[Devel] ACPI table code of Lenovo G710 corrupted?

[Devel] ACPI table code of Lenovo G710 corrupted?

[David Renz]

[-- Attachment #1: Type: text/plain, Size: 1540 bytes --]

Hello everyone,

I own a Lenovo G710 notebook (here one can see the exact model:
http://postimg.org/image/rm5vjgkb5/), and I find that the code stored in
its ACPI tables, which I extracted using the Windows tool "Read&Write
Everything", leads to strange/suspicious results when I submitted it to
malwr.com:
https://malwr.com/analysis/MjZkOGU4Y2ZmMGM5NDQ1Njg5OTc4NTVlOTQ5NThiMmY/

Why should the ACPI table code lead to the deployment of files related to
Microsoft office, which is not even installed right after having installed
Windows?

And looking at the section "Registry keys":
Isn't it strange that this code causes all those registry changes,
especially regarding all those "InProcServer32" entries?


Could anyone, who owns the same model, try to extract its ACPI tables and
submit them to malwr.com in order to check if this leads to the same
results? And if one should thinks of this code being corrupted, then I
guess it would be a good idea to perform a comparison in order to find
differences and to check what those would imply.
I uploaded the extracted ACPI tables of my notebook on GoogleDrive:
https://drive.google.com/file/d/0B62Y5Qk_rdbWamlXRXZBSkJQYkU/view?usp=sharing

Under Pentoo Linux (and any other Linux distro I tried) the dmesg output
also shows quite many ACPI related error messages (starting at second 13):
https://drive.google.com/file/d/0B62Y5Qk_rdbWMGJNVnpXcVBIbEE/view?usp=sharing


Thanks in advance and best wishes

David






Best wishes and thanks in advance

[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 2135 bytes --]

Re: [Devel] ACPI table code of Lenovo G710 corrupted?

[David Renz]

[-- Attachment #1: Type: text/plain, Size: 5280 bytes --]

Yes, that sounds like a logical explanation to me - Thanks for providing
this link. Obviously the ACPI code can be considered as being harmless
looking at this.

On Tue, Nov 17, 2015 at 11:57 PM, Moore, Robert <robert.moore(a)intel.com>
wrote:

>
> http://arstechnica.com/information-technology/2015/08/lenovo-used-windows-anti-theft-feature-to-install-persistent-crapware/
>
>
>
>
>
> *From:* Devel [mailto:devel-bounces(a)acpica.org] *On Behalf Of *Moore,
> Robert
> *Sent:* Tuesday, November 17, 2015 2:53 PM
> *To:* David Renz; devel(a)acpica.org
>
> *Subject:* Re: [Devel] ACPI table code of Lenovo G710 corrupted?
>
>
>
> I just remembered something about Lenovo machines using one of the ACPI
> tables to install “unwanted software”. If you delete the files, they just
> keep coming back.
>
>
>
> I don’t know anything more about it, perhaps someone on the list can help.
>
> Bob
>
>
>
>
>
> *From:* Moore, Robert
> *Sent:* Tuesday, November 17, 2015 2:39 PM
> *To:* 'David Renz'; devel(a)acpica.org
> *Subject:* RE: [Devel] ACPI table code of Lenovo G710 corrupted?
>
>
>
> I don’t think they know what they are talking about.
>
>
>
>
>
> *From:* David Renz [mailto:sun.kisses.horizon(a)gmail.com
> <sun.kisses.horizon(a)gmail.com>]
> *Sent:* Tuesday, November 17, 2015 2:31 PM
> *To:* Moore, Robert; devel(a)acpica.org
> *Subject:* RE: [Devel] ACPI table code of Lenovo G710 corrupted?
>
>
>
> Because I extracted the ACPI code and submitted it to malwr.com, whose
> analysis shows what the code causes / does. That's why I think it's related
> to ACPI code.
>
> Am 17.11.2015 23:27 schrieb "Moore, Robert" <robert.moore(a)intel.com>:
>
> I don’t know all of the windows internals, but what exactly makes you
> think that this stuff is related to ACPI?
>
>
>
>
>
> *From:* David Renz [mailto:sun.kisses.horizon(a)gmail.com]
> *Sent:* Tuesday, November 17, 2015 2:18 PM
> *To:* Moore, Robert
> *Cc:* devel(a)acpica.org
> *Subject:* Re: [Devel] ACPI table code of Lenovo G710 corrupted?
>
>
>
> Sorry, but how can't you see that this is related to the code stored in
> the ACPI tables?
>
> I extracted it and submitted the file to malwr.com, whose analysis shows
> what this ACPI code would cause on a Windows system. And why / how can this
> code cause all the stuff being visible under the sections "Files" and
> "Registry"?
>
>
>
> On Tue, Nov 17, 2015 at 10:57 PM, Moore, Robert <robert.moore(a)intel.com>
> wrote:
>
> There are some issues with this machine, but these are more linux-specific
> and I can’t help with those.
>
> [   13.115675] ACPI Warning: SystemIO range
> 0x0000000000005040-0x000000000000505F conflicts with OpRegion
> 0x0000000000005040-0x000000000000504F (\_SB_.PCI0.SBUS.SMBI)
> (20150204/utaddress-254)
> [   13.115683] ACPI: If an ACPI driver is available for this device, you
> should use it instead of the native driver
>
> [   13.426574] [Firmware Bug]: ACPI(PEGP) defines _DOD but not _DOS
> [   13.426902] ACPI: Video Device [PEGP] (multi-head: yes  rom: yes  post:
> no)
> [   13.426908] ACPI Error: [\_SB_.PCI0.GFX0.DD02._BCL] Namespace lookup
> failure, AE_NOT_FOUND (20150204/psargs-359)
> [   13.426913] ACPI Error: Method parse/execution failed
> [\_SB_.PCI0.PEG0.PEGP.DD02._BCL] (Node ffff8802560f8e38), AE_NOT_FOUND
> (20150204/psparse-536)
> [   13.426972] input: Video Bus
>
>
>
>
> From: Devel [mailto:devel-bounces(a)acpica.org] On Behalf Of David Renz
> Sent: Tuesday, November 17, 2015 11:31 AM
> To: devel(a)acpica.org
> Subject: [Devel] ACPI table code of Lenovo G710 corrupted?
>
> Hello everyone,
>
> I own a Lenovo G710 notebook (here one can see the exact model:
> http://postimg.org/image/rm5vjgkb5/), and I find that the code stored in
> its ACPI tables, which I extracted using the Windows tool "Read&Write
> Everything", leads to strange/suspicious results when I submitted it to
> malwr.com:
> https://malwr.com/analysis/MjZkOGU4Y2ZmMGM5NDQ1Njg5OTc4NTVlOTQ5NThiMmY/
>
> Why should the ACPI table code lead to the deployment of files related to
> Microsoft office, which is not even installed right after having installed
> Windows?
>
> And looking at the section "Registry keys":
> Isn't it strange that this code causes all those registry changes,
> especially regarding all those "InProcServer32" entries?
>
>
> Could anyone, who owns the same model, try to extract its ACPI tables and
> submit them to malwr.com in order to check if this leads to the same
> results? And if one should thinks of this code being corrupted, then I
> guess it would be a good idea to perform a comparison in order to find
> differences and to check what those would imply.
> I uploaded the extracted ACPI tables of my notebook on GoogleDrive:
>
> https://drive.google.com/file/d/0B62Y5Qk_rdbWamlXRXZBSkJQYkU/view?usp=sharing
> Under Pentoo Linux (and any other Linux distro I tried) the dmesg output
> also shows quite many ACPI related error messages (starting at second 13):
>
> https://drive.google.com/file/d/0B62Y5Qk_rdbWMGJNVnpXcVBIbEE/view?usp=sharing
>
> Thanks in advance and best wishes
> David
>
>
>
>
>
> Best wishes and thanks in advance
>
>
>

