Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blue Screen Of Death


  • Please log in to reply
10 replies to this topic

#1 bbben411

bbben411

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 05 April 2012 - 01:00 AM

Hello, I'm running Vista Home Premium 64bit. I'm very frustrated because starting about 6months ago I started getting BSOD very rarely. Now i'm seeing it repeatedly with many different error codes/messages. In addition to that, sometimes the screen will just turn black or even go blank with colored lines then it becomes unresponsive completely Some of the error messages are volsnap.sys, atikmdag.sys(a more common one), athrx.sys, tcpip.sys, win32k.sys. This happens as frequently as 10 times a day. I'm constantly restoring to an earlier point with system restore as it advises at the startup menu because the computer didn't shut down properly. I'm aware that a copy of my C:/Windows/Minidump may be requested but when I went to look at this folder, "This folder is empty" and I don't understand why. I didn't record the full error messages as I thought I could handle the problem eventually but I still have had no luck. These are some of the steps I have taken to fix this. The first thing I did a while back was run CCleaner and let the program deal with whatever registry errors it saw. This didn't improve anything at all. Just a few days ago while searching one of the error codes in Google, I came across another forum where somebody had recommended the program ParetoLogic PC Health Advisor. I used this program to scan my computer for; registry errors, defragment the C Drive and search for any possible driver updates. It found many registry errors and I let the program fix them. I also let the program find all driver updates which included the video card drivers, touchpad mouse drivers, wireless internet card drivers and sound drivers. I downloaded all the drivers it recommended. The following day it didn't blue screen at all, but the next morning it happened again. I don't know if it's a software or hardware issue but i'd sure like to find out. I have had viruses and malware in the past but I let Malwarebytes Anti-Malware quarantine and kill them. The worst of them was the 'System Tool Virus' which hid all my desktop folders, files and made all the programs in the start menu disappear. As you can see it's pretty bad and i'd like to get my lappy working again. I would greatly appreciate any input and thank you for giving my post a look.

BC AdBot (Login to Remove)

 


#2 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:09:45 PM

Posted 05 April 2012 - 05:51 AM

Hello, and :welcome: to the BC forums.

Is there any chance that the system is still infected with malware? If so, it may be best to start by running some scans for malware (we can move this topic to the Am I Infected? forum) ... if you can run the system long enough without it crashing. Have you tried running the system in Safe Mode? If so, does it have the same frequency of crashing when in Safe Mode?

Please .... while we are working do not run any registry "cleaner"/"error fixer" tool such as that provided by CCleaner or Paretologic (preferably do not use such tools at all, ever ***). I suggest un-installing Paretologic and getting rid of it completely.

CCleaner is a good general cleanup tool. However, by default it will delete the minidumps from the Minidump folder. I suggest either not using CCleaner at all until the problem is resolved, or changing the default settings so that it does not delete the minidumps.

I need some minidumps to work with! So, wait until the system crashes a few more times, and there are 3 or 4 (the more, the better) minidump files saved and then collect some information for me, along with the minidumps.

:step1: Please follow the instructions: BSOD Posting Instructions: Windows 7 - Vista

(Note: When you run BSOD_Windows7_Vista_v2.64_jcgriff2_.exe, it will also run autoruns.exe ... and both need to be in the same location!)
... with one exception in the following line:
  • "4. Zip up the entire output folder + PERFMON and attach the zip file to your next post."
The BC forums will allow a total attachment size of only 512 kb (and what you need to attach will exceed this limit). Please upload the zip file to a file sharing website of your choice and and post a link to it in this thread so that we can access your uploaded zip file. I will have a look at the contained information and see if I can shed some light on your BSOD issue.

See the suggestions in the following links for recommendations on file sharing websites:
  • http://lifehacker.com/388284/best-online-file-sharing-services
  • http://www.hongkiat.com/blog/15-great-free-online-file-sharing-alternatives/
  • http://www.smashingapps.com/2008/08/28/5-best-free-file-hosting-services-to-store-your-files.html

:step2: Please Publish a Snapshot using Speccy, and post a link to it in this thread.
  • It is a convenient and accurate way of providing us with details of your computer specifications.

