Lots of different BSOD

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Status
Not open for further replies.
Attached.
I'm unsure if it's still blue screening presently as I've been doing long hours at work this week and haven't been using it as much. When I turned it on this morning it was fine and then I went to make a tea and came back and the computer was on but nothing was showing up so I had to turn it off and back on again. Not sure if that's related.
 

Attachments

Uninstall Avast Update Helper it will be visible now, use geek uninstaller if needed. :)


Copy the text in code box below.
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.


Code: 
Start::
CloseProcesses:
SystemRestore: On
CreateRestorePoint:
RemoveProxy:
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|AvastBrowserAutoLaunch_2EF41AAE0EFA048B29BD0C1048B2D149
DeleteValue: HKEY_USERS\S-1-5-21-1407478479-2209512713-3320715968-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|AvastBrowserAutoLaunch_2EF41AAE0EFA048B29BD0C1048B2D149
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|uTorrent
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|AvastBrowserAutoLaunch_2EF41AAE0EFA048B29BD0C1048B2D149  
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|SUPERAntiSpyware  
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Chromium  
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|ut
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Microsoft Edge Update
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|MicrosoftEdgeAutoLaunch_B5EF8F7A20842FF61C6E8DE6B6A1456E
DeleteValue: HKEY_USERS\S-1-5-21-1407478479-2209512713-3320715968-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|uTorrent
DeleteValue: HKEY_USERS\S-1-5-21-1407478479-2209512713-3320715968-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|AvastBrowserAutoLaunch_2EF41AAE0EFA048B29BD0C1048B2D149  
DeleteValue: HKEY_USERS\S-1-5-21-1407478479-2209512713-3320715968-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|SUPERAntiSpyware  =>.SUPERAntiSpyware
DeleteValue: HKEY_USERS\S-1-5-21-1407478479-2209512713-3320715968-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Chromium
DeleteValue: HKEY_USERS\S-1-5-21-1407478479-2209512713-3320715968-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|ut
DeleteValue: HKEY_USERS\S-1-5-21-1407478479-2209512713-3320715968-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Microsoft Edge Update
DeleteValue: HKEY_USERS\S-1-5-21-1407478479-2209512713-3320715968-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|MicrosoftEdgeAutoLaunch_B5EF8F7A20842FF61C6E8DE6B6A1456E
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|AvastUI.exe  
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TuneupUI.exe
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|DriverUpdUI.exe
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|ACUW15EN
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|SunJavaUpdateSched  
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder|UTEX.BAT
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder|McAfee Security Scan Plus.lnk
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|AvastUI.exe  
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|LogMeIn Hamachi Ui  
DeleteKeY: HKLM\SOFTWARE\4f60cf71-77d9-586f-9497-c078307716d3
DeleteKey: HKLM\SOFTWARE\4f60cf71-77d9-586f-9497-c078307716d3
DeleteKey: HKU\.DEFAULT\SOFTWARE\AVAST Software
DeleteKey: HKU\S-1-5-21-1407478479-2209512713-3320715968-1000\SOFTWARE\avast software
DeleteKey: HKU\S-1-5-21-1407478479-2209512713-3320715968-1000\SOFTWARE\Browser Cleanup
DeleteKey: HKLM\SOFTWARE\McAfee.com
DeleteKey: HKLM\SOFTWARE\mcafeeupdater
DeleteKey: HKLM\SOFTWARE\WOW6432Node\McAfee
DeleteKey: HKLM\SOFTWARE\WOW6432Node\McAfee.com
DeleteKey: HKLM\SOFTWARE\WOW6432Node\0uyPIakKFdmD 
DeleteKey: HKLM\SOFTWARE\Bitdefender Agent
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Bitdefender Agent
DeleteKey: HKU\.DEFAULT\SOFTWARE\SetID
DeleteKey: HKCU\SOFTWARE\Browser Cleanup
DeleteKey: HKCU\SOFTWARE\Zemana
DeleteKey: HKLM\SOFTWARE\ZmnGlobalSDK
DeleteKey: HKCU\SOFTWARE\ZmnGlobalSDK
DeleteKey: HKU\S-1-5-21-1407478479-2209512713-3320715968-1000\SOFTWARE\Zemana
DeleteKey: HKU\S-1-5-21-1407478479-2209512713-3320715968-1000\SOFTWARE\ZmnGlobalSDK
C:\Users\Owner\AppData\Local\AdvinstAnalytics
C:\ProgramData\RogueKiller
C:\WINDOWS\System32\drivers\TrueSight.sys
C:\WINDOWS\System32\drivers\lpsport.sys
C:\Users\Owner\AppData\Local\LogMeIn
C:\ProgramData\{3F46037A-176E-7B02-4F36-532AA7DE8BF2}
C:\ProgramData\LogMeIn
C:\Program Files (x86)\Temp\*
C:\Program Files (x86)\Mozilla Maintenance Service
C:\Users\Owner\AppData\Local\Zemana
C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Zemana
C:\Program Files\Bitdefender Antivirus Free
C:\ProgramData\Bitdefender
C:\ProgramData\Bitdefender Agent
C:\Users\Owner\AppData\Roaming\QuickScan
C:\ProgramData\McAfee Security Scan
C:\WINDOWS\Installer\249f93.msi  
C:\WINDOWS\Installer\33705ce.msi  
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\7ahq4wbu.default\searchplugins\bing-lavasoft-ff59.xml 
C:\WINDOWS\Installer\10bae60.msi  
C:\WINDOWS\System32\DRIVERS\SWDUMon.sys
Startbatch:
sc stop sysmain
sc config sysmain start= disabled
sc stop DiagTrack
sc config DiagTrack start= disabled
sc stop dmwappushservice
sc config dmwappushservice start= disabled
sc stop lfsvc
sc config lfsvc start= disabled
EndBatch:
emptytemp:
Reboot:
End::

