Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Frequent BSOD events in past 2 weeks + malware


  • Please log in to reply
10 replies to this topic

#1 ComputerJinx

ComputerJinx

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:California
  • Local time:10:11 AM

Posted 22 April 2016 - 04:24 PM

I’ve had a few BSOD events in the last 2 weeks.  Before posting in this forum, I wanted to make sure that my computer was absolutely clean.  Malwarebytes revealed some new “outbound” malicious website malware associated with my Opera and Chrome browsers that I wasn’t able to successfully uninstall.  I went to BC’s virus removal forum and received assistance, but was still having trouble.  I think my machine is clean now but I can’t be sure because the last time I ran the Junkware Removal Tool as instructed, it caused another BSOD event.  I was referred to this forum.  [Please see http://www.bleepingcomputer.com/forums/t/611498/unable-to-remove-94982c5b634975e5010ce96082d2827adsk2co-and-terraclickscom/ for that history.]

 

Recent problems

  • Can't build/rebuild index
  • App hangs
  • Can't set a restore point
  • Intermittent error message when trying to open MS Word by clicking on a Word document
  • Can’t install Windows updates [not trying to install Windows 10 yet]

Copies of the zip files requested in the instructions for posting to this forum are attached.

 

ANSWERS TO QUESTIONS ABOUT COMPUTER AND SYSTEM

OS: 

Operating System

            Windows 7 Professional 64-bit SP1

            Computer type: Desktop

            Installation Date: 11/18/2014 5:17:52 PM

            Serial Number: BBR9J-RK4C6-KRCR6-T3M49-Q7QPV

            Windows Security Center

            User Account Control (UAC)     Enabled

            Notify level      2 - Default

            Firewall            Enabled

            Windows Update

            AutoUpdate      Notify prior to download

            Windows Defender

            Windows Defender       Enabled

            Antivirus

            Antivirus          Enabled

            Company Name           AVAST Software

            Display Name  avast! Antivirus

            Product Version           11.1.2253

            Virus Signature Database         Up to date

            .NET Frameworks installed

            v4.5 Full

            v4.5 Client

            v3.5 SP1

            v3.0 SP2

            v2.0 SP2

            Internet Explorer

            Version            11.0.9600.17914

            PowerShell

            Version            2.0

            Java

            Java Runtime Environment

                        Path     C:\Program Files\Java\jre1.8.0_77\bin\java.exe

                        Version            8.0

                        Update 77

                        Build    03

            Environment Variables

            USERPROFILE    C:\Users\Owner

            SystemRoot      C:\Windows

            User Variables

            Machine Variables

            Power Profile

            Active power scheme   High performance

            Hibernation      Enabled

            Turn Off Monitor after: (On AC Power) 20 min

            Turn Off Hard Disk after: (On AC Power)          Never

            Suspend after: (On AC Power)  Never

            Screen saver     Enabled

            Uptime

            Current Session

                        Current Time    4/22/2016 1:31:46 PM

                        Current Uptime            143,749 sec (1 d, 15 h, 55 m, 49 s)

                        Last Boot Time 4/20/2016 9:35:57 PM

            Security Options

            Accounts: Administrator account status         Disabled

                        Accounts: Guest account status          Disabled

                        Accounts: Limit local account use of blank passwords to console logon only            Disabled

                        Accounts: Rename administrator account       Administrator

                        Accounts: Rename guest account        Guest

                        Audit: Audit the access of global system objects        Disabled

                        Audit: Audit the use of Backup and Restore privilege  Disabled

                        Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings           Not Defined

                        Audit: Shut down system immediately if unable to log security audits           Disabled

                        DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax         Not Defined

                        DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax        Not Defined

                        Devices: Allow undock without having to log on         Enabled

                        Devices: Allowed to format and eject removable media           Not Defined

                        Devices: Prevent users from installing printer drivers Disabled

                        Devices: Restrict CD-ROM access to locally logged-on user only       Disabled

                        Devices: Restrict floppy access to locally logged-on user only           Not Defined

                        Domain controller: Allow server operators to schedule tasks  Not Defined

                        Domain controller: LDAP server signing requirements            Not Defined

                        Domain controller: Refuse machine account password changes         Not Defined

                        Domain member: Digitally encrypt or sign secure channel data (always)        Enabled

