Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Stumped with BSOD constantly showing up


  • Please log in to reply
4 replies to this topic

#1 dbradb

dbradb

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 06 January 2015 - 10:45 AM

I restored my computer back to original due to numerous software problems. Now I keep getting the BSOD error for no particular reason. I have done a virus check, malware and such.

 

Here is my report. Any help is appreciated.

 

==================================================
Dump File         : 010515-126938-01.dmp
Crash Time        : 05/01/2015 10:44:51 AM
Bug Check String  : KMODE_EXCEPTION_NOT_HANDLED
Bug Check Code    : 0x0000001e
Parameter 1       : ffffffff`c0000005
Parameter 2       : fffff800`0408c860
Parameter 3       : 00000000`00000000
Parameter 4       : 00000000`00000000
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+75bc0
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.1.7601.18409 (win7sp1_gdr.140303-2144)
Processor         : x64
Crash Address     : ntoskrnl.exe+75bc0
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\Windows\Minidump\010515-126938-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 276,528
Dump File Time    : 05/01/2015 10:48:28 AM
==================================================

==================================================
Dump File         : 010515-229383-01.dmp
Crash Time        : 05/01/2015 3:48:15 PM
Bug Check String  :
Bug Check Code    : 0x00000116
Parameter 1       : fffffa80`070964e0
Parameter 2       : fffff880`08bb544c
Parameter 3       : 00000000`00000000
Parameter 4       : 00000000`00000002
Caused By Driver  : dxgkrnl.sys
Caused By Address : dxgkrnl.sys+5d134
File Description  : DirectX Graphics Kernel
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.1.7601.18510 (win7sp1_gdr.140615-1511)
Processor         : x64
Crash Address     : ntoskrnl.exe+75bc0
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\Windows\Minidump\010515-229383-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 439,400
Dump File Time    : 05/01/2015 7:39:58 PM
==================================================

==================================================
Dump File         : 122614-159557-01.dmp
Crash Time        : 26/12/2014 11:41:45 AM
Bug Check String  : SYSTEM_SERVICE_EXCEPTION
Bug Check Code    : 0x0000003b
Parameter 1       : 00000000`c0000005
Parameter 2       : fffff880`04fc7553
Parameter 3       : fffff880`0990a890
Parameter 4       : 00000000`00000000
Caused By Driver  : afd.sys
Caused By Address : afd.sys+50553
File Description  : Ancillary Function Driver for WinSock
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.1.7600.16385 (win7_rtm.090713-1255)
Processor         : x64
Crash Address     : ntoskrnl.exe+75bc0
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\Windows\Minidump\122614-159557-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 276,528
Dump File Time    : 26/12/2014 11:46:09 AM
==================================================

==================================================
Dump File         : 123114-135299-01.dmp
Crash Time        : 31/12/2014 2:24:53 PM
Bug Check String  : KMODE_EXCEPTION_NOT_HANDLED
Bug Check Code    : 0x0000001e
Parameter 1       : 00000000`00000000
Parameter 2       : 00000000`00000000
Parameter 3       : 00000000`00000000
Parameter 4       : 00000000`00000000
Caused By Driver  : REDLIGHT.SYS
Caused By Address : REDLIGHT.SYS+1d100
File Description  : BufferZone Kernel Module
Product Name      : BufferZone
Company           : BufferZone
File Version      : 5, 1, 2601, 252
Processor         : x64
Crash Address     : ntoskrnl.exe+75b90
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\Windows\Minidump\123114-135299-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 276,528
Dump File Time    : 31/12/2014 2:28:52 PM
==================================================
 



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,398 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:21 PM

Posted 06 January 2015 - 06:13 PM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post.
 
Louis



#3 dbradb

dbradb
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:21 PM

Posted 07 January 2015 - 11:07 AM

Thank you for your help!

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Boyes (administrator) on 07-01-2015 at 10:53:40
Running from "C:\Users\Boyes\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/07/2015 06:38:52 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (2184) SUS20ClientDataStore: An attempt to delete the file "C:\Windows\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The delete file operation will fail with error -1032 (0xfffffbf8).

