1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Bluescreen - Bugcode USB driver

Discussion in 'Hardware' started by papa_hemingway89, May 9, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. papa_hemingway89

    papa_hemingway89 Thread Starter

    Joined:
    May 9, 2011
    Messages:
    6
    Hi,

    I've encountered the dreaded bluescreen three times this week.

    - It always occurs whenever I attempt to shut down.
    - I attempted system restore.
    - I've done my research with this bluescreen/bugcode usb driver and one of the things I tried was to go into device manager and uninstall universal serial bus controllers. I did this and the windows update would automatically reinstall them?
    - I uninstalled SP2 and all the Microsoft Visual C... I now have 3.5 SP1 and KB2467175/KB2467174.
    - I've used Ccleaner and Hijackthis to delete/repair whatever registry bugs there were.

    Last but not least, here are the specs from the last crash...

    Problem signature:
    Problem Event Name: BlueScreen
    OS Version: 6.0.6002.2.2.0.256.6
    Locale ID: 2057
    Additional information about the problem:
    BCCode: 9f
    BCP1: 00000003
    BCP2: 8D4F8030
    BCP3: 8D4F8030
    BCP4: 8558CB80
    OS Version: 6_0_6002
    Service Pack: 2_0
    Product: 256_1
    Files that help describe the problem:
    C:\Windows\Minidump\Mini051011-01.dmp
    C:\Users\Kent Event Team\AppData\Local\Temp\WER-61448-0.sysdata.xml
    C:\Users\Kent Event Team\AppData\Local\Temp\WER694D.tmp.version.txt
    Read our privacy statement:
    http://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0409


    Any help would be appreciated,

    Cheers,


    Stuart
     
  2. workatron

    workatron

    Joined:
    May 10, 2011
    Messages:
    1
    i have exactly the same thing!

    Shut my computer down last night and then a blue screen which the error said

    files that help describe this problem
    C:\DOCUME~1\KIRSTE~1\LOCALS~1\Temp\WER211e.dir00\Mini051011-01.dmp
    C:\DOCUME~1\KIRSTE~1\LOCALS~1\Temp\WER211e.dir00\sysdata.xml

    I am using a dell computer with XP
     
  3. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Workatron, your problem may not be the same and may require a different process to diagnose the problem so please start your own thread to avoid confusion. When you do, please attach the minidump for analysis.


    This BSOD has the bugcheck error code of 9F which indicates a driver fault. You say you have removed SP2 but the minidump details show that you still have SP2. Don't use Ccleaner again as this can remove registry entries that are needed.
    As you have also removed other components in the system I would first run an repair install by Booting from the Vista disc and then selecting Upgrade Install. This will reinstall Vista but leave all your data and software intact. You need to set the CD drive to 1st in the boot order by going into your Bios at start up.
    Once you have the system reinstalled, if the problem persists with the same error code then run Driver Verifier to pinpoint the faulty driver. You should also attach the minidumps to your next post for analysis.


     
  4. papa_hemingway89

    papa_hemingway89 Thread Starter

    Joined:
    May 9, 2011
    Messages:
    6
    Hey I tried what you suggested, and have got a few bluescreens... They're different but pinpoint it has something to do with - shpf.sys

    Problem signature:
    Problem Event Name: BlueScreen
    OS Version: 6.0.6002.2.2.0.256.6
    Locale ID: 2057
    Additional information about the problem:
    BCCode: d6
    BCP1: 96355018
    BCP2: 00000001
    BCP3: 84760EB8
    BCP4: 00000000
    OS Version: 6_0_6002
    Service Pack: 2_0
    Product: 256_1
    Files that help describe the problem:
    C:\Windows\Minidump\Mini051011-01.dmp
    C:\Users\Kent Event Team\AppData\Local\Temp\WER-100979-0.sysdata.xml
    C:\Users\Kent Event Team\AppData\Local\Temp\WER118.tmp.version.txt
    Read our privacy statement:
    http://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0409
    SECOND BLUE SCREEN
    Problem signature:
    Problem Event Name: BlueScreen
    OS Version: 6.0.6002.2.2.0.256.6
    Locale ID: 2057
    Additional information about the problem:
    BCCode: d6
    BCP1: BBA87018
    BCP2: 00000001
    BCP3: 84757EB8
    BCP4: 00000000
    OS Version: 6_0_6002
    Service Pack: 2_0
    Product: 256_1
    Files that help describe the problem:
    C:\Windows\Minidump\Mini051011-02.dmp
    C:\Users\Kent Event Team\AppData\Local\Temp\WER-65957-0.sysdata.xml
    C:\Users\Kent Event Team\AppData\Local\Temp\WERD892.tmp.version.txt
    Read our privacy statement:
    http://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0409
     