                        Domain member: Digitally encrypt secure channel data (when possible)        Enabled

                        Domain member: Digitally sign secure channel data (when possible) Enabled

                        Domain member: Disable machine account password changes           Disabled

                        Domain member: Maximum machine account password age  30 days

                        Domain member: Require strong (Windows 2000 or later) session key           Enabled

                        Interactive logon: Display user information when the session is locked         Not Defined

                        Interactive logon: Do not display last user name         Disabled

                        Interactive logon: Do not require CTRL+ALT+DEL       Not Defined

                        Interactive logon: Message text for users attempting to log on

                        Interactive logon: Message title for users attempting to log on

                        Interactive logon: Number of previous logons to cache (in case domain controller is not available)   10 logons

                        Interactive logon: Prompt user to change password before expiration            5 days

                        Interactive logon: Require Domain Controller authentication to unlock workstation  Disabled

                        Interactive logon: Require smart card  Disabled

                        Interactive logon: Smart card removal behavior           No Action

                        Microsoft network client: Digitally sign communications (always)      Disabled

                        Microsoft network client: Digitally sign communications (if server agrees)    Enabled

                        Microsoft network client: Send unencrypted password to third-party SMB servers     Disabled

                        Microsoft network server: Amount of idle time required before suspending session  15 minutes

                        Microsoft network server: Digitally sign communications (always)     Disabled

                        Microsoft network server: Digitally sign communications (if client agrees)    Disabled

                        Microsoft network server: Disconnect clients when logon hours expire          Enabled

                        Microsoft network server: Server SPN target name validation level      Not Defined

                        Network access: Allow anonymous SID/Name translation      Disabled

                        Network access: Do not allow anonymous enumeration of SAM accounts      Enabled

                        Network access: Do not allow anonymous enumeration of SAM accounts and shares            Disabled

                        Network access: Do not allow storage of passwords and credentials for network authentication            Disabled

                        Network access: Let Everyone permissions apply to anonymous users           Disabled

                        Network access: Named Pipes that can be accessed anonymously

                        Network access: Remotely accessible registry paths            System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion

                     

                        Recovery console: Allow automatic administrative logon        Enabled

                        Recovery console: Allow floppy copy and access to all drives and all folders Enabled

                        Shutdown: Allow system to be shut down without having to log on   Enabled

                        Shutdown: Clear virtual memory pagefile        Disabled

                        System cryptography: Force strong key protection for user keys stored on the computer      Not Defined

                        System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing   Disabled

                        System objects: Require case insensitivity for non-Windows subsystems      Enabled

                        System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)            Enabled

                        System settings: Optional subsystems            Posix

                        System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies            Disabled

                        User Account Control: Admin Approval Mode for the Built-in Administrator account Disabled

                        User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop           Disabled

                        User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode            Prompt for consent for non-Windows binaries

                        User Account Control: Behavior of the elevation prompt for standard users   Prompt for credentials

                        User Account Control: Detect application installations and prompt for elevation       Enabled

                        User Account Control: Only elevate executables that are signed and validated           Disabled

                        User Account Control: Only elevate UIAccess applications that are installed in secure locations            Enabled

                        User Account Control: Run all administrators in Admin Approval Mode          Enabled

                        User Account Control: Switch to the secure desktop when prompting for elevation   Enabled

                        User Account Control: Virtualize file and registry write failures to per-user locations            Enabled

