Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

BSoD; Need advice please

Started by JohnGo , Apr 08 2012 08:08 PM

Please log in to reply

#1
JohnGo

Posted 08 April 2012 - 08:08 PM

Member

Member
339 posts

emachines T3612 200gb hdd 2gb ram, WIN XP Pro

Hello, I had an unfortunate event happen today with the above desktop computer. It was left recording from a wireless mic system. Sometime during the 30 minute recording session the OS stopped and when I returned to the computer it had blue screened with lots of data showing. I had to force shutdown and didn't get the Stop code.

I restarted and after it ran a check disk it came up and has been working about as usual. During my research this p.m., I found and installed Active@Hard Disk Monitor. Some of the results from the Disk Scan are as follows: There is 1 bad block out of 3,816 blocks. The blocks are 50mb. It shows 5,634 hours "worktime", 97 "power cycle count". The "health status" is OK with a 62% green bar showing.

The event log returned many entries: example; 2012-04-08 19:52:32(127.0.0.1)Status:WARNING. All entries in the log are identical except for the time. It scanned over two hours.

Since I don't have the Stop Code, is there any other diagnostics I could run or any other checks I might get some help with? Thank You

#2
rockmilk

Posted 08 April 2012 - 08:40 PM

Certified monkey.

Member
2,773 posts

Download BLUESCREENVIEW and install and run it to read the dump files created by windows.
Double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit>Select All.
Go File>Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.

Would you please tell me which antivirus applications you have had previously on this machine any and all.The reason I ask is because some like to hang around after you uninstall via add remove programs and require the use of removal tools.

What kind of computer do you have exactly??Example Compaq presario c700

Download CCLEANER

Just DONT us the registry cleaner function of CCleaner unless you know what you are deleting exactly!!

Then open ccleaner hit the tools button then startup second one down below uninstall then in the bottom right hand corner of ccleaner hit save to text file.Save it to your desktop and post the startup.txt here in your next reply.

Hit the start button in lower left hand corner. Then in the run box type msconfig, then hit the services tab then put a check mark in hide microsoft services what is listed there,after hiding microsoft services?Please post back to us in a vertical list.

Please download MINITOOLBOX When the box opens click save file, save it to the desktop and run it.

Checkmark the following boxes:

List Last Ten Event Viewer Errors
List MiniDump Files
List Installed Programs
List Users, Partitions and Memory size
Click Go and post the result.
List Devices (Only Problems)

Hit Go Post Results in your reply to me.

Run sfc /scannow also run chkdsk /r Links explaining below.

chkdsk /r

sfc /scannow

IF THIS IS A DESKTOP Unplug the tower open up the side.Get can of compressed air and blow out the machine and reseat the ram modules video card etc,see video Plug it back in and see how it goes.WHILE YOU HAVE THE RAM AND VIDEO CARD OUT BLOW OUT THE SLOTS THAT THEY PLUG INTO.ALSO BLOW OUT THE HEAT SINK.SEE VIDEO

PLEASE READ CAREFULLY AND POST ALL INFORMATION REQUESTED!!

I want to make one thing very clear DO NOT use the registry cleaner function of ccleaner!!

Edited by rockmilk, 08 April 2012 - 08:40 PM.

#3
JohnGo

Posted 08 April 2012 - 11:15 PM

Member

Topic Starter
Member
339 posts

My computer is an emachines desktop model T3612 200gb hdd 2gb ram, WIN XP Pro.

I have AVG Internet Security 2012 installed which is the only antivirus that has been on the computer to my knowledge.

I can run BlueScreenView C:\WINDOWS\Minidump but when it opens, the top and botton of window is empty and I can't see where to make it run.

#4
rockmilk

Posted 09 April 2012 - 01:31 AM

Certified monkey.

Member
2,773 posts

I can run BlueScreenView C:\WINDOWS\Minidump but when it opens, the top and botton of window is empty and I can't see where to make it run.

I am not sure how to be more clear with my instructions???

