Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Netio.sys blue screen


  • Please log in to reply
11 replies to this topic

#1 Binkenstein

Binkenstein

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:33 AM

Posted 22 December 2013 - 09:44 PM

Have a bit of a puzzler here. I can't see anything in the dump files that points to anything useful. Does anyone have a fix suggestion, or should I try ye olde windows reinstall to attempt to bypass the issue?
 
 
 

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000028, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff88001f7f6fd, address which referenced memory
 
Debugging Details:
------------------
 
 
READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002eba100
GetUlongFromAddress: unable to read from fffff80002eba1c0
 0000000000000028 Nonpaged pool
 
CURRENT_IRQL:  2
 
FAULTING_IP: 
NETIO!RtlCopyBufferToMdl+1d
fffff880`01f7f6fd 448b5228        mov     r10d,dword ptr [rdx+28h]
 
CUSTOMER_CRASH_COUNT:  2
 
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
 
BUGCHECK_STR:  0xD1
 
PROCESS_NAME:  System
 
TRAP_FRAME:  fffff88003b6f790 -- (.trap 0xfffff88003b6f790)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffff88003b6f9b0 rbx=0000000000000000 rcx=0000000000000000
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff88001f7f6fd rsp=fffff88003b6f920 rbp=fffff88003b6fa48
 r8=00000000ffffffbc  r9=0000000000000044 r10=0000000000000000
r11=fffffa8014253090 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl zr na po nc
NETIO!RtlCopyBufferToMdl+0x1d:
fffff880`01f7f6fd 448b5228        mov     r10d,dword ptr [rdx+28h] ds:00000000`00000028=????????
Resetting default scope
 
LAST_CONTROL_TRANSFER:  from fffff80002c82169 to fffff80002c82bc0
 
STACK_TEXT:  
fffff880`03b6f648 fffff800`02c82169 : 00000000`0000000a 00000000`00000028 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
fffff880`03b6f650 fffff800`02c80de0 : fffffa80`13ce5db0 00000000`00000006 fffffa80`13ce5db0 00000000`00000044 : nt!KiBugCheckDispatch+0x69
fffff880`03b6f790 fffff880`01f7f6fd : fffffa80`0cd1b030 fffff880`01f7c941 00000000`00000246 fffff800`02c6c20b : nt!KiPageFault+0x260
fffff880`03b6f920 fffff880`020a74eb : 00000000`00000000 fffff880`02075802 00000000`00000000 00000000`0000000c : NETIO!RtlCopyBufferToMdl+0x1d
fffff880`03b6f980 fffff880`020730f6 : fffffa80`14253090 00000000`00000000 fffffa80`15adc1d0 00000000`f2fb8d02 : tcpip! ?? ::FNODOBFM::`string'+0x1bb3f
fffff880`03b6f9f0 fffff880`020626b8 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : tcpip!TcpTcbCarefulDatagram+0x1a46
fffff880`03b6fba0 fffff880`0206197a : fffffa80`15adc1d0 fffff880`0205a800 fffffa80`0eb5a900 fffff880`02070672 : tcpip!TcpTcbReceive+0x37c
fffff880`03b6fcb0 fffff880`02062aeb : fffff880`0686f052 fffffa80`11fff000 00000000`00000000 fffff880`03b70000 : tcpip!TcpMatchReceive+0x1fa
fffff880`03b6fe00 fffff880`0205af17 : fffffa80`0eb9c880 fffffa80`0eb98eff fffffa80`0000ff77 00000000`0000ff77 : tcpip!TcpPreValidatedReceive+0x36b
fffff880`03b6fed0 fffff880`0205aa8a : 00000000`00000000 fffff880`02168800 fffff880`03b70090 00001f80`009700a0 : tcpip!IppDeliverListToProtocol+0x97
fffff880`03b6ff90 fffff880`0205a089 : 00000000`00000000 00000000`00000000 00000000`00000000 fffff880`03b70080 : tcpip!IppProcessDeliverList+0x5a
fffff880`03b70030 fffff880`02057d2f : 00000000`00000000 00000000`1333b000 fffff880`02168800 fffff880`02168800 : tcpip!IppReceiveHeaderBatch+0x23a
fffff880`03b70110 fffff880`02057302 : fffffa80`1333e4b0 00000000`00000000 fffffa80`1333b000 00000000`00000001 : tcpip!IpFlcReceivePackets+0x64f
fffff880`03b70310 fffff880`020c9bca : fffffa80`00000000 fffffa80`15778610 fffffa80`1333b010 fffff880`03b70400 : tcpip!FlpReceiveNonPreValidatedNetBufferListChain+0x2b2
fffff880`03b703f0 fffff800`02c8e878 : fffffa80`15778610 fffffa80`00000000 fffffa80`0c772b50 00000000`00000001 : tcpip! ?? ::FNODOBFM::`string'+0x49ca2
fffff880`03b70440 fffff880`02056e22 : fffff880`02056650 00000000`00000014 00000000`00000000 fffffa80`14d0d201 : nt!KeExpandKernelStackAndCalloutEx+0xd8
fffff880`03b70520 fffff880`01f3b0eb : fffffa80`1333e8d0 00000000`00000000 fffffa80`130681a0 fffffa80`0eb8bc38 : tcpip!FlReceiveNetBufferListChain+0xb2
fffff880`03b70590 fffff880`01f04ad6 : fffffa80`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ndis!ndisMIndicateNetBufferListsToOpen+0xdb
fffff880`03b70600 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ndis!ndisMDispatchReceiveNetBufferLists+0x1d6
 