                        Device Tree

                        ACPI x64-based PC

                        Microsoft ACPI-Compliant System

                        ACPI Fixed Feature Button

                        ACPI Power Button

                        Intel 82802 Firmware Hub Device

                        Intel Core i5 CPU 760 @ 2.80GHz

                        Intel Core i5 CPU 760 @ 2.80GHz

                        Intel Core i5 CPU 760 @ 2.80GHz

                        Intel Core i5 CPU 760 @ 2.80GHz

                        System board

                        PCI bus

                                    Intel 5 Series/3400 Series Chipset Family PCI Express Root Port 1 - 3B42

                                    Intel 5 Series/3400 Series Chipset Family SMBus Controller - 3B30

                                    Intel 82801 PCI Bridge - 244E

                                    Intel Management Engine Interface

                                    Intel processor DMI - D131

                                    Intel processor Miscellaneous Registers - D158

                                    Intel processor Semaphore and Scratchpad Registers - D156

                                    Intel processor System Control and Status Registers - D157

                                    Intel processor System Management Registers - D155

                                    Intel QuickPath Interconnect - D150

                                    Intel QuickPath Interconnect - D151

                                    Motherboard resources

                                    Intel® processor PCI Express Root Port 1 - D138

                                    Standard Universal PCI to USB Host Controller

                                    Standard Universal PCI to USB Host Controller

                                    Standard Universal PCI to USB Host Controller

                                    Standard Enhanced PCI to USB Host Controller

                                    High Definition Audio Controller

                                    Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 5 - 3B4A

                                    Intel® 5 Series/3400 Series Chipset Family PCI Express Root Port 6 - 3B4C

                                    Standard Universal PCI to USB Host Controller

                                    Standard Universal PCI to USB Host Controller

                                    Standard Universal PCI to USB Host Controller

                                    Standard Enhanced PCI to USB Host Controller

                                    Intel® H55 Express Chipset LPC Interface Controller - 3B06

                                    Standard Dual Channel PCI IDE Controller

                                    Standard Dual Channel PCI IDE Controller

 

 

64-bit

Original installed OS:  Windows 7 Professional, SP1

OEM or Full retail?   Not sure - see below

Age of hardware:                  Most is 6 years old, but some parts replaced like power supply, fan, and hard drive

Age of OS Installation:       11/18/14  5:17:52pm

CPU:

Intel Core i5 760

            Cores   4

            Threads            4

            Name   Intel Core i5 760

            Code Name      Lynnfield

            Package           Socket 1156 LGA

            Technology      45nm

            Specification                Intel Core i5 CPU 760 @ 2.80GHz

            Family  6

            Extended Family          6

            Model   E

            Extended Model           1E

            Stepping          5

            Revision           B1

            Instructions     MMX, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, Intel 64, NX, VMX

            Virtualization   Supported, Disabled

            Hyperthreading            Supported, Disabled

            Fan Speed        1748 RPM

            Bus Speed        132.3 MHz

            Rated Bus Speed          2380.8 MHz

            Stock Core Speed         2800 MHz

            Stock Bus Speed          133 MHz

            Average Temperature   52 °C

                        Caches

                                    L1 Data Cache Size      4 x 32 KBytes

                                    L1 Instructions Cache Size       4 x 32 KBytes

                                    L2 Unified Cache Size  4 x 256 KBytes

                                    L3 Unified Cache Size  8192 KBytes

                        Cores

                                                Core Speed       Multiplier         Bus Speed        Rated Bus Speed          Temperature            Threads

                                    Core 0  3174.3 MHz     x 24.0  132.3 MHz       2380.8 MHz     52 °C    APIC ID: 0

                                    Core 1  3306.6 MHz     x 25.0  132.3 MHz       2380.8 MHz     51 °C    APIC ID: 2

                                    Core 2  3306.6 MHz     x 25.0  132.3 MHz       2380.8 MHz     52 °C    APIC ID: 4

                                    Core 3  3306.6 MHz     x 25.0  132.3 MHz       2380.8 MHz     51 °C    APIC ID: 6

Video Card:

                        ATI Radeon X300/X550/X1050 Series (Microsoft Corporation - WDDM)

                                    Manufacturer   ATI

                                    Model   Radeon X300/X550/X1050 Series (Microsoft Corporation - WDDM)

                                    GPU      RV370

                                    Device ID         1002-5B60

                                    Subvendor        ATI (1002)

                                    Series   Radeon X

                                    Current Performance Level       Level 0

                                    Transistors      75 M

                                    Release Date    2004

                                    DirectX Support           9.0

                                    DirectX Shader Model   2.0

                                    OpenGL Support           2.0

                                    Bios Core Clock           324.00

                                    Bios Mem Clock           196.00

                                    Driver version  8.56.1.16

                                    BIOS Version    113-AA31300-100

                                    ROPs    4

                                    Shaders            Vertex 4/Pixel 42

                                    Memory Type   DDR

                                    Memory            128 MB

                                    Bus Width        64 (64 bit)

