Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

CRITICAL_OBJECT_TERMINATION Uh oh!


  • Please log in to reply
9 replies to this topic

#1 windersxp

windersxp

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:26 AM

Posted 23 November 2016 - 11:18 AM

· OS - Windows 7 64-bit
· What was original installed OS on system? Windows 7
· Is the OS an OEM version (came pre-installed on system) or full retail version (YOU purchased it from retailer)? Custom built by the company I work for, we install the OS using a retail disc.
· Age of system (hardware) Almost 1 year.
· Age of OS installation - have you re-installed the OS? Replaced the hard drive, 9/16/2016 - install date.

· CPU - i5-4460
· Video Card - on-board
· MotherBoard - Gigabyte B85M-D3H
· Power Supply - CoolerMaster 400W

· System Manufacturer - Custom built


· Desktop

 

 

 

 

Bluescreens will happen randomly. It shutdown 7 times in 1 day while doing ordinary tasks. This is according to the user. I've done extensive research with bluescreen view and the online analyzer tool, but at a loss at this point. I work for an MSP and we have a local shop that I'm going to take the computer to, so I will have access to it to try different things. I have no way of successfully reproducing the BSODs. While I wait for replies, I'll test the hard drive and memory.

Attached Files



BC AdBot (Login to Remove)

 


#2 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:04:26 AM

Posted 24 November 2016 - 08:42 AM

System Info report is missing.  Please do this:

 

systeminfo:
Please open an elevated (Run as administrator) Command Prompt and type (or copy/paste) "systeminfo.exe >%USERPROFILE%\Desktop\systeminfo.txt" (without the quotes) and press Enter.  Then navigate to Desktop to retrieve the syteminfo.txt file.  If you have difficulties with making this work, please post back.  Then zip up the .txt file and upload/attach the .zip file with your next post.
NOTE:    Will not work with Windows XP

 

I am unable to tell how many update hotfixes are installed.   Most systems with SP1 have 350-400 or more.  Please visit Windows Update and get ALL available updates (it may take several trips to get them all).
The actual number is not important.  Rather it's important that you checked manually, installed any available updates, and didn't experience any errors when checking or updating.

There's a problem with this device in Device Manager:

 

Shrew Soft Lightweight Filter    ROOT\LEGACY_VFLT\0000    This device is not present, is not working properly, or does not have all its drivers installed.

Please uninstall the ShrewSoft software from Control Panel...Programs and Features.
If it's not then, please install a copy and then uninstall it (the hope here is that the installer will detect the device, and then the uninstaller will properly remove it).

 

No real clues here.  I'd guess that this was a hardware problem - but the memory dumps are too consistent to support that guess.
I'd start with running Driver Verifier according to these instructions:  http://www.carrona.org/verifier.html

Then, once you've uploaded the memory dumps from it, then get started on these free hardware diagnostics while waiting for a reply from me.

 

