Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: BSOD coming frequently

09 Jan 2013   #1
beavron

Windows 7 64 bit
 
 
BSOD coming frequently

Have been getting BSOD starting Christmas day 2012. First was BCCode 50. Then BCCode 96. Now BCCode f4 occurs when they system trys to do the update when shutting down. It also occurs if I try and do the updates manually.

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.256.48
Locale ID: 1033

Additional information about the problem:
BCCode: f4
BCP1: 0000000000000003
BCP2: FFFFFA800BCD9B30
BCP3: FFFFFA800BCD9E10
BCP4: FFFFF800033C8460
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1

Files that help describe the problem:
C:\Windows\Minidump\010913-20358-01.dmp
C:\Users\Ronald\AppData\Local\Temp\WER-57611-0.sysdata.xml

Read our privacy statement online:
http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt

This is information from the most recent crash.

I have run memtest86. It found no problems
I ran the Dell hardware analyzer it showed no problems.
I have more dump files from previus days

Hopefully my dmp file is attached or was uploaded...


My System SpecsSystem Spec
.
09 Jan 2013   #2
koolkat77

Microsoft Community Contributor Award Recipient

Windows 10 Home 64Bit
 
 

Welcome.

Code:
DEFAULT_BUCKET_ID:  VERIFIER_ENABLED_VISTA_MINIDUMP
Please disable driver verfier:
Driver Verifier - Enable and Disable
Please upload your msinfo32.nfo file. To get this: Start Menu -> Type msinfo32 into the Search programs and files box -> When it opens, go to File, Save -> Save as msinfo32.nfo and save in a place you will remember -> Let it finish the process of gathering and saving the system info -> Right click the .nfo file, click send to compressed (zipped) folder -> Upload the .zip file here.

Please upload your msinfo32.txt file. To get this: Start Menu -> Type msinfo32 into the Search programs and files box -> When it opens, go to File, Export -> Save as msinfo32.txt and save in a place you will remember -> Let it finish the process of gathering and saving the system info -> Right click the .txt file, click send to compressed (zipped) folder -> Upload the .zip file here.
My System SpecsSystem Spec
10 Jan 2013   #3
beavron

Windows 7 64 bit
 
 
Requested files attached

Good luck!
My System SpecsSystem Spec
.

10 Jan 2013   #4
koolkat77

Microsoft Community Contributor Award Recipient

Windows 10 Home 64Bit
 
 

What antivirus app do you use?
My System SpecsSystem Spec
10 Jan 2013   #5
beavron

Windows 7 64 bit
 
 

Windows defender
My System SpecsSystem Spec
10 Jan 2013   #6
koolkat77

Microsoft Community Contributor Award Recipient

Windows 10 Home 64Bit
 
 

Make scans with the following:

-Kaspersky TDSSKiller-ESET online scannerMicrosoft Security Essentials.
Recommended from a strict BSOD perspective, compatibility & stability compared to other antiviruses/internet security software. It is free and lightweight:-
warning   Warning
Do not start the free trial of Malware Bytes; remember to deselect that option when prompted.


Run a full scan with both (separately) once downloaded, installed and updated.
My System SpecsSystem Spec
10 Jan 2013   #7
beavron

Windows 7 64 bit
 
 
Kaspersky results

Ran Kaspersky. Found one item. Quarantined it first. Ran the scan again then cured it. I did not write down the name of the item. I don't know if that was important? Will run malware next.

Here is the report:

08:40:59.0378 4048 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
08:40:59.0909 4048 ============================================================
08:40:59.0909 4048 Current date / time: 2013/01/10 08:40:59.0909
08:40:59.0909 4048 SystemInfo:
08:40:59.0909 4048
08:40:59.0909 4048 OS Version: 6.1.7601 ServicePack: 1.0
08:40:59.0909 4048 Product type: Workstation
08:40:59.0909 4048 ComputerName: RONALD-PC
08:40:59.0909 4048 UserName: Ronald
08:40:59.0909 4048 Windows directory: C:\Windows
08:40:59.0909 4048 System windows directory: C:\Windows
08:40:59.0909 4048 Running under WOW64
08:40:59.0909 4048 Processor architecture: Intel x64
08:40:59.0909 4048 Number of processors: 8
08:40:59.0909 4048 Page size: 0x1000
08:40:59.0909 4048 Boot type: Normal boot
08:40:59.0909 4048 ============================================================
08:41:02.0701 4048 BG loaded
08:41:02.0998 4048 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:41:03.0029 4048 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:41:03.0029 4048 Drive \Device\Harddisk2\DR2 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:41:03.0029 4048 ============================================================
08:41:03.0029 4048 \Device\Harddisk0\DR0:
08:41:03.0029 4048 MBR partitions:
08:41:03.0029 4048 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1A4D000
08:41:03.0029 4048 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A61000, BlocksNum 0x72CA5000
08:41:03.0029 4048 \Device\Harddisk1\DR1:
08:41:03.0029 4048 MBR partitions:
08:41:03.0029 4048 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
08:41:03.0029 4048 \Device\Harddisk2\DR2:
08:41:03.0029 4048 MBR partitions:
08:41:03.0029 4048 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0xA962F3, BlocksNum 0x16A03C0D
08:41:03.0029 4048 \Device\Harddisk2\DR2\Partition2: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0xA962B4
08:41:03.0029 4048 ============================================================
08:41:03.0076 4048 C: <-> \Device\Harddisk0\DR0\Partition2
08:41:03.0076 4048 D: <-> \Device\Harddisk1\DR1\Partition1
08:41:03.0076 4048 F: <-> \Device\Harddisk2\DR2\Partition2
08:41:03.0107 4048 G: <-> \Device\Harddisk2\DR2\Partition1
08:41:03.0107 4048 ============================================================
08:41:03.0107 4048 Initialize success
08:41:03.0107 4048 ============================================================
My System SpecsSystem Spec
10 Jan 2013   #8
koolkat77

Microsoft Community Contributor Award Recipient

Windows 10 Home 64Bit
 
 

Update the thread when you're done scanning with all the apps.
My System SpecsSystem Spec
10 Jan 2013   #9
beavron

Windows 7 64 bit
 
 
Malware and ESET logs

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.01.10.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Ronald :: RONALD-PC [administrator]
1/10/2013 11:06:38 AM
MBAM-log-2013-01-10 (16-25-31).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 509030
Time elapsed: 50 minute(s), 11 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 9
C:\$Recycle.Bin\S-1-5-18\$bf85b9ec1403fe70ca17f882159b1a31\n (Trojan.0Access) -> No action taken.
C:\$Recycle.Bin\S-1-5-18\$bf85b9ec1403fe70ca17f882159b1a31\U\00000004.@ (Trojan.0Access) -> No action taken.
C:\$Recycle.Bin\S-1-5-18\$bf85b9ec1403fe70ca17f882159b1a31\U\00000008.@ (Trojan.Dropper.BCMiner) -> No action taken.
C:\$Recycle.Bin\S-1-5-18\$bf85b9ec1403fe70ca17f882159b1a31\U\000000cb.@ (Trojan.0Access) -> No action taken.
C:\$Recycle.Bin\S-1-5-18\$bf85b9ec1403fe70ca17f882159b1a31\U\80000000.@ (Trojan.0Access) -> No action taken.
C:\$Recycle.Bin\S-1-5-18\$bf85b9ec1403fe70ca17f882159b1a31\U\80000064.@ (Trojan.0Access) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-127904358-1895413300-3915022823-1000\$bf85b9ec1403fe70ca17f882159b1a31\n (Trojan.0Access) -> No action taken.
C:\Users\Ronald\AppData\Local\Temp\dooi0h2ans.exe (Exploit.Drop.GS) -> No action taken.
C:\Windows\svchost.exe (Trojan.Agent) -> No action taken.
(end)

ESET:

C:\Users\All Users\Microsoft\Windows\DRM\5611.tmp Win64/Olmarik.AO trojan unable to clean
C:\Users\All Users\Microsoft\Windows\DRM\5660.tmp Win64/Olmarik.AO trojan unable to clean
C:\ProgramData\Microsoft\Windows\DRM\5611.tmp Win64/Olmarik.AO trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Windows\DRM\5660.tmp Win64/Olmarik.AO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\10.01.2013_08.37.17\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\10.01.2013_08.37.17\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\10.01.2013_08.37.17\mbr0000\tdlfs0000\tsk0002.dta a variant of Win32/Rootkit.Kryptik.RG trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\10.01.2013_08.37.17\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\10.01.2013_08.37.17\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\10.01.2013_08.37.17\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\10.01.2013_08.37.17\mbr0001\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\10.01.2013_08.37.17\mbr0001\tdlfs0000\tsk0001.dta Win64/Olmarik.AM trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\10.01.2013_08.37.17\mbr0001\tdlfs0000\tsk0002.dta a variant of Win32/Rootkit.Kryptik.RG trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\10.01.2013_08.37.17\mbr0001\tdlfs0000\tsk0003.dta Win64/Olmarik.AN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\10.01.2013_08.37.17\mbr0001\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\10.01.2013_08.37.17\mbr0001\tdlfs0000\tsk0008.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\Users\Ronald\AppData\Local\Temp\573C.tmp Win32/Olmarik.AYR trojan cleaned by deleting - quarantined
C:\Users\Ronald\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\28a8bade-23c01b9b Win32/Olmarik.AYR trojan cleaned by deleting - quarantined
C:\Users\Ronald\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\1a558184-440cdea7 a variant of Win32/Injector.AAHF trojan cleaned by deleting - quarantined
C:\Users\Ronald\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\17b87d05-61342035 Java/Exploit.CVE-2012-1723.AV trojan cleaned by deleting - quarantined
C:\Users\Ronald\AppData\Roaming\pstorecr.dll a variant of Win32/Ponmocup.FT trojan cleaned by deleting (after the next restart) - quarantined
My System SpecsSystem Spec
11 Jan 2013   #10
koolkat77

Microsoft Community Contributor Award Recipient

Windows 10 Home 64Bit
 
 

What about MSE?

Any new BSODs?
My System SpecsSystem Spec
Reply

 BSOD coming frequently




Thread Tools




Similar help and support threads
Thread Forum
BSOD becoming more frequently
So far I have gotten BSOD the last 4 days straight and my boot times have been insanely long (~5 min). Other information: Problem signature: Problem Event Name: BlueScreen OS Version: 6.1.7600.2.0.0.768.3 Locale ID: 4105 Additional information about the problem:
BSOD Help and Support
BSOD frequently and I am not sure what to do...
I have recently been experiencing a lot of BSOD for no reason. I haven't installed any new hardware, and I have had this computer running for about a year now with no issues. Listed below is the error code that keeps popping up. Problem signature: Problem Event Name: BlueScreen OS...
BSOD Help and Support
BSOD Very Frequently While Using PC
Hello, I've been having BSODs ever since i bought this new PC but recently the BSODs have become very frequent. I've had this PC for about 8 months now but during this time BSODs HAVE occurred, but only once every couple days or weeks. Now it BSODs very frequently, about once every 20mins-2hr....
BSOD Help and Support
BSOD Frequently
OEM Install of x64 Win 7 Home Prem Dell XPS 8100 I have been getting frequent BSOD for about 6 months. Generally 1 of four things happens. BSOD A Clock interrupt was not received on a secondary processor in the allocated time. BSOD IRQL_Not_less_than_or_equal_to BSOD Unkown Error System...
BSOD Help and Support
BSOD too frequently
Hi, I just bought a Dell 15R laptop & got too many BSOD, though didn't use at full throttle (only some web-browsers). :mad: Problem signature: Problem Event Name: BlueScreen OS Version: 6.1.7600.2.0.0.768.3 Locale ID: 1066
BSOD Help and Support
BSOD frequently
hello everyone! First of all please excuse my bad English. Now let's get to the problem. Since I installed Windows 7, i see regular BSOD. I did research on the net and I found how to interpret the minidump file windebugg tool. Here is the report from windebugg: Microsoft (R) Windows...
BSOD Help and Support


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 21:10.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App