Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

slow, conflicts, freeze


  • Please log in to reply
15 replies to this topic

#1 topedge

topedge

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:15 AM

Posted 02 September 2016 - 01:24 PM

Hi,

Have a intel i5-3470 @3.2ghz, 24 gb ram, 64 bit OS, win7 ult.

it runs slow and will get bogged down and confused and freeze. I use it for trading and have charts open. It was working well and haven't been able to figure out what has caused the confusion.

Thanks.

 

Frst.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Dave (administrator) on DAVE-PC (02-09-2016 12:15:55)
Running from C:\Users\Dave\Downloads
Loaded Profiles: Dave (Available Profiles: Dave)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Cyber Power Systems, Inc.) C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CMedia) C:\Program Files\ASUS Xonar DG Audio\Customapp\AsusAudioCenter.exe
(Pantaray Research Ltd.) C:\Program Files (x86)\ThinkForex Australia MetaTrader 4\MQL4\X_AutochartistPlugin_AutoUpdaterThinkForex.exe
(Corsair Components  Inc) C:\Program Files (x86)\Corsair\M60 Mouse\M60Hid.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Cyber Power Systems, Inc.) C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Corsair Components  Inc) C:\Program Files (x86)\Corsair\M60 Mouse\CorsTra.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(MetaQuotes Software Corp.) C:\Program Files (x86)\ThinkForex Australia MetaTrader 4\terminal.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Cmaudio8788] => C:\Windows\Syswow64\cmicnfgp.dll [8769536 2011-05-12] (C-Media Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8849152 2016-04-29] (Realtek Semiconductor)
HKLM-x32\...\Run: [Corsair M60 Mouse] => C:\Program Files (x86)\Corsair\M60 Mouse\M60Hid.exe [1766912 2013-06-05] (Corsair Components  Inc)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [377368 2013-10-23] (Power Software Ltd)
HKLM-x32\...\Run: [PowerPanel Personal Edition User Interaction] => C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe [350184 2012-08-03] (Cyber Power Systems, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\MountPoints2: F - notepad readme.txt
HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\MountPoints2: {9cf4244f-72cf-11e4-877c-806e6f6e6963} - G:\AUTORUN.EXE
HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
Startup: C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Autochartist MT4 plugin - Auto Update.lnk [2015-07-23]
ShortcutTarget: Autochartist MT4 plugin - Auto Update.lnk -> C:\Program Files (x86)\ThinkForex Australia MetaTrader 4\MQL4\AutochartistPlugin_AutoUpdaterThinkForex.exe (Pantaray Research Ltd.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 75.153.171.114
Tcpip\..\Interfaces\{99876E0C-7EC4-4E34-8E2E-1FDE2DDB4915}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{99876E0C-7EC4-4E34-8E2E-1FDE2DDB4915}: [DhcpNameServer] 192.168.1.254 75.153.176.9
Tcpip\..\Interfaces\{D8BFB221-7273-4F0F-9CF4-5A5AB64158C7}: [DhcpNameServer] 192.168.1.254 75.153.171.114
 
Internet Explorer:
==================
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-29] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-29] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-29] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-29] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\j0c6qake.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-22] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-29] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-22] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-29] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: questrade.com/QuestradeIQEdgeDetector -> C:\Program Files (x86)\Questrade IQ Edge\npQuestradeIQEdgeDetector.dll [2016-06-28] (Questrade Inc)
FF Plugin HKU\S-1-5-21-1478564851-2874633889-2740917108-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Dave\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-07-13] (Citrix Online)
FF Plugin HKU\S-1-5-21-1478564851-2874633889-2740917108-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Dave\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2016-02-06] (Zoom Video Communications, Inc.)
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
 
