Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSOD windows 7 64 bit


  • Please log in to reply
3 replies to this topic

#1 Impulse187

Impulse187

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:54 PM

Posted 07 March 2015 - 02:35 PM

ok I don't know if I'm doing this correctly but I did this debug tool for the dump and I'm going to post it.  Does this make any sense to anyone?  I only get the BSOD when I'm browsing in Firefox for a little while.

 

Microsoft ® Windows Debugger Version 6.3.9600.17200 X86
Copyright © Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\Aaron\Desktop\030615-57860-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available


************* Symbol Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (6 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7601.18717.amd64fre.win7sp1_gdr.150113-1808
Machine Name:
Kernel base = 0xfffff800`03052000 PsLoadedModuleList = 0xfffff800`03296890
Debug session time: Fri Mar  6 15:16:01.104 2015 (UTC - 5:00)
System Uptime: 0 days 1:21:53.899
Loading Kernel Symbols
...............................................................
................................................................
......................................................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck D1, {8, 2, 0, fffff88001777a1d}

*** WARNING: Unable to verify timestamp for UrlFilter.sys
*** ERROR: Module load completed but symbols could not be loaded for UrlFilter.sys
Probably caused by : NETIO.SYS ( NETIO!CalloutStreamDataInit+1d )

Followup: MachineOwner
---------

2: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000008, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff88001777a1d, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80003300100
GetUlongFromAddress: unable to read from fffff800033001c0
 0000000000000008 Nonpaged pool

CURRENT_IRQL:  2

FAULTING_IP:
NETIO!CalloutStreamDataInit+1d
fffff880`01777a1d 488b5808        mov     rbx,qword ptr [rax+8]

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT

BUGCHECK_STR:  0xD1

PROCESS_NAME:  IMF.exe

ANALYSIS_VERSION: 6.3.9600.17237 (debuggers(dbg).140716-0327) x86fre

TRAP_FRAME:  fffff8800cdb1ba0 -- (.trap 0xfffff8800cdb1ba0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffffa800aef28d0
rdx=fffffa8006c69750 rsi=0000000000000000 rdi=0000000000000000
rip=fffff88001777a1d rsp=fffff8800cdb1d30 rbp=fffffa8006c69720
 r8=fffff8800cdb1db0  r9=0000000000000000 r10=00000000000002a5
r11=000000000000015b r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz na po nc
NETIO!CalloutStreamDataInit+0x1d:
fffff880`01777a1d 488b5808        mov     rbx,qword ptr [rax+8] ds:00000000`00000008=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff800030c6469 to fffff800030c6ec0

