nsavoie
asked on
Computer continuously blue screens and reboots
Hi there,
I'm having a bit of trouble with my home built server running Microsoft Windows 2003, with VMWare with a few linux images on it.
About a month ago it did this, but it happened about every 20 min or so. Â I did a memtest and found that I had a bad stick of ram and then replaced it. Â I did a memtest after I put in the new ram and it came up fine. Â I'm not sure why this is happening now.
Here are some of the specs of the computer:
MSI 945P Neo5-F LGA 775 Intel 945P ATX Intel Motherboard
Intel Core 2 Duo E6550 Conroe 2.33GHz LGA 775 65W Dual-Core Processor Model BX80557E6550
Broadway Com Corp OKIA-BLACK-550 550W ATX Power Supply
4GB of RAM all same brand, but not all the same exact model
In there error log here is the error:
Error code 1000008e, parameter1 c0000005, parameter2 a813ad3f, parameter3 f7626aa0, parameter4 00000000.
When sending the error report, Microsoft tells me it is a problem with a device driver.
I have checked, and I have all of the latest drivers over at MSI.
Anyone have any input?
Thanks
I'm having a bit of trouble with my home built server running Microsoft Windows 2003, with VMWare with a few linux images on it.
About a month ago it did this, but it happened about every 20 min or so. Â I did a memtest and found that I had a bad stick of ram and then replaced it. Â I did a memtest after I put in the new ram and it came up fine. Â I'm not sure why this is happening now.
Here are some of the specs of the computer:
MSI 945P Neo5-F LGA 775 Intel 945P ATX Intel Motherboard
Intel Core 2 Duo E6550 Conroe 2.33GHz LGA 775 65W Dual-Core Processor Model BX80557E6550
Broadway Com Corp OKIA-BLACK-550 550W ATX Power Supply
4GB of RAM all same brand, but not all the same exact model
In there error log here is the error:
Error code 1000008e, parameter1 c0000005, parameter2 a813ad3f, parameter3 f7626aa0, parameter4 00000000.
When sending the error report, Microsoft tells me it is a problem with a device driver.
I have checked, and I have all of the latest drivers over at MSI.
Anyone have any input?
Thanks
This thread refers to a problem similar to yours:
https://www.experts-exchange.com/questions/21729266/HOW-to-Fix-Random-BSOD-with-System-Error-code-1000008e.html?anchorAnswerId=15913510#a15913510
In this case the virus was a rogue driver : i386p.sys (http://www.greatis.com/appdata/d/i/i386p.sys.htm)
I would suggest scanning your pc with Hijackthis:
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
Please post the scan log here.
https://www.experts-exchange.com/questions/21729266/HOW-to-Fix-Random-BSOD-with-System-Error-code-1000008e.html?anchorAnswerId=15913510#a15913510
In this case the virus was a rogue driver : i386p.sys (http://www.greatis.com/appdata/d/i/i386p.sys.htm)
I would suggest scanning your pc with Hijackthis:
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
Please post the scan log here.
ASKER
Here is the log of HiJack This:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:44:09 AM, on 6/17/2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\Documents and Settings\Administrator.CW- MAIN\WINDO WS\System3 2\smss.exe
C:\WINDOWS\system32\winlog on.exe
C:\WINDOWS\system32\servic es.exe
C:\WINDOWS\system32\lsass. exe
C:\WINDOWS\system32\svchos t.exe
C:\WINDOWS\System32\svchos t.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
D:\Inetpub\wwwroot\hottpro xy\HoTTPro xy.exe
C:\WINDOWS\system32\spools v.exe
C:\Program Files\Bonjour\mDNSResponde r.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\dns.ex e
C:\WINDOWS\System32\svchos t.exe
C:\WINDOWS\system32\inetsr v\inetinfo .exe
C:\WINDOWS\system32\ntfrs. exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\lserve r.exe
C:\Program Files\Viewpoint\Common\Vie wpointServ ice.exe
C:\Program Files\VMware\VMware Server\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat. exe
C:\WINDOWS\system32\Dfssvc .exe
C:\WINDOWS\system32\vmnetd hcp.exe
C:\WINDOWS\System32\svchos t.exe
C:\Program Files\VMware\VMware Server\vmserverdWin32.exe
C:\WINDOWS\System32\svchos t.exe
C:\WINDOWS\System32\dmadmi n.exe
C:\Program Files\VMware\VMware Server\bin\vmware-vmx.exe
C:\WINDOWS\System32\svchos t.exe
C:\WINDOWS\system32\winlog on.exe
C:\WINDOWS\system32\rdpcli p.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_09\bin \jusched.e xe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator.CW- MAIN\Deskt op\HiJackT his.exe
R1 - HKCU\Software\Microsoft\In ternet Explorer\Main,Default_Page _URL = res://shdoclc.dll/softAdmi n.htm
R1 - HKCU\Software\Microsoft\In ternet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\In ternet Explorer\Main,Start Page = res://shdoclc.dll/softAdmi n.htm