Chrome: 
=======
CHR Profile: C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-23]
CHR Extension: (Google Docs) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-23]
CHR Extension: (Google Drive) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Sheets) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-23]
CHR Extension: (Google Docs Offline) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Skype) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-08-31]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-07-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
CHR Extension: (Gmail) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-23]
CHR Extension: (Chrome Media Router) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-31]
CHR HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit)
S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-11-04] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-07-11] ()
R2 ppped; C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe [1017832 2012-08-03] (Cyber Power Systems, Inc.)
S4 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-04] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S4 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [X]
S4 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-16] (REALiX™)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-07-21] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
S3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2015-02-09] (Windows ® Win 7 DDK provider)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
R3 WIMBLEMS; C:\Windows\System32\drivers\WIMBLEMS.sys [25600 2012-03-27] ( )
S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WacHidRouter; system32\DRIVERS\wachidrouter.sys [X]
S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X]
R3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-09-02 12:15 - 2016-09-02 12:16 - 00018834 _____ C:\Users\Dave\Downloads\FRST.txt
2016-09-02 12:15 - 2016-09-02 12:15 - 00000000 ____D C:\FRST
2016-09-02 12:00 - 2016-09-02 12:00 - 02397696 _____ (Farbar) C:\Users\Dave\Downloads\FRST64.exe
2016-09-02 11:00 - 2016-09-02 11:59 - 00459320 _____ C:\Users\Dave\Documents\CL 10-16.201609021200.Last.ntd
2016-09-02 10:00 - 2016-09-02 11:00 - 00279340 _____ C:\Users\Dave\Documents\CL 10-16.201609021100.Last.ntd
2016-09-02 09:00 - 2016-09-02 10:00 - 00596080 _____ C:\Users\Dave\Documents\CL 10-16.201609021000.Last.ntd
2016-09-02 08:00 - 2016-09-02 09:00 - 00905360 _____ C:\Users\Dave\Documents\CL 10-16.201609020900.Last.ntd
2016-09-02 07:00 - 2016-09-02 08:00 - 01008720 _____ C:\Users\Dave\Documents\CL 10-16.201609020800.Last.ntd
2016-09-02 06:00 - 2016-09-02 07:00 - 01095100 _____ C:\Users\Dave\Documents\CL 10-16.201609020700.Last.ntd
2016-09-02 05:00 - 2016-09-02 06:00 - 00207820 _____ C:\Users\Dave\Documents\CL 10-16.201609020600.Last.ntd
2016-09-02 04:00 - 2016-09-02 05:00 - 00103140 _____ C:\Users\Dave\Documents\CL 10-16.201609020500.Last.ntd
2016-09-01 13:40 - 2016-09-02 02:06 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-09-01 13:40 - 2016-09-01 13:40 - 00003882 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-09-01 13:07 - 2016-09-01 13:07 - 00440785 _____ C:\Users\Dave\Downloads\TradersBulletinTradingJournal16.xlsx
2016-09-01 10:00 - 2016-09-01 10:05 - 00005680 _____ C:\Users\Dave\Documents\6B 09-16.201609011100.Last.ntd
2016-09-01 09:55 - 2016-09-01 09:59 - 00012700 _____ C:\Users\Dave\Documents\6B 09-16.201609011000.Last.ntd
2016-08-31 14:00 - 2016-08-31 14:01 - 00003420 _____ C:\Users\Dave\Documents\CL 10-16.201608311500.Last.ntd
2016-08-31 13:23 - 2016-08-31 13:23 - 00000000 ____D C:\Users\Dave\AppData\Roaming\TeamViewer
2016-08-31 13:22 - 2016-08-31 13:22 - 06474968 _____ (TeamViewer) C:\Users\Dave\Downloads\TeamViewerQS-idcne8fm2m.exe
2016-08-31 10:00 - 2016-08-31 10:20 - 00024980 _____ C:\Users\Dave\Documents\6B 09-16.201608311100.Last.ntd
2016-08-31 08:59 - 2016-08-31 09:59 - 00098380 _____ C:\Users\Dave\Documents\6B 09-16.201608311000.Last.ntd
2016-08-31 08:57 - 2016-08-31 08:57 - 10075696 _____ C:\Users\Dave\Documents\Filed Manitoba Securities.pdf
2016-08-31 08:49 - 2016-08-31 08:49 - 10075696 _____ C:\Users\Dave\Downloads\Manitoba Securities.pdf
2016-08-31 08:00 - 2016-08-31 08:59 - 00160460 _____ C:\Users\Dave\Documents\6B 09-16.201608310900.Last.ntd
2016-08-31 06:59 - 2016-08-31 08:00 - 00086480 _____ C:\Users\Dave\Documents\6B 09-16.201608310800.Last.ntd
2016-08-31 06:40 - 2016-08-31 06:59 - 00038140 _____ C:\Users\Dave\Documents\6B 09-16.201608310700.Last.ntd
2016-08-31 06:00 - 2016-08-31 06:40 - 00238060 _____ C:\Users\Dave\Documents\GC 12-16.201608310700.Last.ntd
2016-08-31 05:00 - 2016-08-31 06:00 - 00046300 _____ C:\Users\Dave\Documents\GC 12-16.201608310600.Last.ntd
2016-08-31 04:00 - 2016-08-31 05:00 - 00027480 _____ C:\Users\Dave\Documents\GC 12-16.201608310500.Last.ntd
2016-08-31 03:56 - 2016-08-31 04:00 - 00001600 _____ C:\Users\Dave\Documents\GC 12-16.201608310400.Last.ntd
2016-08-29 14:00 - 2016-08-29 15:00 - 00028000 _____ C:\Users\Dave\Documents\CL 10-16.201608291500.Last.ntd
2016-08-26 08:59 - 2016-08-26 09:24 - 00157660 _____ C:\Users\Dave\Documents\GC 12-16.201608261000.Last.ntd
2016-08-25 13:59 - 2016-08-25 14:11 - 00008000 _____ C:\Users\Dave\Documents\CL 10-16.201608251500.Last.ntd
2016-08-24 13:59 - 2016-08-24 14:59 - 00038860 _____ C:\Users\Dave\Documents\CL 10-16.201608241500.Last.ntd
2016-08-24 09:13 - 2016-08-24 09:13 - 00777536 _____ C:\Windows\Minidump\082416-8283-01.dmp
2016-08-23 15:55 - 2016-08-23 15:55 - 00171616 _____ C:\Users\Dave\Downloads\ZoomInfoContactContributor-ReachOut-52-1.exe
2016-08-23 14:00 - 2016-08-23 14:20 - 00013520 _____ C:\Users\Dave\Documents\CL 10-16.201608231500.Last.ntd
2016-08-23 09:19 - 2016-08-23 09:19 - 00282248 _____ C:\Windows\Minidump\082316-6973-01.dmp
2016-08-19 08:27 - 2016-08-19 08:27 - 00743048 _____ C:\Windows\Minidump\081916-7004-01.dmp
2016-08-19 07:59 - 2016-08-19 08:26 - 00175780 _____ C:\Users\Dave\Documents\GC 12-16.201608190900.Last.ntd
2016-08-18 09:29 - 2016-08-18 09:30 - 00002800 _____ C:\Users\Dave\Documents\CL 09-16.201608181000.Last.ntd
2016-08-18 09:00 - 2016-08-18 09:29 - 00400480 _____ C:\Users\Dave\Documents\ES 09-16.201608181000.Last.ntd
2016-08-18 08:00 - 2016-08-18 09:00 - 01083900 _____ C:\Users\Dave\Documents\ES 09-16.201608180900.Last.ntd
2016-08-18 07:19 - 2016-08-18 08:00 - 01043780 _____ C:\Users\Dave\Documents\ES 09-16.201608180800.Last.ntd
2016-08-18 06:29 - 2016-08-18 06:34 - 00024100 _____ C:\Users\Dave\Documents\6A 09-16.201608180700.Last.ntd
2016-08-18 06:22 - 2016-08-18 06:22 - 00000000 ____D C:\Users\Dave\AppData\Local\ElevatedDiagnostics
2016-08-17 15:22 - 2016-09-01 13:27 - 00000306 _____ C:\Windows\Tasks\FreeFixer background scan.job
2016-08-17 15:22 - 2016-08-19 13:17 - 00000000 ____D C:\Users\Dave\AppData\Roaming\FreeFixer
2016-08-17 15:22 - 2016-08-17 15:23 - 00000000 ____D C:\Users\Dave\AppData\Local\FreeFixer
2016-08-17 15:22 - 2016-08-17 15:22 - 00002968 _____ C:\Windows\System32\Tasks\FreeFixer background scan
2016-08-17 15:22 - 2016-08-17 15:22 - 00000000 ____D C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeFixer
2016-08-17 15:22 - 2016-08-17 15:22 - 00000000 ____D C:\Program Files\FreeFixer
2016-08-17 15:21 - 2016-08-17 15:21 - 02687418 _____ (Kephyr) C:\Users\Dave\Downloads\freefixersetup.exe
2016-08-16 01:19 - 2016-08-16 01:23 - 00002340 _____ C:\Users\Dave\Documents\6A 09-16.201608160200.Last.ntd
2016-08-09 06:45 - 2016-08-17 13:25 - 00000000 ____D C:\Users\Dave\Downloads\followthemoney_files
2016-08-09 06:45 - 2016-08-09 06:45 - 00220169 _____ C:\Users\Dave\Downloads\followthemoney.html
2016-08-08 14:00 - 2016-08-08 14:21 - 00016180 _____ C:\Users\Dave\Documents\CL 09-16.201608081500.Last.ntd
2016-08-08 07:00 - 2016-08-08 07:06 - 00020440 _____ C:\Users\Dave\Documents\GC 12-16.201608080800.Last.ntd
2016-08-08 06:35 - 2016-08-08 07:00 - 00048200 _____ C:\Users\Dave\Documents\GC 12-16.201608080700.Last.ntd
2016-08-08 06:14 - 2016-08-08 06:15 - 00000760 _____ C:\Users\Dave\Documents\ES 09-16.201608080700.Last.ntd
2016-08-05 11:00 - 2016-08-05 11:01 - 00023480 _____ C:\Users\Dave\Documents\CL 09-16.201608051200.Last.ntd
2016-08-05 10:00 - 2016-08-05 10:59 - 00318260 _____ C:\Users\Dave\Documents\CL 09-16.201608051100.Last.ntd
2016-08-05 09:35 - 2016-08-05 10:00 - 00190540 _____ C:\Users\Dave\Documents\CL 09-16.201608051000.Last.ntd
2016-08-05 09:00 - 2016-08-05 09:35 - 00099180 _____ C:\Users\Dave\Documents\GC 12-16.201608051000.Last.ntd
2016-08-05 08:41 - 2016-08-05 09:00 - 00112380 _____ C:\Users\Dave\Documents\GC 12-16.201608050900.Last.ntd
2016-08-04 14:00 - 2016-08-04 14:46 - 00172540 _____ C:\Users\Dave\Documents\ES 09-16.201608041500.Last.ntd
2016-08-03 14:00 - 2016-08-03 15:00 - 00289940 _____ C:\Users\Dave\Documents\ES 09-16.201608031500.Last.ntd
2016-08-03 07:26 - 2016-08-03 07:26 - 01270466 _____ C:\Users\Dave\Downloads\ProcessExplorer (1).zip
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-09-02 12:16 - 2015-01-20 02:35 - 00000021 _____ C:\Users\Dave\AppData\Roaming\config_data.dat
2016-09-02 12:11 - 2009-07-13 22:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-02 12:11 - 2009-07-13 22:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-02 12:07 - 2015-09-30 07:08 - 00000536 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1478564851-2874633889-2740917108-1000.job
2016-09-02 11:48 - 2015-07-23 04:09 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-02 11:15 - 2015-09-30 07:08 - 00000632 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1478564851-2874633889-2740917108-1000.job
2016-09-02 04:59 - 2009-07-13 23:13 - 00006214 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-02 04:55 - 2015-01-12 17:44 - 00000000 ____D C:\ProgramData\ProductData
2016-09-02 04:54 - 2015-07-23 04:09 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-02 04:54 - 2015-01-20 02:32 - 00000000 ____D C:\Program Files (x86)\CyberPower PowerPanel Personal Edition
2016-09-02 04:54 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-01 13:40 - 2015-07-22 15:25 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-01 13:40 - 2015-07-22 15:25 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-01 13:40 - 2014-11-22 23:55 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-01 13:40 - 2014-11-22 23:55 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-01 13:40 - 2014-11-22 23:40 - 00000000 ____D C:\Users\Dave\AppData\Local\Adobe
2016-08-31 05:53 - 2015-09-30 07:08 - 00003658 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-1478564851-2874633889-2740917108-1000
2016-08-31 05:53 - 2015-09-30 07:08 - 00003562 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-1478564851-2874633889-2740917108-1000
2016-08-26 10:46 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf
2016-08-26 10:01 - 2015-07-21 16:13 - 00000000 ____D C:\Users\Dave\AppData\Local\Microsoft Games
2016-08-26 09:25 - 2016-07-21 13:07 - 726516954 _____ C:\Windows\MEMORY.DMP
2016-08-26 09:25 - 2015-10-06 08:23 - 00000000 ____D C:\Windows\Minidump
2016-08-25 09:04 - 2015-12-09 14:46 - 00000000 ____D C:\Users\Dave\AppData\Roaming\Questrade
2016-08-25 09:04 - 2015-12-09 12:41 - 00000000 ____D C:\Users\Dave\Documents\Questrade IQ Edge
2016-08-23 14:22 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\registration
2016-08-22 09:20 - 2016-05-17 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Questrade IQ Edge
2016-08-22 09:20 - 2015-12-09 12:41 - 00001109 _____ C:\Users\Public\Desktop\Questrade IQ Edge.lnk
2016-08-22 09:20 - 2015-12-09 12:41 - 00000000 ____D C:\Program Files (x86)\Questrade IQ Edge
2016-08-22 07:33 - 2015-12-04 07:39 - 00056832 ___SH C:\Users\Dave\Documents\Thumbs.db
2016-08-19 07:06 - 2016-03-22 07:40 - 00000000 ____D C:\Program Files (x86)\Traders Way MetaTrader 4
2016-08-19 06:56 - 2015-07-23 04:55 - 00000000 ____D C:\Program Files (x86)\ThinkForex Australia MetaTrader 4
2016-08-17 15:18 - 2015-01-12 17:44 - 00002900 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Dave
2016-08-17 14:33 - 2009-07-14 01:45 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-08-17 13:25 - 2015-12-03 07:16 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-08-17 13:25 - 2015-11-12 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-08-17 13:25 - 2015-07-23 04:55 - 00000000 ____D C:\Users\Dave\AppData\Roaming\MetaQuotes
2016-08-17 13:25 - 2015-03-27 15:00 - 00000000 ___SD C:\Windows\system32\GWX
2016-08-17 13:25 - 2015-01-12 17:44 - 00000000 ____D C:\Users\Dave\AppData\Roaming\ProductData
2016-08-17 13:25 - 2015-01-12 17:44 - 00000000 ____D C:\Users\Dave\AppData\LocalLow\IObit
2016-08-17 13:25 - 2015-01-12 17:44 - 00000000 ____D C:\ProgramData\IObit
2016-08-17 13:25 - 2014-11-23 04:18 - 00000000 ____D C:\Users\Dave\AppData\Roaming\IObit
2016-08-17 13:25 - 2014-11-22 23:23 - 00000000 ____D C:\Users\Dave\AppData\Roaming\ASUS
2016-08-17 13:25 - 2014-11-22 23:18 - 00000000 ____D C:\Users\Dave
2016-08-15 07:37 - 2016-01-22 07:42 - 00143872 ___SH C:\Users\Dave\Downloads\Thumbs.db
2016-08-08 12:49 - 2015-07-23 04:09 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-08 12:49 - 2015-07-23 04:09 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
 
