Windows Support Forum

BSOD looking for analysis

Q: BSOD looking for analysis

I am having freezes or freezes and restarts mostly May be hardware but BSOD looking analysis for I had this BSOD BSOD looking for analysis and am interested as to the cause to see if any connection I'll likely be posting for help in the hardware section soon as well but wanted to see what the BSOD cause was st Some history Last Sat early Sun was the st sign of any problem Was watching a full screen Youtube video when my sound stopped screen went black and the PC froze It stayed on no response to anything no Numlock light on keyboard After it became obvious it wouldn't blue screen or restart did a hard power off Upon restarting I noticed the ASUS splash screen and option to enter Express Gate showed up These were disabled in BIOS since day one Turns out my BIOS was reset cpu and ram settings etc reset them and off I went Since then I have had many freezes either just staying frozen requiring a hard power off or a freeze followed by a restart This results in a kernal power event basically saying it didn't shut down properly I did get a bugcheck f at one pint but I am getting all zeros since Last Sun early mon I ran Memtest for hours passes no errors I swapped out my GPU for a spare The BSOD is with the replacement GPU and the driver windows found so be aware if it points towards GPU driver it may have been caused by that I had updated my Nvidia driver days before so I restored to an Acronis image from the weekend before I surfed hours or so last night in Safe Mode with Networking with no issue maybe coincidence Booted to a clean start and started a Malwarebytes scan before going to bed Awoke to a frozen PC so the clean start did not prevent the freeze So to wrap up Memtest results showed nothing Replacement GPU made no difference Restored image from the week before made no difference Safe Mode with Networking inconclusive as it did work last night Clean start no help I had cleared my events as I wanted to make sure any new events were obvious But all were kernel power events Appreciate any analysis of this one BSOD so I can see what caused it and if it has any connection Also including pictures of the Blue screens one from that is for the attached dump and one from where the dump was not saved for some reason Attachment The accompanying picture The picture only A Guy

Relevancy 100%
Preferred Solution: BSOD looking for analysis

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/directdownload.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: BSOD looking for analysis

I would suggest uninstalling CoreTemp and see if the BSOD returns.

http://www.sevenforums.com/bsod-help-support/306534-bsod-looking-analysis.html
Relevancy 47.3%

BSoD Analysis please...

A:BSOD Analysis

Hi,

BUGCHECK SUMMARY
Code:

Built by: 7600.16539.x86fre.win7_gdr.100226-1909
Debug session time: Fri Jul 2 02:09:41.371 2010 (GMT+12)
System Uptime: 0 days 2:33:11.197
PROCESS_NAME: csrss.exe
BUGCHECK_STR: 0xF4_C0000005
??????????????????????????????????????????????????????????????????????????????????????
Built by: 7600.16385.x86fre.win7_rtm.090713-1255
Debug session time: Wed Jun 30 19:19:14.141 2010 (GMT+12)
System Uptime: 0 days 2:37:49.951
*** WARNING: Unable to verify timestamp for igdkmd32.sys
*** ERROR: Module load completed but symbols could not be loaded for igdkmd32.sys
BUGCHECK_STR: 0x19_20
PROCESS_NAME: System
??????????????????????????????????????????????????????????????????????????????????????

Only driver mentioned was igdkmd32.sys which is the Intel Integrated Graphics Driver.

Update from here (the model is Mobile Intel(R) 965 Express Chipset Family): http://downloadcenter.intel.com/Default.aspx

How long have you been getting these - there were only 2 BSOD reports in the folder. And only 2 BSOD events were mentioned in the event logs.

From your event logs it appears that you installed a new device immediately before the problem began?



Code:

Event[1293]:
Log Name: System
Source: Microsoft-Windows-UserPnp
Date: 2010-06-30T15:15:40.296
Event ID: 20001
Task: N/A
Level: Information
Opcode: Info
Keyword: N/A
User: S-1-5-18
User Name: NT AUTHORITY\SYSTEM
Computer: iamKaelXY-PC
Description:
Driver Management concluded the process to install driver FileRepository\ich8core.inf_x86_neutral_af2648a896f788e6\ich8core.inf for Device Instance ID PCI\VEN_8086&DEV_2845&SUBSYS_9008104D&REV_03\3&33FD14CA&0&E3 with the following status: 0x0.

Event[1294]:
Log Name: System
Source: Microsoft-Windows-UserPnp
Date: 2010-06-30T15:15:39.560
Event ID: 20003
Task: N/A
Level: Information
Opcode: Info
Keyword: N/A
User: S-1-5-18
User Name: NT AUTHORITY\SYSTEM
Computer: iamKaelXY-PC
Description:
Driver Management has concluded the process to add Service pci for Device Instance ID PCI\VEN_8086&DEV_2845&SUBSYS_9008104D&REV_03\3&33FD14CA&0&E3 with the following status: 0.

Event[1295]:
Log Name: System
Source: Microsoft-Windows-UserPnp
Date: 2010-06-30T15:15:36.066
Event ID: 20003
Task: N/A
Level: Information
Opcode: Info
Keyword: N/A
User: S-1-5-18
User Name: NT AUTHORITY\SYSTEM
Computer: iamKaelXY-PC
Description:
Driver Management has concluded the process to add Service pci for Device Instance ID PCI\VEN_8086&DEV_2845&SUBSYS_9008104D&REV_03\3&33FD14CA&0&E3 with the following status: 0.

What was that device?

Regards,
Reventon

http://www.techsupportforum.com/forums/f299/bsod-analysis-494345.html
Relevancy 47.3%

Hi guys i need help just 2 got graphics card installed GTX 295 and Sli'd them.
Also bought a new PCU 850 watts to back up these 2 cards.
Computer was working fine before i installed them.
but now since i installed them i get random BSOD
And every 10 mins or so my monitor screen will turn black but everything will still run as i can hear my music.
When play a game after 10 mins it turn my monitor to pink and yellow for some reason

- x86
- Ultimate
- OEM

- Few years old around 3
- 1 Week

A:BSOD and Others analysis

Your graphics card driver nvlddmkm.sys triggered the crash
Considering that you've got display artifacts the cause might be overheating or defects in one of your GPU
Test each card individually with OCCT
http://www.sevenforums.com/tutorials...test-occt.html

http://www.sevenforums.com/bsod-help-support/187299-bsod-others-analysis.html
Relevancy 47.3%

? Windows 7 Ultimate
? x64
? Windows XP Professional x64 [Service pack 3]
? Full retail version
? Approx. 1 year
? Had XP for 8 months, upgraded to 7 last October

? AMD Athlon II X4 640
? NVIDIA GeForce GTS 450
? ASRock N68C-S UCC
? EN60950 (all that is said relative to a model) 520W

? Unknown; purchased on Ebay
? ^

A:BSoD Analysis

Code:
AODDriver2.sys Wed Jun 15 04:38:35 2011 (4DF86F8B)
AMD OverDrive (AODDriver2.sys) is either a stand-alone application, or a component of the AMD VISION Engine Control Center.
Please uninstall the AMD OverDrive program as it can cause BSOD's on your system.
If it's the stand-alone app, uninstall it via Control Panel...Programs...Uninstall a program
If it's in the AMD VISION Engine Control Center, you can uninstall it using the AMD uninstall tool (or uninstall the entire AMD VISION Engine Control Center application through Control Panel

If the device remains a problem in perfmon /report, open Device Manager, select the "View" item.
Then select "Show hidden devices" and scroll down to the Plug and Play Drivers section.
Locate the AODDriver entry, right click on it and select "Uninstall". Reboot for changes to take affect.


Please enable driver verifier
http://www.techsupportforum.com/foru...ed-473665.html



Code:
Event[230]:
Log Name: System
Source: Microsoft-Windows-WHEA-Logger
Date: 2012-02-19T15:52:42.788
Event ID: 19
Task: N/A
Level: Warning
Opcode: Info
Keyword: N/A
User: S-1-5-19
User Name: NT AUTHORITY\LOCAL SERVICE
Computer: Dennis
Description:
A corrected hardware error has occurred.

Reported by component: Processor Core
Error Source: Corrected Machine Check
Error Type: Cache Hierarchy Error
Processor ID: 2

The details view of this entry contains further information.

Code:
Event[13369]:
Log Name: System
Source: Microsoft-Windows-WHEA-Logger
Date: 2012-01-28T20:58:53.541
Event ID: 20
Task: N/A
Level: Error
Opcode: Info
Keyword: N/A
User: S-1-5-19
User Name: NT AUTHORITY\LOCAL SERVICE
Computer: Dennis
Description:
A fatal hardware error has occurred.

Component: AMD Northbridge
Error Source: Machine Check Exception
Error Type: Sync Error
Processor ID: 0

The details view of this entry contains further information.
Please run hardware tests
1. Memtest86 - Run for 7-8 passes - RAM - Test with Memtest86+ - Windows 7 Forums
2. Prime95 - Run all three tests for 3-4 hours each or until fail - Hardware - Stress Test With Prime95 - Windows 7 Forums
3. Hard drive scan usings SeaTools - SeaTools for Windows | Seagate - Both long and short tests

BSOD BUGCHECK SUMMARY

Code:

Built by: 7601.17640.amd64fre.win7sp1_gdr.110622-1506
Debug session time: Sat Jan 28 16:31:13.039 2012 (UTC - 5:00)
System Uptime: 0 days 0:22:08.351
Probably caused by : USBPORT.SYS ( USBPORT!USBPORT_Core_UsbMapDpc_Worker+6f )
BUGCHECK_STR: 0xD1
PROCESS_NAME: javaw.exe
FAILURE_BUCKET_ID: X64_0xD1_CODE_AV_BAD_IP_USBPORT!USBPORT_Core_UsbMapDpc_Worker+6f
BiosReleaseDate = 08/25/2010
SystemManufacturer = To Be Filled By O.E.M.
SystemProductName = To Be Filled By O.E.M.
??????????????????????????????????????????????????????????????????????????????????????``

http://www.techsupportforum.com/forums/f299/bsod-analysis-631442.html
Relevancy 47.3%

Hello I'm new to the forum I appreciate anyone taking the time out to read this I popped over to the BSOD thread and followed the instructions I work in IT for a larger agency and I have a user in one of our field offices whose laptop is crashing seemingly at random I have not witnessed the problem myself so I am relying on the word of a non tech-savvy person She states that here computer will get the BSOD when she is using windows movie maker or viewing images jpg gif Analysis BSOD please etc with windows picture viewer It does not happen all the time but she has noticed it mostly happens when she is working with those types of files or that program This is a Toshiba Tecra BSOD Analysis please A OS - Windows Pro x -bit What was original installed OS on system - Windows Pro Is the OS an OEM version - OEM Age of system hardware - Less than a year Age of OS installation - Months have you re-installed the OS - No CPU - Intel Core i Video Card - Nvidia NVS M MotherBoard - Sorry can't find the info Power Supply - Sorry can't find the info I have attached the necessary files that were mentioned in the BSOD posting thread However I can't attach a system health report because everytime I try to run it I get a quot The system cannot find the path specified quot error I'm hoping a debugger will be able to tell me the cause of the BSODs Thank you very much in advance

A:BSOD Analysis please

Hi -

The 5 BSODs all name the same probable cause - Intel 82577LM Gigabit Network Connection - Ethernet -

Code:

e1k6232.sys Tue Apr 06 03:36:16 2010 (4BBAE470)

http://www.intel.com/support/etherne.../CS-031229.htm

It may be conflicting with old 2007 Cisco VPN Client drivers - update them -

Code:

dne2000.sys Wed Jan 24 02:17:24 2007 (45B70804) - Cisco Systems VPN Client/ Deterministic Network Enhancer Miniport - tp://www.cisco.com/en/US/products/ps5743/Products_Sub_Category_Home.html
CVPNDRVA.sys Mon Jul 16 13:57:10 2007 (469BB176) - Cisco Systems VPN Client - tp://www.cisco.com/en/US/products/ps5743/Products_Sub_Category_Home.html

Cisco VPN - http://www.cisco.com/en/US/products/...gory_Home.html

You have both Ethernet and wifi active. Turn off whichever you are not using.

If BSODs persist, run the Driver Verifier -- http://jcgriff2.com/driver_verifier.htm


Windbg Logs
--> http://jcgriff2.net/BSOD_Logs/_99-db..._jcgriff2_.txt
--> http://jcgriff2.net/BSOD_Logs/_99-db...riff2_.txt.zip

Regards. . .

jcgriff2


`

BSOD BUGCHECK SUMMARY

Code:

Built by: 7600.16539.x86fre.win7_gdr.100226-1909
Debug session time: Wed Sep 15 11:21:07.135 2010 (GMT-4)
System Uptime: 0 days 0:05:59.724
*** WARNING: Unable to verify timestamp for e1k6232.sys
*** ERROR: Module load completed but symbols could not be loaded for e1k6232.sys
Probably caused by : e1k6232.sys ( e1k6232+16159 )
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xA
PROCESS_NAME: System
Bugcheck code 0000000A
Arguments 00000000 00000002 00000001 8328c0ac
??????????????????????????????????????????????????????????????????????????????????????``
Built by: 7600.16539.x86fre.win7_gdr.100226-1909
Debug session time: Tue Aug 24 16:34:46.954 2010 (GMT-4)
System Uptime: 0 days 3:01:45.862
BugCheck D1, {48, 2, 1, 91faf1b8}
*** WARNING: Unable to verify timestamp for e1k6232.sys
*** ERROR: Module load completed but symbols could not be loaded for e1k6232.sys
Probably caused by : e1k6232.sys ( e1k6232+161b8 )
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xD1
PROCESS_NAME: System
Bugcheck code 000000D1
Arguments 00000048 00000002 00000001 91faf1b8
??????????????????????????????????????????????????????????????????????????????????????``
Built by: 7600.16539.x86fre.win7_gdr.100226-1909
Debug session time: Tue Aug 24 13:32:08.373 2010 (GMT-4)
System Uptime: 0 days 2:36:48.783
BugCheck D1, {34, 2, 1, 91150171}
*** WARNING: Unable to verify timestamp for e1k6232.sys
*** ERROR: Module load completed but symbols could not be loaded for e1k6232.sys
Probably caused by : e1k6232.sys ( e1k6232+16171 )
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xD1
PROCESS_NAME: System
Bugcheck code 000000D1
Arguments 00000034 00000002 00000001 91150171
??????????????????????????????????????????????????????????????????????????????????????``
Built by: 7600.16539.x86fre.win7_gdr.100226-1909
Debug session time: Thu Aug 19 18:48:36.744 2010 (GMT-4)
System Uptime: 0 days 6:53:30.753
*** WARNING: Unable to verify timestamp for e1k6232.sys
*** ERROR: Module load completed but symbols could not be loaded for e1k6232.sys
Probably caused by : e1k6232.sys ( e1k6232+16159 )
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xA
PROCESS_NAME: System
Bugcheck code 0000000A
Arguments 00000000 00000002 00000001 832600ac
??????????????????????????????????????????????????????????????????????????????????????``
Built by: 7600.16539.x86fre.win7_gdr.100226-1909
Debug session time: Thu Jun 10 18:49:24.520 2010 (GMT-4)
System Uptime: 0 days 1:14:57.974
BugCheck D1, {34, 2, 1, 8fd91171}
*** WARNING: Unable to verify timestamp for e1k6232.sys
*** ERROR: Module load completed but symbols could not be loaded for e1k6232.sys
Probably caused by : e1k6232.sys ( e1k6232+16171 )
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xD1
PROCESS_NAME: System
Bugcheck code 000000D1
Argume... Read more

http://www.techsupportforum.com/forums/f299/bsod-analysis-please-514372.html
Relevancy 47.3%

Hey Guys and Gals I am new here ad I am usually able to figure out something like this on my own but I am bit Analysis Help BSOD Please! stuck I have Windows Pro Bit HTPC box Built it myself and it was good for a few years Had some BSODs before because of the video card HD was nagging like my wife and a few driver updates resolved that problem Now BSOD Analysis Help Please! I am having some BSODs quiet frequently I did rebuild it a little while ago after I got a Ceton Card for Time Warner Cable installed I don't think its the Ceton card that's causing BSODs but who knows Anyway I am attaching screenshot from the debugger analysis Can't attache the memory dump file itself I guess here is a size limit here Only thing I see that is LogMeIn and I have since disabled it plus its video mirror driver Any help would be greatly appreciated Thank you in advance Microsoft R Windows Debugger Version AMD Copyright c Microsoft Corporation All rights reserved Loading Dump File C Windows MEMORY DMP Kernel Summary Dump File Only kernel address space is available Symbol search path is SRV C SymCache http msdl microsoft com download symbols Executable search path is Windows Kernel Version Service Pack MP procs Free x Product WinNt suite TerminalServer SingleUserTS Built by amd fre win sp gdr - Machine Name Kernel base xfffff d PsLoadedModuleList xfffff Debug session time Fri Nov UTC - System Uptime days Loading Kernel Symbols Loading User Symbols PEB is paged out Peb Ldr ff fffd Type quot hh dbgerr quot for details Loading unloaded module list Bugcheck Analysis Use analyze -v to get detailed debugging information BugCheck E ffffffffc fffff ccd f Probably caused by ntkrnlmp exe nt KxWaitForLockChainValid f Followup MachineOwner --------- kd gt analyze -v Bugcheck Analysis KMODE EXCEPTION NOT HANDLED e This is a very common bugcheck Usually the exception address pinpoints the driver function that caused the problem Always note this address as well as the link date of the driver image that contains this address Arguments Arg ffffffffc The exception code that was not handled Arg fffff ccd f The address that the exception occurred at Arg Parameter of the exception Arg Parameter of the exception Debugging Details ------------------ EXCEPTION CODE NTSTATUS xc - The instruction at x lx referenced memory at x lx The memory could not be s FAULTING IP nt KxWaitForLockChainValid f fffff ccd f b mov rax qword ptr rdi EXCEPTION PARAMETER EXCEPTION PARAMETER READ ADDRESS ERROR CODE NTSTATUS xc - The instruction at x lx referenced memory at x lx The memory could not be s BUGCHECK STR x E c DEFAULT BUCKET ID VISTA DRIVER FAULT PROCESS NAME LogMeIn exe CURRENT IRQL TRAP FRAME fffff -- trap xfffff NOTE The trap frame does not contain all registers Some register values may be zeroed or incorrect rax ffffffff rbx rcx rdx rsi rdi rip fffff ccd f rsp fffff d rbp fffff c r e r r r r r r r iopl nv up ei pl nz na pe nc nt KxWaitForLockChainValid x f fffff ccd f b mov rax qword ptr rdi ds bf Resetting default scope LAST CONTROL TRANSFER from fffff e d to fffff c c STACK TEXT fffff bb fffff e d e ffffffff c fffff ccd f nt KeBugCheckEx fffff bc fffff b fffff fffff nt FNODOBFM string' x d d fffff fffff a ba fffff nt KiExceptionDispatch xc fffff fffff ccd f fffff d e nt KiPageFault x a fffff d fffff afba fffff da b fffff nt KxWaitForLockChainValid x f fffff nt CcUnpinFileDataEx x STACK COMMAND kb FOLLOWUP IP nt KxWaitForLockChainValid f fffff ccd f b mov rax qword ptr rdi SYMBOL STACK INDEX SYMBOL NAME nt KxWaitForLockChainValid f FOLLOWUP NAME MachineOwner MODULE NAME nt IMAGE NAME ntkrnlmp exe DEBUG FLR IMAGE TIMESTAMP fa f FAILURE BUCKET ID X x E c nt KxWaitForLockChainValid f BUCKET ID X x E c nt KxWaitForLockChainValid f Followup MachineOwner ---------

A:BSOD Analysis Help Please!

Welcome to SevenForums.

Here are some usual causes on that bugcheck:





Quote:
STOP 0x0000001E: KMODE_EXCEPTION_NOT_HANDLED
Usual causes: Device driver, hardware, System service, compatibility, Remote control programs, memory, BIOS
Carrona.org


And it looks like it crashed on "Logmein.exe"

Please post all the files following http://www.sevenforums.com/crashes-d...tructions.html

http://www.sevenforums.com/bsod-help-support/265019-bsod-analysis-help-please.html
Relevancy 47.3%

need your help sirs. very much appreciated

A:BSOD need help on analysis thank you

newer minidump files. thanks

http://www.sevenforums.com/bsod-help-support/95737-bsod-need-help-analysis-thank-you.html
Relevancy 47.3%

Hi Microsoft MVP,
Windows 7 x86 OEM
3-4 years old
Pentium D 930
ATI Radeon 9550
430W Coolermaster

The crashes are very erratic, sometimes happening at the login and other times happening after the computer has been in use for several hours. The BSODs increased in frequency in the last several days. I have attached the TSF file as requested. If you need any more information, I would be more than happy to provide it if I know it.

Thanks!

A:BSOD Analysis Please

Hi -

The bugchecks on 24 of the 25 kernel dump files indicate hardware failure of unknown origin.