 
STACK_COMMAND:  kb
 
FOLLOWUP_IP: 
NETIO!RtlCopyBufferToMdl+1d
fffff880`01f7f6fd 448b5228        mov     r10d,dword ptr [rdx+28h]
 
SYMBOL_STACK_INDEX:  3
 
SYMBOL_NAME:  NETIO!RtlCopyBufferToMdl+1d
 
FOLLOWUP_NAME:  MachineOwner
 
MODULE_NAME: NETIO
 
IMAGE_NAME:  NETIO.SYS
 
DEBUG_FLR_IMAGE_TIMESTAMP:  5034f6a0
 
FAILURE_BUCKET_ID:  X64_0xD1_NETIO!RtlCopyBufferToMdl+1d
 
BUCKET_ID:  X64_0xD1_NETIO!RtlCopyBufferToMdl+1d
 
Followup: MachineOwner
---------

Attached Files


Edited by Budapest, 23 December 2013 - 04:04 AM.
Moved from Win7 ~Budapest


BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:33 PM

Posted 22 December 2013 - 10:43 PM

Please download MiniToolBox, and save it to your desktop and run it, and checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

#3 Binkenstein

Binkenstein
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:33 AM

Posted 22 December 2013 - 11:07 PM

MiniToolBox by Farbar  Version: 18-12-2013
Ran by Binkenstein (administrator) on 23-12-2013 at 17:06:31
Running from "J:\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Hex
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : WAG320N
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : WAG320N
   Description . . . . . . . . . . . : Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : 94-DE-80-65-17-5D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5ed:483f:b7b5:9b28%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.108(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, 23 December 2013 10:15:35 a.m.
   Lease Expires . . . . . . . . . . : Tuesday, 24 December 2013 10:15:35 a.m.
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 244637312
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-14-D5-5B-94-DE-80-65-17-5D
   DNS Servers . . . . . . . . . . . : 208.67.222.222
                                       208.67.220.220
                                       202.37.101.1
                                       202.37.101.2
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.WAG320N:
 
   Connection-specific DNS Suffix  . : WAG320N
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.108%13(Preferred) 
   Default Gateway . . . . . . . . . : 
   DNS Servers . . . . . . . . . . . : 208.67.222.222
                                       208.67.220.220
                                       202.37.101.1
                                       202.37.101.2
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:2079:1dac:90ba:8e0(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::2079:1dac:90ba:8e0%11(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  resolver1.opendns.com
Address:  208.67.222.222
 
