Analysis of BSOD screen?

[barebear]

Hi Hatrick and Tmagic,

I just downloaded/installed/ran DriverGuide 2.0 ; attached is a .png of its results.

Let me know if this gives you relevant info --the program in its free form won't let me try to update drivers or back them up. I don't care about the backing up feature because I use Driver Genius for that, and as re updating, I've always gone the manufacturers sites and used their specific updating tools.

It is now 1045PM Tue. PST and the system continues to run w/ no BSOD or error messages in Event Viewer.

Will post again tomorrow AM with developments overnight

Wait to hear from you. Best, Peter

 

[barebear]

Hi Tmagic and Hatrick,

After doing the DriverGuide I got brave, ran Verifier .exe without changing any of its settings and at the reboot prompt got a blue background screen with NOTHING but the following at the very top of the screen:

IO SYSTEM VERIFICATION error in: ATMhelper.sys ( WDM Driver Error 21f )
[ ATMhelper .sys+280at F7B65280]

I rebooted, got the same screen, and had to go to F8 Last Known Good Configuration to get back to my desktop.

Am I right that this isn't a real BSOD because I did something wrong w/ respect to how I ran Verifier.exe ? After getting back to my desktop there was no Event Viewer error message other than a Event 1002 DHCP error some time prior to running Verifier--that message shows up quite infrequently and never at/near a BSOD/spontaneous reboot

Please advise because this makes me worry about whether there still is a driver issue somewhere-----one part of me says its ok, you really don't have a problem, you just ran Verifier incorrectly.........and then theres my worry-wart part that won't go away till I hear from you that I'm right about not having a driver issue.......

Its now a couple of minutes before midnight here 11:50PM Tue. PST --will post developments tomorrow AM

 

[Hatrick]

Peter,
Stop fiddling. If it ain't broke, don't fix it.

Use system restore to put it back a couple of days to when it was O.K. then leave it alone and await results.

Regards.

 

[Tmagic650]

"Thanks for getting back to me w/ your thoughts per my last post.
Tmagic, per your post of Yesterday 07:29 PM WOW!--what a honker kick-*** system! ------- especially if you're not a "Gamer", which I am not at all. There isn't a single game on my system."

Peter,
I don't consider myself a "gamer" per se. I do have an AGP ATI Radeon 9600XT, with 256MB DDR memory installed on the card. I play Halo: Combat Evolved, and a few poker games, that's all


Peter,
Stop fiddling. If it ain't broke, don't fix it.

Use system restore to put it back a couple of days to when it was O.K. then leave it alone and await results.

Amen to that Hatrick!

 

[barebear]

Hi Hatrick and Tmagic,

I wasn't trying to fiddle around, just get info I thought you wanted to see.

Its now 930AM Wed and system has run fine all night w/ mo BSOD or error messages in Event Viewer.

Only issue last night was me when I ran Verifier.

Will advise developments tonight.

Best, Peter

 

[barebear]

Hi Tmagic and Hatrick,

I'm full of nothing but GOOD NEWS! I am so stoked----I uninstalled Adobe Type Manager after giving some thought as to the contents of that blue screen that showed up when I ran Verifier.exe last night.

It is now 830 PM Wed. PST, the computer has run all day w/ no BSOD or error messages in Event Viewer.

I made a ghost to my D: drive and after rebooting decided I was going to run Verifier.exe again to see what would happen after uninstalling Adobe Type Manager (which came w/ Adobe Photo Deluxe Business Edition) which was something I'd NEVER used. I do use Photo Deluxe a lot though, along w/ Firehand Ember

I am beyond DELIGHTED to be able to tell you that I ran Verifier just like last night, rebooted at the prompt, AND GOT RIGHT BACK TO MY DESKTOP WITH NO WEIRD SCREENS ! YEAH!!!!!! Can you say " HAPPY CAMPER" ?!

Please advise your thoughts re my following intended plan of action based on the above developments.......

My plan is to now make absolutely no more changes to anything unless/until SpySweeper support tells me to uninstall/reinstall the program or do something else. If they leave me hanging, I would do that on my own and not worry about it since I now have the security of an apparently ( based on the successful running of Verifier ) totally clean and current ghost.