0x124 = WHEA = Windows Hardware Error Architecture

Info on 0x124 bugchecks --> http://www.sevenforums.com/crash-loc...-what-try.html

Regards. . .

jcgriff2

.
BSOD BUGCHECK SUMMARY

Code:

Built by: 7600.16481.x86fre.win7_gdr.091207-1941
Debug session time: Thu Apr 8 03:06:10.974 2010 (GMT-4)
System Uptime: 0 days 1:00:20.958
BUGCHECK_STR: 0x124_GenuineIntel
PROCESS_NAME: System
??????????????????????????????????????????????????????????????????????????????????????
Built by: 7600.16481.x86fre.win7_gdr.091207-1941
Debug session time: Thu Apr 8 02:06:04.078 2010 (GMT-4)
System Uptime: 0 days 0:00:14.062
BugCheck 124, {0, 85d528fc, 0, 0}
Probably caused by : hardware
BUGCHECK_STR: 0x124_GenuineIntel
PROCESS_NAME: System
??????????????????????????????????????????????????????????????????????????????????????
Built by: 7600.16481.x86fre.win7_gdr.091207-1941
Debug session time: Thu Apr 8 01:08:26.234 2010 (GMT-4)
System Uptime: 0 days 0:03:45.234
BUGCHECK_STR: 0x124_GenuineIntel
PROCESS_NAME: avguard.exe
??????????????????????????????????????????????????????????????????????????????????????
Built by: 7600.16481.x86fre.win7_gdr.091207-1941
Debug session time: Thu Apr 8 01:02:32.416 2010 (GMT-4)
System Uptime: 0 days 1:31:56.416
BUGCHECK_STR: 0x124_GenuineIntel
PROCESS_NAME: firefox.exe
??????????????????????????????????????????????????????????????????????????????????????
Built by: 7600.16481.x86fre.win7_gdr.091207-1941
Debug session time: Wed Apr 7 23:29:16.250 2010 (GMT-4)
System Uptime: 0 days 0:43:17.250
BUGCHECK_STR: 0x124_GenuineIntel
PROCESS_NAME: PrintIsolation
??????????????????????????????????????????????????????????????????????????????????????
Built by: 7600.16481.x86fre.win7_gdr.091207-1941
Debug session time: Wed Apr 7 22:45:18.137 2010 (GMT-4)
System Uptime: 0 days 2:28:45.137
BUGCHECK_STR: 0x124_GenuineIntel
PROCESS_NAME: System
??????????????????????????????????????????????????????????????????????????????????????
Built by: 7600.16481.x86fre.win7_gdr.091207-1941
Debug session time: Wed Apr 7 19:45:53.608 2010 (GMT-4)
System Uptime: 0 days 0:21:20.608
BUGCHECK_STR: 0x124_GenuineIntel
PROCESS_NAME: mozybackup.exe
??????????????????????????????????????????????????????????????????????????????????????
Built by: 7600.16481.x86fre.win7_gdr.091207-1941
Debug session time: Wed Apr 7 19:24:47.812 2010 (GMT-4)
System Uptime: 0 days 0:00:14.812
BugCheck 124, {0, 85e2d4dc, 0, 0}
Probably caused by : hardware
BUGCHECK_STR: 0x124_GenuineIntel
PROCESS_NAME: System
??????????????????????????????????????????????????????????????????????????????????????
Built by: 7600.16481.x86fre.win7_gdr.091207-1941
Debug session time: Wed Apr 7 16:20:36.828 2010 (GMT-4)
System Uptime: 0 days 0:07:13.843
BUGCHECK_STR: 0x124_GenuineIntel
PROCESS_NAME: firefox.exe
??????????????????????????????????????????????????????????????????????????????????????
Built by: 7600.16481.x86fre.win7_gdr.091207-1941
Debug session time: Wed Apr 7 16:12:02.513 2010 (GMT-4)
System Uptime: 0 days 0:14:51.529
BUGCHECK_STR: 0x124_GenuineIntel
PROCESS_NAME: chrome.exe
??????????????????????????????????????????????????????????????????????????????????????
Built by: 7600.16481.x86fre.win7_gdr.091207-1941
Debug session time: Wed Apr 7 15:16:34.172 2010 (GMT-4)
System Uptime: 0 days 0:25:52.172
BUGCHECK_STR: 0x124_GenuineIntel
PROCESS_NAME: dwm.exe
??????????????????????????????????????????????????????????????????????????????????????
Built by: 7600.16481.x86fre.win7_gdr.091207-1941
Debug session time: Wed Apr 7 14:08:47.555 2010 (GMT-4)
System Uptime: 0 days 1:00:28.555
BUGCHECK_STR: 0x124_GenuineIntel
PROCESS_NAME: chrome.exe
??????????????????????????????????????????????????????????????????????????????????????
Built by: 7600.16481.x86fre.win7_gdr.0912... Read more

http://www.techsupportforum.com/forums/f299/bsod-analysis-please-474710.html
Relevancy 47.3%

Hello I hope this post is in proper place form I Analysis BSOD have been experiencing some BSOD recently I originally thought that these were related to a game I was playing on Vista Darksiders as I would only get crashed while playing that game BSOD Analysis Since then however I noticed at least one crash while NOT playing that game Since my system had been around about a year I decided to reformat and install Windows Since BSOD Analysis then the crashes have continued Most concerning is that they have recently been happening while doing nothing particularly taxing on the system The last couple of times I have simply had my web browsers open a word document for homework and a livestream in a web page going I have followed a guide to using the Windows debugging tools to analyze BSOD Analysis my memory dump which I have pasted below in the spoiler My system specs are as follows Windows Enterprise Intel Core i overclocked since installation to GHz GB DDR memory also overclocked to rated speeds for the memory due to system overclock Radeon x I reformatted and reinstalled this system approximately week ago at which time all drivers were current My overclock has been in place since I built this system over a year ago with no problems appearing until the last month Of possible note for streaming purposes I installed Virtual Audio Cable which has an unsigned driver Because of this my windows is running with test driver mode enabled However the initial problems with crashes during the game in Vista occurred prior to installation of VAC not sure if the first crashes in the game are related to my current crashing issues Any insight or suggestions would be welcome Spoiler Use analyze -v to get detailed debugging information BugCheck D fffffa e Probably caused by CLASSPNP SYS CLASSPNP TransferPktComplete Followup MachineOwner --------- kd gt analyze -v Bugcheck Analysis DRIVER IRQL NOT LESS OR EQUAL d An attempt was made to access a pageable or completely invalid address at an interrupt request level IRQL that is too high This is usually caused by drivers using improper addresses If kernel debugger is available get stack backtrace Arguments Arg memory referenced Arg IRQL Arg value read operation write operation Arg fffffa e address which referenced memory Debugging Details ------------------ WORKER ROUTINE WORK ITEM fffffa e CURRENT IRQL DEFAULT BUCKET ID VISTA DRIVER FAULT BUGCHECK STR xD PROCESS NAME plugin-contain TRAP FRAME fffff f e -- trap xfffff f e NOTE The trap frame does not contain all registers Some register values may be zeroed or incorrect rax rbx rcx rdx ac d rsi rdi rip fffffa e rsp fffff f rbp r a ccda r r r r r r r iopl nv up ei ng nz na po nc fffffa e add byte ptr rax al ds ed Resetting default scope LAST CONTROL TRANSFER from fffff cd e to fffff cd c STACK TEXT fffff f fffff cd e a nt KeBugCheckEx fffff f a fffff cd e fffffa e fffff f nt KiBugCheckDispatch x fffff f e fffffa e fffff f fffff cddd fffffa c nt KiPageFault x fffff f fffff f fffff cddd fffffa c xfffffa e fffff f fffff cddd fffffa c xfffff f fffff f fffff fffffa fffffa fffffa a nt KeSetEvent x fffff f f fffff cdd fffffa f edb fffffa c fffffa f c Ntfs NtfsMasterIrpSyncCompletionRoutine x fffff f fffff dc fffffa a ffffffff nt IopfCompleteRequest x fffff f a fffff cdd fffff a f fffffa d d fffffa b bb CLASSPNP TransferPktComplete x fffff f a fffff db ef fffffa nt IopfCompleteRequest x fffff f b fffff e fbd fffffa c fffff f ac b fffffa d fffffa ataport IdepFreeCrb x b fffff f bb fffff cc c fffffa d fffffa d b nt ExFreePoolWithTag x d fffff f c fffff cdd fffffa a nt IopUnloadSafeCompletion x fffff f ca fffffa e a a fffffa f fffff ce nt IopfCompleteRequest x fffff f d fffffa e a a fffffa f fffff ce fffffa ed x STACK COMMAND kb FOLLOWUP IP CLASSPNP TransferPktComplete fffff dc d e lea rbx rsi h SYMBOL STACK INDEX SYMBOL NAME CLASSPNP TransferPktComplete FOLLOWUP NAME MachineOwner MODULE NAME CLASSPNP IMAGE NAME CLASSPNP SYS DEBUG FLR IMAGE TIMESTAMP ce b FAILURE BUC... Read more

A:BSOD Analysis

We need to know more about your BSODs...Download BlueScreenView (in Zip file)No installation required.Unzip downloaded file and double click on BlueScreenView.exe file to run the program and When scanning is done, go to Edit > Select All.Then go to File > Save Selected Items, and save the report as BSOD.txt.Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.Compliments of Broni

http://www.bleepingcomputer.com/forums/t/420305/bsod-analysis/
Relevancy 47.3%

Original Thread

http://www.techsupportforum.com/foru...zz-613646.html

------------------------------------------------------------------------
1. Attachment of ZIP file


? OS - Windows 7 Ultimate
? x64

? Is the OS an OEM version (came pre-installed on system) or full retail version (YOU purchased it from retailer)? N/A

? Age of system (hardware) - Almost a year
? Age of OS installation - have you re-installed the OS? - Almost a year / No

? CPU - Intel Core i5 650
? Video Card - ATI Radeon HD 5670
? MotherBoard - Gigabyte Technology p55A-UD3
? Power Supply - Corsair 550W

? System Manufacturer - Microsoft

http://www.techsupportforum.com/forums/f299/bsod-analysis-614936.html
Relevancy 47.3%

me get this weird BSOD that a dont knew what to do so plz help me

A:BSoD Analysis help plz

Hi,

The file referenced in your screenshot (BdfNdisf6.sys) relates to the BitDefender firewall (see below screenshot).



I once had some BSODs like this and all I did was to let BitDefender update itself upon the next bootup and the problem went away. It could be the case that the file somehow got corrupted, or it otherwise caused problems with your particular hardware/software configuration.

Hope this helps.


Regards,

Jon.

http://www.techsupportforum.com/forums/f299/bsod-analysis-help-plz-474856.html
Relevancy 47.3%

OS - Windows 7
? x86 (32-bit)
? What was original installed OS on system? Windows Vista
? Is the OS an OEM version (came pre-installed on system) or full retail version (YOU purchased it from retailer)? I'm pretty sure it's an OEM but I'm not sure this is full retail because my brother gave me the setup dvd. So, I don't know.
? Age of system (hardware) About 3-4 years?
? Age of OS installation - have you re-installed the OS? 4 days.

[How do I know these info? Sorry, I'm noob when it come to these things!]
? CPU
? Video Card
? MotherBoard
? Power Supply - brand & wattage

? System Manufacturer SONY
? Exact model number (if laptop, check label on bottom) VGN-SZ56GN

A:BSoD analysis please! :D

Hello,

Try installing updated Intel graphics drivers: http://downloadcenter.intel.com/Deta...adType=Drivers
Code:
igdkmd32.sys Fri Mar 30 14:57:35 2007 (460D5D9F)
...Summary of the dumps:

Code:

Built by: 7600.16792.x86fre.win7_gdr.110408-1633
Debug session time: Fri Jul 1 10:57:23.346 2011 (UTC - 4:00)
System Uptime: 0 days 0:41:55.156
*** WARNING: Unable to verify timestamp for igdkmd32.sys
*** ERROR: Module load completed but symbols could not be loaded for igdkmd32.sys
*** WARNING: Unable to verify timestamp for dxgkrnl.sys
*** ERROR: Module load completed but symbols could not be loaded for dxgkrnl.sys
BUGCHECK_STR: 0x19_20
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: System
FAILURE_BUCKET_ID: 0x19_20_igdkmd32+24f7e
BiosReleaseDate = 07/12/2007
SystemProductName = VGN-SZ56GN_B
??????????????????????????????????????????????????????????????????????????????????????``

http://www.techsupportforum.com/forums/f299/bsod-analysis-please-d-584316.html
Relevancy 47.3%

Hi Having problems with my PC randomly - BSOD Please Analysis help! BSODDING Can anyone shed any light on whats BSOD Analysis - Please help! causing it from the below please Microsoft reg Windows Debugger Version AMD Copyright copy Microsoft Corporation All rights reserved Loading Dump File C Windows Minidump - - dmp Mini Kernel Dump File Only registers BSOD Analysis - Please help! and stack trace are available Symbol Path validation summary Response Time ms Location Deferred SRV c symbols http msdl microsoft com download symbols Symbol search path is SRV BSOD Analysis - Please help! c symbols http msdl microsoft com download symbols Executable search path is Windows Kernel Version Service Pack MP procs Free x Product WinNt suite TerminalServer SingleUserTS Built by amd fre win sp gdr - Machine Name Kernel base xfffff a PsLoadedModuleList xfffff d Debug session time Wed Oct UTC System Uptime days Loading Kernel Symbols Press ctrl-c cdb kd ntsd or ctrl-break windbg to abort symbol loads that take too long Run sym noisy before reload to track down problems loading symbols Loading User Symbols Mini Kernel Dump does not contain unloaded driver list Bugcheck Analysis Use analyze -v to get detailed debugging information BugCheck fffffa d Probably caused by AuthenticAMD Followup MachineOwner --------- kd gt analyze -v Bugcheck Analysis WHEA UNCORRECTABLE ERROR A fatal hardware error has occurred Parameter identifies the type of error source that reported the error Parameter holds the address of the WHEA ERROR RECORD structure that describes the error conditon Arguments Arg Machine Check Exception Arg fffffa d Address of the WHEA ERROR RECORD structure Arg High order -bits of the MCi STATUS value Arg Low order -bits of the MCi STATUS value Debugging Details ------------------ BUGCHECK STR x AuthenticAMD CUSTOMER CRASH COUNT DEFAULT BUCKET ID WIN DRIVER FAULT PROCESS NAME System CURRENT IRQL ANALYSIS VERSION debuggers dbg - amd fre STACK TEXT fffff f f fffff acb fffffa d fffffa a c fffffa nt WheapCreateLiveTriageDump x c fffff fc fffff fbea fffffa d fffff d fffffa a c nt WheapCreateTriageDumpFromPreviousSession x fffff fc fffff fffff d d fffffa c fffffa a c nt WheapProcessWorkQueueItem x fffff fc fffff d fffff cfe fffff fffffa a c nt WheapWorkQueueWorkerRoutine x fffff fcb fffff b a fffffa a c fffffa acb nt ExpWorkerThread x fffff fd fffff c e fffff fffffa a c fffff nt PspSystemThreadStartup x a fffff fd fffff fffff a fffff fe nt KxStartSystemThread x STACK COMMAND kb FOLLOWUP NAME MachineOwner MODULE NAME AuthenticAMD IMAGE NAME AuthenticAMD DEBUG FLR IMAGE TIMESTAMP IMAGE VERSION FAILURE BUCKET ID X x AuthenticAMD PROCESSOR CACHE PRV BUCKET ID X x AuthenticAMD PROCESSOR CACHE PRV ANALYSIS SOURCE KM FAILURE ID HASH STRING km x x authenticamd processor cache prv FAILURE ID HASH ad b - c - f -d fb- eb cb Followup MachineOwner --------- kd gt analyze -v Bugcheck Analysis WHEA UNCORRECTABLE ERROR A fatal hardware error has occurred Parameter identifies the type of error source that reported the error Parameter holds the address of the WHEA ERROR RECORD structure that describes the error conditon Arguments Arg Machine Check Exception Arg fffffa d Address of the WHEA ERROR RECORD structure Arg High order -bits of the MCi STATUS value Arg Low order -bits of the MCi STATUS value Debugging Details ------------------ BUGCHECK STR x AuthenticAMD CUSTOMER CRASH COUNT DEFAULT BUCKET ID WIN DRIVER FAULT PROCESS NAME System CURRENT IRQL ANALYSIS VERSION debuggers dbg - amd fre STACK TEXT fffff f f fffff acb fffffa d fffffa a c fffffa nt WheapCreateLiveTriageDump x c fffff fc fffff fbea fffffa d fffff d fffffa a c nt WheapCreateTriageDumpFromPreviousSession x fffff fc fffff fffff d d fffffa c fffffa a c nt WheapProcessWorkQueueItem x fffff fc fffff d fffff cfe fffff fffffa a c nt WheapWorkQueueWorkerRoutine x fffff fcb fffff b a fffffa a c fffffa acb nt ExpWorkerThread x fffff fd fffff c e fffff fffffa a c fffff nt PspSystemThread... Read more

A:BSOD Analysis - Please help!

Download BlueScreenView:
http://www.nirsoft.net/utils/blue_screen_view.htmlu
nzip downloaded file and double click on BlueScreenView.exe to run the program.
when scanning is done, go to EDIT - Select AllGo
 to FILE - SAVE Selected Items, and save the report as BSOD.txt
Open BSOD.txt in Notepad, copy all of the content, and paste it into your next reply

http://www.bleepingcomputer.com/forums/t/551315/bsod-analysis-please-help/
Relevancy 47.3%

Hi I hope i am doing this right, have attached the 2 zipped files.BS happened whilst at idle, 5 mins after playing games.
Only piece of hardware changed is a new ATi 6950 graphics card. Had no previous Blue screens.

Thank you in advance for any help.

OS win 7 ultimate oem, CPU Q6600, (not overclocked)
MB Abit IP35 pro.
OCZ Plat 4X1 gb PC2-6400C4 memory
ATI 6950 2gb memory

A:BSOD analysis?

  
Quote: Originally Posted by sychnant


Hi I hope i am doing this right, have attached the 2 zipped files.BS happened whilst at idle, 5 mins after playing games.
Only piece of hardware changed is a new ATi 6950 graphics card. Had no previous Blue screens.

Thank you in advance for any help.

OS win 7 ultimate oem, CPU Q6600, (not overclocked)
MB Abit IP35 pro.
OCZ Plat 4X1 gb PC2-6400C4 memory
ATI 6950 2gb memory



Hi Sychnant and welcome

Your crashing problem seems to to be ongoing for almost 2 years. The most recent ones are related to your video driver.

I would do the following:

1-re-install the video driver using this method.

When upgrading your graphic driver you MUST remove all traces of the current driver. In order to do that we recommend using Phyxion.net - Driver Sweeper

When it is removed then download and install the fresh copy.

2-Update all the old drivers listed below


Code:
uGuru.sys 9/20/2006 4:06:44 AM fffff880`02dae000 fffff880`02db2000 0x00004000 0x4510f694
pcouffin.sys 12/5/2006 10:39:30 AM fffff880`040df000 fffff880`040f3380 0x00014380 0x457584a2
jraid.sys 5/24/2007 6:30:02 AM fffff880`00dd6000 fffff880`00dec000 0x00016000 0x4655692a
AnyDVD.sys 8/3/2007 7:41:55 PM fffff880`043dd000 fffff880`043fb000 0x0001e000 0x46b3bd43
ElbyCDIO.sys 8/3/2007 7:44:47 PM fffff880`0415c000 fffff880`04166000 0x0000a000 0x46b3bdef
How To Find Drivers:




Quote:
- search Google for the name of the driver
- compare the Google results with what's installed on your system to figure out which device/program it belongs to
- visit the web site of the manufacturer of the hardware/program to get the latest drivers (DON'T use Windows Update or the Update driver function of Device Manager).
- if there are difficulties in locating them, post back with questions and someone will try and help you locate the appropriate program.


- - The most common drivers are listed on this page: Driver Reference Driver Reference
- - Driver manufacturer links are on this page: Drivers and Downloads
3-Run memtest to verify your memory.

Download a copy of Memtest86 and burn the ISO to a CD using Iso Recorder or another ISO burning program.

Boot from the CD, and leave it running for at least 5 or 6 passes.

Just remember, any time Memtest reports errors, it can be either bad RAM or a bad motherboard slot.

Test the sticks individually, and if you find a good one, test it in all slots.

http://www.sevenforums.com/bsod-help-support/171985-bsod-analysis.html
Relevancy 47.3%

Hello all,
I was playing a PC game for a few hours when i got a BSOD.

Please I could use some help in determining what caused it and hopefully stopping any future occurences of it.

Thank you.

A:Please help with BSOD analysis

  
Quote: Originally Posted by regB


Hello all,
I was playing a PC game for a few hours when i got a BSOD.

Please I could use some help in determining what caused it and hopefully stopping any future occurences of it.

Thank you.


This one was probably caused by your hidclass.sys driver. That is a win 7 USB device driver. It should be able to be repaired by running a system file check
to do that type cmd in search>right click and run as admin>sfc /scannow

Let us know the results
ken


Code:
Built by: 7600.16539.amd64fre.win7_gdr.100226-1909
Debug session time: Sun Jun 13 16:13:22.472 2010 (GMT-4)
System Uptime: 0 days 2:13:12.425
BugCheck D1, {75805e44, 2, 8, fffff88006bf0957}
Probably caused by : HIDCLASS.SYS ( HIDCLASS!WppAutoLogTrace+83 )
BUGCHECK_STR: 0xD1
PROCESS_NAME: System

http://www.sevenforums.com/bsod-help-support/91180-please-help-bsod-analysis.html
Relevancy 47.3%

i seam to be getting a bosd when heavy internet use have tryed a diffent lan card but still same problem was thinking its the motherboard as i have had 10 or 12 bosd's in the last few months. any help would be great im runing the 64bit ver of windows 7
many thanks

A:Please can any one help BSOD analysis

  
Quote: Originally Posted by martin26e


i seam to be getting a bosd when heavy internet use have tryed a diffent lan card but still same problem was thinking its the motherboard as i have had 10 or 12 bosd's in the last few months. any help would be great im runing the 64bit ver of windows 7
many thanks


Martin

Minidumps are not "exe" files. I have no intention oef opening an unknown executible. If this is a true dmp it should heve a *.DMP extension
Ken

EDIT: EVEN WHEN CHANGING THE EXTENSION IT IS STILL CORRUPT

http://www.sevenforums.com/bsod-help-support/91696-please-can-any-one-help-bsod-analysis.html
Relevancy 47.3%

Hi I recently got BSOD Analysis an Intel series GB SSD and tried to install Windows Ultimate x Something is not right because the computer starts extremely slow and locks up frequently just using internet explorer I tried installing the same copy of Windows on a normal BSOD Analysis HDD and it was fine I am pretty sure the issue has to do with the SSD I know you are supposed to put motherboards into AHCI mode for SSDs but the MSI P N Platinum is years old and does not BSOD Analysis have BSOD Analysis this issue I am really not sure what to do at this point - I am hoping for help in determining if the issue is with the SSD hardware itself or some sort of issue with it interacting with the older mobo For reference I removed the SATA connector for my HDD when installing Windows on the SSD Please let me know if there is anything more you need me to do Thank you in advance for your time OS - Windows x What was original installed OS on system Windows XP was previously installed on Western Digital GB HDD The SSD and Windows are both new Is the OS an OEM version came pre-installed on system or full retail version YOU purchased it from retailer Full Retail version Age of system hardware See below Age of OS installation - have you re-installed the OS Just installed this week CPU - Intel Core Duo E years old Video Card - PNY Nvidia GT yo MotherBoard - MSI P N Platinum SLI yo Power Supply - brand amp wattage - Not sure on Brand came with case - W System Manufacturer - N A home build

A:BSOD Analysis

Hi -

There are no BSOD memory dumps to analyze.