                                    Anti Aliasing Modes     2xRGMS, 2x2T SGMS, 2x3T SGMS, 4x2T SGMS, 4x3T SGMS, 6x2T SGMS, 6x3T SGMS, Gamma, 6xSGMS, 4xRGMS

                                    Filtering Modes            Bilinear, Trilinear, 16x Anisotropic

                                    Noise Level      Silent

                                                Count of performance levels : 1

                                                            Level 1 - "Perf Level 0"

                        ATI Radeon X300/X550/X1050 Series Secondary (Microsoft Corporation - WDDM)

                                    Manufacturer   ATI

                                    Model   Radeon X300/X550/X1050 Series Secondary (Microsoft Corporation - WDDM)

                                    GPU      RV370

                                    Device ID         1002-5B70

                                    Subvendor        ATI (1002)

                                    Current Performance Level       Level 0

                                    Transistors      75 M

                                    Release Date    2004

                                    DirectX Support           9.0

                                    DirectX Shader Model   2.0

                                    OpenGL Support           2.0

                                    Driver version  8.56.1.16

                                    ROPs    4

                                    Shaders            Vertex 4/Pixel 42

                                                Count of performance levels : 1

 

                                                            Level 1 - "Perf Level 0"

 

Motherboard:

Motherboard

            Manufacturer   Gigabyte Technology Co. Ltd.

            Model   H55M-S2H (Socket 1156)

            Version            x.x

            Chipset Vendor            Intel

            Chipset Model  DMI Host Bridge

            Chipset Revision          11

            Southbridge Vendor     Intel

            Southbridge Model       H55

            Southbridge Revision   06

            System Temperature    38 °C

                        BIOS

                                    Brand   Award Software International Inc.

                                    Version            F3

                                    Date     8/20/2010

                        Voltage

                                    CPU CORE        0.976 V

                                    MEMORY CONTROLLER            1.568 V

                                    +3.3V  3.392 V

                                    +5V     5.000 V

                                    +12V   3.776 V

                                    -12V    -12.480 V

                                    -5V      -0.832 V

                                    +5V HIGH THRESHOLD            3.602 V

                                    CMOS BATTERY            3.216 V

                                    CPU      1.184 V

                        PCI Data

                                                Slot PCI

                                                            Slot Type          PCI

                                                            Slot Usage        Available

                                                            Bus Width        32 bit

                                                            Slot Designation          PCI

                                                            Characteristics 5V, 3.3V, PME, SMBus

                                                            Slot Number     0

                                                Slot PCI

                                                            Slot Type          PCI

                                                            Slot Usage        Available

                                                            Bus Width        32 bit

                                                            Slot Designation          PCI

                                                            Characteristics 5V, 3.3V, PME, SMBus

                                                            Slot Number     1

 

Power Supply – Brand & wattage: Don’t know, and don’t know where to find it.  Not more than 2 years old.  Computer now connected through UPS system. [Had power quality problems that fried the hard drive.]

 

RAM

                        Memory slots

                                    Total memory slots      4

                                    Used memory slots      2

                                    Free memory slots       2

                        Memory

                                    Type     DDR3

                                    Size      4096 MBytes

                                    Channels #       Dual

                                    DRAM Frequency          662.4 MHz

                                    CAS# Latency (CL)        9 clocks

                                    RAS# to CAS# Delay (tRCD)      9 clocks

                                    RAS# Precharge (tRP)    9 clocks

                                    Cycle Time (tRAS)         24 clocks

                                    Command Rate (CR)     1T

                        Physical Memory

                                    Memory Usage 50 %

                                    Total Physical  3.96 GB

                                    Available Physical        1.96 GB

                                    Total Virtual     7.92 GB

                                    Available Virtual          4.73 GB

                        SPD

                                    Number Of SPD Modules          2

                                                Slot #1

                                                            Type     DDR3

                                                            Size      2048 MBytes

                                                            Manufacturer   STT

                                                            Max Bandwidth            PC3-10700H (667 MHz)

