Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random BSOD for almost 3 days.


  • This topic is locked This topic is locked
11 replies to this topic

#1 Ansol2000

Ansol2000

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:59 AM

Posted 03 June 2018 - 03:43 PM

Hey everyone,
Its been almost 3 days since i keep getting blue screens whenever i try to play games such as Perfect World,B&S,BDO,Evilwhitin H1Z1 etc.
Also sometimes my games freeze(not responding) but if i unplug and plug back the HDMI cable from my monitor games will unfreeze and sometimes the green will just go black for a few secs and comes back.

Things i've tried so far:
-Clean reinstall of my graphic drivers (used the UUD tool and manually downloaded drivers)
-Updated my BIOS

My specs are:
CPU-Ryzen 1500x
GPU-1050 TI 4 GB
Ram- 2x 4 GB @3200 (atm running em only at 2133)
HDD-1 TB
SSD-250 EVO SSD 
PSU-EVGA 600 W Bronze.

 


Edited by hamluis, 05 June 2018 - 01:19 PM.
Moved from Crahses/BSODs to Internal Hardware - Hamluis.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,552 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:59 PM

Posted 05 June 2018 - 01:18 PM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy taking care to post the link of the snapshot in your next post.

   Go to Piriform's website, and download the free version on the left.  Click Download from Piriform.com (the FileHippo link requires an extra click). Or if you want to use a portable version of Speccy (which doesn't require installation), click the builds page link and download the portable version. You will now be asked where you want to save the file. The best place to put it is the Desktop, as it will be easy to find later.

    After the file finishes downloading, you are ready to run Speccy. If you downloaded the installer, simply double-click on it and follow the prompts until installation is complete. If you downloaded the portable version, you will need to unzip it before use. Right-click the ZIP file and click Extract all. Click Next. Open up the extracted folder and double-click on Speccy.
 
     Once inside Speccy, it will look similar to this (with your computer's specifications, of course):
 
post-33068-0-86653600-1480692866_thumb.j

     Now, at the top, click File > Publish Snapshot.

     Click Yes > then Copy to Clipboard

Now, once you are back in the forum topic you are posting in, click the ADD REPLY or REPLY TO THIS TOPIC button. Right-click in the empty space of the Reply box and click Paste. Then, click Add Reply below the Reply box.

Louis



#3 softwaremaniac

softwaremaniac

  • Malware Study Hall Senior
  • 790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Croatia
  • Local time:01:59 AM

Posted 07 June 2018 - 08:06 PM

Hi,

is the PC clean of dust? What load temps are you getting?

 

Also, please test your RAM and power, because I have had a case of bad RAM that was behaving the same way.


Edited by softwaremaniac, 07 June 2018 - 08:07 PM.


#4 Ansol2000

Ansol2000
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:59 AM

Posted 08 June 2018 - 01:21 PM

Hi,

is the PC clean of dust? What load temps are you getting?

 

Also, please test your RAM and power, because I have had a case of bad RAM that was behaving the same way.

Hello yes i did clean it like 2 days before i posted this thread.

@hamluis
Thank you will be donwloading that sofware when i get home and post the results later.


Edited by Ansol2000, 08 June 2018 - 01:21 PM.


#5 Ansol2000

Ansol2000
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:59 AM

Posted 08 June 2018 - 01:33 PM

Here is what hamluis asked me for.

http://speccy.piriform.com/results/oHBcZjmQoolSNLI0fOR2kyC

And thank your for reply!

Edit:seems like i couldn't attach the txt. file so i uploaded it here: http://www.fast-files.com/getfile.aspx?file=163794
 


Edited by Ansol2000, 08 June 2018 - 01:36 PM.


#6 softwaremaniac

softwaremaniac

  • Malware Study Hall Senior
  • 790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Croatia
  • Local time:01:59 AM

Posted 09 June 2018 - 11:57 AM

Have you done the HW tests?



#7 Ansol2000

Ansol2000
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:59 AM

Posted 10 June 2018 - 10:17 AM

Have you done the HW tests?

Uh,if you mean running mdsched.exe then yes.

Also got this today.. yet again.

==================================================
Filename          : athwnx.sys
Address In Stack  : athwnx.sys+238c5f
From Address      : fffff80e`4f1e0000
To Address        : fffff80e`4f607000
Size              : 0x00427000
Time Stamp        : 0x56d55527
Time String       : 3/1/2016 10:39:03
Product Name      : Driver for Qualcomm Atheros CB42/CB43/MB42/MB43 Network Adapter
File Description  : Qualcomm Atheros Extensible Wireless LAN device driver
File Version      : 3.0.2.202
Company           : Qualcomm Atheros Communications, Inc.
Full Path         : C:\WINDOWS\system32\drivers\athwnx.sys
==================================================
 
==================================================
Filename          : dxgmms2.sys
Address In Stack  : dxgmms2.sys+2b863
From Address      : fffff80e`4f0b0000
To Address        : fffff80e`4f176000
Size              : 0x000c6000
Time Stamp        : 0x84b4e417
Time String       : 7/21/2040 03:36:23
Product Name      : Microsoft® Windows® Operating System
File Description  : DirectX Graphics MMS
File Version      : 10.0.17134.81 (WinBuild.160101.0800)
Company           : Microsoft Corporation
Full Path         : C:\WINDOWS\system32\drivers\dxgmms2.sys
==================================================
 
==================================================
Filename          : watchdog.sys
Address In Stack  : watchdog.sys+331e
From Address      : fffff80e`4e0f0000
To Address        : fffff80e`4e104000
Size              : 0x00014000
Time Stamp        : 0x702f9eef
Time String       : 8/23/2029 10:44:31
Product Name      : Microsoft® Windows® Operating System
File Description  : Watchdog Driver
File Version      : 10.0.17134.1 (WinBuild.160101.0800)
Company           : Microsoft Corporation
Full Path         : C:\WINDOWS\system32\drivers\watchdog.sys
==================================================

 


Edited by Ansol2000, 10 June 2018 - 10:20 AM.


#8 softwaremaniac

softwaremaniac

  • Malware Study Hall Senior
  • 790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Croatia
  • Local time:01:59 AM

Posted 10 June 2018 - 10:24 AM

Update your wireless driver please.



#9 Ansol2000

Ansol2000
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:59 AM

Posted 12 June 2018 - 10:44 PM

Update your wireless driver please.

Did,still getting BosD
http://prntscr.com/juariu
http://prntscr.com/juarku



#10 hamluis

hamluis

    Moderator


  • Moderator
  • 55,552 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:59 PM

Posted 13 June 2018 - 10:24 AM

The link you supplied...with MTB text file...results in a malware flag by my system when I attempt to download it.

 

Louis

 

I've managed to copy/paste the data below.

 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by index (administrator) on 08-06-2018 at 20:23:05
Running from "C:\Users\index\Downloads\Programs"
Microsoft Windows 10 Home  (X64)
Model: To Be Filled By O.E.M. Manufacturer: To Be Filled By O.E.M
.
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/08/2018 04:18:06 PM) (Source: Perflib) (User: )
Description: rdyboost4

Error: (06/08/2018 04:18:05 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (06/08/2018 11:47:41 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
Operation:
   Executing Asynchronous Operation
Context:
   Current State: DoSnapshotSet

Error: (06/07/2018 05:47:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: NCLauncher2.exe, version: 2.1.1.310, time stamp: 0x5b078453
Faulting module name: KERNELBASE.dll, version: 10.0.17134.1, time stamp: 0x149ab0fd
Exception code: 0xc000041d
Fault offset: 0x0010d722
Faulting process id: 0x3b354
Faulting application start time: 0xNCLauncher2.exe0
Faulting application path: NCLauncher2.exe1
Faulting module path: NCLauncher2.exe2
Report Id: NCLauncher2.exe3
Faulting package full name: NCLauncher2.exe4
Faulting package-relative application ID: NCLauncher2.exe5

Error: (06/07/2018 05:47:30 PM) (Source: Application Error) (User: )
Description: Faulting application name: NCLauncher2.exe, version: 2.1.1.310, time stamp: 0x5b078453
Faulting module name: KERNELBASE.dll, version: 10.0.17134.1, time stamp: 0x149ab0fd
Exception code: 0xe0434352
Fault offset: 0x0010d722
Faulting process id: 0x3b354
Faulting application start time: 0xNCLauncher2.exe0
Faulting application path: NCLauncher2.exe1
Faulting module path: NCLauncher2.exe2
Report Id: NCLauncher2.exe3
Faulting package full name: NCLauncher2.exe4
Faulting package-relative application ID: NCLauncher2.exe5

Error: (06/07/2018 05:47:29 PM) (Source: .NET Runtime) (User: )
Description: Application: NCLauncher2.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at MS.Win32.UnsafeNativeMethods.CreateWindowEx(Int32, System.String, System.String, Int32, Int32, Int32, Int32, Int32, System.Runtime.InteropServices.HandleRef, System.Runtime.InteropServices.HandleRef, System.Runtime.InteropServices.HandleRef, System.Object)
   at MS.Win32.HwndWrapper..ctor(Int32, Int32, Int32, Int32, Int32, Int32, Int32, System.String, IntPtr, MS.Win32.HwndWrapperHook[])
   at System.Windows.Interop.HwndSource.Initialize(System.Windows.Interop.HwndSourceParameters)
   at System.Windows.Window.CreateSourceWindow(Boolean)
   at System.Windows.Window.CreateSourceWindowDuringShow()
   at System.Windows.Window.SafeCreateWindowDuringShow()
   at System.Windows.Window.ShowHelper(System.Object)
   at System.Windows.Window.Show()
   at System.Windows.Window.ShowDialog()
   at DynamicClass.(System.Object)
   at A.cf6d6a6ff8e849e0a329cee088519d8b8.c48f3e9887206447fafd5fd13106d1d0c(System.Object)
   at NCLauncherW.App.App_DispatcherUnhandledException(System.Object, System.Windows.Threading.DispatcherUnhandledExceptionEventArgs)
   at System.Windows.Threading.Dispatcher.CatchException(System.Exception)
   at System.Windows.Threading.Dispatcher.CatchExceptionStatic(System.Object, System.Exception)
   at System.Windows.Threading.ExceptionWrapper.CatchException(System.Object, System.Exception, System.Delegate)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

Error: (06/07/2018 03:23:23 PM) (Source: Perflib) (User: )
Description: rdyboost4

Error: (06/07/2018 03:23:22 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (06/06/2018 03:26:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: BnS Buddy Updater.exe, version: 2.5.1.4, time stamp: 0x5b001f83
Faulting module name: KERNELBASE.dll, version: 10.0.17134.1, time stamp: 0x701ca188
Exception code: 0xe0434352
Fault offset: 0x000000000003f218
Faulting process id: 0x1d10
Faulting application start time: 0xBnS Buddy Updater.exe0
Faulting application path: BnS Buddy Updater.exe1
Faulting module path: BnS Buddy Updater.exe2
Report Id: BnS Buddy Updater.exe3
Faulting package full name: BnS Buddy Updater.exe4
Faulting package-relative application ID: BnS Buddy Updater.exe5

Error: (06/06/2018 03:26:23 PM) (Source: .NET Runtime) (User: )
Description: Application: BnS Buddy Updater.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at System.IO.__Error.WinIOError(Int32, System.String)
   at System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
   at System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)
   at System.IO.StreamReader..ctor(System.String, System.Text.Encoding, Boolean, Int32, Boolean)
   at System.IO.StreamReader..ctor(System.String, System.Text.Encoding)
   at System.IO.File.ReadLines(System.String)
   at WindowsFormsApplication6.Form1+Prompt.Popup(System.String)
   at WindowsFormsApplication6.Form1.CheckIsAdministrator()
   at WindowsFormsApplication6.Form1..ctor()
   at WindowsFormsApplication6.Preloader..ctor()
   at WindowsFormsApplication6.Program.Main()


System errors:
=============
Error: (06/08/2018 08:19:14 PM) (Source: DCOM) (User: DESKTOP-504MG83)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-504MG83indexS-1-5-21-1803884292-772533346-82621611-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/08/2018 08:11:05 PM) (Source: DCOM) (User: DESKTOP-504MG83)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-504MG83indexS-1-5-21-1803884292-772533346-82621611-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/08/2018 07:59:33 PM) (Source: DCOM) (User: DESKTOP-504MG83)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}DESKTOP-504MG83indexS-1-5-21-1803884292-772533346-82621611-1001LocalHost (Using LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (06/08/2018 07:59:30 PM) (Source: DCOM) (User: DESKTOP-504MG83)
Description: application-specificLocalActivation{8BC3F05E-D86B-11D0-A075-00C04FB68820}{8BC3F05E-D86B-11D0-A075-00C04FB68820}DESKTOP-504MG83indexS-1-5-21-1803884292-772533346-82621611-1001LocalHost (Using LRPC)Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewyS-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723

Error: (06/08/2018 07:25:37 PM) (Source: Service Control Manager) (User: )
Description: The nProtect GameGuard Service service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (06/08/2018 07:04:57 PM) (Source: DCOM) (User: DESKTOP-504MG83)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-504MG83indexS-1-5-21-1803884292-772533346-82621611-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/08/2018 06:54:19 PM) (Source: DCOM) (User: DESKTOP-504MG83)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-504MG83indexS-1-5-21-1803884292-772533346-82621611-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/08/2018 06:19:47 PM) (Source: DCOM) (User: DESKTOP-504MG83)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-504MG83indexS-1-5-21-1803884292-772533346-82621611-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/08/2018 06:11:15 PM) (Source: DCOM) (User: DESKTOP-504MG83)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-504MG83indexS-1-5-21-1803884292-772533346-82621611-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (06/08/2018 05:47:53 PM) (Source: DCOM) (User: DESKTOP-504MG83)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-504MG83indexS-1-5-21-1803884292-772533346-82621611-1001LocalHost (Using LRPC)UnavailableUnavailable


Microsoft Office Sessions:
=========================
Error: (06/08/2018 04:18:06 PM) (Source: Perflib)(User: )
Description: rdyboost4

Error: (06/08/2018 04:18:05 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (06/08/2018 11:47:41 AM) (Source: VSS)(User: )
Description: QueryFullProcessImageNameW0x80070006, The handle is invalid.
Operation:
   Executing Asynchronous Operation
Context:
   Current State: DoSnapshotSet

Error: (06/07/2018 05:47:41 PM) (Source: Application Error)(User: )
Description: NCLauncher2.exe2.1.1.3105b078453KERNELBASE.dll10.0.17134.1149ab0fdc000041d0010d722 3b35 401d3fe76b88d2aa7C:\Program Files (x86)\NCSOFT\NC Launcher 2\NCLauncher2.exeC:\WINDOWS\System32\KERNELBASE.dll3d035491-1478-4c7b-989c-449c027d687e

Error: (06/07/2018 05:47:30 PM) (Source: Application Error)(User: )
Description: NCLauncher2.exe2.1.1.3105b078453KERNELBASE.dll10.0.17134.1149ab0fde04343520010d7 223b35401d3fe76b88d2aa7C:\Program Files (x86)\NCSOFT\NC Launcher 2\NCLauncher2.exeC:\WINDOWS\System32\KERNELBASE.dllde3e0c53-bc76-441d-b2e9-9bbcf8c7b731

Error: (06/07/2018 05:47:29 PM) (Source: .NET Runtime)(User: )
Description: Application: NCLauncher2.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at MS.Win32.UnsafeNativeMethods.CreateWindowEx(Int32, System.String, System.String, Int32, Int32, Int32, Int32, Int32, System.Runtime.InteropServices.HandleRef, System.Runtime.InteropServices.HandleRef, System.Runtime.InteropServices.HandleRef, System.Object)
   at MS.Win32.HwndWrapper..ctor(Int32, Int32, Int32, Int32, Int32, Int32, Int32, System.String, IntPtr, MS.Win32.HwndWrapperHook[])
   at System.Windows.Interop.HwndSource.Initialize(System.Windows.Interop.HwndSourceParameters)
   at System.Windows.Window.CreateSourceWindow(Boolean)
   at System.Windows.Window.CreateSourceWindowDuringShow()
   at System.Windows.Window.SafeCreateWindowDuringShow()
   at System.Windows.Window.ShowHelper(System.Object)
   at System.Windows.Window.Show()
   at System.Windows.Window.ShowDialog()
   at DynamicClass.(System.Object)
   at A.cf6d6a6ff8e849e0a329cee088519d8b8.c48f3e9887206447fafd5fd13106d1d0c(System.Object)
   at NCLauncherW.App.App_DispatcherUnhandledException(System.Object, System.Windows.Threading.DispatcherUnhandledExceptionEventArgs)
   at System.Windows.Threading.Dispatcher.CatchException(System.Exception)
   at System.Windows.Threading.Dispatcher.CatchExceptionStatic(System.Object, System.Exception)
   at System.Windows.Threading.ExceptionWrapper.CatchException(System.Object, System.Exception, System.Delegate)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

Error: (06/07/2018 03:23:23 PM) (Source: Perflib)(User: )
Description: rdyboost4

Error: (06/07/2018 03:23:22 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (06/06/2018 03:26:23 PM) (Source: Application Error)(User: )
Description: BnS Buddy Updater.exe2.5.1.45b001f83KERNELBASE.dll10.0.17134.1701ca188e0 43435200000000000 3f21 81d1001d3fd99f68f3672C:\Users\index\Downloads\Compressed\BnS Buddy Updater\BnS Buddy Updater.exeC:\WINDOWS\System32\KERNELBASE.dll16606d8b-eca3-4850-bf89-907cef66aed9

Error: (06/06/2018 03:26:23 PM) (Source: .NET Runtime)(User: )
Description: Application: BnS Buddy Updater.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
   at System.IO.__Error.WinIOError(Int32, System.String)
   at System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
   at System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)
   at System.IO.StreamReader..ctor(System.String, System.Text.Encoding, Boolean, Int32, Boolean)
   at System.IO.StreamReader..ctor(System.String, System.Text.Encoding)
   at System.IO.File.ReadLines(System.String)
   at WindowsFormsApplication6.Form1+Prompt.Popup(System.String)
   at WindowsFormsApplication6.Form1.CheckIsAdministrator()
   at WindowsFormsApplication6.Form1..ctor()
   at WindowsFormsApplication6.Preloader..ctor()
   at WindowsFormsApplication6.Program.Main()


CodeIntegrity Errors:
===================================
  Date: 2018-06-04 09:18:32.590
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\cldflt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2018-06-03 22:11:59.538
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f32bf428bbff8aa5\nvlddmkm.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2018-06-02 19:37:07.689
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\WUDFRd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.5.3.44428 - BitTorrent Inc.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Flash Player 30 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Blade & Soul (HKLM-x32\...\{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Discord (HKCU\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 397.93 - NVIDIA Corporation) Hidden
foobar2000 v1.3.17 (HKLM-x32\...\foobar2000) (Version: 1.3.17 - Peter Pawlowski)
Gamez Black Desert Online Launcher (HKLM-x32\...\{29028B7B-4F2B-4EF2-9293-98D3CD686894}) (Version: 2.36 - GamezBD)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.79 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
H1Z1 (HKLM\...\Steam App 433850) (Version:  - Daybreak Game Company)
IDM Crack 6.30 build 7 (HKLM-x32\...\IDM Crack 6.30 build 7) (Version: 6.30 build 7 - Crackingpatching.com Team)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MusicBee 3.1 (HKLM-x32\...\MusicBee) (Version: 3.1 - Steven Mayall)
NC Launcher 2 (HKLM-x32\...\NCLauncherW_plaync) (Version:  - NCSOFT)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
Node.js (HKLM\...\{E292EB4D-988D-42CE-B042-68E7A83603BA}) (Version: 0.10.26 - Joyent, Inc. and other Node contributors)
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 397.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 397.93 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA Graphics Driver 397.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 397.93 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.0.1 - OBS Project)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.0.0 - Popcorn Time)
SoulWorker (HKLM\...\Steam App 630100) (Version:  - Lion Games Co., Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{B926966E-0517-11E7-9D65-C2A106E0D44C}) (Version: 14.0.244 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
블레이드 & 소울 (HKLM-x32\...\{2D6AA12F-6925-45C0-AD48-F54333781705}) (Version: 5.4.1.5272 - NCSOFT) Hidden
블레이드 & 소울 (HKLM-x32\...\InstallShield_{2D6AA12F-6925-45C0-AD48-F54333781705}) (Version: 5.4.1.5272 - NCSOFT)

========================= Memory info: ===================================
Percentage of memory in use: 35%
Total physical RAM: 8124.8 MB
Available physical RAM: 5275.32 MB
Total Virtual: 14780.8 MB
Available Virtual: 9516.14 MB

========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:930.97 GB) (Free:601.44 GB) NTFS
2 Drive g: (SSD) (Fixed) (Total:232.88 GB) (Free:117.99 GB) NTFS

========================= Users: ========================================
User accounts for \\DESKTOP-504MG83

Administrator            DefaultAccount           Guest                    
index                    WDAGUtilityAccount       


**** End of log ****


Edited by hamluis, 13 June 2018 - 05:44 PM.


#11 Ansol2000

Ansol2000
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:59 AM

Posted 13 June 2018 - 03:29 PM

The link you supplied...with MTB text file...results in a malware flag by my system when I attempt to download it.

 

Louis

Oh that's strange,i assure you its the txt file from MTB but i will post here the whole thing.

Since i can't post the whole thing here hope this help
https://pastebin.com/UAhwcFmR


#12 hamluis

hamluis

    Moderator


  • Moderator
  • 55,552 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:59 PM

Posted 13 June 2018 - 05:50 PM

Now that I can actually read the MTB data...I see why my system may have flagged it as malware.  Your list of installed software includes cracked software.

 

This forum does not deal with such...we cannot/do not support the use of illegal software...including illegal software which may be malicious.  From the BC Forum Rules:  "No subject matter will be allowed whose purpose is to defeat existing copyright or security measures. If a user persists and/or the activity is obviously illegal the staff reserves the right to remove such content and/or ban the user. This would also mean encouraging the use or continued use of pirated software is not permitted, and subject to the same consequences."

 

I suggest you initiate a new topic in the Malware Removal Logs forum, supplying the FRST data which is requested at Prep Guide.

 

This topic is now closed.

 

Louis






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users