==================== Files in the root of some directories =======
 
2014-12-10 22:20 - 2015-07-21 00:08 - 0000033 _____ () C:\Users\Dave\AppData\Roaming\AdobeWLCMCache.dat
2015-01-20 02:35 - 2016-09-02 12:16 - 0000021 _____ () C:\Users\Dave\AppData\Roaming\config_data.dat
2014-11-23 19:18 - 2015-07-07 21:14 - 0001456 _____ () C:\Users\Dave\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-12-18 08:49 - 2015-12-18 08:49 - 0000017 _____ () C:\Users\Dave\AppData\Local\resmon.resmoncfg
2015-01-16 01:55 - 2015-01-16 01:55 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-02-16 14:33 - 2016-02-17 06:44 - 0000225 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-07-23 04:27 - 2015-07-23 04:27 - 0000115 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
 
Some files in TEMP:
====================
C:\Users\Dave\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Dave\AppData\Local\Temp\SCC.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-08-26 11:56
 
==================== End of FRST.txt ============================
 
 
Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by Dave (02-09-2016 12:16:09)
Running from C:\Users\Dave\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2014-11-23 05:18:22)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1478564851-2874633889-2740917108-500 - Administrator - Disabled)
Dave (S-1-5-21-1478564851-2874633889-2740917108-1000 - Administrator - Enabled) => C:\Users\Dave
Guest (S-1-5-21-1478564851-2874633889-2740917108-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1478564851-2874633889-2740917108-1004 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.1 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.0.3 - IObit)
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version:  - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS Xonar DG Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Autochartist MT4 plugin for ThinkForex (HKLM-x32\...\Autochartist MT4 plugin for ThinkForex) (Version: 70 - Autochartist)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Canon MP500 (HKLM\...\{BA4DF4C3-196E-4128-969A-00996B5A46F8}) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{1B1BF50E-ACE8-4481-B362-89544FB1CD4B}) (Version: 1.0.357 - Citrix)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 2.4.5110 - Corsair)
Corsair Link™ USB Dongle (Driver Removal) (HKLM-x32\...\CMIUSB&1B1C&1C00) (Version:  - Corsair Memory, Inc.)
Corsair M60 Firmware Update Application (HKLM-x32\...\{4D0449F9-FA4D-4050-8388-2EF221C0C251}_is1) (Version:  - )
Corsair M60 Gaming Mouse Driver V1.0 (HKLM-x32\...\{337CDF25-8F3C-4DEF-8A94-5A9BFC961368}_is1) (Version: 1.00.00.37 - )
CyberPower PowerPanel Personal Edition 1.3.4 (HKLM-x32\...\{612DBD6B-D073-43A9-8A26-D89DDF835137}) (Version: 1.3.4 - Cyber Power Systems, Inc.)
Driver Booster 3.4 (HKLM-x32\...\Driver Booster_is1) (Version: 3.4 - IObit)
FreeFixer (HKLM-x32\...\FreeFixer1.13) (Version: 1.13 - Kephyr)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GoToMeeting 7.22.0.5506 (HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\GoToMeeting) (Version: 7.22.0.5506 - CitrixOnline)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel® Update Manager (x32 Version: 1.6.3.70 - Intel Corporation) Hidden
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.2.3.400 - Intel Corporation)
IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.4 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.1.0.21 - IObit)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
MetaTrader 4 (HKLM-x32\...\MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
NinjaTrader 7 (HKLM-x32\...\{79D6E936-FD0C-4213-9A2B-3955CE618101}) (Version: 7.0.1031 - NinjaTrader)
NVIDIA 3D Vision Driver 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.06 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.11.2 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.8 - Power Software Ltd)
Questrade IQ Edge (HKLM-x32\...\{B50F973A-8BEC-4A5D-AFEE-E4AEDAA150BD}_is1) (Version: 5.1.5.1 - Questrade Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.28549 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7746 - Realtek Semiconductor Corp.)
Rithmic Trader 14.6.0.0 (HKLM-x32\...\{676E82BD-0953-4954-9F91-D0A4E876DE7D}) (Version: 14.6.0 - Omnesys Technologies, Inc.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.3 - IObit)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
ThinkForex Australia MetaTrader 4 (HKLM-x32\...\ThinkForex Australia MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
Traders Way MetaTrader 4 (HKLM-x32\...\Traders Way MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Zoom (HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\5102\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {004F397F-5A7D-478E-87CF-7CF79509A66C} - System32\Tasks\Uninstaller_SkipUac_Dave => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-11-23] (IObit)
Task: {0EB631E3-6068-4654-A855-4D2285395FD1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-09-01] (Adobe Systems Incorporated)
Task: {1511F5D7-EB30-4E5A-B04C-28B58139DFFE} - System32\Tasks\FreeFixer background scan => C:\Program Files\FreeFixer\freefixer.exe [2015-08-21] (Kephyr)
Task: {2AE9CA5D-9262-425E-8487-7E235117253A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {2CF6300A-EF1F-4190-BA04-F36E251723FC} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {4D8507A5-E2EC-4DD3-B940-51E7BD875122} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2015-12-08] (IObit)
Task: {5F41D8AF-782D-465C-9F2A-DD49A933E70E} - System32\Tasks\Start CorsairLINK Hardware Monitor => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.exe [2013-08-06] (Corsair Components, Inc.)
Task: {8057C5D9-DC8D-48F0-A81B-9D339A909140} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {8A822984-9D2A-4EB7-BF9E-EAFDEDBD69EF} - System32\Tasks\ASC9_SkipUac_Dave => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2015-11-30] (IObit)
Task: {D09F6F28-214B-4210-8A49-DFB65FDCA941} - System32\Tasks\G2MUpdateTask-S-1-5-21-1478564851-2874633889-2740917108-1000 => C:\Program Files (x86)\Citrix\GoToMeeting\5506\g2mupdate.exe [2016-08-31] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {E0C2ADA6-0223-4F9A-89DC-117D03E5648E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software)
Task: {EAFD1964-2B6D-4143-82E6-E865AE2FB2BC} - System32\Tasks\G2MUploadTask-S-1-5-21-1478564851-2874633889-2740917108-1000 => C:\Program Files (x86)\Citrix\GoToMeeting\5506\g2mupload.exe [2016-08-31] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {EC36886C-199E-49E0-9185-3512C1D82C21} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-23] (Google Inc.)
Task: {EF40D0F9-BE2B-496E-8E47-6DB22A80F8EF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {F8DC7640-E327-468E-A5FF-2C8892F8A59E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-23] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\Windows\Tasks\FreeFixer background scan.job => C:\Program Files\FreeFixer\freefixer.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1478564851-2874633889-2740917108-1000.job => C:\Program Files (x86)\Citrix\GoToMeeting\5506\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1478564851-2874633889-2740917108-1000.job => C:\Program Files (x86)\Citrix\GoToMeeting\5506\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-10-01 20:54 - 2014-10-01 20:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-02-12 02:28 - 2015-01-09 19:46 - 00517408 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\sqlite3.dll
2015-12-08 07:50 - 2013-01-15 19:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl
2015-12-08 07:50 - 2013-01-15 19:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl
2015-12-08 07:50 - 2013-01-15 19:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl
2015-01-20 02:34 - 2013-07-26 15:33 - 00140288 _____ () C:\Program Files (x86)\Corsair\Corsair Link\UsbClink.dll
2014-11-22 23:23 - 2011-04-19 00:56 - 00143360 ____N () C:\Program Files\ASUS Xonar DG Audio\Customapp\VmixP8.dll
2014-12-08 18:05 - 2012-05-14 13:41 - 00043008 _____ () C:\Program Files (x86)\Corsair\M60 Mouse\hidGetKey.dll
2015-11-12 13:16 - 2013-01-15 19:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-11-12 13:16 - 2013-01-15 19:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-11-12 13:16 - 2013-01-15 19:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-08-08 12:49 - 2016-08-02 18:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-08 12:49 - 2016-08-02 18:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2015-07-23 12:02 - 2014-03-19 14:43 - 08386560 _____ () C:\Program Files (x86)\ThinkForex Australia MetaTrader 4\MQL4\libraries\stdcall_ChartPatterns.dll
2016-08-08 12:49 - 2016-08-02 17:54 - 17602240 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\...\100sexlinks.com -> 100sexlinks.com
 
