Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSODs


  • This topic is locked This topic is locked
13 replies to this topic

#1 NormanXuminZhu

NormanXuminZhu

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 25 February 2012 - 03:27 AM

http://speccy.piriform.com/results/AAPyAuNKecHf6UVr2vMz3Ed

Posted previously on the site but I can't find my old topic and recently I've gotten the BSODs in much greater frequency.

==================================================
Dump File : 022412-18064-01.dmp
Crash Time : 2/24/2012 11:44:29 PM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : fffffa80`0efd8000
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffff880`01774067
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+78067
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+7cc40
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\022412-18064-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 262,144
==================================================

==================================================
Dump File : 022312-18876-01.dmp
Crash Time : 2/23/2012 7:33:03 PM
Bug Check String : KMODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x0000001e
Parameter 1 : 00000000`00000000
Parameter 2 : 00000000`00000000
Parameter 3 : 00000000`00000000
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7cc10
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17640 (win7sp1_gdr.110622-1506)
Processor : x64
Crash Address : ntoskrnl.exe+7cc10
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\022312-18876-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 262,144
==================================================

==================================================
Dump File : 022212-18314-01.dmp
Crash Time : 2/22/2012 11:22:57 PM
Bug Check String : KMODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x0000001e
Parameter 1 : 00000000`00000000
Parameter 2 : 00000000`00000000
Parameter 3 : 00000000`00000000
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7cc10
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17640 (win7sp1_gdr.110622-1506)
Processor : x64
Crash Address : ntoskrnl.exe+7cc10
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\022212-18314-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 262,144
==================================================

==================================================
Dump File : 020812-19578-01.dmp
Crash Time : 2/8/2012 10:26:46 PM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : fffffa80`10138000
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffff880`018ad067
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+78067
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+7cc40
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\020812-19578-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 262,144
==================================================

==================================================
Dump File : 020112-26348-01.dmp
Crash Time : 2/1/2012 11:57:02 PM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : fffffa80`0f63c000
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffff880`018c9067
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+78067
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+7cc40
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\020112-26348-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 262,144
==================================================

==================================================
Dump File : 012612-30466-01.dmp
Crash Time : 1/26/2012 2:56:52 PM
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : fffffa80`0f19e000
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffff880`01688067
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+78067
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+7cc40
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\012612-30466-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 262,144
==================================================

==================================================
Dump File : 011712-22261-01.dmp
Crash Time : 1/17/2012 4:17:13 PM
Bug Check String : KMODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x0000001e
Parameter 1 : 00000000`00000000
Parameter 2 : 00000000`00000000
Parameter 3 : 00000000`00000000
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7cc10
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17640 (win7sp1_gdr.110622-1506)
Processor : x64
Crash Address : ntoskrnl.exe+7cc10
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\011712-22261-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 262,144
==================================================

==================================================
Dump File : 011712-16021-01.dmp
Crash Time : 1/17/2012 3:08:21 PM
Bug Check String : KMODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x0000001e
Parameter 1 : 00000000`00000000
Parameter 2 : 00000000`00000000
Parameter 3 : 00000000`00000000
Parameter 4 : 00000000`00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7cc10
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17640 (win7sp1_gdr.110622-1506)
Processor : x64
Crash Address : ntoskrnl.exe+7cc10
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\011712-16021-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 262,144
==================================================
Word: NormanXuminZhu
Part of speech: Noun
Definition: Magnet for computer problems.

BC AdBot (Login to Remove)

 


#2 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:02:10 PM

Posted 25 February 2012 - 06:46 AM

I think we have a good case for collecting some more information about what might be going on here.

:step1: Please follow the instructions: BSOD Posting Instructions: Windows 7 - Vista

(Note: When you run BSOD_Windows7_Vista_v2.64_jcgriff2_.exe, it will also run autoruns.exe ... and both need to be in the same location!)
... with one exception in the following line:
  • "4. Zip up the entire output folder + PERFMON and attach the zip file to your next post."
The BC forums will allow a total attachment size of only 512 kb (and what you need to attach will exceed this limit). Please upload the zip file to a file sharing website of your choice and and post a link to it in this thread so that we can access your uploaded zip file. I will have a look at the contained information and see if I can shed some light on your BSOD issue.

