Windows XP 0x000000C2 BSOD

C

ClickRight

Member
Reaction score
18
Location
BC, Canada
Ok, client called me late yesterday with an emergency. He needs to work and his laptop is stuck on a blue screen. He said he recently installed a new Lexmark 543dn printer and he noticed his pc was running slow. He opened the task manager and found multiple instances of realplay.exe running. he decided to take it upon himself to run remove-it, but apparently it didn't do anything, he rebooted and got a blue screen.

I have tried:
  • Check and test hard drive: PASS
  • Test Memory (Memtest - 2 pases): PASS
  • Safe mode
  • Last known good config
  • Using WinDbg to find the source of the blue screen (unsuccessfully)
  • Running chkdsk (no issues found)
  • Manually restored the registry to Nov 11: No change
  • Running a virus scan with norman Malware cleaner (in progress...)

Unfortunately it's an ancient HP with a nearly full 160GB drive so the virus scan is taking forever. I really don't want to have to do a repair install on this ancient machine because I know it will take several days with all the updates, etc. as it's so old and slow and my client is waiting. Does anybody have any suggestions before I have to do the last resort?
 
ClickRight said:
He opened the task manager and found multiple instances of realplay.exe running. he decided to take it upon himself to run remove-it but apparently it didn't do anything, he rebooted and got a blue screen.
Click to expand...

I think the biggest problem is that the user had an issue and then made it worse. The fact he could get the machine running but then after "fixing" it now its dead on a BSOD. If you can do an offline SFC or double check that there is no lexmark printer driver remaining that might help, but in the end your customer might have made a mess that is too much work to fix economically.
 
NYJimbo said:
I think the biggest problem is that the user had an issue and then made it worse. The fact he could get the machine running but then after "fixing" it now its dead on a BSOD. If you can do an offline SFC or double check that there is no lexmark printer driver remaining that might help, but in the end your customer might have made a mess that is too much work to fix economically.
Click to expand...

I wish I could run SFC. Tried from D7 and manually form my bench machine only to receive "Windows Resource Protection could not start the repair service" Yes I agree, what a mess--I can't find the log for remove-it either!
 
ClickRight said:
I wish I could run SFC. Tried from D7 and manually form my bench machine only to receive "Windows Resource Protection could not start the repair service" Yes I agree, what a mess--I can't find the log for remove-it either!
Click to expand...

Customer made the issue worse. Work with that and bill accordingly. I dont mean be a douchebag about it, but let them know they PROBABLY made it worse and the "only" solution is a reload.

Sure, you could try to be a hero and work through it, but who knows what they really did and what do you do at this point?
 
2 things... 1. It's my experience that the OS can get very corrupted when the hard drive is very full, most likely due to bad sectors. 2. His trying to fix it and his issues with realplay are probably because it is very full and no space left.

I'd pull what data I could get and maybe loan him a PC with his data, then clone drive, chkdsk to fix file structure, repair OS, etc. But, might not be worth it on this old machine.
 
I'd uninstall that hoakie remove-it package.
Uninstall the lexmark drivers....go into printers...print server, drivers tab, more thoroughly remove the lexmark...and look for any remaining service that lexmark drivers typically leave.

I'd then shoot for a manual restore of the registry from the snapshot folder...go back a couple of days. Should be fine from there.

And then do a malware scan with some good products.
Run all updates, BIOS flash, drivers, and then attempt to get the latest drivers for that lexmark and get it working.
 
YeOldeStonecat said:
I'd uninstall that hoakie remove-it package.
Uninstall the lexmark drivers....go into printers...print server, drivers tab, more thoroughly remove the lexmark...and look for any remaining service that lexmark drivers typically leave.

I'd then shoot for a manual restore of the registry from the snapshot folder...go back a couple of days. Should be fine from there.

And then do a malware scan with some good products.
Run all updates, BIOS flash, drivers, and then attempt to get the latest drivers for that lexmark and get it working.
Click to expand...

But he is stuck in a BSOD with no work around. Unless I am missing something.
 
NYJimbo said:
But he is stuck in a BSOD with no work around. Unless I am missing something.
Click to expand...

You got it. What's odd is I can get to the login screen for about 10 seconds before the BSOD takes over. I figure the manual registry restore I did from the snapshot folder should have disabled anything new from Lexmark or remove-it starting up at all as their entries would no longer be in the registry?
 
I haven't seen the details on what happened with safe mode. "I have tried: safe mode".....OK..."What" did you try in safe mode? Did it fail to get to desktop? Can you do safe mode w/command prompt and then manually launch explorer?

Lacking details...just looking to offer something, "unless I'm missing something that you know that isn't in the thread." Thought others were allowed to help, but if you're claiming exclusive rights to be the only helper...you got it.
 
ClickRight said:
What's odd is I can get to the login screen for about 10 seconds before the BSOD takes over.
Click to expand...

I hate it when there appears to be some hope, but no matter what you do you can't save it. That 10 second login sounds like you have an edge, but if you can't figure out how to make it last longer, you can be on this for a week and still end up with nothing. Ultimately the customer did something to "fix" the machine, but made it worse and regardless of what they said, you really do not know what that is.

Still going with a reload on this one. Not enough hours in a day.......
 
YeOldeStonecat said:
Lacking details...just looking to offer something, "unless I'm missing something that you know that isn't in the thread." Thought others were allowed to help, but if you're claiming exclusive rights to be the only helper...you got it.
Click to expand...

Dude, I'm not jumping on you, but I was just saying the OP claimed to be in a BSOD and cant do the things you were recommending.
 
Try using Autoruns. It has an option to "Analyse Offline System" which should allow you to stop whatever is kicking in just after you boot...
 
YeOldeStonecat said:
I haven't seen the details on what happened with safe mode. "I have tried: safe mode".....OK..."What" did you try in safe mode? Did it fail to get to desktop? Can you do safe mode w/command prompt and then manually launch explorer?

Lacking details...just looking to offer something, "unless I'm missing something that you know that isn't in the thread." Thought others were allowed to help, but if you're claiming exclusive rights to be the only helper...you got it.
Click to expand...

I'm sorry for the lack of details. Just work up and not fully running yet. I just tried safe mode with command prompt -- it works! I am going to try a couple things and report back.
 
seedubya said:
Try using Autoruns. It has an option to "Analyse Offline System" which should allow you to stop whatever is kicking in just after you boot...
Click to expand...

You know, I have tried that so many times, on so many computers just to have Autoruns crash every single time so I gave up on it. I'm always using the latest version. Does it actually work for you?
 
ClickRight said:
You know, I have tried that so many times, on so many computers just to have Autoruns crash every single time so I gave up on it. I'm always using the latest version. Does it actually work for you?
Click to expand...

I have had plenty of crashes with it alright but plenty of successes too. I've had luck changing the permissions on drives where Autoruns crashed trying to open the registry.
 
seedubya said:
I have had plenty of crashes with it alright but plenty of successes too. I've had luck changing the permissions on drives where Autoruns crashed trying to open the registry.
Click to expand...

Ok good to know, guess I've just had bad luck!

Now I'm having GOOD luck. Got SFC to run... finding lots of issues. Definitely a previous TDL3 infection on here also. Working on it now :)
 
You must log in or register to reply here.

Similar threads

Fred Claus
Reinstalling Garmin
Replies
4
Views
322
Fred Claus
Fred Claus
HCHTech
Odd MB failure
Replies
2
Views
446
HCHTech
HCHTech
thecomputerguy
7 Brand new computers all intermittently blue screening, I'm at a loss here.
3 4 5
Replies
86
Views
6K
thecomputerguy
thecomputerguy
timeshifter
Trying to open Bitlocker drive results in BSOD
Replies
7
Views
681
HCHTech
HCHTech
Rosco
RTX 3090 Ti issue
Replies
9
Views
830
Blues
Blues
Back
Top