STACK_TEXT:  
fffff880`0cdb1a58 fffff800`030c6469 : 00000000`0000000a 00000000`00000008 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
fffff880`0cdb1a60 fffff800`030c50e0 : 00000000`00000000 fffff880`0cdb1c68 00000000`00000000 fffff880`0cdb1f50 : nt!KiBugCheckDispatch+0x69
fffff880`0cdb1ba0 fffff880`01777a1d : fffffa80`0aef2968 fffffa80`0aef2960 fffffa80`06c69670 fffff880`0178b827 : nt!KiPageFault+0x260
fffff880`0cdb1d30 fffff880`017810d4 : fffff880`0cdb1f50 fffff880`0cdb1f50 fffff880`0cdb2150 fffffa80`0b9ba560 : NETIO!CalloutStreamDataInit+0x1d
fffff880`0cdb1d70 fffff880`0178ce98 : 00000000`00000000 fffff880`0cdb2150 fffff880`0cdb1f00 fffff880`0cdb1f88 : NETIO!StreamInvokeCalloutAndNormalizeAction+0x54
fffff880`0cdb1e10 fffff880`0178de91 : fffffa80`06c69720 fffff880`0cdb2150 fffff880`0cdb1f50 fffff880`0cdb25a0 : NETIO!StreamCalloutProcessData+0x48
fffff880`0cdb1e60 fffff880`0178eee8 : fffff880`0cdb1f50 fffff880`0cdb25a0 fffff880`0cdb2101 fffffa80`06c69720 : NETIO!StreamCalloutProcessingLoop+0xa1
fffff880`0cdb1ef0 fffff880`0176fa2a : fffff880`0cdb2150 fffff880`07259f90 00000000`00000000 fffffa80`0d150014 : NETIO!StreamProcessCallout+0x1e8
fffff880`0cdb1fe0 fffff880`01756f58 : 00000000`00000014 fffffa80`0d325c70 fffffa80`0d1c2068 fffff880`0cdb25a0 : NETIO! ?? ::FNODOBFM::`string'+0x71f2
fffff880`0cdb2100 fffff880`017585d2 : fffff880`0cdb0014 fffffa80`0d325c70 fffffa80`0d155180 00000000`00000000 : NETIO!ArbitrateAndEnforce+0x238
fffff880`0cdb21d0 fffff880`017913b3 : fffff880`0cdb2674 fffffa80`0d325c70 00000000`00000001 fffff880`0cdb25a0 : NETIO!KfdClassify+0x934
fffff880`0cdb2540 fffff880`0179199a : 00000000`00000000 00000000`00010000 00000000`00010b72 fffffa80`0d1550c0 : NETIO!StreamInternalClassify+0xf3
fffff880`0cdb2610 fffff880`01791d8e : 00000000`00000014 00000000`00000100 00000000`00000000 fffffa80`0cf16ec0 : NETIO!StreamInject+0x1ca
fffff880`0cdb26e0 fffff880`01609df3 : fffffa80`0d155010 00000000`00000170 fffffa80`0c639e20 fffff800`031fc100 : NETIO!FwppStreamInject+0x12e
fffff880`0cdb2770 fffff880`0d0fcc44 : fffffa80`0780bae0 00000000`00000000 00000000`00000000 fffffa80`075dc5d0 : fwpkclnt!FwpsStreamInjectAsync0+0xcf
fffff880`0cdb27d0 fffffa80`0780bae0 : 00000000`00000000 00000000`00000000 fffffa80`075dc5d0 00000000`00000170 : UrlFilter+0x1c44
fffff880`0cdb27d8 00000000`00000000 : 00000000`00000000 fffffa80`075dc5d0 00000000`00000170 00000000`00000014 : 0xfffffa80`0780bae0


STACK_COMMAND:  kb

FOLLOWUP_IP:
NETIO!CalloutStreamDataInit+1d
fffff880`01777a1d 488b5808        mov     rbx,qword ptr [rax+8]

SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  NETIO!CalloutStreamDataInit+1d

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: NETIO

IMAGE_NAME:  NETIO.SYS

DEBUG_FLR_IMAGE_TIMESTAMP:  5294760d

IMAGE_VERSION:  6.1.7601.18327

FAILURE_BUCKET_ID:  X64_0xD1_NETIO!CalloutStreamDataInit+1d

BUCKET_ID:  X64_0xD1_NETIO!CalloutStreamDataInit+1d

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  km:x64_0xd1_netio!calloutstreamdatainit+1d