See the suggestions in the following links for recommendations on file sharing websites:
  • http://lifehacker.com/388284/best-online-file-sharing-services
  • http://www.hongkiat.com/blog/15-great-free-online-file-sharing-alternatives/
  • http://www.smashingapps.com/2008/08/28/5-best-free-file-hosting-services-to-store-your-files.html

:step2: Thanks for already publishing a Speccy report.

:step3: Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • List Installed Programs
  • Click Go.
    When the scan is finished, a text file will open in a Notepad window.
  • Copy the entire contents of the Notepad window, and paste in your reply.
    (Result.txt will be saved in the same directory the tool is run.)

AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#3 NormanXuminZhu

NormanXuminZhu
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 25 February 2012 - 12:44 PM

Thank you for your reply!

Here is the output folder along with the perfmon html file:
http://www.streamfile.com/myid/asPNPqR5LGhR

Here is the minitoolbox report:

MiniToolBox by Farbar Version: 18-01-2012
Ran by norman zhu (administrator) on 25-02-2012 at 09:04:19
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

=========================== Installed Programs ============================

Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Ad-Aware (Version: 9.0.7)
Adobe AIR (Version: 3.1.0.4880)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Photoshop CS3 (Version: 10.0)
Adobe Reader 9 (Version: 9.0.0)
Adobe Setup (Version: 1.0)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
Akamai NetSession Interface
Akamai NetSession Interface Service
AMD APP SDK Runtime (Version: 10.0.851.4)
AMD Catalyst Install Manager (Version: 3.0.859.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.61205.2219)
ASRock App Charger v1.0.4
ASRock eXtreme Tuner v0.1.79
ASRock InstantBoot v1.26
AutoHotkey 1.0.48.05 (Version: 1.0.48.05)
Bamboo (Version: 5.2.5-5)
Bamboo Dock (Version: 4.0)
Bamboo Dock (Version: 4.0.0)
Bandisoft MPEG-1 Decoder
BitTorrent (Version: 7.6.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.1205.2215.39827)
Catalyst Control Center Graphics Previews Common (Version: 2011.1205.2215.39827)
Catalyst Control Center InstallProxy (Version: 2011.1205.2215.39827)
Catalyst Control Center Localization All (Version: 2011.1205.2215.39827)
ccc-utility64 (Version: 2011.1205.2215.39827)
CCC Help Chinese Standard (Version: 2011.1205.2214.39827)
CCC Help Chinese Traditional (Version: 2011.1205.2214.39827)
CCC Help Czech (Version: 2011.1205.2214.39827)
CCC Help Danish (Version: 2011.1205.2214.39827)
CCC Help Dutch (Version: 2011.1205.2214.39827)
CCC Help English (Version: 2011.1205.2214.39827)
CCC Help Finnish (Version: 2011.1205.2214.39827)
CCC Help French (Version: 2011.1205.2214.39827)
CCC Help German (Version: 2011.1205.2214.39827)
CCC Help Greek (Version: 2011.1205.2214.39827)
CCC Help Hungarian (Version: 2011.1205.2214.39827)
CCC Help Italian (Version: 2011.1205.2214.39827)
CCC Help Japanese (Version: 2011.1205.2214.39827)
CCC Help Korean (Version: 2011.1205.2214.39827)
CCC Help Norwegian (Version: 2011.1205.2214.39827)
CCC Help Polish (Version: 2011.1205.2214.39827)
CCC Help Portuguese (Version: 2011.1205.2214.39827)
CCC Help Russian (Version: 2011.1205.2214.39827)
CCC Help Spanish (Version: 2011.1205.2214.39827)
CCC Help Swedish (Version: 2011.1205.2214.39827)
CCC Help Thai (Version: 2011.1205.2214.39827)
CCC Help Turkish (Version: 2011.1205.2214.39827)
Combined Community Codec Pack 2011-11-11 (Version: 2011.11.11.0)
Comodo Dragon (Version: 15.0)
COMODO GeekBuddy (Version: 3.3.217083.59)
COMODO Internet Security (Version: 5.9.23255.2196)
CyberLink MediaEspresso (Version: 6.5.1611_37043)
DFOLauncher
EditPad Lite 7.1.0 (Version: 7.1.0)
Etron USB3.0 Host Controller (Version: 0.96)
FileZilla Client 3.5.3 (Version: 3.5.3)
FileZilla Server (Version: beta 0.9.40)
GNU CLISP 2.49 (Version: 2.49)
Google Chrome (Version: 17.0.963.56)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2361)
Java™ 6 Update 30 (64-bit) (Version: 6.0.300)
Java™ 7 Update 2 (64-bit) (Version: 7.0.20)
Java™ SE Development Kit 7 Update 2 (64-bit) (Version: 1.7.0.20)
JavaFX 2.0.2 (64-bit) (Version: 2.0.2)
JavaFX 2.0.2 SDK (64-bit) (Version: 2.0.2)
League of Legends (Version: 1.3)
McAfee Agent (Version: 4.5.0.1810)
McAfee VirusScan Enterprise (Version: 8.8.00000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft PowerPoint Viewer (Version: 14.0.4763.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
mIRC (Version: 7.22)
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
Nexon Game Manager
NVIDIA PhysX (Version: 9.10.0129)
osu! (Version: 0.0.0.0)
PaintTool SAI Ver.1
Pando Media Booster (Version: 2.6.0.1)
PDF Settings (Version: 1.0)
Realtek Ethernet Controller Driver (Version: 7.44.421.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6257)
Remove Bots Files
S4 League_EU (Version: 1.00.0000)
SafeConnect
Skype™ 5.5 (Version: 5.5.124)
Sound Blaster X-Fi MB (Version: 1.0)
Speccy (Version: 1.15)
Steam (Version: 1.0.0.0)
Strawberry Perl (Version: 5.12.768)
Team Fortress 2
tools-freebsd (Version: 8.8.0.471780)
tools-linux (Version: 8.8.0.471780)
tools-netware (Version: 8.8.0.471780)
tools-solaris (Version: 8.8.0.471780)
tools-windows (Version: 8.8.0.471780)
tools-winPre2k (Version: 8.8.0.471780)
uTorrentBar Toolbar (Version: 6.8.2.0)
Vindictus
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 1.1.11 (Version: 1.1.11)
VmciSockets (Version: 9.1.54.1)
VMware Workstation (Version: 8.0.0.18997)
Warcraft III
WebTablet FB Plugin (Version: 2.0.0.1)
WebTablet IE Plugin (Version: 1.1.0.12)
WebTablet Netscape Plugin (Version: 1.1.0.10)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR 4.10 beta 5 (64-bit) (Version: 4.10.5)
XFastUsb
Xfire (remove only)
XSplit (Version: 1.0.1201.0504)

