Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Svchost.exe & RegSvcs.exe using up too much CPU! Trojan Embedded


  • Please log in to reply
61 replies to this topic

#1 tcade777

tcade777

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Area 51, NV
  • Local time:01:18 PM

Posted 24 July 2016 - 07:09 PM

Hello i just had a bsod today. :hysterical: The crash report is as follows:

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.768.3
Locale ID: 1033

Additional information about the problem:
BCCode: 19
BCP1: 0000000000000020
BCP2: FFFFFA800D35C0C0
BCP3: FFFFFA800D35C0E0
BCP4: 000000000402000C
OS Version: 6_1_7601
Service Pack: 1_0
Product: 768_1


*********************************************************************

It seems my RegSvcs.exe and Svchost.exe might be corrupted, im running an ASUS ROG Rampage motherboard any help would be appreciated thanks in advance.
 
 

Edited by hamluis, 25 July 2016 - 07:42 AM.
Moved from Win 7 to Am I Infected - Hamluis


BC AdBot (Login to Remove)

 


#2 technonymous

technonymous

  • Members
  • 2,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:18 PM

Posted 24 July 2016 - 09:35 PM

Are you using a 3rd party virus scanner such as Norton etc? If so I suggest uninstalling and reinstalling it. Recently In the past few days I have encountered client issues where the newer updates from Microsoft security patch updates was causing some virus suites scanners to BSOD. Reinstalling the virus suite and getting them updated remedied the problem. Try that for a while. If not we can look further into this. We will need you to upload your dump files located in C:windows\minidump to investigate the cause further. Also, please download speccy from the downloads section and publish a link of your computers specs. To do that open file at the top of speccy and choose publish and paste that link in your next post. Thanks!



#3 tcade777

tcade777
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Area 51, NV
  • Local time:01:18 PM

Posted 25 July 2016 - 12:54 PM

RegSvcs.exe seems to be embedded into my Windows Registry and it starts up every time i shut down the process. Its running past 240,000 KB per sec.   1. Ive tried shredding the file RegSvcs.exe with IO Bit File Shredder and even in Safe Mode.

2. Ive reinstalled multilple virus programs like Sophos, AVG, MalwreBytes & so forth. Still nothing.

3. Ive tried repairing windows update and repairing windows update.

4. Ive removed all hotfixes that pertain to the updates.

5. The file seems to be embedded into Microsoft.Net Framework v2.0.50727

6. The file seems to be embedded also into "trusted installer" or "windows installer"



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:18 PM

Posted 25 July 2016 - 01:29 PM

Not Infected (unless you can tell me what said Trojan Embedded).
..moved to Windows 7.

Add your Minidump files.
Go
My Computer > C Drive > Windows Folder > Minidump Folder > Minidump Files.

Edited by boopme, 25 July 2016 - 01:31 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 hamluis

hamluis

    Moderator


  • Moderator
  • 55,887 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:03:18 PM

Posted 25 July 2016 - 02:08 PM

1.  Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
2.  Please download and install Speccy to provide us with information about your computer.  Clicking on this link will automatically initiate the download.  
 
When Speccy opens you will see a screen similar to the one below.
 
speccy9_zps2d9cdedc.png
 
Click on File which is outlined in red in the screen above, and then click on Publish Snapshot.
 
The following screen will appear, click on Yes.
 
speccy7_zpsfa02105f.png
 
The following screen will appear, click on Copy to Clipboard.
 
speccy3_zps1791b093.png
 
In your next post right click inside the Reply to Topic box, then click on Paste.  This will load a link to the Speccy log.
 
Louis


#6 tcade777

tcade777
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Area 51, NV
  • Local time:01:18 PM

Posted 25 July 2016 - 04:05 PM

Not Infected (unless you can tell me what said Trojan Embedded).
..moved to Windows 7.

Add your Minidump files.
Go
My Computer > C Drive > Windows Folder > Minidump Folder > Minidump Files.

 

 

How exactly do i add my minidump files to the site?



