New PC build has lots of BSOD's

Page 3 - Seeking answers? Join the Tom's Hardware community: where nearly two million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
T

thedude79

Proper
Nov 2, 2018
51
0
130
Hello, I recently built a new gaming rig and i'm having a lot of trouble with system stability. The system seems to run fine for normal web browsing activities, but once i start gaming on it, there's a chance for some random bluescreen error to pop up.

OS Name Microsoft Windows 10 Home
Version 10.0.17134 Build 17134
Other OS Description Not Available
OS Manufacturer Microsoft Corporation
System Name DESKTOP-G3M0DMS
System Type x64-based PC
System SKU SKU
Processor AMD Ryzen 7 2700X Eight-Core Processor, 3700 Mhz, 8 Core(s), 16 Logical
BIOS Version/Date American Megatrends Inc. 0804, 2018-07-09
SMBIOS Version 3.1
Embedded Controller Version 255.255
BIOS Mode UEFI
BaseBoard Manufacturer ASUSTeK COMPUTER INC.
It's running a Crosshair hero VII (wi-fi)
Platform Role Desktop
Secure Boot State Off
PCR7 Configuration Binding Not Possible
Windows Directory C:\WINDOWS
System Directory C:\WINDOWS\system32
Boot Device \Device\HarddiskVolume2
Locale United States
Hardware Abstraction Layer Version = "10.0.17134.285"
User Name DESKTOP-G3M0DMS\Michael
Time Zone Eastern Daylight Time
Installed Physical Memory (RAM) 16.0 GB
Total Physical Memory 15.9 GB
Available Physical Memory 11.2 GB
Total Virtual Memory 18.3 GB
Available Virtual Memory 10.9 GB
Page File Space 2.38 GB
Page File C:\pagefile.sys
Kernel DMA Protection Off
Virtualization-based security Not enabled
Device Encryption Support Reasons for failed automatic device encryption: TPM is not usable, PCR7 binding is not supported, Hardware Security Test Interface failed and device is not InstantGo, Un-allowed DMA capable bus/device(s) detected, TPM is not usable
Hyper-V - VM Monitor Mode Extensions Yes
Hyper-V - Second Level Address Translation Extensions Yes
Hyper-V - Virtualization Enabled in Firmware No
Hyper-V - Data Execution Protection Yes

I'm running an xc 2080 from EVGA, it's not overclocked or anything.
i've got 16gb of g skill ripjaws ddr4 it's supposed to clock to 3200mhz but i found the system is a bit more stable with 2933mhz, though this could just be my own bias.
All of the parts are brand new and not used. The system has a 500gb samsung evo 860 for it's boot drive and a 1tb samsuing 860 evo for it's second hard drive for game storage.

The computer has been throwing blue screen errors at me pretty much from day one, i've tried clean installing the nvidia drivers, running the default bios settings, flashing the bios. Generally speaking the BSOD's come when i'm gaming, ARK really seems to blue screen a lot but the witcher 3 and skyrim SE have also had bluescreen happen during gaming. I'm at my witts end with how to repair this pc.

Another thing the system does is randomly shut off. This usually seems to happen when i'm stress testing it or gaming, the system will just power off completely, and the only way to get the power button to function again is to flip the power supply's switch on and then off. I'm not sure whether or not the motherboard or some component is causing the issue. All of the fans the system has seem to be running smoothly and the 850 watt power supply is more than enough considering the fact i'm not overclocking the cpu or graphics card.


so the first system failure had the following information
Description
A problem with your hardware caused Windows to stop working correctly.

Problem signature
Problem Event Name: LiveKernelEvent
Code: ab
Parameter 1: 2
Parameter 2: 2e0
Parameter 3: 0
Parameter 4: 17
OS version: 10_0_17134
Service Pack: 0_0
Product: 768_1
OS Version: 10.0.17134.2.0.0.768.101
Locale ID: 4105

followed by this bluescreen
Problem signature
Problem Event Name: BlueScreen
Code: 4e
Parameter 1: 99
Parameter 2: 3ade7b
Parameter 3: 2
Parameter 4: a0003a0003ade7a
OS version: 10_0_17134
Service Pack: 0_0
Product: 768_1
OS Version: 10.0.17134.2.0.0.768.101
Locale ID: 4105

following this it had another couple of bluescreens
Problem signature
Problem Event Name: BlueScreen
Code: 19
Parameter 1: 20
Parameter 2: ffffc58c9c2f5000
Parameter 3: ffffc58c9c2f5730
Parameter 4: 5730100
OS version: 10_0_17134
Service Pack: 0_0
Product: 768_1
OS Version: 10.0.17134.2.0.0.768.101
Locale ID: 4105