:step3: Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • List Installed Programs
  • Click Go.
    When the scan is finished, a text file will open in a Notepad window.
  • Copy the entire contents of the Notepad window, and paste in your reply.
    (Result.txt will be saved in the same directory the tool is run.)

AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#3 bbben411

bbben411
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 05 April 2012 - 11:42 PM

Well first off I'd like to thank you my Aussie friend for such a quick reply! I am currently scanning for malware via Malwarebytes because the first time I tried it blue-screened. I understand you need the minidump files, I disabled CCleaner from removing these but when I went to check the minidump folder, empty... again! I'm not sure how to fix this. Following completing the Driver Verifier from step 1, the mouse is becoming unresponsive and then the computer just freezes as is. I'm not sure this has anything to do with it but just an observation. The Driver Verifier instructions from the link you provided also say "If the Driver Verifier (DV) finds a violation, it will result in a BSOD" It didn't blue screen and I was still able to log in properly. I've followed the instructions to the best of my ability and here are some of the results. Let me know if I've failed in some way.

Applicable questions from Step 1
· What was original installed OS on system? Vista
· Is the OS an OEM version (came pre-installed on system) or full retail version (YOU purchased it from retailer)? Yes
· Age of system (hardware) 2 1/2 Years
· Age of OS installation - have you re-installed the OS? No

I've put the results from the requested tests from step on In a folder at this link Test Results

Here is the Speccy link Speccy Link

And lastly, here is the MiniToolBox results:

MiniToolBox by Farbar Version: 18-01-2012
Ran by Benjamin (administrator) on 05-04-2012 at 21:35:12
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

=========================== Installed Programs ============================

µTorrent (Version: 1.8.2)
Agere Systems HDA Modem
AMD APP SDK Runtime (Version: 10.0.898.1)
AMD Catalyst Install Manager (Version: 3.0.868.0)
AMD Fuel (Version: 2012.0309.43.976)
Apple Mobile Device Support (Version: 3.4.0.25)
AT&T Communication Manager (Version: 6.8.104.0)
Bonjour (Version: 2.0.4.0)
ccc-utility64 (Version: 2012.0309.43.976)
CCleaner (Version: 3.17)
Driver Installer (Version: 2.2.0.536)
Google Chrome (Version: 18.0.1025.142)
HP MediaSmart SmartMenu (Version: 2.1.7)
iTunes (Version: 10.2.1.1)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Motorola Driver Installation (Version: 2.8.0)
MSVCRT Redists (Version: 1.0)
PeerGuardian 2.0 (Version: 2.1.0.2)
ProtectSmart Hard Drive Protection (Version: 3.10.1.7)
Recuva (Version: 1.40)
Speccy (Version: 1.16)
Synaptics Pointing Device Driver (Version: 15.3.29.0)
Vegas Pro 10.0 (64-bit) (Version: 10.0.470)
Winamp Detector Plug-in (Version: 1.0.0.1)

**** End of log ****

I'll have the Malwarebytes results as soon as the computer permits me to stay on without blue-screening.

Thanks again!

Edited by bbben411, 05 April 2012 - 11:46 PM.


#4 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:09:45 PM

Posted 06 April 2012 - 02:49 AM

... starting about 6months ago I started getting BSOD very rarely. Now i'm seeing it repeatedly with many different error codes/messages. In addition to that, sometimes the screen will just turn black or even go blank with colored lines then it becomes unresponsive completely Some of the error messages are volsnap.sys, atikmdag.sys(a more common one), athrx.sys, tcpip.sys, win32k.sys. This happens as frequently as 10 times a day.

I would like to get a look at some pictures of the screen when you get error messages (hopefully I will be able to read them) and other odd displays. Are you able to take some digital photos of the screen? If so, I'll ask you to post them:
  • Note: The BC forums have a limit of ONLY 512 MB on the TOTAL size of attachments allowed. It is therefore very useful and convenient to use a file hosting website to host your images that you wish to post. If you don't already use a file hosting website, then photbucket (free) is a good choice.
Posting a screenshot: How to insert an image in a forum post.