  5. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    These BSOD's are not being detected by the Driver Verifier as that would give a code of C4. Just to eliminate Malware download the free scanner from below, install it, let it update and then run a full system scan. Check the report at the end to make sure it has removed anything it found.

    http://www.malwarebytes.org/mbam.php


    This is the best information I can find about that driver.

    http://esupport.sony.com/US/perl/swu-download.pl?mdl=VGNSZ691N&upd_id=2884&os_id=29

    Follow the instructions to download and reinstall it.

    Is your PC a Vaio? Please state the make and model.

    Did you complete the Upgrade install??

    Have a good look in the Device Manager and see if you have any yellow warnings. If so go to the PC's manufacturers site and download and install the missing drivers. Obviously if you have a drivers disk for the PC use that.

    The USB controllers, Microsoft Visual C and SP2 are all required for correct system operation and are not related to your problem.

    If the system does not improve after following the above suggestions and any missing drivers are replaced I would suggest a full reinstallation of the OS, including all the chip set and device drivers that your system requires.

    The last thing you could try is to post your minidump files. By that I don't mean posting the debug log I need to have the .dmp file so I can run it through a debugger and then I may be able to see what is going wrong. Switch off the Driver Verifier as per the instructions. Shut down the PC and see if it has a BSOD, repeat until it has one and then reboot and post the minidumps, you will find the files in C:\Windows\Minidump. Please zip up the last five .dmp files into one folder and follow this guide to attach them to your next post. In your case the file will be found wherever you choose to save the zip file.

     
  6. papa_hemingway89

    papa_hemingway89 Thread Starter

    Joined:
    May 9, 2011
    Messages:
    6
    Hey,

    I'm doing the malware scan as I type.

    I attempted to install/reinstall.. but it comes up with "This update is not intended for use with this model."

    It's a Sony, Vaio VGN-BX61MN

    There are no yellow warnings and the mini-dump folder is empty? I'll keep you posted as I'm still waiting on the malware to finish.

    Your help is very much appreciated,

    Stuart
     
  7. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    As the mindump file is empty your system is not set to save memory dumps. Follow this guide to set it up correctly.

     
  8. papa_hemingway89

    papa_hemingway89 Thread Starter

    Joined:
    May 9, 2011
    Messages:
    6
    Hey, I've done everything above, and have had half a dozen bluescreens.

    One of which was Bad_pool_caller

    Hope these minidumps will be any help?

    Thanks,
     

    Attached Files:

  9. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    What was the result of the Malwarebytes scan.

    You only sent in two minidumps, where is the one with the bad pool caller?

    And please zip up another 5 or 6 files all into the same zip file not individually. Both the minidumps you sent have the same error as the two in your first post and point to the shpf.sys driver.

    You haven't answered an earlier question of mine. Did you complete the Repair/Upgrade install, this needs to be done to replace all the files you removed.

    Can you confirm the Vaio model number I can't find it on the Sony site. And where was the country of purchase.

    There is a windows file in the minidumps shown with the date of March 3rd this year, can you recall installing anything at that time. Run a search on your hard drive for win32k.sys and tell me its location/s. Do not delete it.
     
  10. papa_hemingway89

    papa_hemingway89 Thread Starter

    Joined:
    May 9, 2011
    Messages:
    6
    Hey, this is abit unrelated but 10 minutes ago I got a call from from 247 PC Care scam where they get remote access to your comp, and put a virus on your comp and make you pay for it...

