Recent BSOD Problem

Status
Not open for further replies.

gameb0i83

Posts: 11   +0
I've recently been receiving these random BSOD erros on Windows Vista 64 bit:

Problem signature
Problem Event Name: BlueScreen
OS Version: 6.0.6001.2.1.0.768.3
Locale ID: 1033

Files that help describe the problem (some files may no longer be available)
Mini051009-02.dmp
sysdata.xml
Version.txt

View a temporary copy of these files
Warning: If a virus or other security threat caused the problem, opening a copy of the files could harm your computer.

Extra information about the problem
BCCode: 1a
BCP1: 0000000000041284
BCP2: FFFFF88008737001
BCP3: 0000000000009FA1
BCP4: FFFFF78000001000
OS Version: 6_0_6001
Service Pack: 1_0
Product: 768_1
Server information: fb2523e8-6af4-4c55-9e37-3ff6431ba11f

I cannot post the dump files because when I try, I get an error message stating that I do not have permission. I only have one account on my system so I don't know why that's popping up.

Any help you can give me will be greatly appreaciated.

Thanks in advance!
 
This is really weird...I know how to post an attatchment but when I do, I get an error message saying I don't have permission. I've also tried to open them with notepad on my own and it still says I don't have permission. I have only one account on this computer and that's me the Administrator so I don't know it's giving me this message. Any ideas?

Thanks in advance!
 
Minidumps cannot be opened with Notepad
You need to attach the DMP file (you do not even need to zip it up)
 
I understand completely what you're saying. I know how to attatch a file to a post. My problem is that when I try to attatch it (as in find the the Windows/minidump folder and double click the the file to attatch it to my post), I get the above mentioned error message. Again, I'm really confused as to why this would happen because I only have my Administator account on my computer.

I was just trying out notepad to see if it would open with that, but it didn't work either.

Any idea why this would happen on an Administrator's account?
 
It could be the default permissions are corrupt
Or Virus Malware problem

By the way what AntiVirus do you use?
And what is your Windows version exactly? Windows XP ? (Pro? Home?) Service Pack ?

Also, can you possibly copy the Minidump to your Desktop, and then Attach it from there?

I'll wait I suppose :)

Edit:

Oh

Windows Vista 64 bit:
 
I use Norton 360 for antivirus. I've ran it several times and it hasn't found anything other than tracking cookies and other minor spyware.

I'm at work now, but I'll try copying my dump files on my desktop when I get home. I just find in weird that it won't let me get to the dump files, but I can get into everything else in all my system folders.

Here are the five most recent minidumps:
 
Memory manager detected 25 instance(s) of page corruption, target is likely to have memory corruption

So how attached are you to Norton 360 :D

Basically Norton has always used lots of system resource (memory) and if there is the slightest of problems with your Ram or Hard Drive, the having Norton it will be exagerated.

Here's what I'd suggest you do (and also what I'd do, in this case, as well)

Uninstall your Norton AntiVirus
Then run the Norton Removal tool

Restart

Download and Run CCleaner

An alternative Antivirus that I recommend is Avira free Antivirus (also being in our 8-Step Malware removal guide) and is what I use as well.

Update it by right clicking the tray icon, and then selecting "Start Update" (note: It will automatically update itself, but I just want to make sure)
Run a full AntiVirus Scan, ideally post back the attached AntiVirus report log

Further issues, please run Memtest on your Ram

Done :grinthumb
 
To be honest, I was hoping Norton wasn't a contributer to the probem. I shelled out big bucks to have it updated for two years...

On Norton's forum, someone menioned to uninstall my graphics driver as that was one of the last things I did before these BSODs started popping up. I did that and then reinstalled the video driver fron Gateway's (OEM) site for my specific computer. I haven't had a problem yet. I'm hoping I won't have anty other problems, but if I do then I'll have to resort you your method.

Thanks for all your help!
 
...you were right, the BSOD errors came back with a vengence. Now I'm getting them even a few seconds after Windows starts and once in a while shortly after accessing the Internet.

I'm asking around at the Norton forums to see if anyone else is having problems. If anyone else has any ideas this could be besides my RAM dying on me let me know. I'm posting the most recent dump files for reference.

Thanks for your help!
 
Every single one of your dumps indicates an issue with Norton to be honest. I have a feeling that the LiveUpdate function has been compromised somehow (either by a virus or malware or simply due to the program failing) ... you could try turning off LiveUpdate first to see if that works - this would then mean that you'd have to download the individual updates in .exe form and install them as such...

My recommendation is in line with Kimsland however, in that an uninstallation of Norton would be your best option. You might want to attach a HiJackThis log as well so we can check whether your system is in fact infected (I'm quite certain it is) .... you can find the HiJackThis installation link on the 8-step guide that Kimsland pointed to previously.

Spyder_1386 :)
 
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10b.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=&Br=GTW&Loc=ENG_US&Sys=DTP&M=FX4710-UB003A
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=&Br=GTW&Loc=ENG_US&Sys=DTP&M=FX4710-UB003A
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch=Retail&SubCH=&Br=GTW&Loc=ENG_US&Sys=DTP&M=FX4710-UB003A
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files (x86)\Morpheus Music\Plugins\RazaWebHook.dll (file missing)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\PROGRA~2\IWINGA~1\IWINGA~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files (x86)\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [Smart Copy] "C:\Program Files (x86)\IOI\Smart Copy\ButtonMonitor.exe" -A
O4 - HKLM\..\Run: [osCheck] "C:\Program Files (x86)\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EPSON Stylus CX4800 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIADA.EXE /FU "C:\Windows\TEMP\E_S750F.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Logitech . Product Registration.lnk = C:\Program Files (x86)\Logitech\QuickCam\eReg.exe
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files (x86)\Morpheus Music\Plugins\RazaWebHook.dll/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} (compid Class) - http://support.gateway.com/support/serialharvest/gwCID.CAB
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} (FamilyFeud Control) - http://www.worldwinner.com/games/v47/familyfeud/familyfeud.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: iWinGamesInstaller - iWin Inc. - C:\Program Files (x86)\iWin Games\iWinGamesInstaller.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)
 
I've been talking with people on the Norton forums and they've suggested reinstalling Vista. I've done that, but it hasn't seemed to help. For their refence I'm posting my updated HijackThis log file.
 
I want to thank everyone that attempted to diagnose and solve my problem. I tried kimsland's directions and they seemed to work for a day, but then the BSODs (or blue SOBs as I now call them) came back and they seemed even more frequent and a couple of times Windows wouldn't even boot up.

I then tried memtest and as soon as the test started lots of red popped up immediately. In the end I brought the computer to the Geek Squad at Best Buy for diagnotics and repair/replacemtnent of the RAM. The good news is that it won't cost me a cent because it's still covered by manufacterer's warranty because it's less than a year old. The bad news is that I'll be computerless for the next few weeks (I'm at work now). Oh well...

Thanks again!
 
Status
Not open for further replies.
Back