Windows 7 Exception 0x80000003 error occurs on shutdown of Win 7 Pro also OXEA47337

[Frank McLean]

Hi,

Recently when shutting down Windows 7 professional and error is flashed in a window for a very short time. I have been able to see, I believe, and error "Exception 0x80000003" by shutting down repeatedly. I also saw OXEA47337 today and a partial OEXC38... the other day. Additionally, in Device Manager there is a yellow exclamation mark beside "Teredo Tunneling Pseudo-Interface" under Network Adapters. Recent new software I have installed are Acronis True Image 2017 1-Time Purchase and Malwarebytes Anti-Exploit. Can anyone shed any light on these problems. What is the severity of the danger here? Are these problems I can fix myself with help or should I rush my computer to a computer technician to fix?

 

[Frank McLean]

Hi BIGBEARJEDI and Kemical/Ross,

Over the weekend I tested the 4 RAM sticks. 12 & 4 for 12+ hours & 3 for 11.5 hours. No errors were detected. But when I tried to reboot into Windows 7 Pro, Window indicated that repair needed to be run, which I did and did a restore as part of that sequence. After windows restarted I rebooted a the PC to in effect save that configuration. During the shut down the 0x80000003 error occurred again but with a different location error as is typical each time the error is given. I also ran the windows memory diagnostic that indicated when it was finished it would reboot into windows and give a diagnostic report. When I came back, the PC had rebooted but I didn't find any diagnostic report.

I see when when I run HWiNFO64 it does show the S/N of my Seagate drive as ST2000DM001while Sea Tools for Windows startup screen show it as NA8E12X6. I tried to attach screen Shots of my PC areas with HWiNFO64 and the startup screen of Sea Tools for Windows but get first a red banner stating "The following error occurred. Then below that it says, "There was a problem uploading your file." When I tried to do it again my Waterfox browser indicated, "Not Responding" and after waiting some time for it to resolve, I had to close the browser and try again. And again, I got the "There was a problem uploading your file.

Additionally, Sea Tools for Windows only sees 2 of my 4 USB drives. One My Book drive, drive G:, was not showing and this is a frequent occurrence That requires me to pull the power cord on the drive and plug it in again to get to show. After doing that it showed up in HWiNFO64 and Sea Tools for Windows. My Iomega 1T drive was my first external USB drive and I believe it was prior to any standard being set for external USB drives and showed in Sea Tools for windows as Unknown but ready to test after G: drive showed up. The Iomega drive doesn't show up in HWiNFO64 under Drives at all.

So, next I intend to look into the tester in BIGBEARJEDI's link for WD drives as I have 4 of them to see if that detector shows anything.

So thanks again BIGBEARJEDI and Kemical/Ross for your really great support. It is very much appreciated.

Regards,
Frank

 

[Frank McLean]

Hi BIGBEARJEDI and kemical/Ross,

I have posted twice earlier today to this forum only to come back and see that those posts are not here. So, I apologize if those other posts show up later somehow. I had trouble with my Waterfox browser when trying to upload Screen shots of Sea Tools for Windows and HWiNFO64. Don't know if this is behind these messages going missing but I got an error window with a red banner that said, "The following error occurred." Next line read, "There was a problem uploading your file." And, Waterfox become non responsive.

So, to reiterate, I tested the 4 RAM cards with Memtest86+ over the weekend. Cards 1,2 & 4 I tested for more than 12 hours. 3 I tested for about 11.5 hours. No problems were indicated. When I was finished testing and went to boot into windows, windows indicated I need to run repair, which I did. After booting into windows, I restarted windows to save the configuration. Then I ran windows memory diagnostic. The Diagnostic indicated that when it was finished running it would reboot into windows and deliver a diagnostic report. But, when I came back Windows had rebooted but there was no diagnostic report that I seen.

Incidentally, when I run HWiNFO64 it correctly show my Seagate drive with an S/N ST prefix, that is, ST2000DM001-1ER164 while Sea Tools shows this drive's S/N as NA8E12X6.