Analysis:
The following is for information purposes only. The following information contains the relevant information from the blue screen analysis:
**************************Mon Nov 21 17:56:38.720 2016 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\112116-14305-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Built by: 7601.23569.amd64fre.win7sp1_ldr.161007-0600
System Uptime:0 days 0:33:09.469
Probably caused by :ntkrnlmp.exe ( nt!PspCatchCriticalBreak+92 )
BugCheck F4, {3, fffffa8009119b10, fffffa8009119df0, fffff800031deb70}
BugCheck Info: CRITICAL_OBJECT_TERMINATION (f4)
Arguments:
Arg1: 0000000000000003, Process
Arg2: fffffa8009119b10, Terminating object
Arg3: fffffa8009119df0, Process image file name
Arg4: fffff800031deb70, Explanatory message (ascii)
PROCESS_NAME:  wininit.exe
BUGCHECK_STR:  0xF4
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
FAILURE_BUCKET_ID: X64_0xF4_wininit.exe_BUGCHECK_CRITICAL_PROCESS_9219840_nt!PspCatchCriticalBreak+92
CPUID:        "Intel® Core™ i5-4460  CPU @ 3.20GHz"
MaxSpeed:     3200
CurrentSpeed: 3192
  BIOS Version                  F15
  BIOS Release Date             08/20/2015
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  B85M-D3H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Mon Nov 21 17:23:00.268 2016 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\112116-15974-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Built by: 7601.23569.amd64fre.win7sp1_ldr.161007-0600
System Uptime:0 days 1:12:04.240
Probably caused by :ntkrnlmp.exe ( nt!PspCatchCriticalBreak+92 )
BugCheck F4, {3, fffffa8008f5e480, fffffa8008f5e760, fffff8000317ab70}
BugCheck Info: CRITICAL_OBJECT_TERMINATION (f4)
Arguments:
Arg1: 0000000000000003, Process
Arg2: fffffa8008f5e480, Terminating object
Arg3: fffffa8008f5e760, Process image file name
Arg4: fffff8000317ab70, Explanatory message (ascii)
PROCESS_NAME:  wininit.exe
BUGCHECK_STR:  0xF4
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
FAILURE_BUCKET_ID: X64_0xF4_wininit.exe_BUGCHECK_CRITICAL_PROCESS_9281060_nt!PspCatchCriticalBreak+92
CPUID:        "Intel® Core™ i5-4460  CPU @ 3.20GHz"
MaxSpeed:     3200
CurrentSpeed: 3192
  BIOS Version                  F15
  BIOS Release Date             08/20/2015
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  B85M-D3H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Mon Nov 21 15:03:50.428 2016 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\112116-15912-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Built by: 7601.23569.amd64fre.win7sp1_ldr.161007-0600
System Uptime:0 days 0:02:59.003
Probably caused by :ntkrnlmp.exe ( nt!PspCatchCriticalBreak+92 )
BugCheck F4, {3, fffffa8009117b10, fffffa8009117df0, fffff800031cfb70}
BugCheck Info: CRITICAL_OBJECT_TERMINATION (f4)
Arguments:
Arg1: 0000000000000003, Process
Arg2: fffffa8009117b10, Terminating object
Arg3: fffffa8009117df0, Process image file name
Arg4: fffff800031cfb70, Explanatory message (ascii)
PROCESS_NAME:  csrss.exe
BUGCHECK_STR:  0xF4
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
FAILURE_BUCKET_ID: X64_0xF4_csrss.exe_BUGCHECK_CRITICAL_PROCESS_91f0b50_nt!PspCatchCriticalBreak+92
CPUID:        "Intel® Core™ i5-4460  CPU @ 3.20GHz"
MaxSpeed:     3200
CurrentSpeed: 3192
  BIOS Version                  F15
  BIOS Release Date             08/20/2015
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  B85M-D3H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
The rest of the memory dump summaries are hidden in the Spoiler tag below.  Click on "Show" to reveal them.

Spoiler




3rd Party Drivers:
The following is for information purposes only. My recommendations were given above. The drivers that follow belong to software or devices that were not developed by Microsoft.  You can find links to the driver information and where to update the drivers in the section after the code box:

**************************Mon Nov 21 17:56:38.720 2016 (UTC - 5:00)**************************
intelppm.sys                Mon Jul 13 19:19:25 2009 (4A5BC0FD)
amdxata.sys                 Fri Mar 19 12:18:18 2010 (4BA3A3CA)
mvusbews.sys                Mon Nov 26 01:55:41 2012 (50B3126D)
TeeDriverx64.sys            Thu Sep  5 14:02:18 2013 (5228C72A)
iusb3hub.sys                Wed Feb 12 06:04:30 2014 (52FB553E)
iusb3xhc.sys                Wed Feb 12 06:04:33 2014 (52FB5541)
iusb3hcs.sys                Wed Feb 12 06:06:11 2014 (52FB55A3)
Rt64win7.sys                Mon Mar 17 22:27:09 2014 (5327AEFD)
igdkmd64.sys                Wed Aug  5 00:53:18 2015 (55C196BE)
mbam.sys                    Tue Aug 11 13:35:19 2015 (55CA3257)
RTKVHD64.sys                Fri Jan 22 10:09:21 2016 (56A24621)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Mon Nov 21 15:03:50.428 2016 (UTC - 5:00)**************************
generic.sys                 Sat Jul  3 23:26:53 2010 (4C2FFF7D)
DM150Drv.sys                Sat Jul  3 23:29:20 2010 (4C300010)


