Tech Support Forum banner
Status
Not open for further replies.

BSOD within 5 minutes of logging into windows - FSPFltd.sys

3K views 13 replies 2 participants last post by  tetonbob 
#1 ·
Hello all,

First of all I want to thank Wrench97 for helping me get this far in http://www.techsupportforum.com/forums/f299/bsod-when-opening-programs-1019666.html#post6471026

My bsods seem to be because of FSPFltd.sys and it was recommended that I post here to see if the issue I'm experiencing can be resolved. I do have a Windows 7 disk that I used to originally install Windows on this machine. The details of my problem can be found at the above link. Thanks for all your help!

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17840 BrowserJavaVersion: 11.31.2
Run by Melad at 15:54:14 on 2015-07-19
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8150.5778 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ASRock\XFast LAN\spd.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Security Client\msseces.exe
E:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
C:\Users\Melad\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
E:\Program Files (x86)\GoPro\GoPro\Tools\Importer\GoPro Importer.exe
C:\Program Files (x86)\XFastUSB\XFastUsb.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
BHO: Wondershare Video Converter Ultimate 7.1.0: {451C804F-C205-4F03-B48E-537EC94937BF} -
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
uRun: [ASRockXTU] <no file>
mRun: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [PeachtreePrefetcher.exe] C:\Program Files (x86)\Sage\Peachtree\PeachtreePrefetcher.exe /configfile:peachtreeprefetcher.winstart.config
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
mRun: [DelaypluginInstall] C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
StartupFolder: C:\Users\Melad\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMEST~1.LNK - E:\Program Files (x86)\GameStop App\Now\GameStopNow.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GOPROI~1.LNK - E:\Program Files (x86)\GoPro\GoPro\Tools\Importer\GoPro Importer.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{4B285B65-F2E7-4BFB-9D4F-8F9D7F3788E3} : DHCPNameServer = 75.75.75.75 75.75.76.76
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - <orphaned>
SSODL: WebCheck - <orphaned>
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-Run: [XFast LAN] C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
x64-Run: [THXCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Melad\AppData\Roaming\Mozilla\Firefox\Profiles\n3721w91.default-1415774017008\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017300.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
FF - plugin: C:\Users\Melad\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll
FF - plugin: C:\Users\Melad\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Melad\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AsrRamDisk;AsrRamDisk;C:\Windows\System32\drivers\AsrRamDisk.sys [2012-7-8 31016]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2015-3-4 280376]
R1 FNETURPX;FNETURPX;C:\Windows\System32\drivers\FNETURPX.SYS [2012-7-8 15936]
R2 AODDriver4.2.0;AODDriver4.2.0;C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2012-6-25 57512]
R2 AODService;AODService;C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2012-6-25 136648]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-9-26 2739888]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-1-26 1152656]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 124568]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-1-26 1884304]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-1-26 22997648]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-4-4 167424]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-5-18 410768]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-12-15 450848]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-3-4 126952]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-3-4 390632]
R3 AsrVDrive;AsrVDrive;C:\Windows\System32\drivers\AsrVDrive.sys [2012-7-8 23048]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-12-15 351392]
R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2007-5-11 50208]
R3 LVUVC64;Logitech HD Pro Webcam C920(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-12-15 4862368]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-4-30 366544]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-1-26 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2015-1-26 38032]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-7-8 471144]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-7-8 56448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 BRSptStub;BitRaider Mini-Support Service Stub Loader;C:\ProgramData\BitRaider\BRSptStub.exe [2014-11-10 363208]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-1-22 108800]
