Windows 8 Start Up Issue.

DWreck

New Member
#1
When I log in to Windows 8 I get the Error in the Picture. I'm missing AUInstallAgent or its there and not working. Because of this I lose Administrative Privileges. Meaning I can change nothing in my Account, Windows Files, or even Rename, Add, or Remove a File to the Programs Folder and Windows Directory. I have located the File, its in the Windows Directory But I can not view the File. I fear I might have to re-install Windows 8 :upset:. I uploaded some other Pictures as well, some should happen and some shouldn't but you'll know which is which. Thanks for the help, DWreck.

Capture.PNG Location.PNG Admin.PNG Properties.PNG Editing Read Only.PNG Admin 2.PNG Error 2.PNG
 


usasma

Fantastic Member
Microsoft Community Contributor
#2
AFAIK, this is a protected Windows file.
Have you tried running SFC.EXE /SCANNOW from an elevated (Run as administrator) Command Prompt?
Make sure that the AUInstallAgent service is enabled in services.msc

If that doesn't work, then try a Refresh of your Windows installation. A refresh will preserve your personal files. Here's how: How to Refresh or Reset Your Windows 8 PC | PCMag.com

We can review your event viewer logs also, please provide this info (even though you're not having BSOD's): http://windows8forums.com/windows-8-errors-bsods/11837-how-ask-help-bsod.html

Also, please do the following:
- open Event Viewer (eventvwr.msc)
- expand the Custom Views category (left click on the > next to the words "Custom Views")
- right click on Administrative Events
- select "Save all Events in Custom View as..."
- save the file as Admin.evtx
- zip up the file (right click on it, select "Send to", select "Compressed (zipped) folder")
- upload it with your next post (if it's too big, then upload it to a free file-hosting service and post a link here).
 


Last edited by a moderator:

DWreck

New Member
#3
View attachment W7F_13-03-2013.zip View attachment W7F_13-03-2013.zip View attachment W7F_13-03-2013.zip
AFAIK, this is a protected Windows file.
Have you tried running SFC.EXE /SCANNOW from an elevated (Run as administrator) Command Prompt?
Make sure that the AUInstallAgent service is enabled in services.msc

If that doesn't work, then try a Refresh of your Windows installation. A refresh will preserve your personal files. Here's how: How to Refresh or Reset Your Windows 8 PC | PCMag.com

We can review your event viewer logs also, please provide this info (even though you're not having BSOD's): http://windows8forums.com/windows-8-errors-bsods/11837-how-ask-help-bsod.html

Also, please do the following:
- open Event Viewer (eventvwr.msc)
- expand the Custom Views category (left click on the > next to the words "Custom Views")
- right click on Administrative Events
- select "Save all Events in Custom View as..."
- save the file as Admin.evtx
- zip up the file (right click on it, select "Send to", select "Compressed (zipped) folder")
- upload it with your next post (if it's too big, then upload it to a free file-hosting service and post a link here).
Okay, below will be all the things you requested.

I have Run that in CMD. For your convince I did it again and took a screenshot of the Error I got.

Error 3.PNG

I will try the "Refresh", and report back once its done.

The file you requested has been Uploaded via Attachments.

When I Right Clicked "Administrative Events" I did not see the "Save all Events in Custom View as..." in the list. All I see is "Open", "Properties", and "Help".
 


DWreck

New Member
#4
Double Post. Didn't know about the Mod Approving the Posts first so I though it didn't work.
 


Last edited by a moderator:

Saltgrass

Excellent Member
Microsoft Community Contributor
#5
Could you go over exactly what you were doing, the attachments are a little confusing as to their sequence.

Were you trying to change the attributes on a Word Document and everything else came from that?

The to find out what files were corrupted, copy and paste this in an administrative command prompt, which it seems you can do, and zip and attach. You might check the text file for any personal info.

findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt"

http://support.microsoft.com/kb/929833
 


Last edited by a moderator:

DWreck

New Member
#6
View attachment CMD Errors.zip
Could you go over exactly what you were doing, the attachments are a little confusing as to their sequence.

Were you trying to change the attributes on a Word Document and everything else came from that?