                                                            Part Number     SUPERTALENT

                                                                        Timing table

                                                                                                Frequency        CAS# Latency   RAS# To CAS#  RAS# Precharge         tRAS     tRC       Voltage

                                                                                    JEDEC #1          444.4 MHz       6.0       6          6          16        22            1.500 V

                                                                                    JEDEC #2          518.5 MHz       7.0       7          7          19        26            1.500 V

                                                                                    JEDEC #3          592.6 MHz       8.0       8          8          22        30            1.500 V

                                                                                    JEDEC #4          666.7 MHz       9.0       9          9          24        33            1.500 V

                                                                                    JEDEC #5          666.7 MHz       10.0     9          9          24        33            1.500 V

                                                Slot #2

                                                            Type     DDR3

                                                            Size      2048 MBytes

                                                            Manufacturer   STT

                                                            Max Bandwidth            PC3-10700H (667 MHz)

                                                            Part Number     SUPERTALENT

                                                                        Timing table

                                                                                                Frequency        CAS# Latency   RAS# To CAS#  RAS# Precharge         tRAS     tRC       Voltage

                                                                                    JEDEC #1          444.4 MHz       6.0       6          6          16        22            1.500 V

                                                                                    JEDEC #2          518.5 MHz       7.0       7          7          19        26            1.500 V

                                                                                    JEDEC #3          592.6 MHz       8.0       8          8          22        30            1.500 V

                                                                                    JEDEC #4          666.7 MHz       9.0       9          9          24        33            1.500 V

 

                                                                                    JEDEC #5          666.7 MHz       10.0     9          9          24        33            1.500 V

 

System Manufacturer:         Tech-Powered Computers

Exact model number:           Not applicable

Laptop or Desktop:              Desktop

 

Thank you for your assistance.  I look forward to hearing from you.

 

Attached Files



BC AdBot (Login to Remove)

 


#2 ComputerJinx

ComputerJinx
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:California
  • Local time:10:11 AM

Posted 22 April 2016 - 10:41 PM

I have been attempting to run the programs listed in the instructions while I wait for a response to my first post, but things are continuing to deteriorate.

I ran verifier from the command prompt using administrator rights.  It generated a BSOD.  I have a copy of the dmp file, but could not find the Windows Error Report associated with it.  I also could not find a file with the text "verifi" in its name that might have been created during the appropriate time period.  I can share the problem signature information and upload the dmp file if needed.

I then moved on to the HDD diagnostics.  First, SetupImgBurn_2.5.8.0.exe, downloaded from the imageburn website listed on BC website was infected with OpenCandy PUP, at least according to Malwarebytes, but not according to Avast.  Then, the following happened "error while trying to get to hdd websiteIt."  When I tried to use imgburn, it, too, just generated a BSOD event.  I was not able to capture all of the Problem Signature information because dialog boxes were not always available on reboot.  Here is what I have from my notes as reasons for the three subsequent crashes:

  1. MULTIPLE_IRP_COMPLETE_REQUESTS
    Technical Information
    *** Stop:  0x00000044 (0xFFFFF980838F6AB0, 0X0000000000000346, 0X0000000000000000, 0X0000000000000000)
  2. A device driver attempting to corrupt the system has been caught.  The faulty drive currently on the kernel stack must be replaced with a working version.
  3. win32k.sys
    PAGE_FAULT_IN_NONPAGED_AREA
    ***Stop:  0x00000050 (0xFFFF000000000000C, 0X0000000000000000, 0XFFFFF96000087B56, 0X0000000000000000)
    *** win32k.sys - Address FFFFF96000087B56 base at FFFFF96000060000, Date Stamp 558bc272

I will make no further attempts to execute the list of tasks to be completed while waiting for a response from an advisor.

Additional information

 

Event viewer system logs list the following types of errors for today:
System control manager
Ntfs
Distributed COM
Event log
Bug Check
IPRIP
SNMP
Windows media player

Event viewer application logs list the following types of errors for today:
WMI

Event viewer logs of types of critical administrative events:
DriverFrameworks - UserMode
Kernel-Power

Event viewer logs of types of administrative error events:
CAP12
Ntfs
Service Control Manager
WMI
DistributedCOM
Event Log
SNMP
Print service
ESENT
Kernel Event-tracing
Application hang
Application error


Writing from safe mode......
 