Extra information about the problem
Bucket ID: 0x19_20_nt!EtwpEnumerateAddressSpace

and then this blue screen
Problem signature
Problem Event Name: BlueScreen
Code: c2
Parameter 1: 7
Parameter 2: 666e6477
Parameter 3: 4050004
Parameter 4: ffffcc0371dfd160
OS version: 10_0_17134
Service Pack: 0_0
Product: 768_1
OS Version: 10.0.17134.2.0.0.768.101
Locale ID: 4105

Extra information about the problem
Bucket ID: 0xc2_7_wdnf_nvlddmkm!CMemoryAllocator::freeMemoryWithTag

which was then followed by this blue screen
Problem signature
Problem Event Name: BlueScreen
Code: 119
Parameter 1: 10000
Parameter 2: ffff958aef468000
Parameter 3: ffff958af41c3ac0
Parameter 4: 0
OS version: 10_0_17134
Service Pack: 0_0
Product: 768_1
OS Version: 10.0.17134.2.0.0.768.101
Locale ID: 4105

Extra information about the problem
Bucket ID: 0x119_10000_UNKNOWN_dxgmms2!VidSchiSetFlipDevice

then after another couple of days i got this blue screen
Problem signature
Problem Event Name: BlueScreen
Code: c2
Parameter 1: 4
Parameter 2: 51bb36a3
Parameter 3: 681a4d27
Parameter 4: ffffb206fdac53b8
OS version: 10_0_17134
Service Pack: 0_0
Product: 768_1
OS Version: 10.0.17134.2.0.0.768.101
Locale ID: 4105

Extra information about the problem
Bucket ID: 0xc2_4_dxgmms2!operator_delete

followed by this one
Problem signature
Problem Event Name: BlueScreen
Code: 19
Parameter 1: 20
Parameter 2: ffffbd043faa6e20
Parameter 3: ffffbd043faa6e90
Parameter 4: 407042b
OS version: 10_0_17134
Service Pack: 0_0
Product: 768_1
OS Version: 10.0.17134.2.0.0.768.101
Locale ID: 4105

Extra information about the problem
Bucket ID: 0x19_20_nt!MiRemoveSecureEntry

followed by
Problem signature
Problem Event Name: BlueScreen
Code: c2
Parameter 1: 7
Parameter 2: 4d52564e
Parameter 3: 4050004
Parameter 4: ffff8506af875730
OS version: 10_0_17134
Service Pack: 0_0
Product: 768_1
OS Version: 10.0.17134.2.0.0.768.101
Locale ID: 4105

Extra information about the problem
Bucket ID: 0xc2_7_NVRM_nvlddmkm!CMemoryAllocator::freeMemoryWithTag

this was then followed by
Problem signature
Problem Event Name: BlueScreen
Code: 139
Parameter 1: 1d
Parameter 2: ffff8c07d19870d0
Parameter 3: ffff8c07d1987028
Parameter 4: 0
OS version: 10_0_17134
Service Pack: 0_0
Product: 768_1
OS Version: 10.0.17134.2.0.0.768.101
Locale ID: 4105

Extra information about the problem
Bucket ID: 0x139_1d_INVALID_BALANCED_TREE_nt!RtlAvlRemoveNode

this issue was then followed by
Problem signature
Problem Event Name: BlueScreen
Code: c2
Parameter 1: 7
Parameter 2: 4d52564e
Parameter 3: 50005
Parameter 4: ffffd38363745e30
OS version: 10_0_17134
Service Pack: 0_0
Product: 768_1
OS Version: 10.0.17134.2.0.0.768.101
Locale ID: 4105