So, I'm now going to test my 4 WD HDs with a WD specific tester to see if it finds anything Sea tools didn't find.

Thanks again guys for the great support and ideas. It's very much appreciated.

Regards,
Frank

 

[Frank McLean]

Sorry guys, my bad. I didn't realize that the forum messages had moved to page 2, so when I got to the bottom of the first page and didn't see my earlier posts I thought it had to do with either my computer error, like my drive failing or the browser problem I experienced trying to upload the screen shots.

Moderator please feel free to delete the duplications.

Frank

 

[kemical]

No problem Frank, I'll remove one or two.

 

[Frank McLean]

Thanks, kemical, appreciate it.

Frank

 

[Frank McLean]

Hi Guys,

Today I download and ran Western Digital LifeGuard Diagnostics - DLGDIAG for Windows. My 4 WD HDs are C: & D: internal and G: & L external USB drives. DLGDIAG found 3 of my 4 WD drives and also detected my Segate USB Drive N: With regard to WD drive D: under SMART status it showed "? Not Availiable." And, My WD My Book G: drive wasn't showing in the top Physical Drive: window at all but did show in the lower Logical Drive: window. So, I started by running the quick test on D: and it passed. I clicked "VIEW TEST RESULT"/Start. The QT result showed the M/N & S/N, the firmware 80.00A80, drive capacity 2000.40 GB, Smart Status: Not Available, Test Result: PASS, and time and date of the test.

I then ran the Extended Test on D: with the same info as the QT but SMART status: in black print showed "PASS" and test result in green Print showed "PASS" but the quick test result remained " Not availble." A screen shot of the of the main window after the QT & ET showed a green check mark and Pass beside D:.

Before writing this update, I again opened DLGDIAG to see what it was showing now and the top window has reverted to showing "? Not Available" under the SMART Status heading for D:. Question is, Is this something I need to use some tool to fix? And, is this a potentially serious Problem?

Next, is I don't know how to test G: if it won't show up in the window. I shows up in the logical drive widow? So, why would it not be detected in the Physical drive window? I unplugged the power cord on G: and it showed up in DLGDIAG's Physical drive: window, so, I'm going to run the same tests on it.

Also, today while running one of my graphics programs an error window popped up stating, "Access violation at address 0084F521 in module DT5.exe. Read of address 02599418. When i closed that window another error popped up, "DT: Access violation at address 00000000. Read of address 00000000. The program locked up and I had to use "Task Manager" to close the program. I reloaded the program and it seemed to be working okay.

Any thoughts, ideas, or suggestions are appreciated.

Regards,
Frank

 

[Frank McLean]

Hi Guys,

I have now run both Quick Test and Extended tests on G: and it has passed both of those tests.

On a different note today something new happened. I got a new error message, "Runtime error 216 at 40008E2E. A Bing Search of this error presented the following Microsoft explanation of this error report:

Gowdy Interrogates Comey | Armstrong Economics

That basically says that this error is likely do to your computer being infected with a SubSeven Trojan virus.

I immediately ran a full scan with Trend Micro Virus Scan. That came back showing my computer was clean and in pristine operating condition.

I then contacted Malewarebytes Anti-Exploit technician who immediately dismissed the error as some kind of computer memory problem, until I then pointed out to him the microsoft assessment. He then connected to my computer and did some scans. The consequence of the scans was that he found 34 threats on my computer that he subsequently removed. After that I created a system restore point and restated windows to save that configuration. I experienced no 0x80000003 error on the shut down and reboot. So, just to make sure I did a second full shutdown and restart to see if an error occurred. There were no error reports. So far so good.

But, I'm going to continue testing my WD HDs with the DLGDIAG until I have tested all of them.