    He got me to check eventviewer and (as you know) I've had a few errors and warnings over the past few days, so I thought this person was calling to help?
    I typed in the address of their website (like the guy said) but it came up with domain closed down, so he got me to type another address into tinyurl, it then took me to Amazon.com with the book "The F Word"... It was after this I smelled a rat and hung up.

    That was all I did really.

    My question is after clicking on the website does he now have remote access to my computer (bank accounts..etc), do I immediately have lots of viruses??

    I'm going to do a Malwarebytes and some other anti-virus things just in case.. Do you think I'm safe?

    Stuart
     
  11. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    I know nothing about the 247 PC care scam but it certainly sounds like you did the right thing and hung up. Make sure your firewall is enabled. You could also download Spybot, install, update and run it, it should find any new spyware that has got into the system. http://www.safer-networking.org/en/spybotsd/index.html

    When you re-run Malwarebytes please copy and paste the report it produces at the end of the scan into your next post so I can see it.

    Pleae also go back to my last post and answer the questions, then we can progress.
     
  12. papa_hemingway89

    papa_hemingway89 Thread Starter

    Joined:
    May 9, 2011
    Messages:
    6
    Though I immediately did a malware scan, and deleted every bit of internet history, cookie..etc

    I'm afraid they might have my IP address? I went on this website..
    http://www.pccare247.com/

    I read some stuff about how by visiting this site, they can see visitor info, address, and things like IP which identifies location/personal details. Do you think they can get hold of important details like bank by me just going on their site??

    Here's a little about them: http://conbusters.co.uk/2011/04/08/247-pc-care-scam/
    Do you think I'll be alright here?

    I did do a full scan that took a couple of hours. But I closed it down before reading your last message, here's a quick scan..

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org
    Database version: 6547
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 9.0.8112.16421
    12/05/2011 15:03:43
    mbam-log-2011-05-12 (15-03-42).txt
    Scan type: Quick scan
    Objects scanned: 142734
    Time elapsed: 7 minute(s), 50 second(s)
    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0
    Memory Processes Infected:
    (No malicious items detected)
    Memory Modules Infected:
    (No malicious items detected)
    Registry Keys Infected:
    (No malicious items detected)
    Registry Values Infected:
    (No malicious items detected)
    Registry Data Items Infected:
    (No malicious items detected)
    Folders Infected:
    (No malicious items detected)
    Files Infected:
    (No malicious items detected)
    I'll do the spyware immediately..

    ANYWAYS BACK TO THE FIRST PROBLEM.

    I did the verifier stuff yesterday and would constantly get a bluescreen whenever I tried to start computer normally.. so I had to do a system restore a half dozen times. After doing the last system restore I didnt have anything in the minidump folder anymore?
    I could only do the system restore in safe mode and wouldnt have access to internet so I couldn't read up on what to do next. I got bad_pool_caller only once.
    I could redo all the verifier instructions and copy/paste onto a word document that I can do in safe mode perhaps?

    I havent done a repair/upgrade install as it's a work computer, I've told my boss about it, and she wants to call in an IT technician. But I really do see that as the very last resort.
    It's a work computer but I do own a Reinstallation DVD Windows Vista Home Premium 32BIT dvd? Would that work?

    Sorry, I was probably giving you the wrong numbers... Its a Sony Personal Computer Model: PCG - 9Y2M

    Hey I found the win32k.sys - it was created 3/3/2011. It is in the folder System32 (C:\Windows)
     
  13. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    The malwarebytes log is clean but you should run a full scan as I instructed, it needs to check the entire hard drive. The win32K.sys file is in the correct place. Please also run Spybot.

    I know little about security hacking on PC's but the first thing I would do is tell your bank or any other financial institution that you have any dealings with over the internet with your PC.

    I would also apply to your internet service provider to change your IP address.

    You can run a Repair Install with that disc you have but only if it matches the version of Vista that is on the PC and it includes the same or higher service pack.
     
  14. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/995960