FAILURE_ID_HASH:  {15e390bc-0d85-1db0-f7df-234d42ab8e7b}

Followup: MachineOwner
---------

2: kd> .trap 0xfffff8800cdb1ba0
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffffa800aef28d0
rdx=fffffa8006c69750 rsi=0000000000000000 rdi=0000000000000000
rip=fffff88001777a1d rsp=fffff8800cdb1d30 rbp=fffffa8006c69720
 r8=fffff8800cdb1db0  r9=0000000000000000 r10=00000000000002a5
r11=000000000000015b r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz na po nc
NETIO!CalloutStreamDataInit+0x1d:
fffff880`01777a1d 488b5808        mov     rbx,qword ptr [rax+8] ds:00000000`00000008=????????????????
2: kd> .trap 0xfffff8800cdb1ba0
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffffa800aef28d0
rdx=fffffa8006c69750 rsi=0000000000000000 rdi=0000000000000000
rip=fffff88001777a1d rsp=fffff8800cdb1d30 rbp=fffffa8006c69720
 r8=fffff8800cdb1db0  r9=0000000000000000 r10=00000000000002a5
r11=000000000000015b r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz na po nc
NETIO!CalloutStreamDataInit+0x1d:
fffff880`01777a1d 488b5808        mov     rbx,qword ptr [rax+8] ds:00000000`00000008=????????????????
2: kd> lmvm NETIO
start             end                 module name
fffff880`01752000 fffff880`017b2000   NETIO      (pdb symbols)          c:\symbols\netio.pdb\1A3624EA66AA400882BAF5885EE923E52\netio.pdb
    Loaded symbol image file: NETIO.SYS
    Mapped memory image file: c:\symbols\NETIO.SYS\5294760D60000\NETIO.SYS
    Image path: \SystemRoot\system32\drivers\NETIO.SYS
    Image name: NETIO.SYS
    Timestamp:        Tue Nov 26 05:21:01 2013 (5294760D)
    CheckSum:         0006433E
    ImageSize:        00060000
    File version:     6.1.7601.18327
    Product version:  6.1.7601.18327
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        3.6 Driver
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     netio.sys
    OriginalFilename: netio.sys
    ProductVersion:   6.1.7601.18327
    FileVersion:      6.1.7601.18327 (win7sp1_gdr.131125-2337)
    FileDescription:  Network I/O Subsystem
    LegalCopyright:   © Microsoft Corporation. All rights reserved.



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,554 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:01:54 PM

Posted 07 March 2015 - 02:44 PM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post.
 
Louis



#3 Impulse187

Impulse187
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:54 PM

Posted 07 March 2015 - 03:02 PM

OK here is the speccy snapshot link  http://speccy.piriform.com/results/1jNTx4RG1teDHqeC5pFqPUE

 

and here is the report...

 

 

 

MiniToolBox by Farbar  Version: 05-03-2015
Ran by Aaron (administrator) on 07-03-2015 at 14:58:44
Running from "C:\Users\Aaron\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/07/2015 01:52:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/07/2015 01:52:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0xc0000005
Fault offset: 0x00000000000027de
Faulting process id: 0xc54
Faulting application start time: 0xtaskeng.exe0
Faulting application path: taskeng.exe1
Faulting module path: taskeng.exe2
Report Id: taskeng.exe3

Error: (03/07/2015 01:51:26 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/06/2015 03:19:15 PM) (Source: Application Error) (User: )
Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0xc0000005
Fault offset: 0x00000000000027de
Faulting process id: 0xdc0
Faulting application start time: 0xtaskeng.exe0
Faulting application path: taskeng.exe1
Faulting module path: taskeng.exe2
Report Id: taskeng.exe3

Error: (03/06/2015 03:19:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/06/2015 03:19:01 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/06/2015 01:57:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0xc0000005
Fault offset: 0x00000000000027de
Faulting process id: 0xc90
Faulting application start time: 0xtaskeng.exe0
Faulting application path: taskeng.exe1
Faulting module path: taskeng.exe2
Report Id: taskeng.exe3

Error: (03/06/2015 01:56:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/06/2015 01:55:28 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/06/2015 09:50:01 AM) (Source: Application Error) (User: )
Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0xc0000005
Fault offset: 0x00000000000027de
Faulting process id: 0x3100
Faulting application start time: 0xtaskeng.exe0
Faulting application path: taskeng.exe1
Faulting module path: taskeng.exe2
Report Id: taskeng.exe3


System errors:
=============
Error: (03/07/2015 01:53:27 PM) (Source: Service Control Manager) (User: )
Description: The Search Protect by Conduit Service service failed to start due to the following error:
%%2

Error: (03/07/2015 01:52:10 PM) (Source: Service Control Manager) (User: )
Description: The HWCore service failed to start due to the following error:
%%2

Error: (03/07/2015 01:51:26 PM) (Source: Service Control Manager) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (03/07/2015 01:51:13 PM) (Source: Service Control Manager) (User: )
Description: The Update Appstein service failed to start due to the following error:
%%2

Error: (03/07/2015 01:51:06 PM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.3 service failed to start due to the following error:
%%2

Error: (03/06/2015 03:21:02 PM) (Source: Service Control Manager) (User: )
Description: The Search Protect by Conduit Service service failed to start due to the following error:
%%2

Error: (03/06/2015 03:19:13 PM) (Source: Service Control Manager) (User: )
Description: The HWCore service failed to start due to the following error:
%%2