Incidentally, I see at least some of the threats were do to "reimage repair" software that I had downloaded that I thought was from Microsoft until after I had downloaded it and installed it. After scanning my computer it then wanted some exorbitant price to fix the errors. I thought this was free software provided by Microsoft, so when I realized it wasn't I immediately uninstalled it, but by then I was already infected. FWIW.

Regards,
Frank

 

[kemical]

Hi Frank,
that's great news and I hope that was/is the actual issue. I missed your post above for some reason but anyhow let us know how you get on.

 

[Frank McLean]

Hi kemical,

Looks good so far. I just rebooted again with no errors. I had other pressing matters to deal with today, so I haven't been able to test any further drives yet. I hope by the time I've tested the other 2 remaining HDs, probably this weekend, I should know for sure. I'm also going to look into possibly replacing my C: drive with an SSD but too soon to know about that yet but, SSDs sound promising. Do SSDs have a better life expectancy?

Regards,
Frank

 

[kemical]

Do SSDs have a better life expectancy?

Hi Frank,
modern SSD's do have better life expectancy then the older models and they should last at the least the lifetime of a normal HDD. I have one in my system that's been going for over three years and it's fine (Samsung 840).

Just make sure your system can use ACHI as SSD's run better using ACHI than IDE.
AHCI vs IDE - Difference and Comparison | Diffen

Good luck with the testing.

 

[Frank McLean]

Hi, BIGBEARJEDI and Kemical,

On the weekend I tested all four of my Western Digital Drives, C: & D: internal & MyBook USBs G: & L: with DLGDIAG, and all four passed both the Quick (QT) and Extended Tests (ET). Problems experienced in doing these tests were that G: drive wasn't being detected by DLGDIAG but unpluging the power, waiting 10 seconds and re-plugging it into power caused it to be detected. The only problem remaining after QT and ET tests on all of the drives was that the SMART Status of D: on the QT was not available and remained that way, but showed PASS on the ET test.

Separately, my graphing program Dynamic Trader 5, (DT5) at times will suddenly crash on me for no apparent reason. And, whatever graph I'm working on at that time gets corrupted and lost together with a lot of work. When I reload the program later that graph will be missing from the roster, causing me to have to recreate the graph consequently having to do the work twice. It's possible that this may have been figuring into the Window's errors somehow. When I examine the DT program I can never find the stored graphs anywhere. DT no-longer supports DT5 because they want me to upgrade to DT7, but I called them all the same to find out where the graphs were stored so that perhaps I could restore them from my Acronis backup. They informed me that DT contained a backup facility that I was previously unaware of but that it was not automatic like in DT7. But, I could use that to restore to the latest backup that I'd done, but not to restore just an individual graph. Accordingly, I could also lose a lot of work done on other graphs as well in order to the one lost graphs. So, when I'm working I'll have to set my timer to back up every five minutes or so and to shedule a daily backup to make sure I have my latest work backed up at the end of the day.

I also installed "FreeFileSync" to enable me to backup my data regularly during the day when entering my data, to protect against that would take me back to the previous days back up in the case of power outages if I haven't been saving my work as I as I went along.

After testing all of my WD drives with DLGDIAG, I rebooted my PC and watched carefully for any Window's errors on shut down as had been occurring. There were none.

As they say, "It's an ill wind that doesn't blow some good." At the apparent end of all this, I think I have a superior anti-exploit program now and good technical support for the product. My computer seems to be running like new again. I've dumped Paragon backup that while a sophisticated program was so ambiguous in its instructions that I was always concerned that I would have screwed up somewhere, such that, when a calamity occurred to find out what I had be doing was wrong and wouldn't work as I expected it to.

Accordinly, I've switched to Acronis True Image 2017, which is more point and click and intuitive and have already at one point had to restore my C: drive, with the "Acronis Bootable Rescue Media," to recover my DT5 which was not functioning properly. Additionally, I've now learned how to backup my DT5 so the risk of graph loss is only work done since my last back up. And have even got a sync program to enable me to preserve data in case of a HD crash and burn. So, on the whole, while it took a lot of time, I believe I come out the other side of this problem with far superior systems and more comfortable and confident going forward and not feeling like I'm treading on thin ice all the time.