Dozens of Event Viewer log entries -


Code:
Event[738]:
Log Name: System
Source: nvstor
Date: 2012-04-13T12:45:53.521
Description:
Reset to device, \Device\RaidPort0, was issued.
nvstor = NVIDIA Storage driver - http://sysnative.com/drivers/driver.php?id=nvstor.sys


Code:
Event[741]:
Log Name: System
Source: Microsoft-Windows-Kernel-Processor-Power
Date: 2012-04-13T12:44:35.146
Level: Error
Description:
Some processor performance power management features have been disabled due
to a known firmware problem. Check with the computer manufacturer for updated firmware.

An early crash during / following W7 installation lists a Microsoft legacy PS/2 keyboard driver. I'm not sure in what context though -

Code:
Event[128]:
Log Name: Application
Source: Windows Error Reporting
Date: 2012-04-13T10:02:56.000
Description:
Fault bucket , type 0
Event Name: PnPDeviceProblemCode
Response: Not available
Cab Id: 0
Problem signature:
P1: x64
P2: ACPI\PNP0F03
P3: {4d36e96f-e325-11ce-bfc1-08002be10318}
P4: 00000018
P5: i8042prt.sys
P6: 6.1.7600.16385
P7: 07-13-2009
P8:
P9:
P10:
Attached files:
C:\Windows\Temp\DMIF4B.tmp.log.xml
C:\Windows\Temp\LOGF5C.tmp
C:\Windows\inf\msmouse.inf
http://sysnative.com/drivers/driver.php?id=i8042prt.sys

I can't say whether it is the SSD or not. Try a SATA drive - install W7.

Going from XP 32-bit to Windows 7 x64 in and of itself presents huge hurdles - namely drivers.

Did the system ever run an x64 OS successfully?

Regards. . .

jcgriff2

`

http://www.techsupportforum.com/forums/f299/bsod-analysis-640545.html
Relevancy 47.3%

Windows 7 is
- x86 (32-bit)
- not original installation, it is windows 7 ultimate
- full retail version

- Not sure age of software bought comp last year January
- OS installation just recently to clean it up.

need all the help i can get wasnt going to worry about it but its getting on me nerves now.
Anything else you need for anylsis please let me know.
Thanks Mike

A:BSOD Analysis

As it seems, all 50! crashes are
Code:
DRIVER_POWER_STATE_FAILURE (9f)
and all are blamed on
Code:
hpdskflt.sys Fri May 13 14:47:26 2011 (4DCD7CBE)
a HP driver that should prevent damage to your harddrive in case you drop your laptop/notebook. check here if your notebook is even supported: HP Compaq nc6400 Notebook PC*-* HP 3D DriveGuard - HP Business Support Center

You could try to update the driver from there or uninstall it altogether. Obviously your harddisk doesn't like to be parked every few seconds. What program that monitors/interacts frequently with the harddisk did you install at 07/22 or whenever this series of BSODs started?
-DG

Code:
Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\David\Desktop\Mike092\072411-44585-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7600 MP (8 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16792.x86fre.win7_gdr.110408-1633
Machine Name:
Kernel base = 0x82e43000 PsLoadedModuleList = 0x82f8b810
Debug session time: Sun Jul 24 08:01:24.522 2011 (GMT-4)
System Uptime: 0 days 0:19:03.615
Loading Kernel Symbols
...............................................................
................................................................
..........................................
Loading User Symbols
Loading unloaded module list
.......
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 9F, {4, 258, 855b39a8, 82f69b24}

*** WARNING: Unable to verify timestamp for hpdskflt.sys
*** ERROR: Module load completed but symbols could not be loaded for hpdskflt.sys
Probably caused by : hpdskflt.sys ( hpdskflt+25ff )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_POWER_STATE_FAILURE (9f)
A driver is causing an inconsistent power state.
Arguments:
Arg1: 00000004, The power transition timed out waiting to synchronize with the Pnp
subsystem.
Arg2: 00000258, Timeout in seconds.
Arg3: 855b39a8, The thread currently holding on to the Pnp lock.
Arg4: 82f69b24

Debugging Details:
------------------
DRVPOWERSTATE_SUBCODE: 4

FAULTING_THREAD: 855b39a8

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

BUGCHECK_STR: 0x9F

PROCESS_NAME: System

CURRENT_IRQL: 2

LOCK_ADDRESS: 82fa8f60 -- (!locks 82fa8f60)

Resource @ nt!PiEngineLock (0x82fa8f60) Available

WARNING: SystemResourcesList->Flink chain invalid. Resource may be corrupted, or already deleted.
WARNING: SystemResourcesList->Blink chain invalid. Resource may be corrupted, or already deleted.

1 total locks

PNP_TRIAGE:
Lock address : 0x82fa8f60
Thread Count : 0
Thread address: 0x00000000
Thread wait : 0x0

LAST_CONTROL_TRANSFER: from 82eb1c25 to 82eaaaa6

STACK_TEXT:
8d6536c0 82eb1c25 855b39a8 00000000 8d536120 nt!KiSwapContext+0x26
8d6536f8 82eb0523 855b3a68 855b39a8 893eaaa8 nt!KiSwapThread+0x266
8d653720 82eaa40f 855b39a8 855b3a68 00000000 nt!KiCommitThreadWait+0x1df
8... Read more

http://www.sevenforums.com/bsod-help-support/177738-bsod-analysis.html
Relevancy 47.3%

? OS: Windows 7 x64 full retail version
? Age of system: 2010
? Age of OS installation: 1 week

? CPU: AMD Phenom II x6 1075T
? Video Card: XFX HD-485X-ZDFC Radeon HD 4850
? MotherBoard: ASRock A785GXH/128M
? Power Supply: CORSAIR TX Series CMPSU-650TX 650W
? System Manufacturer: Self built

A:BSOD Analysis Help

You have an acer/Gateway/Packard installation attached to a system that is built by neither of those vendors.

I am afraid your installation may not be genuine. If you believe that I am in error in my analysis, please let me know. However, if you do have a pirated copy of Windows, know that our troubleshooting steps may not have any effect on the pirated operating system, so we may be wasting your time by proceeding.

Non-Genuine Windows contains security leaks and also cannot be properly updated which may result in instabilities and blue screen crashes. If you were not aware that your Windows was Non-Genuine, contact your seller or the company that provided the seller and file a complaint. Also let Microsoft know of the problem: Protect Yourself from Piracy

If you do have a pirated copy of Windows, I am sorry, but due to forum rules, we may not assist you further until you have installed a genuine version of Windows. To put the genuine Windows on, I strongly suggest you backup any important data, format your hard disk, and reinstall Windows 7 to make sure all remnants are removed of the software that you used to make Windows work before. If you do not clean re-install, you may be left with a compromised system and your identity, bank accounts, credit card information, etc. may continue to be at risk as they are now. Once you install a genuine version:Please download and run the MGADiag tool. When it finishes, hit the copy button, and paste in your next post with [code]<MGADiag info>[/code] surrounding the MGADiag info.

-----

http://www.techsupportforum.com/forums/f299/bsod-analysis-help-691121.html
Relevancy 47.3%

If possible can someone please diagnose these dump files.

Thanks Very much

A:BSOD analysis

Crashes caused by:athr.sys Wed Mar 19 18:56:18 2008 (47E1B632)
Atheros Extensible Wireless LAN driver for CB42/CB43/MB42/MB43 Network Adapter - D-Link AirPlus DWL-G520 Wireless PCI Adapter(rev.B) discontinued 2008
http://www.carrona.org/drivers/driver.php?id=athr.sys
If you need further assistance, please follow the http://www.techsupportforum.com/foru...ta-452654.html to provide us with the full crash reports and more information about your system.

-----

http://www.techsupportforum.com/forums/f299/bsod-analysis-680387.html
Relevancy 46.87%

Hi everyone.
I have been using Windows 7 for a long time now, and recently I am facing BSOD.
I had an old 160 GB IDE HDD on my system, which was out of order, so I replaced it with a new 500 GB SATA one. Then I installed Windows 7 on the new HDD, but since then I am getting BSOD.

I have had 6 BSODs in the las t 8 hours.
I wonder if anyone could help me to find the cause of the problem.
I have attched two of the minidump files.
------------------
And I have a suggesstion:
If anyone could write a post describing how to analyze minidump files and made it sticky, it would help many users.

Thanks in advance.

A:BSOD + MiniDump - Please help on analysis

Hi guy,
use this small program, I hope that it can be useful!

BlueScreenView

http://www.sevenforums.com/bsod-help-support/91345-bsod-minidump-please-help-analysis.html
Relevancy 46.87%

I'm running desktop Windows XP Pro SP The PC has always had probs w the IE and Firefox browsers closing with BSOD, Dozens different analysis of However if I don't turn off the PC the probs did stop after a week I had maybe a couple BSODs which pointed to the graphics driver which I uninstalled and then reinstalled and updated I had Dozens of BSOD, with different analysis to turn my PC off Dozens of BSOD, with different analysis a few weeks ago And since then the probs have gone thru the roof I have dozens of BSODs all pointing to different reasons The browser windows close ALL the time I've performed the Memtest and no errors I've updated the drivers I even uninstalled the graphics card and the errors did not change They do however seem to be less frequent if I log in as an Administrator in Safe Mode The hardware I have installed is listed below CPU Phenom X RAM of Centon MB PC DDR MHz Memory Graphics Galaxy GFE HDFEXN GeForce GS Video Card - MB GDDR PCI Express x Mobo XFX nForce a SLI Motherboard

http://www.techsupportforum.com/forums/f10/dozens-of-bsod-with-different-analysis-527906.html
Relevancy 46.87%

Hello
I have been researching this issue with not much luck. I have updated all drivers and the OS itself. Want some experts to give a look--
Thanks

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7600.2.0.0.256.48
Locale ID: 1033

Additional information about the problem:
BCCode: c5
BCP1: 0000000300000009
BCP2: 0000000000000002
BCP3: 0000000000000000
BCP4: FFFFF80002FB2000
OS Version: 6_1_7600
Service Pack: 0_0
Product: 256_1

Files that help describe the problem:
C:\Windows\Minidump\122309-25100-01.dmp
C:\Users\Andy\AppData\Local\Temp\WER-28906-0.sysdata.xml

Attached Minidump

A:BSOD-Maybe USB devices-need analysis

That is actually a dump he posted ^^^ without the txt filext

Bugcheck 0xC5 Driver_Corrupted_Expool

Looks like a driver issue

Run system file check to verify your system files
type cmd in search, right click run as admin, type SFC /SCANOW

If you have any more dumps please post them as well, should make it easier to pinpoint your issue

You could also try driver verifier to track down the rogue driver

http://www.sevenforums.com/bsod-help-support/49016-bsod-maybe-usb-devices-need-analysis.html
Relevancy 46.87%

Windows 7 64-bit Professional SP1 updated as of 02/12/2012
Intel i7-2600
MSI Z68 GD-80 G3 mobo
BIOS V18.7 (MS-7672)
16 GB G. Skill memory F3-12800CL9-4GBRL
Intel 320 160GB SSD (SSDSA2CW160G3)
hdd:SEAGATE ST32000542AS SATA
hdd:WESTERN DIGITAL WDC WD1001FALS-00E8B0 SATA
hdd:WESTERN DIGITAL WD15EADS-00RGB0 SATA
ATAPI iHES112 3 BD-ROM
PLDS-DVD+RW DRIVE
(2) Acer P236H monitors into integrated graphics
No other video card installed
Seasonic X650 PSU
Corsair 500R case



This is the first OS on this homebuilt system I put together from all new parts (December 2011) excepting the SSD/all HDD/both PLDS-ROM drives and both monitors.
OS is from retail upgrade disc and installed December 2011. Reinstalled from System Image Feb. 11, 2012.

A:BSOD BCCode 9f need analysis-thanks.

Sorry, meant to add these attachments.

http://www.techsupportforum.com/forums/f299/bsod-bccode-9f-need-analysis-thanks-630015.html
Relevancy 46.87%

Windows 7 Home Premium(32-bit) Retail
HP A6460T (2 years old)
Core2Duo E8200
2 GB RAM
OS install 3 weeks ago

Could not generate System Health Report (Path not found when the viewer opens)

A:Daily BSOD for Analysis please

First dump blames a file called xcbdaV.sys - I can find no real information on this file.


Code:
MODULE_NAME: xcbdaV

FAULTING_MODULE: 82a50000 nt

DEBUG_FLR_IMAGE_TIMESTAMP: 48ce1569

DRVPOWERSTATE_SUBCODE: 4

FAULTING_THREAD: 848ca020

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

BUGCHECK_STR: 0x9F

CURRENT_IRQL: 0

LAST_CONTROL_TRANSFER: from 82abd523 to 82ab7aa6

STACK_TEXT:
WARNING: Stack unwind information not available. Following frames may be wrong.
8ad2b998 82abd523 848ca0e0 848ca020 865ec0c0 nt+0x67aa6
8ad2b9c0 82ab740f 848ca020 848ca0e0 00000000 nt+0x6d523
8ad2ba3c 901ad80d 865ec0c0 00000000 00000000 nt+0x6740f
8ad2ba68 901accf8 865ec000 865ec0c0 00000000 xcbdaV+0x1080d
8ad2ba80 901ad1d5 865ec000 00000000 00000000 xcbdaV+0xfcf8
8ad2bab8 9019df29 864e17b0 864e17b0 8ad2bad8 xcbdaV+0x101d5
8ad2bac8 9019d81e 864e17b0 864e1d78 8ad2baf8 xcbdaV+0xf29
8ad2bad8 901da379 864e1de4 84cce250 84cce308 xcbdaV+0x81e
8ad2baf8 82a8c4ac 864a1220 84cce250 8ad2bb94 ks+0x16379
8ad2bb10 82c2cf01 8553fb60 848796b8 8553fb60 nt+0x3c4ac
8ad2bb40 82c03b53 8553fb60 00000000 848796b8 nt+0x1dcf01
8ad2bb98 82d0efba 8553fb60 00000017 848796b8 nt+0x1b3b53
8ad2bbc0 82c0395b a9bd1308 00000000 8ad2bc04 nt+0x2befba
8ad2bbd0 82c038cd 00000003 00000000 00000000 nt+0x1b395b
8ad2bc04 82c02e8c 8553fb60 a9bd1308 00000003 nt+0x1b38cd
8ad2bcc4 82c05226 8ad2bcf4 00000000 aa8b3ef0 nt+0x1b2e8c
8ad2bcdc 82c06d6e 00000000 87df7ef8 848ca020 nt+0x1b5226
8ad2bd00 82abe03b 87df7ef8 00000000 848ca020 nt+0x1b6d6e
8ad2bd50 82c5e9df 00000001 af8d3b17 00000000 nt+0x6e03b
8ad2bd90 82b101d9 82abdf2e 00000001 00000000 nt+0x20e9df
00000000 00000000 00000000 00000000 00000000 nt+0xc01d9
STACK_COMMAND: .thread 0xffffffff848ca020 ; kb

FOLLOWUP_IP:
xcbdaV+1080d
901ad80d ?? ???

SYMBOL_STACK_INDEX: 3

SYMBOL_NAME: xcbdaV+1080d

FOLLOWUP_NAME: MachineOwner

IMAGE_NAME: xcbdaV.sys

BUCKET_ID: WRONG_SYMBOLS

Followup: MachineOwner
Give me a few minutes here you have a lot of dump files to look at, I'll edit this post in a bit.

Okay all the crash dumps blame the same file, give me a little time here to find some information on it so we can continue. Driver dump follows for reference :

Code:
80bc0000 80bc8000 kdcom kdcom.dll Mon Jul 13 20:08:58 2009 (4A5BDAAA)
82400000 82401700 USBD USBD.SYS Mon Jul 13 18:51:05 2009 (4A5BC869)
82402000 8269e7c0 RTKVHDA RTKVHDA.sys Tue Aug 04 04:48:13 2009 (4A7803DD)
8269f000 826ce000 portcls portcls.sys Mon Jul 13 18:51:00 2009 (4A5BC864)
826ce000 826e7000 drmk drmk.sys Mon Jul 13 19:36:05 2009 (4A5BD2F5)
826e7000 826f1000 Dxapi Dxapi.sys Mon Jul 13 18:25:25 2009 (4A5BC265)
826f1000 82707000 cdfs cdfs.sys Mon Jul 13 18:11:14 2009 (4A5BBF12)
82707000 82714000 crashdmp crashdmp.sys Mon Jul 13 18:45:50 2009 (4A5BC72E)
82714000 827ef000 dump_iaStorV dump_iaStorV.sys Wed Apr 08 11:54:58 2009 (49DCD6E2)
827ef000 82800000 dump_dumpfve dump_dumpfve.sys Mon Jul 13 18:12:47 2009 (4A5BBF6F)
82a19000 82a50000 hal halmacpi.dll Mon Jul 13 18:11:03 2009 (4A5BBF07)
82a50000 82e60000 nt ntkrnlpa.exe Tue Oct 26 21:30:44 2010 (4CC78ED4)
88600000 88620480 WUDFRd WUDFRd.sys Mon Jul 13 18:50:44 2009 (4A5BC854)
8862d000 886a5000 mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 20:06:41 2009 (4A5BDA21)
886a5000 886b6000 PSHED PSHED.dll Mon Jul 13 20:09:36 2009 (4A5BDAD0)
886b6000 886be000 BOOTVID BOOTVID.dll Mon Jul 13 20:04:34 2009 (4A5BD9A2)
886be000 88700000 CLFS CLFS.SYS Mon Jul 13 18:11:10 2009 (4A5BBF0E)
88700000 887ab000 CI CI.dll Mon Jul 13 20:09:28 2009 (4A5BDAC8)
887ab000 887d8000 rdyboost rdyboost.sys Mon Jul 13 18:22:02 2009 (4A5BC19A)
887d8000 887fb000 mrxsmb mrxsmb.sys Sat Feb 27 01:32:02 2010 (4B88CA72)
88800000 8883e000 NETIO NETIO.SYS Mon Jul 13 18:12:35 2009 (4A5BBF63)
8883f000 888b0000 Wdf01000 Wdf01000.sys Mon Jul 13 18:11:36 2009 (4A5BBF28)
888b0000 ... Read more

http://www.sevenforums.com/bsod-help-support/145050-daily-bsod-analysis-please.html
Relevancy 46.87%

There is a BSOD occuring since approx a week I - Please BSOD Win 7 Pro x64 help me! [SOLVED] Analysis tried tools like BlueScreenView saying quot DRIVER POWER STATE FAILURE quot but I need help to track down this driver Your help would be appreciated very much THANKS OS Win This version of Windows was downloaded via MSDNAA [SOLVED] BSOD Analysis Win 7 Pro x64 - Please help me! original installed OS on system Win Vista Age [SOLVED] BSOD Analysis Win 7 Pro x64 - Please help me! of system hardware approx years Age of OS installation approx month Samsung X Pro T Reeza NP-X AV CPU Intel Core T Video Card NVidia GeForce Go MotherBoard Power Supply unknown Modifications to hardware installed larger HDD installed GB RAM only GB used because BIOS doesn't support more When suspending to disk the screen goes black as usual but the hard disk is only beeing accessed for a few seconds not as usual The notebook powers off after more than minutes and not immediately as usual When starting the notebook it informs me of a unexpected system crash and boots This behaviour is always reproducable It worked like a charm a week ago I can't remember having updated installed uninstalled any software programs or drivers as the problem initially occured except via Windows Update Since then I updated all programms to their current version There were no new driver updates available Thank you

A:[SOLVED] BSOD Analysis Win 7 Pro x64 - Please help me!

Hi -

4 BSODs named Broadcom
1 named NVIDIA video

Code:
b44amd64.sys Tue Nov 21 07:23:06 2006 (4562EFAA) - Broadcom
nvlddmkm.sys Fri Mar 06 08:07:43 2009 (49B1201F) - NVIDIA
Update both -
- http://www.carrona.org/dvrref.html#b44amd64.sys
- http://www.carrona.org/dvrref.html#nvlddmkm.sys

Old version AVG installed.
Remove AVG - http://jcgriff2.com/A-V_Removal_Tools/AVG_Removal.html

Update Intel wifi driver -

Code:
netw5v64.sys Thu Mar 26 12:21:24 2009 (49CBAB84)
- http://www.carrona.org/dvrref.html#netw5v64.sys

Remove Daemon Tools/ Alcohol 120.