Extra information about the problem
Bucket ID: CORRUPT_MODULELIST_0xc2_7

another bluescreen followed
Problem signature
Problem Event Name: BlueScreen
Code: 3b
Parameter 1: c0000005
Parameter 2: fffff803b08224d8
Parameter 3: ffff9b8f58b7fab0
Parameter 4: 0
OS version: 10_0_17134
Service Pack: 0_0
Product: 768_1
OS Version: 10.0.17134.2.0.0.768.101
Locale ID: 4105

Extra information about the problem
Bucket ID: 0x3B_nt!MiRemoveSharedCommitNode

with this one following
Problem signature
Problem Event Name: BlueScreen
Code: c2
Parameter 1: 4
Parameter 2: ffffac05
Parameter 3: a8b50280
Parameter 4: ffffac05a78859c0
OS version: 10_0_17134
Service Pack: 0_0
Product: 768_1
OS Version: 10.0.17134.2.0.0.768.101
Locale ID: 4105

Extra information about the problem
Bucket ID: 0xc2_4_nvlddmkm!CMemoryAllocator::freeMemoryWithTag

Today the computer didn't bluescreen but it shut down randomly and required me to flip the power button switch to turn it on. I don't really know what to make of these blue screens as multiple components are pointed at. I was wondering if the GPU's vram could be at fault for the errors because i ran a prime 95 memory and cpu test for about 20 hours consecutively and the system didn't bluescreen or freeze at all during that time period. Let me know if i can provide any other information, i'll be watching this thread fairly frequently, and i'd appreciate any help i could get with the issues. Thank you in advance.
 
Sort by date Sort by votes


I did a clean install and that didn't fix the issue. I installed fresh drivers and flashed the bios yesterday. I'm still getting the BSOD lots when gaming.
 
Upvote 0 Downvote


I'm using a legit copy of windows, and i did a clean install and i'm still getting these issues.
 
Upvote 0 Downvote


I used the media creation tool to install windows and I bought a cd copy off of newegg. I'm not sure what's messing with my windows, but it''s certainly legitimate.

Here's the link i used to download the media creation tool. https://www.microsoft.com/en-ca/software-download/windows10
 
Upvote 0 Downvote
run cmd.exe or powershell as an admin and run
dism.exe /online /cleanup-image /restorehealth
(this should repair the windows user interface files)
you might run malwarebytes to see if you can find out what changed them.

run
verifier.exe /standard /all
be sure to apply all of the windows updated.
then reboot
be sure you know how to get into safe mode, in case verifier calls a bugcheck on the next boot.

be sure you know how to get into safe mode in case the machine bugchecks on boot up.
run
verifier.exe /reset
to turn off verifier functions. This should be done after testing or your machine will run slowly until you do.

try to apply all of the windows updates.

change the memory dump type to kernel
google how to force a memory dump using a keyboard, make the registry settings
then force a memory dump while the system is working.
put the file c:\windows\memory.dmp on a server and post a link

I can take a look at your hardware setting and internal error logs.

provide info on what bios version you have and the bios date.
or the link to the website




 
Upvote 0 Downvote
run cmd.exe or powershell as an admin and run
dism.exe /online /cleanup-image /restorehealth
(this should repair the windows user interface files)
you might run malwarebytes to see if you can find out what changed them.

run
verifier.exe /standard /all
be sure to apply all of the windows updated.
then reboot
be sure you know how to get into safe mode, in case verifier calls a bugcheck on the next boot.

be sure you know how to get into safe mode in case the machine bugchecks on boot up.
run
verifier.exe /reset
to turn off verifier functions. This should be done after testing or your machine will run slowly until you do.

try to apply all of the windows updates.

change the memory dump type to kernel
google how to force a memory dump using a keyboard, make the registry settings
then force a memory dump while the system is working.
put the file c:\windows\memory.dmp on a server and post a link

I can take a look at your hardware setting and internal error logs.

provide info on what bios version you have and the bios date.
or the link to the website you got it from.

go into bios and change any setting and change it back and save the results this will force the bios to rescan your hardware and rebuild the database of hardware settings that it sends to windows.

confirm the correct bios was installed and it matches your motherboard version number.