There are 4789 more sites.
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1478564851-2874633889-2740917108-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.254 - 75.153.171.114
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: Razer Game Scanner Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\startupreg: Advanced SystemCare 9 => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Razer Synapse => "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{2115524A-2260-42A2-8C60-7345A6660836}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{102E8C1D-DDA8-444D-8050-3DDD749CEC3B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{920EA221-9FD5-4456-857B-8C58FD0CA80C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{29FF74BE-86CF-4EA8-92AD-9A7BE1772E73}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FF3E70D1-9E8F-4EBE-BF8E-BFB78BA8325B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{55487A9A-107A-4EF9-8B29-FFE76900452D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{90303BE0-EF56-48E0-A2BA-F6A3929E9F5A}C:\program files (x86)\rithmic\rithmic trader\rithmic trader.exe] => (Allow) C:\program files (x86)\rithmic\rithmic trader\rithmic trader.exe
FirewallRules: [UDP Query User{E4B23F82-BBA8-4EE0-AEBA-53D2ED5274F4}C:\program files (x86)\rithmic\rithmic trader\rithmic trader.exe] => (Allow) C:\program files (x86)\rithmic\rithmic trader\rithmic trader.exe
FirewallRules: [TCP Query User{F03E3154-31FA-4192-B6F6-AA1CCAF99525}C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [UDP Query User{27C9494B-5228-4D49-99E3-F7D12098FD18}C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [{AD951A0E-DA27-4EDE-95E4-A33F8F33FCEC}] => (Block) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [{10996D3D-B379-4705-9519-923F4B42C8EE}] => (Block) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe
FirewallRules: [TCP Query User{76D5FDFA-55DD-40AE-AB0E-692F1AB1BCD4}C:\program files (x86)\rithmic\rithmic trader\rithmic trader.exe] => (Allow) C:\program files (x86)\rithmic\rithmic trader\rithmic trader.exe
FirewallRules: [UDP Query User{2C1AFC17-9F68-47CF-8913-C10EFA639595}C:\program files (x86)\rithmic\rithmic trader\rithmic trader.exe] => (Allow) C:\program files (x86)\rithmic\rithmic trader\rithmic trader.exe
FirewallRules: [TCP Query User{6D479D34-55A5-4A4C-9261-D30379889F8E}C:\programdata\rithmic\rithmic trader\12.52.0.0\rithmic trader.exe] => (Allow) C:\programdata\rithmic\rithmic trader\12.52.0.0\rithmic trader.exe
FirewallRules: [UDP Query User{5D0A85B1-1E4F-4DB2-8F07-4DA9D2772E31}C:\programdata\rithmic\rithmic trader\12.52.0.0\rithmic trader.exe] => (Allow) C:\programdata\rithmic\rithmic trader\12.52.0.0\rithmic trader.exe
FirewallRules: [TCP Query User{F5F80AD2-19CB-408E-A71D-CA68C8AB42AD}C:\programdata\rithmic\rithmic trader\12.53.0.0\rithmic trader.exe] => (Allow) C:\programdata\rithmic\rithmic trader\12.53.0.0\rithmic trader.exe
FirewallRules: [UDP Query User{10ECDA0C-C1AE-43CF-B2EB-EE16AD3ED847}C:\programdata\rithmic\rithmic trader\12.53.0.0\rithmic trader.exe] => (Allow) C:\programdata\rithmic\rithmic trader\12.53.0.0\rithmic trader.exe
FirewallRules: [{A50A4673-C456-4921-99F9-6C1EFC65C277}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{6A43C69B-3184-40F4-A65B-B06EDDD06076}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{482850E5-466C-42D6-A952-EE39F138562C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{ADC490B5-11A9-4232-A012-8B8F4CC34338}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{06307BDA-4DFE-464A-A22E-170FC50DD1D7}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{D55B5632-5D66-4D0A-8E0A-618FB31FEFF6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [TCP Query User{12566E84-9F59-4BED-8784-A480B2B024F1}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [UDP Query User{78E26D26-BC21-4F9C-88EF-DF4242BD85EF}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [{C9D7A927-16CE-4E7F-8AC6-D9088819B3DB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{16B0BED5-9D76-4F4B-9E1F-BC69BA43EF57}C:\programdata\rithmic\rithmic trader\14.9.0.0\rithmic trader.exe] => (Allow) C:\programdata\rithmic\rithmic trader\14.9.0.0\rithmic trader.exe
FirewallRules: [UDP Query User{75392E43-569A-451B-AE1F-26147258CD16}C:\programdata\rithmic\rithmic trader\14.9.0.0\rithmic trader.exe] => (Allow) C:\programdata\rithmic\rithmic trader\14.9.0.0\rithmic trader.exe
FirewallRules: [{F2B7A7EB-692A-4E32-9AA9-149C4F85A4A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
21-06-2016 06:23:17 Windows Backup
28-06-2016 06:21:24 Windows Backup
05-07-2016 06:22:21 Windows Backup
12-07-2016 06:21:15 Windows Backup
19-07-2016 05:56:55 Windows Backup
21-07-2016 13:20:20 Driver Booster : Intel® Management Engine Interface
26-07-2016 05:45:45 Windows Backup
31-07-2016 19:00:03 Windows Backup
09-08-2016 06:01:41 Windows Backup
16-08-2016 01:12:21 Windows Backup
17-08-2016 13:36:06 Windows Backup
22-08-2016 09:20:19 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
23-08-2016 00:29:36 Windows Backup
29-08-2016 05:46:18 Windows Backup
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/02/2016 07:40:36 AM) (Source: IMFsrv.exe) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (09/02/2016 06:21:26 AM) (Source: LiveUpdate.exe) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (09/02/2016 04:59:36 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (09/02/2016 04:59:36 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (09/02/2016 02:12:23 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (09/02/2016 02:12:23 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (09/01/2016 07:32:24 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (09/01/2016 07:32:24 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
Error: (09/01/2016 07:01:19 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (09/01/2016 07:01:19 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
 
 
System errors:
=============
Error: (09/02/2016 11:24:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The SPP Notification Service service terminated with the following error: 
Access is denied.
 