[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 11606 bytes --]

Re: [Devel] ACPI table code of Lenovo G710 corrupted?

[Moore, Robert]

[-- Attachment #1: Type: text/plain, Size: 4934 bytes --]

http://arstechnica.com/information-technology/2015/08/lenovo-used-windows-anti-theft-feature-to-install-persistent-crapware/


From: Devel [mailto:devel-bounces(a)acpica.org] On Behalf Of Moore, Robert
Sent: Tuesday, November 17, 2015 2:53 PM
To: David Renz; devel(a)acpica.org
Subject: Re: [Devel] ACPI table code of Lenovo G710 corrupted?

I just remembered something about Lenovo machines using one of the ACPI tables to install “unwanted software”. If you delete the files, they just keep coming back.

I don’t know anything more about it, perhaps someone on the list can help.
Bob


From: Moore, Robert
Sent: Tuesday, November 17, 2015 2:39 PM
To: 'David Renz'; devel(a)acpica.org<mailto:devel(a)acpica.org>
Subject: RE: [Devel] ACPI table code of Lenovo G710 corrupted?

I don’t think they know what they are talking about.


From: David Renz [mailto:sun.kisses.horizon(a)gmail.com]
Sent: Tuesday, November 17, 2015 2:31 PM
To: Moore, Robert; devel(a)acpica.org<mailto:devel(a)acpica.org>
Subject: RE: [Devel] ACPI table code of Lenovo G710 corrupted?


Because I extracted the ACPI code and submitted it to malwr.com<http://malwr.com>, whose analysis shows what the code causes / does. That's why I think it's related to ACPI code.
Am 17.11.2015 23:27 schrieb "Moore, Robert" <robert.moore(a)intel.com<mailto:robert.moore(a)intel.com>>:
I don’t know all of the windows internals, but what exactly makes you think that this stuff is related to ACPI?


From: David Renz [mailto:sun.kisses.horizon(a)gmail.com<mailto:sun.kisses.horizon(a)gmail.com>]
Sent: Tuesday, November 17, 2015 2:18 PM
To: Moore, Robert
Cc: devel(a)acpica.org<mailto:devel(a)acpica.org>
Subject: Re: [Devel] ACPI table code of Lenovo G710 corrupted?

Sorry, but how can't you see that this is related to the code stored in the ACPI tables?
I extracted it and submitted the file to malwr.com<http://malwr.com>, whose analysis shows what this ACPI code would cause on a Windows system. And why / how can this code cause all the stuff being visible under the sections "Files" and "Registry"?

On Tue, Nov 17, 2015 at 10:57 PM, Moore, Robert <robert.moore(a)intel.com<mailto:robert.moore(a)intel.com>> wrote:
There are some issues with this machine, but these are more linux-specific and I can’t help with those.

[   13.115675] ACPI Warning: SystemIO range 0x0000000000005040-0x000000000000505F conflicts with OpRegion 0x0000000000005040-0x000000000000504F (\_SB_.PCI0.SBUS.SMBI) (20150204/utaddress-254)
[   13.115683] ACPI: If an ACPI driver is available for this device, you should use it instead of the native driver

[   13.426574] [Firmware Bug]: ACPI(PEGP) defines _DOD but not _DOS
[   13.426902] ACPI: Video Device [PEGP] (multi-head: yes  rom: yes  post: no)
[   13.426908] ACPI Error: [\_SB_.PCI0.GFX0.DD02._BCL] Namespace lookup failure, AE_NOT_FOUND (20150204/psargs-359)
[   13.426913] ACPI Error: Method parse/execution failed [\_SB_.PCI0.PEG0.PEGP.DD02._BCL] (Node ffff8802560f8e38), AE_NOT_FOUND (20150204/psparse-536)
[   13.426972] input: Video Bus




From: Devel [mailto:devel-bounces(a)acpica.org<mailto:devel-bounces(a)acpica.org>] On Behalf Of David Renz
Sent: Tuesday, November 17, 2015 11:31 AM
To: devel(a)acpica.org<mailto:devel(a)acpica.org>
Subject: [Devel] ACPI table code of Lenovo G710 corrupted?
Hello everyone,

I own a Lenovo G710 notebook (here one can see the exact model: http://postimg.org/image/rm5vjgkb5/), and I find that the code stored in its ACPI tables, which I extracted using the Windows tool "Read&Write Everything", leads to strange/suspicious results when I submitted it to malwr.com<http://malwr.com>:
https://malwr.com/analysis/MjZkOGU4Y2ZmMGM5NDQ1Njg5OTc4NTVlOTQ5NThiMmY/

Why should the ACPI table code lead to the deployment of files related to Microsoft office, which is not even installed right after having installed Windows?

And looking at the section "Registry keys":
Isn't it strange that this code causes all those registry changes, especially regarding all those "InProcServer32" entries?


