successfully.
File C:\Program Files (x86)\Astroburn Toolbar\ABToolbar64.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EFEED92A-A33D-4873-BA8F-32BAA631E54D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFEED92A-A33D-4873-BA8F-32BAA631E54D}\ not found.
File C:\Program Files (x86)\Astroburn Toolbar\ABToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1379661372-1466855195-1069677922-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}\ not found.
File No not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1379661372-1466855195-1069677922-1006\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{1984D045-52CF-49cd-DB77-08F378FEA4DB} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1984D045-52CF-49cd-DB77-08F378FEA4DB}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\crysis.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\crysis64.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\groove.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infopath.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\justcause2.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\justcause2_game.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\launchgtaiv.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msaccess.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoxmled.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mspub.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mstore.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onenote.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outlook.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pinnacle_updater.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerpnt.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rct2.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\win7ui.exe\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Winword.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\crysis.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\crysis64.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\groove.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infopath.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\justcause2.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\justcause2_game.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\launchgtaiv.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msaccess.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoxmled.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mspub.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mstore.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onenote.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outlook.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pinnacle_updater.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerpnt.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rct2.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\win7ui.exe\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Winword.exe\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c762942-6220-11e0-be3a-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1c762942-6220-11e0-be3a-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c762942-6220-11e0-be3a-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1c762942-6220-11e0-be3a-806e6f6e6963}\ not found.
File D:\.\Bin\ASSETUP.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d29d6f52-7064-11e0-82e8-00268314d352}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d29d6f52-7064-11e0-82e8-00268314d352}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d29d6f52-7064-11e0-82e8-00268314d352}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d29d6f52-7064-11e0-82e8-00268314d352}\ not found.
File F:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e605a86b-6221-11e0-92e0-00268314d352}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e605a86b-6221-11e0-92e0-00268314d352}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e605a86b-6221-11e0-92e0-00268314d352}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e605a86b-6221-11e0-92e0-00268314d352}\ not found.
File H:\Autorun.exe not found.
========== FILES ==========
C:\ProgramData\AVAST Software\Avast\Spamconf folder moved successfully.
C:\ProgramData\AVAST Software\Avast\sounds\1033 folder moved successfully.
C:\ProgramData\AVAST Software\Avast\sounds folder moved successfully.
C:\ProgramData\AVAST Software\Avast\report folder moved successfully.
C:\ProgramData\AVAST Software\Avast\moved folder moved successfully.
C:\ProgramData\AVAST Software\Avast\log folder moved successfully.
C:\ProgramData\AVAST Software\Avast\journal folder moved successfully.
C:\ProgramData\AVAST Software\Avast\integ folder moved successfully.
C:\ProgramData\AVAST Software\Avast\HtmlData folder moved successfully.
C:\ProgramData\AVAST Software\Avast\fw folder moved successfully.
C:\ProgramData\AVAST Software\Avast\chest folder moved successfully.
C:\ProgramData\AVAST Software\Avast\backup folder moved successfully.
C:\ProgramData\AVAST Software\Avast folder moved successfully.
C:\ProgramData\AVAST Software folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\png folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\skin\icons folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\skin folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\zh-TW folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\zh-CN folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\vi-VN folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ur-PK folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\uk-UA folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\tr-TR folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\sv-SE folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\sl-SI folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\sk-SK folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ru-RU folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ro-RO folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\pt-PT folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\pt-BR folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\pl-PL folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\nl-NL folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\nb-NO folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ko-KR folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ja-JP folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\it-IT folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\id-ID folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\hu-HU folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\hr-HR folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\he-IL folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\fr-FR folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\fi-FI folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\et-EE folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\es-ES folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\en-US folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\en-GB folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\el-GR folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\de-DE folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\da-DK folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\cs-CZ folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ca-ES folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\bg-BG folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\be-BY folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale\ar-SA folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\locale folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF\content folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\FF folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep\Chrome folder moved successfully.
C:\Program Files\AVAST Software\Avast\WebRep folder moved successfully.
C:\Program Files\AVAST Software\Avast\sfzone folder moved successfully.
C:\Program Files\AVAST Software\Avast\Setup folder moved successfully.
C:\Program Files\AVAST Software\Avast\License folder moved successfully.
C:\Program Files\AVAST Software\Avast\flash\ammap\maps folder moved successfully.
C:\Program Files\AVAST Software\Avast\flash\ammap\icons folder moved successfully.
C:\Program Files\AVAST Software\Avast\flash\ammap folder moved successfully.
C:\Program Files\AVAST Software\Avast\flash folder moved successfully.
C:\Program Files\AVAST Software\Avast\defs\11051700 folder moved successfully.
C:\Program Files\AVAST Software\Avast\defs folder moved successfully.
C:\Program Files\AVAST Software\Avast\1033 folder moved successfully.
C:\Program Files\AVAST Software\Avast folder moved successfully.
C:\Program Files\AVAST Software folder moved successfully.
C:\Program Files (x86)\Vuze\plugins\xml_http_if_1.1.7.zip_1 folder moved successfully.
C:\Program Files (x86)\Vuze\plugins\azupnpav folder moved successfully.
C:\Program Files (x86)\Vuze\plugins\azupdater folder moved successfully.
C:\Program Files (x86)\Vuze\plugins\azrating folder moved successfully.
C:\Program Files (x86)\Vuze\plugins\azplugins folder moved successfully.
C:\Program Files (x86)\Vuze\plugins\azitunes folder moved successfully.
C:\Program Files (x86)\Vuze\plugins folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\zi\SystemV folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\zi\Pacific folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\zi\Indian folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\zi\Europe folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\zi\Etc folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\zi\Australia folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\zi\Atlantic folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\zi\Asia folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\zi\Antarctica folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\zi\America\North_Dakota folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\zi\America\Kentucky folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\zi\America\Indiana folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\zi\America\Argentina folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\zi\America folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\zi\Africa folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\zi folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\servicetag folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\security folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\management folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\images\cursors folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\images folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\im folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\i386 folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\fonts folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\ext folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\deploy\jqs\ie folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\deploy\jqs\ff\chrome\content folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\deploy\jqs\ff\chrome folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\deploy\jqs\ff folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\deploy\jqs folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\deploy folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib\cmm folder moved successfully.
C:\Program Files (x86)\Vuze\jre\lib folder moved successfully.
C:\Program Files (x86)\Vuze\jre\bin\new_plugin folder moved successfully.
C:\Program Files (x86)\Vuze\jre\bin\client folder moved successfully.
C:\Program Files (x86)\Vuze\jre\bin folder moved successfully.
C:\Program Files (x86)\Vuze\jre folder moved successfully.
C:\Program Files (x86)\Vuze\.install4j folder moved successfully.
C:\Program Files (x86)\Vuze folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AnyColour
->Temp folder emptied: 17639691 bytes
->Temporary Internet Files folder emptied: 5565610 bytes
->Java cache emptied: 648409 bytes
->FireFox cache emptied: 295784921 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 44418 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Mcx1-BEAST
->Temp folder emptied: 516 bytes
->Temporary Internet Files folder emptied: 1057274 bytes
->Flash cache emptied: 41620 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 7619792 bytes
%systemroot%\System32 (64bit) .tmp files removed: 9933008 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 37682 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67563 bytes
RecycleBin emptied: 385778 bytes