If 4-5 days more go by with no trouble, I then plan to one at a time, with at least a couple of days between actions, start enabling the startup group items that I disabled as part of this diagnostic epic which has now been going on for almost 3 weeks. I would make a new ghost after the successful enabling of each item (there are 4 total, one of which is SpySweeper). SpySweeper, per my comments in the preceding paragraph, would be the last thing I'd deal with.

If I make it through that phase and get the SpySweeper issue resolved,
I would then, with of course an up to the moment ghost sitting in D:, start bumping up Hardware Acceleration 1 notch at a time with at least 96 hrs between bumps ( based on past bad event intervals), and make a new ghost after each successful bump.

Finally, after seeing how far I can get with bumping Hardware Acceleration w/o any issues, I'd make still another ghost and keep it as a permanent reference master that I can forever go back to in case of a problem. I also would/will make ghosts before and after every future hardware or major (install,uninstall,major update) software change. ( I've been doing that all along, but its obviously been w/ a flawed system. )

I'm eagerly looking forward to your thoughts, comments ,and suggestions per all of the above!

Last, but far from least ,thank you so much again for sticking w/ me! I wouldn't have gotten to where I am w/o you. BLESS YOU GUYS!!!

Will wait to hear from you and post again tomorrow AM with another status report. Best, Peter

 

[Hatrick]

Peter,

You obviously haven't read the on line documentation on Verifier. It doesn't *do* anything except monitor and report. Any *doing* is yours.

As for the strategy, I would not presume to comment. My philosophy is encapsulated in the signature at the foot of my posts. Your strategy is yours, mine is mine and, if it all goes 'belly up', the strategist takes responsibility.

My impression is that you are a compulsive tweaker/ app collector, so future disasters are almost inevitable. If your chosen strategy copes with that, well done. I, on the other hand, adhere pretty firmly to the 'if it ain't broke, don't fix it' school of thought. The pc, by and large, does what I want it to do, so I jog along with my ancient BIOS and drivers because they work.

Glad we were able to help you.

Take care.

 

[barebear]

Hi Hatrick,

I read the documentation, but was rather confused by parts of it---went well over my head.

I an not a tweaker----no overclocking or any of that sort of thing for me ever--it scares me. I'm not into anything except keeping the system clean and properly updated so as to avoid the sort of trouble I've been having.

I totally agree w/ you about 'if not broke, don't fix it', but my problem here was that things had been 'broke' for many months w/o my knowing it--it was only when I started running Folding At Home and getting spontaneous reboots, and then BSOD when I turned off "automatic restart", that I realized I had problems---especially since my ghosts were unknowingly contaminated too.

I'm not an app collector other than to have all the protection stuff I can get my mits on because I am terrified of all the bad stuff out there and the creeps trying to get into peoples systems---- the reason I was putting new things into the system was that when I ran across a new anti-spyware utility, it found things that none of the apps I already had in the system had detected. In conjunction w/ that, I kept seeing advice on multiple forums, etc re running more than one protection tool just because they all seemed to find things that others didn't.

I suppose you could consider me a compulsive paranoid in that respect.

I'm far from confident of being over my problems---it'll be several more days before I feel that secure, but its now 1140AM Thurs. PST, and the system ran all night again w/ no BSOD or error messages in Event Viewer.

Please let me know you saw this and I'll update developments again tonight.

Best Peter

 

[Tmagic650]

Hey Peter,
what are your computer use habits? Downloading music... Going to adult sites? There has to be a reason for all your troubles here. Are you the only one that uses your system. Your system is not part of a network is it?

 

[barebear]

Hi Tmagic,

No music downloading and no adult sites; I am sole user of the system.

Like I wrote in my last post this morning, my problem here was that things had been 'broke' for many months w/o my knowing it--it was only when I started running Folding At Home and getting spontaneous reboots, and then BSOD when I turned off "automatic restart", that I realized I had problems---especially since my ghosts were unknowingly contaminated too.

Now 215 PM PST Thurs, will be back to computer about 1145 PM tonite, will post developments then. Sytem running fine till now w/ no BSOD or error messages.

Best, Peter

 

[Tmagic650]

What were you using, and what are you using for virus protection now. It almost seems like you either had no protection or you never updated virus definitions, or let you let them expire...

 

[barebear]

Hi Tmagic,

Quite totally to the contrary.