#5
JohnGo

Posted 09 April 2012 - 07:46 AM

Member

Topic Starter
Member
339 posts

Your instructions are clear. After looking in the help section, it seems like bluescreenview should run automatically when it is opened. When it opens, it shows the correct window according to the help section. (the window is divided in half horizontally) but remains blank and won't scan the computer.

If I can get past this, hopefully we can proceed.

#6
JohnGo

Posted 09 April 2012 - 10:17 AM

Member

Topic Starter
Member
339 posts

I have done all your instructions (except BlueScreenView)as follows.

ccleaner
Yes HKCU:Run ctfmon.exe C:\WINDOWS\system32\ctfmon.exe
Yes HKLM:Run Adobe ARM "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Yes HKLM:Run AVG_TRAY "C:\Program Files\AVG\AVG2012\avgtray.exe"
Yes HKLM:Run HotKeysCmds C:\WINDOWS\system32\hkcmd.exe
Yes HKLM:Run IgfxTray C:\WINDOWS\system32\igfxtray.exe
Yes HKLM:Run Persistence C:\WINDOWS\system32\igfxpers.exe
Yes HKLM:Run RTHDCPL RTHDCPL.EXE
Yes HKLM:Run SoundMAXPnP C:\Program Files\Analog Devices\Core\smax4pnp.exe
Yes HKLM:Run TkBellExe "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
Yes HKLM:Run UnlockerAssistant C:\Program Files\Unlocker\UnlockerAssistant.exe -H
Yes Startup Common Microsoft Office.lnk C:\Program Files\Microsoft Office\Office10\OSA.EXE

mini toolbox
MiniToolBox by Farbar Version: 18-01-2012
Ran by Owner (administrator) on 09-04-2012 at 09:48:26
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/08/2012 03:29:17 PM) (Source: MsiInstaller) (User: Owner)Owner
Description: Product: Adobe Reader 8.1.1 -- A process is running that cannot be shut down by Setup. Please either close all applications and run Setup again, or restart your computer and run Setup again.(NULL)(NULL)(NULL)(NULL)

Error: (04/08/2012 03:28:59 PM) (Source: MsiInstaller) (User: Owner)Owner
Description: Product: Adobe Reader 8.1.1 -- A process is running that cannot be shut down by Setup. Please either close all applications and run Setup again, or restart your computer and run Setup again.(NULL)(NULL)(NULL)(NULL)

Error: (04/08/2012 01:59:19 PM) (Source: ESENT) (User: )
Description: wuauclt (936) Unable to rollback operation #5082 on database C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb. Error: -510. All future database updates will be rejected.

Error: (04/08/2012 01:59:19 PM) (Source: ESENT) (User: )
Description: wuauclt (936) The logfile sequence in "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\" has been halted due to a fatal error. No further updates are possible for the databases that use this logfile sequence. Please correct the problem and restart or restore from backup.

Error: (04/08/2012 01:59:19 PM) (Source: ESENT) (User: )
Description: wuauclt (936) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1022.

Error: (04/08/2012 01:58:35 PM) (Source: ESENT) (User: )
Description: wuauclt (936) An attempt to write to the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edbtmp.log" at offset 0 (0x0000000000000000) for 131072 (0x00020000) bytes failed with system error 1117 (0x0000045d): "The request could not be performed because of an I/O device error. ". The write operation will fail with error -1022 (0xfffffc02). If this error persists then the file may be damaged and may need to be restored from a previous backup.

Error: (02/16/2012 01:20:20 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (02/16/2012 01:20:20 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

System errors:
=============
Error: (04/08/2012 11:42:58 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (04/08/2012 11:42:54 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (04/08/2012 11:40:58 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (04/08/2012 11:40:58 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (04/08/2012 10:43:12 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (04/08/2012 10:43:08 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (04/08/2012 10:41:11 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (04/08/2012 10:41:09 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (04/08/2012 10:39:49 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (04/08/2012 10:39:46 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Microsoft Office Sessions:
=========================
Error: (04/08/2012 03:29:17 PM) (Source: MsiInstaller)(User: Owner)Owner
Description: Product: Adobe Reader 8.1.1 -- A process is running that cannot be shut down by Setup. Please either close all applications and run Setup again, or restart your computer and run Setup again.(NULL)(NULL)(NULL)(NULL)