I so much appreciate the help both of you have given me at this site and wish you both all the best going forward. I couldn't have done it without you.

Best regards,
Frank

P.S. Thank you kemical for your info on SSD's. After looking into them, while the attraction of faster access speed is attractive, I don't think it's worth the substantially higher cost at this time especially given the still questionable reliability, and sometimes difficulty with Windows 7 computers in getting them to run properly in some cases. For now, I'm looking forward to getting back to work as usual and another distraction right now would be a bit much. I will still continue to monitor this technology and its improvements and perhaps at some future time when cost come down a little and we know more about the reliability and compatibility, I'll will feel more ready to make that move.

 

[kemical]

Hi Frank,
much thanks for your update and kind words. If the issues should return please post again using this thread and we will have a look asap.

 

[Frank McLean]

Thank you kemical. So far so good.

Frank

 

[BIGBEARJEDI]

Glad things are working better with your PC now, Frank. Thanks for letting us know. I've missed the last several posts due to a big Project I was working on this last week and just finished on Monday. So am just coming up for air tonight. Very good job on downloading and using DLG to test all your 4 WD drives. It appears that for the most part they are all working ok. It is always a bit of a learning curve when using how to use those drive diagnostics. It's also interesting that you did contract a virus or two in their and it's good you went to 2 very good companies; TrendMicro and Malwarebytes to help you. I've been using both of those in a 5-layered security model I've been deploying on Customer computers for about 5 years now with very good success. However, their are some holes in that armor, as some of the new Ransomware variants are even getting by this protection. So, some of us here are experimenting with newer and stronger AV protection programs. I have just started installing these on a few select Client computers, so am still testing them but in the next few months I will be making a report of my testing results here, so check back frequently for that.

The software you are using for your backups is very good; I have a suggestion or two for you still. One observation is that Acronis TrueImage is one of 3 Backup Image programs a number of us have here have done EXTENSIVE testing on Windows10 platforms specifically (Macrium Reflect & EASEus TODO are the other two); and do a great job. It turns out that all 3 of these programs do a great job on older versions of windows as well, from XP through W8.1 along with the excellent job they do on W10. This will be handy information for you to have, as latest information I have from Microsoft is that they are pulling support on W7 as early as 2019--only 2 years!--so there will very likely be a Windows update to 8 or 10 very shortly in your future. So, you can certainly stick with the Acronis now and for the next windows you are going to upgrade to. (I would recommend W10 to you). Good news since you are already familiar with how to use it for both Backups and Restores!

The other comment I might suggest to you is to look at Cloud-based paid backup protection such as Carbonite or Crash Plan. I have used both, and since you are using your computer for work (some kind of Day trading?) backups are even more important to you than the average Home user. Both of these, only cost $5/mo. or about $60/year. I decided to experiment with the Crash Plan last year as the President of my local Computer Club uses it for her business. I really like it, and actually bought a family plan which allows me to back up 10 PCs (I have quite a few computers) for about $12/mo. which is a real bargain! The main difference between these 2 apps is that Crash Plan as UNLIMITED data backup capacity, whereas Carbonite (the older of the 2 companies and original developer of the Technology) has data caps on your account. This is important to my Business Clients as when they first start out backing up just 1 PC to their Cloud account, they are not sure how much data they really need to backup. But, after using it for a few weeks they seem to get a handle on exactly which data is critical (for you, your Stock graphs), and which are not; perhaps saving online Game data from Poker Stars or online Solitaire; not so much! My suggestion to you is to explore using these, I have saved a couple of Customers now who had this software, and they lost either their hard drive or their Motherboard on their laptops, and were able to get 100% of whatever data they saved to their Cloud account back after the hardware was repaired! For the small amount of money you would be paying them, it could save you hundreds or perhaps thousands of dollars in irretrievable data losses. Just a thought!

