TechSpot

Need help with BSOD

By arthurdp
Aug 5, 2011
Post New Reply
  1. This is a freinds computer so any help would be appreciated.

    I changed the computers settings to save mini dump files as it was not before.
    I only have one mini dump at the current time sadly.

    Now for what I did personally. First off it did 15 passes on memtest. Seems my
    spin rite disk is to scratched to run but will try to make a new one after work
    today and run that tonight. Currently have it in safe mode running some
    virus/malware etc software to clean it up.

    Here's the only mini dump I have at the moment.
     

    Attached Files:

  2. Route44

    Route44 TechSpot Ambassador Posts: 11,966   +70

  3. arthurdp

    arthurdp TS Rookie Topic Starter Posts: 39

    How would I find that out?
    In device manager it says sony CRWDVD CRX310S.
    I test spin rite on other pc my disk is fine so I think your right on this one.
    I removed a "PC fraudulent" item with spybot in safe mode no other infections
    were found. I also gave him a copy of nod32 (paid version) along with spybot
    and malware bytes to prevent that from happening again.

    Oh I should mention I ran driver sweeper to remove old drivers and uhh Ccleaner to clean registry.
    Maybe one of them removed it? I have no idea as I have it running now 2 hours no BSOD yet but who knows.
    I want to resolve it before i say its fixed.

    **edit checked all of device manager nothing with aspi at all or aptec.
    Clearing the system page or w/e now and defraging.
     
  4. Route44

    Route44 TechSpot Ambassador Posts: 11,966   +70

    There is known malware that mimics aspi32.sys right down to the lettering. So nice work on your part. :)

    By the way, nice to see someone else use NOD32; been doing so on my main rig for several years.

    * Keep us updated.
     
  5. arthurdp

    arthurdp TS Rookie Topic Starter Posts: 39

    Still BSOD...

    sigh flashing so fast can't see error code nor is it saving the minidump. computer
    is set to save them to.

    Doing a chkdsk now once rebooted I'll be setting the memory page properly this time.
    Going to try one last attempt with my spin rite disk afterwards though going to use my
    external dvd drive to insure no issue with the disk drive.
    (thinking I may also disconnect the current one when I try to boot it)

    Can you analyze hijack this reports? Maybe theres something still lingering.
     
  6. arthurdp

    arthurdp TS Rookie Topic Starter Posts: 39

    Everything passed those tests last night.
    Since then got 2 more BSOD's (0x0000001 & 0x000008E) sadly it only saved
    1 of the minidumps which is attached below.

    I truly think its a rootkit but I have no experience with hijack this so I'm going
    to do a full format now and see if I can't just resolve it that way. If its driver based
    I can cut that part out as well by installing the most current ones manually.

    ***edit

    turns out I can't access the bloody recovery partition, ctrl f11 nor the boot menu shows it so I'm stuck now.
    Unless I order a DVD from dell at 150$. sigh hopefully you get something from that last mini dump cause I'm stuck.

    ***edit

    Back doored there partition and now restoring to original state.
    Sigh this is one long ordeal.
     

    Attached Files:

  7. Route44

    Route44 TechSpot Ambassador Posts: 11,966   +70

    Bug check 1. Weird. Simply cited the Windows OS driver win32k.sys and nothing more. As you know usually OS drivers are usually too general to be of much diagnostic help (though there are exceptions).

    In any of your tests did you do a harddrive diagnostics?
     
  8. arthurdp

    arthurdp TS Rookie Topic Starter Posts: 39

    Ran chkdsk. Spin rite on level 4 (deep surface scan/erase and write data) Used
    windows and dells hardrive diagnostic tools. In all cases it passed.

    I just finished the format and pc has yet to show signs of issues after 4 hours or so.

    I'm thinking there was a rootkit or two along with a corrupted OS.
    All the hardware is in working condition so it can only be software.
    we will see how this goes from here
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...