Error: (09/02/2016 10:24:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The SPP Notification Service service terminated with the following error: 
Access is denied.
 
Error: (09/02/2016 09:24:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The SPP Notification Service service terminated with the following error: 
Access is denied.
 
Error: (09/02/2016 08:24:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The SPP Notification Service service terminated with the following error: 
Access is denied.
 
Error: (09/02/2016 07:24:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The SPP Notification Service service terminated with the following error: 
Access is denied.
 
Error: (09/02/2016 06:24:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The SPP Notification Service service terminated with the following error: 
Access is denied.
 
Error: (09/02/2016 05:24:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The SPP Notification Service service terminated with the following error: 
Access is denied.
 
Error: (09/02/2016 04:54:47 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:54:20 AM on ‎02/‎09/‎2016 was unexpected.
 
Error: (09/02/2016 04:45:00 AM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14
 
Error: (09/02/2016 04:36:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The SPP Notification Service service terminated with the following error: 
Access is denied.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 24%
Total physical RAM: 24451 MB
Available physical RAM: 18559.25 MB
Total Virtual: 112924.21 MB
Available Virtual: 105830.44 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:223.57 GB) (Free:107.02 GB) NTFS
Drive f: (Speed) (Fixed) (Total:223.47 GB) (Free:80.65 GB) NTFS
 
==================== MBR & Partition Table ==================
 
==================== End of Addition.txt ============================

 

 

 



BC AdBot (Login to Remove)

 


#2 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:09:15 AM

Posted 06 September 2016 - 06:06 AM

Let's try looking at these 2 sets of reports (run them as soon as you recover from the next problem):

Report Set #1)  Please run this report collecting tool (even though you may not be experiencing BSOD's) so that we can provide a complete analysis: (from the pinned topic at the top of the forum)   http://www.bleepingcomputer.com/forums/t/576314/blue-screen-of-death-bsod-posting-instructions-windows-10-81-8-7-vista/
FYI - I don't often use the Perfmon report, so if it doesn't work please just let me know.

NOTE:
Please zip up the (.ZIP) files - do not use .RAR or other compression utilities. 
.ZIP is the type file that can be uploaded to the forums.

Report Set #2)  Please do the following:
- open Event Viewer (run eventvwr.msc from the "Run" dialog)
- expand the Custom Views category (left click on the > next to the words "Custom Views")
- right click on the "Administrative Events" heading
- select "Save all Events in Custom View as..."
- save the file as Admin.evtx
- zip up the file (right click on it, select "Send to", select "Compressed (zipped) folder")
- upload it with your next post (if it's too big, then upload it to a free file-hosting service and post a link here).

FYI - If we're looking for Event ID 41 errors (unexplained shutdowns), there's more info on that here:  http://support.microsoft.com/kb/2028504

While waiting for a reply, please monitor your temps with this free utility: 

SpeedFan v. 4.5.1 and later (free from here:  http://www.almico.com/sfdownload.php ) can log temperatures in a CSV file:

To make it work you have to do BOTH of the below:

1. Enable logging in general: Configure...Log...check "Enabled" then click on OK to save.

2. Enable logging for specific checks: Configure...Temperatures..left click on each sensor, then click on "Logged" at the bottom of the Window (for our purposes we want them all) then once you've selected "Logged" for all sensors, then click on OK to save.

The log will be located at C:\Program Files (x86)\SpeedFan

Naming: log files are named SFLogYYYYMMDD.csv, where YYYY is the year (four digits), MM is the month (2 digits, zero padded) and DD is the day (2 digits, zero padded). If a file already exists by that name, the file that already exists is renamed according to the following naming scheme: SFLogYYYYMMDD-CCCC.csv, where CCCC is a increasing number. The new file is then created with the standard file name scheme.

Notes: whenever you change the options related with logging, SpeedFan starts a new log file.

NOTE:You may want to turn logging off when we're done - as I don't know it's impact on performance or on the system.



 
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#3 topedge

topedge
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:15 AM

Posted 06 September 2016 - 12:11 PM

Attached File  bleeping90616.zip   127.37KB   2 downloadsAttached File  SysnativeFileCollectionApp.zip   995.16KB   3 downloadsThanks for you help. Attached are the two requested files.



#4 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:09:15 AM

Posted 08 September 2016 - 05:22 AM

Looks like a lot of problems with license activation.......

 

Unfortunately it appears that the system has pirated software.
Please get a legitimate copy installed and we'll be glad to help.

Here's suggestions on how to ensure that your version is legitimate:  http://windows.microsoft.com/en-us/windows/genuine

Please be aware that we may not be able to fix it (as the hacks that were done to activate it will cause the OS to behave differently than we expect it to). If that's the case, our efforts to help may just waste your time. Secondly, the forum rules prohibit assisting with pirated software - so the topic would be closed if that is the case.

As a courtesy, I will offer an analysis of your issues using the reports you provided.
I will not answer any questions about the analysis until the system is made legitimate.
If you do make it legitimate, please submit a new set of reports for us to check.

Just FYI, sometimes the owner won't know about this.  So here's 2 scenarios that might ring a bell:
- if they had a "friend" help with the computer - and the "friend" installed a pirated copy.
- or they used a copy that they had from another OEM computer.  The OEM license is tied to the hardware that it came from - so you can't just use it on another system (that means that it's pirated).

And here's the analysis:

No Windows Update hotfixes installed.  Most systems with SP1 have 350-400 or more.  Please visit Windows Update and get ALL available updates (it may take several trips to get them all).
The actual number is not important.  Rather it's important that you checked manually, installed any available updates, and didn't experience any errors when checking or updating.
 

The BSOD's seem to center around video problems - either with drivers or hardware.

Please follow these troubleshooting suggestions:  http://www.sysnative.com/forums/bsod-kernel-dump-analysis-debugging-information/35-video-tdr-timeout-0x116-0x117.html#post29532
Also, please monitor your temps with this free utility: 

SpeedFan v. 4.5.1 and later (free from here:  http://www.almico.com/sfdownload.php ) can log temperatures in a CSV file:

To make it work you have to do BOTH of the below:

1. Enable logging in general: Configure...Log...check "Enabled" then click on OK to save.

2. Enable logging for specific checks: Configure...Temperatures..left click on each sensor, then click on "Logged" at the bottom of the Window (for our purposes we want them all) then once you've selected "Logged" for all sensors, then click on OK to save.

The log will be located at C:\Program Files (x86)\SpeedFan

Naming: log files are named SFLogYYYYMMDD.csv, where YYYY is the year (four digits), MM is the month (2 digits, zero padded) and DD is the day (2 digits, zero padded). If a file already exists by that name, the file that already exists is renamed according to the following naming scheme: SFLogYYYYMMDD-CCCC.csv, where CCCC is a increasing number. The new file is then created with the standard file name scheme.

Notes: whenever you change the options related with logging, SpeedFan starts a new log file.

NOTE:You may want to turn logging off when we're done - as I don't know it's impact on performance or on the system.

 

Corsair Link is known to cause BSOD's on some systems.

Please uninstall it in order to test it out.