Name:    google.com.WAG320N
Address:  67.215.65.132
 
 
Pinging google.com [74.125.237.174] with 32 bytes of data:
Reply from 74.125.237.174: bytes=32 time=48ms TTL=57
Reply from 74.125.237.174: bytes=32 time=48ms TTL=57
 
Ping statistics for 74.125.237.174:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 48ms, Maximum = 48ms, Average = 48ms
Server:  resolver1.opendns.com
Address:  208.67.222.222
 
Name:    yahoo.com.WAG320N
Address:  67.215.65.132
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=214ms TTL=47
Reply from 98.139.183.24: bytes=32 time=296ms TTL=47
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 214ms, Maximum = 296ms, Average = 255ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...94 de 80 65 17 5d ......Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.108     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.108    266
    192.168.1.108  255.255.255.255         On-link     192.168.1.108    266
    192.168.1.255  255.255.255.255         On-link     192.168.1.108    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.108    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.108    266
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 11     58 2001::/32                On-link
 11    306 2001:0:5ef5:79fb:2079:1dac:90ba:8e0/128
                                    On-link
 10    266 fe80::/64                On-link
 11    306 fe80::/64                On-link
 13    266 fe80::5efe:192.168.1.108/128
                                    On-link
 10    266 fe80::5ed:483f:b7b5:9b28/128
                                    On-link
 11    306 fe80::2079:1dac:90ba:8e0/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    306 ff00::/8                 On-link
 10    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (12/21/2013 05:07:28 PM) (Source: Application Error) (User: )
Description: Faulting application name: Sins of a Solar Empire Rebellion.exe, version: 1.8.0.0, time stamp: 0x527bddfb
Faulting module name: Sins of a Solar Empire Rebellion.exe, version: 1.8.0.0, time stamp: 0x527bddfb
Exception code: 0xc0000005
Fault offset: 0x00177c25
Faulting process id: 0xc18
Faulting application start time: 0xSins of a Solar Empire Rebellion.exe0
Faulting application path: Sins of a Solar Empire Rebellion.exe1
Faulting module path: Sins of a Solar Empire Rebellion.exe2
Report Id: Sins of a Solar Empire Rebellion.exe3
 
Error: (12/21/2013 05:02:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: Sins of a Solar Empire Rebellion.exe, version: 1.8.0.0, time stamp: 0x527bddfb
Faulting module name: Sins of a Solar Empire Rebellion.exe, version: 1.8.0.0, time stamp: 0x527bddfb
Exception code: 0xc0000005
Fault offset: 0x00177c25
Faulting process id: 0xe48
Faulting application start time: 0xSins of a Solar Empire Rebellion.exe0
Faulting application path: Sins of a Solar Empire Rebellion.exe1
Faulting module path: Sins of a Solar Empire Rebellion.exe2
Report Id: Sins of a Solar Empire Rebellion.exe3
 
Error: (12/21/2013 04:59:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: Sins of a Solar Empire Rebellion.exe, version: 1.8.0.0, time stamp: 0x527bddfb
Faulting module name: Sins of a Solar Empire Rebellion.exe, version: 1.8.0.0, time stamp: 0x527bddfb
Exception code: 0xc0000005
Fault offset: 0x00177c25
Faulting process id: 0x1d88
Faulting application start time: 0xSins of a Solar Empire Rebellion.exe0
Faulting application path: Sins of a Solar Empire Rebellion.exe1
Faulting module path: Sins of a Solar Empire Rebellion.exe2
Report Id: Sins of a Solar Empire Rebellion.exe3
 
Error: (12/21/2013 03:39:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error: (12/15/2013 08:24:22 PM) (Source: Application Error) (User: )
Description: Faulting application name: wmplayer.exe, version: 12.0.7601.18150, time stamp: 0x518c6df8
Faulting module name: ac3filter.ax_unloaded, version: 0.0.0.0, time stamp: 0x4fde1df8
Exception code: 0xc0000005
Fault offset: 0x5301d3a0
Faulting process id: 0x2230
Faulting application start time: 0xwmplayer.exe0
Faulting application path: wmplayer.exe1
Faulting module path: wmplayer.exe2
Report Id: wmplayer.exe3
 