Error: (03/06/2015 03:19:01 PM) (Source: Service Control Manager) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (03/06/2015 03:18:47 PM) (Source: Service Control Manager) (User: )
Description: The Update Appstein service failed to start due to the following error:
%%2

Error: (03/06/2015 03:18:38 PM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.3 service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (03/07/2015 01:52:13 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/07/2015 01:52:12 PM) (Source: Application Error)(User: )
Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027dec5401d05907d0c3144aC:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll0fe42bd7-c4fb-11e4-9dd6-94dbc99682ef

Error: (03/07/2015 01:51:26 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/06/2015 03:19:15 PM) (Source: Application Error)(User: )
Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027dedc001d0584acf24b6c3C:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll0ee963b6-c43e-11e4-9404-94dbc99682ef

Error: (03/06/2015 03:19:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/06/2015 03:19:01 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/06/2015 01:57:02 PM) (Source: Application Error)(User: )
Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027dec9001d0583f5309eb16C:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll92d4647e-c432-11e4-8014-94dbc99682ef

Error: (03/06/2015 01:56:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/06/2015 01:55:28 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/06/2015 09:50:01 AM) (Source: Application Error)(User: )
Description: taskeng.exe6.1.7601.175144ce79d2cmsvcrt.dll7.0.7601.177444eeb033fc000000500000000000027de310001d0581cd20b3720C:\Windows\system32\taskeng.exeC:\Windows\system32\msvcrt.dll107f4344-c410-11e4-ac99-94dbc99682ef


CodeIntegrity Errors:
===================================
  Date: 2013-12-11 17:13:25.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.