If BSODs persist, run the Driver Verifier -- http://jcgriff2.com/driver_verifier.htm


Windbg Logs
--> http://jcgriff2.net/BSOD_Logs/_99-db..._jcgriff2_.txt
--> http://jcgriff2.net/BSOD_Logs/_99-db...riff2_.txt.zip

Regards. . .

jcgriff2


`


BSOD BUGCHECK SUMMARY

Code:

Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Debug session time: Tue Nov 30 11:23:12.035 2010 (GMT-5)
System Uptime: 0 days 8:54:09.142
*** WARNING: Unable to verify timestamp for b44amd64.sys
*** ERROR: Module load completed but symbols could not be loaded for b44amd64.sys
Probably caused by : b44amd64.sys
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x9F
PROCESS_NAME: System
Bugcheck code 0000009F
Arguments 00000000`00000003 fffffa80`032bd060 fffff800`0417f518 fffffa80`06175010
??????????????????????????????????????????????????????????????????????????????????????``
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Debug session time: Mon Nov 29 11:39:04.191 2010 (GMT-5)
System Uptime: 0 days 2:22:09.298
*** WARNING: Unable to verify timestamp for b44amd64.sys
*** ERROR: Module load completed but symbols could not be loaded for b44amd64.sys
Probably caused by : b44amd64.sys
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x9F
PROCESS_NAME: System
Bugcheck code 0000009F
Arguments 00000000`00000003 fffffa80`0330fa20 fffff800`00b9c518 fffffa80`03cbd010
??????????????????????????????????????????????????????????????????????????????????????``
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Debug session time: Thu Nov 25 11:05:42.651 2010 (GMT-5)
System Uptime: 0 days 0:26:25.758
*** WARNING: Unable to verify timestamp for b44amd64.sys
*** ERROR: Module load completed but symbols could not be loaded for b44amd64.sys
Probably caused by : b44amd64.sys
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x9F
PROCESS_NAME: System
Bugcheck code 0000009F
Arguments 00000000`00000003 fffffa80`032a0a20 fffff800`00b9c518 fffffa80`03ba7b10
??????????????????????????????????????????????????????????????????????????????????????``
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Debug session time: Wed Nov 24 12:01:02.340 2010 (GMT-5)
System Uptime: 1 days 5:34:25.251
*** WARNING: Unable to verify timestamp for b44amd64.sys
*** ERROR: Module load completed but symbols could not be loaded for b44amd64.sys
Probably caused by : b44amd64.sys
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x9F
PROCESS_NAME: System
Bugcheck code 0000009F
Arguments 00000000`00000003 fffffa80`032be060 fffff800`00b9c518 fffffa80`05bc66b0
??????????????????????????????????????????????????????????????????????????????????????``
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Debug session time: Tue Nov 23 05:52:59.628 2010 (GMT-5)
System Uptime: 6 days 14:09:24.735
*** WARNING: Unable to verify timestamp for b44amd64.sys
*** ERROR: Module load completed but symbols could not be loaded for b44amd64.sys
Probably caused by : b44amd64.sys
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x9F
PROCESS_NAME: System
Bugcheck code 0000009F
Arguments 00000000`00000003 fffffa80`032bd060 fffff800`00b9c518 fffffa80`031a4c00
??????????????????????????????????????????????????????????????????????????????????????``
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Debug session time: Sat Jan 16 15:... Read more

http://www.techsupportforum.com/forums/f299/solved-bsod-analysis-win-7-pro-x64-please-help-me-532713.html
Relevancy 46.87%

I ve had multiple BSODs for many months now -- even after analysis BSOD minidump a new HD and several reformat-reinstalls later I m still receiving them Here is the analysis from the minidump Microsoft reg Windows Debugger Version X Copyright copy Microsoft Corporation BSOD minidump analysis All rights reserved Loading Dump File C WINDOWS Minidump Mini - dmp Mini Kernel Dump File Only registers and stack trace are available Symbol search path is SRV c symbols http msdl microsoft com download symbols Executable search path is Windows XP Kernel Version Service Pack MP procs Free x compatible Product WinNt suite TerminalServer SingleUserTS Personal Built by xpsp sp gdr - Machine Name Kernel base x d PsLoadedModuleList x d Debug session time Mon Jun UTC - System Uptime days Loading Kernel Symbols Loading User Symbols Loading unloaded module list Bugcheck Analysis Use analyze -v to get detailed debugging information BugCheck A Probably caused by memory corruption nt MiRemovePageByColor Followup MachineOwner --------- kd gt analyze -v Bugcheck Analysis IRQL NOT LESS OR EQUAL a An attempt was made to access a pageable or completely invalid address at an interrupt request level IRQL that is too high This is usually caused by drivers using improper addresses If a kernel debugger is available get the stack backtrace Arguments Arg memory referenced Arg IRQL Arg bitfield bit value read operation write operation bit value not an execute operation execute operation only on chips which support this level of status Arg address which referenced memory Debugging Details ------------------ WRITE ADDRESS CURRENT IRQL FAULTING IP nt MiRemovePageByColor ff dec dword ptr eax CUSTOMER CRASH COUNT DEFAULT BUCKET ID DRIVER FAULT BUGCHECK STR xA PROCESS NAME avgnsx exe LAST CONTROL TRANSFER from a c to STACK TEXT a ab cb a c e c nt MiRemovePageByColor x a ab cd b b c c nt MiRemoveZeroPage x a a ab ce c b c f d nt MiResolveDemandZeroFault xc a ab d c b b nt MmAccessFault xbeb a ab d c dc eca b nt KiTrap E xd WARNING Frame IP not in any known module Following frames may be wrong ff x dc eca STACK COMMAND kb FOLLOWUP IP nt MiRemovePageByColor ff dec dword ptr eax SYMBOL STACK INDEX SYMBOL NAME nt MiRemovePageByColor FOLLOWUP NAME MachineOwner MODULE NAME nt DEBUG FLR IMAGE TIMESTAMP b a cac IMAGE NAME memory corruption FAILURE BUCKET ID xA nt MiRemovePageByColor BUCKET ID xA nt MiRemovePageByColor Followup MachineOwner --------- Any and all help is appreciated I m simply lost If you need more i have multiple from the past days -duck

A:BSOD minidump analysis

Try the following, please.Download/install BlueScreenView, http://www.nirsoft.net/utils/blue_screen_view.html.Double-click BlueScreenView.exe file.When scanning is done, Edit/Select All...then File/Save Selected Items.Save the report as BSOD.txt.Open BSOD.txt, using Notepad, copy all content and paste it into your next reply.Louis

http://www.bleepingcomputer.com/forums/t/326068/bsod-minidump-analysis/
Relevancy 46.87%

Hi,
I would be very grateful if a kindly guru could look at a BSOD dump for me please. Am running Win 7 Professional 64bit on an i7 system with 4Gb DDr3 RAM. No overclocking, no RAID, no Antivirus, just Windows firewall. Mainly use system to run MS FSX. BSODs have occurred randomly over last 3 months since installing W7. Dump files seem to be saved in folder C:\Dump, Have attached recent examples. Thanks in advance for any help.

Best regards,

Ken

A:BSOD Dump analysis - please help

  
Quote: Originally Posted by ken pender


Hi,
I would be very grateful if a kindly guru could look at a BSOD dump for me please. Am running Win 7 Professional 64bit on an i7 system with 4Gb DDr3 RAM. No overclocking, no RAID, no Antivirus, just Windows firewall. Mainly use system to run MS FSX. BSODs have occurred randomly over last 3 months since installing W7. Dump files seem to be saved in folder C:\Dump, Have attached recent examples. Thanks in advance for any help.

Best regards,

Ken


Hi Ken and welcome

There seem to be three flavors of crashes here, They have one thing in common. they are all memory related.

I would
download memtestx86 and run it for at least 5 passes.
run a system file check (sfc /scannow)

I think the memory test will show you that one or more mem sticks are bad.

Kenn J+

Code:
121209-19546-01.dmp 12/12/2009 1:31:06 PM 0x0000010e 00000000`0000001f fffff8a0`29f7c630 00000000`00000000 00000000`000105e6 watchdog.sys watchdog.sys+122f
010410-25942-01.dmp 1/4/2010 3:21:40 PM DRIVER_IRQL_NOT_LESS_OR_EQUAL 0x000000d1 fffff800`32c8a052 00000000`00000002 00000000`00000008 fffff800`32c8a052 ntoskrnl.exe ntoskrnl.exe+71f00
011210-22573-01.dmp 1/12/2010 2:29:04 PM DRIVER_IRQL_NOT_LESS_OR_EQUAL 0x000000d1 fffff880`25d02240 00000000`00000002 00000000`00000000 fffff880`04caed42 wfplwf.sys wfplwf.sys+21a22240
111909-23821-01.dmp 11/19/2009 10:11:02 AM DRIVER_IRQL_NOT_LESS_OR_EQUAL 0x000000d1 fffffa80`245a6e28 00000000`00000002 00000000`00000001 fffff880`0425ab3d ntoskrnl.exe ntoskrnl.exe+71f00
111909-28345-01.dmp 11/19/2009 10:45:54 AM DRIVER_IRQL_NOT_LESS_OR_EQUAL 0x000000d1 fffffa80`27bdfe28 00000000`00000002 00000000`00000001 fffff880`04205b3d wfplwf.sys wfplwf.sys+1418b3d
112309-21028-01.dmp 11/23/2009 11:34:28 AM DRIVER_IRQL_NOT_LESS_OR_EQUAL 0x000000d1 fffffa80`33b98a08 00000000`00000002 00000000`00000001 fffff880`044c9b3d dxgmms1.sys dxgmms1.sys+5b3d
120409-21028-01.dmp 12/4/2009 12:26:52 PM DRIVER_IRQL_NOT_LESS_OR_EQUAL 0x000000d1 fffffa80`270282b0 00000000`00000002 00000000`00000001 fffff880`04462aa8 mouclass.sys mouclass.sys+4daaa8
122009-22729-01.dmp 12/20/2009 3:54:06 PM DRIVER_IRQL_NOT_LESS_OR_EQUAL 0x000000d1 fffffa80`33b370c0 00000000`00000002 00000000`00000001 fffff880`03f08e92 dxgmms1.sys dxgmms1.sys+6e92
011210-17440-01.dmp 1/12/2010 4:48:22 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a fffff880`209b1808 00000000`00000002 00000000`00000000 fffff800`02e8f72c discache.sys discache.sys+1da1d808
011210-18392-01.dmp 1/12/2010 4:59:12 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a fffff880`23313848 00000000`00000002 00000000`00000000 fffff800`02e8f72c ntoskrnl.exe ntoskrnl.exe+71f00
011310-19515-01.dmp 1/13/2010 5:13:10 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a fffff880`309b4068 00000000`00000002 00000000`00000001 fffff800`02eccdaf serenum.sys serenum.sys+2c30f068
112309-36317-01.dmp 11/23/2009 11:20:02 AM IRQL_NOT_LESS_OR_EQUAL 0x0000000a fffff880`130a7948 00000000`00000002 00000000`00000001 fffff800`02a85daf ntoskrnl.exe ntoskrnl.exe+71f00
120409-21824-01.dmp 12/4/2009 12:06:10 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a fffffa80`23a1c173 00000000`00000002 00000000`00000000 fffff800`02c91363 ntoskrnl.exe ntoskrnl.exe+71f00
121109-20373-01.dmp 12/11/2009 12:26:20 PM IRQL_NOT_LESS_OR_EQUAL 0x0000000a fffff880`13317300 00000000`0000000f 00000000`00000001 fffff80... Read more

http://www.sevenforums.com/bsod-help-support/55141-bsod-dump-analysis-please-help.html
Relevancy 46.87%

I have an IBM X laptop All running fine until yesterday when it started crashing After crashes it would not boot up at all Power light stayed on and fan is running but nothing shows on the screen After removing the battery it occasionally managed to boot to XP SP with no problems from which I retrieved minidump files I have analysis X31 IBM please!! Minidump BSOD. looked at them but they all seem to point to different issues Starts with explorer then pool management then memory management then hardware I tried a system restore on one occasion when it managed this to no avail After hitting IBM Access button I have now set it to Diagnostics mode when it boots up and it hangs at different stages each time This happens quite often during extended RAM test but at different numbers sometimes after starting to install Windows After trying to boot in safe mode with networking I got a BSOD with STOP message I could not read quickly enough PLEASE could someone advise of the likely culprit I had some very important work on there that I have managed IBM X31 BSOD. Minidump analysis please!! to transfer to an external HD but really don't want to re-install Windows Also it was bought as a refurbished model so I have no XP disk to re-install with I have attached the minidump files I have managed to retrieve Any help would be very much appreciated Regards Jim

A:IBM X31 BSOD. Minidump analysis please!!

Sorry but attachments didn't seem to work so here are the results of my minidump anslysis in order.

First:


Code:
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Documents and Settings\Me\My Documents\Minidump\Mini090711-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows XP Kernel Version 2600 (Service Pack 3) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 2600.xpsp_sp3_gdr.101209-1647
Machine Name:
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055b240
Debug session time: Wed Sep 7 14:17:27.203 2011 (UTC + 1:00)
System Uptime: 0 days 5:25:51.775
Loading Kernel Symbols
...............................................................
................................................................
......................
Loading User Symbols
Loading unloaded module list
...............
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 100000D1, {7ffc702c, c8, 0, 7c90e46d}

Probably caused by : explorer.exe ( INVALID_CONTEXT )

Followup: MachineOwner
---------

kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 7ffc702c, memory referenced
Arg2: 000000c8, IRQL
Arg3: 00000000, value 0 = read operation, 1 = write operation
Arg4: 7c90e46d, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS: 7ffc702c

CURRENT_IRQL: c8

FAULTING_IP:
+2902faf00d3dfc0
7c90e46d 8b402c mov eax,dword ptr [eax+2Ch]

PROCESS_NAME: explorer.exe

BUGCHECK_STR: RAISED_IRQL_FAULT

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

SYMBOL_NAME: INVALID_CONTEXT

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: explorer.exe

IMAGE_NAME: explorer.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 0

STACK_COMMAND: kb

FAILURE_BUCKET_ID: RAISED_IRQL_FAULT_explorer.exe_INVALID_CONTEXT

BUCKET_ID: RAISED_IRQL_FAULT_explorer.exe_INVALID_CONTEXT

Followup: MachineOwner
---------





Then:



Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Documents and Settings\Me\My Documents\Minidump\Mini090711-02.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows XP Kernel Version 2600 (Service Pack 3) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 2600.xpsp_sp3_gdr.101209-1647
Machine Name:
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055b240
Debug session time: Wed Sep 7 14:18:27.084 2011 (UTC + 1:00)
System Uptime: 0 da... Read more

http://www.techsupportforum.com/forums/f10/ibm-x31-bsod-minidump-analysis-please-599383.html
Relevancy 46.87%

I've had BSODs since my last hardware upgrade, I installed 8GB of RipJaws X memory, a i5-2500k processor and a z77x-d3h motherboard.
I've done memtest 86+ and HDD checks, both have given me a negative result.
The BSODs happen sometimes while the windows is starting up after the Welcome sign, quite frequently when alt-tabing out of applications, less frequently in the games themselves. They also happen sometimes while playing videos or watching streams. The errorcodes or whatever are almost always different.
BSOD's happen from 1-3 times a day to a week without one.
I did a format yesterday in hope to fix it but no luck.


Here's a dump file from my most recent BSOD, it is my first time with these dump files, so I'm not sure if it is the right one, sorry.
http://www.puu.sh/LVFb

A:BSOD analysis request

Welcome
Please supply the needed information
http://www.sevenforums.com/crashes-d...tructions.html

http://www.sevenforums.com/bsod-help-support/242921-bsod-analysis-request.html
Relevancy 46.87%

I purchased the computer about 8months ago from cyberpowerpc.com and my computer kept having BSOD problem for first few weeks right after I bought it.
Recently it is having worse problems like more frequent BSOD problems.(Memory management, Bad pool header, etc.)

I want to buy new computer parts and swap for defected parts, but I have no idea what the problem is with my computer. Please help me!

? OS - Windows 7 Ultimate
? x86 (32-bit)
? Full retail version
? Hardwares are about 8months old
? Age of OS installation is about 7-8months old. Reinstalled serveral times right after I purchased.

? Intel Core i5-2500K [email protected] 3.30GHz (4CPUs), ~3.6GHz
? AMD radeon HD 6700 Series
? MotherBoard:Will post soon
? Power Supply:Will post soon

? System Manufacturer: Gigabyte Technology Co.
? Exact model number: Z68A-D3H-B3

A:[SOLVED] BSOD analysis. Seriously need help!

Hi -

One dump named ALYac Security as the probable cause. I also suggest removal of Daemon Tools/ Alcohol 120 for now -

Code:
sptd.sys Sun Oct 11 16:54:02 2009 (4AD245EA) - Daemon/ Alcohol

EstRtw.sys Thu Jan 12 00:49:07 2012 (4F0E7453) - ESTsoft Corp ALYac Security software
http://sysnative.com/drivers/driver.php?id=sptd.sys
http://sysnative.com/drivers/driver.php?id=EstRtw.sys


The other 14 BSODs point to RAM.

Run memtest86+ - http://www.techsupportforum.com/2863029-post5.html


Regards. . .

jcgriff2


`


BSOD SUMMARY

Code:

Loading Dump File [C:\Users\PalmDesert\_jcgriff2_\dbug\__Kernel__\022012-19390-01.dmp]
Built by: 7600.16905.x86fre.win7_gdr.111025-1503
Debug session time: Mon Feb 20 01:21:55.857 2012 (GMT-5)
System Uptime: 0 days 0:07:24.731
*** WARNING: Unable to verify timestamp for EstRtw.sys
*** ERROR: Module load completed but symbols could not be loaded for EstRtw.sys
Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+21b )
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x8E
PROCESS_NAME: consent.exe
FAILURE_BUCKET_ID: 0x8E_nt!ExDeferredFreePool+21b
Bugcheck code 1000008E
Arguments c0000005 82d6087b 905516b4 00000000
BiosVersion = F1
BiosReleaseDate = 04/19/2011
SystemManufacturer = Gigabyte Technology Co., Ltd.
SystemProductName = Z68A-D3H-B3
MaxSpeed: 3300
CurrentSpeed: 3292
??????????????????????????????????????????????????????????????????????????????????????``
Loading Dump File [C:\Users\PalmDesert\_jcgriff2_\dbug\__Kernel__\022012-18969-01.dmp]
Built by: 7600.16905.x86fre.win7_gdr.111025-1503
Debug session time: Mon Feb 20 00:29:41.653 2012 (GMT-5)
System Uptime: 0 days 0:08:10.886
BUGCHECK_STR: 0x1a_41790
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: dllhost.exe
FAILURE_BUCKET_ID: 0x1a_41790_nt!MiDeleteVirtualAddresses+41a
Bugcheck code 0000001A
Arguments 00041790 c080207a 0000ffff 00000000
BiosVersion = F1
BiosReleaseDate = 04/19/2011
SystemManufacturer = Gigabyte Technology Co., Ltd.
SystemProductName = Z68A-D3H-B3
MaxSpeed: 3300
CurrentSpeed: 3292
??????????????????????????????????????????????????????????????????????????????????????``
Loading Dump File [C:\Users\PalmDesert\_jcgriff2_\dbug\__Kernel__\022012-17456-01.dmp]
Built by: 7600.16905.x86fre.win7_gdr.111025-1503
Debug session time: Mon Feb 20 00:20:56.964 2012 (GMT-5)
System Uptime: 0 days 1:51:22.198
BUGCHECK_STR: 0x1a_41790
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: chrome.exe
FAILURE_BUCKET_ID: 0x1a_41790_nt!MiDeleteVirtualAddresses+41a
Bugcheck code 0000001A
Arguments 00041790 c08020b2 0000ffff 00000000
BiosVersion = F1
BiosReleaseDate = 04/19/2011
SystemManufacturer = Gigabyte Technology Co., Ltd.
SystemProductName = Z68A-D3H-B3
MaxSpeed: 3300
CurrentSpeed: 3292
??????????????????????????????????????????????????????????????????????????????????????``
Loading Dump File [C:\Users\PalmDesert\_jcgriff2_\dbug\__Kernel__\021812-16395-01.dmp]
Built by: 7600.16905.x86fre.win7_gdr.111025-1503
Debug session time: Sat Feb 18 00:35:45.939 2012 (GMT-5)
System Uptime: 0 days 0:09:49.172
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
BUGCHECK_STR: 0x1a_41790
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: chrome.exe
FAILURE_BUCKET_ID: 0x1a_41790_win32k+b514d
Bugcheck code 0000001A
Arguments 00041790 c08020cc 0000ffff 00000000
BiosVersion = F1
BiosReleaseDate = 04/19/2011
SystemManufacturer = Gigabyte Technology Co., Ltd.
SystemProductName = Z68A-D3H-B3
MaxSpeed: 3300
CurrentSpeed: 3292
??????????????????????????????????????????????????????????????????????????????????????``
Loading Dump File [C:\Users\PalmDesert\_jcgriff2_\dbug\__Kernel__\021812-19047-01.dmp]
Built by: 7600.16905.x86fre.win7_gdr.111025-1503
Debug session time: Sat Feb 18 00:25:26.214 2012 (GMT-5)
Syst... Read more

http://www.techsupportforum.com/forums/f299/solved-bsod-analysis-seriously-need-help-631513.html
Relevancy 46.87%

Hi I'm coming here as a last resort Our computer has been crashing the last week We upgraded to windows about a month ago trying Analysis attatch to BSoD and had no problems until recently My husband has updated drivers run memtest on each stick of memory individually and together He has run ctools in dos He ran realtek ethernet diagnostic nvidia diagnostics restored the computer and lastly he updated the bios We thought this worked but after more than hours blue screen free it crashed today He's also called a couple companies for the hardware listed above The error we most often get is page fault in nonpaged area stop x We have had a handful of others My husband is interested in the advice in bumping the voltage but he doesn't know exactly how to try that I uploaded the zipped analysis here RapidShare -CLICK Web hosting - Easy Filehosting Any suggestions on where to search next would be GREATLY appreciated Thanks Jasmin I BSoD trying to attatch Analysis forgot to add that Crash Analyzer Wizard was unable to determine a likely cause

A:BSoD trying to attatch Analysis

  
Quote: Originally Posted by Jake and Jasmin


Hi, I'm coming here as a last resort. Our computer has been crashing the last week. We upgraded to windows 7 about a month ago and had no problems until recently.

My husband has updated drivers, run memtest on each stick of memory individually and together. He has run ctools in dos. He ran realtek ethernet diagnostic, nvidia diagnostics, restored the computer, and lastly he updated the bios. We thought this worked, but after more than 24 hours blue screen free it crashed today. He's also called a couple companies for the hardware listed above.

The error we most often get is page_fault_in_nonpaged_area stop:0x00000050. We have had a handful of others.

My husband is interested in the advice in bumping the voltage, but he doesn't know exactly how to try that.

I uploaded the zipped analysis here: RapidShare: 1-CLICK Web hosting - Easy Filehosting
Any suggestions on where to search next would be GREATLY appreciated.

Thanks!

Jasmin
I forgot to add that Crash Analyzer Wizard was unable to determine a likely cause.



Jasmin Hi and welcome

We really need the actial DMP file, not just the txt. Use these http://www.sevenforums.com/crash-loc...d-problem.html to find and upload it to us.

Thanks

Ken

http://www.sevenforums.com/bsod-help-support/60122-bsod-trying-attatch-analysis.html
Relevancy 46.87%

The problem I am having tends to happen spontaneously, without provocation. Out of the blue, my cursor will start to artifact and soon my computer has a BSoD that stays up for a few moments before the computer restarts on its own. My drivers are up to date, and I believe all my fans are working properly.