http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=amdxata.sys
http://www.carrona.org/drivers/driver.php?id=mvusbews.sys
http://www.carrona.org/drivers/driver.php?id=TeeDriverx64.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hub.sys
http://www.carrona.org/drivers/driver.php?id=iusb3xhc.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hcs.sys
http://www.carrona.org/drivers/driver.php?id=Rt64win7.sys
http://www.carrona.org/drivers/driver.php?id=igdkmd64.sys
http://www.carrona.org/drivers/driver.php?id=mbam.sys
http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
http://www.carrona.org/drivers/driver.php?id=generic.sys
http://www.carrona.org/drivers/driver.php?id=DM150Drv.sys
 
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#3 Demonslay335

Demonslay335

    Ransomware Hunter


  • Security Colleague
  • 3,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:26 AM

Posted 24 November 2016 - 10:01 AM

Thanks for taking a look John. As a note, I work at the same company, so I may also help feed you some information on this case, since the OP is typically on-site and it's now at my shop. :wink:

The hard drive passed WD Diagnostics from a boot disc, and also passed MemTest. The OP ran Driver Verifier on the system while on-site and never experienced a BSOD. Also, HitmanPro and MBAR were ran, both were clean of rootkit, malware, or Trojan infections.

We'll push it through Windows Updates and post back with the information you requested after the holiday here when the shop is open tomorrow.

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic]

ransomnotecleaner-25.png RansomNoteCleaner - Remove Ransom Notes Left Behind [Support Topic]

cryptosearch-25.pngCryptoSearch - Find Files Encrypted by Ransomware [Support Topic]

If I have helped you and you wish to support my ransomware fighting, you may support me here.


#4 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:04:26 AM

Posted 25 November 2016 - 05:57 AM

How long did you run Driver Verifier for?  I'd suggest running it overnight just to see if it generates anything.

 

Meanwhile, continue with the diagnostics.  If they all pass, then I'd suggest this procedure to help identify the problem component(s).

 

Another option would be to make an image of the hard drive, then reinstall Windows "clean" (my suggested method here:  http://www.carrona.org/canned.html#clean )

Installing Windows "clean" will eliminate Windows as a cause (presuming that the installation media is good and that the problems don't return after the installation))

The lack of any 3rd party programs will also rule them out if the problems don't return.
This will leave you with hardware as the problem - and back to the diagnostics and stripdown to figure out what the problem component(s) are.

 

Since you have the image, it's a relatively easy job to put the image back on the drive when done testing.

Good luck!


Edited by usasma, 25 November 2016 - 05:57 AM.

My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#5 Demonslay335

Demonslay335

    Ransomware Hunter


  • Security Colleague
  • 3,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:26 AM

Posted 25 November 2016 - 10:29 AM

I'm unsure how long the OP ran Driver Verifier, probably a maximum of an hour since he was not on-site terribly long.

 

I have pushed all Windows Updates through on the system, multiple checks yield no new updates. Attached is a systeminfo dump after running these updates. There were only about 2 optional ones pending for .NET framework roll-ups.

 

I installed the ShrewSoft VPN client, rebooted, then uninstalled the software. The (hidden) driver still shows in Device Manager, but it no longer shows as having trouble. Thanks for catching that.

 

We will probably hold off on doing an image/reload of the system, with the main reason being we do not have a reliable way of reproducing the issue yet. We thus have no way to tell if the fresh load of Windows is fine or not versus what has been done.

 

I will setup Driver Verifier and run the system through Prime95 as a stress-test. Will post back with results after letting it run its course over the weekend.