 

Analysis:

The following is for information purposes only. The following information contains the relevant information from the blue screen analysis:
**************************Wed Aug 24 11:12:18.792 2016 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\082416-8283-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Built by: 7601.19045.amd64fre.win7sp1_gdr.151019-1254
System Uptime:0 days 3:02:44.651
*** WARNING: Unable to verify timestamp for nvlddmkm.sys
*** ERROR: Module load completed but symbols could not be loaded for nvlddmkm.sys
Probably caused by :nvlddmkm.sys ( nvlddmkm+8420e4 )
BugCheck 116, {fffffa801363f140, fffff880050810e4, ffffffffc000009a, 4}
BugCheck Info: VIDEO_TDR_FAILURE (116)
Arguments:
Arg1: fffffa801363f140, Optional pointer to internal TDR recovery context (TDR_RECOVERY_CONTEXT).
Arg2: fffff880050810e4, The pointer into responsible device driver module (e.g. owner tag).
Arg3: ffffffffc000009a, Optional error code (NTSTATUS) of the last failed operation.
Arg4: 0000000000000004, Optional internal context dependent data.
BUGCHECK_STR:  0x116
DEFAULT_BUCKET_ID:  GRAPHICS_DRIVER_TDR_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0x116_IMAGE_nvlddmkm.sys
CPUID:        "Intel® Core™ i5-3470 CPU @ 3.20GHz"
MaxSpeed:     3200
CurrentSpeed: 3296
  BIOS Version                  2204
  BIOS Release Date             08/14/2013
  Manufacturer                  System manufacturer
  Baseboard Manufacturer        ASUSTeK COMPUTER INC.
  Product Name                  System Product Name
  Baseboard Product             P8Z77-V LX
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Tue Aug 23 08:17:11.495 2016 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\082316-6973-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Built by: 7601.19045.amd64fre.win7sp1_gdr.151019-1254
System Uptime:0 days 2:06:12.729
Probably caused by :ntkrnlmp.exe ( nt!KiSystemServiceExit+245 )
BugCheck 1, {7fefe0513fa, 0, ffff, fffff88007067b60}
BugCheck Info: APC_INDEX_MISMATCH (1)
Arguments:
Arg1: 000007fefe0513fa, Address of system call function or worker routine
Arg2: 0000000000000000, Thread->ApcStateIndex
Arg3: 000000000000ffff, (Thread->SpecialApcDisable << 16) | Thread->KernelApcDisable
Arg4: fffff88007067b60, Call type (0 - system call, 1 - worker routine)
BUGCHECK_STR:  0x1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  Ribbons.scr
FAILURE_BUCKET_ID: X64_0x1_SysCallNum_1187_nt!KiSystemServiceExit+245
CPUID:        "Intel® Core™ i5-3470 CPU @ 3.20GHz"
MaxSpeed:     3200
CurrentSpeed: 3296
  BIOS Version                  2204
  BIOS Release Date             08/14/2013
  Manufacturer                  System manufacturer
  Baseboard Manufacturer        ASUSTeK COMPUTER INC.
  Product Name                  System Product Name
  Baseboard Product             P8Z77-V LX
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Fri Aug 19 10:26:28.612 2016 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\081916-7004-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Built by: 7601.19045.amd64fre.win7sp1_gdr.151019-1254
System Uptime:0 days 1:39:56.470
*** WARNING: Unable to verify timestamp for nvlddmkm.sys
*** ERROR: Module load completed but symbols could not be loaded for nvlddmkm.sys
Probably caused by :nvlddmkm.sys ( nvlddmkm+8420e4 )
BugCheck 116, {fffffa80176aa3e0, fffff880050850e4, ffffffffc000009a, 4}
BugCheck Info: VIDEO_TDR_FAILURE (116)
Arguments:
Arg1: fffffa80176aa3e0, Optional pointer to internal TDR recovery context (TDR_RECOVERY_CONTEXT).
Arg2: fffff880050850e4, The pointer into responsible device driver module (e.g. owner tag).
Arg3: ffffffffc000009a, Optional error code (NTSTATUS) of the last failed operation.
Arg4: 0000000000000004, Optional internal context dependent data.
BUGCHECK_STR:  0x116
DEFAULT_BUCKET_ID:  GRAPHICS_DRIVER_TDR_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0x116_IMAGE_nvlddmkm.sys
CPUID:        "Intel® Core™ i5-3470 CPU @ 3.20GHz"
MaxSpeed:     3200
CurrentSpeed: 3296
  BIOS Version                  2204
  BIOS Release Date             08/14/2013
  Manufacturer                  System manufacturer
  Baseboard Manufacturer        ASUSTeK COMPUTER INC.
  Product Name                  System Product Name
  Baseboard Product             P8Z77-V LX
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``




3rd Party Drivers:

The following is for information purposes only. My recommendations were given above. The drivers that follow belong to software or devices that were not developed by Microsoft.  You can find links to the driver information and where to update the drivers in the section after the code box:

**************************Wed Aug 24 11:12:18.792 2016 (UTC - 4:00)**************************
CorsairLINK_HardwareMonitor.sys   Sat Jul 26 09:29:37 2008 (488B26C1)
intelppm.sys                      Mon Jul 13 19:19:25 2009 (4A5BC0FD)
amdxata.sys                       Fri Mar 19 12:18:18 2010 (4BA3A3CA)
athrx.sys                         Wed Apr 21 14:13:20 2010 (4BCF4040)
cmudaxp.sys                       Thu Mar 10 02:44:15 2011 (4D78814F)
WIMBLEMS.sys                      Sat Oct  8 02:08:24 2011 (4E8FE8D8)
PxHlpa64.sys                      Tue Apr 24 13:26:29 2012 (4F96E245)
iusb3hub.sys                      Mon May 21 03:21:36 2012 (4FB9ED00)
iusb3xhc.sys                      Mon May 21 03:21:40 2012 (4FB9ED04)
iusb3hcs.sys                      Mon May 21 03:23:42 2012 (4FB9ED7E)
SCDEmu.SYS                        Wed Oct 23 10:10:54 2013 (5267D8EE)
SmartDefragDriver.sys             Mon Dec 23 05:05:52 2013 (52B80B00)
HWiNFO64A.SYS                     Sun Nov 23 11:24:07 2014 (54720A27)
igdkmd64.sys                      Tue May 26 23:53:18 2015 (55653FAE)
rzendpt.sys                       Tue Aug 11 07:13:46 2015 (55C9D8EA)
rzudd.sys                         Tue Aug 11 07:13:50 2015 (55C9D8EE)
rzpnk.sys                         Wed Sep 16 20:16:35 2015 (55FA0663)
rzpmgrk.sys                       Thu Sep 17 14:42:44 2015 (55FB09A4)
nvlddmkm.sys                      Tue Nov 24 13:07:35 2015 (5654A767)
RTKVHD64.sys                      Thu Feb 18 03:23:21 2016 (56C57F79)
nvhda64v.sys                      Thu Mar 24 15:26:36 2016 (56F43F6C)
TeeDriverx64.sys                  Mon Mar 28 14:59:14 2016 (56F97F02)
Rt64win7.sys                      Fri Apr 22 02:58:00 2016 (5719CB78)


http://www.carrona.org/drivers/driver.php?id=CorsairLINK_HardwareMonitor.sys
http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=amdxata.sys
http://www.carrona.org/drivers/driver.php?id=athrx.sys
http://www.carrona.org/drivers/driver.php?id=cmudaxp.sys
http://www.carrona.org/drivers/driver.php?id=WIMBLEMS.sys
http://www.carrona.org/drivers/driver.php?id=PxHlpa64.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hub.sys
http://www.carrona.org/drivers/driver.php?id=iusb3xhc.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hcs.sys
http://www.carrona.org/drivers/driver.php?id=SCDEmu.SYS
http://www.carrona.org/drivers/driver.php?id=SmartDefragDriver.sys
http://www.carrona.org/drivers/driver.php?id=HWiNFO64A.SYS
http://www.carrona.org/drivers/driver.php?id=igdkmd64.sys
http://www.carrona.org/drivers/driver.php?id=rzendpt.sys
http://www.carrona.org/drivers/driver.php?id=rzudd.sys
http://www.carrona.org/drivers/driver.php?id=rzpnk.sys
http://www.carrona.org/drivers/driver.php?id=rzpmgrk.sys
http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
http://www.carrona.org/drivers/driver.php?id=nvhda64v.sys
http://www.carrona.org/drivers/driver.php?id=TeeDriverx64.sys
http://www.carrona.org/drivers/driver.php?id=Rt64win7.sys


 
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#5 topedge

topedge
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:15 AM

Posted 08 September 2016 - 02:09 PM

Attached File  activation.PNG   6.51KB   0 downloads

 

Hi,

Thanks for your response. I bought the machine 2nd hand. The above is snipping of activation.