The to find out what files were corrupted, copy and paste this in an administrative command prompt, which it seems you can do, and zip and attach. You might check the text file for any personal info.

findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt"

Use the System File Checker tool to troubleshoot missing or corrupted system files on Windows Vista or on Windows 7
Okay, I Zipped the CMD Screenshot for you and Attached it.

The File I was editing was the File that made me notice something was wrong (I didn't mind the AUInstallAgent problem until I saw what problems it caused). So I took a Screenshot of it. That Error will happen to anything that Requires Administrative Privileges, as an example the Windows Directory, Program Files, and Editing Accounts (Anything with a Blue & Gold Shield). There just happened to be a Word Document in the Folder I was trying to Remove "Read Only" with. Also I can still "Run as Administrter" and that will work.

I tried the Command in CMD and got an Error (probably me typing something wrong but I tried it 3 times so I don't know.), I Zipped and Attached that to for you.

 


usasma

Fantastic Member
Microsoft Community Contributor
#7
Did you right click on Administrative Events in the left hand column, not the center column?

AMD OverDrive (AODDriver2.sys) is either a stand-alone application, or a component of the AMD VISION Engine Control Center. This driver is known to cause BSOD's on some Windows systems.
Please un-install all AMD/ATI video stuff from Control Panel...Programs...Un-install a program
Then, download (but DO NOT install) a fresh copy of the ATI drivers from Global Provider of Innovative Graphics, Processors and Media Solutions | AMD (in the upper right corner of the page)
Use this procedure to install the DRIVER ONLY: ATI video cards - DRIVER ONLY installation procedure - Sysnative Forums

If the device (AODDriver or AODDriver4.01) remains a problem, open Device Manager, select the "View" item.
Then select "Show hidden devices" and scroll down to the Non-Plug and Play Drivers section.
Locate the AODDriver entry, right click on it and select "Un-install". Reboot for changes to take affect.
Sometimes the driver remains and continues to cause BSOD's. If this is the case for you, post back and we'll give further instructions for safely removing it.

MSI Afterburner (along with Riva Tuner and EVGA Precision) are known to cause BSOD's in some Windows systems. Please uninstall it immediately!

If you're overclocking, please stop the overclock while we're troubleshooting. Feel free to resume the overclock once the system has been stabilized.

You've got something that's loading old drivers (with .tmp extensions) out of the Temp folders in the AppData directory - this is not considered a good practice for driver writers AFAIK. I'd suggest that you scan for malware, here's a list of free scanners: Free Online AntiMalware Resources Just FYI, the latest one is located at: C:\Users\DWreck\AppData\Local\Temp\tmp85F1.tmp You might want to check it's properties to see if there's any identifying notes.

If the system scans clean, then you'll have to figure out what old program is installed. I see a 2010 version of Enigma SpyHunter in the reports, but it's not known if it's related to this issue.

Please update these older drivers. Links are included to assist in looking up the source of the drivers. If unable to find an update, please remove (un-install) the program responsible for that driver. DO NOT manually delete/rename the driver as it may make the system unbootable! :


ElbyCDIO.sys Thu Dec 16 17:58:13 2010 (4D0A9985)
CDRTools/ElbyCDIO/DVD Region Killer/VirtualCloneDrive (elby CloneDVD™ 2)/AnyDVD
http://www.carrona.org/drivers/driver.php?id=ElbyCDIO.sys

VClone.sys Sat Jan 15 11:21:04 2011 (4D31C970)
VirtualCloneCD Driver by Elaborate Bytes AG
http://www.carrona.org/drivers/driver.php?id=VClone.sys

Rt630x64.sys Wed Oct 19 08:12:55 2011 (4E9EBEC7)
Realtek PCI/PCIe Adapters
http://www.carrona.org/drivers/driver.php?id=Rt630x64.sys