I have attached a .dmp file, and would appreciate any help in figuring out what is causing this recurring problem.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz, Intel64 Family 6 Model 23 Stepping 7
Processor Count: 4
RAM: 4094 Mb
Graphics Card: NVIDIA GeForce GTX 560 Ti, 2047 Mb
Hard Drives: C: Total - 476837 MB, Free - 58453 MB; F: Total - 953835 MB, Free - 866168 MB;
Motherboard: EVGA, nForce 750i SLI
Antivirus: None
 

A:.dmp file analysis and BSoD help

Hello CitizenKing and Welcome to TSG.

Your latest blue screen says that "lvrs64.sys" (Logitech Webcam) is the culprit. Update the drivers. The other two say that "nvlddmkm.sys" (NVIDIA Windows Kernel Mode Driver) and appears to have a conflict with DirectX. Again check for update from NVIDIA for that card and Logitech. I'll post both dumps so if anyone has input they can jump in. If problems continue please post back.

PHP:

Microsoft (RWindows Debugger Version 6.12.0002.633 X86

Copyright 
(cMicrosoft CorporationAll rights reserved.





Loading Dump File [C:\Users\LG-PC7\Desktop\CitizenKingdumpfiles\032913-20155-01.dmp]

Mini Kernel Dump FileOnly registers and stack trace are available



Symbol search path is
SRV*your local folder for symbols*http://msdl.microsoft.com/download/symbols

Executable search path is

Windows 7 Kernel Version 7601 (Service Pack 1MP (4 procsFree x64

Product
WinNtsuiteTerminalServer SingleUserTS Personal

Built by
7601.18044.amd64fre.win7sp1_gdr.130104-1431

Machin... Read more

https://forums.techguy.org/threads/dmp-file-analysis-and-bsod-help.1095321/
Relevancy 46.87%

Hello All.
This is an HP Pavilion a6530f running Vista 64 bit. A few days after a system recovery to factory default (due to system running terribly slow) had a couple BSOD's. I ran WinDbg, and have attached the log file. (I tried to attach the minidump file as well but got an invalid file error message.) I have spent a lot of time Googling the "Probable Cause: hardware (win32k!RawInputThread+79c" but haven't come up with anything useful. Also note that I previously ran Who Crashed and although it was not able to identify the problem it indicated that it was NOT a hardware issue. This PC comes with built-in hardware diagnostic software, and I have ran all the tests and everything passed.
So I'm asking the experts here to see if anyone can provide any assistance.
Thanks.

A:BSOD - Need Help With Minidump Analysis

Welcome
We can help if you provide the following information:
Blue Screen of Death (BSOD) Posting Instructions

http://www.vistax64.com/crashes-debugging/301196-bsod-need-help-minidump-analysis.html
Relevancy 46.87%

Would appreciate an analysis of the attached file please? Many thanks in advance!

A:BSOD when shutting down - analysis please

There are many files missing from your upload, please run the log collector again and wait for a c ouple minutes for all files to be gathered and upload to your next post

http://www.sevenforums.com/bsod-help-support/385057-bsod-when-shutting-down-analysis-please.html
Relevancy 46.87%

My system has had eleven BSODs since August 26th, seven of them in the past forty-eight hours. I'd be obliged if someone could help me determine the cause. Thanks very much.

? OS: Microsoft Windows 7 Home Premium 64-bit SP1; reinstalled about a month ago

? Age of system: Purchased September 10, 2010; hard drive replaced about a month ago

? CPU: Intel Core 2 Duo E7500 (Wolfdale)

? Video Card: Intel G45/G43 Express Chipset

? MotherBoard: Dell Inc. 0K83V0

? Power Supply: Dell 300 (?) watts (it's the OEM supply)

? System Manufacturer: Dell

? Exact model number: Inspiron 560S

A:BSOD, request for help with analysis of

I have attached a second Windows7_Vista_jcgriff2.zip in case any additional information might be helpful. Thank-you.

http://www.techsupportforum.com/forums/f299/bsod-request-for-help-with-analysis-of-668342.html
Relevancy 46.87%

Hi, I am new to the forums... I got two BSOD today and have had some freezing without BSOD aswell... I hope you guys can help me resolve these issues...

Windows 7 SP 1 64-bit
I installed Windows 7 freshly on my new SSD a few months back...
I purchased OEM version windows 7 from newegg.com and build this computer myself.
I think my hardware is about 4 years old now...
OS installation is only a few months old if that.

Intel Core 2 Quad Q9300 2.5Ghz
New video card (nvidia GTX560)
Gigabyte GA-EP45-UD3R motherboard
PSU - BFG 550W

Custom Built...

A:BSOD Problem. Need analysis please?

Update: Received another BSOD just now browsing the web...
Actually I just realized it crashed around when I was trying to manually install update for flash player... And might of crashed before while doing the same thing...

Here is my minidump with the driver verify thing enabled.

http://www.techsupportforum.com/forums/f299/bsod-problem-need-analysis-please-640988.html
Relevancy 46.87%

i need anyone to help me analyse the .dmp dump file of my computer,and also
tell me what to do that will let me stop the crash.usually when i plug in bluetooth it stays for some minutes before it crash and it show IRQL whatever whatever cant recall much of that but below is the .dmp file please helpme check it and tellme what to do to stop it.Thanks.... Download 121212-28468-01.dmp - Hide My ***!

A:BSOD .dmp file analysis

Moved to Bsod's please follow the instructions here http://www.techsupportforum.com/foru...ta-452654.html
your link does not work,but please do as requested it will provide more info

http://www.techsupportforum.com/forums/f299/bsod-dmp-file-analysis-680344.html
Relevancy 46.87%

Hello Everyone,

I am working with a windows 7 64 bit custom build, The last time we had a debug read they found out that the Autodesk appliation called Revit.exe was the cause of the crash. I have a open case with Autodesk Software vendor. The version of this software is supposedly 64 bit compatible, some of the reports that I received from the debugs indicate the the revit.exe application if the cause of the crash that occurs only when closing the application, right before a full pc shutdown. I am including the minidump files that I ran on the pc earlier today.

A:BSOD"S analysis

Was there a problem with the file I uploaded. No one has replied yet? Thanks,

http://www.sevenforums.com/bsod-help-support/113302-bsod-s-analysis.html
Relevancy 46.87%

I have been getting BSOD for a while now.

It happens almost exclusively when playing games. I could browse the internet forever and never crash. Most crashes happen when playing Rocket League and less frequently in CS:GO. Other games crash even more sparsely.

I've been trying to fix the problem but nothing seemed to help. Here's a brief list of what I already tried:Updating graphics driver & chipset driver
Memory diagnostic tool on full settings
Running only one RAM
Repasting CPU, cleaning the entire PC

http://www.sevenforums.com/bsod-help-support/394430-requesting-bsod-dmp-analysis.html
Relevancy 46.87%

Another computer, same issue BSOD

Background

Is Windows 7 . . .
- x86 (32-bit) or x64 - 32 bit
- the original installed OS on the system - no
- an OEM or full retail version? - full retail
- OEM = came pre-installed on system
- Full Retail = you purchased it from retailer

- What is the age of system (hardware)? one year old
- What is the age of OS installation (have you re-installed the OS?) December 2010
Here are the files for BSOD.

Thanks in advance.

A:BSOD analysis request

Hello,
Start by updating these drivers...

Apfiltr.sys Thu Feb 07 04:23:41 2008
Alps Point Touching Device - none at OEM. Try update this from your computer manufacturer's website.

LPCFilter.sys Wed Apr 23 14:18:02 2008
No clue at all.

Regards...

Code:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 9F, {4, 258, 83c9b4c0, 81b73b24}

*** WARNING: Unable to verify timestamp for thpdrv.sys
*** ERROR: Module load completed but symbols could not be loaded for thpdrv.sys
Probably caused by : umbus.sys

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_POWER_STATE_FAILURE (9f)
A driver is causing an inconsistent power state.
Arguments:
Arg1: 00000004, The power transition timed out waiting to synchronize with the Pnp
subsystem.
Arg2: 00000258, Timeout in seconds.
Arg3: 83c9b4c0, The thread currently holding on to the Pnp lock.
Arg4: 81b73b24

Debugging Details:
------------------
DRVPOWERSTATE_SUBCODE: 4

DRIVER_OBJECT: 84d59f38

IMAGE_NAME: umbus.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bc88a

MODULE_NAME: umbus

FAULTING_MODULE: 8ce5d000 umbus

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

BUGCHECK_STR: 0x9F

PROCESS_NAME: System

CURRENT_IRQL: 2

STACK_TEXT:
88e3b788 81abbc25 83c9b4c0 00000000 81b76d20 nt!KiSwapContext+0x26
88e3b7c0 81aba523 83c9b580 83c9b4c0 88e3b88c nt!KiSwapThread+0x266
88e3b7e8 81ab440f 83c9b4c0 83c9b580 00000000 nt!KiCommitThreadWait+0x1df
88e3b864 883f54f3 88e3b88c 00000000 00000000 nt!KeWaitForSingleObject+0x393
WARNING: Stack unwind information not available. Following frames may be wrong.
88e3b8a4 883f7861 861b48e8 861b49a0 01bb6300 thpdrv+0x14f3
88e3b8b8 883f8cc1 861b48e8 861b49a0 849efac0 thpdrv+0x3861
88e3b970 81a61787 849efac0 84eabac8 861e3d30 thpdrv+0x4cc1
88e3b98c 81bfc7c9 84eabac8 883f8b9e 00000003 nt!PpvUtilCallAddDevice+0x19
88e3b9d4 81bf5300 849efac0 883f8b9e 00000001 nt!PnpCallAddDevice+0xb9
88e3baa8 81bf488c 861e3d30 88e3bcd0 860ae070 nt!PipCallDriverAddDevice+0x565
88e3bca4 81bee630 861e1a90 860ae070 88e3bcd0 nt!PipProcessDevNodeTree+0x15d
88e3bcd8 81a60f9f 81bb0e80 83c9b4c0 81b875bc nt!PiProcessReenumeration+0x74
88e3bd00 81abb03b 00000000 00000000 83c9b4c0 nt!PnpDeviceActionWorker+0x224
88e3bd50 81c5b9df 00000001 a95654a6 00000000 nt!ExpWorkerThread+0x10d
88e3bd90 81b0d1d9 81abaf2e 00000001 00000000 nt!PspSystemThreadStartup+0x9e
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19
STACK_COMMAND: kb

FOLLOWUP_NAME: MachineOwner

FAILURE_BUCKET_ID: 0x9F_4_IMAGE_umbus.sys

BUCKET_ID: 0x9F_4_IMAGE_umbus.sys

Followup: MachineOwner
---------

0: kd> lmtsmn
start end module name
87cb4000 87cfc000 ACPI ACPI.sys Tue Jul 14 11:11:11 2009 (4A5BBF0F)
8b8a8000 8b902000 afd afd.sys Tue Jul 14 11:12:34 2009 (4A5BBF62)
8b597000 8b5a9000 AgileVpn AgileVpn.sys Tue Jul 14 11:55:00 2009 (4A5BC954)
87b9e000 87ba7000 amdxata amdxata.sys Wed May 20 05:57:35 2009 (4A12F30F)
8b551000 8b57d000 Apfiltr Apfiltr.sys Thu Feb 07 04:23:41 2008 (47A9D0FD)
87df6000 87dff000 atapi atapi.sys Tue Jul 14 11:11:15 2009 (4A5BBF13)
87c00000 87c23000 ataport ataport.SYS Tue Jul 14 11:11:18 2009 (4A5BBF... Read more

http://www.sevenforums.com/bsod-help-support/145542-bsod-analysis-request.html
Relevancy 46.87%

Can someone please help with the following BSOD debugged analysis Microsoft reg Windows Debugger Version AMD Loading Dump File C Windows Minidump - - dmp Mini Kernel Dump File Only registers and stack trace are available Symbol search path is SRV c symbols http msdl microsoft com download symbols Executable search path is Windows Kernel Version Service Pack MP procs Free x Product WinNt suite TerminalServer SingleUserTS Personal Built by amd fre win sp gdr - Kernel base xfffff c PsLoadedModuleList xfffff e d Debug session time Sat Sep UTC - System Uptime days Loading Kernel Symbols Loading User Symbols Loading unloaded module list Bugcheck Analysis Use analyze -v to get detailed debugging information BugCheck A is with BSOD, degugged Please analysis: here help fffffa fb ffff Probably caused by ntkrnlmp exe Please help with BSOD, here is degugged analysis: nt FNODOBFM string' Followup MachineOwner -v Bugcheck Analysis MEMORY MANAGEMENT a Any other values for parameter must be individually examined Arguments Arg A page table page has been corrupted On a bit OS parameter contains the address of the PFN for the corrupted page table page On a bit OS parameter contains a pointer to the number of used PTEs and parameter contains the number of used PTEs Arg fffffa fb Arg ffff Arg Debugging Details ------------------ BUGCHECK STR x a CUSTOMER CRASH COUNT DEFAULT BUCKET ID WIN DRIVER FAULT PROCESS NAME taskhost exe CURRENT IRQL LAST CONTROL TRANSFER from fffff cfad to fffff c b STACK TEXT fffff e fffff cfad a fffffa fb ffff nt KeBugCheckEx fffff e fffff c cf fffffa ffff nt FNODOBFM string' x fffff eb fffff c e ffffffff ffffffff bf bf nt NtFreeVirtualMemory x f fffff ec a nt KiSystemServiceCopyEnd x bf x a STACK COMMAND kb FOLLOWUP IP nt FNODOBFM string' fffff cfad cc int SYMBOL STACK INDEX SYMBOL NAME nt FNODOBFM string' FOLLOWUP NAME MachineOwner MODULE NAME nt IMAGE NAME ntkrnlmp exe DEBUG FLR IMAGE TIMESTAMP fb cd FAILURE BUCKET ID X x a nt FNODOBFM string BUCKET ID X x a nt FNODOBFM string Followup MachineOwner--------- THANK YOU SO MUCH

A:Please help with BSOD, here is degugged analysis:

If I received a BSOD which pointed to Memory Managerment...first thing I'd do is test the RAM modules via Memtest 86+.
 
Memtest86+ - Advanced Memory Diagnostic Tool - http://www.memtest.org/#downiso
Memtest86+ Guide-How To's - Overclockers Forums - http://www.overclockers.com/forums/showthread.php?t=409152
 
Louis

http://www.bleepingcomputer.com/forums/t/508489/please-help-with-bsod-here-is-degugged-analysis/
Relevancy 46.87%

Hello everyone This is a brand new - Analysis? BSOD Minidmp account but I have been registered with you guys for almost ten years now I d like to say thanks for all the help you BSOD - Minidmp Analysis? ve given me in the past This is the first stop error I have received since I did a clean install of Win on a GB SSD Using Bluescreenview I can see it is a bad driver but nothing more than the usual quot ntoskrnl sys BSOD - Minidmp Analysis? quot BSOD - Minidmp Analysis? which is just the windows kernel not the driver If anyone can read minidmp files I have generated one and zip d up as an attachment I have also included a list of my specifications All drivers on this system are not all official from ASUS rather from the specific part s website such as Synaptics Realtek nVidia etc all so far advertised as Win compatible I checked the vendor ID and device ID in the device manager for those devices before downloading the driver so I am clueless Here are my specs thank you once again ASUS G SW Windows Pro activated legal PNY gb ssd sb i ghz gb ram drivers explained above razer naga epic mouse I mention this because I have the synapse software installed as well as the driver for the mouse VirusTotal com SHA aa c bbf d ce de a b a e ccf d e b File name dmp zip Detection ratio Analysis date - - UTC minutes ago nbsp

A:BSOD - Minidmp Analysis?

Before deciding to install Windows 8.1, you should have run Windows 8/8.1 Upgrade Assistant, which would have told you whether the system could be upgraded without any issues. If there were issues, it would have pointed them out.

Can be downloaded from here:

http://windows.microsoft.com/en-in/windows-8/upgrade-assistant-download-online-faq

Looking at the STOP code error, 0x0000009f, the issue could have been caused by this:

http://support.microsoft.com/kb/2983139

In above, to resolve this issue, MS tells to install update rollup 2975719, the link to which is provided there. Here it is for convenience:

http://support.microsoft.com/kb/2975719

You can install that to see if it resolves the issue.

If not, looking at the STOP code message, DRIVER_POWER_STATE_FAILURE, it seems to be caused by one of the drivers, for which the power state causes failure. Most likely, one of the network drivers.

If you noticed, and remember, there is a setting in the Power Management tab in the Properties of network driver, which says "Allow the computer to turn off this device to save power". You can uncheck this setting, and see if it solves the issue.

Or, just uninstall the network driver, and see if it solves the issue.

It certainly seems to be a driver issue.

Before manually installing drivers, you could have also checked Windows Updates. Windows Update can often provide a missing driver. So, that's a good step to look for drivers for your system, when the drivers are not available from hardware manufacturer, which is your case.
 

https://forums.techguy.org/threads/bsod-minidmp-analysis.1137332/
Relevancy 46.87%

Hey title says Analysis BSOD Needed it all Was gone for about a week when I came home my computer ran for about - hours and then the blue screens started Have been getting them upon reboot and within - min of reboot Here is my analysis Code Bugcheck Analysis IRQL NOT LESS OR EQUAL a An attempt was made to access a pageable or completely invalid address at an interrupt request level IRQL that is too high This is usually caused by drivers using improper addresses If a kernel debugger is available get the stack backtrace Arguments Arg dd memory referenced Arg IRQL Arg bitfield bit value read operation write operation bit value not an execute operation execute operation BSOD Analysis Needed only on chips which support this level BSOD Analysis Needed of status Arg fffff efe c address which referenced memory Debugging Details ------------------ WRITE ADDRESS GetPointerFromAddress unable to read from fffff fd dd CURRENT IRQL FAULTING IP nt KeStackAttachProcess fffff efe c f fc dc lock xadd dword ptr rsi DCh eax CUSTOMER CRASH COUNT DEFAULT BUCKET ID VISTA DRIVER FAULT BUGCHECK STR xA PROCESS NAME System TRAP FRAME fffff -- trap xfffff NOTE The trap frame does not contain all registers Some register values may be zeroed or incorrect rax rbx rcx fffffa c c a rdx fffff a rsi rdi rip fffff efe c rsp fffff rbp fffff a r fffffa c c r r fffff d c r fffffa c c r r r r iopl nv up ei pl zr na po nc nt KeStackAttachProcess x fffff efe c f fc dc lock xadd dword ptr rsi DCh eax ds e dc Resetting default scope LAST CONTROL TRANSFER from fffff ecd to fffff ecdfc STACK TEXT fffff fffff ecd a dd nt KeBugCheckEx fffff fffff ecc e fffff b fffff a cef e fffffa c c nt KiBugCheckDispatch x fffff fffff efe c fffffa c c fffffa c c fffff c e nt KiPageFault x fffff fffffa a f c fffff a nt KeStackAttachProcess x fffff fffff a xfffffa a f c fffff xfffff a STACK COMMAND kb FOLLOWUP IP nt KeStackAttachProcess fffff efe c f fc dc lock xadd dword ptr rsi DCh eax SYMBOL STACK INDEX SYMBOL NAME nt KeStackAttachProcess FOLLOWUP NAME MachineOwner MODULE NAME nt IMAGE NAME ntkrnlmp exe DEBUG FLR IMAGE TIMESTAMP f be FAILURE BUCKET ID X xA nt KeStackAttachProcess BUCKET ID X xA nt KeStackAttachProcess Followup MachineOwner --------- All help is greatly appreciated in a time pinch Thanks everyone Rob

A:BSOD Analysis Needed

Welcome to SevenForums.

You will receive better help if all the files from the http://www.sevenforums.com/crashes-d...tructions.html are submitted.

http://www.sevenforums.com/bsod-help-support/266375-bsod-analysis-needed.html
Relevancy 46.87%

Hello all

I have tried looking through the dump reports myself, using windbg but have not been able to get rid of these bsod. I have also tried running with driver verifier enabled, but I don't understand much of what's in the dump files. The last 2 dump files happened while driver verifier was enabled.

I will run the hardware testing you suggest when I get home from work and report back.

? OS - Vista/ Windows 7 ? Windows 7
? x86 (32-bit) or x64 ? x64
? What was original installed OS on system ? Nothing
? Is the OS an OEM version (came pre-installed on system) or full retail version (YOU purchased it from retailer) ? Retail version
? Age of system (hardware) ? 1 months
? Age of OS installation - have you re-installed the OS ? 1 month

? CPU AMD Phenom II X6 1090T 3.20 GHz
? Video Card Gainward GeForce GTX 560Ti 1GB
? MotherBoard MSI 890GXM-G65
? Power Supply - brand & wattage Corsair TX 950 W

? System Manufacturer: Put together myself

A:[SOLVED] Help with BSOD analysis

Hi and welcome to TSF please try updating your video drivers you may also try running furmark to test your video card and memtest 86+ just to rule out your ram
FurMark: VGA Stress Test, Graphics Card and GPU Stability Test, Burn-in Test, OpenGL Benchmark and GPU Temperature | oZone3D.Net
Memtest86+ - Advanced Memory Diagnostic Tool
Memtest86+ Guide/How To's - Overclockers Forums
The Official ImgBurn Website use this to burn the discs

http://www.techsupportforum.com/forums/f299/solved-help-with-bsod-analysis-605735.html
Relevancy 46.87%

This is an older eMachine T6216 that has run Win7 for several years now, but which is now bluescreening regularly. I thought it might have to do with the Windows stock sound driver so updated to Realtek which gets a warning for known incompatibility, but either driver performs the same.

Last week the BSOD's shut me out and a quick google pointed to memory, so I started Memtest which found a failure in first pass but not in subsequent passes, then the BSOD's subsided for awhile as though the memtest had somehow helped. Confounding.

Perfmon reports a driver malfunctioning but I cannot find it in Device manager and it is unclear as to what exactly it is except that it's plug and play. Using USB keyboard and mouse.

Thank you for your analysis.

