# Blue Screen error 100008e during boot



## Fortnox (May 1, 2007)

Okay so I don't usually ask for help with computer problems, but this one has me stumped. It's Windows Vista's incredible stupidity, to be blunt. I swear, Automatic Update is the WORST form of syndication I've ever seen. It's useless. It causes more problems than it fixes. Several times now I've had to reformat or load a backup because automatic update has deleted important system files or messed up the registry. This time round I'm installing updates very slowly, and it seems to have avoided causing massive errors, but some kind of an error has been caused by the updates, and it's slowly getting worse and worse. 

At first I had a rare blue screen that reported this;


Spoiler



Problem signature:
Problem Event Name:	BlueScreen
OS Version:	6.0.6000.2.0.0.256.6
Locale ID:	2057

Additional information about the problem:
BCCode:	1000008e
BCP1:	C0000005
BCP2:	944C5881
BCP3:	98C50C04
BCP4:	00000000
OS Version:	6_0_6000
Service Pack:	0_0
Product:	256_1

Files that help describe the problem:
C:\Windows\Minidump\Mini091308-02.dmp
C:\Users\Fortnox\AppData\Local\Temp\WER-62306-0.sysdata.xml
C:\Users\Fortnox\AppData\Local\Temp\WER730.tmp.version.txt

Read our privacy statement:
http://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0409
(It's the same errors every time)



And the dump file said that WIN23K.exe was "probably" responsible for the crash, other than that just useless kernel data because the bugcheck doesn't work. The other two dumps were temporary and wiped before I could check them. 

Anyhow, this blue screen now happens every other time I turn on the computer. I'm serious, it's consistent. It happens exactly one half of the time. the computer only works 1/4 of the time because there's another problem, that some times even when it does start up correctly it gets some strange- doubtless related- error that doesn't allow me to start-up any windows or applications. Nothing will run and it just sits at the desktop until I shut down and try again. 

This morning I blue screened at least twice and the desktop failed to load apps once, here's all the event viewer error/warning logs I have; 



Spoiler



--IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 2, function 0. Please contact your system vendor for technical assistance.

--IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 6, function 0. Please contact your system vendor for technical assistance.
(THIS IS NOT TRUE! THE IRQS ARE CONFIGURED CORRECTLY!) 

--A desktop heap allocation failed. (Source: Win32K!)

--A desktop heap allocation failed. (Same again)

--Windows Servicing failed to complete the process of setting package KB955020 (Update) into Default(Default) state

--Windows Servicing failed to complete the process of setting package KB955020 (Update) into Default(Default) state

--Windows Servicing failed to complete the process of setting package KB955020 (Update) into Default(Default) state

--Windows Servicing failed to complete the process of setting package KB941649 (Update) into Default(Default) state



That's all of them from this morning. They're in order of earliest to latest, but I don't know which ones apply to which boot. The first two erros about IRQs I had forgotten about, but before now I did a LOT of research into them and tried to fix them- I think I eventually found out one device was the graphics card which was working fine, and the other was my on-board Ethernet Controller which was working fine. 

System specs (Some taken from System pane, others off the top of my head
Processor; AMD Athlon(tm) 64 X2 Dual Core Processor 6000+ 3.00 GHz
RAM; 2047 MB
OS: 32-bit Vista Business
Graphics card; PCI-E GeForce 8800 GT
I can't really remember what my motherboard is, but it's got a stupidly long name and it's a cheap old motherboard made by ASUS that has guaranteed I'll never, ever use an ASUS motherboard again. It's caused far more problems than it ever saved.

So there we go. The evidence is pretty hefty against Windows Update, but placing the blame isn't important. The blue screen error wasn't accurate enough to find a solution, it could be many, many different things. I've spent so long researching this and come up empty, any suggestions or help in any way is really appreciated. I know this problem will only get progressively worse until I have to reformat again.

*----------wooooooo-----------*
I wrote that a week ago. At this point the problem has progressed to the stage that about 1 in 7 boots are successful. I've started in safe mode and that's worked fine, so I'm sure it's a software issue. I'm planning to get hold of a Vista Business boot disc and use repair boot, but as I'm sure everyone here has seen a massive amount of Vista issues the last year or so, I'm doubtless not the only one with this problem, and hopefully someone will recognise this error. 

Really hoping you can help, the computer might stop booting all together soon.


----------



## jcgriff2 (Sep 30, 2007)

Hi fortnox. . .

Welcome.

Although I see in your post that you usually don't ask for help, I am glad you are here and we can hopefully get through this.

A bugcheck = 0x0000008e indicates that a kernel-mode application generated an exception that the error handler did not catch. In this case, we look at the first parm for the exception - 0xc0000005 - which means that a memory access violation occurred.

I'll be more than happy to look at all of the dumps you have; however, there really is no point to do so as according to information you have posted... you ARE NOT updated with Vista SP1.

This is the #1 priority before anything else.

Any reason?

Regards. . .

jcgriff2

.


----------



## Fortnox (May 1, 2007)

SP1 updates automatically with Windows Update, right? I'm downloading updates extremely slowly because last time I downloaded all Vista updates at the same time Windows corrupted itself, I managed to repair it but eventually it caused too many errors and I had to reformat. 
That's the only reason I'm taking it slowly, doing them 2 or 3 updates at a time. I'm more than half way down the list though, I'll try to get through them all in the next 2 days then.


----------



## jcgriff2 (Sep 30, 2007)

Fortnox said:


> SP1 updates automatically with Windows Update, right?


Yes... it should assuming certain conditions are met such as prerequisite Windows Updates, logged onto an admin account (not the Vista hidden admin account) and one thing that I have noticed that makes a tremendous difference - NO 3rd PARTY FIREWALLs. In fact, a work-around for SP1 install failure from Microsoft is to disable a/v. Do you have an Internet security suite like Norton, McAfee, Kaspersky, etc... running?




Fortnox said:


> I'm downloading updates extremely slowly because last time I downloaded all Vista updates at the same time Windows corrupted itself, I managed to repair it but eventually it caused too many errors and I had to reformat. . .


May I ask what you mean by "Windows corrupted itself.."? This really is not possible. I have systems here that are periodically wiped clean and >100 pre-SP1 updates have installed successfully w/in 1 hour! When SP1 came out, it of course is a roll-up of Windows Updates prior to that plus additional items. You should have no more than about 30 - 40 Windows Vista updates including SP1. If you have Office, add about 15 more to that estimate.

What type of corruption occurred and how do you know this, please?

Regards. . .

jcgriff2

.


----------



## Fortnox (May 1, 2007)

Damn my PC just blue screened twice during normal operation, instead of during boot. I was deleting some folders at the time, in both occaisons the same folders. Strange, I'll delete them 1 by 1 and see which one causes it. The error was; 

BCCode:	19
BCP1:	00000020
BCP2:	88F65000
BCP3:	88F65A00
BCP4:	09400000
OS Version:	6_0_6000
Service Pack:	0_0
Product:	256_1



jcgriff2 said:


> Yes... it should assuming certain conditions are met such as prerequisite Windows Updates, logged onto an admin account (not the Vista hidden admin account) and one thing that I have noticed that makes a tremendous difference - NO 3rd PARTY FIREWALLs. In fact, a work-around for SP1 install failure from Microsoft is to disable a/v. Do you have an Internet security suite like Norton, McAfee, Kaspersky, etc... running?


I'm running Avast! Anti-Virus, so I'll disable that when it comes to installing SP1. 



jcgriff2 said:


> May I ask what you mean by "Windows corrupted itself.."? This really is not possible. I have systems here that are periodically wiped clean and >100 pre-SP1 updates have installed successfully w/in 1 hour! When SP1 came out, it of course is a roll-up of Windows Updates prior to that plus additional items. You should have no more than about 30 - 40 Windows Vista updates including SP1. If you have Office, add about 15 more to that estimate.
> 
> What type of corruption occurred and how do you know this, please?


Well the computer worked fine for weeks, and kept prompting me to update. I eventually ran all updates at once and the next time I booted up I had a missing Windows file error.

*Edit* Huh, I deleted them one by one this time and I'm still here. I can't find much on that BScreen error either because it's so short and generic, most of them are long and unique so they're easy to look up.


----------



## jcgriff2 (Sep 30, 2007)

Hi. . .

After seeing this latest BSOD information that you posted, I can now understand why you believed Vista was corrupted. 

Basically, that is exactly what has happened, but the guilty party will most likely turn out to be a 3rd party driver and is not a Microsoft Vista driver from Windows Updates.

Your latest BSOD - 0x00000019 (0x00000020, 0x88F65000, 0x88F65A00, 0x09400000).

A bugcheck of 0x19 = BAD_POOL_HEADER. Couple this and the 1st parm of 0x20 and it means that a pool block header size is corrupt. This is indicative of a 3rd party driver causing damage to a kernel pool block header. When it was again accessed, the 0x19 BSOD resulted. There is a bad driver floating around somewhere in your system. 

Is avast the only a/v you have ever had on that system? Did your system come with trial offers for a/v or firewall products? How old is the system... did Vista come pre-installed?

What drivers do you install or update after you re-install Vista?

I hate to add to your BSODs, but I would like for you to run the driver verifier. Bring up an *Elevated* command prompt - 
*START | type cmd.exe | right-click on cmd.exe uptop under programs | Run as Administrator | type verifier & hit enter - the Verifier screen will appear | do the following:*

```
[b]
1. Select 2nd option - Create custom settings (for code developers)
2. Select 2nd option - Select individual settings from a full list.
3. Check the boxes
[indent]• Special Pool 
• Pool Tracking 
• Force IRQL checking[/indent]
4. Select last option - Select driver names from a list 
5. Click on the Provider heading - sorts list by Provider
6. Check ALL boxes where Microsoft is not the Provider
7. Click on Finish 
8. Re-boot
[/b]
```
The driver verifier will stress your system out and will hopefully cause its own BSOD w/ a 0x000000c4 bugcheck - which should contain the driver name causing problems. Should this happen, when the system re-boots, it will take you into into the recovery partition - perform a Windows System restore. Then get the dump files from c:\windows\minidump and attach to post.

Regards. . .

jcgriff2

.


----------



## Fortnox (May 1, 2007)

That was strange. I'm not sure if the bugcheck process is supposed to run during POST or Windows boot, but as soon as I restarted it stayed on a black screen with a blinking white typing line. I waited for it to continue but eventually left to start making dinner, and by the time I got back it was displaying a strange screen; It was asking me to choose which OS to boot from, displaying only Vista, or if I want to use the memory diagnostic tool. I presumed it had blue screened and messed up, but it wasn't giving me any windows restore option. I knew the problem had nothing to do with memory so I continued launching from Vista, and it asked me what mode to boot in, saying Windows had crashed previously. 
A bit confused, I went for Normal and it crashed before even completing the first loop of the animated Windows loading bar. I tried a few times and it always crashed the exact same way. Now I've restarted in Safe Mode and I'll check to see if that dump file you mentioned contains anything.

Okay, I have a lot of different .dmp files. Assuming the file name is date order, the latest is Mini092708-04. That means I've had 4 today, 3 must've been when I was trying to boot normally and the first one was before I came back to check on the computer. I'm not sure how I can post them on here though, when I run them a command prompt appears and disappears quickly, and when I view one in NotePad it's all just code and jibberish. 

Okay, so I could get hold of the Vista disc and system restore from there. Or, would Boot From Last Configuration work? I know it only registers the configuration when you log in, but does it register when you log in Safe Mode? If it does, then it'd be pointless since I'm now logged in on the broken settings.

*Edit* Slash that, I went ahead and tried Last Known Configuration and second try it worked. The dump files are still here too, but I'm not sure how to show you them. I tried to run it in DOS as Adminstrator too, but I got some bugcheck error and it wouldn't open one.


----------



## jcgriff2 (Sep 30, 2007)

Hi. . .

Good call on last known config.

Let's see what those verifier dumps have to offer. I'll run them and post the results. Zip all of them up and attach to your next post. Also run msinfo32 and save as a NFO file
START | type msinfo32 into the start search box and hit enter | after it gathers system info, save the file - you will see the NFO file extension. Add this to the zip file.

Regards. . .

jcgriff2

.


----------



## Fortnox (May 1, 2007)

! C:\Users\Fortnox\Documents\System info.zip: Cannot open Mini092708-01.dmp
! Access is denied.

Drat. Windows Vista won't let me use my own dump file? I tried changing the owner, checking permissions, I have full access to the file and it isn't read only or hidden but it won't let me compile them.


----------



## jcgriff2 (Sep 30, 2007)

Hi. . .

The minidumps that I am after are located in c:\windows\minidump.

You must copy the minidumps out to another folder, then you can zip them and attach.

I need that and the msinfo32 NFO file described in my earlier post,please. Add this NFO file to the zip file.

Regards. . .

jcgriff2

.


----------



## Fortnox (May 1, 2007)

Sorry for disappearing, I've been ill. I'm pretty much back on my feet now though. 

Okay I copied the files and they lost their invulnerable you cannot archive me status, wish I'd thought of that the first time round. 
I attached all 5 from that day, but 1 is most likely the only relevant one. 

Avast! also seems to be picking up worms from this site, for some reason. But it's not a problem as I just use "abort connection" and everything still loads fine.


----------



## jcgriff2 (Sep 30, 2007)

Hi. . .

Sorry, but I don't see any attachments.

Please try to attach zip file again containing the dumps and msinfo32 NFO file.

Regards. . .

jcgriff2

.


----------



## jcgriff2 (Sep 30, 2007)

Fortnox said:


> . . .
> 
> Avast! also seems to be picking up worms from this site, for some reason. But it's not a problem as I just use "abort connection" and everything still loads fine.


Hi. . .

Please provide additional details on the above from your last post. I'm looking for file paths & names, registry entries, etc... If there is a scan log available, that would be ideal. Thank you.

Regards. . .

jcgriff2

.


----------



## Fortnox (May 1, 2007)

Sure thing, the error log reported this;
01/10/2008 04:58:11 PM	SYSTEM	1752	Sign of "VBS:AutoRun-F [Wrm]" has been found in "http://www.techsupportforum.com/external.php?type=RSS2&forumids=217" file.


----------



## Fortnox (May 1, 2007)

Seems like you can't edit posts here, well I messed up the attatchment twice now but this one should work.


----------



## jcgriff2 (Sep 30, 2007)

Hi. . .

I ran the 5 dumps - none were Vista driver verifier enabled.

The one dump *Mini092708-01.dmp* was corrupted and not readable.

3 of the others had a bugcheck of 0x8e w/a 0xc00000005 exception - memory access violation, with a probable cause listed as the Microsoft driver win32k.sys. Two of these has a process named WBVista.exe running at the time of the crashes - Window Blinds. 

I suggest that you un-install Window Blinds.

The 5th dump had a bugcheck of 0x00000019 (0x00000020, 0x88f65000, 0x88f65a00, 0x9400000), with the probable cause listed as mprfil.sys - which belongs to an app called My Lockbox, which apparently protects certain folders. I would suggest that this be un-installed as well.

Lastly, I would un-install !Avast and see if Vista SP1 becomes available through Windows Updates.

Vista SP1 must be installed - the majority of your Vista drivers contain a timestamp of November 2006, the dawn of Vista.

The dbug output is attached.

Regards. . .

jcgriff2

.


----------



## speedster123 (Oct 18, 2006)

are you using a legit vista disk? [i had to ask]


----------



## jcgriff2 (Sep 30, 2007)

Good question indeed - I just took another look at the driver query and from what I see, every Microsoft Vista driver has a timestamp of November 2, 2006, which is the date that >95% of the modules had when Vista was public ally released on January 30, 2007. I doubt there have been any Windows Updates (my guesstimate), let alone Vista SP1.

Thanks. . .

JC

.


----------



## Fortnox (May 1, 2007)

My Vista Business isn't normal, but it's legit. It's part of one of those business packages Microsoft sells to corporations- they sell these packs of hundreds of thousands of £ worth of software for a few hundred £ on the basis that the corporation will advertise them. A friend uses this deal to make his life easier, and I borrowed one of his Vista Business Upgrade discs as well as a licence. I had forgotten about that until now, but I initially installed XP, until my friend convinced me to upgrade.

Okay, so I'm going to un-install Blinds and Lockbox then download all the updates, temporarily remove Avast! and download SP1. 
Annoying that the 01 dump was corrupted, that was the one I did on purpose with the bug checker running. Still, if these have found the error anyway it won't matter. 

It's strange, I'm having trouble un-installing Windows Blinds because it's not in the registry nor can I find it in Program Files, but I ended up clicking random folders in the C:/ and accidently opened a temporary hidden system folder, which caused the computer to blue screen. Usually it just displays a few read-only .file types or something. But the crash code was;
BCCode:	19
BCP1:	00000020
BCP2:	85D62000
BCP3:	85D62A00
BCP4:	09400000

The first two codes are the same as the Lockbox crash. Strange, so I'm going to un-install that one first.


----------



## jcgriff2 (Sep 30, 2007)

Hi. . .

Thank you for clarifying copy of Vista. It is odd to see 2006 on all the drivers and getting Windows Updates and your manufacturer's driver updates in are now of utmost importance.

It really won't serve a purpose to continue looking at dump files as there were well over 100 Windows Updates and hotfixes, many of which are rolled up into Vista SP1 and it is these updates that should quell most if not all BSODs.

However, if your system is not stable enough to get the updates in than we are in a catch-22.

So first, let's run the Vista System File Checker/repair utility - SFC -
START | type cmd.exe into the start search box | right-click on cmd.exe | select run as Administrator | the black command prompt ("DOS") screen will appear | type the following:

```
[b][size=3]sfc /scannow[/b][/size]
```
Let it run - there is no min/max time - may be 10 min, it may be an hour or two. There may be a message that it could not fix certain files... for now that is OK as some may be b/c the system is using them and they will be repaired upon re-boot. So, please re-boot.

Go to Windows Updates and let them come in. If you experience problems with any, please let me know. During update process, please do not use your system... let the updates do their job.


For info, the BSOD you posted about has a bugcheck of 0x00000019 (0x00000020, 0x85D62000, 0x85D62A00, 0x09400000). 0x19 = BAD_POOL_HEADER. The 1st parm inside the parenthesis of 0x20 tells us that the pool block header size is corrupt. There was no attached dump file. That's OK for now... please follow instructions above.

Regards. . .

jcgriff2

.


----------



## Fortnox (May 1, 2007)

Maybe this will help focus in on the problem, I just took a look at my update history after I realised my "updates to install" count hasn't gone below 9 for the past month. I noticed more than half my updates have come up as "failed" with the error "8000FFFF". The error first appeared the third time I tried to update and has plagued more than half the updates since. Windows never actually alerted me of this, it's pretty annoying that it's happening. I think I once had a similiar problem with the auto update that I had to fix by entering the registry and changing a small value, but maybe that was before I reformatted. :S

as for SFC, I did just as you said- including starting as an admin- and it just comes up with "Windows Resource Protection could not perform the requested operation".


----------



## jcgriff2 (Sep 30, 2007)

Hi. . .


The code - 0x8000ffff = " E_UNEXPECTED " - most likely in this case b/c Windows Updates cannot install the new version of the Installer.

The reason for this I believe to involve this: 

```
[color=red]Microsoft Update Machine  	crack.exe[/color] 

LOGAN-20\Fortnox	HKU\S-1-5-21-1343024091-1085031214-839522115-1003
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
```
There are 2 options here:

1. Re-format and re-install Vista - my preferred method here since your installation has not really progressed forward since Nov 2006 - the date on all MS modules.

2. Proceed to our Security Center, HiJackThis Log Help to have your system dis-infected as it appears that something is in your system that should not be. If you go this route, be sure to follow these 5 steps before posting your HiJackThis log in the HJT forum:


IMPORTANT – Read This Before Posting For Malware Removal Help

Regards. . .

jcgriff2

.


----------



## Fortnox (May 1, 2007)

In that case I'll definitly reformat, but Vista 64 this time. I'll simply run all updates and SP1 before installing anything or going anywhere, to make sure nothing can stop the automatic updater working. I can't imagine what did this, I must've caught something malicious, although I expected Avast! to protect me. 

I really don't want to set up all my programs again though; so if I get an external HDD and use ntbackup to create a backup of all my programs and the registry, will I simply be able to add that again after reformatting, or is there a chance it'd bring the error accross? 

Seems like the absolute fix-all as my installation is so messed up, so thanks big time for all your help.


----------



## jcgriff2 (Sep 30, 2007)

Hi. . .

All programs will have to be re-installed regardless if you stay w/x86 or go to x64.

You can copy out all personal files - docs, music, etc... but I would be very cautious and check these thoroughly for any infection.

Can your system handle x64 - and can you obtain x64 drivers for all devices?

Regards. . .

jcgriff2

.


----------



## Fortnox (May 1, 2007)

It can, in fact I've used x64 on it before now. Looking back, it was more stable than 32-bit. Although, I can't remember what lead to me reformatting last time.


----------



## jcgriff2 (Sep 30, 2007)

OK then - you should not have issues w/x64 and drivers if you have had x64 on that system before.

Good Luck and please let me know of outcome.

Regards. . .

JC

.


----------