#7 tcade777

tcade777
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Area 51, NV
  • Local time:01:18 PM

Posted 25 July 2016 - 04:07 PM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Jason Voorhies (administrator) on 25-07-2016 at 14:03:18
Running from "C:\Users\Jason Voorhies\Downloads"
Microsoft Windows 7 Home Premium   (X64)
Model: System Product Name Manufacturer: System manufacturer
Boot Mode: Normal
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/25/2016 01:50:38 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 
Error: (07/25/2016 01:50:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (07/25/2016 01:50:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (07/25/2016 01:50:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (07/25/2016 01:50:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (07/25/2016 01:50:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (07/25/2016 01:50:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (07/25/2016 01:47:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (07/25/2016 01:47:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1".Error in manifest or policy file "WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" on line WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition is WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (07/25/2016 01:13:22 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7600.16450, time stamp: 0x4aebab8d
Faulting module name: mscoree.dll, version: 2.0.50727.4927, time stamp: 0x4a274530
Exception code: 0xc0000005
Fault offset: 0x0000000000032e3f
Faulting process id: 0x760
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
System errors:
=============
Error: (07/25/2016 01:47:58 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (07/25/2016 01:47:07 PM) (Source: Service Control Manager) (User: )
Description: The Sophos MCS Client service failed to start due to the following error: %%3 = The system cannot find the path specified.
 
Error: (07/25/2016 01:47:07 PM) (Source: Service Control Manager) (User: )
Description: The Sophos MCS Agent service failed to start due to the following error: %%3 = The system cannot find the path specified.
 
Error: (07/25/2016 01:47:07 PM) (Source: Service Control Manager) (User: )
Description: The Sophos AutoUpdate Service service failed to start due to the following error: %%3 = The system cannot find the path specified.
 
Error: (07/25/2016 01:46:54 PM) (Source: Service Control Manager) (User: )
Description: The Marvell RAID Event Agent service depends on the MRU Web Service service which failed to start because of the following error: 
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (07/25/2016 01:46:54 PM) (Source: Service Control Manager) (User: )
Description: The AVG Service service failed to start due to the following error: 
%%1053 = The service did not respond to the start or control request in a timely fashion.
 
Error: (07/25/2016 01:46:54 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AVG Service service to connect.
 
Error: (07/25/2016 01:46:42 PM) (Source: Service Control Manager) (User: )
Description: The ANIO Service service failed to start due to the following error: %%2 = The system cannot find the file specified.
 
Error: (07/25/2016 01:12:19 PM) (Source: Service Control Manager) (User: )
Description: The Sophos MCS Client service failed to start due to the following error: %%3 = The system cannot find the path specified.
 
Error: (07/25/2016 01:12:19 PM) (Source: Service Control Manager) (User: )
Description: The Sophos MCS Agent service failed to start due to the following error: %%3 = The system cannot find the path specified.
 
Microsoft Office Sessions:
=========================
Error: (07/25/2016 01:50:38 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Program Files (x86)\iMacTools\iBackup Viewer\iBackup Viewer.exe
 
Error: (07/25/2016 01:50:37 PM) (Source: SideBySide)(User: )
Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\Element App.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8
 
Error: (07/25/2016 01:50:37 PM) (Source: SideBySide)(User: )
Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\Element App.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8
 
Error: (07/25/2016 01:50:37 PM) (Source: SideBySide)(User: )
Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\CODEX App.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8
 
Error: (07/25/2016 01:50:37 PM) (Source: SideBySide)(User: )
Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\CODEX App.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8
 
Error: (07/25/2016 01:50:37 PM) (Source: SideBySide)(User: )
Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\GTR 3.5.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8
 
Error: (07/25/2016 01:50:37 PM) (Source: SideBySide)(User: )
Description: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\GTRSolo 3.5.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.7.3_Win32_Release\WavesQtLibs_4.7.3_Win32_Release.MANIFEST8
 
Error: (07/25/2016 01:47:34 PM) (Source: SideBySide)(User: )
Description: WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\wlc.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.8.2_Win32_Release\WavesQtLibs_4.8.2_Win32_Release.MANIFEST8
 
Error: (07/25/2016 01:47:34 PM) (Source: SideBySide)(User: )
Description: WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0"C:\Program Files (x86)\Waves\Applications\wlc.exeC:\Program Files (x86)\Waves\Applications\WavesQtLibs_4.8.2_Win32_Release\WavesQtLibs_4.8.2_Win32_Release.MANIFEST8
 
Error: (07/25/2016 01:13:22 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7600.164504aebab8dmscoree.dll2.0.50727.49274a274530c00000050000000000032e3f76001d1e6b0c75a0cefC:\Windows\Explorer.EXEC:\Windows\system32\mscoree.dll3bf0d14f-52a4-11e6-ab7b-f46d0449d133
 