A:Chronic BSOD's need analysis when u can

Have you tried booting in safe mode to see if the problems still persist?

http://www.sevenforums.com/bsod-help-support/189776-chronic-bsods-need-analysis-when-u-can.html
Relevancy 46.44%

Hi everyone Previous article Malware Analysis - Bytes and HEX Today I would like to go more in-depth with HEX analysis There should be more parts to going more in-depth with HEX analysis For example one tutorial we will use a trojan downloader or a trojan banker or others And then the other part we may use a cryptolocker sample fake antivirus software worms or adware So this (Houdini worm) Analysis #9 in-depth more Malware with - analysis HEX will be part-based I didn t think I could just leave the previous thread with that simple example on HEX and HEX editors No no I had planned to Malware Analysis #9 - more in-depth analysis with HEX (Houdini worm) go more in-depth which is why I left the previous thread as simple as it was so it would be easier to understand and take in at a time Let s get started ---- Today I will be showing you how to identify a worm houdini VBS Script sample Before I continue I would like to note the following - Remember to use a VM say on case - While I cannot share the sample UNLESS the MT staff make a section for analysis like Malware Hub and allow links you can get worm samples from te malware hub - Lastly enjoy -- As you can see from the below sample there is a VBS script file on my desktop Firsly I would like to note that the size of the sample is small VBS samples usually are In fact a good amount of malware is small one reason could be so it can be easily downloaded onto the users computer Samples can become smaller through packing However not all samples are small some are very large It s a mix between small and large sizes nowadays Of course we wouldn t know this file is a vbs without checking unless someone has analyzed it Let s take a peek inside the file by looking at the HEX and ASCII dump in a HEX editor like HxD which we previously took a look at articles away I will open up HxD Hex editor and open up the sample You may notice my HEX area and my ASCCI dump area width is bigger than yours you can change it with the following setting Spoiler The first thing I want you to notice is the first lines in the ASCII dump lt recoder houdini c skype houdini-fx gt The HEX for this is C B F A F E B A F E D D E D A D A About the above HEX I wrote above yes it can detect houdini worms If you made a quick scanner application could be done in VB NET C C C which enumerated through all files in a folder checked the HEX in the file and compared it to that HEX string if the sample contained it it would be detected That is an example of a generic signature Antivirus software use them all the time however they aren t always done in HEX I want to mention if you select part of the HEX or part of the ASCII it ill automatically highlight the other side for you For example if I highlight the above ASCII dump line I wrote above HxD will automatically highlight the HEX for those characters Let s continue analyzing I will go through this sample and write about anything else related to the sample below and describe what it does Like I mentioned in the past to do static analysis with checking the ASCII dump reverse engineering etc you need to have at least a basic understanding with programming to understand the basics of what malware samples are doing I recommend learning some VB VBScript at the minimum however knowledge with Assembly can help you a lot especially when using tools like IDA Maybe one day I ll do a series on Assembly basics and cover things like registers etc ASCII dump host quot plan couchpotatofries org quot port HEX F D C E E F F F E F D A F D The C amp C Control and Command server in this sample is plan couchpotatofries org and the port for it is plan couchpotatofries org - Mentions the temp directory In the above screenshot the ASCII dump shows variables being created and assigned a value for the quot installname quot and quot installdir quot installdir is install directory In programming dir directory usually The sample also expands the environment variables from the temp folder We know this from t... Read more

A:Malware Analysis #9 - more in-depth analysis with HEX (Houdini worm)

Hi and thanks for this great article.
We need to Know How to decode .VBS worm, The sample you have it seems to be decoded before you wrote this article.
if we didn't decode it we'll not find any useful information.
Thanks again
 

https://malwaretips.com/threads/malware-analysis-9-more-in-depth-analysis-with-hex-houdini-worm.42399/
Relevancy 46.01%

Hi

I was hoping somebody could give me pointers as to what might be cause cause of multiple BSODs I am getting in a machine. Its a Shuttle XPC 25P with an AMD 3600X2 in it. I ran memcheck on it overnight and it had no memory errors. I did a few system rebuilds, and just not sure what is causing all the BSODS. I ran analyse of the minidump file but not sure what is causing the problem.

Thanks
Fester
 

A:Constant BSOD - help with analysis of minidump

You are most likely infected with spyware, malware or a virus... From iTunes?
 

http://www.techspot.com/community/topics/constant-bsod-help-with-analysis-of-minidump.78397/
Relevancy 46.01%

Hey everyone I've been having quite a few BSODs recently and have been unable to fix it some of the main files to come minidump BSOD analysis) (incl. up have been the win sys and ntoskrnl exe and another NT file I'll attach the minidump here from windbg I'm not completely sure how to use this either Loading Dump File H WINDOWS Minidump Mini - dmp Mini Kernel Dump File Only registers and stack trace are available Symbol search path is Invalid Symbol loading may be unreliable without a symbol search path Use symfix to have the debugger choose a symbol path After setting your symbol path use reload to refresh symbol locations Executable search path is Symbols can not be loaded because symbol path is not initialized The Symbol Path can be set by using the NT SYMBOL PATH environment variable using the -y lt symbol path gt argument when starting the debugger using sympath and sympath Unable to load image ntoskrnl exe Win error n WARNING Unable to verify timestamp for ntoskrnl exe ERROR Module load completed but symbols could not be loaded for ntoskrnl exe Windows XP Kernel Version Service Pack MP procs Free x compatible Product WinNt suite TerminalServer SingleUserTS Machine Name Kernel base x d PsLoadedModuleList x d Debug session time Tue Jan UTC System Uptime days Symbols can not be loaded because symbol path is not initialized BSOD (incl. minidump analysis) The Symbol Path can be set by using the NT SYMBOL PATH environment variable using BSOD (incl. minidump analysis) the -y lt symbol path gt argument when starting the debugger using sympath and sympath Unable to load image ntoskrnl exe Win error n WARNING Unable to verify timestamp for ntoskrnl exe ERROR Module load completed but symbols could not be loaded for ntoskrnl exe Loading Kernel Symbols Loading User Symbols Loading unloaded module list Bugcheck Analysis Use analyze -v to get detailed debugging information BugCheck E c d d e b b Kernel symbols are WRONG Please fix symbols to do analysis Your debugger is not using the correct symbols In order for this command to work properly your symbol path must point to pdb files that have full type information Certain pdb files such as the public OS symbols do not contain the required information Contact the group that provided you with these symbols if you need this command to work Type referenced nt KPRCB Your debugger is not using the correct symbols In order for this command to work properly your symbol path must point to pdb files that have full type information Certain pdb files such as the public OS symbols do not contain the required information Contact the group that provided you with these symbols if you need this command to work Type referenced nt KPRCB Probably caused by hardware nt f e Followup MachineOwner Cheers Dominic

A:BSOD (incl. minidump analysis)

You do not have the appropriate symbols path setup for debugging.How I Debug Blue Screen Crashes
It also is more helpful to get your full crash reports.http://www.techsupportforum.com/foru...ta-452654.html

http://www.techsupportforum.com/forums/f299/bsod-incl-minidump-analysis-683341.html
Relevancy 46.01%

Windows 7 Ultimate x86
Original OS: XP Pro 32bit SP3
System: 2008-2009 parts (Just check my comp parts in my profile for more details)
OS age: 1 week

Notes: Been crashing a few days after the install - whocrashed notified me that its OS drivers that are crashing my PC. What can i do? Or is there another driver behind the crashing

A:BSOD analysis - Help needed - Thanks in advance

Hi Renren. I looked at your six most recent dumps; the latest two are corrupted and contain no information. Start with turning Driver Veririfer off. Each of the four dumps is a Driver Verifier enabled dump and all four blame hardware.

I do find two out of date drivers on your system; one is way obsolete. Outdated drivers can and do cause conflicts and BSOD's.





Quote:
giveio.sys Wed Apr 03 22:33:25 1996 - ADC Analyzer/SwiftForth/Disspy - ?SpeedFan?. Info only (? way down page) - I/O Port Programming with Delphi and NT. Using Windows Explorer, navigate to C:\Windows\system 32. Look for giveio.sys and rename it from .sys to .old. Reboot and the driver will not load. This will break the program it is associated with.

Rt86win7.sys Thu Feb 26 04:04:22 2009 - Realtek NIC. Realtek. Update this driver through the link provided.


Turn Driver Verifier off, update Rt86win7.sys and rename giveio.sys. Reboot and let's see how your system does. Post back and let us know. If you get another BSOD after following these suggestions, upload it and we will go from there.

Code:
Windows 7 Kernel Version 7600 MP (4 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.x86fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0x82c3b000 PsLoadedModuleList = 0x82d83810
Debug session time: Fri Jan 14 22:01:19.582 2011 (GMT-5)
System Uptime: 0 days 0:10:52.894
Loading Kernel Symbols
...............................................................
................................................................
..................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck D1, {ddc776ca, 2, 8, ddc776ca}

Probably caused by : hardware

Followup: MachineOwner
---------
*** Possible invalid call from 82f76555 ( nt!VerifierKeAcquireInStackQueuedSpinLock+0xa7 )
*** Expected target 82c776ca ( nt!KeGetCurrentProcessorNumberEx+0x0 )

2: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: ddc776ca, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000008, value 0 = read operation, 1 = write operation
Arg4: ddc776ca, address which referenced memory

Debugging Details:
------------------
READ_ADDRESS: GetPointerFromAddress: unable to read from 82da3718
Unable to read MiSystemVaType memory at 82d83160
ddc776ca

CURRENT_IRQL: 2

FAULTING_IP:
+52ea952f00e0ddac
ddc776ca ?? ???

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP

BUGCHECK_STR: 0xD1

PROCESS_NAME: System

TRAP_FRAME: 887c2c40 -- (.trap 0xffffffff887c2c40)
ErrCode = 00000010
eax=887c2d24 ebx=8553d320 ecx=82d708c4 edx=00000000 esi=82d708c4 edi=887c2d24
eip=ddc776ca esp=887c2cb4 ebp=887c2cd0 iopl=0 nv up ei ng nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010282
ddc776ca ?? ???
Resetting default scope

LA... Read more

http://www.sevenforums.com/bsod-help-support/137849-bsod-analysis-help-needed-thanks-advance.html
Relevancy 46.01%

Hello I have a Packard BSOD Help Physical Analysis Dump Bell preinstalled laptop It's been months that is working fine and just yesterday the Windows can not start Startuprepairoffline appears everytime I restart my computer So I decided to restore my sytem to factory default using the backup disc I made And then an icon of Windows Update appears on the system arrest When I clicked the system arrest windows is updating and when I restart my computer it goes again to startuprepairoffline I tried to restore factory default times already and everytime theres a windows update and click it it goes back again And once suddenly a BSOD appears and I haven't read much what is written I search the net for info and they told me to analyze the minidump saved in my computer I don't know how to open and read or analyze the file so I'm sending it for analysis Please help me If you need any questions please ask me BSOD Physical Dump Analysis Help in simple terms because I'm a computer noob My computer BSOD Physical Dump Analysis Help spec Packard Bell Original Pre-installed Windows Home Premium bit

A:BSOD Physical Dump Analysis Help

Based on your dump file, the crashed program is chrome.exe.

You can find many articles about the chrome conflicts with the windows update in Internet.

Hope you lucky!

http://www.sevenforums.com/bsod-help-support/170725-bsod-physical-dump-analysis-help.html
Relevancy 46.01%

Please analyze this... :)

A:BSOD Kernel Dump Analysis

Pretty straightforward, hardware, probably RAM.

BSOD BUGCHECK SUMMARY
Code:

Built by: 6002.18209.x86fre.vistasp2_gdr.100218-0019
Debug session time: Thu Apr 29 04:52:00.666 2010 (GMT-4)
System Uptime: 0 days 9:26:52.237
BugCheck A, {8a20d61b, 0, 0, 820bf2c0}
Probably caused by : memory_corruption ( nt!MiAgeWorkingSet+2c9 )
BUGCHECK_STR: 0xA
PROCESS_NAME: chrome.exe
??????????????????????????????????????????????????????????????????????????????????????
Built by: 6002.18209.x86fre.vistasp2_gdr.100218-0019
Debug session time: Mon Apr 26 02:26:46.601 2010 (GMT-4)
System Uptime: 0 days 18:57:08.274
BugCheck 124, {0, 87664020, b2000040, 800}
Probably caused by : hardware
BUGCHECK_STR: 0x124_GenuineIntel
PROCESS_NAME: System
??????????????????????????????????????????????????????????????????????????????????????
Built by: 6002.18209.x86fre.vistasp2_gdr.100218-0019
Debug session time: Wed Apr 21 06:11:35.163 2010 (GMT-4)
System Uptime: 0 days 0:14:53.983
BugCheck 124, {0, 84c363f0, f2000040, 800}
Probably caused by : hardware
BUGCHECK_STR: 0x124_GenuineIntel
PROCESS_NAME: wininit.exe
??????????????????????????????????????????????????????????????????????????????????????
Built by: 6002.18209.x86fre.vistasp2_gdr.100218-0019
Debug session time: Mon May 17 07:10:09.499 2010 (GMT-4)
System Uptime: 0 days 11:16:35.608
BugCheck CE, {aaf422a0, 0, aaf4cd4c, 0}
Probably caused by : dump_wmimmc. ( dump_wmimmc+ad4c )
BUGCHECK_STR: 0xCE
PROCESS_NAME: svchost.exe
??????????????????????????????????????????????????????????????????????????????????????

Download a copy of Memtest86 and burn the ISO to a CD using Iso Recorder. Boot from the CD, and run at least 5 passes.

Update these old drivers:

Code:
8d2ce000 8d2d6100 SonyPI SonyPI.sys Mon Aug 19 22:59:29 2002 (3D61B091)
abbdc000 abbe2000 npptNT2 npptNT2.sys Thu Jan 06 01:43:06 2005 (41DCDDFA)

See if there is an updated driver for your modem:
Code:
8d1c2000 8d1fe000 VSTAZL3 VSTAZL3.SYS Tue Jun 20 13:39:49 2006 (449832E5)
8d203000 8d307000 VSTDPV3 VSTDPV3.SYS Tue Jun 20 13:41:01 2006 (4498332D)
8d307000 8d3ba000 VSTCNXT3 VSTCNXT3.SYS Tue Jun 20 13:39:37 2006 (449832D9)
Please be sure to read this article on bugcheck 0x124: http://www.sevenforums.com/crash-loc...-what-try.html

http://www.techsupportforum.com/forums/f299/bsod-kernel-dump-analysis-483914.html
Relevancy 46.01%

I ve got a new Windows laptop having some problems I ll post a thread BSOD analysis 0x7F Need help 0x9F and with about another problem of it later Can someone please help me analyze the below mini dumps I run them through a program called WhoCrashed Code On Tue Need help with BSOD analysis 0x9F and 0x7F AM GMT your computer crashed crash Need help with BSOD analysis 0x9F and 0x7F dump file C windows Minidump - - dmp This was probably caused by the following module ntoskrnl exe nt x Bugcheck code x F x xFFFFFA xFFFFF C xFFFFFA C Error DRIVER POWER STATE FAILURE file path C windows system ntoskrnl exe product Microsoft Windows Operating System company Microsoft Corporation description NT Kernel amp System Bug check description This bug check indicates that the driver is in an inconsistent or invalid power state This appears to be a typical software driver bug and is not likely to be caused by a hardware problem The crash took place in the Windows kernel Possibly this problem is caused by another driver which cannot be identified at this time Code On Fri AM GMT your computer crashed crash dump file C windows Minidump - - dmp This was probably caused by the following module ntoskrnl exe nt x Bugcheck code x F x xFFFFFA F xFFFFF B C xFFFFFA E Error DRIVER POWER STATE FAILURE file path C windows system ntoskrnl exe product Microsoft Windows Operating System company Microsoft Corporation description NT Kernel amp System Bug check description This bug check indicates that the driver is in an inconsistent or invalid power state This appears to be a typical software driver bug and is not likely to be caused by a hardware problem The crash took place in the Windows kernel Possibly this problem is caused by another driver which cannot be identified at this time Code On Wed AM GMT your computer crashed crash dump file C windows Minidump - - dmp This was probably caused by the following module ntoskrnl exe nt x Bugcheck code x F x x x F xFFFFF EC Error UNEXPECTED KERNEL MODE TRAP file path C windows system ntoskrnl exe product Microsoft Windows Operating System company Microsoft Corporation description NT Kernel amp System Bug check description This bug check indicates that the Intel CPU generated a trap and the kernel failed to catch this trap The crash took place in the Windows kernel Possibly this problem is caused by another driver which cannot be identified at this time nbsp

A:Need help with BSOD analysis 0x9F and 0x7F

How to find and post your Minidump Files:

My Computer > C Drive > Windows Folder > Minidump Folder > Minidump Files.

It is these files that we need (not the folder). Attach to your next post the five most recent dumps. Notice the Manage Attachments button at the bottom when you go to post the next time. You can Zip up to five files per Zip; if you only have one or two you don?t need to zip them, just attach as is. Please do us a favor and don?t Zip each one individually.

WhoCrashed isn't giving enough information thus the request for minidump files.

* Also, when do these crashes occur, i.e., what are you doing?
 

http://www.techspot.com/community/topics/need-help-with-bsod-analysis-0x9f-and-0x7f.158491/
Relevancy 46.01%

Please analyse...

A:BSOD Kernel Dump Analysis

Please do this again and make sure you right click the executable file and run as administrator.

Thanks

Poyol

http://www.techsupportforum.com/forums/f299/bsod-kernel-dump-analysis-493185.html
Relevancy 46.01%

Hello I have been getting a BSOD and Crash Dump upon Dump BSOD Crash Analysis logging in to Windows Here is the analysis I've received Windows Kernel Version Service Pack MP procs Free x Product WinNt suite TerminalServer SingleUserTS Personal Built by amd fre win sp gdr - Machine Name Kernel base xfffff PsLoadedModuleList xfffff f Debug BSOD Crash Dump Analysis session time Mon Oct UTC - System Uptime days Bugcheck Analysis SYSTEM SERVICE EXCEPTION b An exception happened while executing a system service BSOD Crash Dump Analysis routine Arguments Arg c Exception code that caused the bugcheck Arg fffff b b Address of the instruction which caused the bugcheck Arg fffff cf a Address of the context record for the exception that caused the bugcheck Arg zero Debugging Details ------------------ TRIAGER Could not open triage file e dump analysis program triage modclass ini error EXCEPTION CODE NTSTATUS xc - The instruction at quot x lx quot referenced memory at quot x lx quot The memory could not be quot s quot FAULTING IP nt ExDeferredFreePool fffff b b c cmp qword ptr rax r CONTEXT fffff cf a -- cxr xfffff cf a rax e d rbx rcx fffffa c f rdx fffff a ca rsi rdi fffff a cbe rip fffff b b rsp fffff cf f rbp r fffff a ff dd r fffff a ca r r fffff a ca r fffffa c c r r r iopl nv up ei pl nz na po nc cs ss ds b es b fs gs b efl nt ExDeferredFreePool x fffff b b c cmp qword ptr rax r ds b e Resetting default scope CUSTOMER CRASH COUNT DEFAULT BUCKET ID WIN DRIVER FAULT BUGCHECK STR x B PROCESS NAME avgidsagent ex CURRENT IRQL LAST CONTROL TRANSFER from to fffff b b STACK TEXT fffff cf f nt ExDeferredFreePool x FOLLOWUP IP nt ExDeferredFreePool fffff b b c cmp qword ptr rax r SYMBOL STACK INDEX SYMBOL NAME nt ExDeferredFreePool FOLLOWUP NAME Pool corruption IMAGE NAME Pool Corruption DEBUG FLR IMAGE TIMESTAMP MODULE NAME Pool Corruption STACK COMMAND cxr xfffff cf a kb FAILURE BUCKET ID X x B nt ExDeferredFreePool BUCKET ID X x B nt ExDeferredFreePool Followup Pool corruptionAny ideas of what to do next Thanks

https://social.technet.microsoft.com/Forums/en-US/8bc513b9-660c-45ea-bc7d-8c063093b3c5/bsod-crash-dump-analysis?forum=w7itproperf
Relevancy 46.01%

Hello For some time now I have been having a lot of BSODs Like up to times a day Crash Analysis Dump BSOD, Sometimes it happens after a long time idling sometimes when I stress the CPU It can happen when I close my session try to close the computer or restart it I had an overclock on everything but for the last days I've been running at stock speeds hoping that this might solve my problem Unfortunately the BSODs continued to happen When I finally had some time to myself to research the problem I decided to analyse my Crash Dump files in C Windows Minidump But you see I have CCleaner installed and hadn't realized it was erasing those So I only have the latest three Two of them had for Image Name quot ntkrnlmp exe quot and one had quot eeCtrl sys quot I have joined these three crash dumps to this post I was hoping you could help me understand what is wrong with my computer Oh by the way I think it all started when I installed the latest version of Norton v But it could be a coincidence Or I could be remembering wrong Thank you for your help al ex

A:BSOD, Crash Dump Analysis

http://www.sevenforums.com/crashes-d...tructions.html

http://www.sevenforums.com/bsod-help-support/158689-bsod-crash-dump-analysis.html
Relevancy 46.01%

