Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

BSOD 124, SFC finds errors but cannot repair, cmd box opening/closing


  • Please log in to reply

#31
kristi10

kristi10

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 111 posts

The search index rebuild has completed now.

 

Here is the process explorer log:

 

Process CPU Private Bytes Working Set PID Verified Signer
System Idle Process 95.68 0 K 24 K 0 
Wow-64.exe 1.08 1,284,420 K 1,092,100 K 8624 (Verified) Blizzard Entertainment
procexp64.exe 1.02 31,792 K 56,276 K 5952 (Verified) Microsoft Corporation
Interrupts 0.53 0 K 0 K n/a 
audiodg.exe 0.39 24,352 K 23,544 K 10188 (Verified) Microsoft Windows
dwm.exe 0.32 56,680 K 51,748 K 2924 (Verified) Microsoft Windows
System 0.22 196 K 2,972 K 4 
CinemaNowSvc.exe 0.16 7,172 K 7,060 K 2188 (Verified) Sonic Solutions
iexplore.exe 0.14 113,944 K 140,708 K 772 (Verified) Microsoft Corporation
speedfan.exe 0.12 7,744 K 18,984 K 9908 (Verified) SOKNO S.R.L.
csrss.exe 0.11 3,516 K 8,852 K 592 (Verified) Microsoft Windows
NvStreamNetworkService.exe 0.04 4,724 K 10,992 K 7768 (Verified) NVIDIA Corporation
explorer.exe 0.04 62,132 K 92,016 K 2984 (Verified) Microsoft Windows
svchost.exe 0.03 12,700 K 19,836 K 2636 (Verified) Microsoft Windows
NvStreamUserAgent.exe 0.02 6,404 K 14,312 K 10028 (Verified) NVIDIA Corporation
svchost.exe 0.02 37,308 K 55,932 K 460 (Verified) Microsoft Windows
AvastSvc.exe 0.01 189,212 K 45,544 K 1488 (Verified) AVAST Software a.s.
NvStreamService.exe 0.01 8,052 K 10,896 K 2212 (Verified) NVIDIA Corporation
AvastUI.exe 0.01 27,516 K 28,692 K 4384 (Verified) AVAST Software a.s.
svchost.exe 0.01 16,924 K 20,588 K 4660 (Verified) Microsoft Windows
svchost.exe 0.01 20,772 K 31,740 K 740 (Verified) Microsoft Windows
CurseClient.exe 0.01 173,072 K 5,048 K 5420 (No signature was present in the subject) Curse
ServicepointService.exe < 0.01 10,500 K 22,004 K 3572 (Verified) Radialpoint
lsm.exe < 0.01 3,084 K 4,832 K 696 (Verified) Microsoft Windows
NvBackend.exe < 0.01 23,312 K 31,556 K 2264 (Verified) NVIDIA Corporation
svchost.exe < 0.01 10,300 K 14,176 K 944 (Verified) Microsoft Windows
svchost.exe < 0.01 20,368 K 21,680 K 1396 (Verified) Microsoft Windows
AppleMobileDeviceService.exe < 0.01 7,468 K 13,792 K 1964 (Verified) Apple Inc.
iexplore.exe < 0.01 21,228 K 42,292 K 8688 (Verified) Microsoft Corporation
WowBrowserProxy.exe < 0.01 9,056 K 13,056 K 9964 (Verified) Blizzard Entertainment
taskhost.exe < 0.01 31,540 K 28,812 K 2324 (Verified) Microsoft Windows
SearchIndexer.exe < 0.01 85,308 K 147,984 K 820 (Verified) Microsoft Windows
csrss.exe < 0.01 2,816 K 5,104 K 484 (Verified) Microsoft Windows
nvvsvc.exe < 0.01 20,644 K 29,508 K 5552 (Verified) NVIDIA Corporation
wmpnetwk.exe < 0.01 8,640 K 11,840 K 1408 (Verified) Microsoft Windows
HPSA_Service.exe < 0.01 29,724 K 19,692 K 2676 (No signature was present in the subject) Hewlett-Packard Company
WUDFHost.exe  2,380 K 6,440 K 3484 (Verified) Microsoft Windows
WmiPrvSE.exe  8,916 K 15,884 K 3948 (Verified) Microsoft Windows
WmiPrvSE.exe  2,812 K 6,580 K 7076 (Verified) Microsoft Windows
winlogon.exe  3,352 K 7,876 K 624 (Verified) Microsoft Windows
wininit.exe  1,712 K 4,704 K 560 (Verified) Microsoft Windows
wimserv.exe  22,044 K 772 K 5832 (Verified) Microsoft Windows
unsecapp.exe  2,208 K 6,512 K 4540 (Verified) Microsoft Windows
TrustedInstaller.exe  10,108 K 16,220 K 5452 (Verified) Microsoft Windows
taskhost.exe  6,044 K 8,780 K 4280 (Verified) Microsoft Windows
taskeng.exe  2,740 K 7,156 K 2460 (Verified) Microsoft Windows
svchost.exe  222,312 K 231,056 K 480 (Verified) Microsoft Windows
svchost.exe  3,100 K 6,292 K 1124 (Verified) Microsoft Windows
svchost.exe  76,672 K 67,696 K 3716 (Verified) Microsoft Windows
svchost.exe  28,908 K 27,440 K 492 (Verified) Microsoft Windows
svchost.exe  6,256 K 12,160 K 788 (Verified) Microsoft Windows
svchost.exe  18,208 K 21,788 K 1736 (Verified) Microsoft Windows
svchost.exe  3,044 K 6,368 K 4152 (Verified) Microsoft Windows
svchost.exe  4,872 K 8,300 K 3676 (Verified) Microsoft Windows
svchost.exe  6,844 K 12,564 K 3492 (Verified) Microsoft Windows
spoolsv.exe  8,944 K 15,400 K 1652 (Verified) Microsoft Windows
smss.exe  580 K 1,236 K 320 (Verified) Microsoft Windows
SmartMenu.exe  7,628 K 16,196 K 2868 (Verified) Hewlett-Packard Company
services.exe  14,416 K 14,412 K 668 (Verified) Microsoft Windows
RtkAudioService64.exe  2,356 K 5,712 K 1212 (Verified) Realtek Semiconductor Corp
RAVBg64.exe  15,116 K 12,640 K 1372 (Verified) Realtek Semiconductor Corp
procexp.exe  2,324 K 7,368 K 9248 (Verified) Microsoft Corporation
PresentationFontCache.exe  29,244 K 25,280 K 900 (Verified) Microsoft Corporation
nvxdsync.exe  9,384 K 22,028 K 2408 (Verified) NVIDIA Corporation
nvvsvc.exe  3,160 K 8,036 K 5700 (Verified) NVIDIA Corporation
nvtray.exe  5,588 K 13,260 K 4328 (Verified) NVIDIA Corporation
nvSCPAPISvr.exe  3,252 K 6,536 K 4924 (Verified) NVIDIA Corporation
NvNetworkService.exe  5,448 K 10,460 K 5640 (Verified) NVIDIA Corporation
mDNSResponder.exe  3,652 K 6,948 K 1164 (Verified) Apple Inc.
lsass.exe  8,104 K 16,132 K 688 (Verified) Microsoft Windows
jusched.exe  4,764 K 13,024 K 2572 (Verified) Oracle America
itype.exe  6,212 K 2,544 K 2976 (Verified) Microsoft Corporation
ipoint.exe  5,648 K 2,904 K 2968 (Verified) Microsoft Corporation
hpwuschd2.exe  1,188 K 4,236 K 2804 (Verified) Hewlett-Packard Company
hpsysdrv.exe  1,116 K 4,116 K 2848 (Verified) Hewlett-Packard Company
HPSupportSolutionsFrameworkService.exe  42,276 K 41,692 K 2816 (Verified) Hewlett-Packard Company
GWX.exe  4,164 K 912 K 3184 (Verified) Microsoft Windows
GfExperienceService.exe  4,172 K 10,888 K 2916 (Verified) NVIDIA Corporation
FlashUtil64_18_0_0_209_ActiveX.exe  4,444 K 9,940 K 4620 (Verified) Adobe Systems Incorporated
E_S40STB.EXE  1,632 K 4,016 K 2512 (Verified) Microsoft Windows Hardware Compatibility Publisher
E_S40RPB.EXE  1,476 K 3,540 K 2600 (Verified) Microsoft Windows Hardware Compatibility Publisher
dllhost.exe  2,832 K 7,708 K 3884 (Verified) Microsoft Windows
conhost.exe  1,252 K 3,200 K 10044 (Verified) Microsoft Windows
conhost.exe  1,684 K 4,956 K 4732 (Verified) Microsoft Windows
atiesrxx.exe  1,724 K 4,532 K 1016 (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe  2,896 K 7,100 K 1348 (Verified) Microsoft Windows Hardware Compatibility Publisher
armsvc.exe  2,732 K 8,928 K 1896 (Verified) Adobe Systems


