Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows XP BSOD


  • Please log in to reply
5 replies to this topic

#1 cbondeson

cbondeson

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 19 November 2010 - 03:14 PM

This started about a week ago. I began noticing explorer lockups and then BSOD. I used hiren's boot disk to restore the system registry file which was corrupted and was able to reboot. I could run successfully but now every time I reboot I get the corrupt system file and have to restore it. I must have either a rootkit or some type of virus.


PLease help!!!

EDIT: Moved from AII to XP, non-malware issues ~ Hamluis.

Edited by hamluis, 20 November 2010 - 12:00 PM.
Moved from XP forum to Am I Infected ~ Hamluis.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,090 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:24 PM

Posted 19 November 2010 - 03:32 PM

Hi :).

<<I must have either a rootkit or some type of virus.>>

I don't follow your reasoning here...can you explain further?

There are various reasons for file corruption...which have nothing to do with any form of malware.

Ditto for lockups.

System manufacturer and model?

It helps if we know the BSOD message, which is referenced in your title.

Let's try this.

Download/install BlueScreenView, http://www.nirsoft.net/utils/blue_screen_view.html.

Double-click BlueScreenView.exe file.

When scanning is done, Edit/Select All...then File/Save Selected Items.

Save the report as BSOD.txt.

Open BSOD.txt in Notepad, copy all content and paste it into your next reply.

Louis

#3 cbondeson

cbondeson
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 19 November 2010 - 04:08 PM

after wasting a couple days on this thinking it was a virus/rootkit it turns out to be SPTD service from daemon tools. What an amazing piece of bad programming to allow people to upgrade to something that is that unstable..
maybe this will help someone else out.

i will hold my breath as i reenable all the msconfig startup apps, and reinstall all the other apps i took out!!!!

#4 cbondeson

cbondeson
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 19 November 2010 - 04:16 PM

Here is the BSOD output


==================================================
Dump File : Mini111910-04.dmp
Crash Time : 11/19/2010 12:45:12 PM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x805980ab
Parameter 3 : 0xb50d19fc
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+c10ab
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5973 (xpsp_sp3_gdr.100427-1636)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini111910-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini111910-02.dmp
Crash Time : 11/19/2010 11:56:07 AM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x805980ab
Parameter 3 : 0xb469e9fc
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+c10ab
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5973 (xpsp_sp3_gdr.100427-1636)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini111910-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini111910-01.dmp
Crash Time : 11/19/2010 11:47:38 AM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x805980ab
Parameter 3 : 0xb46cf9fc
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+c10ab
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5973 (xpsp_sp3_gdr.100427-1636)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini111910-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini111910-03.dmp
Crash Time : 11/19/2010 11:37:19 AM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0x805980ab
Parameter 3 : 0xb50d19fc
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+c10ab
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5973 (xpsp_sp3_gdr.100427-1636)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini111910-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini111510-01.dmp
Crash Time : 11/15/2010 5:34:38 PM
Bug Check String : BAD_POOL_CALLER
Bug Check Code : 0x000000c2
Parameter 1 : 0x00000040
Parameter 2 : 0x00000000
Parameter 3 : 0x80000000
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+606ba
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5973 (xpsp_sp3_gdr.100427-1636)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini111510-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

==================================================
Dump File : Mini111410-01.dmp
Crash Time : 11/14/2010 10:21:27 AM
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xbf953c37
Parameter 3 : 0xacf4dc00
Parameter 4 : 0x00000000
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+153c37
File Description : Multi-User Win32 Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.6033 (xpsp_sp3_gdr.100831-1644)
Processor : 32-bit
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini111410-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
==================================================

#5 cbondeson

cbondeson
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:24 PM

Posted 20 November 2010 - 09:23 AM

I have rebooted 4 or 5 times without issue. It seems the daemon tools was to blame. tsk, tsk. Maybe they are too focused on 7 and did not spend enough time regression testing on xp!

#6 hamluis

hamluis

    Moderator


  • Moderator
  • 56,090 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:24 PM

Posted 20 November 2010 - 11:59 AM

IMO, Daemon Tools is known to cause problems on some systems...with various problems re sptd.sys reported.

If no problems now...I'll just go ahead and move this back to XP...thanks for providing feedback :).

If you have any further problems, you can either start a new thread or just add to this one.

Happy computing :).

Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users