Analysis:
The following is for informational purposes only.
Code:
[font=lucida console]**************************Tue Mar 12 05:23:02.209 2013 (UTC - 4:00)**************************
Loading Dump File [C:\Users\Owner\SysnativeBSODApps\031213-24164-01.dmp]
Windows 8 Kernel Version 9200 MP (6 procs) Free x64
Built by: [B]9200[/B].16496.amd64fre.win8_gdr.130108-1504
System Uptime:[B]0 days 0:11:15.919[/B]
*** WARNING: Unable to verify timestamp for atikmdag.sys
*** ERROR: Module load completed but symbols could not be loaded for atikmdag.sys
*** WARNING: Unable to verify timestamp for atikmpag.sys
*** ERROR: Module load completed but symbols could not be loaded for atikmpag.sys
Probably caused by :[B]atikmdag.sys ( atikmdag+12b2b5 )[/B]
BugCheck [B]1E, {ffffffffc0000005, fffff880093352b5, 0, 6c6eb28}[/B]
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x0000001E]KMODE_EXCEPTION_NOT_HANDLED (1e)[/url]
Arguments: 
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff880093352b5, The address that the exception occurred at
Arg3: 0000000000000000, Parameter 0 of the exception
Arg4: 0000000006c6eb28, Parameter 1 of the exception
BUGCHECK_STR:  0x1E_c0000005_R
PROCESS_NAME:  dwm.exe
FAILURE_BUCKET_ID: [B]0x1E_c0000005_R_atikmdag+12b2b5[/B]
  BIOS Version                  F8
  BIOS Release Date             10/11/2010
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  GA-880GM-UD2H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Tue Mar 12 05:10:58.124 2013 (UTC - 4:00)**************************
Loading Dump File [C:\Users\Owner\SysnativeBSODApps\031213-46472-01.dmp]
Windows 8 Kernel Version 9200 MP (6 procs) Free x64
Built by: [B]9200[/B].16496.amd64fre.win8_gdr.130108-1504
System Uptime:[B]0 days 0:05:41.834[/B]
*** WARNING: Unable to verify timestamp for atikmdag.sys
*** ERROR: Module load completed but symbols could not be loaded for atikmdag.sys
Probably caused by :[B]atikmdag.sys ( atikmdag+2311c )[/B]
BugCheck [B]A0000001, {5, 0, 0, 0}[/B]
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#Example]Unknown bugcheck code (a0000001)[/url]
Arguments: 
Arg1: 0000000000000005
Arg2: 0000000000000000
Arg3: 0000000000000000
Arg4: 0000000000000000
BUGCHECK_STR:  0xA0000001
DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT
PROCESS_NAME:  arma2oa.exe
FAILURE_BUCKET_ID: [B]0xA0000001_atikmdag+2311c[/B]
  BIOS Version                  F8
  BIOS Release Date             10/11/2010
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  GA-880GM-UD2H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Tue Mar 12 05:00:27.682 2013 (UTC - 4:00)**************************
Loading Dump File [C:\Users\Owner\SysnativeBSODApps\031213-16426-01.dmp]
Windows 8 Kernel Version 9200 MP (6 procs) Free x64
Built by: [B]9200[/B].16496.amd64fre.win8_gdr.130108-1504
System Uptime:[B]0 days 0:41:45.366[/B]
*** WARNING: Unable to verify timestamp for atikmdag.sys
*** ERROR: Module load completed but symbols could not be loaded for atikmdag.sys
Probably caused by :[B]atikmdag.sys ( atikmdag+2311c )[/B]
BugCheck [B]A0000001, {5, 0, 0, 0}[/B]
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#Example]Unknown bugcheck code (a0000001)[/url]
Arguments: 
Arg1: 0000000000000005
Arg2: 0000000000000000
Arg3: 0000000000000000
Arg4: 0000000000000000
BUGCHECK_STR:  0xA0000001
DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: [B]0xA0000001_atikmdag+2311c[/B]
  BIOS Version                  F8
  BIOS Release Date             10/11/2010
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  GA-880GM-UD2H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Tue Mar 12 02:53:34.712 2013 (UTC - 4:00)**************************
Loading Dump File [C:\Users\Owner\SysnativeBSODApps\031113-14383-01.dmp]
Windows 8 Kernel Version 9200 MP (6 procs) Free x64
Built by: [B]9200[/B].16496.amd64fre.win8_gdr.130108-1504
System Uptime:[B]0 days 0:00:41.384[/B]
Probably caused by :[B]ntkrnlmp.exe ( nt!KiDoubleFaultAbort+b4 )[/B]
BugCheck [B]7F, {8, fffff880019bad30, 565a90, fffff8002f53d645}[/B]
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x0000007F]UNEXPECTED_KERNEL_MODE_TRAP (7f)[/url]
Arguments: 
Arg1: 0000000000000008, EXCEPTION_DOUBLE_FAULT
Arg2: fffff880019bad30
Arg3: 0000000000565a90
Arg4: fffff8002f53d645
BUGCHECK_STR:  0x7f_8
PROCESS_NAME:  ekrn.exe
FAILURE_BUCKET_ID: [B]0x7f_8_nt!KiDoubleFaultAbort[/B]
  BIOS Version                  F8
  BIOS Release Date             10/11/2010
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  GA-880GM-UD2H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Tue Mar 12 01:46:54.669 2013 (UTC - 4:00)**************************
Loading Dump File [C:\Users\Owner\SysnativeBSODApps\031113-20732-01.dmp]
Windows 8 Kernel Version 9200 MP (6 procs) Free x64
Built by: [B]9200[/B].16496.amd64fre.win8_gdr.130108-1504
System Uptime:[B]0 days 0:00:24.494[/B]
*** WARNING: Unable to verify timestamp for AtihdW86.sys
*** ERROR: Module load completed but symbols could not be loaded for AtihdW86.sys
Probably caused by :[B]AtihdW86.sys ( AtihdW86+fe67 )[/B]
BugCheck [B]3B, {c0000005, fffff880084a3e67, fffff880074bfc00, 0}[/B]
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x0000003B]SYSTEM_SERVICE_EXCEPTION (3b)[/url]
Arguments: 
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff880084a3e67, Address of the instruction which caused the bugcheck
Arg3: fffff880074bfc00, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.
BUGCHECK_STR:  0x3B
DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT
PROCESS_NAME:  svchost.exe
FAILURE_BUCKET_ID: [B]0x3B_AtihdW86+fe67[/B]
  BIOS Version                  F8
  BIOS Release Date             10/11/2010
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  GA-880GM-UD2H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Mar  3 04:23:40.673 2013 (UTC - 4:00)**************************
Loading Dump File [C:\Users\Owner\SysnativeBSODApps\030313-17082-01.dmp]
Windows 8 Kernel Version 9200 MP (6 procs) Free x64
Built by: [B]9200[/B].16496.amd64fre.win8_gdr.130108-1504
System Uptime:[B]0 days 0:00:15.363[/B]
*** WARNING: Unable to verify timestamp for AtihdW86.sys
*** ERROR: Module load completed but symbols could not be loaded for AtihdW86.sys
Probably caused by :[B]AtihdW86.sys ( AtihdW86+fe67 )[/B]
BugCheck [B]3B, {c0000005, fffff88008564e67, fffff88007495c00, 0}[/B]
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x0000003B]SYSTEM_SERVICE_EXCEPTION (3b)[/url]
Arguments: 
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff88008564e67, Address of the instruction which caused the bugcheck
Arg3: fffff88007495c00, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.
BUGCHECK_STR:  0x3B
DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT
PROCESS_NAME:  svchost.exe
FAILURE_BUCKET_ID: [B]0x3B_AtihdW86+fe67[/B]
  BIOS Version                  F8
  BIOS Release Date             10/11/2010
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  GA-880GM-UD2H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Mar  3 01:16:42.790 2013 (UTC - 4:00)**************************
Loading Dump File [C:\Users\Owner\SysnativeBSODApps\030213-10483-01.dmp]
Windows 8 Kernel Version 9200 MP (6 procs) Free x64
Built by: [B]9200[/B].16496.amd64fre.win8_gdr.130108-1504
System Uptime:[B]0 days 0:00:10.481[/B]
Probably caused by :[B]Unknown_Image ( ANALYSIS_INCONCLUSIVE )[/B]
BugCheck [B]3B, {c0000005, fffff880081aae67, fffff8800ac3dc00, 0}[/B]
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x0000003B]SYSTEM_SERVICE_EXCEPTION (3b)[/url]
Arguments: 
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff880081aae67, Address of the instruction which caused the bugcheck
Arg3: fffff8800ac3dc00, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.
BUGCHECK_STR:  0x3B
DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Mar  3 00:53:13.507 2013 (UTC - 4:00)**************************
Loading Dump File [C:\Users\Owner\SysnativeBSODApps\030213-9484-01.dmp]
Windows 8 Kernel Version 9200 MP (6 procs) Free x64
Built by: [B]9200[/B].16496.amd64fre.win8_gdr.130108-1504
System Uptime:[B]0 days 0:00:11.198[/B]
*** WARNING: Unable to verify timestamp for AtihdW86.sys
*** ERROR: Module load completed but symbols could not be loaded for AtihdW86.sys
Probably caused by :[B]AtihdW86.sys ( AtihdW86+fe67 )[/B]
BugCheck [B]3B, {c0000005, fffff88008098e67, fffff8800ae75c00, 0}[/B]
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x0000003B]SYSTEM_SERVICE_EXCEPTION (3b)[/url]
Arguments: 
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff88008098e67, Address of the instruction which caused the bugcheck
Arg3: fffff8800ae75c00, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.
BUGCHECK_STR:  0x3B
DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT
PROCESS_NAME:  svchost.exe
FAILURE_BUCKET_ID: [B]0x3B_AtihdW86+fe67[/B]
  BIOS Version                  F8
  BIOS Release Date             10/11/2010
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  GA-880GM-UD2H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Mar  3 00:34:46.777 2013 (UTC - 4:00)**************************
Loading Dump File [C:\Users\Owner\SysnativeBSODApps\030213-15600-01.dmp]
Windows 8 Kernel Version 9200 MP (6 procs) Free x64
Built by: [B]9200[/B].16496.amd64fre.win8_gdr.130108-1504
System Uptime:[B]0 days 0:01:08.487[/B]
*** WARNING: Unable to verify timestamp for AtihdW86.sys
*** ERROR: Module load completed but symbols could not be loaded for AtihdW86.sys
Probably caused by :[B]AtihdW86.sys ( AtihdW86+fe67 )[/B]
BugCheck [B]3B, {c0000005, fffff8800c654e67, fffff880098c9c00, 0}[/B]
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x0000003B]SYSTEM_SERVICE_EXCEPTION (3b)[/url]
Arguments: 
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff8800c654e67, Address of the instruction which caused the bugcheck
Arg3: fffff880098c9c00, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.
BUGCHECK_STR:  0x3B
DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT
PROCESS_NAME:  svchost.exe
FAILURE_BUCKET_ID: [B]0x3B_AtihdW86+fe67[/B]