Total Files Cleaned = 323.00 mb


[EMPTYFLASH]

User: All Users

User: AnyColour
->Flash cache emptied: 0 bytes

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Mcx1-BEAST
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.22.3 log created on 05192011_185529

Files\Folders moved on Reboot...
C:\Users\AnyColour\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\AnyColour\AppData\Local\Mozilla\Firefox\Profiles\246jbym9.default\XUL.mfl moved successfully.

Registry entries deleted on Reboot...


E-Set didnt find any threats. I stupidly pressed finished before i saved the log :-/

Before the response yesterday i did use MalWare Bytes to delete a threat it found (sdra64.exe)
its possible the threat is no longer?
AnyColourYouLike
Active Member
 
Posts: 8
Joined: May 14th, 2011, 8:48 pm

Re: BSOD and recent Projeckt1 error messages

Unread postby Gary R » May 20th, 2011, 1:07 am

The Motion Joy file was scanned because TDSSKiller flagged it as a "forged" file, based on its MD5 check. Glad to see that looks like it was a false positive.

I'd like to have a look at the log from your last Malwarebytes scan if I can please ....

  • Click on the Logs tab.
    • Click on the log at the bottom of those listed to highlight it, newest logs are usually at the bottom.
    • Click Open
    • Check to make sure it's the correct log.
    • Post it in your next reply.

How is your computer behaving now ?
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: BSOD and recent Projeckt1 error messages

Unread postby AnyColourYouLike » May 20th, 2011, 3:13 pm

Here's the log you requested. I feel like everything is back in order, no odd crashes from a blue screen and no more suspicious dialogue boxes. I removed Tuneup utilities and the second antivirus that was installed per recommendations on this site. I can't thank you enough for taking time to help me, i know reading through my logs is surely a chore.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6598

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

5/17/2011 11:58:09 AM
mbam-log-2011-05-17 (11-58-09).txt

Scan type: Quick scan
Objects scanned: 184765
Time elapsed: 1 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\anycolour\AppData\Roaming\sdra64.exe (Spyware.Zbot) -> Quarantined and deleted successfully.
AnyColourYouLike
Active Member
 
Posts: 8
Joined: May 14th, 2011, 8:48 pm

Re: BSOD and recent Projeckt1 error messages

Unread postby Gary R » May 20th, 2011, 4:08 pm

OK glad to hear things are running smoothly for you now, time for a little tidying up, then I'll make a few suggestions about security.

Let's clear out OTL and the files and folders it created. This will also remove TDSSKiller.
  • Double click OTL.exe to launch the programme.
  • Click on the CleanUp! button.
  • OTL will download a list from the Internet, if your firewall or other defensive programmes alerts you, allow it access.
  • You will be prompted to allow the clean up procedure, click Yes
  • When finished exit out of OTL
  • Now delete OTL.exe (if still present).

As far as I can see, your computer looks clear of infection now.

Are you still noticing any problems ?
  • If you are let me know about them.
  • If not it's time to make your computer more secure.

Please read the article below which will give you a few suggestions for how to minimise your chances of getting another infection.

If your computer is running slowly after your clean up, please read.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: BSOD and recent Projeckt1 error messages

Unread postby Gary R » May 23rd, 2011, 9:18 am

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 132 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware