Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blue Screen, Memory Dump, What Does This Mean?


  • Please log in to reply
6 replies to this topic

#1 Kim25

Kim25

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:03:38 PM

Posted 03 September 2008 - 04:23 PM

Ok, last night I got the Blue Screen of Death, I guess, and apparently a memory Dump. I don't have any idea what a memory dump is, or why it happens! This is the first time this has happened so I tried to write everything down that was displayed on the blue screen. I do have some recent new programs that I got about 2-3 weeks ago including avast AV, Online Armor firewall, WinPatrol and a-squared.This is the total of my security programs. I do believe that avast has slowed down my computer, lately I have been getting the hour glass a lot when I am trying to surf the web. I am thinking about replacing it. I wonder if avast is what could have caused my Blue Screen?
My puter is a Dell 4600 dimension & about 4 yrs. old, windows xp, I run windows explorer and firefox.
I would appreciate any help you can give me on this, although my computer seems to be ok right now, I prefer that this doesn't happen again! Below is what I wrote down from the blue screen:

Stop error Screen
windows has encountered problem

Driver_IRQL_NOT_LESS_OR_EQUAL

Stop:0x000000D1 (OXFF35CE64, OX00000002, OX00000000, OXF889CF51)


OAMON.SYS-address
F889CF51 base at F8898000, Datestamp 47Fe8d2d

Physical Memory Dump Complete


After I shut down my computer and restarted it, Winpatrol came up telling that a new program wanted access to my start ups. Since I didn't have any brand new progams, and WP didn't tell me what the program was, other than %systemroot%\system32\dumprep 0 -k. I didn't allow it. I did go into WP and checked to see if any new entries were there and the following below is what I found.

C:\WINDOWS\SYSTEM32\logonui.exe.manifest
First Detected by WinPatrol: 09/02/2008 10:55 PM


etilqs_cZkGelz8GcOWsPj4
etilqs_cZkGelz8GcOWsPj4DJDe
Path: C:\Documents and Settings\Kim\Local Settings\Temp\etilqs_cZkGelz8GcOWsPj4DJDe
First Detected by WinPatrol: 09/02/2008 10:55 PM


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,895 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:04:38 PM

Posted 03 September 2008 - 05:04 PM

Looks like malware to me, but maybe not...see link at http://www.google.com/search?hl=en&q=e...amp;btnG=Search

IRQL errors can be driver errors impacting memory.

http://www.tek-tips.com/viewthread.cfm?qid=308429

Since we have something pointing to Firefox...and Firefox has drivers...it's not illogical to assume that the Firefox drivers are corrupt (for whatever reason).

I would try uninstalling/reinstalling, then updating Firefox.

Louis

#3 hamluis

hamluis

    Moderator


  • Moderator
  • 55,895 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:04:38 PM

Posted 03 September 2008 - 05:04 PM

Duplicate post deleted.

Louis

Edited by hamluis, 03 September 2008 - 05:05 PM.


#4 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:05:38 PM

Posted 04 September 2008 - 06:55 AM

First, delete your Temporary files with this free program: http://www.ccleaner.com/
Only use the default settings to clean your files - don't mess with the other tools as they are extremely powerful and can cause big problems with your system if not run properly.

Next, the Blue Screen of Death refers to the file OAMON.SYS - which is a part of the Online Armor Firewall.
This can either be that malware caused it to crash or it could be a problem with the program itself.

I would first conduct a free, online scan to ensure that you're not infected using one or more of the free scans listed here: http://www.bleepingcomputer.com/blogs/usas...?showentry=1252 )

If you're not infected, the I'd suggest downloading a new copy of the Online Armor Firewall. Then uninstall the old copy and install the new one.

If you do find signs of an infection, I'd suggest posting in the Am I Infected forum located here: http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#5 Kim25

Kim25
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:03:38 PM

Posted 04 September 2008 - 12:36 PM

Thanks John! I will go do your recomendations now. I will let you know how it comes out. I did a virus scan with my avast and also ran a-squared, they both showed clean, but I am off to try the others now. Thanks again!

#6 Kim25

Kim25
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:03:38 PM

Posted 04 September 2008 - 04:48 PM

Well, I guess my next step is to uninstall online armor and then reinstall it. All the scans turned out ok...no virus. John, do you have any recommendations for a firewall or shall I stay with online armor?

Thanks,
Kim

#7 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:05:38 PM

Posted 05 September 2008 - 04:54 AM

I used the free Sygate Personal Firewall for many years with XP. It's still available here: http://www.321download.com/LastFreeware/page26.html

Although support is no longer offered for it, it's easy to work with and can be turned on/off easily for testing.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users