Could anyone, who owns the same model, try to extract its ACPI tables and submit them to malwr.com<http://malwr.com> in order to check if this leads to the same results? And if one should thinks of this code being corrupted, then I guess it would be a good idea to perform a comparison in order to find differences and to check what those would imply.
I uploaded the extracted ACPI tables of my notebook on GoogleDrive:
https://drive.google.com/file/d/0B62Y5Qk_rdbWamlXRXZBSkJQYkU/view?usp=sharing
Under Pentoo Linux (and any other Linux distro I tried) the dmesg output also shows quite many ACPI related error messages (starting at second 13):
https://drive.google.com/file/d/0B62Y5Qk_rdbWMGJNVnpXcVBIbEE/view?usp=sharing

Thanks in advance and best wishes
David





Best wishes and thanks in advance


[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 13797 bytes --]

Re: [Devel] ACPI table code of Lenovo G710 corrupted?

[Moore, Robert]

[-- Attachment #1: Type: text/plain, Size: 4557 bytes --]

I just remembered something about Lenovo machines using one of the ACPI tables to install “unwanted software”. If you delete the files, they just keep coming back.

I don’t know anything more about it, perhaps someone on the list can help.
Bob


From: Moore, Robert
Sent: Tuesday, November 17, 2015 2:39 PM
To: 'David Renz'; devel(a)acpica.org
Subject: RE: [Devel] ACPI table code of Lenovo G710 corrupted?

I don’t think they know what they are talking about.


From: David Renz [mailto:sun.kisses.horizon(a)gmail.com]
Sent: Tuesday, November 17, 2015 2:31 PM
To: Moore, Robert; devel(a)acpica.org<mailto:devel(a)acpica.org>
Subject: RE: [Devel] ACPI table code of Lenovo G710 corrupted?


Because I extracted the ACPI code and submitted it to malwr.com<http://malwr.com>, whose analysis shows what the code causes / does. That's why I think it's related to ACPI code.
Am 17.11.2015 23:27 schrieb "Moore, Robert" <robert.moore(a)intel.com<mailto:robert.moore(a)intel.com>>:
I don’t know all of the windows internals, but what exactly makes you think that this stuff is related to ACPI?


From: David Renz [mailto:sun.kisses.horizon(a)gmail.com<mailto:sun.kisses.horizon(a)gmail.com>]
Sent: Tuesday, November 17, 2015 2:18 PM
To: Moore, Robert
Cc: devel(a)acpica.org<mailto:devel(a)acpica.org>
Subject: Re: [Devel] ACPI table code of Lenovo G710 corrupted?

Sorry, but how can't you see that this is related to the code stored in the ACPI tables?
I extracted it and submitted the file to malwr.com<http://malwr.com>, whose analysis shows what this ACPI code would cause on a Windows system. And why / how can this code cause all the stuff being visible under the sections "Files" and "Registry"?

On Tue, Nov 17, 2015 at 10:57 PM, Moore, Robert <robert.moore(a)intel.com<mailto:robert.moore(a)intel.com>> wrote:
There are some issues with this machine, but these are more linux-specific and I can’t help with those.

[   13.115675] ACPI Warning: SystemIO range 0x0000000000005040-0x000000000000505F conflicts with OpRegion 0x0000000000005040-0x000000000000504F (\_SB_.PCI0.SBUS.SMBI) (20150204/utaddress-254)
[   13.115683] ACPI: If an ACPI driver is available for this device, you should use it instead of the native driver

[   13.426574] [Firmware Bug]: ACPI(PEGP) defines _DOD but not _DOS
[   13.426902] ACPI: Video Device [PEGP] (multi-head: yes  rom: yes  post: no)
[   13.426908] ACPI Error: [\_SB_.PCI0.GFX0.DD02._BCL] Namespace lookup failure, AE_NOT_FOUND (20150204/psargs-359)
[   13.426913] ACPI Error: Method parse/execution failed [\_SB_.PCI0.PEG0.PEGP.DD02._BCL] (Node ffff8802560f8e38), AE_NOT_FOUND (20150204/psparse-536)
[   13.426972] input: Video Bus




From: Devel [mailto:devel-bounces(a)acpica.org<mailto:devel-bounces(a)acpica.org>] On Behalf Of David Renz
Sent: Tuesday, November 17, 2015 11:31 AM
To: devel(a)acpica.org<mailto:devel(a)acpica.org>
Subject: [Devel] ACPI table code of Lenovo G710 corrupted?
Hello everyone,

I own a Lenovo G710 notebook (here one can see the exact model: http://postimg.org/image/rm5vjgkb5/), and I find that the code stored in its ACPI tables, which I extracted using the Windows tool "Read&Write Everything", leads to strange/suspicious results when I submitted it to malwr.com<http://malwr.com>:
https://malwr.com/analysis/MjZkOGU4Y2ZmMGM5NDQ1Njg5OTc4NTVlOTQ5NThiMmY/

Why should the ACPI table code lead to the deployment of files related to Microsoft office, which is not even installed right after having installed Windows?

And looking at the section "Registry keys":
Isn't it strange that this code causes all those registry changes, especially regarding all those "InProcServer32" entries?


Could anyone, who owns the same model, try to extract its ACPI tables and submit them to malwr.com<http://malwr.com> in order to check if this leads to the same results? And if one should thinks of this code being corrupted, then I guess it would be a good idea to perform a comparison in order to find differences and to check what those would imply.
I uploaded the extracted ACPI tables of my notebook on GoogleDrive:
https://drive.google.com/file/d/0B62Y5Qk_rdbWamlXRXZBSkJQYkU/view?usp=sharing
Under Pentoo Linux (and any other Linux distro I tried) the dmesg output also shows quite many ACPI related error messages (starting at second 13):
https://drive.google.com/file/d/0B62Y5Qk_rdbWMGJNVnpXcVBIbEE/view?usp=sharing

Thanks in advance and best wishes
David





Best wishes and thanks in advance


[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 12223 bytes --]

Re: [Devel] ACPI table code of Lenovo G710 corrupted?