Thanks again for your hard work and efforts in resolving your own problems, and also importantly for sharing your journey of gaining new technical knowledge to help solve your own issues with the rest of us here. Hopefully, some of our dialogue will prove helpful for other readers having similar problems and the troubleshooting methodologies we used to get those issues resolved.

Keep us posted on your future endeavors.
Best,
<<<BBJ>>>

 

[Frank McLean]

Hi Guys,

I'm back. 0x80000003 error returned last night on reboot. Then this morning My Waterfox froze up. I ran a registry repair and found one extension error. Then Waterfox would not reopen, so I did another reboot and saw the 0x80000003 error again with another, I think location error, too quickly for me to note down. Then, shut down was very slow and so was restart until it got into loading the desk top which was then quick.

Shortly after rebooting, Trend Micro reported a log of treats blocked. I saved the file and will try to attach it. If that doesn't work I'll post it in a separate post.

Hi BIGBEARJEDI, re Windows 7 Pro. Yes, I use my computer for business and use a remote access to the the companies Remote Environment. They do not permit upgrading from Windows 7 and I also suspect that would apply to backing up to the cloud. I am under confidentiality restrictions and as a consequence, I back up to my own HDs as a precaution. Please keep me advised of developments with regard to the computer security you're working on.

Any suggestions what to do now. Is it still possible my HD may be failing, or is it more probable that I have some sort of maleware attack?

TIA,
Frank

 

[kemical]

Hi Frank,
I'd consider removing Trend Micro and just use Defender coupled with Malwarebytes. Third party AV suites can introduce issues sometimes and it's worth removing the app just to check.

 

[Frank McLean]

Hi kemical,

Do I need to remove Trend Micro or just exit to program to try what you say?

Frank

 

[kemical]

Hi Frank.
Try removing it altogether Frank.

 

[Frank McLean]

Thanks kemical.

Franki

 

[BIGBEARJEDI]

Hi Frank,
Just coming up for air here, a very busy week. Re-reading your thread again and the latest updates I thought I'd mention a few things.
The first thing is that I noticed that you have 2 internal drives in your PC along with 2 or more external hard drives. One thing you will notice if you read threads on testing hard drives here on WF that I've posted as well as others on other tech forums is that the tools you are using are the right ones, however, your testing methodologies are still a little off. In order to properly test hard drives, the best and most reliable way is to DISCONNECT AND OR REMOVE ALL SECONDARY HDDs AND EXTERNAL USB HDDs FROM YOUR COMPUTER'S MOTHERBOARD PORTS!! THIS INCLUDES SATA/PATA, e-SATA, USB, AND FIREWIRE PORTS. If you do not do this, you can get spurious results and errors some of which I believe you are getting from the various symptoms and misreporting of things like Model numbers and Serial numbers. Having worked for WD for 5 years and designing hard drives has given me a unique perspective on how HDDs work and the best way to test them. I've also worked for 3 other HDD manufacturers as well. The WD DLG and DRIVE UTILITIES in both DOS and Windows work best when you are ONLY TESTING 1 HDD at a time; specifically the C: boot drive!
Like I said most of the testing you did seems to show your drives are Ok, but there are additional tools that we Techs use, most of them are Linux Tools that can not only better test the drives, but also provide predictive analyses on the drives and can predict to with a few weeks of when they will fail and of course the fact that they have already begin to fail. And this can be done, even if Seatools & DLG show PASS on short & long tests. Therefore, you haven't completely verified that your boot drive is OK, and the age like I said is more of a giveaway that it should be scrutinized further regardless of what tests say. I have seen computers where ALL my tests pass 100% in every case, and yet the HDD was bad and had to be replaced. One Customer I had took me 7 weeks to figure out and I replaced all parts including the Motherboard and all RAM sticks until I replaced the HDD, *it was a laptop*; the thing kept freezing on the Customer. This is one that 99% of people would never think of replacing (including me!) since it was anomalous. Of course finally replacing it repaired the freezing problem. Bear in mind that 5 other Techs here in my community had it in their shops, and none could figure it out. Keep this in mind when troubleshooting your computer. If you do a complete W7 reinstall via Clean Install from Factory RECOVERY MEDIA or PARTITION and you are still getting these errors, it's time to replace that bootdrive HDD!! In about 99% of the cases, that process will correct your problem. If it doesn't it's most likely your Motherboard is borked and must be replaced; a very expensive proposition on a computer that only has 2 years left of life on it's OS as I mentioned.