 

*Edit:

The forum uploader is giving me errors. Is it OK to link the dump instead? Here it is on SendSpace: https://www.sendspace.com/file/ss0meh


Edited by Demonslay335, 25 November 2016 - 10:32 AM.

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic]

ransomnotecleaner-25.png RansomNoteCleaner - Remove Ransom Notes Left Behind [Support Topic]

cryptosearch-25.pngCryptoSearch - Find Files Encrypted by Ransomware [Support Topic]

If I have helped you and you wish to support my ransomware fighting, you may support me here.


#6 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:04:26 AM

Posted 25 November 2016 - 07:21 PM

I usually suggest running Verifier for at least 36 hours.  I'd imagine that you'd get a good look after 4 to 6 hours is you're really rushed.

 

My method of checking Windows Updates is to see how many hotfixes are listed in the systeminfo report.

Unfortunately, there's at least 2 or 3 drawbacks to this:

- Hotfixes aren't the same thing as updates

- Different systems take different numbers of updates

- The new Microsoft method of delivering updates has been extended to W7, and it would (I think) mess up even the hotfix numbers ( https://blogs.technet.microsoft.com/windowsitpro/2016/08/15/further-simplifying-servicing-model-for-windows-7-and-windows-8-1/ )

 

There are ways to manually remove the ShrewSoft driver - but I prefer not to do it if it's not causing problems.

 

It's fine to load the dumps o SendSpace if you'd like and post a link here.


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#7 Demonslay335

Demonslay335

    Ransomware Hunter


  • Security Colleague
  • 3,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:26 AM

Posted 29 November 2016 - 04:01 PM

Sorry for the late feedback. Here was the systeminfo if you didn't see it on my previous edited post: https://www.sendspace.com/file/ss0meh

 

We let the system run with Driver Verifier enabled, and ran Prime95 over the weekend, well over 48 hours with no BSOD.

 

I checked for any potential BIOS updates and chipset updates, they were the most recent on Gigabyte's website.

 

We have returned the system to the customer, and it apparently bluescreened as soon as they opened Microsoft Excel. Our technician is still on-site investigating, but here is the latest minidump (with Driver Verifier still enabled): https://www.sendspace.com/file/vj71ma


Edited by Demonslay335, 29 November 2016 - 04:02 PM.

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic]

ransomnotecleaner-25.png RansomNoteCleaner - Remove Ransom Notes Left Behind [Support Topic]

cryptosearch-25.pngCryptoSearch - Find Files Encrypted by Ransomware [Support Topic]

If I have helped you and you wish to support my ransomware fighting, you may support me here.


#8 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:04:26 AM

Posted 29 November 2016 - 05:35 PM

I'm guessing it's a hardware problem for several reasons (none of which, by themselves, are valid diagnostics)

 

Verifier didn't cause a BSOD - so the drivers that were tested weren't faulty (as far as the Driver Verifier test goes)

 

The number of 3rd party drivers in the memory dump is few.  Hardware issues will often show few drivers in a memory dump.

 

The stack text has an unknown item in it.  This type of item is either a hardware error or a user-level error that isn't included in a minidump.

 

Finally, most analysis' that I have seen will point to disk I/O errors - so a problem hard drive is a likely candidate.

I disagree with this, but can't (in good conscience) just rule it out because of that.  I've seen a lot of talk about memory leaks, even to video memory leaks.

 

Please start with these free hardware diagnostics:  http://www.carrona.org/hwdiag.html

Make sure that you ran the Western Digital long/extended test.  The short test only spot checks the drive

You can feel free to skip the MemTest and Prime95, but please run the other tests and let us know the results.