[David Renz]

[-- Attachment #1: Type: text/plain, Size: 4258 bytes --]

They just let the code run in a sandbox, it's an automatic process.
Am 17.11.2015 23:38 schrieb "Moore, Robert" <robert.moore(a)intel.com>:

> I don’t think they know what they are talking about.
>
>
>
>
>
> *From:* David Renz [mailto:sun.kisses.horizon(a)gmail.com]
> *Sent:* Tuesday, November 17, 2015 2:31 PM
> *To:* Moore, Robert; devel(a)acpica.org
> *Subject:* RE: [Devel] ACPI table code of Lenovo G710 corrupted?
>
>
>
> Because I extracted the ACPI code and submitted it to malwr.com, whose
> analysis shows what the code causes / does. That's why I think it's related
> to ACPI code.
>
> Am 17.11.2015 23:27 schrieb "Moore, Robert" <robert.moore(a)intel.com>:
>
> I don’t know all of the windows internals, but what exactly makes you
> think that this stuff is related to ACPI?
>
>
>
>
>
> *From:* David Renz [mailto:sun.kisses.horizon(a)gmail.com]
> *Sent:* Tuesday, November 17, 2015 2:18 PM
> *To:* Moore, Robert
> *Cc:* devel(a)acpica.org
> *Subject:* Re: [Devel] ACPI table code of Lenovo G710 corrupted?
>
>
>
> Sorry, but how can't you see that this is related to the code stored in
> the ACPI tables?
>
> I extracted it and submitted the file to malwr.com, whose analysis shows
> what this ACPI code would cause on a Windows system. And why / how can this
> code cause all the stuff being visible under the sections "Files" and
> "Registry"?
>
>
>
> On Tue, Nov 17, 2015 at 10:57 PM, Moore, Robert <robert.moore(a)intel.com>
> wrote:
>
> There are some issues with this machine, but these are more linux-specific
> and I can’t help with those.
>
> [   13.115675] ACPI Warning: SystemIO range
> 0x0000000000005040-0x000000000000505F conflicts with OpRegion
> 0x0000000000005040-0x000000000000504F (\_SB_.PCI0.SBUS.SMBI)
> (20150204/utaddress-254)
> [   13.115683] ACPI: If an ACPI driver is available for this device, you
> should use it instead of the native driver
>
> [   13.426574] [Firmware Bug]: ACPI(PEGP) defines _DOD but not _DOS
> [   13.426902] ACPI: Video Device [PEGP] (multi-head: yes  rom: yes  post:
> no)
> [   13.426908] ACPI Error: [\_SB_.PCI0.GFX0.DD02._BCL] Namespace lookup
> failure, AE_NOT_FOUND (20150204/psargs-359)
> [   13.426913] ACPI Error: Method parse/execution failed
> [\_SB_.PCI0.PEG0.PEGP.DD02._BCL] (Node ffff8802560f8e38), AE_NOT_FOUND
> (20150204/psparse-536)
> [   13.426972] input: Video Bus
>
>
>
>
> From: Devel [mailto:devel-bounces(a)acpica.org] On Behalf Of David Renz
> Sent: Tuesday, November 17, 2015 11:31 AM
> To: devel(a)acpica.org
> Subject: [Devel] ACPI table code of Lenovo G710 corrupted?
>
> Hello everyone,
>
> I own a Lenovo G710 notebook (here one can see the exact model:
> http://postimg.org/image/rm5vjgkb5/), and I find that the code stored in
> its ACPI tables, which I extracted using the Windows tool "Read&Write
> Everything", leads to strange/suspicious results when I submitted it to
> malwr.com:
> https://malwr.com/analysis/MjZkOGU4Y2ZmMGM5NDQ1Njg5OTc4NTVlOTQ5NThiMmY/
>
> Why should the ACPI table code lead to the deployment of files related to
> Microsoft office, which is not even installed right after having installed
> Windows?
>
> And looking at the section "Registry keys":
> Isn't it strange that this code causes all those registry changes,
> especially regarding all those "InProcServer32" entries?
>
>
> Could anyone, who owns the same model, try to extract its ACPI tables and
> submit them to malwr.com in order to check if this leads to the same
> results? And if one should thinks of this code being corrupted, then I
> guess it would be a good idea to perform a comparison in order to find
> differences and to check what those would imply.
> I uploaded the extracted ACPI tables of my notebook on GoogleDrive:
>
> https://drive.google.com/file/d/0B62Y5Qk_rdbWamlXRXZBSkJQYkU/view?usp=sharing
> Under Pentoo Linux (and any other Linux distro I tried) the dmesg output
> also shows quite many ACPI related error messages (starting at second 13):
>
> https://drive.google.com/file/d/0B62Y5Qk_rdbWMGJNVnpXcVBIbEE/view?usp=sharing
>
> Thanks in advance and best wishes
> David
>
>
>
>
>
> Best wishes and thanks in advance
>
>
>

[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 7971 bytes --]

Re: [Devel] ACPI table code of Lenovo G710 corrupted?

[Moore, Robert]

[-- Attachment #1: Type: text/plain, Size: 4105 bytes --]

I don’t think they know what they are talking about.


From: David Renz [mailto:sun.kisses.horizon(a)gmail.com]
Sent: Tuesday, November 17, 2015 2:31 PM
To: Moore, Robert; devel(a)acpica.org
Subject: RE: [Devel] ACPI table code of Lenovo G710 corrupted?


Because I extracted the ACPI code and submitted it to malwr.com<http://malwr.com>, whose analysis shows what the code causes / does. That's why I think it's related to ACPI code.
Am 17.11.2015 23:27 schrieb "Moore, Robert" <robert.moore(a)intel.com<mailto:robert.moore(a)intel.com>>:
I don’t know all of the windows internals, but what exactly makes you think that this stuff is related to ACPI?


From: David Renz [mailto:sun.kisses.horizon(a)gmail.com<mailto:sun.kisses.horizon(a)gmail.com>]
Sent: Tuesday, November 17, 2015 2:18 PM
To: Moore, Robert
Cc: devel(a)acpica.org<mailto:devel(a)acpica.org>
Subject: Re: [Devel] ACPI table code of Lenovo G710 corrupted?

Sorry, but how can't you see that this is related to the code stored in the ACPI tables?
I extracted it and submitted the file to malwr.com<http://malwr.com>, whose analysis shows what this ACPI code would cause on a Windows system. And why / how can this code cause all the stuff being visible under the sections "Files" and "Registry"?

On Tue, Nov 17, 2015 at 10:57 PM, Moore, Robert <robert.moore(a)intel.com<mailto:robert.moore(a)intel.com>> wrote:
There are some issues with this machine, but these are more linux-specific and I can’t help with those.