Attached File  SysnativeFileCollectionApp.zip   1011.55KB   2 downloads

Attached File  090816.zip   49.22KB   1 downloads



#6 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:09:15 AM

Posted 09 September 2016 - 06:51 AM

Looks good now!  Thanks!

 

Nothing real significant in the perfmon report, nor any real big changes in the Sysnative reports.

Have you finished the tasks that I suggested?  If so, is the system still BSOD'ing?

If not, then we wait.....

 

If it goes a week without BSOD's - then it's likely to be fixed

If it goes 2 weeks without BSOD's - then it's probably fixed.


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#7 topedge

topedge
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:15 AM

Posted 15 September 2016 - 02:43 PM

Thank you. I am adding some logs for the speedfan. I was not able to post .csv file so renamed txt

Attached Files



#8 topedge

topedge
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:15 AM

Posted 21 December 2016 - 05:07 PM

Looks good now!  Thanks!

 

Nothing real significant in the perfmon report, nor any real big changes in the Sysnative reports.

Have you finished the tasks that I suggested?  If so, is the system still BSOD'ing?

If not, then we wait.....

 

If it goes a week without BSOD's - then it's likely to be fixed

If it goes 2 weeks without BSOD's - then it's probably fixed.

I am experiencing issues again and am adding zip files for your perusal.

Thanks

Attached Files



#9 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:09:15 AM

Posted 22 December 2016 - 07:47 AM

Looks like video to me - but it's hard to be certain with just one memory dump.

 

Interestingly, there are only 2 entries in the WER section of the MSINFO32 report - both from the day/time of the BSOD.

What happened to the other entries?

 

I'd suggest running Driver Verifier according to these instructions:  http://www.carrona.org/verifier.html

 

Analysis:
The following is for information purposes only. The following information contains the relevant information from the blue screen analysis:
**************************Wed Dec 21 16:02:08.100 2016 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\122116-6349-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Built by: 7601.19045.amd64fre.win7sp1_gdr.151019-1254
System Uptime:0 days 0:10:54.959
*** WARNING: Unable to verify timestamp for nvlddmkm.sys
*** ERROR: Module load completed but symbols could not be loaded for nvlddmkm.sys
Probably caused by :nvlddmkm.sys ( nvlddmkm+36b353 )
BugCheck D1, {3f8, 6, 0, fffff8800f38b353}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 00000000000003f8, memory referenced
Arg2: 0000000000000006, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff8800f38b353, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_nvlddmkm+36b353
CPUID:        "Intel® Core™ i5-3470 CPU @ 3.20GHz"
MaxSpeed:     3200
CurrentSpeed: 3296
  BIOS Version                  2204
  BIOS Release Date             08/14/2013
  Manufacturer                  System manufacturer
  Baseboard Manufacturer        ASUSTeK COMPUTER INC.
  Product Name                  System Product Name
  Baseboard Product             P8Z77-V LX
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``


3rd Party Drivers:
The following is for information purposes only. My recommendations were given above. The drivers that follow belong to software or devices that were not developed by Microsoft.  You can find links to the driver information and where to update the drivers in the section after the code box:

**************************Wed Dec 21 16:02:08.100 2016 (UTC - 5:00)**************************
intelppm.sys                Mon Jul 13 19:19:25 2009 (4A5BC0FD)
amdxata.sys                 Fri Mar 19 12:18:18 2010 (4BA3A3CA)
athrx.sys                   Wed Apr 21 14:13:20 2010 (4BCF4040)
cmudaxp.sys                 Thu Mar 10 02:44:15 2011 (4D78814F)
WIMBLEMS.sys                Sat Oct  8 02:08:24 2011 (4E8FE8D8)
PxHlpa64.sys                Tue Apr 24 13:26:29 2012 (4F96E245)
iusb3hub.sys                Mon May 21 03:21:36 2012 (4FB9ED00)
iusb3xhc.sys                Mon May 21 03:21:40 2012 (4FB9ED04)
iusb3hcs.sys                Mon May 21 03:23:42 2012 (4FB9ED7E)
speedfan.sys                Sat Dec 29 15:59:35 2012 (50DF59B7)
SCDEmu.SYS                  Wed Oct 23 10:10:54 2013 (5267D8EE)
SmartDefragDriver.sys       Mon Dec 23 05:05:52 2013 (52B80B00)
IntcDAud.sys                Tue Sep  9 08:13:01 2014 (540EEECD)
HWiNFO64A.SYS               Sun Nov 23 11:24:07 2014 (54720A27)
rzendpt.sys                 Tue Aug 11 07:13:46 2015 (55C9D8EA)
rzudd.sys                   Tue Aug 11 07:13:50 2015 (55C9D8EE)
rzpnk.sys                   Wed Sep 16 20:16:35 2015 (55FA0663)
rzpmgrk.sys                 Thu Sep 17 14:42:44 2015 (55FB09A4)
RTKVHD64.sys                Thu Feb 18 03:23:21 2016 (56C57F79)
nvhda64v.sys                Thu Mar 24 15:26:36 2016 (56F43F6C)
TeeDriverx64.sys            Mon Mar 28 14:59:14 2016 (56F97F02)
igdkmd64.sys                Mon Apr  4 13:48:36 2016 (5702A8F4)
Rt64win7.sys                Fri Apr 22 02:58:00 2016 (5719CB78)
nvlddmkm.sys                Fri Sep 16 18:19:56 2016 (57DC700C)


http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=amdxata.sys
http://www.carrona.org/drivers/driver.php?id=athrx.sys
http://www.carrona.org/drivers/driver.php?id=cmudaxp.sys
http://www.carrona.org/drivers/driver.php?id=WIMBLEMS.sys
http://www.carrona.org/drivers/driver.php?id=PxHlpa64.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hub.sys
http://www.carrona.org/drivers/driver.php?id=iusb3xhc.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hcs.sys
http://www.carrona.org/drivers/driver.php?id=speedfan.sys
http://www.carrona.org/drivers/driver.php?id=SCDEmu.SYS
http://www.carrona.org/drivers/driver.php?id=SmartDefragDriver.sys
http://www.carrona.org/drivers/driver.php?id=IntcDAud.sys
http://www.carrona.org/drivers/driver.php?id=HWiNFO64A.SYS
http://www.carrona.org/drivers/driver.php?id=rzendpt.sys
http://www.carrona.org/drivers/driver.php?id=rzudd.sys
http://www.carrona.org/drivers/driver.php?id=rzpnk.sys
http://www.carrona.org/drivers/driver.php?id=rzpmgrk.sys
http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
http://www.carrona.org/drivers/driver.php?id=nvhda64v.sys
http://www.carrona.org/drivers/driver.php?id=TeeDriverx64.sys
http://www.carrona.org/drivers/driver.php?id=igdkmd64.sys
http://www.carrona.org/drivers/driver.php?id=Rt64win7.sys
http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
 
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#10 topedge

topedge
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:15 AM

Posted 06 January 2017 - 03:08 PM

Hi. Thanks for your response and assistance. I ran the verifier and am attaching the zip files associated with it. One was before the verifier and the latter is with verifier.

Thanks

Attached Files



#11 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:09:15 AM

Posted 10 January 2017 - 06:54 AM

Neither of the memory dumps are Driver Verifier enabled.

As both point to video, I'd have to presume that the video drivers are OK (since verifier didn't crash them).

Yet, since they both involve video, I'd suspect a hardware problem.