  BIOS Version                  F8
  BIOS Release Date             10/11/2010
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  GA-880GM-UD2H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
[/font]
3rd Party Drivers:
The following is for information purposes only.
Any drivers in red should be updated or removed from your system. And should have been discussed in the body of my post.
Code:
[font=lucida console]**************************Tue Mar 12 05:23:02.209 2013 (UTC - 4:00)**************************
[COLOR=RED][B]tmp3F7F.tmp                 Sat Jul 26 09:29:37 2008 (488B26C1)[/B][/COLOR]
[COLOR=RED][B]ElbyCDIO.sys                Thu Dec 16 17:58:13 2010 (4D0A9985)[/B][/COLOR]
[COLOR=RED][B]VClone.sys                  Sat Jan 15 11:21:04 2011 (4D31C970)[/B][/COLOR]
[COLOR=RED][B]RTCore64.sys                Tue Sep  6 08:24:50 2011 (4E661112)[/B][/COLOR]
[COLOR=RED][B]Rt630x64.sys                Wed Oct 19 08:12:55 2011 (4E9EBEC7)[/B][/COLOR]
[COLOR=RED][B]AODDriver2.sys              Thu Apr  5 05:23:37 2012 (4F7D6499)[/B][/COLOR]
GEARAspiWDM.sys             Thu May  3 15:56:17 2012 (4FA2E2E1)
AtihdW86.sys                Wed Dec 12 12:20:30 2012 (50C8BCDE)
atikmpag.sys                Wed Dec 19 14:32:55 2012 (50D21667)
atikmdag.sys                Wed Dec 19 15:38:55 2012 (50D225DF)
EpfwLWF.sys                 Fri Dec 21 07:00:01 2012 (50D44F41)
epfwwfp.sys                 Fri Dec 21 07:00:03 2012 (50D44F43)
epfw.sys                    Fri Dec 21 07:00:05 2012 (50D44F45)
eamonm.sys                  Fri Dec 21 07:02:24 2012 (50D44FD0)
ehdrv.sys                   Fri Dec 21 07:03:30 2012 (50D45012)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Tue Mar 12 05:10:58.124 2013 (UTC - 4:00)**************************
[COLOR=RED][B]tmp85F1.tmp                 Sat Jul 26 09:29:37 2008 (488B26C1)[/B][/COLOR]
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Tue Mar 12 05:00:27.682 2013 (UTC - 4:00)**************************
[COLOR=RED][B]tmpD5D4.tmp                 Sat Jul 26 09:29:37 2008 (488B26C1)[/B][/COLOR]
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Mar  3 00:53:13.507 2013 (UTC - 4:00)**************************
atikmpag.sys                Mon Jun 18 16:41:29 2012 (4FDF9279)
atikmdag.sys                Mon Jun 18 17:21:01 2012 (4FDF9BBD)
[/font]
tmp3F7F.tmp - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=ElbyCDIO.sys
http://www.carrona.org/drivers/driver.php?id=VClone.sys
http://www.carrona.org/drivers/driver.php?id=RTCore64.sys
http://www.carrona.org/drivers/driver.php?id=Rt630x64.sys
http://www.carrona.org/drivers/driver.php?id=AODDriver2.sys
http://www.carrona.org/drivers/driver.php?id=GEARAspiWDM.sys
http://www.carrona.org/drivers/driver.php?id=AtihdW86.sys
http://www.carrona.org/drivers/driver.php?id=atikmpag.sys
http://www.carrona.org/drivers/driver.php?id=atikmdag.sys
http://www.carrona.org/drivers/driver.php?id=EpfwLWF.sys
http://www.carrona.org/drivers/driver.php?id=epfwwfp.sys
http://www.carrona.org/drivers/driver.php?id=epfw.sys
http://www.carrona.org/drivers/driver.php?id=eamonm.sys
http://www.carrona.org/drivers/driver.php?id=ehdrv.sys
tmp85F1.tmp - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
tmpD5D4.tmp - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=atikmpag.sys
http://www.carrona.org/drivers/driver.php?id=atikmdag.sys
 


Saltgrass

Excellent Member
Microsoft Community Contributor
#8
All you had to do was copy and paste the findstr command. Copy it from the this site, then in the Command Window, right click and select paste when the cursor is in the correct position.

Did you get any errors when you opened the Admin Command Prompt? You should have gotten a popup asking for permission.
 


DWreck

New Member
#9
Sorry guys I tried to do everything before I left, but I couldn't. I'll be back in a couple of days, thanks for the help.
 


usasma

Fantastic Member
Microsoft Community Contributor
#10
Not a problem. We get notified by email when you respond - so we'll be here waiting once you get back!
 


#11
View attachment sfcdetails.txt View attachment W7F_16-03-2013.zip

I was finally able to get the CMD File you wanted, it has been Attached along with a New Log from the Tool I downloaded. All requests have been applied to the new Log.

I Removed all of the "AMD Stuff" and Installed the Video Card Driver only.

I'm not getting any BSOD's so I'll just assume you copied & pasted that section of your Post.

MSI Afterburnner as well as the other software has been Removed.

My System is currently Stable.

I have ESET Smart Security 6 and Spy Hunter 4 that run on a regular basis. So I think I'm fine there, but I will Run a Scan now for your Convince.

My System Scan is now Complete:

ESET Smart Security 6 Found: 0 Threats
Spy Hunter 4 Found: 0 Threats

2 of those Drivers are for Virtual ISO Mounting. They are 2 different Programs, one I don't use, and the only way they can be Updated it to Reinstall the Programs. The one I Uninstalled clearly didn't get removed when I uninstalled it. The other Driver is for my PCI-E Slot apparently, and the Website provided is Updating my 10/100 Ethernet Port, which has nothing to do with that Driver. So I cant do anything about that sadly.

All of those Crash Dumps are from me Hating Windows 8. Most of which will be "AtihdW86.sys". This is caused from me trying to Boot my System without a Video Card in it. If I take it out apparently the "HD Audio Device" (Which has nothing to do with the Video Card since its On Board Audio) causes my System to Crash. Most of the others are from AMD Drives Crashing due to the following, Over Clocking, Over Power Target, and Random Crashes during Game Play (For No Reason the Drivers Crash). As for the other Drivers, I cannot do anything they are installed with the Program they come with, and not Update-able. Anything that is there before 2012 should not be because I just got this HDD about 6 Months ago, unless those dates are release dates.

I did all of this through Team Viewer on my iPhone so excuse me for any Typos.
 


Last edited by a moderator:

Saltgrass

Excellent Member
Microsoft Community Contributor
#12
The file the SFC cannot repair is batmeter.dll which might not be related to you larger situation. On the other hand, it might be involved with the ACPI power system and needed for some purpose.

The file was referenced by update KB2756872.

The link I gave you at Microsoft describes how to replace a file if you have a good copy somewhere.
 


#13
The file the SFC cannot repair is batmeter.dll which might not be related to you larger situation. On the other hand, it might be involved with the ACPI power system and needed for some purpose.

The file was referenced by update KB2756872.

The link I gave you at Microsoft describes how to replace a file if you have a good copy somewhere.
So would you like me to Download this Update and Install it Manually?
 


Saltgrass

Excellent Member
Microsoft Community Contributor
#14
I would suggest if it bothers you, try to replace it using the info on the link. It is an old update, so I would leave it alone.

You can probably get a copy of that file from another system or maybe from install media if you were to mount the .iso, or use 7 zip to retrieve it. Since I have not had the experience of having a file not repairable, I am not sure as to how to advise if you decide you need to replace it.

It has always bothered me that the system says both the file and its backup are corrupted. I don't know exactly what is compared on the System Check, but there may be some type of database that actually has the incorrect info...

If you want to pursue the issue, we might be able to help.
 


usasma

Fantastic Member
Microsoft Community Contributor
#15
Sorry about the BSOD references - I do a lot of BSOD work, so my canned speeches are peppered with references to them.
Still, we've got the reports so I'll have a look at them.

To summarize up front:
1) I believe there is a problem with conflicting antiviruses and firewalls. Only use one anti-virus and one firewall at a time (to include Windows Defender and the Windows Firewall)
2) You also have a BSOD problem with your video sub-system. This may/may not affect the startup issues, but it should be repaired also.
3) Gotta wonder, with this number of errors, if malware is involved (it may have slipped by when the antivirus'/firewalls were fighting with each other). I'd suggest starting with a couple of these free scans: Free Online AntiMalware Resources

So, here we go. Read through all of this before trying to repair anything - I may repeat stuff. Good luck!

Your BIOS dates from 2010. Please check at the manufacturer's website to see if there are any BIOS updates available for your system. Also check the readme file to see if they apply to the problems that you are having. Please be advised that flashing the BIOS is a very unforgiving process - and one mistake can physically damage your motherboard.

Ton's of video drivers errors - STOP 0x117's and 0x141's mostly. These are BSOD's that don't show the blue screen. Usually you'll get the "Video driver has recovered from an error" message when you see these. Try the troubleshooting steps here: Video TDR Timeout - 0x116 + 0x117 - Sysnative Forums

Also a bunch of STOP 0x3B and 0xA0000001 (an ATI internal error code)
Of all the errors (I counted 66 total) there's only one that doesn't directly reference the video drivers. As such I'd have to conclude that this is a video issue - and with the number of different errors I'd have to wonder if this is a hardware problem with the video card.