CodeIntegrity Errors:
===================================
  Date: 2016-07-25 13:46:18.362
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-07-25 13:46:18.362
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-07-25 13:11:26.438
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-07-25 13:11:26.391
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-07-25 01:44:02.502
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-07-25 01:44:02.502
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-07-21 11:47:45.194
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-07-21 11:47:45.193
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-07-21 10:33:14.689
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-07-21 10:33:14.689
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
=========================== Installed Programs ============================
Ableton Live 9 Suite (HKLM\...\{D3E03B95-EA53-4817-8907-DDA4C722E031}) (Version: 9.0.0.0 - Ableton)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.4.0 - IObit)
AirPlus XtremeG (HKLM-x32\...\{79B92240-9C65-4DD7-B1AD-59910D2C1353}) (Version:  - D-Link) Hidden
AirPlus XtremeG (HKLM-x32\...\InstallShield_{79B92240-9C65-4DD7-B1AD-59910D2C1353}) (Version:  - D-Link)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
ANIO Service (HKLM-x32\...\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}) (Version:  - )
ANIWZCS2 Service (HKLM-x32\...\{4C590030-7469-453E-8589-D15DA9D03F52}) (Version:  - )
Apowersoft Free Audio Recorder V2.3.4 (HKLM-x32\...\{E35F91E4-C68C-43E8-BE90-35CDEE4E5730}_is1) (Version: 2.3.4 - APOWERSOFT LIMITED)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASUS_ROG_THEME (HKLM-x32\...\ASUS_ROG_THEME) (Version: 1.00.08 - ASUSTeK Computer Inc.)
AudioThing Speaker (HKLM-x32\...\AudioThing Speaker) (Version: 1.1.0 - AudioThing)
Autodesk SketchBook Pro 6.2.6 (HKLM-x32\...\{DF9B4AC7-40C7-4229-8578-46D438C7E5ED}) (Version: 6.26.0000 - Autodesk)
Automap 4.8 (HKLM\...\Automap Universal_is1) (Version: 4.8 - Focusrite Audio Engineering Ltd.)
Automap ReWire 1.0 (HKLM-x32\...\Automap Universal ReWire_is1) (Version: 4.8 - Focusrite Audio Engineering Ltd.)
Avant Browser (remove only) (HKLM-x32\...\AvantBrowser) (Version: 12.5.0.0 - Avant Force)
AVG Zen (HKLM\...\{BF161E81-2BF2-4602-A105-C4448733E1CA}) (Version: 1.72.1 - AVG Technologies) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.3.0.834 - Bandisoft.com)
Bandicam Setup File 2.3.0.834 (HKLM-x32\...\Bandicam Setup File 2.3.0.834) (Version: 2.3.0.834 - Bandisoft)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battlefield 2: Deluxe Edition (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Behringer BCD3000 Driver v1.3.4 (HKLM-x32\...\Behringer BCD3000 Driver v1.3.4) (Version: 1.3.4 - Behringer)
BF2Hub Client (HKLM-x32\...\bf2hub) (Version:  - BF2Hub Systems)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
bx_megadual 1.0 (HKLM\...\bx_megadual_is1) (Version:  - Plugin Alliance)
bx_opto Pedal 1.0 (HKLM\...\bx_opto Pedal_is1) (Version:  - Plugin Alliance)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version:  - Treyarch)
CamStudio 2.7 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version:  - )
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - )
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
Disk Unlocker (HKLM-x32\...\{BA30CBCD-03DA-457A-A34B-3EF637D45D4E}) (Version: 2.0.5 - ASUS)
Epic Games Launcher (HKLM-x32\...\{DC13677B-1214-409C-8127-41BBC4445C61}) (Version: 1.1.73.0 - Epic Games, Inc.)
FabFilter Total Bundle (64-bit) (HKLM-x32\...\FabFilter Total Bundle (64-bit)) (Version:  - )
FabFilter Total Bundle (HKLM-x32\...\FabFilter Total Bundle) (Version:  - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
FMW 1 (HKLM\...\{69851B81-35BF-4B1B-AE90-3B1D67DD8857}) (Version: 1.102.4 - AVG Technologies) Hidden
FXpansion Maul (HKCU\...\FXpansion Maul) (Version: 1.0.1.2 - FXpansion Audio UK Ltd)
GameRanger (HKCU\...\GameRanger) (Version:  - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
iBackup Viewer 3.23.1 (HKLM-x32\...\{5B428966-3054-41E3-B0F8-008EE30BD019}_is1) (Version:  - iMacTools)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Intel® C++ Redistributables on IA-32 (HKLM-x32\...\{317059CB-7642-4F2E-89C0-62E69D4074B7}) (Version: 15.0.148 - Intel Corporation)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{2DD3C090-2986-4970-B3CB-87BB4C8AC4A5}) (Version: 15.0.148 - Intel Corporation)
Intel® Network Connections 15.3.68.0 (HKLM\...\PROSetDX) (Version: 15.3.68.0 - Intel)
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.9.5 - PACE Anti-Piracy, Inc.)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.3.0.5 - IObit)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1034 - Marvell)
Marvell MRU V4 (HKLM-x32\...\mv61xxMRU) (Version: 4.1.0.1610 - Marvell)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Money Calendar 5 (HKLM-x32\...\Money Calendar_is1) (Version: 5 - Sketchman Studio)
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version:  - Native Instruments)