 

I'd first start with these troubleshooting steps:  http://www.carrona.org/VideoTDR.html

I'd also run the video tests from this page:  http://www.carrona.org/hwdiag.html

 

Analysis:
The following is for information purposes only. The following information contains the relevant information from the blue screen analysis:
**************************Fri Jan  6 14:45:41.158 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\010617-9734-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Built by: 7601.19045.amd64fre.win7sp1_gdr.151019-1254
System Uptime:0 days 1:09:50.017
*** WARNING: Unable to verify timestamp for nvlddmkm.sys
*** ERROR: Module load completed but symbols could not be loaded for nvlddmkm.sys
Probably caused by :nvlddmkm.sys ( nvlddmkm+9584a0 )
BugCheck 116, {fffffa8017ba24e0, fffff8800f9624a0, ffffffffc000009a, 4}
BugCheck Info: VIDEO_TDR_FAILURE (116)
Arguments:
Arg1: fffffa8017ba24e0, Optional pointer to internal TDR recovery context (TDR_RECOVERY_CONTEXT).
Arg2: fffff8800f9624a0, The pointer into responsible device driver module (e.g. owner tag).
Arg3: ffffffffc000009a, Optional error code (NTSTATUS) of the last failed operation.
Arg4: 0000000000000004, Optional internal context dependent data.
BUGCHECK_STR:  0x116
DEFAULT_BUCKET_ID:  GRAPHICS_DRIVER_TDR_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0x116_IMAGE_nvlddmkm.sys
CPUID:        "Intel® Core™ i5-3470 CPU @ 3.20GHz"
MaxSpeed:     3200
CurrentSpeed: 3296
  BIOS Version                  2204
  BIOS Release Date             08/14/2013
  Manufacturer                  System manufacturer
  Baseboard Manufacturer        ASUSTeK COMPUTER INC.
  Product Name                  System Product Name
  Baseboard Product             P8Z77-V LX
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Fri Jan  6 12:49:08.180 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\010617-2792-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Built by: 7601.19045.amd64fre.win7sp1_gdr.151019-1254
System Uptime:0 days 1:01:06.038
*** WARNING: Unable to verify timestamp for nvlddmkm.sys
*** ERROR: Module load completed but symbols could not be loaded for nvlddmkm.sys
Probably caused by :nvlddmkm.sys ( nvlddmkm+32172d )
BugCheck D1, {400, 6, 0, fffff8800f34c72d}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000400, memory referenced
Arg2: 0000000000000006, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff8800f34c72d, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_nvlddmkm+32172d
CPUID:        "Intel® Core™ i5-3470 CPU @ 3.20GHz"
MaxSpeed:     3200
CurrentSpeed: 3296
  BIOS Version                  2204
  BIOS Release Date             08/14/2013
  Manufacturer                  System manufacturer
  Baseboard Manufacturer        ASUSTeK COMPUTER INC.
  Product Name                  System Product Name
  Baseboard Product             P8Z77-V LX
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``


3rd Party Drivers:
The following is for information purposes only. My recommendations were given above. The drivers that follow belong to software or devices that were not developed by Microsoft.  You can find links to the driver information and where to update the drivers in the section after the code box:

**************************Fri Jan  6 14:45:41.158 2017 (UTC - 5:00)**************************
intelppm.sys            Mon Jul 13 19:19:25 2009 (4A5BC0FD)
amdxata.sys             Fri Mar 19 12:18:18 2010 (4BA3A3CA)
athrx.sys               Wed Apr 21 14:13:20 2010 (4BCF4040)
cmudaxp.sys             Thu Mar 10 02:44:15 2011 (4D78814F)
WIMBLEMS.sys            Sat Oct  8 02:08:24 2011 (4E8FE8D8)
PxHlpa64.sys            Tue Apr 24 13:26:29 2012 (4F96E245)
iusb3hub.sys            Mon May 21 03:21:36 2012 (4FB9ED00)
iusb3xhc.sys            Mon May 21 03:21:40 2012 (4FB9ED04)
iusb3hcs.sys            Mon May 21 03:23:42 2012 (4FB9ED7E)
speedfan.sys            Sat Dec 29 15:59:35 2012 (50DF59B7)
SmartDefragDriver.sys   Mon Dec 23 05:05:52 2013 (52B80B00)
IntcDAud.sys            Tue Sep  9 08:13:01 2014 (540EEECD)
HWiNFO64A.SYS           Tue Mar 31 05:51:32 2015 (551A6E24)
rzendpt.sys             Tue Aug 11 07:13:46 2015 (55C9D8EA)
rzudd.sys               Tue Aug 11 07:13:50 2015 (55C9D8EE)
rzpnk.sys               Wed Sep 16 20:16:35 2015 (55FA0663)
rzpmgrk.sys             Thu Sep 17 14:42:44 2015 (55FB09A4)
RTKVHD64.sys            Thu Feb 18 03:23:21 2016 (56C57F79)
TeeDriverx64.sys        Mon Mar 28 14:59:14 2016 (56F97F02)
igdkmd64.sys            Mon Apr  4 13:48:36 2016 (5702A8F4)
zam64.sys               Wed Aug 17 13:06:53 2016 (57B499AD)
zamguard64.sys          Wed Aug 17 13:06:53 2016 (57B499AD)
nvhda64v.sys            Thu Sep 29 09:25:06 2016 (57ED1632)
SCDEmu.SYS              Sat Oct  1 20:44:13 2016 (57F0585D)
nvvad64v.sys            Tue Oct  4 03:20:09 2016 (57F35829)
Rt64win7.sys            Fri Oct  7 05:27:12 2016 (57F76A70)
nvlddmkm.sys            Sun Dec 11 13:14:23 2016 (584D977F)


http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=amdxata.sys
http://www.carrona.org/drivers/driver.php?id=athrx.sys
http://www.carrona.org/drivers/driver.php?id=cmudaxp.sys
http://www.carrona.org/drivers/driver.php?id=WIMBLEMS.sys
http://www.carrona.org/drivers/driver.php?id=PxHlpa64.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hub.sys
http://www.carrona.org/drivers/driver.php?id=iusb3xhc.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hcs.sys
http://www.carrona.org/drivers/driver.php?id=speedfan.sys
http://www.carrona.org/drivers/driver.php?id=SmartDefragDriver.sys
http://www.carrona.org/drivers/driver.php?id=IntcDAud.sys
http://www.carrona.org/drivers/driver.php?id=HWiNFO64A.SYS
http://www.carrona.org/drivers/driver.php?id=rzendpt.sys
http://www.carrona.org/drivers/driver.php?id=rzudd.sys
http://www.carrona.org/drivers/driver.php?id=rzpnk.sys
http://www.carrona.org/drivers/driver.php?id=rzpmgrk.sys
http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
http://www.carrona.org/drivers/driver.php?id=TeeDriverx64.sys
http://www.carrona.org/drivers/driver.php?id=igdkmd64.sys
http://www.carrona.org/drivers/driver.php?id=zam64.sys
http://www.carrona.org/drivers/driver.php?id=zamguard64.sys
http://www.carrona.org/drivers/driver.php?id=nvhda64v.sys
http://www.carrona.org/drivers/driver.php?id=SCDEmu.SYS
http://www.carrona.org/drivers/driver.php?id=nvvad64v.sys
http://www.carrona.org/drivers/driver.php?id=Rt64win7.sys
http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
 
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#12 topedge

topedge
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:15 AM

Posted 10 January 2017 - 05:54 PM

Thanks again for your help. I went through the list of driver updates and was able to perform most of them. 

 

athrx.sys - no workable link on Carrona

Amdxata.sys - was confusing and will study it further.

speedfan - not sure what the issue was here as I downloaded it originally since being on here from that link.

 

Found this link and useful info which helped me with the nvidia driver issues;

 

https://forums.geforce.com/default/topic/982149/pc-components/crashing-driver_irql_not_less_or_equal/

http://www.guru3d.com/files-details/display-driver-uninstaller-download.html

 

I went through the driver uninstaller process and reinstalled per geforce site. I seem to have some stability and will update as it progresses.

 

The speed fan shows high temps and this machine is liquid cooled which I know nothing about :). I will post logs of the speed fan for your analysis.

 

Thanks.



#13 topedge

topedge
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:15 AM

Posted 10 January 2017 - 07:07 PM

speed fan logs seem to be saved as .csv and when I try to attach it it says not permitted to upload this kind of file. so I zipped them

Attached Files



#14 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:09:15 AM

Posted 11 January 2017 - 09:17 AM

The log files only have "seconds" in them.
Please just let me know what the temps got up to and we'll work from there.


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#15 topedge

topedge
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:15 AM

Posted 12 January 2017 - 04:03 PM

     Thank you.

 

Sys Fan;  0 RPM

CPU Fan; 2268 RPM

Aux Fan;  774 RPM

Aux1 Fan: 977 RPM

Aux2 Fan; 0 RPM

 

GPU:       30C

System:   22C

CPU:       28C

AUXTIN0:22C

AUXTIN1:114C

AUXTIN2:114C

AUXTIN3:40C

Temp1:    28C

Temp2:    30C

 

Thanks






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users