Error: (01/07/2015 06:34:31 AM) (Source: VSS) (User: )
Description: CoCreateInstance0x80070005, Access is denied.
Operation:
   Subscribing Writer
Context:
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {3e2c756e-82dc-48d8-b6d8-e4d75d85772d}

Error: (01/07/2015 06:34:31 AM) (Source: VSS) (User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070005, Access is denied.
Operation:
   Subscribing Writer
Context:
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {3e2c756e-82dc-48d8-b6d8-e4d75d85772d}

Error: (01/06/2015 02:14:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 34.0.5.5443, time stamp: 0x5475dd5d
Faulting module name: mozalloc.dll, version: 34.0.5.5443, time stamp: 0x5475d664
Exception code: 0x80000003
Fault offset: 0x00001425
Faulting process id: 0x1368
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (01/06/2015 06:38:22 AM) (Source: ESENT) (User: )
Description: wuaueng.dll (3516) SUS20ClientDataStore: An attempt to delete the file "C:\Windows\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The delete file operation will fail with error -1032 (0xfffffbf8).

Error: (01/06/2015 06:35:26 AM) (Source: VSS) (User: )
Description: CoCreateInstance0x80070005, Access is denied.
Operation:
   Subscribing Writer
Context:
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {74f96858-871a-4ccb-88b7-b942ba9b3d88}

Error: (01/06/2015 06:35:25 AM) (Source: VSS) (User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070005, Access is denied.
Operation:
   Subscribing Writer
Context:
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {74f96858-871a-4ccb-88b7-b942ba9b3d88}

Error: (01/05/2015 07:53:40 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (2284) SUS20ClientDataStore: An attempt to delete the file "C:\Windows\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The delete file operation will fail with error -1032 (0xfffffbf8).

Error: (01/05/2015 07:50:48 PM) (Source: VSS) (User: )
Description: CoCreateInstance0x80070005, Access is denied.
Operation:
   Subscribing Writer
Context:
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {6522de9a-367f-47cc-817c-9d766f937ed6}

Error: (01/05/2015 07:50:48 PM) (Source: VSS) (User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070005, Access is denied.
Operation:
   Subscribing Writer
Context:
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {6522de9a-367f-47cc-817c-9d766f937ed6}


System errors:
=============
Error: (01/07/2015 10:50:55 AM) (Source: Service Control Manager) (User: )
Description: Windows Search_Untrusted_BZ%%1053

Error: (01/07/2015 10:50:55 AM) (Source: Service Control Manager) (User: )
Description: 30000Windows Search_Untrusted_BZ

Error: (01/07/2015 10:50:55 AM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (01/07/2015 06:54:24 AM) (Source: Service Control Manager) (User: )
Description: UPnP Device HostSSDP Discovery%%1058

Error: (01/07/2015 06:54:24 AM) (Source: Service Control Manager) (User: )
Description: UPnP Device HostSSDP Discovery%%1058

Error: (01/07/2015 06:54:24 AM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070422

Error: (01/07/2015 06:39:46 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: 70105

Error: (01/07/2015 06:38:31 AM) (Source: Service Control Manager) (User: )
Description: UPnP Device HostSSDP Discovery%%1058

Error: (01/07/2015 06:38:31 AM) (Source: Service Control Manager) (User: )
Description: UPnP Device HostSSDP Discovery%%1058

Error: (01/07/2015 06:38:31 AM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070422


Microsoft Office Sessions:
=========================
Error: (01/07/2015 06:38:52 AM) (Source: ESENT)(User: )
Description: wuaueng.dll2184SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (01/07/2015 06:34:31 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070005, Access is denied.
Operation:
   Subscribing Writer
Context:
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {3e2c756e-82dc-48d8-b6d8-e4d75d85772d}

Error: (01/07/2015 06:34:31 AM) (Source: VSS)(User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070005, Access is denied.
Operation:
   Subscribing Writer
Context:
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {3e2c756e-82dc-48d8-b6d8-e4d75d85772d}

Error: (01/06/2015 02:14:26 PM) (Source: Application Error)(User: )
Description: plugin-container.exe34.0.5.54435475dd5dmozalloc.dll34.0.5.54435475d6648000000300001425136801d029e31a30d651C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll3a90361a-95d8-11e4-844d-00265545d908

Error: (01/06/2015 06:38:22 AM) (Source: ESENT)(User: )
Description: wuaueng.dll3516SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (01/06/2015 06:35:26 AM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070005, Access is denied.
Operation:
   Subscribing Writer
Context:
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {74f96858-871a-4ccb-88b7-b942ba9b3d88}