Native Instruments Acoustic Refractions (HKLM-x32\...\Native Instruments Acoustic Refractions) (Version:  - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.11.0.465 - Native Instruments)
Native Instruments Drop Squad (HKLM-x32\...\Native Instruments Drop Squad) (Version:  - Native Instruments)
Native Instruments Drop Squad Sounds (HKLM-x32\...\Native Instruments Drop Squad Sounds) (Version:  - Native Instruments)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version:  - Native Instruments)
Native Instruments Komplete 7 (HKLM-x32\...\Native Instruments Komplete 7) (Version:  - Native Instruments)
Native Instruments Kore Player (HKLM-x32\...\Native Instruments Kore Player) (Version:  - Native Instruments)
Native Instruments Maschine 2 (HKLM-x32\...\Native Instruments Maschine 2) (Version: 2.1.0.1319 - Native Instruments)
Native Instruments Maschine Controller Driver (HKLM-x32\...\Native Instruments Maschine Controller Driver) (Version:  - Native Instruments)
Native Instruments Maschine Mikro Driver (HKLM-x32\...\Native Instruments Maschine Mikro Driver) (Version:  - Native Instruments)
Native Instruments Maschine Mikro MK2 Driver (HKLM-x32\...\Native Instruments Maschine Mikro MK2 Driver) (Version:  - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version:  - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version:  - Native Instruments)
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version:  - Native Instruments)
Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version:  - Native Instruments)
Native Instruments Reflektor (HKLM-x32\...\Native Instruments Reflektor) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Static Friction (HKLM-x32\...\Native Instruments Static Friction) (Version: 1.1.0.1 - Native Instruments)
Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.1.0.418 - Native Instruments)
Native Instruments The Finger R2 (HKLM-x32\...\Native Instruments The Finger R2) (Version:  - Native Instruments)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version:  - Native Instruments)
Native Instruments Traktors 12 (HKLM-x32\...\Native Instruments Traktors 12) (Version:  - Native Instruments)
NETGEAR WNDA3100v2 wireless USB 2.0 driver (HKLM-x32\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 2.2.0.6 - NETGEAR)
Novation USB Audio Driver 2.6 (HKLM\...\Novation USB Audio Driver_is1) (Version: 2.6 - Novation DMS Ltd.)
Numark Orbit Editor (HKLM-x32\...\OrbitEditor) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OrbitDJ (HKLM-x32\...\{859B37CF-2D48-43D4-81E8-0C5D640AF2C0}) (Version: 1.0.0 - Numark)
PC Tools Registry Mechanic 11.1 (HKLM-x32\...\Registry Mechanic_is1) (Version: 11.1 - PC Tools)
PDF Settings (HKLM-x32\...\{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.8.5-r108883-release - Plays.tv, LLC)
Plugin Alliance All Installer 3.3 (HKLM\...\Plugin Alliance All Installer_is1) (Version:  - Plugin Alliance)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Reveal Sound Spire (HKLM-x32\...\Reveal Sound Spire) (Version: 1.1.7 - Reveal Sound)
Screen Recorder (HKLM-x32\...\Screen Recorder_is1) (Version: 2.1 - Sketchman Studio)
Sound Blaster Audigy (HKLM-x32\...\{4B5F5D06-7097-417E-9793-290D9D85DC6B}) (Version: 1.0 - Creative Technology Limited)
Splice Windows Client (HKCU\...\Splice) (Version: 1.2.11 - Splice)
Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.12 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SuperCollider Version 3.6.6 (HKLM-x32\...\SuperCollider-3.6.6) (Version: 3.6.6 - )
Sylenth1 v2.21 (HKLM\...\Sylenth1_is1) (Version:  - )
Tantra version 1.00 (HKLM\...\Tantra_is1) (Version: 1.00 - )
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
ValhallaRoom version 1.1.1 (HKLM-x32\...\{375980F3-1584-496E-888B-BD3D81EF0C1D}_is1) (Version: 1.1.1 - Valhalla DSP, LLC)
Vertigo VSC-2 1.0 (HKLM\...\Vertigo VSC-2_is1) (Version:  - Vertigo Sound)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.6.2.0 - Azureus Software, Inc.)
Waves Complete V9r29 (HKLM-x32\...\{93000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.3.29 - Waves)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WL-万隆修复仪2.3.0 (HKLM-x32\...\{9D9E776D-37DB-4981-847C-2593B5DED170}) (Version: 2.3.0 - 深圳市万隆鑫苹果科技有限公司)
Wondershare Data Recovery(Build 4.8.2.1) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 4.8.2.1 - Wondershare Software Co.,Ltd.)
Wondershare Dr.Fone for iOS(Build 7.1.0.47) (HKLM-x32\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 7.1.0.47 - Wondershare Software Co.,Ltd.)
Wondershare LiveBoot 2012 (Build 7.0.1) (HKLM-x32\...\Wondershare LiveBoot 2012_is1) (Version:  - Wondershare Software Co., Ltd.)
XviD Video Codec (remove only) (HKLM-x32\...\XviD Video Codec) (Version:  - )
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)
Yamaha Steinberg USB Driver (HKLM\...\{64F338F0-1427-4D38-B30F-C6CB38C6B0D1}) (Version: 1.9.8 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\InstallShield_{64F338F0-1427-4D38-B30F-C6CB38C6B0D1}) (Version: 1.9.8 - Yamaha Corporation)
 
========================= Memory info: ===================================
Percentage of memory in use: 18%
Total physical RAM: 12279.12 MB
Available physical RAM: 9970.45 MB
Total Virtual: 24556.38 MB
Available Virtual: 22166.82 MB
 
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:698.53 GB) (Free:182.41 GB) NTFS
2 Drive d: (SB_INSTALL) (CDROM) (Total:0.59 GB) (Free:0 GB) CDFS
3 Drive f: (WD SmartWare) (CDROM) (Total:0.6 GB) (Free:0 GB) UDF
5 Drive h: (My Passport) (Fixed) (Total:232.23 GB) (Free:21.65 GB) NTFS
 
========================= Users: ========================================
User accounts for \\JASONVOORHIES
 
Administrator            Guest                    Jason Voorhies           
SophosSAUJASONVOORH0     
 
 
**** End of log ****
 

 

Here is my speccy snapshot:  http://speccy.piriform.com/results/aNqAMMOWbzk2eT1tnbJwQPD


Edited by hamluis, 25 July 2016 - 04:22 PM.


#8 hamluis

hamluis

    Moderator


  • Moderator
  • 55,887 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:03:18 PM

Posted 25 July 2016 - 04:26 PM

FWIW:  https://social.technet.microsoft.com/Forums/windows/en-US/9f46ea31-8327-4a69-b12d-b33e06fa2843/windows-7-bluescreen-crash-bccode-19?forum=w7itprohardware

 

BC BSODs Posting Instructions - http://www.bleepingcomputer.com/forums/t/576314/blue-screen-of-death-bsod-posting-instructions-windows-10-81-8-7-vista/, please follow the instructions provided.

 

Topic moved to BSODs/Crashes.

 

Louis



#9 tcade777

tcade777
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Area 51, NV
  • Local time:01:18 PM

Posted 25 July 2016 - 05:11 PM

Here is my minidump file:

 

http://www.filedropper.com/072216-53648-01



#10 tcade777

tcade777
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Area 51, NV
  • Local time:01:18 PM

Posted 25 July 2016 - 05:43 PM

Ive also uploaded my Sysfilecollectionapp & Perfmonreport after following the directions provided and creating a new thread with the results.