Download Kaspersky Virus Removal Tool (KVRT) and save it to your Desktop.


Select the Windows Key and R Key together, the Run box should open.
Copy and paste the following into the run box.


D:\Users\Owner\Desktop\KVRT.exe -dontencrypt
Click to expand...



Select „Ok“ in the Run box.
If the „Windows protected your PC“ window opens, select „More info“. A new windows will open, select „Run anyway“.
An EULA window from KVRT will open, tick all confirmation boxes then select "Accept".
A window from KVRT will open, select "Change Parameters".
In the new window ensure the following boxes are ticked:
  • System memory
  • Startup objects
  • Boot sectors
  • System drive
Then select "OK" and „Start scan“.
When completed: If entries are found, there will be options to choose. If "Cure" is offered, leave as it is. For any other options change to "Delete", then select "Continue".
Usually, your system needs a reboot to finish the removal process.
Logfiles can be found on your systemdrive (usually C: ), similar like this:


C:\KVRT2020_Data\Reports\report_<data>_<time>.klr


Right click direct onto those reports, select > open with > Notepad.
Save the files and attach them with your next reply.
 
@Plughole How is your computer running now? Last check looks like we are pretty much all clean, just this last tool to remove any remaining trash. This tool is similar to adware cleaner we used earlier in the thread. :)

ZHP cleaner Scan.


Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
Once you have started the program, you will need to click the scanner button.
The program will close all open browsers!
Once the scan is completed, the you will want to click the Repair button.
At the end of the process you may be asked to reboot your machine.
After you reboot a report will open on your desktop.
Attach the report here in your next reply.
 
Last edited:
So I had a BSOD this morning again shortly after turning on my computer then going to get a tea. The computer was in recovery mode when I came back and some message about a kernel.
I turned my computer off and back on again and it was fine.
When scanning and repairing there were quite a few popups about zone anti-malware. I'm hoping that was just an advertisement for the program.
I'm presuming this is the file you wanted?
I have a day off tomorrow and I'll give everything a really good clean again and be much stricter on cleaning the fans.
 