Error: (01/06/2015 06:35:25 AM) (Source: VSS)(User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070005, Access is denied.
Operation:
   Subscribing Writer
Context:
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {74f96858-871a-4ccb-88b7-b942ba9b3d88}

Error: (01/05/2015 07:53:40 PM) (Source: ESENT)(User: )
Description: wuaueng.dll2284SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\tmp.edb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (01/05/2015 07:50:48 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80070005, Access is denied.
Operation:
   Subscribing Writer
Context:
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {6522de9a-367f-47cc-817c-9d766f937ed6}

Error: (01/05/2015 07:50:48 PM) (Source: VSS)(User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070005, Access is denied.
Operation:
   Subscribing Writer
Context:
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {6522de9a-367f-47cc-817c-9d766f937ed6}

CodeIntegrity Errors:
===================================
  Date: 2015-01-07 06:51:46.559
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-07 06:33:03.538
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-06 22:29:21.324
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-06 22:03:07.495
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-06 21:56:16.420
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-06 21:10:30.225
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-06 20:54:23.498
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-06 12:28:18.333
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-06 12:04:55.866
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-06 09:33:55.858
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\BufferZone\RlHook64.dll because the set of per-page image hashes could not be found on the system.

=========================== Installed Programs ============================
7-Zip 9.35 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0935-000001000000}) (Version: 9.35.00.0 - Igor Pavlov)
7-Zip 9.35 (x64 edition) (HKLM-x32\...\{23170F69-40C1-2702-0935-000001000000}) (Version: 9.35.00.0 - Igor Pavlov)
ATI Catalyst Install Manager (HKLM\...\{B75608B9-19B7-346D-2D8D-75A86E91F3E2}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
ATI Catalyst Install Manager (HKLM-x32\...\{B75608B9-19B7-346D-2D8D-75A86E91F3E2}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
ccc-utility64 (Version: 2009.0520.1631.27815 - ATI) Hidden
ccc-utility64 (x32 Version: 2009.0520.1631.27815 - ATI) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Dropbox (HKCU-x32\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5205.31 - PC-Doctor, Inc.)
Hardware Diagnostic Tools (HKLM-x32\...\PC-Doctor for Windows) (Version: 6.0.5205.31 - PC-Doctor, Inc.)
HP MediaSmart SmartMenu (HKLM\...\{26280024-DFB7-4967-90DB-7F9C6660D01E}) (Version: 3.0.28.2 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM-x32\...\{26280024-DFB7-4967-90DB-7F9C6660D01E}) (Version: 3.0.28.2 - Hewlett-Packard)
Microsoft .NET Framework 4.5.1 (FRA) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (FRA) (x32 Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Français) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (x32 Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version:  - )
Microsoft Office Home and Student 60 day trial (HKLM-x32\...\OfficeTrial) (Version:  - )
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft OneDrive (HKCU-x32\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM-x32\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM-x32\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM-x32\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM-x32\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSVCRT110_amd64 (x32 Version: 16.4.1109.0912 - Microsoft) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (x32 Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

========================= Memory info: ===================================
Percentage of memory in use: 34%
Total physical RAM: 8183.89 MB
Available physical RAM: 5358.14 MB
Total Pagefile: 16365.96 MB
Available Pagefile: 13243.51 MB
Total Virtual: 4095.88 MB
Available Virtual: 3983.54 MB

========================= Partitions: =====================================
1 Drive c: (HP) (Fixed) (Total:918.31 GB) (Free:839.53 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.1 GB) (Free:2.3 GB) NTFS
 

========================= Users: ========================================
User accounts for \\BOYES-PC

Administrator            Boyes                    Guest                    

**** End of log ****

http://speccy.piriform.com/results/nrVjbJQoZfd3bEsVV8O4Zj4


Edited by hamluis, 07 January 2015 - 12:12 PM.


#4 hamluis

hamluis

    Moderator


  • Moderator
  • 55,398 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:21 PM

Posted 07 January 2015 - 12:38 PM

No AV reflected among installed programs,per MTB...yet Avast and Symantec presence reflected in Speccy data.  Also indications that you either tried to or actually installed Trustware Buffer Zone Free.

 

Windows install 3 weeks old.

 

Topic moved to Am I Infected for a look.

 

Louis


Edited by hamluis, 07 January 2015 - 12:38 PM.


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,913 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:21 PM

Posted 11 January 2015 - 04:40 PM

Hello, let's see what these show.


Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users