**** End of log ****
Word: NormanXuminZhu
Part of speech: Noun
Definition: Magnet for computer problems.

#4 NormanXuminZhu

NormanXuminZhu
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 25 February 2012 - 02:33 PM

While running the driver verifier, the computer crashed twice more.


==================================================
Dump File : 022512-19858-01.dmp
Crash Time : 2/25/2012 11:30:30 AM
Bug Check String : INVALID_KERNEL_HANDLE
Bug Check Code : 0x00000093
Parameter 1 : 00000000`00003a74
Parameter 2 : fffff8a0`00001930
Parameter 3 : fffff8a0`0a2b99d0
Parameter 4 : 00000000`00000001
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7cc40
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17640 (win7sp1_gdr.110622-1506)
Processor : x64
Crash Address : ntoskrnl.exe+7cc40
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\022512-19858-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 262,144
==================================================

==================================================
Dump File : 022512-23743-01.dmp
Crash Time : 2/25/2012 11:02:21 AM
Bug Check String : INVALID_KERNEL_HANDLE
Bug Check Code : 0x00000093
Parameter 1 : 00000000`00002758
Parameter 2 : fffff8a0`00001930
Parameter 3 : fffff8a0`039f6d60
Parameter 4 : 00000000`00000001
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+7cc40
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.17640 (win7sp1_gdr.110622-1506)
Processor : x64
Crash Address : ntoskrnl.exe+7cc40
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\022512-23743-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 262,144
==================================================
Word: NormanXuminZhu
Part of speech: Noun
Definition: Magnet for computer problems.

#5 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:02:10 PM

Posted 25 February 2012 - 02:57 PM

While running the driver verifier, the computer crashed twice more.

Please zip up these two minidumps and attach to a reply:
  • Navigate to C:\Windows\Minidump <<< folder
  • Click on the most recent minidump file.
  • Hold down the <Ctrl> key, and click on the next-most recent minidump file to also select it.
  • Release the <Ctrl> key.
  • Now, right-click on one of the selected files > Send to ... > Compressed (zipped) Folder.
    The zip file will be located in the same place (the Minidump folder).
  • Attach the zip file to your next reply.
    When you click on Add Reply, you will see the facility to attach a file just below the box where you type your message.
Edit: Note that the files will need to be zipped in order to be able to attach here. The BC forums will not allow you to attach a .rar file.

Edited by AustrAlien, 25 February 2012 - 02:59 PM.

AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#6 NormanXuminZhu

NormanXuminZhu
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 25 February 2012 - 03:44 PM

Thank you for the quick reply! I have attached the two dump files in this post.

Attached Files


Edited by NormanXuminZhu, 25 February 2012 - 03:45 PM.

Word: NormanXuminZhu
Part of speech: Noun
Definition: Magnet for computer problems.

#7 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:02:10 PM

Posted 25 February 2012 - 03:48 PM

Are you experiencing any other issues/problems with the system, that it might be relevant to mention?

Are there any signs at all of malware infection on the system, or have you previously had to deal with a malware infection on the system?
AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#8 NormanXuminZhu

NormanXuminZhu
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 25 February 2012 - 04:02 PM

It is a relatively new system without problems (except for these crashes). Roughly two to three months old; first computer that I built myself though I had help choosing the parts from people at a self help computer building forum. As far as I know, there have been no problems with malware infection. I have installed comodo personal firewall as well as McAfee VSE and Ad-Aware almost immediately after it was up and running.
Word: NormanXuminZhu
Part of speech: Noun
Definition: Magnet for computer problems.

#9 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:02:10 PM

Posted 25 February 2012 - 04:05 PM

Please uninstall Ad-Aware by the usual means and re-start the system.

Run Driver Verifier again and let me know if there is any result/crash. Let DV run for 36 hours otherwise before turning it off.

=======================
BSOD BUGCHECK SUMMARY: 022512-23743-01.dmp
................................................................
Loading Dump File [C:\CactusIsland\NormanXuminZhu_BC\Minidump225\022512-23743-01.dmp]
Built by: 7601.17640.amd64fre.win7sp1_gdr.110622-1506
Debug session time: Sun Feb 26 06:01:02.289 2012 (UTC + 11:00)
System Uptime: 0 days 0:10:19.304
Unable to load image \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for KernExplorer64.sys
*** ERROR: Module load completed but symbols could not be loaded for KernExplorer64.sys
Probably caused by : KernExplorer64.sys ( KernExplorer64+1277 )
INVALID_KERNEL_HANDLE (93)
DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP
BUGCHECK_STR: 0x93
PROCESS_NAME: System
FAILURE_BUCKET_ID: X64_0x93_VRF_KernExplorer64+1277
Bugcheck code 00000093
Arguments 00000000`00002758 fffff8a0`00001930 fffff8a0`039f6d60 00000000`00000001
................................................................

AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#10 NormanXuminZhu

NormanXuminZhu
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 11 March 2012 - 04:19 AM

I've experienced a few more BSODs (all during high network traffic; running a livestream, and chat and games for example, or when running bittorrent). These all list tcpip as part of the BSOD, I'll post the files shortly and then run Driver Verifier once more overnight (last time I only kept it on for a few hours.)

Attached Files


Word: NormanXuminZhu
Part of speech: Noun
Definition: Magnet for computer problems.

#11 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:02:10 PM

Posted 11 March 2012 - 05:22 AM

I think the system may be infected with malware. A file with a .tmp extension is listed as a loaded module in several of the minidumps (with "caused by" being tcpip.sys).

006A42B.tmp Thu Jan 26 16:28:44 2012
006AD3F.tmp Thu Jan 26 16:28:44 2012
0066DCF.tmp Thu Jan 26 16:28:44 2012
... and from an earlier minidump 022412-18064-01, 006E559.tmp Thu Jan 26 16:28:44 2012


You will need some expert assistance to deal with the issue, so please follow the instructions in the
Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help

When you have done that, post your log in the "Virus, Trojan, Spyware, and Malware Removal Logs forum", NOT here, for assistance by the Malware Response Team experts. Please include a link to this topic.

Please let us know, here, if you have been able to successfully start your new topic.

=======================
BSOD BUGCHECK SUMMARY 3 recent minidumps
................................................................
Loading Dump File [C:\CactusIsland\NormanXuminZhu_BC\Minidump3\031112-17440-01.dmp]
Built by: 7601.17640.amd64fre.win7sp1_gdr.110622-1506
Debug session time: Sun Mar 11 19:16:43.068 2012 (UTC + 11:00)
System Uptime: 2 days 2:29:32.599
Probably caused by : tcpip.sys ( tcpip!Ipv6AddressType+27 )
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xD1
PROCESS_NAME: System
FAILURE_BUCKET_ID: X64_0xD1_tcpip!Ipv6AddressType+27
Bugcheck code 000000D1
Arguments fffffa80`10354000 00000000`00000002 00000000`00000000 fffff880`01913067
................................................................
Loading Dump File [C:\CactusIsland\NormanXuminZhu_BC\Minidump3\030812-27580-01.dmp]
Built by: 7601.17640.amd64fre.win7sp1_gdr.110622-1506
Debug session time: Fri Mar 9 16:42:23.724 2012 (UTC + 11:00)
System Uptime: 1 days 4:10:29.129
Probably caused by : tcpip.sys ( tcpip!Ipv6AddressType+27 )
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xD1
PROCESS_NAME: System
FAILURE_BUCKET_ID: X64_0xD1_tcpip!Ipv6AddressType+27
Bugcheck code 000000D1
Arguments fffffa80`0f09e000 00000000`00000002 00000000`00000000 fffff880`016f9067
................................................................
Loading Dump File [C:\CactusIsland\NormanXuminZhu_BC\Minidump3\030712-21949-01.dmp]
Built by: 7601.17640.amd64fre.win7sp1_gdr.110622-1506
Debug session time: Thu Mar 8 12:30:44.178 2012 (UTC + 11:00)
System Uptime: 3 days 9:35:47.301
Probably caused by : tcpip.sys ( tcpip!Ipv6AddressType+27 )
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xD1
PROCESS_NAME: System
FAILURE_BUCKET_ID: X64_0xD1_tcpip!Ipv6AddressType+27
Bugcheck code 000000D1
Arguments fffffa80`0ee6d000 00000000`00000002 00000000`00000000 fffff880`01704067
................................................................

Edited by AustrAlien, 11 March 2012 - 05:24 AM.

AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#12 NormanXuminZhu

NormanXuminZhu
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:12:10 AM

Posted 11 March 2012 - 03:53 PM

I have posted a topic in the malware logs subforum, but have since then installed and run CCleaner, which detected a very large number of issues when asked to perform a registry scan for issues (229; and it fixed them).

The new topic is here:

http://www.bleepingcomputer.com/forums/topic445864.html

P.S. I don't know exactly how you determine where the problem from BSODs lie, but if such a large number of registry issues is unusual then you may decide to 'lower the priority' on troubleshooting my issues just in case a BSOD no longer occurs due to the CCleaner fixes.
Word: NormanXuminZhu
Part of speech: Noun
Definition: Magnet for computer problems.

#13 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:02:10 PM

Posted 12 March 2012 - 01:40 AM

... have since then installed and run CCleaner, which detected a very large number of issues when asked to perform a registry scan for issues (229; and it fixed them).

CCleaner is a good program to use to remove unnecessary junk files from the system, but it is not advisable to use when you are having problems (especially possible malware issues) and it is best to NOT use the registry cleaner part of the program at any time. BleepingComputer.com has a policy to not use, and to advise against the use of, registry cleaners of any sort at all times ... and there are very sound reasons for having such a policy in place. Registry cleaners are not the "cure-all" that they are widely touted to be, and instead pose a very real risk of damaging the system. I suggest that you refrain from using any registry cleaner in the future.

BTW: The detection of 229 "registry issues" can not be considered a "large number": That would likely be quite "normal" on any system at any time. Nor would it have any effect on malware if it is present on the system.

A Moderator will come along and close this topic at some time, now that you have created a topic in the Malware Logs forum.

Edited by AustrAlien, 12 March 2012 - 01:45 AM.

AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#14 hamluis

hamluis

    Moderator


  • Moderator
  • 56,408 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:10 PM

Posted 12 March 2012 - 08:53 AM

Now that you have properly posted a malware log topic, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on, the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.

Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users