[   13.115675] ACPI Warning: SystemIO range 0x0000000000005040-0x000000000000505F conflicts with OpRegion 0x0000000000005040-0x000000000000504F (\_SB_.PCI0.SBUS.SMBI) (20150204/utaddress-254)
[   13.115683] ACPI: If an ACPI driver is available for this device, you should use it instead of the native driver

[   13.426574] [Firmware Bug]: ACPI(PEGP) defines _DOD but not _DOS
[   13.426902] ACPI: Video Device [PEGP] (multi-head: yes  rom: yes  post: no)
[   13.426908] ACPI Error: [\_SB_.PCI0.GFX0.DD02._BCL] Namespace lookup failure, AE_NOT_FOUND (20150204/psargs-359)
[   13.426913] ACPI Error: Method parse/execution failed [\_SB_.PCI0.PEG0.PEGP.DD02._BCL] (Node ffff8802560f8e38), AE_NOT_FOUND (20150204/psparse-536)
[   13.426972] input: Video Bus




From: Devel [mailto:devel-bounces(a)acpica.org<mailto:devel-bounces(a)acpica.org>] On Behalf Of David Renz
Sent: Tuesday, November 17, 2015 11:31 AM
To: devel(a)acpica.org<mailto:devel(a)acpica.org>
Subject: [Devel] ACPI table code of Lenovo G710 corrupted?
Hello everyone,

I own a Lenovo G710 notebook (here one can see the exact model: http://postimg.org/image/rm5vjgkb5/), and I find that the code stored in its ACPI tables, which I extracted using the Windows tool "Read&Write Everything", leads to strange/suspicious results when I submitted it to malwr.com<http://malwr.com>:
https://malwr.com/analysis/MjZkOGU4Y2ZmMGM5NDQ1Njg5OTc4NTVlOTQ5NThiMmY/

Why should the ACPI table code lead to the deployment of files related to Microsoft office, which is not even installed right after having installed Windows?

And looking at the section "Registry keys":
Isn't it strange that this code causes all those registry changes, especially regarding all those "InProcServer32" entries?


Could anyone, who owns the same model, try to extract its ACPI tables and submit them to malwr.com<http://malwr.com> in order to check if this leads to the same results? And if one should thinks of this code being corrupted, then I guess it would be a good idea to perform a comparison in order to find differences and to check what those would imply.
I uploaded the extracted ACPI tables of my notebook on GoogleDrive:
https://drive.google.com/file/d/0B62Y5Qk_rdbWamlXRXZBSkJQYkU/view?usp=sharing
Under Pentoo Linux (and any other Linux distro I tried) the dmesg output also shows quite many ACPI related error messages (starting at second 13):
https://drive.google.com/file/d/0B62Y5Qk_rdbWMGJNVnpXcVBIbEE/view?usp=sharing

Thanks in advance and best wishes
David





Best wishes and thanks in advance


[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 10247 bytes --]

Re: [Devel] ACPI table code of Lenovo G710 corrupted?

[David Renz]

[-- Attachment #1: Type: text/plain, Size: 3801 bytes --]

Because I extracted the ACPI code and submitted it to malwr.com, whose
analysis shows what the code causes / does. That's why I think it's related
to ACPI code.
Am 17.11.2015 23:27 schrieb "Moore, Robert" <robert.moore(a)intel.com>:

> I don’t know all of the windows internals, but what exactly makes you
> think that this stuff is related to ACPI?
>
>
>
>
>
> *From:* David Renz [mailto:sun.kisses.horizon(a)gmail.com]
> *Sent:* Tuesday, November 17, 2015 2:18 PM
> *To:* Moore, Robert
> *Cc:* devel(a)acpica.org
> *Subject:* Re: [Devel] ACPI table code of Lenovo G710 corrupted?
>
>
>
> Sorry, but how can't you see that this is related to the code stored in
> the ACPI tables?
>
> I extracted it and submitted the file to malwr.com, whose analysis shows
> what this ACPI code would cause on a Windows system. And why / how can this
> code cause all the stuff being visible under the sections "Files" and
> "Registry"?
>
>
>
> On Tue, Nov 17, 2015 at 10:57 PM, Moore, Robert <robert.moore(a)intel.com>
> wrote:
>
> There are some issues with this machine, but these are more linux-specific
> and I can’t help with those.
>
> [   13.115675] ACPI Warning: SystemIO range
> 0x0000000000005040-0x000000000000505F conflicts with OpRegion
> 0x0000000000005040-0x000000000000504F (\_SB_.PCI0.SBUS.SMBI)
> (20150204/utaddress-254)
> [   13.115683] ACPI: If an ACPI driver is available for this device, you
> should use it instead of the native driver
>
> [   13.426574] [Firmware Bug]: ACPI(PEGP) defines _DOD but not _DOS
> [   13.426902] ACPI: Video Device [PEGP] (multi-head: yes  rom: yes  post:
> no)
> [   13.426908] ACPI Error: [\_SB_.PCI0.GFX0.DD02._BCL] Namespace lookup
> failure, AE_NOT_FOUND (20150204/psargs-359)
> [   13.426913] ACPI Error: Method parse/execution failed
> [\_SB_.PCI0.PEG0.PEGP.DD02._BCL] (Node ffff8802560f8e38), AE_NOT_FOUND
> (20150204/psparse-536)
> [   13.426972] input: Video Bus
>
>
>
>
> From: Devel [mailto:devel-bounces(a)acpica.org] On Behalf Of David Renz
> Sent: Tuesday, November 17, 2015 11:31 AM
> To: devel(a)acpica.org
> Subject: [Devel] ACPI table code of Lenovo G710 corrupted?
>
> Hello everyone,
>
> I own a Lenovo G710 notebook (here one can see the exact model:
> http://postimg.org/image/rm5vjgkb5/), and I find that the code stored in
> its ACPI tables, which I extracted using the Windows tool "Read&Write
> Everything", leads to strange/suspicious results when I submitted it to
> malwr.com:
> https://malwr.com/analysis/MjZkOGU4Y2ZmMGM5NDQ1Njg5OTc4NTVlOTQ5NThiMmY/
>
> Why should the ACPI table code lead to the deployment of files related to
> Microsoft office, which is not even installed right after having installed
> Windows?
>
> And looking at the section "Registry keys":
> Isn't it strange that this code causes all those registry changes,
> especially regarding all those "InProcServer32" entries?
>
>
> Could anyone, who owns the same model, try to extract its ACPI tables and
> submit them to malwr.com in order to check if this leads to the same
> results? And if one should thinks of this code being corrupted, then I
> guess it would be a good idea to perform a comparison in order to find
> differences and to check what those would imply.
> I uploaded the extracted ACPI tables of my notebook on GoogleDrive:
>
> https://drive.google.com/file/d/0B62Y5Qk_rdbWamlXRXZBSkJQYkU/view?usp=sharing
> Under Pentoo Linux (and any other Linux distro I tried) the dmesg output
> also shows quite many ACPI related error messages (starting at second 13):
>
> https://drive.google.com/file/d/0B62Y5Qk_rdbWMGJNVnpXcVBIbEE/view?usp=sharing
>
> Thanks in advance and best wishes
> David
>
>
>
>
>
> Best wishes and thanks in advance
>
>
>