[BTW, it took me 33 minutes just to load this web page.]

 

Optimistically waiting for help.....

Thank you.



#3 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:41 PM

Posted 24 April 2016 - 05:02 AM

Hi ComputerJinx & Welcome to the forums ^_^,

 

 

Unfortunately, there are no dump files for me to analyze. I see that there are lots of problems as per the Event Logs. There are lots of application errors and lots of System Errors as well.

 

You mentioned that the system's hard drive was fried because of quality problem with power supply. There is a possibility that it could have affected other parts of the system as well. 

 

Also, till the time I don't ask for it, please disable Driver Verifier by typing in the following command in command prompt (CMD.exe) -

verifier.exe /reset

 

Once you have disabled Driver Verifier, please see if you could update your Windows using the Windows Update.

 

Kindly get started with the below free hardware diagnostics (Thanks usasma!) -

http://www.carrona.org/hwdiag.html

 

Also, kindly run the below tool (created by me) and please upload the ZIP file it generates -

http://omgdebugging.com/bsod-inspector/

 

 

Let me know how it goes ^_^

 

 

Have a nice day!

 

Regards,

Pranav


Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#4 ComputerJinx

ComputerJinx
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:California
  • Local time:10:11 AM

Posted 26 April 2016 - 06:25 PM

I apologize for the delay in my response.  Some of these tasks took longer to perform than expected.  Please know that I appreciate your help. 

 

COMMENTS

  1. I turned off verifier.
  2. I didn’t know you wanted dmp files.  The most recent ones are attached.
  3. It took a very long time to run Windows updates [2 days].  My computer is very slow right now and downloads didn’t work unless every other program was closed and nothing else was running.  The only outstanding update is Windows 10, which I don’t want right now because of associated costs for upgraded software.
  4. If I have any hardware problems, I doubt that they resulted from the previously fried drive.  The tech guys who replaced the drive tested all the other components at the time.  In addition, the machine has been running well for the last 1.5 years since that happened. [Since that time I have been running my computer through a battery backup/UPS system.]  I've only experienced BSOD problems during the last 2-3 weeks.
  5. I find the page http://www.carrona.org/hwdiag.html terribly confusing.  I ran the tests on the internal and external hard drives and the memory.
    • Hard drive tests.
      The Seagate program seems to have a PUP attached, at least according to Malwarebytes.  See attached.

      The Western Digital program I used does not test USB drives.  It also doesn’t seem to produce a printable report.  I’ve attached a jpg of the report for the internal hard drive and a summary report that includes all the hard drives [not USB drives]..  Please let me know if you want more detailed information by drive.  I can generate jpgs of those, too.  I ran the extended tests. 
       
    • Memory Tests

I ran the memory test.  Here are the results:

4-26-16

MemTest86 v4.20

Intel Core i5i7 2800 MHz

L1 cache 32k  93334 MB/s

L2 cache 256k 36842 MB/s

L3 cache 8192k 27457 MB/s

Memory: 4056 M 11428 MB/s

Chipset: Core IMC (ECC:Disabled)/BCLK: 133 MHz

Settings: RAM:666 MHz (DDR3-1333)/CAS: 9-9-9-24/Dual Channel

 

Wall Time:        4:40:47

Cached:          4056M

RSVd Mem      12k

Mem Map         e820

Cache:             on

ECC:                off

Test:                Std

Pass:               6

Errors:             3

ECCErrs:         0

 

Test          7

Pass         4

Failing Address            0002f529dd8-757.1MB

Good        ac55f9bc

Bad           ac54f9bc

Err-Bits    10000

Count       1

Chan        

 

Test          6

Pass         6

Failing Address            0002f519d98-757.0 MB

Good        ffffffbf

Bad           fffeffbf

Err-Bits    10000

Count       2

Chan         

 

Test          7

Pass         6

Failing Address            0002f529dd8-757.1MB

Good        69533846

Bad           69523846

Err-Bits    10000

Count       3

Chan       

A photo of the screen is also attached.