The second thing is I looked at your Trend Micro scan log; and yes, your computer has multiple spyware viruses still in it. One of the main culprits there is that "FreeFileSync" program, which definitely is Spyware. And it has exploded into several other nasty spyware viruses that Malwarebytes and TM have not been able to remove from the computer! I never use free file transfer programs of any shape or form, unless they are paid versions, as every one of the free ones I've seen in the last 15 years has some sort of viruses or spyware/ad viruses in them!

Some types of programs are just no good when free, and without being a computer repair professional you don't know what's Ok to use and what's not. The fact that you have multiple viruses still on that computer even after talking with Malwarebytes & TM tells me they may even be quarantined; but that is often not enough to get rid of them. Until you can scan where the log is clean and your Quarantine folder is also empty; those viruses know how to get out of Quarantine jail and infect ALL your other connected drives. Most likely, you'll need to scan/remove those viruses from those other drives as well. And those may need to be formatted/wiped to do so.

The best method to do this is a Clean Windows OS boot or a complete W7 reinstall via Clean Install from Factory RECOVERY MEDIA or PARTITION as above. And, one of the things that newer spyware viruses do is examine the health of your boot drive HDD (C: drive) and they can actually hide themselves in damaged sectors of the drive where most manufacturer diagnostic programs as we had you use cannot get to unless they zero them out (format them). Some of these viruses hide in hidden system partitions such as the MBR, and these are called Rootkit/Bootkit exploit viruses. Did you remember to run the Trend Micro ROOTKIT BUSTER or turn on the checkbox in the newest Malwarebytes v3.x that says "check for Rootkits"?? If you did run this program and came back NTF (No Threats Found); then you are probably Ok there. This program can be run without installing it and will work with kemical's suggestion of removing your Trend Micro AV program. It's an online scanner and doesn't really install in your Registry so it won't interfere with kemical's recommended configuration.
This would be using only Windows Defender & Malwarebytes.

Running this configuration should remove ALL viruses, and that includes you manually emptying the quarantine folders from both these programs. If you cannot do that, most likely your boot drive HDD has certainly failed and is preventing those viruses from being removed from the hard drive due to a nasty combination of read errors on the drive and malicious behavior characteristics of the viruses themselves on a damaged drive--and taking advantage of the fact that you are not replacing it or reinstalling your W7 due to the big job that will be.

The virus-authors know this and count on your behavior and common-place reasoning. Removing them is very Counterintuitive, and that's why home and even many business users just cannot figure out how to get rid of them, because they can't see the trees for the forest and don't understand how HDDs work at the microscopic level and what viruses can do to them and how and where they can hid to fool AV scanner program. Think about this; the Hackers out there know about all the same AV programs we use everyday (Norton, Avast, McAfee, Trend Micro, etc.) along with antispyware programs such as MBAM, Superantispyware, and Spybot to name a few. If they know about them, then they can and do write routines to bypass their security even heuristic security using advanced AI techniques. Therefore, you can't assume that they are blind to the newest advances in security software and that they haven't figured out how to defeat their protection.

Hopefully, these additional comments will help you keep your system running for the next 2 years or so. At some point your companies you work with will realize they will have to do an upgrade on their software along with the remote software; as with no more Microsoft support they will be vulnerable to hackers more so than ever, just like why most Fortune500 companies stopped running XP in 2014.

Best,
<<<BBJ>>>