I have always had the best anti-virus protection I could find and have used it for a good 4 years at least through several evolutions of the program over that time. Its called,now, System Suite 7 Professional, its anti-virus section is actually from Trend Micro whom I'm sure you're familiar with, and gives me almost daily virus definition updates, etc. It of course runs 24/7 with the system, which I never turn off unless I'm going to be away for more than 48hrs, or if I'm doing anything inside the case ( blowing out dust for example), or installing a new printer or scanner, or something of the sort

I wouldn't ,for example, be caught dead using Norton System Works or any part of it----highly system invasive and resource hogging--the only Symantec product I use (AND LOVE!) is Ghost.

I'm aware of the existence of many anti-virus things like AVG, Ewido, Panda, Kaspersky, McAfee, etc-----but have been totally satisfied with the protection provided by what I've been using.

I also have Trend Micro Housecall ( highly rated free online utility that totally will scan a system), and Trend Micro Sysclean which actually can be installed into a system, gets daily virus pattern updates, and does a total system scan just like Housecall.

I actually have a major fetish/constructive paranoia about system protection and have made it a primary goal to find/run a combination of software that provides as complete system protection as I can find. Thats why , although running 1 antivirus because just like firewalls only one should be run in a system, I do have several different anti-spware utilities. The specific reason for multiple spyware utilities is that when I had a chance to try them, I found that each one (that I have installed) catches things the others don't. That applies to SpySweeper, XoftSpy, Pest Patrol, Trend Micro Anti-Spyware especially. Also in my arsenal are Spybot Search and Destroy, Nixory (from Source Forge), Rootkit Revealer, F-Secure Blacklight, Trend Micro's new Rootkit Buster, Spyware Blaster, and Spyware Guard. I am sending you a link to check that is a total validation of what I just stated:

http://spywarewarrior.com/asw-test-guide.htm

I'm sure the thought has already crossed your mind that having so much stuff installed and/or running could create conflicts between programs--thus far what I do have in and running has to the best of my knowledge not caused a problem--everything seems run as it should and disabling them did not seem to affect BSOD or error message generation in any way (with the possible exception of SpySweeper per one BSOD that was analyzed many posts back in this thread)
I have, as repeatedly stated in earlier posts, totally disabled SpySweeper along with almost all my other antispyware and will not activate them till at least several more days have passed with no BSOD events, error messages in Event Viewer, etc. Then, its going to be a one-at-a-time reactivation scenario per my comments last night.

I'd be HIGHLY interested in what you use for antivirus and protection from all the malware, spyware, and grayware that the internet is increasingly becoming tainted with.

I am proud to say that I have never gotten a virus infection that I know of, although I've gotten many warnings about them when using Dr. Web ( a COOL Firefox addon that lets you virus check something being considered for download before ever actually downloading it), or checking a download via the System Suite virus checker before opening it.

It is now 130 AM Fri. PST and I am happy to report that since 1030 PM Sun., with the exception of the 1 BSOD I generated on a reboot after running Verifier.exe, the system has been BSOD free and the only error messages in Event Viewer have been few, very far between events, and related solely to DHCP. Since uninstalling Adobe Type Manager that was referred to in that screen, I have (per last nights post) run Verifier w/ no issues on the reboot at prompt. What I haven't been able to do though is track down and analyze the findings generated by Verifier--a simple explanation of how to do that would be most helpful.

Wait to hear from you and will post developments tomorrow.

Best, Peter PS: the things that I earlier referred to as "my problem here was that things had been 'broke' for many months w/o my knowing it" was referring to what has turned out (apparently) to be driver issues--at least, since updating drivers, things seem to have stabilized.
What, if anything, happens as I step by step reactivate currently disabled stuff should be enlightening to say the least

 

[Tmagic650]

"I have always had the best anti-virus protection I could find and have used it for a good 4 years at least through several evolutions of the program over that time. Its called,now, System Suite 7 Professional, its anti-virus section is actually from Trend Micro whom I'm sure you're familiar with, and gives me almost daily virus definition updates, etc. It of course runs 24/7 with the system, which I never turn off unless I'm going to be away for more than 48hrs, or if I'm doing anything inside the case ( blowing out dust for example), or installing a new printer or scanner, or something of the sort"

Peter,
this all sounds great... Except forthe fact that your system was attacked, and severly wounded, wasn't it!