Attachments

Ok upload your last two dump files, and we will work on reducing the startup and scheduled task on this machine as well, there are too many for normal operation...IMO


Download Autoruns and Autorunsc Unzip it to your desktop and then right click
Capture.PNG


Run as Admin.
After the scan is finished then click on File----Then click----Save
The default name will be autoruns.arn make sure to leave it this way.
Attach the file in your next reply.
If the file is too large, then use catbox.moe or Ufile.io and send the link in your next reply.

When scanning and repairing there were quite a few popups about zone anti-malware.
Click to expand...

Yep, nothing to worry abou, just the motions the program goes thru.


While you are in there cleaning, make sure and re seat everything while you are at it...

To view this content we will need your consent to set third party cookies.
For more detailed information, see our cookies page.
 
In addition to the autoruns log, can you post an updated speccy report please.
 
Speccy:

Autoruns:
It won't allow me to upload the file as it says the website doesn't allow that kind of file so here is the link:
Also the default name wasn't the same as you said it would be, I decided to leave it as the default name it chose, let me know if I need to change this.

I also reseated everything in my computer and gave everything another good clean.

I was thinking of ordering this SSD, I was wanting your opinion?
www.umart.com.au

Samsung 2TB 870 EVO 2.5in SATA SSD - Umart.com.au

Buy Samsung 2TB 870 EVO 2.5in SATA SSD - Buy Now, Pay Later + FREE pick-up & same day dispatch!
www.umart.com.au www.umart.com.au
I'm not sure if my PC can take the other connection types of SSDs so decided it'd be easier for me to stick with a type that's already in there.
 
For some reason it won't allow me to do anything to my minidump files like it would before. It keeps telling me I don't have permission yet there is nowhere for me to change permission or such.
 
Plughole said:
It keeps telling me I don't have permission
Click to expand...
Follow the instructions here to add take ownership to your right click menu, not sure why that is an issue now.

How to: Add Take Ownership To the Context Menu on Windows 10

A context menu is the result of an action on the Graphic User Interface. The most popular context menu is the one for right-clicking. Once you right-click
appuals.com appuals.com

I have asked another member to take a look at the BSOD issue, and I am not sure on that SSD either.

@PeterOz or @phillpower2 will take the thread from here.


As far as startups.

Right click Autoruns, and run as admin. Then Under Scheduled task, uncheck everything.
Except the update Assistant.
Unless you use one drive, if you do not use it then uninstall/disable it.

www.howtogeek.com

How to Disable OneDrive and Remove It From File Explorer on Windows 10

Windows 10 includes OneDrive, but if you'd rather not see it, there are several ways to disable OneDrive and remove it from File Explorer on Windows 10.
www.howtogeek.com www.howtogeek.com

Find anything related to AVAST right click and select delete.

As far as these, I would uncheck everything except Steam and Viber. That is really up to you.

1674604869103.png


To apply the changes in Autoruns. you must reboot the computer.


Anymore BSOD after giving it a good cleaning?
 
Plughole said:
For some reason it won't allow me to do anything to my minidump files like it would before
Click to expand...
What are you trying to do with the mini dump files? Is it permissions here or on the computer?
They should be in C:\Windows\minidumps.
I have cleaned inside the computer thoroughly and made sure the fans are working
Click to expand...
Do you still have this problem? It can be a fan bearing issue.
Your motherboard temp is showing 107c.
You still do not have enough free space on your C drive.
I cannot see why that drive will not fit in your computer.
 
@Malnutrition
The ownership thing worked and attached are my 3 most recent dump files which all happened on the 22nd.
I also did what you said with the autoruns and it's great not having all those things I barely use pop up!
Thank you very much!