S3 FNETTBOH_305;FNETTBOH_305;C:\Windows\System32\drivers\FNETTBOH_305.SYS [2012-7-8 32320]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-7-14 137336]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2012-12-7 36928]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-6-9 114688]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
S3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\System32\drivers\lvpopf64.sys [2007-5-11 1361952]
S3 Origin Client Service;Origin Client Service;E:\Program Files (x86)\Origin\OriginClientService.exe [2012-1-11 1931632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-6-15 19456]
S3 RemoteControl-USBLAN;RemoteControl-USBLAN;C:\Windows\System32\drivers\rcblan.sys [2012-12-4 46616]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-1-22 206080]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2013-10-15 42184]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-9-17 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-6-15 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-8-15 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-8 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2015-07-19 21:47:41 12221144 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1D425469-D55E-4AAA-B51F-E02EB01467ED}\mpengine.dll
2015-07-17 05:27:37 0 ----a-w- C:\Program Files (x86)\GUTECDE.tmp
2015-07-17 05:27:37 -------- d-----w- C:\Program Files (x86)\GUMECDD.tmp
2015-07-17 05:04:01 12221144 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-07-17 04:36:51 -------- d-----w- C:\Users\Melad\AppData\Local\CrashDumps
2015-07-12 21:16:54 1190000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{17178FFC-5F4F-4852-9B34-C0F8F7D2CAC1}\gapaengine.dll
2015-07-06 22:24:16 -------- d-----w- C:\Users\Melad\AppData\Local\Fallout3
2015-07-06 22:23:48 -------- d-----w- C:\Windows\SysWow64\xlive
2015-07-06 22:23:48 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2015-07-04 16:05:58 -------- d-----w- C:\Users\Melad\AppData\Local\CEF
.
==================== Find3M ====================
.
2015-07-05 10:08:23 300704 ------w- C:\Windows\System32\MpSigStub.exe
2015-05-25 18:24:00 5569984 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-05-25 18:23:59 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-05-25 18:23:59 155584 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-05-25 18:21:21 1728960 ----a-w- C:\Windows\System32\ntdll.dll
2015-05-25 18:18:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2015-05-25 18:18:56 22016 ----a-w- C:\Windows\System32\credssp.dll
2015-05-25 18:18:54 879104 ----a-w- C:\Windows\System32\advapi32.dll
2015-05-25 18:18:45 47104 ----a-w- C:\Windows\System32\typeperf.exe
2015-05-25 18:18:45 404992 ----a-w- C:\Windows\System32\tracerpt.exe
2015-05-25 18:18:39 112640 ----a-w- C:\Windows\System32\smss.exe
2015-05-25 18:18:32 296960 ----a-w- C:\Windows\System32\rstrui.exe
2015-05-25 18:18:30 43008 ----a-w- C:\Windows\System32\relog.exe
2015-05-25 18:18:19 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-05-25 18:18:19 104448 ----a-w- C:\Windows\System32\logman.exe
2015-05-25 18:18:11 19456 ----a-w- C:\Windows\System32\diskperf.exe
2015-05-25 18:18:08 338432 ----a-w- C:\Windows\System32\conhost.exe
2015-05-25 18:18:04 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-05-25 18:14:26 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-05-25 18:14:04 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-05-25 18:07:34 3989440 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07:34 3934144 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04:08 1310744 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-05-25 18:00:44 40448 ----a-w- C:\Windows\SysWow64\typeperf.exe
2015-05-25 18:00:40 364544 ----a-w- C:\Windows\SysWow64\tracerpt.exe
2015-05-25 18:00:28 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2015-05-25 18:00:25 37888 ----a-w- C:\Windows\SysWow64\relog.exe
2015-05-25 18:00:17 82944 ----a-w- C:\Windows\SysWow64\logman.exe
2015-05-25 18:00:09 17408 ----a-w- C:\Windows\SysWow64\diskperf.exe
2015-05-25 18:00:04 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-05-25 17:59:52 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-05-25 17:59:52 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2015-05-25 17:59:51 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2015-05-25 17:57:31 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-05-25 17:57:15 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-05-25 17:08:39 3206144 ----a-w- C:\Windows\System32\win32k.sys
2015-05-25 17:00:56 36864 ----a-w- C:\Windows\System32\UtcResources.dll
2015-05-25 16:50:38 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2015-05-25 16:50:36 2048 ----a-w- C:\Windows\SysWow64\user.exe
2015-05-25 16:48:25 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-05-25 16:48:25 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 16:48:25 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 16:48:25 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-05-23 03:28:17 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-05-23 03:15:54 503808 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-05-23 03:15:40 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-05-23 03:15:02 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-05-23 03:14:51 341504 ----a-w- C:\Windows\SysWow64\html.iec
2015-05-23 03:13:48 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-05-23 03:05:21 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-05-23 03:04:50 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-05-23 02:52:43 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-05-23 02:47:31 4305920 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-05-23 02:37:45 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-05-23 02:37:25 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-05-23 02:20:35 1950720 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-05-22 19:16:55 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-05-22 19:16:44 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-05-22 19:01:42 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-05-22 19:00:54 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-05-22 19:00:47 417792 ----a-w- C:\Windows\System32\html.iec
2015-05-22 19:00:25 584192 ----a-w- C:\Windows\System32\vbscript.dll
2015-05-22 18:59:27 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-05-22 18:52:21 6026240 ----a-w- C:\Windows\System32\jscript9.dll
2015-05-22 18:47:49 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-05-22 18:47:34 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-05-22 18:47:03 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-05-22 18:40:17 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-05-22 18:29:31 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-05-22 18:18:41 700416 ----a-w- C:\Windows\System32\generaltel.dll
2015-05-22 18:18:29 757248 ----a-w- C:\Windows\System32\invagent.dll
2015-05-22 18:18:24 423424 ----a-w- C:\Windows\System32\devinv.dll
2015-05-22 18:18:22 1021440 ----a-w- C:\Windows\System32\appraiser.dll
2015-05-22 18:18:21 45568 ----a-w- C:\Windows\System32\acmigration.dll
2015-05-22 18:18:21 227328 ----a-w- C:\Windows\System32\aepdu.dll
2015-05-22 18:13:03 1119232 ----a-w- C:\Windows\System32\aeinv.dll
2015-05-22 18:05:28 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-05-22 18:05:06 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-05-22 17:50:20 2426880 ----a-w- C:\Windows\System32\wininet.dll
2015-05-21 13:19:52 193536 ----a-w- C:\Windows\System32\aepic.dll
2015-05-13 06:52:35 31552 ----a-w- C:\Windows\System32\nvhdap64.dll
2015-05-13 06:52:35 195912 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2015-05-13 06:52:35 1558848 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2015-05-12 03:30:36 937288 ----a-w- C:\Windows\System32\nvvsvc.exe
2015-05-12 03:30:36 62608 ----a-w- C:\Windows\System32\nvshext.dll
2015-05-12 03:30:36 385352 ----a-w- C:\Windows\System32\nvmctray.dll
2015-05-12 03:30:36 2558608 ----a-w- C:\Windows\System32\nvsvcr.dll
2015-05-12 03:30:35 6872392 ----a-w- C:\Windows\System32\nvcpl.dll
2015-05-12 03:30:35 3490448 ----a-w- C:\Windows\System32\nvsvc64.dll
2015-05-12 02:34:08 571024 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2015-05-11 17:01:17 4391871 ----a-w- C:\Windows\System32\nvcoproc.bin
2015-05-01 16:51:27 1316184 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2015-05-01 16:51:27 1316000 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2015-05-01 16:50:57 1756424 ----a-w- C:\Windows\System32\nvspbridge64.dll
2015-05-01 16:50:57 1570672 ----a-w- C:\Windows\System32\nvspcap64.dll
2015-05-01 13:17:03 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16:41 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-29 18:21:50 5120 ----a-w- C:\Windows\System32\msdxm.ocx
2015-04-29 18:21:50 5120 ----a-w- C:\Windows\System32\dxmasf.dll
2015-04-29 18:21:46 9728 ----a-w- C:\Windows\System32\spwmp.dll
.
============= FINISH: 15:54:27.99 ===============
 

Attachments

See less See more
#2 ·
Hi mzahedi15. I'm not seeing any indication of malware issues in those logs, which is what this forum is for. I'm also not seeing the service that would normally be using that file.

Let's run a different tool and see what we can see.

Please download Farbar Recovery Scan Tool (FRST) and save it to your desktop.

* For 64-bit (x64) editions of Windows: http://download.bleepingcomputer.com/farbar/FRST64.exe

# Double-click on FRST64.exe to run it.
# When the tool opens click Yes to disclaimer.
# Leave all settings as they are.
# Press the Scan button.
# When the scan is done, it will save the reports to the same location as “FRST” (if you had saved “FRST” on your desktop, then the reports will be saved on the desktop). Please attach FRST.txt to your reply.
# The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.


It would be better for you and me if you can attach the reports instead of copying and pasting them. The forum software changes the format which makes them difficult to work with.
 
#4 ·
Hi mzahedi15. No need to apologize, Wrench97 is just being cautious and we're here to help. I still don't see anything to suggest this is infection related, but let's continue looking.

Download TDSSKiller.exe to your desktop
http://media.kaspersky.com/utilities/VirusUtilities/EN/tdsskiller.exe
Execute TDSSKiller.exe by doubleclicking on it.
Click Accept on the End User License Agreement.
Click Accept or Decline on the KSN Statement
Press Start Scan
If Malicious objects are found, select Skip by changing the default Cure selection at the upper right
Once complete, a log will be produced at the root drive which is typically C:\
For example, C:\TDSSKiller.3.0.0.19_date_time_log.txt
Attach that log, please.

Next...
Please download SystemLook from the link below and save it to your Desktop.
http://jpshortstuff.247fixes.com/beta/SystemLook/SystemLook_x64.exe
http://downloads.malwareremoval.com/SystemLook/SystemLook_x64.exe

Double-click SystemLook_x64.exe to run it.
Copy the info below and paste it into the main text field(don't miss the colon : in front of :filefind)


:filefind
FSPFltd.sys
:regfind
FSPFltd.sys


Click the Look button to start the scan.
When finished, a notepad window will open with the results of the scan.

Once that is run a log will be created and presented to the monitor and saved to the desktop, attach it in your next reply.
Please save using the default Notepad format.
 
#6 ·
Interesting. The file exists but the logs show no service or driver using it.

The good news is, I still think this is not malware related.

Let's try this. Open a command prompt (press the windows key + R, type cmd in the Run box, and press Enter) and enter the following command then press Enter

sc query FSProFilter

Let me know the result.

Also, let's try a different query using SystemLook again.

Double-click SystemLook_x64.exe to run it.
Copy the info below and paste it into the main text field(don't miss the colon : in front of :regfind)

:regfind
FSPFltd
FSPFltd*

Click the Look button to start the scan.
When finished, a notepad window will open with the results of the scan.

Once that is run a log will be created and presented to the monitor and saved to the desktop, attach it in your next reply.
Please save using the default Notepad format.
 
#8 ·
Hi mzahedi15.
I can't explain how a file that does not seem to be in use by any service or driver is implicated in a BSOD.

Have you ever used My LockBox or Hide Folders programs?

In any event, this does not seem to be malware related, so you may return to your previous BSOD topic and let them know you've been cleared here, with no malware found.
 
#13 ·
I tried doing multiple system restores and kept getting the same BSODs, and then all of a sudden they stopped. All the files I've sent you have been post-restore and I haven't experienced any BSODs but, windows update will not update and constantly fails to install new updates. Otherwise I haven't noticed anything different.
 
#14 ·
OK, thanks. As for the file, I'd suggest renaming it at first, to a .old extension rather than deleting it. That way if something really does still need it, you can just rename it back.

It does sound like you'll be in better hands for the current issues in the Windows forums, whether it's the BSOD area or the Windows support areas.
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top