If you do not already have an image hosting web site, go to photobucket and create an account (free): Log in and upload your pic(s) .... you can make a special album to put them in if you wish.

Hover your mouse (mouse-over) the image that you wish to post: You will see some options appear below. Click on the link in the lowest option, labeled IMG code, and you will briefly see it change to "Copied". Now paste that link (it will be enclosed by "img" tags) where you want it in your post.

See also the following links:

Inserting An Image Within A Post

How To Capture And Edit A Screen Shot

See tutorial by Grinler: How to take and share a screen shot in Windows
AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#5 bbben411

bbben411
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 06 April 2012 - 04:50 AM

Alright well I have some photos of the BSODs from my phone camera, next time it happens i'll catch it my digital camera. Some of the photos exclude the full numbers and some the whole screen is visible.

Here are all 10 I've captured, sorry about the quality.

Posted Image

Posted Image

Posted Image

Posted Image

Posted Image

Posted Image

Posted Image

Posted Image

Posted Image

Posted Image

Next time I will try to capture them better. Thanks again, I really appreciate your effort in helping me.

#6 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:09:45 PM

Posted 06 April 2012 - 05:02 AM

You have been having a good time!!!

No need for better than that: Excellent!

More thinking time required here. I fear you are going to give me more gray hair with this one.
AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#7 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:09:45 PM

Posted 06 April 2012 - 05:14 AM

Please test the system in Safe Mode with networking and let me know how it behaves.
  • Any different?
First things that come to mind right now are either malware or RAM problem .... and I am leaning toward it being a malware problem.

How did you go with MBAM (Malwarebytes)?

Have you tried scanning with MBAM in Safe Mode? Run a Quick scan. Don't forget to update the definitions before scanning. Post the log when it completes.

Edited by AustrAlien, 06 April 2012 - 05:16 AM.

AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#8 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:09:45 PM

Posted 06 April 2012 - 05:28 AM

Re: Driver Verifier
I note that in your second post, you say you enabled Driver Verifier.

This is only of any benefit if the BSODs are being caused by a particular driver, and otherwise is of no benefit.

It is normal to run DV for 24 to 36 hours in an effort to produce a system crash with a driver flagged by DV. The BSOD will show the crash being VERIFIER_ENABLED if that is the case. If that doesn't happen, then DV is of no use and you should TURN IT OFF.
  • ***Do not forget to turn DV off when you have finished with it.***

AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#9 bbben411

bbben411
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 09 April 2012 - 12:00 AM

Ok, Sorry about the delay, I'm going to let the computer run in safe mode now for a few hours and let you know how it goes but more importantly it seems MBAM has found 2 potential threats, here is the log. Before I let MBAM annihilate them I think your opinion would be most important. The lappy is really almost impposible to use at this point without blue-screening or freezing with lines through the screen. Thanks again for the help and sorry about the gray hairs my friend.

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.04.09.01

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Benjamin :: BENJAMIN-PC [administrator]

4/8/2012 9:45:24 PM
mbam-log-2012-04-08 (21-53-27).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 236922
Time elapsed: 7 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\SOFTWARE\VÍTIMA (Backdoor.Trace) -> No action taken.

Registry Values Detected: 1
HKCU\Software\vítima|FirstExecution (Backdoor.Trace) -> Data: 13/02/2010 -- 02:18 -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#10 AustrAlien

AustrAlien

    Inquisitor


  • Members
  • 6,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cowra NSW Australia
  • Local time:09:45 PM

Posted 09 April 2012 - 01:45 AM

... freezing with lines through the screen.

Sounds like a hardware problem ???? Any chance of a pic?

Go ahead and remove the detected items with MBAM. I don't think that will make any difference to the problems you are encountering.
AustrAlien
Google is my friend. Make Google your friend too.

Posted Image

#11 bbben411

bbben411
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 09 April 2012 - 02:55 AM

I have a a pic of the screen when it freezes, i'll also go ahead and remove those items. I've have 2 more BSOD photos if it helps (of catastrophic looking blue-screens :/) Once again, thank you very much for the help.

Posted Image

Posted Image

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users