a while back i couldnt start the service to avast. i then started a thread here to find a solution. someone there named, Essexboy, suggested that i run a program called, ‘Windows Repair (all in one)’. i did as he suggested. but after running the prgram, i experienced blue screen errors. i then reformatted and restored a previous backup. but i still get blue screen errors. is it possible that the program couldve flashed my system badly, affecting my hard drive (even after restoring a backup on it) or other component of my laptop?
No it would not affect the backups, with the blue screen errors I would suspect a driver issue. Windows repair manipulates programmes and permissions and does nothing to the system hardware at all
So if you reformat the drive and install a backup then anything windows repair did was wiped along with the reformat
What is the blue screen error ?
Do you have any minidumps
A quick analysis indicates that aswmon2 is one of the culprits. Now this was a problem on the previous version with XP systems
Initially could you uninstall Avast and see if the Blue screens cease. As another driver may be involved
On Thu 9/13/2012 4:32:01 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini091312-03.dmp
This was probably caused by the following module: aswmon2.sys (aswMon2+0xAC7)
Bugcheck code: 0x24 (0x1902FE, 0xFFFFFFFFB9F81574, 0xFFFFFFFFB9F81270, 0xFFFFFFFFBAEAC64A)
Error: NTFS_FILE_SYSTEM
Bug check description: This indicates a problem occurred in the NTFS file system.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: aswmon2.sys .
Google query: aswmon2.sys NTFS_FILE_SYSTEM
On Thu 9/13/2012 4:23:32 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini091312-02.dmp
This was probably caused by the following module: aswmon2.sys (aswMon2+0x7714)
Bugcheck code: 0x1000008E (0xFFFFFFFFC000001D, 0xFFFFFFFFB1763714, 0xFFFFFFFFB15108FF, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: aswmon2.sys .
Google query: aswmon2.sys KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
On Thu 9/13/2012 4:20:38 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini091312-01.dmp
This was probably caused by the following module: Unknown (0x00000000)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0x0, 0xFFFFFFFFB12DACA0, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: Unknown .
Google query: Unknown KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
On Wed 9/12/2012 9:34:19 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini091212-04.dmp
This was probably caused by the following module: win32k.sys (win32k+0x2B2B5)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFFBF82B2B5, 0xFFFFFFFFB1823C10, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\Windows\system32\win32k.sys
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: Multi-User Win32 Driver
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system which cannot be identified at this time.
On Wed 9/12/2012 6:15:25 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini091212-03.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x100DD)
Bugcheck code: 0x10000050 (0xFFFFFFFFF05C371C, 0x0, 0xFFFFFFFF804E70DD, 0x2)
Error: CUSTOM_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.
On Wed 9/12/2012 2:59:27 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini091212-02.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0xB4F1)
Bugcheck code: 0x100000D1 (0x68850FC0, 0x2, 0x0, 0x68850FC0)
Error: CUSTOM_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.
On Sat 9/8/2012 4:26:10 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini090812-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0xB4F1)
Bugcheck code: 0x100000D1 (0x68850FC0, 0x2, 0x0, 0x68850FC0)
Error: CUSTOM_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.
Conclusion
7 crash dumps have been found and analyzed. 2 third party drivers have been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:
hi essexboy… i uninstalled avast and restarted my laptop without it. but i still get the same blue error screen. so it looks like the culprit is the other driver. how can i identify and remove this driver?
We will do a clean boot first this will stop all drivers that are not windows related. If you do not get the problem on the first reboot then we need to narrow down which driver it is
Step 1:
Start the System Configuration Utility
Click Start, click Run, type msconfig, and then click OK.
The System Configuration Utility dialog box is displayed.
Step 2:
Configure selective startup options
In the System Configuration Utility dialog box, click the General tab, and then click Selective Startup.
Click to clear the Process SYSTEM.INI File check box.
Click to clear the Process WIN.INI File check box.
Click to clear the Load Startup Items check box. Verify that Load System Services and Use Original BOOT.INI are checked.
Click the Services tab.
Click to select the Hide All Microsoft Services check box.
Click Disable All, and then click OK.
When you are prompted, click Restart to restart the computer.
Step 3: Log on to Windows
If you are prompted, log on to Windows.
When you receive the following message, click to select the Don’t show this message or launch the System Configuration Utility when Windows start check box, and then click OK.
You have used the System Configuration Utility to make changes to the way Windows starts.
The System Configuration Utility is currently in Diagnostic or Selective Startup mode, causing this message to be displayed and the utility to run every time Windows starts.
Choose the Normal Startup mode on the General tab to start Windows normally and undo the changes you made using the System Configuration Utility.
Now we get to the tedious part,:
If windows behaves itself then do the following
Restart MSConfig and select half of the disabled services and reboot
Is the problem still present ?
If Yes then deselect half of the services that you resumed and reboot
If no then select half of the remaining services and reboot
The intention here is to isolate the one service/driver that is causing the problem
i did what you asked and the problem persists. also, wheni tried to undo what you asked in the System Configuration Utility, i get the following error:
error loading C:\WINDOWS\system32\gvsirfmt.dll
the specified module cannot be found
and i especially cant check on the ‘Use Modified BOOT.INI’ feature… what do i do about this?
[*]Select All Users
[*]Under the Custom Scan box paste this in netsvcs
BASESERVICES
%SYSTEMDRIVE%*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
qmgr.dll
/md5stop
%systemdrive%$Recycle.Bin|@;true;true;true
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s
CREATERESTOREPOINT
[*]Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]Post both logs
hi essexboy… the 2 files, OTL.txt and Extras.txt are attached in this post. please take a look at let me know the next steps.
i just want to very importantly add that when i take out my ram stick, i dont get any blue screen error. but when i put it back in, i get the errors. but i dont want to use my laptop without my ram stick. i wanted you to know this as this may help you assess the issue.
:OTL
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (no name) - {653D0EFF-653E-4B62-BEA0-BF2F909CE969} - No CLSID value found.
O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O3 - HKU\S-1-5-21-1960408961-616249376-839522115-1003\..\Toolbar\WebBrowser: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 1
O20 - AppInit_DLLs: (dyeari.dll) - File not found
O30 - LSA: Authentication Packages - (C:\WINDOWS\System32\ljJDtUml) - File not found
@Alternate Data Stream - 12 bytes -> C:\WINDOWS\system32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
:Files
ipconfig /flushdns /c
netsh int ip reset c:\resetlog.txt /c
ipconfig /release /c
ipconfig /renew /c
:Commands
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
hi essexboy… i did as you requested… attached is the log. please review it… also, i mentioned in my last reply about the ram. can you please tell me whta you think? thank you.
The bad RAM was not storing data for the drivers, hence the drivers were failing and it was mainly two drivers that were storing data in that area of the RAM
isnt there a way for the drivers to not use the ram?
and just to let you know, i had an old ram stick that worked… but after i reformatted my drive, the blue screen errors began to occur. thinking that the ram was the culprit for the blue screen errors, i threw it away and bought a new ram stick. but the new ram also gave the same blue screen errors. so right now, i dont know what to do… please advise.