Error: (12/15/2013 08:10:44 AM) (Source: Application Error) (User: )
Description: Faulting application name: trillian.exe, version: 5.4.0.13, time stamp: 0x52654569
Faulting module name: talk.dll, version: 5.4.0.13, time stamp: 0x5265451e
Exception code: 0xc0000409
Fault offset: 0x001b1ef2
Faulting process id: 0x1f5c
Faulting application start time: 0xtrillian.exe0
Faulting application path: trillian.exe1
Faulting module path: trillian.exe2
Report Id: trillian.exe3
 
Error: (12/14/2013 00:00:59 PM) (Source: Application Hang) (User: )
Description: The program windbg.exe version 6.2.9200.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1e44
 
Start Time: 01cef85705f6710b
 
Termination Time: 6
 
Application Path: D:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\windbg.exe
 
Report Id: 6c3b2e1f-644a-11e3-a195-94de8065175d
 
Error: (12/12/2013 07:11:06 PM) (Source: Chrome) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=31.0.1650.63;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\354b9f8f-1b12-421f-8cf3-21619d4dbf6d.dmp
 
Error: (12/10/2013 09:02:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: BatmanOrigins.exe, version: 1.0.0.0, time stamp: 0x529d4188
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1116
Exception code: 0xe06d7363
Fault offset: 0x0000c41f
Faulting process id: 0x2388
Faulting application start time: 0xBatmanOrigins.exe0
Faulting application path: BatmanOrigins.exe1
Faulting module path: BatmanOrigins.exe2
Report Id: BatmanOrigins.exe3
 
Error: (12/10/2013 08:56:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: BatmanOrigins.exe, version: 1.0.0.0, time stamp: 0x529d4188
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1116
Exception code: 0xe06d7363
Fault offset: 0x0000c41f
Faulting process id: 0x1914
Faulting application start time: 0xBatmanOrigins.exe0
Faulting application path: BatmanOrigins.exe1
Faulting module path: BatmanOrigins.exe2
Report Id: BatmanOrigins.exe3
 
 
System errors:
=============
Error: (12/23/2013 10:15:30 AM) (Source: BugCheck) (User: )
Description: 0x000000d1 (0x0000000000000028, 0x0000000000000002, 0x0000000000000000, 0xfffff88001e9e6fd)C:\Windows\MEMORY.DMP122313-8907-01
 
Error: (12/23/2013 10:15:29 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:13:33 a.m. on ?23/?12/?2013 was unexpected.
 
Error: (12/23/2013 08:32:03 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (12/23/2013 06:31:39 AM) (Source: BugCheck) (User: )
Description: 0x000000d1 (0x0000000000000028, 0x0000000000000002, 0x0000000000000000, 0xfffff88001f7f6fd)C:\Windows\MEMORY.DMP122313-9812-02
 
Error: (12/23/2013 06:31:38 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:30:40 a.m. on ?23/?12/?2013 was unexpected.
 
Error: (12/23/2013 06:14:36 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.
 
Error: (12/23/2013 06:14:34 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.
 
Error: (12/23/2013 05:31:47 AM) (Source: BugCheck) (User: )
Description: 0x000000d1 (0x0000000000000028, 0x0000000000000002, 0x0000000000000000, 0xfffff88001f216fd)C:\Windows\MEMORY.DMP122313-9812-01
 
Error: (12/23/2013 05:31:46 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 5:26:51 a.m. on ?23/?12/?2013 was unexpected.
 
Error: (12/22/2013 11:50:31 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
 
Microsoft Office Sessions:
=========================
Error: (12/21/2013 05:07:28 PM) (Source: Application Error)(User: )
Description: Sins of a Solar Empire Rebellion.exe1.8.0.0527bddfbSins of a Solar Empire Rebellion.exe1.8.0.0527bddfbc000000500177c25c1801cefe01870e8820D:\Steam\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exeD:\Steam\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe6745557f-69f5-11e3-8e64-94de8065175d
 