Error: (04/08/2012 03:28:59 PM) (Source: MsiInstaller)(User: Owner)Owner
Description: Product: Adobe Reader 8.1.1 -- A process is running that cannot be shut down by Setup. Please either close all applications and run Setup again, or restart your computer and run Setup again.(NULL)(NULL)(NULL)(NULL)

Error: (04/08/2012 01:59:19 PM) (Source: ESENT)(User: )
Description: wuauclt9365082C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb-510

Error: (04/08/2012 01:59:19 PM) (Source: ESENT)(User: )
Description: wuauclt936C:\WINDOWS\SoftwareDistribution\DataStore\Logs\

Error: (04/08/2012 01:59:19 PM) (Source: ESENT)(User: )
Description: wuauclt936-1022

Error: (04/08/2012 01:58:35 PM) (Source: ESENT)(User: )
Description: wuauclt936C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edbtmp.log0 (0x0000000000000000)131072 (0x00020000)-1022 (0xfffffc02)1117 (0x0000045d)The request could not be performed because of an I/O device error.

Error: (02/16/2012 01:20:20 PM) (Source: crypt32)(User: )
Description: http://www.download....uthrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (02/16/2012 01:20:20 PM) (Source: crypt32)(User: )
Description: http://www.download....uthrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

=========================== Installed Programs ============================

Active@ Hard Disk Monitor (Version: 3.0.2)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.228)
Adobe Flash Player 9 Plugin (Version: 9.0.124.0)
Adobe Reader X (10.1.2) (Version: 10.1.2)
Adobe Shockwave Player (Version: 11.0)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2411)
AVG 2012 (Version: 2012.0.1913)
CCleaner (Version: 3.17)
CDBurnerXP (Version: 4.0.024.439)
Defraggler (Version: 2.09)
e-Sword (Version: 7.07.0007)
Intel® Graphics Media Accelerator Driver
K-Lite Mega Codec Pack 3.8.0 (Version: 3.8.0)
Magical Jelly Bean KeyFinder (Version: 2.0.8.2)
Memorex exPressit Label Design Studio
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Office XP Professional with FrontPage (Version: 10.0.2627.0)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (KB925673) (Version: 6.00.3888.0)
NirSoft BlueScreenView
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 5.10.0.6363)
RealUpgrade 1.1 (Version: 1.1.0)
Sonic Foundry Sound Forge 6.0b (Version: 6.0.185)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB978506) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows Vista Wallpapers
XML Paper Specification Shared Components Pack 1.0

========================= Devices: ================================

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 1013.21 MB
Available physical RAM: 530.62 MB
Total Pagefile: 1672.51 MB
Available Pagefile: 1158.71 MB
Total Virtual: 2047.88 MB
Available Virtual: 1961.97 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:186.31 GB) (Free:174.06 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-0D10B7C3C

Administrator Guest HelpAssistant
Owner SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

I ran chkdsk and it said the volume is clean.

I ran sfc /scannow. Didn't show errors but I restarted and ran again.

I have reseated everything in the video except there's no video card. On board video.

#7
rockmilk

Posted 09 April 2012 - 06:22 PM

Certified monkey.

Member
2,773 posts

Open Ccleaner and disable the entries listed below.

Yes HKCU:Run ctfmon.exe C:\WINDOWS\system32\ctfmon.exe
Yes HKLM:Run Adobe ARM "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Yes HKLM:Run HotKeysCmds C:\WINDOWS\system32\hkcmd.exe
Yes HKLM:Run IgfxTray C:\WINDOWS\system32\igfxtray.exe
Yes HKLM:Run Persistence C:\WINDOWS\system32\igfxpers.exe
Yes HKLM:Run RTHDCPL RTHDCPL.EXE
Yes HKLM:Run TkBellExe "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
Yes HKLM:Run UnlockerAssistant C:\Program Files\Unlocker\UnlockerAssistant.exe -H
Yes Startup Common Microsoft Office.lnk C:\Program Files\Microsoft Office\Office10\OSA.EXE