 

Analysis:
The following is for information purposes only. The following information contains the relevant information from the blue screen analysis:
*************************Tue Nov 29 15:26:41.556 2016 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\112916-18657-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Built by: 7601.23572.amd64fre.win7sp1_ldr.161011-0600
System Uptime:0 days 0:01:29.945
Probably caused by :ntkrnlmp.exe ( nt!PspCatchCriticalBreak+92 )
BugCheck F4, {3, fffffa800974b8f0, fffffa800974bbd0, fffff800031d0b70}
BugCheck Info: CRITICAL_OBJECT_TERMINATION (f4)
Arguments:
Arg1: 0000000000000003, Process
Arg2: fffffa800974b8f0, Terminating object
Arg3: fffffa800974bbd0, Process image file name
Arg4: fffff800031d0b70, Explanatory message (ascii)
PROCESS_NAME:  wininit.exe
BUGCHECK_STR:  0xF4
DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP
FAILURE_BUCKET_ID: X64_0xF4_wininit.exe_VRF_BUGCHECK_CRITICAL_PROCESS_99b3060_nt!PspCatchCriticalBreak+92
CPUID:        "Intel® Core™ i5-4460  CPU @ 3.20GHz"
MaxSpeed:     3200
CurrentSpeed: 3192
  BIOS Version                  F15
  BIOS Release Date             08/20/2015
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  B85M-D3H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``


3rd Party Drivers:
The following is for information purposes only. My recommendations were given above. The drivers that follow belong to software or devices that were not developed by Microsoft.  You can find links to the driver information and where to update the drivers in the section after the code box:

**************************Tue Nov 29 15:26:41.556 2016 (UTC - 5:00)**************************
intelppm.sys                Mon Jul 13 19:19:25 2009 (4A5BC0FD)
amdxata.sys                 Fri Mar 19 12:18:18 2010 (4BA3A3CA)
TeeDriverx64.sys            Thu Sep  5 14:02:18 2013 (5228C72A)
iusb3hub.sys                Wed Feb 12 06:04:30 2014 (52FB553E)
iusb3xhc.sys                Wed Feb 12 06:04:33 2014 (52FB5541)
iusb3hcs.sys                Wed Feb 12 06:06:11 2014 (52FB55A3)
Rt64win7.sys                Mon Mar 17 22:27:09 2014 (5327AEFD)
igdkmd64.sys                Wed Aug  5 00:53:18 2015 (55C196BE)
mbam.sys                    Tue Aug 11 13:35:19 2015 (55CA3257)
RTKVHD64.sys                Fri Jan 22 10:09:21 2016 (56A24621)

http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=amdxata.sys
http://www.carrona.org/drivers/driver.php?id=TeeDriverx64.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hub.sys
http://www.carrona.org/drivers/driver.php?id=iusb3xhc.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hcs.sys
http://www.carrona.org/drivers/driver.php?id=Rt64win7.sys
http://www.carrona.org/drivers/driver.php?id=igdkmd64.sys
http://www.carrona.org/drivers/driver.php?id=mbam.sys
http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
 


Edited by usasma, 29 November 2016 - 05:36 PM.

My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#9 Demonslay335

Demonslay335

    Ransomware Hunter


  • Security Colleague
  • 3,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:26 AM

Posted 29 November 2016 - 05:48 PM

Yep, when we ran the WD Diagnostics, it was the long test that passed. Just to note, the hard drive in this system has been replaced since the system was built last year (under warranty).

 

We are currently looking into replacing the motherboard as a test since it is under warranty still, and swapping out some other hardware components. As you can imagine, this one is hard to nail down and be confident in since we cannot reliably reproduce the issue (the most fun type to troubleshoot).


logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic]

ransomnotecleaner-25.png RansomNoteCleaner - Remove Ransom Notes Left Behind [Support Topic]

cryptosearch-25.pngCryptoSearch - Find Files Encrypted by Ransomware [Support Topic]

If I have helped you and you wish to support my ransomware fighting, you may support me here.


#10 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:04:26 AM

Posted 30 November 2016 - 05:40 AM

If you suspect the motherboard, then it's usually easiest to rule out ALL the other components (as there's no 100% certain motherboard test).
I suggest trying this procedure:  http://www.carrona.org/strpdown.html


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users