Update: May 2011
Icrontic recommends updated security software from
ZoneAlarm,
Avira,
Trend Micro,
Symantec,
F-Secure,
Kaspersky, or
AVG.
This official Icrontic guide
summarizes and replaces the info in this discussion:
Fix the 0x0000008E BSOD once and for all
Greetings & Salutations!
For the past two days I have worked on two machines at the shop that would just reboot on thier own, after shutting off the Automatic Restart option. That wonderful
STOP: 0x0000008E (0xC0000005... BSOD appeared on the screen.
(Both machines worked fine till the users "Opened a file they received through msn messenger" :banghead: )
Safe Mode works fine, just reboots in Normal Mode.
From safe mode cmd prompt only I scanned with F-Prot, Ad-Aware, SpyBot & HijackThis... All things cleaned up or shutoff...
(Norton was on one of the machines but it was not working and you didn't have enough time to check anything in Normal mode.)
Rebooted and within a few minutes... STOP: 0x0000008E again... rebooted in safe mode again shut everything off in MSConfig, ran Rootkit Revealer from sysinternals which found nothing... rebooted and same BSOD again...
Searched Google for 0x0000008E errors and got the standard, "Ram problem, Driver Problem, PS Weak... Tested Ram with memtest, changed the power supply and still no go...
Another site was talking about posting minidumps for them to look at, so I looked into one of the minidumps and found:
Rustock rootkit v 1.2
Z:\NewProjects\spambot\new\driver\objfre\i386\driver.pdbA little more Google revealed that this Rootkit, once installed is undetectable by anything, quite the amazing little piece of code...
Symantec's info on the Rustock RootkitThis was it the B version... I followed the directions on Symantec's site to remove it by booting into recovery console from an XP CD. (You cannot detect it in Safe Mode)
Once there I used "Disable pe386" to shut off the rootkit... I looked while in safe mode for this service and it WAS NOT there... Since it loads with kernel / driver data, it hides everything about itself...
Symantec's Cleanup Instructions...Rebooted in Normal mode and no more BSOD, reinstalled NAV and started it scanning when I left the shop... I will run ADSSpy again and see if it finds the alternate data stream now...
I realize that this is not the only cause of 0x8e errors but this was my problem, and since there were two machines in the shop with the same problem, I can see more of these coming in for repair...
Hope this helps those who have just recently developed STOP: 0x0000008E errors.
troll
troll
Member
Articles RSS
Comments
TIA, Paul
From Microsoft: The file created should appear in the root of the drive where Windows is installed. As for being "easy to read and understand", it may be, but it might just look like gibberish unless you know what you're looking for. You can attach a copy of the dump file here and we'll have a look.
You could also try right-clicking My Computer, then go to Properties>>Advanced>>Startup and Recovery Settings, then uncheck Automatically Restart.
It will produce a BSOD with an error code. Let us know what it is and we'll try and help. :)
Len
I spent 2 days on these boxes much to the nattering of my boss wondering who was going to pay for the time to fix them instead of a quick reload...
Other sites had mentioned that viruses / malware were going to go this way with rootkits and all... Lets hope not as I hate reloading a box when I can bring it back from the dead...
Again, glad to hear the info has helped. :)
troll
troll
0x0000008e ( 0xc0000005, 0x8439a00a, 0x8d63ab4c, 0x00000000
could it be that I have this rootkit too?
I dont have any other problem at all with my computer,and I can easily play rainbow six las vegas on it without it crashing etc..
I HAVE noticed that the computer is a little bit slower then it was just some weeks earlier..but that could depend on anything..
could anyone help me,if its the same rootkit,or anything else?
Download RustBFix from one of the following locations...
http://www.uploads.ejvindh.net/rustbfix.exe
http://uploads.ejvindh.andymanchesta.com/Rustbfix.exe
...and save it to your desktop.
Double click on rustbfix.exe to run the tool. If a Rustock.b-infection is found, you will shortly hereafter be asked to reboot the computer. The reboot will probably take quite a while, and perhaps 2 reboots will be needed. But this will happen automatically. After the reboot 2 logfiles will open (%root%\avenger.txt & %root%\rustbfix\pelog.txt).
this is what it says when the computer crashes..(if I didnt write it earlier,cant remember) 0x0000008e ( 0xc0000005, 0x8439a00a, 0x8d63ab4c, 0x00000000
I tried..but it said there was nothing wrong..uuuugh..I go crazy soon :confused:
my BSoD code is:
0x0000008e (0xc0000005, 0xa9f2decc, 0xaa0e7afc, 0x00000000)
GRTDIMON.SYS address a9f2decc, date stamp 4506F1AE
please help
You have to uninstall their Security Manager
http://www.comcast.com/Customers/FAQ/FaqDetails.ashx?Id=2504
Or if it wont Uninstall Properly
http://www.comcast.net/help/faq/index.jsp?faq=ServicesSecurity_Manager18106
Other than that more info is needed as to when this BSoD happens, Normal Mode Only, Safe Mode, on Bootup, after a while, when a specific program launches etc...
1) cox parental software
2) harry pottery game pack.
i dont think its the cox software as i also installed it on an identical machine for my other daughter. but i could be as it doesnt really work for media center 2002 edition.
on a side note if any one knows of good parental software (i.e. something that can limit internet time as well as what sites and can record every thing ) for relativly cheap; please let me know
*** STOP: 0x0000008E (0xc0000005, 0x804EF579, 0xB561886C, 0x00000000)
What does that mean? What can i do to fix it? Please email me back at [email removed]
Thanks very much!!!
Jen
I removed your e-mail address. Posting it on a public forum like this will get it picked up by spammers, and we don't send e-mails - we answer questions on the forum.
Cheers!
right now at the moment I have put a new hard-drive into the computer from the store and installed Windows XP Pro on it but I am still getting this erroe message
Stop: 0X0000008E (0XC0000005, 0X805847DF, 0XF090FB00, 0X00000000)
I also had Dumper 0 -k showing up in MSconfig but I was able to fix that problem... I think... I right clicked My Computer went to Advanced, Startup and Recovery Settings. Under System Failure I unchecked Automatically Restart and under Write debugging information I changed it to (None)
so this doesn't seem to pop-up anymore but it might help you... no idea
seeing as how this problem started after I had hit the side of my tower I have doubts that it is that virus thing but I also tried swapping my RAM in and out to see if that was the problem but nothing.
any ideas?
The error code is:
**STOP: 0x0000008E (0xC0000005, 0x864897E2, 0xf7223CA0, 0c00000000)
I have tried rebooting into Safe mode to run Memtest, and to try and look at the mini Dump, but Anytime I try and access My Computer, it Crashes again...
I can't seem to get it to run ANYTHING to try and analyze the problem...
Any Ideas on what I can do here?
Thanks in advance!
Dave