Hello can someone please help me with the following BSOd analysis Instant Online Crash Analysis brought to you by OSR Open Systems Resources Inc Show DivPrimary Analysis Crash Dump Analysis provided by OSR Open Systems Resources Inc OSR Homepage - OSR Online Crash Dump Analysis Service See OSR Online - The Home Page for Windows Driver Developers for more information Windows Kernel Version Service Pack MP procs Free x Product WinNt suite TerminalServer SingleUserTS Personal Built by amd fre win sp gdr - Machine Name Kernel base xfffff b PsLoadedModuleList xfffff Debug session time Sat Jun UTC - System Uptime days Bugcheck Analysis KMODE EXCEPTION NOT HANDLED e This is a very common bugcheck Usually the exception address pinpoints the driver function that caused the problem Always note this address as well as with dump attached BSOD, analysis Help the link date of the driver image that contains this address Arguments Arg The exception code that was not handled Arg The address that the exception occurred at Arg Parameter of the exception Arg Parameter of the exception Debugging Details ------------------ TRIAGER Could not open triage file e dump analysis program triage modclass ini error EXCEPTION CODE Win - The operation completed successfully FAULTING IP EXCEPTION PARAMETER EXCEPTION PARAMETER ERROR CODE NTSTATUS - STATUS WAIT BUGCHECK STR x e DEFAULT Help with BSOD, dump analysis attached BUCKET ID WIN DRIVER FAULT PROCESS NAME System CURRENT Help with BSOD, dump analysis attached IRQL EXCEPTION RECORD fffff cd -- exr xfffff cd ExceptionAddress fffff f d storport StorPortNotification x ExceptionCode c Access violation ExceptionFlags NumberParameters Parameter Parameter ffffffffffffffff Attempt to read from address ffffffffffffffff TRAP FRAME fffff cd b -- trap xfffff cd b NOTE The trap frame does not contain all registers Some register values may be zeroed or incorrect rax f rbx rcx rdx fffffa a a rsi rdi rip fffff f d rsp fffff cda rbp fffffa dd r r r fffffa a a r fffff cdab r r r r iopl nv up ei ng nz na po nc storport StorPortNotification x fffff f d b mov rbx qword ptr rax ds f Resetting default scope LAST CONTROL TRANSFER from fffff be to fffff f STACK TEXT fffff cc e fffff be fffffa eacbe fffff cd fffff bb nt KeBugCheck fffff cc f fffff bb d fffff a d fffff da c fffff b fffff cd nt KiKernelCalloutExceptionHandler xe fffff cc fffff b f fffff e c fffff cc fffff cd fffff b nt RtlpExecuteHandlerForException xd fffff cc fffff cae fffff cd fffff cd fffff fffffa df nt RtlDispatchException x fffff cd fffff ef fffff cd fffff cd b nt KiDispatchException x fffff cd d fffff d a fffffa ab a fffffa dcd nt KiExceptionDispatch xc fffff cd b fffff f d fffffa df ba fffff d de fffffa df nt KiGeneralProtectionFault x a fffff cda fffff d aa fffffa dd ecc fffffa a a storport StorPortNotification x fffff cdac fffffa dd ecc fffffa a a fffff cdb iaStorA x aa fffff cdac fffffa a a fffff cdb xfffffa dd ecc fffff cdad fffff cdb a xfffffa a a fffff cdad fffff cdb a fffff dabec x STACK COMMAND kb FOLLOWUP IP storport StorPortNotification fffff f d b mov rbx qword ptr rax SYMBOL STACK INDEX SYMBOL NAME storport StorPortNotification FOLLOWUP NAME MachineOwner MODULE NAME storport IMAGE NAME storport sys DEBUG FLR IMAGE TIMESTAMP f FAILURE BUCKET ID X x e storport StorPortNotification BUCKET ID X x e storport StorPortNotification Followup MachineOwner --------- I had HWMointor running was watching a program with VLC and sound stuttered picture froze then this BSOD Been having issues with Device Driver Stopped Responding But Has Now Recovered ever since I upgraded my case fans and CPU water cooler Rechecked all the cables but can't figure out why it is happening I have a Corsair W PSU and one Evga GTX Sc Bought new RAM still no joy now this BSOD I might have been running AISuite Monitor and HWMointor when the crash happened Mobo P X -pro

A:Help with BSOD, dump analysis attached

Please follow the instructions here: Blue Screen of Death (BSOD) Posting Instructions

http://www.sevenforums.com/bsod-help-support/372699-help-bsod-dump-analysis-attached.html
Relevancy 46.01%

Hi All,

i keep getting this random BSOD, your help analyzing what's wrong will be greatly appreciated! thanks!
My Spec
- Ultimate x64
- self built system

- What is the age of system (hardware). 9 month old
- What is the age of OS installation. 9 month old
Problem signature
Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.256.1
Locale ID: 1033

Extra information about the problem
BCCode: 3d
BCP1: FFFFF88003BFCE80
BCP2: 0000000000000000
BCP3: 0000000000000000
BCP4: FFFFF80002CD8A70
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1
Bucket ID: X64_0x3D_nt!KiInterruptHandler+29
Server information: f88921fa-f57a-4923-a733-afc2fec118a3

A:BSOD analysis needed 0x0000003d

Hello there,
Please attend to these three things...

* ASACPI.SYS






Quote:

The pre 2009 version of this driver is a known BSOD cause.

Please visit this link: ASUS teK Computer Inc. -Support- Drivers and Download P7P55D LE
ASUSTeK Computer Inc. -Support- Drivers and Download P7P55D LE

Scroll down to the Utilities category, then scroll down to the "ATK0110 driver for WindowsXP/Vista/Windows 7 32&64-bit" (it's about the 12th item down).
Download and install it.

Go to C:\Windows\System32\drivers to check and make sure that the ASACPI.SYS file is date stamped from 2009 or 2010 (NOT before)


* SPTD.SYS






Quote:
This is another large cause used by daemon tools and alcohol120

Remove any CD visualization programs such as Daemon Tools and Alcohol 120%.
They use a driver, found in your dmp, sptd.sys, that is notorious for causing BSODs.

Use this SPTD uninstaller when you're done:DuplexSecure - Downloads

You can use MagicDisc as an alternative.


Freeware MagicISO Virtual CD/DVD-ROM(MagicDisc) Overview
* I do notice McAfee which is a frequent cause of BSOD's.
Please remove it and replace it with Microsoft Security Essentials at least to test.

How to uninstall or reinstall supported McAfee consumer products using the McAfee Consumer Products Removal tool (MCPR.exe)

Microsoft Security Essentials - Free Antivirus for Windows

http://www.sevenforums.com/bsod-help-support/200415-bsod-analysis-needed-0x0000003d.html
Relevancy 46.01%

Hello So I've been having a problem with constant BSOD's it happens basically everyday whenever I shut down the computer It hangs at the Vista logoff shut down screen for roughly minutes then goes to BSOD which states DRIVER POWER STATE FAILURE I ran the WinDbg tool and here's the analysis of the minidump Code Microsoft R Windows Debugger Version AMD Copyright c Microsoft Corporation All rights reserved Loading Dump File C Windows Minidump Mini - dmp Mini Kernel Dump File Only registers and stack trace are available Symbol search path is SRV c websymbols http msdl microsoft com download symbols Executable search path is Windows Server Windows Vista Kernel Version Service Pack MP procs Free x Product WinNt suite TerminalServer SingleUserTS Personal Built by amd fre vistasp gdr - Machine Name Kernel base xfffff f PsLoadedModuleList xfffff d dd Debug session time Fri Sep UTC - System Uptime days Loading Kernel Symbols Loading User Symbols Loading unloaded module list Bugcheck Analysis Use analyze -v to get detailed debugging information BugCheck F fffffa d d Unable to load image SystemRoot system drivers RTSTOR SYS Win error n WARNING Unable to verify timestamp for RTSTOR SYS ERROR Module load completed but symbols could not be loaded for RTSTOR SYS Probably caused by Unknown Image ANALYSIS INCONCLUSIVE Followup MachineOwner --------- kd gt analyze -v Bugcheck Analysis DRIVER POWER STATE FAILURE f A driver is causing an inconsistent power state Arguments Arg The power transition timed out waiting to synchronize with the Pnp subsystem Arg Timeout WinDbg provided) BSOD (with Analysis in seconds Arg fffffa d d The thread currently holding on to the Pnp lock Arg Debugging Details ------------------ DRVPOWERSTATE SUBCODE CUSTOMER CRASH COUNT DEFAULT BUCKET ID VISTA DRIVER FAULT BUGCHECK STR x F PROCESS NAME BSOD (with WinDbg Analysis provided) System CURRENT IRQL STACK TEXT fffffa db fffff b fa fffffa e nt KiSwapContext x f fffffa db fffff db fffffa e fffff nt KiSwapThread x a fffffa db c fffffa e d fffffa fffffa fffffa e fffffa e nt KeWaitForSingleObject x cb fffffa db fffffa fffffa fffffa e fffffa e RTSTOR x d fffffa db fffffa fffffa e fffffa e fffffa d d xfffffa fffffa db fffffa e fffffa e fffffa d d xfffffa fffffa db fffffa e fffffa d d fffff d eb xfffffa e fffffa db fffffa d d fffff d eb fffff xfffffa e STACK COMMAND kb SYMBOL NAME ANALYSIS INCONCLUSIVE FOLLOWUP NAME MachineOwner MODULE NAME Unknown Module IMAGE NAME Unknown Image DEBUG FLR IMAGE TIMESTAMP FAILURE BUCKET ID X x F ANALYSIS INCONCLUSIVE BUCKET ID X x F ANALYSIS INCONCLUSIVE Followup MachineOwner --------- Any ideas Since all I see is analysis inconclusive and vista driver fault

A:BSOD (with WinDbg Analysis provided)

Generally we prefer to have the memory dump files uploaded along with the information in this pinned topic: Blue Screen of Death (BSOD) Posting Instructions

But, in this case, there's a couple of things that probably point to the problem.

First is the STOP error:

Code:
DRIVER_POWER_STATE_FAILURE (9f)
A driver is causing an inconsistent power state.
Arguments:
Arg1: 0000000000000004, The power transition timed out waiting to synchronize with the Pnp subsystem. Arg2: 0000000000000258, Timeout in seconds.
Arg3: fffffa8009d2d720, The thread currently holding on to the Pnp lock.
Arg4: 0000000000000000
This tells us that the error is caused by a driver, and it's due to a timeout while waiting to do stuff (which is what you're seeing with the delayed shutdown).

Next is this:

Code:
Unable to load image \SystemRoot\system32\drivers\RTSTOR64.SYS, Win32 error 0n2
*** WARNING: Unable to verify timestamp for RTSTOR64.SYS
*** ERROR: Module load completed but symbols could not be loaded for RTSTOR64.SYS
IMO the debugger wouldn't have mentioned RTSTOR64.SYS unless it was needed for the analysis - so it's suspect.

Next is the Stack Text:

Code:
STACK_TEXT:
fffffa60`01db6510 fffff800`0206b6fa : fffffa80`0e550580 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSwapContext+0x7f
fffffa60`01db6650 fffff800`020603db : 00000000`00000002 fffffa80`0e550060 00000000`00000002 fffff800`02069480 : nt!KiSwapThread+0x13a
fffffa60`01db66c0 fffffa60`0469e94d : fffffa80`00000000 fffffa80`00000000 fffffa80`0e998000 fffffa80`0e998200 : nt!KeWaitForSingleObject+0x2cb
fffffa60`01db6750 fffffa80`00000000 : fffffa80`00000000 fffffa80`0e998000 fffffa80`0e998200 00000000`00000000 : RTSTOR64+0x494d
fffffa60`01db6758 fffffa80`00000000 : fffffa80`0e998000 fffffa80`0e998200 00000000`00000000 fffffa80`09d2d720 : 0xfffffa80`00000000
fffffa60`01db6760 fffffa80`0e998000 : fffffa80`0e998200 00000000`00000000 fffffa80`09d2d720 00000000`00000270 : 0xfffffa80`00000000
fffffa60`01db6768 fffffa80`0e998200 : 00000000`00000000 fffffa80`09d2d720 00000000`00000270 fffff800`022d3eb4 : 0xfffffa80`0e998000
fffffa60`01db6770 00000000`00000000 : fffffa80`09d2d720 00000000`00000270 fffff800`022d3eb4 fffff880`00000070 : 0xfffffa80`0e998200
In this we can see that RTSTOR64.sys is the only 3rd party drive mentioned (in most cases, the stuff below it represents stuff from user mode that's not considered in a BSOD analysis of this type). So we have more evidence to suspect RTSTOR64.sys

Finally, I'd suggest running the lmtsmn command in the debugger to list the loaded drivers. First check the date stamp on the RTSTOR64.sys driver, and then check the date stamps on the rest of the drivers. Any very old drivers can be a clue as to further issues with the system (but it gets complicated with Vista - so it's best to just post them for us to have a look at).

So, we think that RTSTOR64.sys is the culprit - so what do we do?
First, we look it up at my website here: Driver Reference
And we find that it's your Realtek card reader device
So go to the link for the Realtek card reader and you'll be able to download the driver.

Then uninstall the currently installed Card Reader driver
Then install the freshly downloaded driver (this procedure helps to ensure the removal of corrupted drivers before replacing them)

Then test to see if that has stopped the BSOD's. Be sure to exercise (use) the card reader to be sure.

Good luck!

http://www.vistax64.com/crashes-debugging/282849-bsod-windbg-analysis-provided.html
Relevancy 46.01%

hi I am running Windows XP SP on quite a dated computer that has been pretty solid up until now It is randomly suffering from BSODs sometimes only after a short period of time but it can also go a few days without any issues After one such BSOD attached, help with analysis minidumps BSOD, need I rebooted the computer and after the initial screen where you BSOD, minidumps attached, need help with analysis can access bios I was greeted with a blank screen with a on it Not good So I went into bios and changed it to fail-safe settings and everything went fine Then the BSODs set back in after BSOD, minidumps attached, need help with analysis a few days I have attached the latest minidumps I have tried analyzing them but I really can t work it out only consistent theme I see is win k sys But this hasn t led me to any answers Specs Pentium CPU GHZ gb of memory Would be greatful for any assistance and if you need more info just ask Thank you nbsp

A:BSOD, minidumps attached, need help with analysis

whooops attachments didnt upload properly, here they are
 

http://www.techspot.com/community/topics/bsod-minidumps-attached-need-help-with-analysis.147833/
Relevancy 46.01%

Any help would be appreciated guys I have been just living with it with BSOD Jraid.sys debug analysis and but it is so frequent now that it s pretty unbearable I have read the steps and here is what I get from the debugger Bugcheck Analysis DRIVER IRQL NOT LESS OR EQUAL Jraid.sys BSOD with debug and analysis d An attempt was made to access a pageable or completely invalid address at an interrupt request level IRQL that is too high This is usually caused by drivers using improper addresses If kernel debugger is available get stack backtrace Arguments Arg a c memory referenced Arg IRQL Arg value read operation write operation Arg b f address which referenced memory Debugging Details ------------------ WRITE ADDRESS a c CURRENT IRQL FAULTING IP jraid b f c e mov byte ptr ebx- AFF h al CUSTOMER CRASH COUNT DEFAULT BUCKET ID DRIVER FAULT BUGCHECK STR xD PROCESS NAME searchindexer e LAST CONTROL TRANSFER from b edddd to b f STACK TEXT STACK COMMAND kb FOLLOWUP IP jraid b f c e mov byte ptr ebx- AFF h al SYMBOL STACK INDEX SYMBOL NAME jraid FOLLOWUP NAME MachineOwner MODULE NAME jraid IMAGE NAME jraid sys DEBUG FLR IMAGE TIMESTAMP b b FAILURE BUCKET ID xD jraid BUCKET ID xD jraid Followup MachineOwner --------- Thanks in advance

A:Jraid.sys BSOD with debug and analysis

Do you have a RAID setup on your system?System manufacturer and model, please? If custom/self-built...motherboard manufacturer and model?Download/install BlueScreenView, http://www.nirsoft.net/utils/blue_screen_view.html.Double-click BlueScreenView.exe file.When scanning is done, Edit/Select All...then File/Save Selected Items. Open BSOD.txt in Notepad, copy all content and paste it into your next reply.Louis

http://www.bleepingcomputer.com/forums/t/344161/jraidsys-bsod-with-debug-and-analysis/
Relevancy 46.01%

I just did a fresh format I am running the following Intel Core Duo E GHz CPU GHz w Scythe MINE Rev B CPU Cooler x GB - analysis Reproduceable needed help .dmp BSOD please! Corsair XMS TWIN X - C RAM Asus P W-DH Motherboard Corsair HX W PSU Diamond ATI Radeon HD M PCI-E Video Card Antec P Advanced Super Mid Tower Pioneer DVR-R XDVDRW x Western Digital WD AAKS GB HD External x Western Digital WD EADS TB HD RAID Logitech diNovo BlueTooth Laser Desktop Toshiba Regza XV U Reproduceable BSOD - .dmp analysis help needed please! quot p Hz LCD Dell W quot LCD Monitor Logitech z Digital Surround Sound System and the following is how my hard drives Reproduceable BSOD - .dmp analysis help needed please! are setup Drive Boot drive GB WD Drive x GB WD RAID using onboard JMB X Controller - one is external Drive Reproduceable BSOD - .dmp analysis help needed please! GB WD Drive GB WD Backup drive Drive x TB WD RAID using onboard Si Controller I am running Windows Vista SP -bit edition After my format I want to run my regularly scheduled backup task using Acronis True Image Home I ran it four or five times creating new tasks and trying to incrementally build my existing backups - it kept freezing So I created a new backup file and got the BSOD I then upgraded my Acronis True Image Home to the latest version of and ran it again The same BSOD I've tried loading WinDbg and even installed all the symbols but I still get unknown symbol errors in the dump file analysis Any ideas on what could be causing this I would love some help from the gurus here before I rip out my hair The reason I included my system setup is because there is a little bit at the end of the analysis txt file that indicates hardware error The only significant change from the last time is the inclusion of the new RAID using the JMB X controller so could possibly be a driver issue but I can't confirm

A:Reproduceable BSOD - .dmp analysis help needed please!

This is a hardware error that's reported by your CPU (and not by Windows). As such, analyzing the dump file will be very frustrating.

Of note is the error that it finds - it cannot locate symbols for PSHED.dll
I've seen at least 2 other of these errors on the web recently. One remains unsolved, the other is likely to be caused by a component of Avast that the user had installed. I haven't received any information about what Avast product he is using, nor if uninstalling it has solved the BSOD's.

But, these other 2 have had a couple of weeks of troubleshooting so they'll give you a "jump start" on the process.

First, get a start on these things to rule out some of the more common issues: BSOD troubleshooting preliminaries - Vox

Next, set up the system to use Driver Verifier according to these directions. Read the directions carefully BEFORE starting - as it can cause your system to not boot into Windows (from this post: BSOD 0x124. Please Help! - Tech Support Forum ):





To do this, I'd like to try it in several stages:
- Testing only non-Microsoft drivers
- Testing only Microsoft drivers
- Testing all drivers

To do this, follow the instructions here, modifying the BOLDED step to change the drivers that are verified. Please upload the dump files as they occur, if you don't get a dump within 24 hours, switch to the next step:





Using Driver Verifier is an iffy proposition. Most times it'll crash and it'll tell you what the driver is. But sometimes it'll crash and won't tell you the driver. Other times it'll crash before you can log in to Windows. If you can't get to Safe Mode, then you'll have to resort to offline editing of the registry to disable Driver Verifier.

So, I'd suggest that you first backup your stuff and then make sure you've got access to another computer so you can contact us if problems arise. Then make a System Restore point (so you can restore the system using the Vista Startup Repair feature).

Then, here's the procedure:
- Go to Start and type in "verifier" (without the quotes) and press Enter
- Select "Create custom settings (for code developers)" and click "Next"
- Select "Select individual settings from a full list" and click "Next"
- Select everything EXCEPT FOR "Low Resource Simulation" and click "Next"
- Select "Select driver names from a list" and click "Next"
Then select all drivers NOT provided by Microsoft and click "Next"
- Select "Finish" on the next page.

Reboot the system and wait for it to crash to the Blue Screen. Continue to use your system normally, and if you know what causes the crash, do that repeatedly. The objective here is to get the system to crash because Driver Verifier is stressing the drivers out.

Reboot into Windows (after the crash) and turn off Driver Verifier by going back in and selecting "Delete existing settings" on the first page, then locate and zip up the memory dump file and upload it with your next post.

If you can't get into Windows because it crashes too soon, try it in Safe Mode.
If you can't get into Safe Mode, try using System Restore from your installation DVD to set the system back to the previous restore point that you created.
If that doesn't work, post back and we'll have to see about fixing the registry entry off-line.

http://www.vistax64.com/general-discussion/239703-reproduceable-bsod-dmp-analysis-help-needed-please.html
Relevancy 46.01%

I've had three bsod this week. I only have one dmp file in minidump and that's attached.

Monday, April 12, visual studio 2010 was released and I installed it. The crashes started after that but of course there is not certain connection at this time. I crashed Monday, Tuesday, and Thursday (today) one time each. The first two bsod visual studio 2010 was loaded; today it was not; only apps I'd stated were firefox 3.6.3 and zimbra desktop (an email client). Today I had just clicked on a tab in firefox when the bsod took place. That might have been true the other times but I'm not sure.

This pc was built by myself a month ago; and it's the first 64 bit os I've spent any real time with.

Anyways I hope someone can provide a clue or two re what might be amiss from the dmp.

A:BSOD windows 7 x64; 3x this week; help with analysis

  
Quote: Originally Posted by likely


I've had three bsod this week. I only have one dmp file in minidump and that's attached.

Monday, April 12, visual studio 2010 was released and I installed it. The crashes started after that but of course there is not certain connection at this time. I crashed Monday, Tuesday, and Thursday (today) one time each. The first two bsod visual studio 2010 was loaded; today it was not; only apps I'd stated were firefox 3.6.3 and zimbra desktop (an email client). Today I had just clicked on a tab in firefox when the bsod took place. That might have been true the other times but I'm not sure.

This pc was built by myself a month ago; and it's the first 64 bit os I've spent any real time with.

Anyways I hope someone can provide a clue or two re what might be amiss from the dmp.


This crash was probably caused by your vfilter.sys, which is part of your VPN. I would uninstall it to test.