[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 6377 bytes --]

Re: [Devel] ACPI table code of Lenovo G710 corrupted?

[Moore, Robert]

[-- Attachment #1: Type: text/plain, Size: 3486 bytes --]

I don’t know all of the windows internals, but what exactly makes you think that this stuff is related to ACPI?


From: David Renz [mailto:sun.kisses.horizon(a)gmail.com]
Sent: Tuesday, November 17, 2015 2:18 PM
To: Moore, Robert
Cc: devel(a)acpica.org
Subject: Re: [Devel] ACPI table code of Lenovo G710 corrupted?

Sorry, but how can't you see that this is related to the code stored in the ACPI tables?
I extracted it and submitted the file to malwr.com<http://malwr.com>, whose analysis shows what this ACPI code would cause on a Windows system. And why / how can this code cause all the stuff being visible under the sections "Files" and "Registry"?

On Tue, Nov 17, 2015 at 10:57 PM, Moore, Robert <robert.moore(a)intel.com<mailto:robert.moore(a)intel.com>> wrote:
There are some issues with this machine, but these are more linux-specific and I can’t help with those.

[   13.115675] ACPI Warning: SystemIO range 0x0000000000005040-0x000000000000505F conflicts with OpRegion 0x0000000000005040-0x000000000000504F (\_SB_.PCI0.SBUS.SMBI) (20150204/utaddress-254)
[   13.115683] ACPI: If an ACPI driver is available for this device, you should use it instead of the native driver

[   13.426574] [Firmware Bug]: ACPI(PEGP) defines _DOD but not _DOS
[   13.426902] ACPI: Video Device [PEGP] (multi-head: yes  rom: yes  post: no)
[   13.426908] ACPI Error: [\_SB_.PCI0.GFX0.DD02._BCL] Namespace lookup failure, AE_NOT_FOUND (20150204/psargs-359)
[   13.426913] ACPI Error: Method parse/execution failed [\_SB_.PCI0.PEG0.PEGP.DD02._BCL] (Node ffff8802560f8e38), AE_NOT_FOUND (20150204/psparse-536)
[   13.426972] input: Video Bus




From: Devel [mailto:devel-bounces(a)acpica.org<mailto:devel-bounces(a)acpica.org>] On Behalf Of David Renz
Sent: Tuesday, November 17, 2015 11:31 AM
To: devel(a)acpica.org<mailto:devel(a)acpica.org>
Subject: [Devel] ACPI table code of Lenovo G710 corrupted?
Hello everyone,

I own a Lenovo G710 notebook (here one can see the exact model: http://postimg.org/image/rm5vjgkb5/), and I find that the code stored in its ACPI tables, which I extracted using the Windows tool "Read&Write Everything", leads to strange/suspicious results when I submitted it to malwr.com<http://malwr.com>:
https://malwr.com/analysis/MjZkOGU4Y2ZmMGM5NDQ1Njg5OTc4NTVlOTQ5NThiMmY/

Why should the ACPI table code lead to the deployment of files related to Microsoft office, which is not even installed right after having installed Windows?

And looking at the section "Registry keys":
Isn't it strange that this code causes all those registry changes, especially regarding all those "InProcServer32" entries?


Could anyone, who owns the same model, try to extract its ACPI tables and submit them to malwr.com<http://malwr.com> in order to check if this leads to the same results? And if one should thinks of this code being corrupted, then I guess it would be a good idea to perform a comparison in order to find differences and to check what those would imply.
I uploaded the extracted ACPI tables of my notebook on GoogleDrive:
https://drive.google.com/file/d/0B62Y5Qk_rdbWamlXRXZBSkJQYkU/view?usp=sharing
Under Pentoo Linux (and any other Linux distro I tried) the dmesg output also shows quite many ACPI related error messages (starting at second 13):
https://drive.google.com/file/d/0B62Y5Qk_rdbWMGJNVnpXcVBIbEE/view?usp=sharing

Thanks in advance and best wishes
David





Best wishes and thanks in advance


[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 7425 bytes --]

Re: [Devel] ACPI table code of Lenovo G710 corrupted?

[David Renz]

[-- Attachment #1: Type: text/plain, Size: 3162 bytes --]

Sorry, but how can't you see that this is related to the code stored in the
ACPI tables?

I extracted it and submitted the file to malwr.com, whose analysis shows
what this ACPI code would cause on a Windows system. And why / how can this
code cause all the stuff being visible under the sections "Files" and
"Registry"?


On Tue, Nov 17, 2015 at 10:57 PM, Moore, Robert <robert.moore(a)intel.com>
wrote:

> There are some issues with this machine, but these are more linux-specific
> and I can’t help with those.
>
> [   13.115675] ACPI Warning: SystemIO range
> 0x0000000000005040-0x000000000000505F conflicts with OpRegion
> 0x0000000000005040-0x000000000000504F (\_SB_.PCI0.SBUS.SMBI)
> (20150204/utaddress-254)
> [   13.115683] ACPI: If an ACPI driver is available for this device, you
> should use it instead of the native driver
>
> [   13.426574] [Firmware Bug]: ACPI(PEGP) defines _DOD but not _DOS
> [   13.426902] ACPI: Video Device [PEGP] (multi-head: yes  rom: yes  post:
> no)
> [   13.426908] ACPI Error: [\_SB_.PCI0.GFX0.DD02._BCL] Namespace lookup
> failure, AE_NOT_FOUND (20150204/psargs-359)
> [   13.426913] ACPI Error: Method parse/execution failed
> [\_SB_.PCI0.PEG0.PEGP.DD02._BCL] (Node ffff8802560f8e38), AE_NOT_FOUND
> (20150204/psparse-536)
> [   13.426972] input: Video Bus
>
>
>
>
> From: Devel [mailto:devel-bounces(a)acpica.org] On Behalf Of David Renz
> Sent: Tuesday, November 17, 2015 11:31 AM
> To: devel(a)acpica.org
> Subject: [Devel] ACPI table code of Lenovo G710 corrupted?
>
> Hello everyone,
>
> I own a Lenovo G710 notebook (here one can see the exact model:
> http://postimg.org/image/rm5vjgkb5/), and I find that the code stored in
> its ACPI tables, which I extracted using the Windows tool "Read&Write
> Everything", leads to strange/suspicious results when I submitted it to
> malwr.com:
> https://malwr.com/analysis/MjZkOGU4Y2ZmMGM5NDQ1Njg5OTc4NTVlOTQ5NThiMmY/
>
> Why should the ACPI table code lead to the deployment of files related to
> Microsoft office, which is not even installed right after having installed
> Windows?
>
> And looking at the section "Registry keys":
> Isn't it strange that this code causes all those registry changes,
> especially regarding all those "InProcServer32" entries?
>
>
> Could anyone, who owns the same model, try to extract its ACPI tables and
> submit them to malwr.com in order to check if this leads to the same
> results? And if one should thinks of this code being corrupted, then I
> guess it would be a good idea to perform a comparison in order to find
> differences and to check what those would imply.
> I uploaded the extracted ACPI tables of my notebook on GoogleDrive:
>
> https://drive.google.com/file/d/0B62Y5Qk_rdbWamlXRXZBSkJQYkU/view?usp=sharing
> Under Pentoo Linux (and any other Linux distro I tried) the dmesg output
> also shows quite many ACPI related error messages (starting at second 13):
>
> https://drive.google.com/file/d/0B62Y5Qk_rdbWMGJNVnpXcVBIbEE/view?usp=sharing
>
> Thanks in advance and best wishes
> David
>
>
>
>
>
> Best wishes and thanks in advance
>

[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 4310 bytes --]

Re: [Devel] ACPI table code of Lenovo G710 corrupted?

[Moore, Robert]

[-- Attachment #1: Type: text/plain, Size: 2606 bytes --]

There are some issues with this machine, but these are more linux-specific and I can’t help with those.

[   13.115675] ACPI Warning: SystemIO range 0x0000000000005040-0x000000000000505F conflicts with OpRegion 0x0000000000005040-0x000000000000504F (\_SB_.PCI0.SBUS.SMBI) (20150204/utaddress-254)
[   13.115683] ACPI: If an ACPI driver is available for this device, you should use it instead of the native driver

[   13.426574] [Firmware Bug]: ACPI(PEGP) defines _DOD but not _DOS
[   13.426902] ACPI: Video Device [PEGP] (multi-head: yes  rom: yes  post: no)
[   13.426908] ACPI Error: [\_SB_.PCI0.GFX0.DD02._BCL] Namespace lookup failure, AE_NOT_FOUND (20150204/psargs-359)
[   13.426913] ACPI Error: Method parse/execution failed [\_SB_.PCI0.PEG0.PEGP.DD02._BCL] (Node ffff8802560f8e38), AE_NOT_FOUND (20150204/psparse-536)
[   13.426972] input: Video Bus




From: Devel [mailto:devel-bounces(a)acpica.org] On Behalf Of David Renz
Sent: Tuesday, November 17, 2015 11:31 AM
To: devel(a)acpica.org
Subject: [Devel] ACPI table code of Lenovo G710 corrupted?

Hello everyone,

I own a Lenovo G710 notebook (here one can see the exact model: http://postimg.org/image/rm5vjgkb5/), and I find that the code stored in its ACPI tables, which I extracted using the Windows tool "Read&Write Everything", leads to strange/suspicious results when I submitted it to malwr.com:
https://malwr.com/analysis/MjZkOGU4Y2ZmMGM5NDQ1Njg5OTc4NTVlOTQ5NThiMmY/

Why should the ACPI table code lead to the deployment of files related to Microsoft office, which is not even installed right after having installed Windows?

And looking at the section "Registry keys":
Isn't it strange that this code causes all those registry changes, especially regarding all those "InProcServer32" entries?


Could anyone, who owns the same model, try to extract its ACPI tables and submit them to malwr.com in order to check if this leads to the same results? And if one should thinks of this code being corrupted, then I guess it would be a good idea to perform a comparison in order to find differences and to check what those would imply.
I uploaded the extracted ACPI tables of my notebook on GoogleDrive:
https://drive.google.com/file/d/0B62Y5Qk_rdbWamlXRXZBSkJQYkU/view?usp=sharing
Under Pentoo Linux (and any other Linux distro I tried) the dmesg output also shows quite many ACPI related error messages (starting at second 13):
https://drive.google.com/file/d/0B62Y5Qk_rdbWMGJNVnpXcVBIbEE/view?usp=sharing

Thanks in advance and best wishes
David

 

 

Best wishes and thanks in advance

Re: [Devel] ACPI table code of Lenovo G710 corrupted?

[Moore, Robert]

[-- Attachment #1: Type: text/plain, Size: 2489 bytes --]

I don’t see anything in these that has anything to do with ACPI.


From: David Renz [mailto:sun.kisses.horizon(a)gmail.com]
Sent: Tuesday, November 17, 2015 1:40 PM
To: Moore, Robert
Cc: devel(a)acpica.org
Subject: Re: [Devel] ACPI table code of Lenovo G710 corrupted?

Did you take a look at the sections "Files" and "Registry"? Here are just two screenshots of those:
http://postimg.org/image/9v1a65nwt/
http://postimg.org/image/jv1lri7on/

On Tue, Nov 17, 2015 at 10:28 PM, Moore, Robert <robert.moore(a)intel.com<mailto:robert.moore(a)intel.com>> wrote:
The tables actually look reasonable to me. I see nothing about MS office or the registry.


From: Devel [mailto:devel-bounces(a)acpica.org<mailto:devel-bounces(a)acpica.org>] On Behalf Of David Renz
Sent: Tuesday, November 17, 2015 11:31 AM
To: devel(a)acpica.org<mailto:devel(a)acpica.org>
Subject: [Devel] ACPI table code of Lenovo G710 corrupted?