  • Final question regarding the http://www.carrona.org/hwdiag.html website.  Do you want me to install and run a temperature-monitoring program?  What about video card, video memory, artifact locator [whatever that is…], CPU, and “other” stress tests listed on that web page?  Please clarify.

6.  A copy of the results generated by your program is also attached. 

 

7.  Finally, please let me know if anything you ask me to do will erase any of my files.  The last time I worked with BC, my recycle bin was emptied without my knowledge. 

 

Thank you so very much for your help.  I look forward to hearing from you.

 

 

Attached Files



#5 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:41 PM

Posted 27 April 2016 - 12:39 AM

Hi ComputerJinx ^_^,

 

No need to apologize for the delay :)

 

Thanks a lot for attaching the screenshots. As per the screenshot of MemTest, there are errors in the RAM which is causing the BSODs. 

 

Kindly follow the below steps -

  1. If you are overclocking your system, please stop immediately and reset your BIOS settings. If you are not overclocking the system, please make sure that XMP is disabled in BIOS settings (If there is such an option).
  2. I see that you have 2 modules of RAM installed in the system. Please test your system with only 1 RAM module installed in the system using MemTest and see if any errors occur. If errors occur in a RAM module, try switching the RAM slot and run the Memtest again to make sure that the slots are not bad.

 

Once you have determined the bad RAM module, you would have to replace it. But, first please make sure that the system is stable when the damaged RAM is removed.

 

Let me know how it goes ^_^

 

 

-Pranav


Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#6 ComputerJinx

ComputerJinx
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:California
  • Local time:10:11 AM

Posted 27 April 2016 - 01:47 AM

Hello Pranav,
 
You are giving me too much credit!  I thought this forum was for novices.  I do not know what overclocking is.  I know how to get into the BIOS, however.  I found something under CMOS Setup Utility: Response enhancement.  It was set at “turbo,” so I reset it to “standard.”  Is that what you wanted me to do?
 
I looked of XMP in BIOS, but couldn’t find it.  Maybe I didn’t look in the correct place.  Where am I likely to find it?
 
How do I test my system with only 1 RAM module?  Is there a way to do this through DOS commands or something?
Are you expecting me to take apart my machine?  I don't know what a RAM Module looks like and I’ve never taken apart a computer.  Is there a video somewhere that can show me what to do?  [I’d look for one myself, but I have no way to judge whether such a video is giving correct instructions.]
 
Sorry--- I doubt this was the response you expected. 
Thank you.


#7 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:41 PM

Posted 27 April 2016 - 03:28 PM

Hi ComputerJinx ^_^,

 

 

Sorry for the confusing and hard to understand instructions. I can provide you with the links to videos showing on how to take apart the machine but since you have never opened up the machine, the best advice I could give you is that take the system to a PC Repair shop and tell them about the RAM being bad and ask them to check it out.

 

If you would like to open up the system and then do the checking yourself, I would be more than happy to guide you so just let me know :)

 

 

-Pranav


Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#8 ComputerJinx

ComputerJinx
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:California
  • Local time:10:11 AM

Posted 27 April 2016 - 10:12 PM

1.   Thank you for your offer.  I am thinking about it.  I need a bit more information before I decide.  If you can guide me through the checking process with videos, can you also tell me what to buy to replace faulty parts, how to install them, and how to make sure my machine then runs smoothly without losing all my data in the process?  If all that is quite complicated, then I might be better off taking the computer into the shop for repairs.  Please share your opinion.

 

2.  After the RAM is repaired/replaced, are there "next steps" to determine whether there are also software issues leading to BSOD events?

 

Thank you. 