 
Upvote 0 Downvote


Hello,

I ran both the dism.exe /online /cleanup-image /restorehealth. After this i did a scan with Mbam, for all of the drives plugged into the computer, and no threats were detected, it was a custom scan that also scanned for rootkits, along with anything else Mbam scans for.

verifier.exe /standard /all and verifier.exe /reset. I posted the powershell scripts below to show what the tests found and did.

I checked windows update for updates and downloaded the following updates. Though when i opened windows update, it said it checked for updates last night and i assumed that was true, apparently i was missing some. All of the updates were installed successfully.

Definition Update for Windows Defender Antivirus - KB2267602 (Definition 1.279.1380.0)
2018-10 Cumulative Update for Windows 10 Version 1803 for x64-based Systems (KB4462933)
2018-09 Update for Windows 10 Version 1803 for x64-based Systems (KB4100347)

I've forced a memory dump and the file link is here. I generally get bluescreens while playing ARK, i've gotten them in other games too, so i booted up ARK and forced a bluescreen like you suggested. Here's a link to the file.
https://drive.google.com/file/d/1dYwQ_eyyNjvvD87h2E4SRWPSTgS9xuYG/view?usp=sharing

For my graphics driver, i did a clean install and downloaded them from nvidia,

For my bios updates and all other driver updates for the motherboard i got all the files from here selecting the windows 10 64 bit os.
I'm using bios version 1002, i downloaded it yesterday.
https://www.asus.com/Motherboards/ROG-CROSSHAIR-VII-HERO-WI-FI/HelpDesk_Download/

I've now went into bios and changed the settings and forced it to rescan the hardware. The correct bios was installed,
the easy flash 3 utility recognized the file and when i boot into bios it says that it's version 1002.

Below is a copy of the powershell commands i ran.

Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

PS C:\WINDOWS\system32> dism.exe /online /cleanup-image /restorehealth

Deployment Image Servicing and Management tool
Version: 10.0.17134.1

Image Version: 10.0.17134.376

[==========================100.0%==========================] The restore operation completed successfully.
The operation completed successfully.
PS C:\WINDOWS\system32> verifier.exe /standard /all

Verifier Flags: 0x000209bb

Standard Flags:

[X] 0x00000001 Special pool.
[X] 0x00000002 Force IRQL checking.
[X] 0x00000008 Pool tracking.
[X] 0x00000010 I/O verification.
[X] 0x00000020 Deadlock detection.
[X] 0x00000080 DMA checking.
[X] 0x00000100 Security checks.
[X] 0x00000800 Miscellaneous checks.
[X] 0x00020000 DDI compliance checking.

Additional Flags:

[ ] 0x00000004 Randomized low resources simulation.
[ ] 0x00000200 Force pending I/O requests.
[ ] 0x00000400 IRP logging.
[ ] 0x00002000 Invariant MDL checking for stack.
[ ] 0x00004000 Invariant MDL checking for driver.
[ ] 0x00008000 Power framework delay fuzzing.
[ ] 0x00010000 Port/miniport interface checking.
[ ] 0x00040000 Systematic low resources simulation.
[ ] 0x00080000 DDI compliance checking (additional).
[ ] 0x00200000 NDIS/WIFI verification.
[ ] 0x00800000 Kernel synchronization delay fuzzing.
[ ] 0x01000000 VM switch verification.
[ ] 0x02000000 Code integrity checks.

[X] Indicates flag is enabled.

Boot Mode:

Persistent

Rules:

All rules are using default settings

Extensions:

wdm: rules.default

Verified Drivers:

All Drivers

The system reboot is required for the changes to take effect.
PS C:\WINDOWS\system32>

After running verifier.exe /reset

Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

PS C:\WINDOWS\system32> verifier.exe /reset

Verifier Flags: 0x00000000

Standard Flags:

[ ] 0x00000001 Special pool.
[ ] 0x00000002 Force IRQL checking.
[ ] 0x00000008 Pool tracking.
[ ] 0x00000010 I/O verification.
[ ] 0x00000020 Deadlock detection.
[ ] 0x00000080 DMA checking.
[ ] 0x00000100 Security checks.
[ ] 0x00000800 Miscellaneous checks.
[ ] 0x00020000 DDI compliance checking.