Download Autoruns and Autorunsc unzip Autoruns to your desktop run it.See any entries that read file not found when you see them right click and select delete do this only for the entries that read file not found also uncheck any scheduled task that are set to run on your machine,close the program.
http://download.sysi...es/Autoruns.zip

Run the AVG removal tool in the link below.
http://majorgeeks.co...over_d7000.html

Install Avast free.
http://www.avast.com/download-software

Use drivermax to get the driver listed below. http://www.innovativ....com/drivermax/
PCI Simple Communications Controller

Please download FarbarServiceScanner and run it on the computer with the issue.
http://download.blee.../farbar/FSS.exe

Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Hit the start button in lower left hand corner. Then in the run box type msconfig, then hit the services tab then put a check mark in hide microsoft services what is listed there,after hiding microsoft services?Please post back to us in a vertical list.

Also you can use whocrashed to get me the blue screen info.
http://www.resplendence.com/whocrashed

#8
JohnGo

Posted 09 April 2012 - 11:41 PM

Member

Topic Starter
Member
339 posts

WHO CRASHED

--------------------------------------------------------------------------------
System Information (local)
--------------------------------------------------------------------------------

computer name: OWNER-0D10B7C3C
windows version: Windows XP Service Pack 3, 5.1, build: 2600
windows dir: C:\WINDOWS
CPU: GenuineIntel Intel® Celeron® D CPU 3.46GHz Intel586, level: 15
1 logical processors, active mask: 1
RAM: 1062432768 total
VM: 2147352576, free: 2043965440

--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\WINDOWS\Minidump

Crash dumps are enabled on your computer.

No valid crash dumps have been found on your computer

--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

Crash dumps are enabled but no valid crash dumps have been found. It may be that there are problems which prevent crash dumps from being written out. Check out the following article for possible causes: If crash dumps are not written out.

In case your computer does experience sudden reboots it is likely these are caused by malfunctioning hardware, power failure or a thermal issue. To troubleshoot a thermal issue, check the temperature using your BIOS setup program, check for dust in CPU and motherboard fans and if your computer is portable make sure it's located on a hard surface. Otherwise it's suggested you contact the support department of the manufacturer of your system or test your system with a memory test utility for further investigation.

Check out the following articles for more information: Troubleshooting sudden resets and shut downs.

Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.

CCLEANER STARTUP
No HKCU:Run ctfmon.exe C:\WINDOWS\system32\ctfmon.exe
No HKLM:Run Adobe ARM "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Yes HKLM:Run AVG_TRAY "C:\Program Files\AVG\AVG2012\avgtray.exe"
No HKLM:Run HotKeysCmds C:\WINDOWS\system32\hkcmd.exe
No HKLM:Run IgfxTray C:\WINDOWS\system32\igfxtray.exe
No HKLM:Run Persistence C:\WINDOWS\system32\igfxpers.exe
No HKLM:Run RTHDCPL RTHDCPL.EXE
Yes HKLM:Run SoundMAXPnP C:\Program Files\Analog Devices\Core\smax4pnp.exe
No HKLM:Run TkBellExe "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
No HKLM:Run UnlockerAssistant C:\Program Files\Unlocker\UnlockerAssistant.exe -H
No Startup Common Microsoft Office.lnk C:\Program Files\Microsoft Office\Office10\OSA.EXE

FARBER
Farbar Service Scanner Version: 01-03-2012
Ran by Owner (administrator) on 10-04-2012 at 00:01:15
Running from "C:\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

Windows Update:
============

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2008-06-03 04:01] - [2008-06-03 04:01] - 0126976 ____A (Microsoft Corporation) C51DE19619D50CBD03708647ACA10E70

C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys
[2008-07-28 01:53] - [2008-07-28 01:53] - 0361600 ____A (Microsoft Corporation) 367DE8E5F638C091F49273144274F629

C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll
[2008-04-28 04:07] - [2008-04-28 04:07] - 0330752 ____A (Microsoft Corporation) 4F10A2FA76B5BD54CD68AFA94E8ADB39

C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2009-12-02 13:30] - [2008-07-18 16:09] - 0025800 ____A (Microsoft Corporation) E53AE6443F6319D7EC22672CD473EADB

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll
[2008-07-07 10:23] - [2008-07-07 10:23] - 0253952 ____A (Microsoft Corporation) F17F6226BDC0CD5F0BEF0DAF84D29BEC

C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll
[2008-04-14 00:42] - [2009-02-09 05:56] - 0401408 ____A (Microsoft Corporation) 9222562D44021B988B9F9F62207FB6F2

C:\WINDOWS\system32\services.exe
[2008-04-14 00:42] - [2009-02-06 06:06] - 0110592 ____A (Microsoft Corporation) 020CEAAEDC8EB655B6506B8C70D53BB6

Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x09000000040000000100000002000000030000000800000009000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****

SYSTEM CONFIGURATION UTILITY: SERVICES TAB

checkmark Active@disc monitor Manufacturer LSoft Tech Inc status: running
checkmark Adobe Flash Player Update service. Manu: Adobe Systems status:stopped
checkmark Windows Cardspace Manu: Unknown status:stopped
checkmark NMSAccessU Manu: Unknown status: running

checkmark: Hide All Microsoft Services

I have completed your instructions except I could not locate the driver for PCI Simple Communications. Is it better for me to use AVAST rather than AVG antivirus?

#9
rockmilk

Posted 11 April 2012 - 02:57 PM

Certified monkey.

Member
2,773 posts

I have completed your instructions except I could not locate the driver for PCI Simple Communications. Is it better for me to use AVAST rather than AVG antivirus?

Yes Avast is a lot better lighter on your system and has higher detection rates.Also in order to get a crash log you will have to not run ccleaner also do not run a disk clean these both delete minidump files.So in order to get the logs you will have to wait until your pc crashes again and run blue screen view or who crashed immeditely afterwards.

#10
JohnGo

Posted 11 April 2012 - 04:14 PM

Member

Topic Starter
Member
339 posts

Ok, I will install avast and take your other advice. I have another question. I have always been under the impression that it's best to occassionally run a cleaner to remove clutter. Should I never run anything of this nature and just let the computer do it's thing? Your opinion will be greatly appreciated, Thanks very much for your help with this.

JohnGo

#11
rockmilk

Posted 11 April 2012 - 05:46 PM

Certified monkey.

Member
2,773 posts

Ok, I will install avast and take your other advice. I have another question. I have always been under the impression that it's best to occassionally run a cleaner to remove clutter. Should I never run anything of this nature and just let the computer do it's thing? Your opinion will be greatly appreciated, Thanks very much for your help with this.

JohnGo

Yes you should run a cleaner atleast once a week.The build up of temp files can slow your machine to a crawl but you can run ccleaner just uncheck:

Memory dumps and windows error reporting.

#12
Macboatmaster

Posted 11 April 2012 - 06:12 PM

Member
7,237 posts

I will reply while my colleague rockmilk is offline

Windows is quite good at managing its own system with the tools provided by Microsoft.
1.Disk Cleanup

2.Disk Defrag when necessary - click analyse to check.

3. Regular scans with your resident AV and anti-spyware

4. Windows updates for critical/security updates - Malicious software removal tools on release and security updates are VITAL
and in your case Office updates

5. Cleaning browsing history on IE and indeed if use on Firefox

6. Ensuring that JAVA and ADOBE applications especially flash player are up to date - these out of date are a considerable secuirty weakness

7. The above together with the periodic use of Old Timers Temporary File Cleaner (written by one of our Staff Members) will keep your system working well.

http://www.geekstogo...er-by-oldtimer/

8. Programs should of course always be uninstalled using either Windows Control Panel Add/remove programs or the programs own uninstaller. This generally ensures that all remnants of the program are removed.
Occasionally, especially with some anti-virus programs an additional removal tool is provided.

9. Some of the more "questionable" software, can of course be extremely difficult to uninstall and then extra steps may be necessary.

10. Generally speaking the use of registry cleaners, make it go faster programs and especially those that purport to be capable of turning your computer into the ideal gaming machine etc. are to be avoided.
There is actually no need to defrag the registry and in essence, those programs that allege that they are capable of cleaning, defragging and optimizing the registry are generally best left OFF your computer.
In fact it is commonly acknowledged that there is no such aspect of the registry, that it can be defragged.

What can be done is to delete unused keys, but there is no real benefit, achieved in doing so, as they will be but a minute percentage of the overall registry.
Unfortunately all these so called registry enhancers, rely on the software deciding which keys, sub keys, values etc are needed and which are not and it is there that the dangers exist.
ESPECIALLY, when the registry is not backed up first.
Ideally both by a restore point and by a program such as ERUNT registry back up.

NOW TO DEAL with my main reason for posting.
I have one immediate concern at this time.

Your original post when you opened the topic and some of the error logs - disclose what they perceive as drive errors.

Indeed the original post mentions that a bad block was found on the drive.

Contrary to the frequently held belief, bad sectors on hard drive cannot be repaired.
The bad sector remains.
What does happen is that data found in a bad sector is copied and then written to a good sector.
The original bad sector is marked BAD so that data is not written to it again.

If the report from ActiveDisk is correct and there is 50Mb of the disk recorded as bad, then you have a problem.
A sector of a HDD is for this purpose 512 bytes.
http://www.ntfs.com/...disk-basics.htm

The link is for information only

Therefore of course as there are 1000 bytes in a kilobyte eg 2 sectors
and 1000 KB in ONE megabyte = 2000 sectors
and the report was 50MB
that means there are 100,000 bad sectors on the drive.

: There is 1 bad block out of 3,816 blocks. The blocks are 50mb

That would of course be correct as 3816 x 50 = 190800Mb which is indeed your 200Gb hard drive.

My advice is to run
chkdsk /r
Go start
Run
type
cmd
key enter
in the window that opens type
cd \
key enter
that should take you to a C:\> prompt
type
chkdsk /r
key enter
agree the message to run on restart

It is a five stage check please do not interrupt it.
If you watch the screen you will see the result
If not when the computer is restarted go
Start
Control Panel
Admin Tools
Eevent Viewer
click application on left pane
on the headings of the main window click the source heading, that will sort them alphabetically
FIND the winlogon entries
Open the most recent by double clicking and check in the box that it is the chkdsk you have just run.
In the central window you have two views of the chkdsk
You want the full results rather than the summary
Then click ONCE on the double page symbol, to the right of the window and below the up and down arrows,

On your reply right click and paste or paste to wordpad and then copy and paste that please to the reply.
PLEASE paste it as the results, rather than the wordpad doc attached.

Do you have an external hard drive connected ?

Please open My Computer and send me a screenshot
Press Prt Screen key
Go start
programs
accessories
paint
click edit
click paste
the My Computer image will appear
Click File
Click SAVE AS
in file type it defaults to bitmap that is too large
change to jpeg please
save to desktop
on reply panel click use full editor
click on click to attach files
browse to the desktop image of my computer
attach to post

Whilst I was preparing this my colleague rockmilk has returned and posted.
He has recommended to you the use of CCleaner.
It is an excellent program.
HOWEVER our recommendation and especially for regular use is for Temporary File Cleaner by our staff member Old Timer, not I must stress because it is written by one of our staff, but it is more suitable for general use than CCleaner.

It is to some extent a question of preference and with respect your degree of knowledge. TFC deletes ONLY temporary files and requires little if any user intervention.
CCleaner does require the user to decide WHAT is being done, and to try and show you how much can be done and what is cleaned see this please
http://www.piriform....cookies-to-keep

#13
JohnGo

Posted 11 April 2012 - 10:53 PM

Member

Topic Starter
Member
339 posts

Event Type: Information
Event Source: Winlogon
Event Category: None
Event ID: 1001
Date: 4/11/2012
Time: 11:23:27 PM
User: N/A
Computer: OWNER-0D10B7C3C
Description:
Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.
Cleaning up minor inconsistencies on the drive.
Cleaning up 287 unused index entries from index $SII of file 0x9.
Cleaning up 287 unused index entries from index $SDH of file 0x9.
Cleaning up 287 unused security descriptors.
CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
Free space verification is complete.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
Windows has made corrections to the file system.

