[Gaming4JC]

Hello All,
I bumped into your forum googling for my problem, and I'm rather used to techy forums like this so I hope to not sound like a newbie.

I've been dual booting Ubuntu Jaunty and Windows Vista Home Premium for almost 6months, no problems. Then just two days ago I got a harddd shutdown while online Windows, I was like...

I looked at the event viewer and standard procedures but was not able to come to the conclusion on what went wrong. I've not installed or changed any applications of the past few months and am running the latest security software (Comodo Firewall, Malwarebyte's Antimalware, SpyBot S&D, AVG Anti-Virus, etc.) and Windows Updates.

The interesting thing that has me worried is that the problem has thusfar only happened when I'm online.
Also, Ubuntu remains perfect even after hours of heavy use, so I don't believe it's a hardware issue.
So that has me a little worried it could be a remote shutdown and/or virus.

Summary: I'll be minding my own business after a few hours of use and it just randomly shutsdown after displaying a BSOD for 3secs, I'm typing this post as fast as possible since it may decide to do it while I'm doing this. lol...


Some logs which may interest you:
Event Viewer Logs:
http://pastebin.com/m23bf1de8

BlueScreenViewer log:
http://pastebin.com/m38d9e6b9

Please let me know if you have any advice, I'm currently using Vista for my work and would like to get it resolved as soon as possible. Thanks for your time and consideration.

Luke

Edited by Gaming4JC, 28 September 2009 - 03:45 PM.

[Advertisements]

*3 day bump*
Any luck guys? I could use some advice...

[Gaming4JC]

*3 day bump*
Any luck guys? I could use some advice...

[Gaming4JC]

It just occurred again today (8th of October 2009), another BSOD and immediate shutdown causing loss of all the information I had up excepting for FireFox which at least saved my tabs. Here's the latest Dump I'm able to provide, any and all advice appreciated:
http://pastebin.com/m2f58a816

Edited by Gaming4JC, 09 October 2009 - 02:44 PM.

[Garry Hurley Jr.]

I ran into similar problems when I used to dual-boot Windows 98 and Linux, or BeOS and Windows 98. The thing I realized is that it was the way that I installed the operating systems. If Windows was installed first, and I resized the Windows partition, Windows would invariably try to write to a portion of the hard drive that no longer belonged to Windows - the BeOS or Linux partition for example - and it would cause a BSOD error. If Windows was installed after the real operating system, the installation would overwrite the boot sector of the drive because Microsoft rudely believes that their OS should be the only one installed on your computer, and you have no reason to install anything else (better) on your computer.

There are two ways around it, and sadly, neither is free. Method number one, System Commander or a similar commercial boot manager program will partition your hard drive properly and the Windows installation program will respect its restrictions on where the boot loader for Windows is installed. This means that you have to install the boot manager first, resize your partition and reinstall Windows and the real OS of your choice. Option two, well, this has two variants. Option two 'a' is to install a removable hard drive bay for each OS to be installed on a separate hard drive. Then you swap hard drives based on your needs - gaming or stability of an operating system. Option two 'b' is to delegate one operating system per computer. In other words, Windows on one PC, Linux on another, etc. Obviously, if you pay for your own electricity, this can be expensive, and computers are not always free (though I have gotten a few here or there).

If you choose to ignore this suggestion, size your two partitions, install Windows on the Windows partition and LILO or Grub on a flash disk, and have Linux on your second partition. Make sure you can boot from the flash drive (you can use a CD-ROM or floppy for the boot loader if you would rather) in the computer when you want to run the real OS. Or you could get the Linux version of VMWare workstation and make an image of Windows to run on VMWare. The choice is always yours. How much time or money do you want to spend?

[Gaming4JC]

Thanks for your reply, however I fail to see how dual-booting could be causing this issue. I even contacted Ubuntu support and they explained that the boot manager and disk resizing of Ubuntu is very stable and doesn't cause any problems with Vista. Soo... until some one can interpret those BSOD logs I'm going to continue to have these crashes I guess. Two more happened in the last two days including today. Once again these only occured when I was online, and have never occured after hours of use offline... curious eh?...

HELP!

[Broni]

It looks like either total system files corruption, or RAM problem.


A. If you have more than one RAM module installed, try starting computer with one RAM stick at a time.

NOTE Keep in mind, the manual check listed above is always superior to the software check, listed below. DO NOT proceed with memtest, if you can go with option A

B. If you have only one RAM stick installed...
...run memtest...

1. Download - Pre-Compiled Bootable ISO (.zip)
2. Unzip downloaded memtest86+-2.11.iso.zip file.
3. Inside, you'll find memtest86+-2.11.iso file.
4. Download, and install ImgBurn: http://www.imgburn.com/
5. Insert blank CD into your CD drive.
6. Open ImgBurn, and click on Write image file to disc
7. Click on Browse for a file... icon:



8. Locate memtest86+-2.11.iso file, and click Open button.
9. Click on ImgBurn green arrow to start burning bootable memtest86 CD:



10. Once the CD is created, boot from it, and memtest will automatically start to run.

The running program will look something like this depending on the size and number of ram modules installed:




It's recommended to run 5-6 passes. Each pass contains very same 8 tests.

This will show the progress of the test. It can take a while. Be patient, or leave it running overnight.



The following image is the test results area:



The most important item here is the “errors” line. If you see ANY errors, even one, most likely, you have bad RAM.

[Gaming4JC]

Thanks for the informative reply Broni.

There was no need to download MemTest, as it comes with Ubuntu via the grub boot menu and I have used it several times in the past. I only let it go one pass which you can see here:

However, my machine is less than 6months old and my local manufacturer which did the custom build already ran tests to make sure memory was fine. I'm pretty positive that's not the issue, also that would have of effected Ubuntu and it has not done so thus far.

I'd also like to bring up there is a pattern in the event logs I have been posting.
1. Always online when it happens, even when I spend hours doing stuff in Blender and other applications offline with no problems.

2. I always get a WMI error on the first boot after a crash:

Log Name:	  Application
Source:		Microsoft-Windows-WMI
Date:		  14/10/2009 8:35:28 AM
Event ID:	  10
Task Category: None
Level:		 Error
Keywords:	  Classic
User:		  N/A
Computer:	  Vista-PC
Description:
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
	<Provider Name="Microsoft-Windows-WMI" Guid="{1edeee53-0afe-4609-b846-d8c0b2075b1f}" EventSourceName="WinMgmt" />
	<EventID Qualifiers="49152">10</EventID>
	<Version>0</Version>
	<Level>2</Level>
	<Task>0</Task>
	<Opcode>0</Opcode>
	<Keywords>0x80000000000000</Keywords>
	<TimeCreated SystemTime="2009-10-14T12:35:28.000Z" />
	<EventRecordID>17381</EventRecordID>
	<Correlation />
	<Execution ProcessID="0" ThreadID="0" />
	<Channel>Application</Channel>
	<Computer>Vista-PC</Computer>
	<Security />
  </System>
  <EventData>
	<Data>//./root/CIMV2</Data>
	<Data>SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage &gt; 99</Data>
	<Data>0x80041003</Data>
  </EventData>
</Event>

3. All BSOD errors point to one file -- "Wdf01000.sys".

==================================================
Dump File		 : Mini101409-01.dmp
Crash Time		: 14/10/2009 8:35:08 AM
Bug Check String  : 
Bug Check Code	: 0x0000010d
Parameter 1	   : 00000000`00000007
Parameter 2	   : 0000057f`f752ef18
Parameter 3	   : fffffa80`08ad10e0
Parameter 4	   : fffffa80`08a88900
Caused By Driver  : Wdf01000.sys
Caused By Address : Wdf01000.sys+5d03a
File Description  : 
Product Name	  : 
Company		   : 
File Version	  : 
Processor		 : x64
==================================================

==================================================
Dump File		 : Mini101009-01.dmp
Crash Time		: 10/10/2009 9:41:53 PM
Bug Check String  : 
Bug Check Code	: 0x0000010d
Parameter 1	   : 00000000`00000007
Parameter 2	   : 0000057f`f617e878
Parameter 3	   : fffffa80`09e81780
Parameter 4	   : fffffa80`08acd9e0
Caused By Driver  : Wdf01000.sys
Caused By Address : Wdf01000.sys+5d03a
File Description  : 
Product Name	  : 
Company		   : 
File Version	  : 
Processor		 : x64
==================================================

==================================================
Dump File		 : Mini100809-01.dmp
Crash Time		: 08/10/2009 3:54:22 PM
Bug Check String  : 
Bug Check Code	: 0x0000010d
Parameter 1	   : 00000000`00000007
Parameter 2	   : 0000057f`f92b0208
Parameter 3	   : fffffa80`06d4fdf0
Parameter 4	   : fffffa80`0877cc00
Caused By Driver  : Wdf01000.sys
Caused By Address : Wdf01000.sys+5d03a
File Description  : 
Product Name	  : 
Company		   : 
File Version	  : 
Processor		 : x64
==================================================

4. Not a single problem on Linux, and fsck and checkdsk reveal no hard drive issues. I also went through a lot to make sure I didn't have a bad HDD this time around, I nuked 4 of them in one year but they were all cheapies and on an old comp. I got my manufacturer to test the drive and also chose the one with the highest non-failure rate according to some online reports.

Basically, I'm pretty sure the hardware is rock solid. Which only leaves one other option the file system corruption which was more than likely done remotely, perhaps due to a currently unknown buffer overflow exploit on that file? That would certainly cause a BSOD. My only question then is, what can one do to stop it.

Thanks for your time and let me know where I can go from here.

Edited by Gaming4JC, 14 October 2009 - 10:26 AM.

[Broni]

Go Start>Run ("Start Search" in Vista), type in:
sfc /scannow
Click OK (hold CTRL, and SHIFT, hit Enter in Vista).
Have Windows CD/DVD handy (with Vista, most likely, you won't need it).
If System File Checker (sfc) will find any errors, it may ask you for the CD/DVD (rarely in Vista case).
If sfc won't find any errors in Windows XP, it'll simply quit, without any message.
In Vista you will receive the following message: "Windows resource protection did not find any integrity violations".

I'd also.....
...start a new topic in the Malware Removal and Spyware Removal area.

Before you start a new topic click on this link --> Malware and Spyware Cleaning Guide, Please read before starting a new topic. This will give you a few preparations to make, as well as instruction for posting your OTListIt2 log.

If you are still having problems after being given a clean bill of health from the malware expert, then please return to THIS thread and we will pursue other options to help you solve your current problem(s).

[Gaming4JC]

SFC says system has good integrity. So no problems there, I'll go post on the Malware Removal forum... Thanks.

[Broni]

Keep us posted