  • 0

Advertisements


#32
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

Seems that WoW uses a lot of memory.  

 

Wow-64.exe 1.08 1,284,420 K 1,092,100 K 8624 (Verified) Blizzard Entertainment

 

Everything else seems happy.  You might try playing WoW with Avast Shields Control turned off see if Avast is getting in the way.


  • 0

#33
kristi10

kristi10

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 111 posts

I hadn't ever run the ESET scan yet, so started it right after I posted earlier.  Here is the log.

 

C:\Program Files (x86)\Funcom\The Secret World\xfire_installer.TheSecretWorld.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\ProgramData\RogueKiller\Quarantine\21D7D2B8F429B9B2.reg REG/Agent.AK trojan cleaned by deleting - quarantined
C:\ProgramData\RogueKiller\Quarantine\303D691FB967D74D.reg REG/Agent.AK trojan cleaned by deleting - quarantined
C:\ProgramData\RogueKiller\Quarantine\4EED4A784F11A93C.reg REG/Agent.AK trojan cleaned by deleting - quarantined
C:\ProgramData\RogueKiller\Quarantine\5436654782A37743.reg REG/Agent.AK trojan cleaned by deleting - quarantined
C:\ProgramData\RogueKiller\Quarantine\6EEC6FE1C9CD3B71.reg REG/Agent.AK trojan cleaned by deleting - quarantined
C:\ProgramData\RogueKiller\Quarantine\8A3FB7B5FB1AD689.reg REG/Agent.AK trojan cleaned by deleting - quarantined
C:\ProgramData\RogueKiller\Quarantine\E0FEE6D8B5F5E08D.reg REG/Agent.AK trojan cleaned by deleting - quarantined
C:\ProgramData\RogueKiller\Quarantine\F7482B2D97B43E32.reg REG/Agent.AK trojan cleaned by deleting - quarantined


  • 0

#34
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

Most of what ESET found was already in quarantine from Rogue Killer so not active.  The exception is just a PUP.  (Adware from Conduit).


  • 0

#35
kristi10

kristi10

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 111 posts

Oh thank goodness.  I hadn't even noticed roguekiller in the lines.  Best news all day, thank you!

 

Still loading and waking from sleep very slowly.  I'm going to work on another of your suggestions next:

 

 

You might  try booting into the Safe Mode Menu and selecting the Low Resolution option.  This is basic VGA so bypasses a lot of the fancy drivers.  See if it boots faster that way.  Also go into msconfig and:

 

Go to Services tab and click on the box to hide Microsoft Services then uncheck
everything that remains.  Go to Startup tab and uncheck everything.  OK and
reboot.  If it doesn't run faster then go back into msconfig and recheck the
things you turned off.  If it helps then go back and turn on a few items each
time until you find the culprit.

 


  • 0

#36
kristi10

kristi10

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 111 posts

Good evening,

 

I'm sorry for the delay in reporting back.  Work has been very busy this week.

 

I booted into safe mode with the low resolution option as you requested and it did boot faster.  I also went to msconfig and unchecked the items in services and startup.  It did seem to help some, so I tried turning items on slowly but haven't figured out the culprit.  In the meantime, waking from sleep is becoming a bigger and bigger problem; it seems to take longer each time.

 

I did run the ram tests and everything checked out.

 

I haven't replaced the hard drive yet.  I realize that needs to happen and is causing some (all?) of the problems.  But if there are other problems, I don't want to clone them into the new one, assuming that's how it would work anyway.

 

In the meantime, no BSOD's since I switched out the NVidia card with the faulty fan, with the working but old ATI card.  And since I bought the new Nvidia card and got rid of the catalyst control center stuff, I've not seen the cmd box pop open and close again.

 

Is there other trouble-shooting to be done at this point, or should I get on replacing the hard drive first?

 

Thank you, Kristi


  • 0

#37
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

Is it sleep or hibernate?


  • 0

#38
kristi10

kristi10

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 111 posts

Sleep apparently.  Digging into the advanced power options, it's currently set to Sleep after 15 minutes, Hibernate never.


  • 0

#39
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

make sure Hybrid Sleep is turned off. 

 

Control Panel\Power Options\Change Plan Settings (for your current setting) 

 
"Change advanced power settings"
 
Click the + in front of Sleep
 
Click the + in front of "Allow hybrid sleep"
 
If it doesn't say Off then click on Setting and
 
Change option to "off"

  • 0

#40
kristi10

kristi10

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 111 posts

I checked and hybrid sleep was already set to Off.


  • 0

Advertisements


#41
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

Does it take a long time to shutdown too? 


  • 0

#42
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

Try copying the next line:

powercfg.exe –h off

 

Then
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter

 

Restart.

 

This should turn off Hibernate and delete the hiberfil.sys file which sometimes gets too big.

 

 


  • 0

#43
kristi10

kristi10

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 111 posts

I hadn't noticed anything unusual, so I shut it down just now to be sure and it was pretty quick.  Turned it back on and it wasn't unreasonably slow there either, although Avast takes at least a couple of minutes to come on.


  • 0

#44
kristi10

kristi10

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 111 posts

Putting powercfg.exe –h off into command prompt, correct?  It says invalid parameters when I do.


  • 0

#45
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

Try typing it in.  I copied it from the Internet and I think it may have some invisible characters.

 

C:\Windows\system32> powercfg.exe -h off

C:\Windows\system32>


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP