Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blue Screen Related to TCPIP.SYS Driver


  • Please log in to reply
28 replies to this topic

#1 New2malware

New2malware

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:21 AM

Posted 16 February 2015 - 04:36 PM

Hello,

 

I hope I'm posting this to the right forum.

 

First off, I'd like to thank the posters here for valuable guidance in months past.

 

I've been getting repeated Blue Screens (averaging 2 to 8 per day) and using BlueScreenView, they seem to be caused by the driver for tcpip.sys.

 

I'm wondering how to best inform the folks on this board so that I might benefit from your advice?

 

Thanks so much.

 

P.S. I'm a girl.  An OLD girl! :)



BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,607 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:12:21 PM

Posted 16 February 2015 - 05:21 PM

Hi New2malware :)

In order to see what is causing these BSODs, we'll need to analyze your minidumps logs.

Inxv2xa.pngBSOD Minidumps
Follow the instructions below to get and upload your BSOD minidumps so I can analyze them:
  • Create a new folder on your Desktop called dumps;
  • Go in your C:\windows\minidump folder, copy every files inside then paste them in your dumps folder;
  • Right-click on the dumps folder, select Send to then Compressed (zipped) folder;
  • Attach the compressed folder (archive) to your next reply and post it;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 New2malware

New2malware
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:21 AM

Posted 16 February 2015 - 06:02 PM

Thanks so much!

 

I shall upload shortly, but a question about privacy.  Will the files be posted here and if so, is there any personal information in them (normally)?

 

Thanks again!



#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,607 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:12:21 PM

Posted 16 February 2015 - 07:08 PM

There's no exploitable personal information in the minidump files, so you don't have to worry about their content :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 New2malware

New2malware
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:21 AM

Posted 16 February 2015 - 07:45 PM

Thanks!

 

Hope I did this right.  Attaching the file.  I had to delete some of the .dmp files because otherwise the .zip folder would be too large to upload.  Several days are covered, though, and it's essentially the same error every time.

 

By the way, I'm running both Malware Bytes Pro and McAfee.  I've read elsewhere that the two don't play well together, but I've had no OBVIOUS problems with them.Attached File  Dumps.zip   323.79KB   4 downloads

 

 



#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,607 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:12:21 PM

Posted 16 February 2015 - 07:49 PM

Can you upload the most recent ones? The most recent dump I have are from the 9th. You can upload the whole archive to ge.tt and post the download link here if it's too big. I would like to have all the minidumps.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 New2malware

New2malware
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:21 AM

Posted 17 February 2015 - 12:21 PM

Thanks for responding!

 

For some reason, there are no newer .dmp files in the windows/minidumps folder than the 9th.

 

No clue why that is.

 

If it helps, at all, all crashes had the same messages as follows:

 

Problem signature:
  Problem Event Name:    BlueScreen
  OS Version:    6.1.7601.2.1.0.256.48
  Locale ID:    1033

Additional information about the problem:
  BCCode:    19
  BCP1:    0000000000000020
  BCP2:    FFFFFA800BFB7D00
  BCP3:    FFFFFA800BFB7D20
  BCP4:    0000000004020014
  OS Version:    6_1_7601

 

What's strange about this is that with no programs running, the computer will crash about once every 24 hours or so.  If programs are running, it will usually crash more often. 

 

Thanks again for your help!



#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,607 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:12:21 PM

Posted 17 February 2015 - 12:22 PM

Alright, can you make sure that Windows is set to create minidumps on BSOD?

http://www.sevenforums.com/tutorials/174459-dump-files-configure-windows-create-bsod.html

You want to pick "6. To have Windows Create a Small memory dump (Minidump) File on BSOD".

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 New2malware

New2malware
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:21 AM

Posted 17 February 2015 - 01:09 PM

Alright, can you make sure that Windows is set to create minidumps on BSOD?

http://www.sevenforums.com/tutorials/174459-dump-files-configure-windows-create-bsod.html

You want to pick "6. To have Windows Create a Small memory dump (Minidump) File on BSOD".

 

I really so much appreciate your response to my plea for help.  Is this the correct instruction?  To have Windows Create a Small memory dump (Minidump) File on BSOD (etc.)

 

Also...I'm fearful of creating new problems when trying to solve existing ones.  Is there anything that can go wrong if I do this?


Edited by New2malware, 17 February 2015 - 01:11 PM.


#10 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,607 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:12:21 PM

Posted 17 February 2015 - 01:10 PM

Yes, these are the correct instructions. Let me know once you have followed them.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#11 New2malware

New2malware
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:21 AM

Posted 17 February 2015 - 01:29 PM

Alrighty.  'Tis done.

 

Now that I've enabled that diagnostic, I'm guessing the computer will stop crashing, right?  (Just kidding, of course).

 

Seriously, why did the system STOP creating .dmp files?  Any idea?

 

Also, should I anticipate any other problems as a result of making this switch?

 

Thanks again!



#12 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,607 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:12:21 PM

Posted 17 February 2015 - 01:32 PM

Probably because it didn't have time to dump the memory to a file. Now we'll wait for one or two more BSODs so I can take a look at the dumps.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#13 New2malware

New2malware
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:21 AM

Posted 17 February 2015 - 01:38 PM

Thanks!

 

I'll be b-a-c-c-c-c-k-k-k-

 

:)



#14 New2malware

New2malware
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:21 AM

Posted 18 February 2015 - 03:08 PM

Well, my computer has been playing nicely since I last posted here.  Until a few minutes ago.

 

Oddly, though, there was no mini dump created even though I took the steps you outlined.    I'm going to double check that I did it right.

 

In the meantime, when my computer booted up again I got a message from McAfee virus software that my Firewall was off.  Wondering what was up with THAT?

 

I'll be back after I check the state of things.



#15 New2malware

New2malware
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:21 AM

Posted 18 February 2015 - 03:12 PM

OK.  I checked the system properties application and I indeed did it right.

 

Perhaps this time around, a .dmp file was not created because the system immediately shut down (went to black) and restarted without a BSOD?

 

Hope things aren't getting worse.

 

Again, wondering about that firewall being turned off.

 

Thanks again for your help!


Edited by New2malware, 18 February 2015 - 03:13 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users