Additional Flags:

[ ] 0x00000004 Randomized low resources simulation.
[ ] 0x00000200 Force pending I/O requests.
[ ] 0x00000400 IRP logging.
[ ] 0x00002000 Invariant MDL checking for stack.
[ ] 0x00004000 Invariant MDL checking for driver.
[ ] 0x00008000 Power framework delay fuzzing.
[ ] 0x00010000 Port/miniport interface checking.
[ ] 0x00040000 Systematic low resources simulation.
[ ] 0x00080000 DDI compliance checking (additional).
[ ] 0x00200000 NDIS/WIFI verification.
[ ] 0x00800000 Kernel synchronization delay fuzzing.
[ ] 0x01000000 VM switch verification.
[ ] 0x02000000 Code integrity checks.

[X] Indicates flag is enabled.

Boot Mode:

Persistent

Rules:

All rules are using default settings

Verified Drivers:

None

The system reboot is required for the changes to take effect.
PS C:\WINDOWS\system32>
 
Upvote 0 Downvote


I Flashed the bios already. I downloaded hardware info check, it doesn't seem to give me any indication about what my powersupply is doing. When i check what the power supply is doing in the bios, i get the following readings. 12.099v for the 12volt connector, 4.959 for the five volt connector and 3.335 for the three volt connector.

 
Upvote 0 Downvote
turn off all sleep functions for the usb ports.
there is something strange going on with your usb 3 port. one is doing a bulk transfer of 2 bytes over and over. (330,000 times in 5 or 6 minutes)
USBXHCI

remove the xbox driver for the usb (it is not working correctly)

-----------------
looking at the kernel dump.
- it now shows more modified windows files. 7 modifications to the kernel
-the bios interface is working

remove your gup tweak utility:
https://carrona.org/drivers/driver.php?id=IOMap64.sys
C:\WINDOWS\system32\drivers\IOMap64.sys Fri Apr 28 03:02:15 2017

this driver is not expected: (old)
ASUS hardware monitoring software related
\SystemRoot\SysWow64\drivers\AsUpIO.sys Mon Aug 2 19:47:59 2010

I would remove the asus sonic 3 utilities.

--------------
verifier.exe /reset
turns off all of the verifier functions. you want to leave them on until your system hits a bugcheck and makes a memory dump with verifier turned on.
the memory dump have verifier turnned off. will still take a look to see the logs



 
Upvote 0 Downvote
Hello,

The Xbox driver is for a receiver for a wireless controller. I bought it off amazon, it's not one specifically from Microsoft, so that might be why it's not working correctly, but I have used it before and it works pretty well.

Is there a way for me to check which usb is doing the bulk transfers?

I removed all of the asus programs for GPU tweaking and so on (ai suite). I also removed asus sonic 3 utilities.

I'm planning on turning verifier.exe on now to try and replicate a BSOD.

Is there any reason that it would show more modified windows files now than it did before?

Update,

After enabling verifier.exe and rebooting the system i got a BSOD with a corrupt PFN list. Should i post the kernel dump for this or is it better to just run something like sfc/scannow to try and repair it?

 
Upvote 0 Downvote
looks like the functions in the windows kernel that were modified did special checking for corruption.
looks like your hal.dll is doing something strange also.

when I had the debugger attempt to verify your files, 4 files seem modified, the bulk of the files could not be verified , and a few passed.
----------
yes run the dism command again. it does not take too long and can only help.
you should delete your pagefile.sys and create a new one. you do this by turning off the system virtual memory, rebooting and turning it back on. (helps to dump malware hiding in the pagefile (virtual memory))

i was thinking maybe one of the asus utilities allowed a hack to get to your machine. you want to stop any 3rd party apps from doing updates automatically. Do you really use the asus cloud? it would have to be able to get thru your firewall. (i would disable it if you don't need it)

something was using 12 GB of your pagefile.sys
this was on your working system that was up for 5 minutes.



put up the new memory dump.

the xbox driver was just trying to do the same thing over and over with a buffer size of zero so the call failed over and over.

the two byte transfer, I was not sure which device was making the transfer. I have seen something like it before but it was being done by the mouse firmware. (special button on the mouse, and special firmware to update the electronics in the mouse)





 
Upvote 0 Downvote
Hello,

This morning when i booted i got the same BSOD, but it seemed to restart into normal windows without going to the troubleshooter. I get an error message from windows that says the system cannot find AI suite.