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,Default_Page _URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,Default_Sear ch_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\In ternet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\In ternet Explorer\Main,Local Page = C:\WINDOWS\system32\blank. htm
R1 - HKCU\Software\Microsoft\In ternet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Wi ndows\Curr entVersion \Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=C:\WINDOWS\system 32\userini t.exe,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-7 84B7D6BE0B 3} - C:\Program Files\Common Files\Adobe\Acrobat\Active X\AcroIEHe lper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D 4DAF1D92D4 3} - C:\Program Files\Java\jre1.5.0_09\bin \ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin \jusched.e xe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTra y.exe
O4 - HKLM\..\Run: [04EB85A6_7175_4E87_9583_3 D80793AD06 7] Temporary value - please remove
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macrom ed\Flash\F lashUtil9e .exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscu pgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscu pgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2563267524-1 697408974- 720798080- 1009\..\Ru nOnce: [tscuninstall] %systemroot%\system32\tscu pgrd.exe (User 'Backup User')
O4 - HKUS\S-1-5-18\..\Run: [] Â (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscu pgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] Â (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscu pgrd.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1 \OFFICE11\ EXCEL.EXE/ 3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-0 0401C60850 1} - C:\Program Files\Java\jre1.5.0_09\bin \ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-0 0401C60850 1} - C:\Program Files\Java\jre1.5.0_09\bin \ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-A CC66393942 4} - C:\Program Files\Bonjour\ExplorerPlug in.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3 C9C571A826 3} - C:\PROGRA~1\MICROS~1\OFFIC E11\REFIEB AR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-0 0B0D0A1DE4 5} - C:\Program Files\AIM\aim.exe
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\administrator.cw- main\windo ws\system3 2\mswsock. dll' missing
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O15 - ESC Trusted Zone: http://runonce.msn.com
O16 - DPF: {6414512B-B978-451D-A0D8-F CFDF33E833 C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1194569529046
O16 - DPF: {6E32070A-766D-4EE6-879C-D C1FA91D2FC 3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1210180000659
O16 - DPF: {8167C273-DF59-4416-B647-C 8BB2C7EE83 E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-4 4455354000 0} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D3CCEFAF-8EE1-40FE-BE25-3 66E2B016DA B} (Microsoft Virtual Server VMRC Control) - http://cw-main.criticalwire.com:1024/VirtualServer/activex/VMRCActiveXClient.cab
O17 - HKLM\System\CCS\Services\T cpip\Param eters: Domain = criticalwire.com
O17 - HKLM\Software\..\Telephony : DomainName = criticalwire.com
O17 - HKLM\System\CCS\Services\T cpip\..\{3 DF5B2D2-F8 94-420B-83 94-29E42B8 34BB8}: NameServer = 76.243.116.174,68.94.156.1
O17 - HKLM\System\CS1\Services\T cpip\Param eters: Domain = criticalwire.com
O17 - HKLM\System\CS2\Services\T cpip\Param eters: Domain = criticalwire.com
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc. exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2ev xx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponde r.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\Vie wpointServ ice.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Server\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetd hcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware Registration Service (vmserverdWin32) - VMware, Inc. - C:\Program Files\VMware\VMware Server\vmserverdWin32.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat. exe
--
End of file - 8813 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:44:09 AM, on 6/17/2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\Documents and Settings\Administrator.CW-
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\svchos
C:\WINDOWS\System32\svchos
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
D:\Inetpub\wwwroot\hottpro
C:\WINDOWS\system32\spools
C:\Program Files\Bonjour\mDNSResponde
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\dns.ex
C:\WINDOWS\System32\svchos
C:\WINDOWS\system32\inetsr
C:\WINDOWS\system32\ntfrs.
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\lserve
C:\Program Files\Viewpoint\Common\Vie
C:\Program Files\VMware\VMware Server\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.
C:\WINDOWS\system32\Dfssvc
C:\WINDOWS\system32\vmnetd
C:\WINDOWS\System32\svchos
C:\Program Files\VMware\VMware Server\vmserverdWin32.exe
C:\WINDOWS\System32\svchos
C:\WINDOWS\System32\dmadmi
C:\Program Files\VMware\VMware Server\bin\vmware-vmx.exe
C:\WINDOWS\System32\svchos
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\rdpcli
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_09\bin
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator.CW-
R1 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\Wi
F2 - REG:system.ini: UserInit=C:\WINDOWS\system
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTra
O4 - HKLM\..\Run: [04EB85A6_7175_4E87_9583_3
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macrom
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscu
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscu
O4 - HKUS\S-1-5-21-2563267524-1
O4 - HKUS\S-1-5-18\..\Run: [] Â (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscu
O4 - HKUS\.DEFAULT\..\Run: [] Â (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-0
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-0
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-A
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-0
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\administrator.cw-
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O15 - ESC Trusted Zone: http://runonce.msn.com
O16 - DPF: {6414512B-B978-451D-A0D8-F
O16 - DPF: {6E32070A-766D-4EE6-879C-D
O16 - DPF: {8167C273-DF59-4416-B647-C
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-4
O16 - DPF: {D3CCEFAF-8EE1-40FE-BE25-3
O17 - HKLM\System\CCS\Services\T
O17 - HKLM\Software\..\Telephony
O17 - HKLM\System\CCS\Services\T
O17 - HKLM\System\CS1\Services\T
O17 - HKLM\System\CS2\Services\T
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2ev
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponde
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\Vie
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Server\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetd
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware Registration Service (vmserverdWin32) - VMware, Inc. - C:\Program Files\VMware\VMware Server\vmserverdWin32.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.
--
End of file - 8813 bytes
ASKER
ASKER
I did a stress test with the following:
http://mersenne.org/gimps/p95v2414.zip
And it said:
FATAL ERROR: Rounding was 0.5, expected less than 0.4
Hardware failure detected, consult stress.txt file.
Execution halted.
Where do I go from here to test which piece of hardware it was?
Thanks everyone.
http://mersenne.org/gimps/p95v2414.zip
And it said:
FATAL ERROR: Rounding was 0.5, expected less than 0.4
Hardware failure detected, consult stress.txt file.
Execution halted.
Where do I go from here to test which piece of hardware it was?
Thanks everyone.
ASKER
Sorry one more thing. Â I was poking around in the event log and found this:
The computer has rebooted from a bugcheck. Â The bugcheck was: 0x0000008e (0xc0000005, 0xa813ad3f, 0xf7626aa0, 0x00000000). A dump was saved in: C:\WINDOWS\MEMORY.DMP.
This is available here:
http://citrix.criticalwire.com/memory.zip
(Although it is quite big. Â About 65mb)
The computer has rebooted from a bugcheck. Â The bugcheck was: 0x0000008e (0xc0000005, 0xa813ad3f, 0xf7626aa0, 0x00000000). A dump was saved in: C:\WINDOWS\MEMORY.DMP.
This is available here:
http://citrix.criticalwire.com/memory.zip
(Although it is quite big. Â About 65mb)
ASKER
I'm going to be doing a few tests on it tonight, including memtest. Â Is there anything else that I should try?
If you will be inside the case anyway take a look at the capacitors while you are in there. Look for bloating or split tops.
www.badcaps.net
I don't suspect that is the problem here but it takes like 30 seconds to check when you are in there anyway.
.
www.badcaps.net
I don't suspect that is the problem here but it takes like 30 seconds to check when you are in there anyway.
.
ASKER
I didn't get your response until after I was at the server, I can check back tomorrow. Â The memtest passed 5 times with no errors. Â
hmm ?
hmm ?
OK. Your HJT log is showing some issues, but not the infection that might cause the symptoms you describe. To be doubly sure, you could check the registry for the following:
HKEY_LOCAL_MACHINE\SOFTWAR E\Microsof t\Windows NT\CurrentVersion\
Winlogon\Notify\msctl32.dl l
HKEY_LOCAL_MACHINE\SYSTEM\ CurrentCon trolSet\Se rvices\i38 6p
If both are absent, then it looks like trouble shooting hardware is the way forward...
HKEY_LOCAL_MACHINE\SOFTWAR
Winlogon\Notify\msctl32.dl
HKEY_LOCAL_MACHINE\SYSTEM\
If both are absent, then it looks like trouble shooting hardware is the way forward...
ASKER
=/ Nothing ..Man wouldn't that of been nice if this was a software problem! Here are two pictures of the registry just to be sure I didn't miss anything.
http://citrix.criticalwire.com/registry1.png
http://citrix.criticalwire.com/registry2.png
I'm going back to the server later today to check the capacitors.
What other tests should I try?
http://citrix.criticalwire.com/registry1.png
http://citrix.criticalwire.com/registry2.png
I'm going back to the server later today to check the capacitors.
What other tests should I try?
ASKER
Sorry, I forgot these pictures too.. The capacitors look ok... (No bulging or leaking)
http://citrix.criticalwire.com/capacitor1.jpg
http://citrix.criticalwire.com/capacitor2.jpg
http://citrix.criticalwire.com/capacitor3.jpg
http://citrix.criticalwire.com/capacitor1.jpg
http://citrix.criticalwire.com/capacitor2.jpg
http://citrix.criticalwire.com/capacitor3.jpg
ASKER
Just providing some more information incase anyone needs it:
Here is my Motherboard:
http://www.newegg.com/Product/Product.aspx?Item=N82E16813130099
And here is my power supply:
http://www.newegg.com/Product/Product.aspx?Item=N82E16817162018
Here is my Motherboard:
http://www.newegg.com/Product/Product.aspx?Item=N82E16813130099
And here is my power supply:
http://www.newegg.com/Product/Product.aspx?Item=N82E16817162018
ASKER
Made some progress tonight. Â As of last night, my computer wouldn't boot. Â I thought that the problem was completely separate from this problem that I've been having but I don't think it was.
Right now I have to sticks of PNY and two sticks of Kingston, Â Putting in the Kingston does not allow me to see any picture on the screen, but both the PNY work. Â I'm bringing the Kingston back and going to see if I can get some PNY. Â Hopefully this was the entire problem and would explain the blue screening!
I'll update as soon as I get the new RAM.
Thanks for your input everyone.
Right now I have to sticks of PNY and two sticks of Kingston, Â Putting in the Kingston does not allow me to see any picture on the screen, but both the PNY work. Â I'm bringing the Kingston back and going to see if I can get some PNY. Â Hopefully this was the entire problem and would explain the blue screening!
I'll update as soon as I get the new RAM.
Thanks for your input everyone.
Swapping RAM is the simplest fix...
Good luck!
Good luck!
If your problem persists with the new ram, these are other potential problem areas that might cause these types of problems:
-Power Supply (Check Voltage / Swap with Known-Good unit of sufficient Wattage)
-Video Card (Check Capacitors here too, but more likely a video memory problem if this is the culprit)
-Processor (It's always a pain to find a known good for this one)
If you have any known-good components to swap with your existing hardware, that would be the best. Make sure you do not swap more than one component at a time so you know which one it was.
I have also taken a look at the minidumps, and these were the drivers that potentially caused the failures:
SiWinAcc.sys - NForce SATA driver (recommend re-installing driver) [OCCURRED 1 TIME]
ntkrnlmp.exe - Core windows driver (suggests hardware failure) [OCCURRED 1 TIME]
vmx86.sys - VMWare driver (it happened a lot, but not sure if re-installing VMWare will fix this problem) [OCCURRED 4 TIMES]
With the ntkrnlmp.exe file being one of the causes, and the SATA driver being another, I would recommend you try running your SATA hard drive with the IDE turned off in BIOS (assuming you have the OS on SATA and you have an IDE controller to turn off).
All-in-all, I still think it is hardware related. Keep us posted and Good Luck!
-Power Supply (Check Voltage / Swap with Known-Good unit of sufficient Wattage)
-Video Card (Check Capacitors here too, but more likely a video memory problem if this is the culprit)
-Processor (It's always a pain to find a known good for this one)
If you have any known-good components to swap with your existing hardware, that would be the best. Make sure you do not swap more than one component at a time so you know which one it was.
I have also taken a look at the minidumps, and these were the drivers that potentially caused the failures:
SiWinAcc.sys - NForce SATA driver (recommend re-installing driver) [OCCURRED 1 TIME]
ntkrnlmp.exe - Core windows driver (suggests hardware failure) [OCCURRED 1 TIME]
vmx86.sys - VMWare driver (it happened a lot, but not sure if re-installing VMWare will fix this problem) [OCCURRED 4 TIMES]
With the ntkrnlmp.exe file being one of the causes, and the SATA driver being another, I would recommend you try running your SATA hard drive with the IDE turned off in BIOS (assuming you have the OS on SATA and you have an IDE controller to turn off).
All-in-all, I still think it is hardware related. Keep us posted and Good Luck!
By the way, this is when we start the bets on which component it is. Â I say, Power Supply (hehe).
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
You may have a variant of this virus which fakes being a driver:
http://support.microsoft.com/kb/903251/en-us