I have tried most virus and spyware protections over the last few years, and I keep coming back to Norton. I have been witness to all Norton's short-comings too. While doing some research dealing with MS's Vista, I came across Symantec's beta Norton 360. For 2 months now it's been running on my system. I really like it

 

[barebear]

Hi Tmagic,

No, I wasn't ever attacked nor did I say anything of the sort in my posts.

If you go back to the start of this thread, I wrote in about spontaneous reboots for no apparent reason---which we both know usually means an infestation of some sort. Your first reponse was " This could be caused by a virus infection." I had found nothing after scanning with everything at my disposal, and as soon as I posted the 2nd or 3rd BSOD (all w/ different data), was told to check the status of my drivers, stop running Folding At Home, and disable the things that I could in my startup group.

Since finding/installing multiple driver updates, stopping FAH, and disabling 4 things out of my startup group, the system ( at least up to and as of 1045AM today Fri. PST) has been fine other than for the one Verifier screen incident.

If things continue to run ok, I'm about ready to start following my plan for re-activating things --my one concern there is that SpySweeper support hasn't yet been any real help. But, I'll not hesitate to totally uninstall/reinstall the program if I have any issues and they leave me hanging

Will post again tonight w/ developments. Best, Peter

 

[Tmagic650]

"Since finding/installing multiple driver updates, stopping FAH, and disabling 4 things out of my startup group, the system ( at least up to and as of 1045AM today Fri. PST) has been fine other than for the one Verifier screen incident"...

These multiple driver updates were multiple installations of several different drivers, or were they all of the same type driver? I know F@H is not an issue. I used it for a couple of years. How did the 4 things in the Startup group get there in the first place? Are you in the habit of downloading drivers and programs just for the hell of it? You keep saying NO, NO, NO! Since you are the only user, I have to say that your choice of programs/utilities hasn't been that good. This has directly or indirectly caused all your systems instability. Can you really continue to argue this point?

I never use an automatic driver update program. I do this manually. Even Microsoft Updates is set for Notify only. I am constantly trying new programs and utilities. Your choice of programs and utilities is not mine, so who's system had BSOD"s?

 

[barebear]

Hi Tmagic,

Sorry, I should have been more specific.

The really critical driver updates were for my video card and chipset; I got them from the manufacturers websites using their respective updating tools.

The 4 things that I disabled from startup were SpySweeper, Trend Micro Anti Spyware, Pest Patrol, and Spyware Guard --all of which I had been running for at least a couple of years.

After going through what I have to resolve my problem so far, I am agreed that I had 'too much of a good thing", and should keep the start group less cluttered with not all of those programs running. Instead, I can use them to do once a week scans or something along those lines. It appears that the combination of too many of those running, along w/ badly outdated drivers, and then the load put on the system running FAH is what really brought things into focus---until starting to run FAH, then finding out that the system had rebooted because FAH wasn't on my desktop when I came back to the computer, I had no idea that the system must have been rebooting many times for months before----it never did it while I was on the system, and I don't leave things on the desktop (until starting to run FAH) while I'm away (which would have given me a clue long before that things weren't right).
The computer never did anything that made me suspect a problem until I got the reboots while running FAH ........ that was "the straw that broke the camel's back"

I wrote many posts ago that after finding what I did at the mfg;'s websites, I realized how undependable Driver Genius was, and as for Windows Update I'm right there with you--have ALWAYS had it set to notify only.

5PM FRI PST and system is running fine----am off to work, will post more about all of the above when back 11:45 PM tonite.

You have no idea how much I appreciate your feedback and comments--this has been/is a major learning experience for me and I am grateful beyond words for your taking the time to educate me!

Best, Peter

 

[barebear]

Hi Tmagic,

I just got home 1145PM FRi PST and the computer has run fine since my last post.

Now that I'm not rushing to get ready for work, I can recap how this originally started so as to respond to the concerns expressed in your last post.

1. The computer had always been on "automatically restart" in System Properties---Advanced---Startup and Recovery. Someone responding to one of my early posts told me to turn it off so that I could record the info shown on a BSOD and send it in for analysis.

2. Until I started running FAH, I had never had the computer do anything to make me suspicious of something being wrong. It never rebooted or acted strange (poor performance, weird pop-ups while online, etc.) at any time while I was on it, and therefore I was clueless as to the existence of a problem. Additionally, since I always leave a clean desktop when leaving the system, I had no way of knowing that it was spontaneously rebooting.

3. In your very first post to me, you suggested the possibility of a virus, and I responded with a description of what protections I had running in the system. You then raised the possibility of a memory problem, I ran Mem Test 86, reported the results, and you then advised me to turn off FAH and look for video card and MB bios updates.

4. I did forget to turn off FAH, and when I went looking for updates per your instructions and went to the manufacturers sites instead of relying on Driver Genius as I had been, I immediately became aware of just how much that program lacked and was furious at myself for having trusted it to the point of never having previously gone to the mfg's update information and downloads. It was after finding/installing those updates that I wrote the following in a post:

"For now, I can say that neither Driver Genius and especially not Windows Update are able to find all available updates, let alone the big majority of them.
When I went item by item through Device Manager, I found multiple NVidia NForce,Radeon, AMD, and other updates by going to the specific manufacturers sites.

And then, after downloading/installing the updates, I found that they weren't showing up in Device Manager-----I had in multiple instances to do "install from a specific location" and browse to the downloaded items to get them installed.

The updating has so far definitely helped in terms of everything being a bit faster (reboots, program opening, Ghost burning, program operations are noticeably faster), and on reboots my tray icons appear in the proper order."


5. The next blue screen after that post pointed directly to SpySweeper; you suggested disabling it along with other such things in my startup group, and I did so. At the same time, someone else suggested turning off Hardware Acceleration which I also did, along with turning off FAH after being reminded to do so and realizing that I hadn't done so when you first instructed me to. You then wrote "I used to run Stanfords Folding at Home graphical interface, and when it was running I couldn't play any games without having them reduce to the taskbar immediately when started. On a completely different system F@H Graphical interface did the same thing."

6. My next BSOD and my researching its info led me to realize that although I had disabled SpySweeper from startup, I had neglected to uncheck the 'start with Windows" in its options. I did that, ran Verifier and at the reboot prompt got the blue screen that indicated a problem w/ Adobe Type Manager. I uninstalled it, went through the Verifier process again, and this time got back to Windows with no problem. You then told me, quite correctly, that Verifier doesn't do anything other than reporting ( I still don't understand the on-line documentation ).

7. Since I got rid of Adobe Type Manager at about 11PM Tues PST, the system has run utterly flawlessly.

8. Simultaneously with 7. above, you then asked about my downloading music and going to adult sites, I responded to that and you then questioned my antivirus protection to which I responded in detail ( my post of Friday 946 AM ).

9. You then responded " Peter,
this all sounds great... Except for the fact that your system was attacked, and severely wounded, wasn't it!"
I wrote back that I'd never been attacked, restated the history of my first finding a problem ( reboots with FAH running), and you responded with questions about my driver updates to which I replied in my post immediately previous to this one.

I'm sorry if anywhere I said anything that prompted your comment about "my system having been attacked..."; if I did, it was most unintentional on my part!


It is now 145 AM PST Sat. and the system continues to run w/ no issues whatsoever.

I would like to know what you run as fulltime antispyware----it is my intent to continue w/ my currnet antivirus but cut down from the multiple spyware utilities that I've had simultaneously running in the past.
Your information as to what specific spyware program(s) you run concurrently that is/are working for you will help me greatly with deciding how and what to run as my spyware protection tools. And YES, I fully realize that what works for you may not be the right thing for me!---but knowing what you're running and how, will be a big help to me in deciding my moves in that area.

Thank you so much again for all your time and help; look forward to hearing from you!

Will post again in the morning w/ developments. Best, Peter

 

[Tmagic650]

Hello again Peter,
you have been operating way "over the top" with all your protection programs. Since you are now realizing this, and have taken the steps to remedy this, you should be ok now. Good luck, and happy computing!

 

[barebear]

Hi Tmagic,

Thanks!

I still have one old ?, and also a new one....

The old--what do you run as your full time anti spyware??

The new---- do you find it of any significance that when rebooting, your tray icons don't always show up in the same order??

If so, what might the significance be (if any), and what (if anything) should be looked for?

Wait to hear from you---your answers will be of great interest to me.

Thanks again, Peter