#11 technonymous

technonymous

  • Members
  • 2,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:18 PM

Posted 25 July 2016 - 07:20 PM

Your system is in bad shape. You have many programs that are conflicting with each other. Iobit, avg, mbam. It seems at one point you had sophos that still remains in services, but stopped. Also spyhunter 4 still has remains in task scheduler. It appears you have some audio vst drivers or program installed itself in the wrong directory, that is why so many errors being reported. Probably suppose to go in (x86) instead of 64 or vice versa who knows.

 

That isn't the worst of it though. Both of your Drives are dying. The C drive is reporting SMART codes errors on 05, C4, C5, BB. The Western Digital USB passport is reporting SMART codes errors on 05, C4, C5



#12 tcade777

tcade777
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Area 51, NV
  • Local time:01:18 PM

Posted 25 July 2016 - 11:36 PM

Your system is in bad shape. You have many programs that are conflicting with each other. Iobit, avg, mbam. It seems at one point you had sophos that still remains in services, but stopped. Also spyhunter 4 still has remains in task scheduler. It appears you have some audio vst drivers or program installed itself in the wrong directory, that is why so many errors being reported. Probably suppose to go in (x86) instead of 64 or vice versa who knows.

 

That isn't the worst of it though. Both of your Drives are dying. The C drive is reporting SMART codes errors on 05, C4, C5, BB. The Western Digital USB passport is reporting SMART codes errors on 05, C4, C5

 

1. How do i go about removing the corrupt Regsvcs.exe (Microsoft.Net Services Installtion) startup process?

2. How do i remove the 'installed programs' that dont actually show up under my list of installed programs?

3. The reason why there are VST files in the (x86) folder instead of the 64 is because they are bridged that way by my CPU.

4. How do i repair my drives based on the SMART code errors im getting?


Edited by tcade777, 25 July 2016 - 11:48 PM.


#13 technonymous

technonymous

  • Members
  • 2,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:18 PM

Posted 26 July 2016 - 09:10 AM

1. https://www.microsoft.com/en-us/download/details.aspx?id=30135

 

2. The sophos in the services are stopped and spyhunter4 is also stopped in the task scheduler so they are probably not enabled to start up and shouldn't cause you problems. However, the others you have installed need to be uninstalled and run just AVG. Those types of programs all conflict with each other and slow your system down.

 

4. Your problems are caused by your hard drive dying. Sectors that go bad you will get file corruption and it will continue to get worse. You need to buy a new drive and reinstall your OS fresh.



#14 tcade777

tcade777
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Area 51, NV
  • Local time:01:18 PM

Posted 26 July 2016 - 01:24 PM

Surprisingly, updating Windows Defender and running it overnight found different malicious items that even Malwarebytes & AVG did not detect.

 

1. Will i typically be removing these programs in the original windows installer or should i use a different program for this? One that scans for leftover registry items?

2. I still havent been told how to remove the LONG list of 'installed items' that arent even in the add/remove programs list?

3. How do i remove the corrupt Regsvcs.exe (Microsoft Framework Installation) process? (i believe it has a trojan attached to it)



#15 CKing123

CKing123

  • Members
  • 1,463 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:British Columbia, Canada
  • Local time:01:18 PM

Posted 26 July 2016 - 02:13 PM

Hello tcade777


3. How do i remove the corrupt Regsvcs.exe (Microsoft Framework Installation) process? (i believe it has a trojan attached to it)

Your issues are not caused by trojans or viruses. Instead, they are caused by a failing hard disk. The best thing to do in this situation is to Backup your data, and replace your disk

 

If you clone your disk to a new one, then we need to fix a few other things: I see signs of multiple antiviruses as well, and they can cause conflict and can cause system slowdown. I also see that your Java is not up-to-date, and your version has vulnerabilities

 

I see that you have opened another topic here: http://www.bleepingcomputer.com/forums/t/621079/perfmon-report-sysnative-svchostexe-regsvcsexe-trojan/

 

This topic was also moved to Windows Crashes, BSOD, and Hangs Help and Support.

 

-CKing


If I am helping you and I don't respond within 2 days, feel free to send me a PM

Sysnative Windows Update Senior Analyst 

Github | Keybase





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users