195358400 KB total disk space.
13836564 KB in 68775 files.
20284 KB in 5200 indexes.
0 KB in bad sectors.
158584 KB in use by the system.
65536 KB occupied by the log file.
181342968 KB available on disk.

4096 bytes in each allocation unit.
48839600 total allocation units on disk.
45335742 allocation units available on disk.

Internal Info:
20 24 01 00 02 21 01 00 75 4d 01 00 00 00 00 00 $...!..uM......
5b 15 00 00 02 00 00 00 24 04 00 00 00 00 00 00 [.......$.......
9a da 7f 01 00 00 00 00 92 cb 75 27 00 00 00 00 ..........u'....
b4 4b 98 03 00 00 00 00 1a a6 25 64 01 00 00 00 .K........%d....
be b2 76 88 08 00 00 00 1c a1 db 20 0a 00 00 00 ..v........ ....
99 9e 36 00 00 00 00 00 88 38 07 00 a7 0c 01 00 ..6......8......
00 00 00 00 00 50 84 4c 03 00 00 00 50 14 00 00 .....P.L....P...

Windows has finished checking your disk.
Please wait while your computer restarts.

For more information, see Help and Support Center at http://go.microsoft....ink/events.asp.

THERE IS NO EXTERNAL HARD DRIVE CONNECTED TO THIS COMPUTER.

Attached Thumbnails

#14
Macboatmaster

Posted 12 April 2012 - 04:37 AM

Member
7,237 posts

Well there is nothing showing in that chkdsk to suggest there is anything wrong with the drive by way of bad sectors.

I do notice on your screenshot that you have warnings on the taskbar notification area. The red shield is a security warning.
Do you also have updates to install.

I am a little puzzled by the report from Active hard disk. It is not a program I know.
Perhaps you should run it again and see if the report is the same.

My colleague rockmilk has covered a lot of ground and it maybe that we will be better informed if and when you suffer a crash and we have a crash dump.

I would be interested to see the results of this
Please Run the PCPitstop.com OverDrive Full Tests

Here's how:

You must use your Internet Explorer for this procedure. (doesn't work so well in Firefox or others).

Go to: http://www.pcpitstop.com
Click on "Free Computer Check-up" listed below PC Pitstop OverDrive
In the User Login - Click on "Sign up FREE!" OR YOU CAN RUN THE TEST ANON. without signing up. - you will see that at the end of that screen. The results will still be saved long enough for me to look at them.
You'll need to submit a valid email address and create your own password, then click - Create Account(button)

Now enter your email address and password to Log in, Select - Scan this system Now!(button)
You will then be asked to download an ActiveX component and allow it to install.
It is safe and does not compromise your privacy.
Follow the on-screen prompts to install the ActiveX and to allow the Full Tests to be run on your machine.

The Full Tests take about 2 1/2 - 3 minutes on most machines.
When complete, a Results - Summary - Recommended Fixes will be displayed.

Please post the URL internet address, from your Results, back here into this Topic Thread so that we can review the configuration.

Note: During the graphics 2D and graphics 3D testing, your screen will display some rapidly moving objects.
If you are sensitive to visual flashing, it may cause dizziness. Therefore, look away from the screen during that portion of the testing.

While PCPitstop does offer a variety of Paid Products, the PCPitstop OverDrive testing is FREE. Please ignore the references to Paid Products. We prefer to provide manual solution instructions that you can apply directly to your machine.

#15
JohnGo

Posted 12 April 2012 - 02:22 PM

Member

Topic Starter
Member
339 posts

I can't seem to find a URL for the PC Matic results. I have attached the screen print for you to see. If you can direct me as to how to get a URL I would like to send them for your review.

I re-ran Active@harddiscmonitor and it shows no bad blocks this time. The first run yesterday showed 1 bad block.

With reference to the red shield you mentioned, I have now installed updates.