Please don't use CCleaner while we're troubleshooting - it removes log files and dump files, which we need for our analysis.

I see that you have OCCT installed. When did you run it, which tests did you run, and what were the results of each test that you ran?

MpsSvc service has many Access Denied errors. This is a component of the Windows Firewall.

The AdvancedSystemCareAntivirus service terminated unexpectedly - there are many of these errors
Other errors with it are suggestive that the interactive portion of the program is blocked by your system settings:
The Advanced SystemCare Service 6 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
I noted ESET, Advanced System Care and the Windows Firewall present. Please uninstall all anti-virus/internet security/firewall applications, then ensure that the Windows Firewall and Windows Defender are turned on. Feel free to reinstall the ESET once the system has become stable again. When you do so, check to make sure that the Windows Firewall is turned off (only run one anti-virus and one firewall at a time).

Windows Update failures are listed, please make sure that you get ALL available Windows Updates

The WinRing0_1_2_0 service failed to start due to the following error:
The system cannot find the file specified.
Lot's of WinRing0 errors - I suggest uninstalling this program - it's usually associated with RealTemp, Corsair Link2 (known BSOD issues w/Win8), and/or Razer GameBooster

If you're overclocking, please stop the overclock while we're troubleshooting. Feel free to resume the overclock once the system has been stabilized.

Found other bugchecks that aren't shown in the WER section of MSINFO32 - at least one STOP 0x50 and one STOP 0x109 was found.
Also found this:
Event[17870]:
Log Name: System
Source: Microsoft-Windows-WER-SystemErrorReporting
Date: 2013-03-16T03:07:27.000
Event ID: 1005
Task: N/A
Level: Error
Opcode: N/A
Keyword: Classic
User: N/A
User Name: N/A
Computer: DWreck
Description:
Unable to produce a minidump file from the full dump file.
Ton's of SRUJet and Software Protections Service errors in the Application log file.
?malware?
But this entry suggests hardware:
Event[47730]:
Log Name: Application
Source: ESENT
Date: 2013-03-16T08:40:01.000
Event ID: 476
Task: Database Page Cache
Level: Error
Opcode: Info
Keyword: Classic
User: N/A
User Name: N/A
Computer: DWreck
Description:
svchost (1424) SRUJet: The database page read from the file "C:\Windows\system32\SRU\SRUDB.dat" at offset 2543616 (0x000000000026d000) (database page 620 (0x26C)) for 4096 (0x00001000) bytes failed verification because it contains no page data. The read operation will fail with error -1019 (0xfffffc05). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Lot's of different results if you search for SRUJet on the web - but most seem to point to hardware. Although this article did refer to antivirus scans causing it: "The information store terminated abnormally" error message and event ID 447 is logged

At this point, my suggestion is to remedy the multiple antivirus/firewall problems and see if that stops these errors in the Application log file.
 


#16
Sorry guys, I think I must of done something seriously wrong here. I cant Post the System. I am going to reinstall Windows. Thank you very much for the support everyone.
 


usasma

Fantastic Member
Microsoft Community Contributor
#17
Sorry to hear that. Please let us know how things work out for you.
 


davehc

Essential Member
Premium Supporter
#18
It's been said before, many times, but.
When you have reinstalled, get a free image program (macrium?). Make an image in a safe place - another HD or external. Keep the images updates running. A problem such as you have experienced would have taken 10 minutes to solve, instead of four days.
 


#19
I'd just like to update you guys. It's been about a month now and I have rebuilt my PC. Well, actually I really built a new PC. A lot better then the one before. I am proud to say that this issue has not come back again! But I have a new issue that is irrelevant to this topic so I will open a new thread. Just in case you guys might be able to help I will link it once its up. Also, Dave thanks for the tip. I always did have a backup but that was the backup. Because I didn't mind the issue until I saw what it did I was already overwriting my backup. I tried it anyways and lost a weeks worth of work to see if it would help but like I said, I already saved it with the issue on it...
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.