#9 ComputerJinx

ComputerJinx
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:California
  • Local time:10:11 AM

Posted 27 April 2016 - 11:11 PM

Immediately after my last post to you, my computer had another BSOD event.  The main error was BAD_POOL_CALLER.  Here is the information:
 
Problem signature:
  Problem Event Name: BlueScreen
  OS Version: 6.1.7601.2.1.0.256.48
  Locale ID: 1033
 
Additional information about the problem:
  BCCode: c2
  BCP1: 0000000000000007
  BCP2: 000000000000109B
  BCP3: 0000000000020021
  BCP4: FFFFFA8003E45450
  OS Version: 6_1_7601
  Service Pack: 1_0
  Product: 256_1
 
Files that help describe the problem:
  C:\Windows\Minidump\042716-37752-01.dmp
  C:\Users\Owner\AppData\Local\Temp\WER-232316-0.sysdata.xml
----------------------------------------------------
I could not find the Windows Error Report; it wasn't where it was supposed to be.  Therefore, here is a copy that I found in ProgramData.
 
Version=1
EventType=BlueScreen
EventTime=131062872817774673
ReportType=4
Consent=1
UploadTime=131062873809981424
ReportIdentifier=3c3f4b39-0cf0-11e6-976f-1c6f654debb1
IntegratorReportIdentifier=042716-37752-01
Response.type=4
DynamicSig[1].Name=OS Version
DynamicSig[1].Value=6.1.7601.2.1.0.256.48
DynamicSig[2].Name=Locale ID
DynamicSig[2].Value=1033
UI[2]=C:\Windows\system32\wer.dll
UI[3]=Windows has recovered from an unexpected shutdown
UI[4]=Windows can check online for a solution to the problem.
UI[5]=&Check for solution
UI[6]=&Check later
UI[7]=Cancel
UI[8]=Windows has recovered from an unexpected shutdown
UI[9]=A problem caused Windows to stop working correctly.  Windows will notify you if a solution is available.
UI[10]=Close
Sec[0].Key=BCCode
Sec[0].Value=c2
Sec[1].Key=BCP1
Sec[1].Value=0000000000000007
Sec[2].Key=BCP2
Sec[2].Value=000000000000109B
Sec[3].Key=BCP3
Sec[3].Value=0000000000020021
Sec[4].Key=BCP4
Sec[4].Value=FFFFFA8003E45450
Sec[5].Key=OS Version
Sec[5].Value=6_1_7601
Sec[6].Key=Service Pack
Sec[6].Value=1_0
Sec[7].Key=Product
Sec[7].Value=256_1
File[0].CabName=042716-37752-01.dmp
File[0].Path=042716-37752-01.dmp
File[0].Flags=851970
File[0].Type=2
File[0].Original.Path=C:\Windows\Minidump\042716-37752-01.dmp
File[1].CabName=sysdata.xml
File[1].Path=WER-232316-0.sysdata.xml
File[1].Flags=851970
File[1].Type=5
File[1].Original.Path=C:\Users\Owner\AppData\Local\Temp\WER-232316-0.sysdata.xml
File[2].CabName=WERInternalMetadata.xml
File[2].Path=WER56D6.tmp.WERInternalMetadata.xml
File[2].Flags=589827
File[2].Type=5
File[2].Original.Path=C:\Users\Owner\AppData\Local\Temp\WER56D6.tmp.WERInternalMetadata.xml
File[3].CabName=Report.cab
File[3].Path=Report.cab
File[3].Flags=196608
File[3].Type=7
File[3].Original.Path=Report.cab
FriendlyEventName=Shut down unexpectedly
ConsentKey=BlueScreen
AppName=Windows
AppPath=C:\Windows\System32\WerFault.exe
 
The zipped dmp file is attached. I also have a MEMORY.DMP file from the same time, if that would help.
 
Thank you.

Attached Files



#10 ComputerJinx

ComputerJinx
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:California
  • Local time:10:11 AM

Posted 01 May 2016 - 04:46 PM

Given that you haven't yet responded to my 4-27-16 08:12 PM post/inquiry, I have decided to take my computer to a repair shop rather than try to fix hardware on my own.  Thank you for your assistance.

 



#11 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:01:11 PM

Posted 01 May 2016 - 06:09 PM

The BSOD forums are a very busy place.

Please note in blueelvis' signature that he asks that you send him a PM if he hasn't responded in 48 hours.

As you can see, I have the same request in my signature.

Also, please be advised that the notification system (that notifies us when you respond) hasn't been working all that well recently.

 

Finally, blueelvis is preparing for exams, which should start in the next week or two, so his time is limited.

 

Good luck with the repair shop!


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users