If my system has been infected by some form of virus that got in through my asus utilities, would it be best to do a clean install, delete all of the old windows files and then move from there?

Here's a link to the dump file
https://drive.google.com/open?id=19ql6GePZ8Iw5h-M19BOka1CGUtw2GiWI

I worked on trying to delete the pagefile.sys. When i opened system properrties and went to check it said drive c had one. Apparently it should be located in the root system. When i enabled viewing of hidden files, i couldn't find it. I then tried to find it by searching nothing turned up.

 
Upvote 0 Downvote
I would make a new windows image and do a clean install. somewhere you are picking up some malware.
I would not install any of the asus utilities or the asus cloud software.

after you get installed, turn on verifier and change the system to a kernel dump, add the reg key so you can force a memory dump. after 5 minutes running go a head and force a dump. I can see if the system is having problems before you start updating drivers and adding programs.


--------

second funcion that was modified was in
micorosft remote procedure calls
nt!msrpc_NULL_THUNK_DATA

 
Upvote 0 Downvote
Alright I can do that, do you think that it's necessary to wipe all of the drives that aren't related to windows? I.e. my second SSD and the two HDD's along with the external drive?


 
Upvote 0 Downvote
I would not wipe the drives, but I would not run the software on them either. (ie keep the data but only do installs directly from a known good source.

I would pull as much old hardware from the system as I could.
just so you can confirm that your gpu is working as expected.
its new USB port was being reset over and over so the system thinks something was wrong with it.
(I would think there is a bug in the GPU usb 3.2 port and would disable it if I could)
nvidia seems to indicate that there is some known issues with the gpu and motherboards that are using certain chips to kind of fake the number of pci/e lanes the machine has. at least there was a mention in the release notes for the driver.

 
Upvote 0 Downvote
Just a quick question, should i update all of the drivers before I send you the manually generated BSOD? Or is it better to send this directly after installing windows. I've re-formatted the usb i installed the ISO on, and i'm in safe mode with networking to install the media creation tool onto it again for a fresh install.
 
Upvote 0 Downvote
I would also set the new install to run in high performace mode. I looked at the spec for some of the pci/e extender chips and they are not required to support all the various sleep states. So who knows what will happend if some device is put to sleep

try the windows and maybe the windows update before you install any special drivers.
then take the memory dump and save it (rename it so you know what it is)
just because it is hard to go back after you start installing drivers.

it looks like windows installs the usb extension drivers anyway. I am not sure that the AMD provides a custom version with their chipset drivers. best if we stick with the microsoft pushed drivers from the windows update. they will get lots of bugchecks reported from the windows error reporting and will push out corrected versions if they find a bug they can fix. if windows error reporting finds a bug in a third party driver, they just tell the company of the problem. best to use the Microsoft drivers if you can.

you might go into bios and toggle any setting to get it to rebuild the database of hardware settings again. just because of the weird things with the hal file. remove any hardware you can.

we would want to look at forced memory dumps to find out when we start seeing problems.
(save them and take notes of what you installed before each memory dump)



 
Upvote 0 Downvote
Hello, I've set the computer into high performance mode, and did a clean install, all I did was perform a windows update. Verifier.exe is running as well. I created the regedit d word and have created the first dump file.

Here's a link to the new kernel dump. https://drive.google.com/file/d/1_yTHa_miIO-RYAqcFJMSfbFsdvBhSTED/view?usp=sharing

Also, could I install chrome, and steam safely before any driver changes?




 
Upvote 0 Downvote
the windows user kernel files look ok in the debugger but the nt kernel seems to have been modified.
6 errors : nt (fffff8026b2ea788-fffff8026b2ea792)

the memory dump seems to be partially corrupted.
you have some file called WudfPf.sys that is having problems.

system seems already really messed up.
it looks like various files are in the process of being modified.

you have SecurityHealthService.exe running see if it is a bitcoin miner:
https://trojan-killer.net/delete-securityhealthservice-exe-cpu-miner/

your system process started using 1 gb of pagefile space.

not sure what is going on. I would run a Malwarebytes scan and a rootkit scan.
will try to look at the memory dump some more in the morning.
1: kd> !sysinfo cpuinfo
[CPU Information]
~MHz = REG_DWORD 3693
Component Information = REG_BINARY 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
Configuration Data = REG_FULL_RESOURCE_DESCRIPTOR ff,ff,ff,ff,ff,ff,ff,ff,0,0,0,0,0,0,0,0
Identifier = REG_SZ AMD64 Family 23 Model 8 Stepping 2
ProcessorNameString = REG_SZ AMD Ryzen 7 2700X Eight-Core Processor
Update Status = REG_DWORD 1
VendorIdentifier = REG_SZ AuthenticAMD

the microcode version reports a error





 
Upvote 0 Downvote
Hello,

I downloaded MBAM and the antivirus program that you suggested.

I'm going to let them run overnight at the same time. (I can run them separately again tomorrow, I just want to make sure that I get this done overnight. I figure any scan is better than no scan.

MBAM didn't detect any threats, I had it doing both a rootkit scan and a full system scan. It also scanned every HDD and SSD hooked up to the computer.

Grindinsoft anti-malware has the scan still going, it found two threats

F:\WD Backup.swstor\Michael ZjVhMTY1OGQ2ZGJENGQyNm Volume[206f7689-b7d1-452d-97 27-0444119a624c}\Users\Michael Documents\D and D\DnD 5e\world 1\ryan - spells.pdf
2:15:51 AM 2:15:51 AM
2:16:25 AM • 2:16:25 AM
Full Scan started Scanning process... Registry: HKU\S-1-5-21-2788379784-3217105575-1890408751-1001_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage microsoft.microsoftedge_8wekyb3d8bbwe Children\001\Internet Explorer\DOMStorage\akamaihd.net|akamaihd.net - Hijack.Edge.DOMStorage

Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe Children\001\Internet Explorer\DOMStorage\pxlclnmdecom-a.akamaihd.net|pxlclnmdecom-a.akamaihd.net - Hijack.Edge.DOMStorage

Those are the only two issues it's found with the system sofar.

Something I'm curious about is that I used files from one of my old computer on this computer could that have caused the issue in the first place. As for a potential fix, do you think that when I am installing windows reformatting all of the drives would be a potential fix for this issue. I know I reformatted the c drive when I installed windows. But I'm curious if this could potentially be fixed by formatting them all. Also on my home network several other people use the network, should I use these tools to scan to see if their computers are infected as well?


 
Upvote 0 Downvote
I would isolate the computer from all other software source including other machines on your network.
windows can get updates from other machines on the same network, change the setting so it only can get updates from microsoft update servers. You will want to scan all of your machines.


I would disconnect all drives except the boot drive and I would wipe it and do a clean install.
I would admin the router to see if it has open ports, maybe reset the router and reconfigure.

I would try to install the latest version of windows since they did a bunch of fixes to block malware attacks.
(the build got pulled, so I don't know if you can get it , I have it on my machine build version 1809 build 17763.55)
- you might also consider running your system without a virtual memory (pagefile.sys)
the system will create a small pagefile in ram to handle its requirements but it will prevent any malware from hiding in c:\pagefile.sys
after you do all of the scans you would turn the virtual memory system back on.

system was looking for a driver for this device:
USB\VID_045E&PID_0291
looks like a Microsoft pc wireless gaming receiver from 2007

you should remove the device. I am not sure you will find a proper driver for it.
(it might be a usb 1.1 device)




 
Upvote 0 Downvote
I'm going to remove all the unused devices from the computer and unplug any hard drives that aren't being used. Do you think it's a good idea to simply reformat all the storage drives to make sure there's nothing infectious on them? I'll reset all of the routers and the modem to factory settings.

I'll set my computer to be isolated from other machines running windows.

as for the old usb device, that's probably the same device that was throwing error codes for you beforehand. I need to manually set it to use the 360 peripheral receiver driver and then it works.

 
Upvote 0 Downvote


Alright, I'll fool around with passmark and test all the components and get back to you, is there anything I should be looking for when I do the test?

It seems like the passmark test fails the 2d graphics test, would this indicate a bad gpu or bad drivers?

 
Upvote 0 Downvote
sounds pretty good. be sure to question where you get any software so you don't get fooled to install bogus software.



 
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom