Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

constant BSOD crashing


  • This topic is locked This topic is locked
2 replies to this topic

#1 zip55

zip55

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:24 PM

Posted 07 April 2010 - 02:20 PM

Just some background on the problem. My pc has been running fine for months until 2 weeks ago. I was running 64bit windows 7 home premium and my firefox browser would constantly crash and so would desktop gadgets.exe. I reformatted the drive and attempted to install 7 back but it could not complete the installation due to a corrupt or missing file or so it said(this is the same dvd I installed it from the first time). So i tried to install the 32bit version and it worked. But now a week later my firefox still crashes desktop gadgets.exe still crashes and I have gotten 3 blue screens in the past 3 days. I have no idea what is going and any help would be greatly appreciated.

I was only at my pc for the first bsod which was usbaudio.sys the other 2 I did not see because my pc had restarted by the time I returned.


DDS (Ver_10-03-17.01) - NTFSx86
Run by Kenny at 14:55:37.10 on Wed 04/07/2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3583.2692 [GMT -4:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Steam\Steam.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Kenny\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\kenny\appdata\roaming\mozilla\firefox\profiles\93wjo8o8.default\
FF - prefs.js: browser.startup.homepage - www.msn.com
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2010-3-16 240232]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-28 1343400]

=============== Created Last 30 ================

2010-04-06 03:03:45 246702776 ----a-w- c:\windows\MEMORY.DMP
2010-04-02 17:05:54 0 d-----w- c:\users\kenny\dwhelper
2010-04-02 14:29:39 32656 ----a-w- c:\windows\system32\msonpmon.dll
2010-04-02 14:27:54 0 d-----w- c:\programdata\Microsoft Help
2010-03-29 14:21:45 0 d-----w- c:\users\kenny\appdata\roaming\NVIDIA
2010-03-29 14:20:54 0 d-----w- c:\program files\CoreCodec
2010-03-29 02:37:51 0 d-----w- c:\program files\Ventrilo
2010-03-29 02:37:48 262 ----a-w- c:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
2010-03-29 02:37:19 0 d-----w- c:\program files\common files\Wise Installation Wizard
2010-03-29 02:19:21 8192 --sha-r- C:\BOOTSECT.BAK
2010-03-29 00:28:25 0 d-----w- c:\program files\uTorrent
2010-03-29 00:28:00 0 d-----w- c:\users\kenny\appdata\roaming\uTorrent
2010-03-29 00:20:03 0 d-----w- c:\program files\Steam
2010-03-29 00:20:03 0 d-----w- c:\program files\common files\Steam
2010-03-29 00:05:57 0 d-----w- c:\windows\Panther
2010-03-29 00:00:12 0 d-----w- C:\Windows.old
2010-03-28 23:55:24 0 d-sh--w- C:\Boot
2010-03-28 23:53:23 383562 --sha-r- C:\bootmgr
2010-03-28 23:40:38 0 d-----w- C:\Windows.old.000
2010-03-28 21:10:02 0 d-----w- c:\program files\Combined Community Codec Pack
2010-03-28 21:06:53 0 d-----w- c:\windows\system32\directx
2010-03-28 21:04:59 0 d-----w- c:\program files\DCoder Image Source
2010-03-28 21:04:58 0 d-----w- c:\program files\SHOUTcast Source
2010-03-28 21:04:57 0 d-----w- c:\program files\MONOGRAM AMR SplitterDecoder
2010-03-28 21:04:56 0 d-----w- c:\program files\Gabest MPEG Splitter
2010-03-28 21:04:56 0 d-----w- c:\program files\CD Audio Reader Filter
2010-03-28 21:04:54 0 d-----w- c:\program files\OpenSource DTSAC3DD+ Source Filter
2010-03-28 21:04:52 0 d-----w- c:\program files\RealMedia
2010-03-28 21:04:33 0 d-----w- c:\program files\DScaler5
2010-03-28 21:04:28 497664 ----a-w- c:\windows\system32\ac3filter.acm
2010-03-28 21:04:28 0 d-----w- c:\program files\AC3Filter
2010-03-28 21:04:22 0 d-----w- c:\program files\OpenSource Flash Video Splitter
2010-03-28 21:04:20 0 d-----w- c:\program files\DirectVobSub
2010-03-28 21:04:19 0 d-----w- c:\program files\Haali
2010-03-28 21:04:16 0 d-----w- c:\program files\Bass Audio Decoder
2010-03-28 21:04:12 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2010-03-28 21:04:12 57344 ----a-w- c:\windows\system32\ff_vfw.dll
2010-03-28 21:04:11 0 d-----w- c:\program files\ffdshow
2010-03-28 21:03:48 0 d-----w- c:\program files\Zoom Player
2010-03-28 21:00:57 0 d-----w- c:\users\kenny\Tracing
2010-03-28 20:58:02 0 d-----w- c:\program files\Microsoft
2010-03-28 20:57:43 0 d-----w- c:\program files\Windows Live SkyDrive
2010-03-28 20:57:11 0 d-----w- c:\windows\PCHEALTH
2010-03-28 20:54:31 0 d-----w- c:\program files\common files\Windows Live
2010-03-28 20:50:49 0 d-----w- c:\programdata\NVIDIA
2010-03-28 20:50:28 0 d-----w- c:\program files\NVIDIA Corporation
2010-03-28 20:23:33 257024 ----a-w- c:\windows\system32\msv1_0.dll
2010-03-28 20:23:21 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-03-28 20:22:11 0 d-----w- c:\windows\system32\Wat
2010-03-28 20:19:13 713888 ----a-w- c:\windows\system32\PerfStringBackup.INI
2010-03-28 20:19:01 0 d-----w- c:\windows\system32\wbem\Performance
2010-03-28 20:16:53 0 d-sh--w- C:\Recovery
2010-03-16 06:15:00 985704 ----a-w- c:\windows\system32\nvsvc.dll
2010-03-16 06:15:00 66664 ----a-w- c:\windows\system32\nvshext.dll
2010-03-16 06:15:00 129640 ----a-w- c:\windows\system32\nvvsvc.exe
2010-03-16 06:14:00 13683816 ----a-w- c:\windows\system32\nvcpl.dll
2010-03-16 06:14:00 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-03-16 06:13:50 66714 ----a-w- c:\windows\system32\NvwsApps.xml
2010-03-16 06:13:50 276196 ----a-w- c:\windows\system32\NvApps.xml

==================== Find3M ====================

2010-02-04 14:01:14 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-02-04 14:01:14 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-02-04 14:01:14 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-02-04 14:01:14 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-02-02 07:45:54 2048 ----a-w- c:\windows\system32\tzres.dll
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 14:55:54.18 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:24 AM

Posted 10 April 2010 - 06:41 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks thumbup2.gif
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:24 AM

Posted 16 April 2010 - 06:52 PM

This topic has been closed.

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users