Error: (12/21/2013 05:02:48 PM) (Source: Application Error)(User: )
Description: Sins of a Solar Empire Rebellion.exe1.8.0.0527bddfbSins of a Solar Empire Rebellion.exe1.8.0.0527bddfbc000000500177c25e4801cefe0112a18346D:\Steam\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exeD:\Steam\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exec060b8e8-69f4-11e3-8e64-94de8065175d
 
Error: (12/21/2013 04:59:08 PM) (Source: Application Error)(User: )
Description: Sins of a Solar Empire Rebellion.exe1.8.0.0527bddfbSins of a Solar Empire Rebellion.exe1.8.0.0527bddfbc000000500177c251d8801cefe007cff07f0D:\Steam\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exeD:\Steam\steamapps\common\Sins of a Solar Empire Rebellion\Sins of a Solar Empire Rebellion.exe3d4120e6-69f4-11e3-8e64-94de8065175d
 
Error: (12/21/2013 03:39:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestJ:\Downloads\SoftonicDownloader_for_cisco-network-magic.exe
 
Error: (12/15/2013 08:24:22 PM) (Source: Application Error)(User: )
Description: wmplayer.exe12.0.7601.18150518c6df8ac3filter.ax_unloaded0.0.0.04fde1df8c00000055301d3a0223001cef905ec33b9efC:\Program Files (x86)\Windows Media Player\wmplayer.exeac3filter.axea8aa6b2-6559-11e3-94b3-94de8065175d
 
Error: (12/15/2013 08:10:44 AM) (Source: Application Error)(User: )
Description: trillian.exe5.4.0.1352654569talk.dll5.4.0.135265451ec0000409001b1ef21f5c01cef9002f3431aaD:\Program Files (x86)\Trillian\trillian.exeD:\Program Files (x86)\Trillian\talk.dll6dc64d8f-64f3-11e3-94b3-94de8065175d
 
Error: (12/14/2013 00:00:59 PM) (Source: Application Hang)(User: )
Description: windbg.exe6.2.9200.163841e4401cef85705f6710b6D:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\windbg.exe6c3b2e1f-644a-11e3-a195-94de8065175d
 
Error: (12/12/2013 07:11:06 PM) (Source: Chrome)(User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=31.0.1650.63;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\354b9f8f-1b12-421f-8cf3-21619d4dbf6d.dmp
 
Error: (12/10/2013 09:02:00 PM) (Source: Application Error)(User: )
Description: BatmanOrigins.exe1.0.0.0529d4188KERNELBASE.dll6.1.7601.1822951fb1116e06d73630000c41f238801cef57d88f433f0D:\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exeC:\Windows\syswow64\KERNELBASE.dll5853633d-6171-11e3-bf18-94de8065175d
 
Error: (12/10/2013 08:56:48 PM) (Source: Application Error)(User: )
Description: BatmanOrigins.exe1.0.0.0529d4188KERNELBASE.dll6.1.7601.1822951fb1116e06d73630000c41f191401cef575dde8c733D:\Steam\steamapps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exeC:\Windows\syswow64\KERNELBASE.dll9e59b34f-6170-11e3-bf18-94de8065175d
 
 
=========================== Installed Programs ============================
 
µTorrent (Version: 3.3.0.29625)
µTorrent (Version: 3.3.2.30416)
7-Zip 9.20
AC3Filter 2.5b (Version: 2.5b)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Allway Sync version 12.16.9
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Application Verifier x64 External Package (Version: 8.59.29722)
Bass Audio Decoder (remove only)
Battle.net
Bonjour (Version: 3.0.0.10)
CameraHelperMsi (Version: 13.50.854.0)
CBR Reader
CCleaner (Version: 4.04)
CD Audio Reader Filter (remove only)
Command and Conquer: Red Alert 3
CPUID HWMonitor 1.22
CyberLink PowerDVD 12 (Version: 12.0.2625.57)
DCoder Image Source (remove only)
Debut Video Capture Software (Version: 1.82)
DirectVobSub (remove only)
DriverToolkit version 8.1.1.0 (Version: 8.1.1.0)
Dropbox (Version: 2.0.22)
DScaler 5 Mpeg Decoders
Dual-Core Optimizer (Version: 1.1.4.0169)
Eador. Masters of the Broken World
erLT (Version: 1.20.138.34)
Evil Genius
ExtractNow
ffdshow v1.2.4453 [2012-05-21] (Version: 1.2.4453.0)
FFMPEG Core Files (remove only)
FileZilla Client 3.7.3 (Version: 3.7.3)
Free Download Manager 3.9.2
FTL: Faster Than Light
Gabest MPEG Splitter (remove only)
GIMP 2.8.8 (Version: 2.8.8)
Google Chrome (Version: 31.0.1650.63)
Google Update Helper (Version: 1.3.22.3)
Haali Media Splitter
Hearthstone
iCloud (Version: 3.1.0.40)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 8.1.0.1252)
Intel® Rapid Storage Technology (Version: 11.1.0.1006)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.5.235)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
iPod2PC 4.0.0.0 (Version: 4.0.0.0)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Kits Configuration Installer (Version: 8.59.25584)
LAV Filters 0.59.1 (Version: 0.59.1)
LibreOffice 4.0.5.2 (Version: 4.0.5.2)
Logitech Gaming Software (Version: 8.30.86)
Logitech Gaming Software 8.30 (Version: 8.30.86)
Logitech SetPoint 6.52 (Version: 6.52.74)
Logitech Webcam Software (Version: 2.31)
LWS Facebook (Version: 13.50.854.0)
LWS Gallery (Version: 13.50.854.0)
LWS Help_main (Version: 13.50.862.0)
LWS Launcher (Version: 13.50.859.0)
LWS Pictures And Video (Version: 13.50.861.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
MadVR (remove only)
marvell 91xx driver (Version: 1.2.0.1039)
MetroTwit (Version: 1.1.0.3076)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (Version: 4.5.50710)
Microsoft .NET Framework 4.5 SDK (Version: 4.5.50710)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (Version: 11.0.60610.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Mozilla Firefox 25.0.1 (x86 en-US) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mumble 1.2.4 (Version: 1.2.4)
NirSoft BlueScreenView
Nitro Reader 3 (Version: 3.5.2.10)
Notepad++ (Version: 6.4.5)
NVIDIA Control Panel 331.82 (Version: 331.82)
NVIDIA Graphics Driver 331.82 (Version: 331.82)
NVIDIA HD Audio Driver 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.140.952)
NVIDIA PhysX (Version: 9.13.0725)
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725)
OpenSource AVI Splitter (remove only)
OpenSource DTS/AC3/DD+ Source Filter (remove only)
OpenSource Flash Video Splitter (remove only)
Path of Exile
PerfectDisk 12 Home Premium (Version: 12.00.290)
Picasa 3 (Version: 3.9)
Planetary Annihilation
Platform (Version: 1.39)
Postbox (3.0.8) (Version: 3.0.8 (en-US))
PowerDVD (Version: 12.0)
Prism Video File Converter
Prison Architect
Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 2.1.0.21)
QuickSFV (Remove only)
QuickTime (Version: 7.74.80.86)
RAIDar 4.3.8 (Version: 4.3.8)
Realtek Ethernet Controller Driver (Version: 7.49.927.2011)
Realtek Ethernet Diagnostic Utility (Version: 1.006)
Revo Uninstaller 1.94 (Version: 1.94)
R-Studio 6.3 (Version: 6.3.153961)
SDK Debuggers (Version: 8.59.29746)
Serif DrawPlus Starter Edition (Version: 2.0.2.010)
Sid Meier's Civilization V
Skype™ 6.11 (Version: 6.11.102)
SoftPerfect WiFi Guard version 1.0.2 (Version: 1.0.2)
Space Engineers
StarCraft II
TagScanner 5.1.643
theRenamer 7.66
Traffic Usage Checker 1.89
Trillian
UltraMon (Version: 3.2.2)
Unity Web Player (Version: )
VIA Platform Device Manager (Version: 1.39)
VideoPad Video Editor (Version: 3.04)
Winamp (Version: 5.63 )
Winamp Detector Plug-in (Version: 1.0.0.1)
WinDirStat 1.1.2
Windows App Certification Kit Native Components (Version: 8.59.29736)
Windows App Certification Kit x64 (Version: 8.59.29750)
Windows Driver Package - Intel (MEIx64) System  (09/05/2013 9.5.15.1730) (Version: 09/05/2013 9.5.15.1730)
Windows Driver Package - Intel Corporation (iaStorA) HDC  (09/20/2013 12.8.6.1000) (Version: 09/20/2013 12.8.6.1000)
Windows Driver Package - Intel System  (07/25/2013 9.3.0.1029) (Version: 07/25/2013 9.3.0.1029)
Windows Driver Package - Intel System  (10/05/2012 1.2.3.2002) (Version: 10/05/2012 1.2.3.2002)
Windows Driver Package - Intel USB  (07/31/2013 9.3.0.1030) (Version: 07/31/2013 9.3.0.1030)
Windows Driver Package - Intel® Corporation (iusb3hub) USB  (07/18/2013 1.0.9.254) (Version: 07/18/2013 1.0.9.254)
Windows Driver Package - Intel® Corporation (iusb3xhc) USB  (07/18/2013 1.0.9.254) (Version: 07/18/2013 1.0.9.254)
Windows Driver Package - NVIDIA Corporation (NVHDA) MEDIA  (06/16/2013 1.3.26.4) (Version: 06/16/2013 1.3.26.4)
Windows Driver Package - Synaptics (SmbDrv) System  (08/22/2013 17.0.10.1) (Version: 08/22/2013 17.0.10.1)
Windows Driver Package - VIA (VUSB3HUB) USB  (03/19/2013 6.1.7600.4004) (Version: 03/19/2013 6.1.7600.4004)
Windows Driver Package - VIA (xhcdrv) USB  (03/19/2013 6.1.7600.4004) (Version: 03/19/2013 6.1.7600.4004)
Windows Driver Package - VIA Technologies, Inc. (VIAHdAudAddService) MEDIA  (05/10/2013 6.0.10.1900) (Version: 05/10/2013 6.0.10.1900)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Software Development Kit (Version: 8.59.29750)
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584)
Windows Software Development Kit DirectX x86 Remote (Version: 8.59.25584)
Windows Software Development Kit EULA (Version: 8.59.25584)
Windows Software Development Kit for Windows Store Apps (Version: 8.59.29750)
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.29699)
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (Version: 8.59.29699)
Windows Software Development Kit Redistributables (Version: 8.59.29750)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
WPT Redistributables (Version: 8.59.29750)
WPTx64 (Version: 8.59.29722)
Zoom Player (remove only)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 22%
Total physical RAM: 16344.07 MB
Available physical RAM: 12640.43 MB
Total Pagefile: 37806.32 MB
Available Pagefile: 33448.11 MB
Total Virtual: 4095.88 MB
Available Virtual: 3944.27 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:55.8 GB) (Free:7.57 GB) NTFS
2 Drive d: (Programs) (Fixed) (Total:390.62 GB) (Free:192.87 GB) NTFS
3 Drive e: (Media II) (Fixed) (Total:1397.26 GB) (Free:480.56 GB) NTFS
5 Drive g: (SSD Games) (Fixed) (Total:83.84 GB) (Free:33.5 GB) NTFS
6 Drive h: (Media I) (Fixed) (Total:1397.25 GB) (Free:8.16 GB) NTFS
7 Drive i: (Audio) (Fixed) (Total:146.48 GB) (Free:42.08 GB) NTFS
8 Drive j: (Storage III) (Fixed) (Total:394.4 GB) (Free:178.07 GB) NTFS
9 Drive l: (FreeAgent GoFlex Drive) (Fixed) (Total:1863.01 GB) (Free:344.2 GB) NTFS
10 Drive u: (Porn) (Network) (Total:7403.47 GB) (Free:4781.14 GB) NTFS
11 Drive v: (Music) (Network) (Total:7403.47 GB) (Free:4781.14 GB) NTFS
12 Drive w: (USB_HDD_1) (Network) (Total:1863.01 GB) (Free:673.92 GB) NTFS
13 Drive x: (TV_Archive) (Network) (Total:7403.47 GB) (Free:4781.14 GB) NTFS
14 Drive y: (Cartoons) (Network) (Total:7403.47 GB) (Free:4781.14 GB) NTFS
15 Drive z: (TV) (Network) (Total:7403.47 GB) (Free:4781.14 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\HEX
 
Administrator            Binkenstein              Guest                    
 
 
**** End of log ****


#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:33 PM

Posted 22 December 2013 - 11:20 PM

I see you have no anti-malware tools, so lets see if you are infected.

Please download TDSSKiller exe version to your desktop. Double-click on TDSSKiller.exe to run the tool for known TDSS variants. Vista/Windows 7 users right-click and select Run As Administrator.

  •     Click on Change Parameters and click Detect TDLFS File System.
  •     Click the Start Scan button.
  •     Do not use the computer during the scan
  •     If the scan completes with nothing found, click Close to exit.
  •     If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  •     Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  •     Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  •     A TDSSKiller text file would be saved in Local Disk C.
  •     Copy and paste the contents of that file in your next reply.
ADW Cleaner


Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


#5 Binkenstein

Binkenstein
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:33 AM

Posted 22 December 2013 - 11:42 PM

TDSSKiller reported no threats.

 

Logs for others attached.

Attached Files



#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:33 PM

Posted 22 December 2013 - 11:52 PM

Please download Malwarebytes Anti-Malware
and save it to your desktop.

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.



#7 Binkenstein

Binkenstein
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:33 AM

Posted 23 December 2013 - 01:31 AM

Done.

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.12.23.01
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Binkenstein :: HEX [administrator]
 
Protection: Enabled
 
23/12/2013 5:56:55 p.m.
mbam-log-2013-12-23 (17-56-55).txt
 
Scan type: Full scan (C:\|D:\|E:\|G:\|H:\|I:\|J:\|L:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 552936
Time elapsed: 1 hour(s), 9 minute(s), 14 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 6
C:\Users\Binkenstein\AppData\Local\Temp\uttBE50.tmp (PUP.Optional.OpenCandy) -> No action taken.
G:\Binkenstein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O0HIGHEU\bi_downloader[1].exe (PUP.Optional.Somoto) -> No action taken.
G:\Binkenstein\AppData\Local\Temp\nsaA70E.tmp (PUP.Optional.Somoto) -> No action taken.
G:\Binkenstein\AppData\Local\Temp\nss1ECA.tmp (PUP.Optional.Somoto) -> No action taken.
J:\Downloads\SoftonicDownloader_for_cisco-network-magic.exe (PUP.Optional.Softonic) -> No action taken.
J:\Downloads\Installs\winamp563_full_emusic-7plus_all.exe (PUP.Optional.OpenCandy) -> No action taken.
 
(end)


#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:33 PM

Posted 23 December 2013 - 08:06 AM

Please rerun Malwarebyes and remove the selected threats.

Please download TDSSKiller exe version to your desktop. Double-click on TDSSKiller.exe to run the tool for known TDSS variants. Vista/Windows 7 users right-click and select Run As Administrator.
  • Click on Change Parameters and click Detect TDLFS File System.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A TDSSKiller text file would be saved in Local Disk C.
  • Copy and paste the contents of that file in your next reply.

Edited by cryptodan, 23 December 2013 - 08:07 AM.


#9 Binkenstein

Binkenstein
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:33 AM

Posted 23 December 2013 - 01:22 PM

I've already removed the threats with Malwarebytes, and TDSSKiller was run in a previous post with no threats.



#10 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:33 PM

Posted 23 December 2013 - 01:52 PM

Are you still getting the bsod?



#11 Binkenstein

Binkenstein
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:33 AM

Posted 30 December 2013 - 05:04 PM

I've left it a few days to be sure, but it appears to be resolved.

 

I also disabled some additional Realtek drivers on my network adapter (Teaming Protocol Driver (NDIS 6.0), Vlan Protocol Driver (NDIS 6.2) and NDIS Protocol Driver), as they may have been causing conflicts.



#12 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:09:33 PM

Posted 30 December 2013 - 06:00 PM

Good to hear




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users