=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.38656 - BitTorrent Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Refresh Manager (x32 Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Accelerated Video Transcoding (Version: 13.30.100.41120 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.1120.2123.38423 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.1120.2123.38423 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.5510 - Perfect World Entertainment)
Assassins Creed IV Black Flag (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
BattlePing (HKLM-x32\...\{DB480AC3-1578-B8DC-3F8F-786A2A4E3BC7}) (Version: 1.3.4.5 - BattlePing)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.1.4057 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{981B38A6-E4D0-4D94-98C2-75AC645755F5}) (Version: 0.9.1.4057 - BlueStack Systems, Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.1120.2123.38423 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.1120.2123.38423 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.1120.2123.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.1120.2122.38423 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.1120.2123.38423 - Advanced Micro Devices, Inc.) Hidden
ConvertXtoDVD 4.1.19.365 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
CopyTrans Control Center Uninstall Only (HKCU\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.4) (Version: 5.0.1.4 - Coupons.com Incorporated)
Crysis® (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DIRECTV Player (HKLM-x32\...\{437f5443-c052-432c-b1e7-abd9bc5cabdb}) (Version: 11.0 - DIRECTV)
Divinity Original Sin (HKLM-x32\...\RGl2aW5pdHlPcmlnaW5hbFNpbg==_is1) (Version: 1 - )
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
DriveTheLife (HKLM-x32\...\{29FE44D7-BC89-4188-8B0E-F6BA073C15A5}_is1) (Version: 6.2.0.2 - ???????????????)
Extreme Picture Finder 3.26.1.1 (HKLM-x32\...\Extreme Picture Finder_is1) (Version: 3.26.1.1 - Extreme Internet Software)
Far Cry 4 (HKLM-x32\...\Far Cry 4_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
File Association Helper (HKLM\...\{572D0504-2C67-4016-801F-D70879A3026A}) (Version: 1.1.6.53763 - WinZip Computing International, LLC)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Gone Home (HKLM-x32\...\GoneHome) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
HP Deskjet 1000 J110 series Basic Device Software (HKLM\...\{A3E89C5B-BB3A-433A-A878-D1310BB13EAD}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1000 J110 series Help (HKLM-x32\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
HP Deskjet 1000 J110 series Product Improvement Study (HKLM\...\{EEC82191-E879-4906-9D6B-D9665CF030CD}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IObit Apps Toolbar v9.7 (HKLM-x32\...\{E029C309-4421-410B-890A-30D2E8E82D0C}) (Version: 9.7 - Spigot, Inc.)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.5 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.6.25 - IObit)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
Java 7 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217072FF}) (Version: 7.0.720 - Oracle)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.31.13 - Oracle Corporation) Hidden
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)
Kits Configuration Installer (x32 Version: 8.100.26846 - Microsoft) Hidden
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
LOTRO Plugin Compendium (HKLM-x32\...\{3BF7818D-2482-4676-A237-915A11A97847}) (Version: 1.0.3 - Lunarwater)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version:  - )
mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MusicBee 2.3 (HKLM-x32\...\MusicBee) (Version: 2.3 - Steven Mayall)
Neon Skin Pack 2.0-X86 (HKLM-x32\...\Neon Skin Pack) (Version: 2.0-X86 - Publisher)
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
Octoshape Streaming Services (HKCU\...\Octoshape Streaming Services) (Version:  - Octoshape ApS)
Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\Outlast_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.82.106.0 - Overwolf Ltd.)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Papers, Please (HKLM-x32\...\GOGPACKPAPERSPLEASE_is1) (Version: 2.0.0.4 - GOG.com)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.14.0 - Ralink)
RIFT (HKCU\...\RIFT) (Version:  - Trion Worlds, Inc.)
Saints Row IV (HKLM-x32\...\U2FpbnRzUm93SVY=_is1) (Version: 1 - )
SDK ARM Additions (x32 Version: 8.100.26846 - Microsoft Corporation) Hidden
SDK ARM Additions EULA (x32 Version: 8.100.26846 - Microsoft Corporations) Hidden
SDK ARM Redistributables (x32 Version: 8.100.26846 - Microsoft Corporation) Hidden
SDK Debuggers ARM (x32 Version: 8.100.26846 - Microsoft Corporation) Hidden
SlimCleaner (HKLM-x32\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
State of Decay - Breakdown (HKLM-x32\...\State of Decay - Breakdown_is1) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Secret World (HKLM-x32\...\The Secret World_is1) (Version: 1.0.0 - Funcom)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
ValueApps (HKLM-x32\...\ValueApps) (Version: 1.1.1.1 - Conduit LTD)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Debugging WDK Integration (x32 Version: 8.100.26846 - Microsoft Corporation) Hidden
Windows Driver Kit (x32 Version: 8.100.26846 - Microsoft Corporation) Hidden
Windows Driver Kit ARM Additions Dev12 (x32 Version: 8.100.26846 - Microsoft Corporation) Hidden
Windows Driver Kit ARM Additions MSBuild Content Dev12 (x32 Version: 8.100.26846 - Microsoft Corporation) Hidden
Windows Driver Kit for Windows 8.1 (HKLM-x32\...\{aba88724-37eb-4f03-b83b-45199c5a7cf5}) (Version: 8.100.26846 - Microsoft Corporation)
Windows Driver Kit MSBuild Content Dev12 (x32 Version: 8.100.26846 - Microsoft Corporation) Hidden
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WMV To MP3 Converter 1.00 (HKLM-x32\...\WMV To MP3 Converter_is1) (Version:  - )

========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 8173.54 MB
Available physical RAM: 5731.42 MB
Total Pagefile: 16345.26 MB
Available Pagefile: 13420.87 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.21 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:98.41 GB) NTFS
4 Drive f: (SimpleDrive) (Fixed) (Total:149.05 GB) (Free:6.39 GB) NTFS

========================= Users: ========================================

User accounts for \\AARON-PC

Aaron                    Administrator            ASPNET                   
Guest                    


**** End of log ****
 



#4 hamluis

hamluis

    Moderator


  • Moderator
  • 55,554 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:01:54 PM

Posted 07 March 2015 - 04:12 PM

IMO...you have two problems.

 

1.  You have installed a number of programs that are questionable in value and have registry cleaner/optimizer functions.  BC does not support such programs.

 

2.  The greater problem is that you seem to malware installed by at least one of these programs...to deal with that, I will move this topic to the Am I Infected forum.

 

IObit Apps Toolbar v9.7 (HKLM-x32\...\{E029C309-4421-410B-890A-30D2E8E82D0C}) (Version: 9.7 - Spigot, Inc.)
 

Louis






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users