@PeterOz
I was having problems sending the dump files to a zip folder to upload but it used to let me do it, anyway it seems to be working after Malnutrition's advice.
All the fans are running all the time except the ones on the graphics card, but I read that's normal. Sometimes my computer wouldn't turn on and I'd hear a scratching sound that would come and go every couple of seconds along with the fans but a couple of restarts and this issue would fix itself. I haven't had this issue repeat "yet" since cleaning.
I don't really have anything from my C drive to delete since I save everything onto my D drive including my games. But I am buying that new SSD so that should fix that problem.
I was more checking to see if that's a good drive to purchase but looking at the online reviews it's one of the best so I think I'll go with it.

I should also note that since starting this process I can no longer open Steam. When I press on the Steam in the start menu nothing happens, when I go into D:/Steam and double click on Steam.exe it tells me that windows can't find D:/Steam/Steam.exe even though I'm clicking on that exact exe.
 

Attachments

Plughole said:
was more checking to see if that's a good drive to purchase but looking at the online reviews it's one of the best so I think I'll go with it.
Click to expand...
They are good and the evo is the better option.
www.digitaltrends.com

Samsung QVO vs. EVO: SSD differences explained | Digital Trends

Samsung QVO and EVO are two brands of SSDs, but which one is better? If you're not sure which Samsung SSD to get, check out our guide to Samsung QVO versus EVO.
www.digitaltrends.com www.digitaltrends.com
how do you plan to get the image onto the 2tb
Plughole said:
D:/Steam/Steam.exe
Click to expand...
Was that always in this location?
 
Plughole said:
it tells me that windows can't find D:/Steam/Steam.exe even though I'm clicking on that exact exe.
Click to expand...
Use the everything search engine, and type steam into it, and try and launch it from there.

If that fails, why not just uninstall it and reinstall.
As far as clearing space on the drive.
Open an elevated command prompt. Type CMD in the search box, Right click > Run as Admin and copy and paste then hit enter.

Code: 
powercfg.exe -h off

  • First download and save the portable version of Privazer to your desktop.
  • Go through the options a set Privazer to your needs, select basic or advanced user.
  • When you are done setting Privazer to your needs, then click on start cleaning then scan.
  • This scan can take a while to complete, so it is best that you do it when you have some free time.

You can use Treesize to find files on your machine that you may wish to delete.


You can use the Everything Search Engine to find and remove files from your machine.

  • Searching for file extensions in Everything Search, to help you along the way is easy.
  • You can simply type .mp3 to find all of your music, or .mp4 to find your videos.
  • You can open the file from the tools gui by double clicking it, and then decide if it needs to go.

 
@PeterOz
I saw the Evo but I decided to go with the sata because that is what is currently in my PC and it'd be easier for me to swap over.
I haven't looked so far into swapping over everything to the new SSD, did you have any advice for me? I know there are programs you can download that will help but I'm not sure what I should do at this point.
Steam was always in the same location

@Malnutrition
The everything search engine shows the .exe but like windows I get the same error message, I guess I'll reinstall it when I get the chance.
I might take PeterOz's advice and wait for the new SSD, I'll take those steps when I get the new SSD as it would be good to get rid of some rubbish but I'm not sure how much will transfer over.

I've ordered the new SSD, it'll take a day or two to arrive but I won't get the chance to do anything with it until my next days off.
Thank you both for your time and advice, so far my computer does seem to be running a lot better.
 
2 options
Download Macrium Reflect Free https://www.majorgeeks.com/files/details/macrium_reflect_free_edition.html
Make a rescue usb (can be done without it)
You then have the option to either clone the current ssd - both drives connected. OR
make an image and then swap drives and restore the image.
Plughole said:
I saw the Evo but I decided to go with the sata because that is what is currently in my PC and it'd be easier for me to swap over.
Click to expand...
Just so you get an understanding.
The 2TB from Umart is an evo and sata
EVO = Model
Sata = connection method
 
@Malnutrition
No not yet which is great, I am however having more problems, I can't open Word either, just like what's happening with Steam. I've had a look at startups and both programs are enabled.

@PeterOz

I got my new SSD today, on my next day off I'll have a look at those options and directions you gave me.
I meant the QVO compared to the EVO sorry, a bit of a typo there.
 
Status
Not open for further replies.
Top Bottom