Hello everyone,

I own a Lenovo G710 notebook (here one can see the exact model: http://postimg.org/image/rm5vjgkb5/), and I find that the code stored in its ACPI tables, which I extracted using the Windows tool "Read&Write Everything", leads to strange/suspicious results when I submitted it to malwr.com<http://malwr.com>:
https://malwr.com/analysis/MjZkOGU4Y2ZmMGM5NDQ1Njg5OTc4NTVlOTQ5NThiMmY/

Why should the ACPI table code lead to the deployment of files related to Microsoft office, which is not even installed right after having installed Windows?

And looking at the section "Registry keys":
Isn't it strange that this code causes all those registry changes, especially regarding all those "InProcServer32" entries?


Could anyone, who owns the same model, try to extract its ACPI tables and submit them to malwr.com<http://malwr.com> in order to check if this leads to the same results? And if one should thinks of this code being corrupted, then I guess it would be a good idea to perform a comparison in order to find differences and to check what those would imply.
I uploaded the extracted ACPI tables of my notebook on GoogleDrive:
https://drive.google.com/file/d/0B62Y5Qk_rdbWamlXRXZBSkJQYkU/view?usp=sharing
Under Pentoo Linux (and any other Linux distro I tried) the dmesg output also shows quite many ACPI related error messages (starting at second 13):
https://drive.google.com/file/d/0B62Y5Qk_rdbWMGJNVnpXcVBIbEE/view?usp=sharing
Thanks in advance and best wishes
David





Best wishes and thanks in advance


[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 8369 bytes --]

Re: [Devel] ACPI table code of Lenovo G710 corrupted?

[David Renz]

[-- Attachment #1: Type: text/plain, Size: 2218 bytes --]

Did you take a look at the sections "Files" and "Registry"? Here are just
two screenshots of those:
http://postimg.org/image/9v1a65nwt/
http://postimg.org/image/jv1lri7on/

On Tue, Nov 17, 2015 at 10:28 PM, Moore, Robert <robert.moore(a)intel.com>
wrote:

> The tables actually look reasonable to me. I see nothing about MS office
> or the registry.
>
>
>
>
>
> *From:* Devel [mailto:devel-bounces(a)acpica.org] *On Behalf Of *David Renz
> *Sent:* Tuesday, November 17, 2015 11:31 AM
> *To:* devel(a)acpica.org
> *Subject:* [Devel] ACPI table code of Lenovo G710 corrupted?
>
>
>
> Hello everyone,
>
> I own a Lenovo G710 notebook (here one can see the exact model:
> http://postimg.org/image/rm5vjgkb5/), and I find that the code stored in
> its ACPI tables, which I extracted using the Windows tool "Read&Write
> Everything", leads to strange/suspicious results when I submitted it to
> malwr.com:
> https://malwr.com/analysis/MjZkOGU4Y2ZmMGM5NDQ1Njg5OTc4NTVlOTQ5NThiMmY/
>
> Why should the ACPI table code lead to the deployment of files related to
> Microsoft office, which is not even installed right after having installed
> Windows?
>
> And looking at the section "Registry keys":
> Isn't it strange that this code causes all those registry changes,
> especially regarding all those "InProcServer32" entries?
>
>
> Could anyone, who owns the same model, try to extract its ACPI tables and
> submit them to malwr.com in order to check if this leads to the same
> results? And if one should thinks of this code being corrupted, then I
> guess it would be a good idea to perform a comparison in order to find
> differences and to check what those would imply.
>
> I uploaded the extracted ACPI tables of my notebook on GoogleDrive:
>
> https://drive.google.com/file/d/0B62Y5Qk_rdbWamlXRXZBSkJQYkU/view?usp=sharing
>
> Under Pentoo Linux (and any other Linux distro I tried) the dmesg output
> also shows quite many ACPI related error messages (starting at second 13):
>
> https://drive.google.com/file/d/0B62Y5Qk_rdbWMGJNVnpXcVBIbEE/view?usp=sharing
>
> Thanks in advance and best wishes
>
> David
>
>
>
>
>
>
> Best wishes and thanks in advance
>

[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 4738 bytes --]

Re: [Devel] ACPI table code of Lenovo G710 corrupted?

[Moore, Robert]

[-- Attachment #1: Type: text/plain, Size: 1853 bytes --]

The tables actually look reasonable to me. I see nothing about MS office or the registry.


From: Devel [mailto:devel-bounces(a)acpica.org] On Behalf Of David Renz
Sent: Tuesday, November 17, 2015 11:31 AM
To: devel(a)acpica.org
Subject: [Devel] ACPI table code of Lenovo G710 corrupted?

Hello everyone,

I own a Lenovo G710 notebook (here one can see the exact model: http://postimg.org/image/rm5vjgkb5/), and I find that the code stored in its ACPI tables, which I extracted using the Windows tool "Read&Write Everything", leads to strange/suspicious results when I submitted it to malwr.com<http://malwr.com>:
https://malwr.com/analysis/MjZkOGU4Y2ZmMGM5NDQ1Njg5OTc4NTVlOTQ5NThiMmY/

Why should the ACPI table code lead to the deployment of files related to Microsoft office, which is not even installed right after having installed Windows?

And looking at the section "Registry keys":
Isn't it strange that this code causes all those registry changes, especially regarding all those "InProcServer32" entries?


Could anyone, who owns the same model, try to extract its ACPI tables and submit them to malwr.com<http://malwr.com> in order to check if this leads to the same results? And if one should thinks of this code being corrupted, then I guess it would be a good idea to perform a comparison in order to find differences and to check what those would imply.
I uploaded the extracted ACPI tables of my notebook on GoogleDrive:
https://drive.google.com/file/d/0B62Y5Qk_rdbWamlXRXZBSkJQYkU/view?usp=sharing
Under Pentoo Linux (and any other Linux distro I tried) the dmesg output also shows quite many ACPI related error messages (starting at second 13):
https://drive.google.com/file/d/0B62Y5Qk_rdbWMGJNVnpXcVBIbEE/view?usp=sharing

Thanks in advance and best wishes
David





Best wishes and thanks in advance

[-- Attachment #2: attachment.html --]
[-- Type: text/html, Size: 5388 bytes --]