Ken

Code:

Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\K\Desktop\041510-16504-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*F:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16539.amd64fre.win7_gdr.100226-1909
Machine Name:
Kernel base = 0xfffff800`02a55000 PsLoadedModuleList = 0xfffff800`02c92e50
Debug session time: Thu Apr 15 11:34:31.167 2010 (GMT-4)
System Uptime: 0 days 0:29:52.197
Loading Kernel Symbols
...............................................................
................................................................
..........................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck A, {0, 2, 0, fffff80002ac97b6}

Unable to load image \SystemRoot\system32\DRIVERS\vfilter.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for vfilter.sys
*** ERROR: Module load completed but symbols could not be loaded for vfilter.sys
Probably caused by : vfilter.sys ( vfilter+29a6 )

Followup: MachineOwner
---------

4: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000000000000000, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff80002ac97b6, address which referenced memory

Debugging Details:
------------------
READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002cfd0e0
0000000000000000

CURRENT_IRQL: 2

FAULTING_IP:
nt!KeSetEvent+226
fffff800`02ac97b6 488b09 mov rcx,qword p... Read more

http://www.sevenforums.com/bsod-help-support/78535-bsod-windows-7-x64-3x-week-help-analysis.html
Relevancy 45.58%

Can someone help me all my hardware is new so it cause as ntoskrnl.exe the Minidump bsod analysis pinpoints for cannot be that how do i fix this ntoskrnl exe file Windows ultimate x build Pentium R Dual core Cpu E ghz gb ram MODULE NAME nt FAULTING MODULE fffff a nt DEBUG FLR IMAGE TIMESTAMP a bc BUGCHECK STR x CUSTOMER CRASH COUNT DEFAULT BUCKET ID VISTA DRIVER FAULT CURRENT IRQL LAST CONTROL TRANSFER from fffff ba d f to fffff a f STACK TEXT fffff a d aa fffff ba d f fffff c a fffff c a nt x f fffff a d ab fffff c a fffff c a fffff c a nt x a d f fffff a d ab fffff c a fffff c a Minidump analysis pinpoints ntoskrnl.exe as the cause for bsod fffff c a fffff c x fffff a d ac fffff c a fffff c a fffff c a fffff c x fffff a d ac fffff c a fffff c a fffff c Minidump analysis pinpoints ntoskrnl.exe as the cause for bsod fffff c nt x ffa fffff a d ad fffff c a fffff c fffff c nt x fa fffff a d ad fffff c fffff c nt x ffa fffff a d ae fffff c fffffa xfffff c STACK COMMAND kb FOLLOWUP IP nt f fffff a f c mov qword ptr rsp rcx SYMBOL STACK INDEX SYMBOL NAME nt f FOLLOWUP NAME MachineOwner IMAGE NAME ntoskrnl exe BUCKET ID WRONG SYMBOLS Followup MachineOwner ---------

A:Minidump analysis pinpoints ntoskrnl.exe as the cause for bsod

It would help to have the full crash reports: http://www.sevenforums.com/crashes-d...tructions.html
Crashes caused by L1E62x64.sys, your LAN driver. You should be able to find an updated driver through your motherboard support site (ASUS, Gigabyte, etc.) or vendor support site (HP, Dell, etc.). Do not install a beta driver; only install the most recent stable driver.

Your AVG drivers are out of date, so I suspect you have an older version of the software. You may want to consider installing the latest version. It is network related, so it may contribute to network crashes as seen in the .dmp file.

Code:
ASACPI.sys Sun Mar 27 20:30:36 2005 (42476C4C)
Older versions of ASACPI.SYS are a known BSOD problem on Windows 7. Update the driver by:Going to the Asus motherboard support site
When you reach the website:
Scroll down the page and click Utilities
Hold Ctrl and press f (ctrl+f) to enter the browser's find feature
Search for "ATK0110 driver for WindowsXP/Vista/Win7 32&64-bit" (without quotes)
Download and install the driver.
After installation is complete, verify that it installed correctly.Click Start Menu
Click My Computer
Go to C:\WIndows\System32\drivers\
Verify that the ASACPI.SYS file is dated 2009 or newer (2010,etc.)

http://www.sevenforums.com/bsod-help-support/234489-minidump-analysis-pinpoints-ntoskrnl-exe-cause-bsod.html
Relevancy 45.58%

Hi Could anyone give me some help interpreting the Bugcheck Analysis below The computer is giving a BSOD once or twice a day I looked for a 'probably caused by ' line and couldn't find it Thanks Ben Code kd gt analyze -v Bugcheck Analysis KERNEL MODE EXCEPTION NOT HANDLED M e This is a very common bugcheck Usually the exception address pinpoints - Analysis Bugcheck Help BSOD frequent a understanding the driver function that caused the problem Always note this address as well as the link date of the driver image that contains this address Some common problems are exception code x This means a hard coded breakpoint or assertion was hit but this system was booted NODEBUG This is not supposed to happen as developers should never have hardcoded breakpoints in retail code but If this happens make sure a debugger gets connected and the system is booted DEBUG This will Help understanding a Bugcheck Analysis - frequent BSOD let us see why this breakpoint is happening Arguments Arg c The exception code that was not handled Arg bc d The address that the exception occurred at Arg a b c Trap Frame Arg Debugging Details ------------------ OVERLAPPED MODULE Address regions for 'kmixer' and 'kmixer sys' overlap EXCEPTION CODE NTSTATUS xc - The instruction at x lx referenced memory at x lx The memory could not be s FAULTING Help understanding a Bugcheck Analysis - frequent BSOD IP nt ObpCloseHandleTableEntry bc d b a cmp dword ptr ecx A h TRAP FRAME a b c -- trap xffffffff Help understanding a Bugcheck Analysis - frequent BSOD a b c ErrCode eax a c c ebx ab ecx edx f esi f edi e c eaa eip bc d esp a bf ebp a bfc iopl nv up ei ng nz na po nc cs ss ds es fs gs efl nt ObpCloseHandleTableEntry x bc d b a cmp dword ptr ecx A h ds a Resetting default scope CUSTOMER CRASH COUNT DEFAULT BUCKET ID CODE CORRUPTION BUGCHECK STR x E PROCESS NAME iexplore exe CORRUPTING POOL ADDRESS f CORRUPTING POOL TAG Thre LAST CONTROL TRANSFER from c a to bc d STACK TEXT a bfc c a e c e c eaa nt ObpCloseHandleTableEntry x a c c e e c eaa a c c nt ObpCloseHandleProcedure x f a c c c b c e c c a a c c nt ExSweepHandleTable x b a c d b a e bf bf nt ObKillProcess x c a d d c bf nt PspExitThread x e a d d ae bf a d nt PspTerminateThreadByPointer x a d c fef nt NtTerminateProcess x a d c e fef nt KiFastCallEntry xfc WARNING Frame IP not in any known module Following frames may be wrong fef x c e STACK COMMAND kb CHKIMG EXTENSION chkimg -lo -d nt bc - bc a bytes - nt ObMakeTemporaryObject b ff b ec e f e errors nt bc - bc a MODULE NAME aswSP IMAGE NAME aswSP SYS DEBUG FLR IMAGE TIMESTAMP e a be FOLLOWUP NAME MachineOwner MEMORY CORRUPTOR PATCH aswSP FAILURE BUCKET ID MEMORY CORRUPTION PATCH aswSP BUCKET ID MEMORY CORRUPTION PATCH aswSP Followup MachineOwner ---------

A:Help understanding a Bugcheck Analysis - frequent BSOD

What happens in safe mode?
Have you error checked the drive?
Did you run driver verifier? http://www.techsupportforum.com/foru...ed-473665.html

http://www.techsupportforum.com/forums/f10/help-understanding-a-bugcheck-analysis-frequent-bsod-595007.html
Relevancy 45.58%

Hello gday i have a dell and i recently changed my hard drive from a gb to a gb an i restored an image of the windows xp home the new drive is a samsung but whenever i enter standby an resume its either the monitor does not come on or i get bsod error please BSOD urgent file analysis dump this only happens when resuming from standby hibernation works properly i know it cant be the new hard drive as i checked it for errors i did memory BSOD dump file analysis please urgent check perfectly fine and it cant be windows becuz the backup i made everything was working perfectly an they were locked up in an archive file so they wont get corrupted please help urgently thanks you SYTEM SPECS CPU Intel Ghz Single Core GPU ATI Radeon X XT RAM GB Hard Drive Samsung hd gj rpm gb SOUND Soundblaster Live PSU Watt i have uploaded the minidump file from using blue screen view those were the two that were highlighted that were seemed the problem is coming i tired reflashing the same bios an it didnt work could it be that my power supply is too weak becuz i have a WATT and i thought it was the video card causing the problem but i took dat out an i used the onboard graphics an i got the same problem i have the latest bios for the motherboard so i have no idea if its the motherboad cant handle the new gb hard drive I dont know if to reflash the bios again to see if it will work i will try that please tell me anything else i can do I NEED SOMEONE TO ANALYSE MY MINIDUMP FILE WHO HAS EXPERIENCE WITH WINDGP AND ACTUALLY TELL ME WHERE THE PROBLEM IS COMING FROM BECUASE BLUE SCREEN VIEW BLAMES IT ON NTOSKRNL EXE WHICH IS IN MOST CASES i was looking for jcgriff as he was helping me with another problem

http://www.techsupportforum.com/forums/f10/bsod-dump-file-analysis-please-urgent-509452.html
Relevancy 45.58%

`

For an execellent tutorial on getting started with BSOD Kernel Memory Dump Debugging, see POST #12

This is a discussion thread on debugging and analyzing Blue Screen of Death (BSOD) Kernel Memory Dumps.

All comments and questions are welcome - simply submit a reply post.

If you are seeking help for BSODs, please see --> BSOD Posting Instructions


Thank you all for your input.

Kind Regards. . .

jcgriff2

.

A:BSOD Kernel Dump Analysis - Discussion

`

I have received > 1,000 PMs and emails about Blue Screen View. The following is my professional and personal opinion on the product.

I believe that Blue Screen View is a very good product; however, most often misses the very obvious and tell-tale signs that one sees in the debugger. Granted, most times these "obvious" signs that are obvious to me may be considered "buried" and not-so-obvious to others.

Bottom line, you cannot always rely on the line "Probably caused by", especially when it is encircled by other driver names. I am specifically referring to those dumps that give up Microsoft drivers as the probable cause, which in 99% of the cases is simply not true - this goes for BlueScreenView or the Windows Debugger.

One of my earliest tests of BlueScreenView - Caused By Driver : ntoskrnl.exe (NT).

BlueScreenView gave the blame to NT because it was the last on the stack - nt!


Code:
STACK_TEXT: (edited)
00000000`00000000 : nt!PfFbLogEntryComplet
fffffa80`0907ab60 : nt!PfFileInfoNotify+0x
fffffa60`099ff430 : fileinfo!FIStreamLog+0
fffffa60`099ff430 : fileinfo!FIStreamSetFi
00000000`00003bd2 : fileinfo!FIStreamGetIn
00000000`00000000 : fileinfo!FIPostCreateC
fffffa80`07518b30 : fltmgr!FltpPerformPost
fffffa60`099ff620 : fltmgr!FltpLegacyProce
00000000`00000000 : fltmgr!FltpCreate+0x25
00000000`00000000 : AVGIDSFilter+0x54f0
fffffa80`04d64820 : 0x801
00000000`00000005 : 0x300
fffffa80`08ec2940 : 0xfffffa80`08ec2940

Windbg = Probably caused by : fileinfo.sys

Windbg gave p/cause to fileinfo.sys because it is the last subordinate MS driver to nt!

Both BlueScreenView and the Microsoft WHDC debugger were incorrect in the "probable cause" that each named, but Windbg came much closer to actual. Remember that we are given a probable cause - not the actual cause of a system crash.

Please don't get me wrong - I think Blue Screen View has done a great initial job. Like all software products, there is room for improvement; hence the reason they have asked for feedback. I wish that I could write an app that came close to BlueScreenView. I give the author(s) an A+ for initiative.

What I hate to see is someone using BlueScreenView and posting the results of 25 dumps all showing the NT Kernel (or other Microsoft driver) as the cause of the BSODs and considering it to be Gospel. NT may show up as the probable cause more often than any other; however --> Never happen. Not in a genuine Windows OS system.

What do you believe the cause of the crash to be? I have attached the dump, my Windbg log (partial) and the Blue Screen View HTML file.

WHDC/ WDK Debugging Tools For Windows --> http://www.microsoft.com/whdc/devtoo...g/default.mspx

PLEASE - feel free to comment in any manner in which you see fit.

Regards. . .

jcgriff2

.

http://www.techsupportforum.com/forums/f299/bsod-kernel-dump-analysis-discussion-452622.html
Relevancy 45.58%

Hey guys I just got a BSOD and was wondering if anyone could tell me the cause thanks in advance if anyone knows a good dump analysis program could you also give me a link .

A:Another BSOD Dump file analysis needed please

  
Quote: Originally Posted by Will2K9


Hey guys I just got a BSOD and was wondering if anyone could tell me the cause thanks in advance if anyone knows a good dump analysis program could you also give me a link .



These were caused by memory corruption. Either a bad driver is corrupting it or the memory itself is bad. Run Memtest to test yours

Download a copy of Memtest86 and burn the ISO to a CD using Iso Recorder or another ISO burning program. Boot from the CD, and leave it running for at least 5 or 6 passes.
Just remember, any time Memtest reports errors, it can be either bad RAM or a bad motherboard slot. Test the sticks individually, and if you find a good one, test it in all slots.

http://www.sevenforums.com/bsod-help-support/145019-another-bsod-dump-file-analysis-needed-please.html
Relevancy 45.58%

I'm having issues with a BSOD on shutting down or restarting my computer. It is working fine otherwise. It is just giving me the BSOD on shutdown or restart. Ran memtest and it showed no errors. I was wondering if any information can be found in these 3 minidump files. That is all I have.

The error I get is *** STOP: 0x0000008E (0xC0000005, 0x804F2DC1, b0c917d0 (changes each time), 0x00000000)

My computer runs Windows XP Pro, SP 3. I have 2 GB RAM. I have a RAID 0 setup, Silicon Image SiI 3112 Controller. GeoForce FX 5900 display adapter. All updates current and no changes made that started causing the problem.

I would appreciate any efforts made is helping me find out what is wrong.
 

https://forums.techguy.org/threads/solved-bsod-minidump-analysis-needed-please.726643/
Relevancy 45.58%

hello i experience this error and successfully fixed using USB disk recovery tool and repair My analysis - bad bsod crash config info specs bad config info bsod - crash analysis - win home premium bit GB RAM intel i fujitsu lifebook A series GB - my laptop is constantly connected to fujitsu led tv - main screen bad config info bsod - crash analysis is on LED TV - close lid option is sleep when plugged my case date happened - sept pm last i remember windows update was Windows Defender i checked in the event viewer it says source user profile service my partner close the lid while shutting down question what are the tools that will help me check my overall system after i repaired this software and hardware and unnecessary software running and installed if registry was the problem is it caused by updates current software antivirus or improper shutdown my theory causes are shutting down while closing lid not properly shutting down avira windows update bittorent vga connected constantly to led tv primary screen Event viewer reports Log Name Application Source Microsoft-Windows-User Profiles Service Date PM Event ID Task Category None Level Warning Keywords User SYSTEM Computer ebola Description Windows detected your registry file is still in use by other applications or services The file will be unloaded now The applications or services that hold your registry file may not function properly afterwards DETAIL - user registry handles leaked from Registry User S- - - - - - - Process Device HarddiskVolume Windows System winlogon exe has opened key REGISTRY USER S- - - - - - - Software Policies Microsoft Windows Safer CodeIdentifiers Process Device HarddiskVolume Program Files x Avira AntiVir Desktop avguard exe has opened key REGISTRY USER S- - - - - - - Software Microsoft Windows NT CurrentVersion Winlogon Process Device HarddiskVolume Windows System SearchIndexer exe has opened key REGISTRY USER S- - - - - - - Software Microsoft SystemCertificates MY Event Xml lt Event xmlns quot http schemas microsoft com win events event quot gt lt System gt lt Provider Name quot Microsoft-Windows-User Profiles Service quot Guid quot B E F - AFF- A - B - A A CE quot gt lt EventID gt lt EventID gt lt Version gt lt Version gt lt Level gt lt Level gt lt Task gt lt Task gt lt Opcode gt lt Opcode gt lt Keywords gt x lt Keywords gt lt TimeCreated SystemTime quot - - T Z quot gt lt EventRecordID gt lt EventRecordID gt lt Correlation ActivityID quot F C -F - - F-D B B CE quot gt lt Execution ProcessID quot quot ThreadID quot quot gt lt Channel gt Application lt Channel gt lt Computer gt ebola lt Computer gt lt Security UserID quot S- - - quot gt lt System gt lt EventData Name quot EVENT HIVE LEAK quot gt lt Data Name quot Detail quot gt user registry handles leaked from Registry User S- - - - - - - Process Device HarddiskVolume Windows System winlogon exe has opened key REGISTRY USER S- - - - - - - Software Policies Microsoft Windows Safer CodeIdentifiers Process Device HarddiskVolume Program Files x Avira AntiVir Desktop avguard exe has opened key REGISTRY USER S- - - - - - - Software Microsoft Windows NT CurrentVersion Winlogon Process Device HarddiskVolume Windows System SearchIndexer exe has opened key REGISTRY USER S- - - - - - - Software Microsoft SystemCertificates MY lt Data gt lt EventData gt lt Event gt Log Name Application Source Microsoft-Windows-User Profiles Service Date PM Event ID Task Category None Level Warning Keywords User SYSTEM Computer ebola Description Windows detected your registry file is still in use by other applications or services The file will be unloaded now The applications or services that hold your registry file may not function properly afterwards DETAIL - user registry handles leaked from Registry User S- - - - - - - Process Device HarddiskVolume Program Files x Avira AntiVir Desktop avguard exe has opened key REGISTRY USER S- - - - - - - Software Microsoft Windows NT CurrentVersion Winlogon Process Device HarddiskVolum... Read more

A:bad config info bsod - crash analysis

Event ID: 1530 may be logged in the Application log on a Windows Vista or newer computer

And it is not any BSOD.
Attachment 286730

Had I been there, I would have uninstall Avira. Use Microsoft Security Essentials as your antivirus with windows inbuilt firewall, and free MBAM as the on demand scanner.
Download, install and update those, and then run full system scans with both of them, one by one.

http://www.sevenforums.com/bsod-help-support/305559-bad-config-info-bsod-crash-analysis.html
Relevancy 45.58%

Hi Guys I've been trying to get BSOD Help Request 1285DX (DMP Debugging Analysis) HP on Windows to work on my Notebook HP Model DV - DX for the longest time now to no avail The install always goes without a hitch but am plagued with BSODs from the word go I've installed most every Beta version and every permutation of drivers out there Always attributed the problem to unstable beta product amp lack of official Windows Drivers My latest OS is the RTM BSOD on HP 1285DX Debugging Help Request (DMP Analysis) with ALL of the hardware properly configured HP has the Windows Drivers for my BSOD on HP 1285DX Debugging Help Request (DMP Analysis) model on their website including the BIOS update which I installed I use the notebook for watching movies on my TV connecting via HDMI and I have been dealing with the BSOD as many as - times during a movie at times The problem BSOD and reboots dont follow any recognizable pattern sometimes I can get thru various movies with no BSOD I dont get the BSOD ONLY while watching movies either - it happens just as much while using the notebook normally as well Since yesterday I've had BSODs and I installed WinDBG to have a look at the data for the first time I'm no expert but its completely random from what I see - the processes involved are different in each DMP I ran MEMtest and got No errors Can somebody who knows what the files quot really quot say have a look at the attached dumps and advise what I ought to do to fix this problem Any help would be more than welcome - Thanks

A:BSOD on HP 1285DX Debugging Help Request (DMP Analysis)

  
Quote: Originally Posted by Rhadamanthys


Hi Guys

I've been trying to get Windows 7 to work on my Notebook HP Model DV7-1285DX for the longest time now to no avail. The install always goes without a hitch, but am plagued with BSODs from the word go
I've installed most every Beta version and every permutation of drivers out there

Always attributed the problem to unstable beta product & lack of official Windows 7 Drivers. My latest OS is the RTM with ALL of the hardware properly configured. HP has the Windows 7 Drivers for my model on their website (including the BIOS update which I installed)

I use the notebook for watching movies on my TV (connecting via HDMI) and I have been dealing with the BSOD as many as 4-5 times during a movie at times. The problem BSOD and reboots dont follow any recognizable pattern (sometimes I can get thru various movies with no BSOD, I dont get the BSOD ONLY while watching movies either - it happens just as much while using the notebook normally as well)

Since yesterday I've had 7 BSODs and I installed WinDBG to have a look at the data for the first time. I'm no expert but its completely random from what I see - the processes involved are different in each DMP

I ran MEMtest86 and got No errors

Can somebody who knows what the files "really" say have a look at the attached dumps and advise what I ought to do to fix this problem??

Any help would be more than welcome - Thanks


These are pretty straight forward. Memory corruption

I would download memtestx86 and run for at least 5 passes.

Let us know if you need help
Ken

Code:

Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\K\Desktop\New folder (3)\032110-16208-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*F:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0xfffff800`02a4a000 PsLoadedModuleList = 0xfffff800`02c87e50
Debug session time: Sun Mar 21 12:06:56.625 2010 (GMT-4)
System Uptime: 0 days 0:04:17.607
Loading Kernel Symbols
...............................................................
................................................................
...............................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000007E, {ffffffffc000001d, fffff80002ac9c89, fffff88003139628, fffff88003138e80}

Probably caused by : memory_corruption

Followup: memory_corruption
---------

0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded brea... Read more

http://www.sevenforums.com/bsod-help-support/72737-bsod-hp-1285dx-debugging-help-request-dmp-analysis.html
Relevancy 45.58%

Hi Guys,

I have received a BSOD on a Sony VAIO laptop, the machine crashes after around 5 Minutes, I have switched of the wireless lan problem still persists. The error I recieve is as follows:

DRIVER_IRQL_NOT_LESS_OR_EQUAL

The spec of the laptop is:

Model -Sony Vaio VGN-C1S

OS - Windows XP SP3
1GB DDR2 SDRAM (2x512mb)

All help is greatly appreciated!

A:BSOD Windows debug analysis attached.

Hello onedub

It seems that a trojan is responsible
mslsrv32.exe

We cannot help you with malware removal in this forum.
Please read ?Virus/Trojan/Spyware Removal Help ? and follow the instructions very carefully; then, post all the requested logs and information in the Virus Help Forum
If you cannot complete any step, just miss it out and do what you can, but be sure to include this information in your post.
Please ensure that you create a new thread in the Virus Help Forum; not back here in this one.

Please be patient, as the Security Team Analysts are usually very busy; one of them will answer your request as soon as they can.

http://www.techsupportforum.com/forums/f10/bsod-windows-debug-analysis-attached-418812.html
Relevancy 45.58%

Hi all I ve been having a lot of BSOD errors lately and don t understand why I went through the tutorial on how to get my dump file info and Errors BSOD - File Dump analysis will post it here I see something about Chrome in it I did have a lot of tabs open in Chrome the last time I got the BSOD error Could that have caused it Thanks ahead of time for your help Microsoft reg Windows Debugger Version X Copyright copy Microsoft Corporation All rights reserved Loading Dump File C WINDOWS Minidump Mini - dmp Mini Kernel Dump File Only registers and stack trace are BSOD Errors - Dump File analysis available Symbol search path is SRV c symbols http msdl microsoft com download symbols Executable search path is Windows XP Kernel Version Service Pack UP Free x compatible Product WinNt suite TerminalServer SingleUserTS Built by xpsp sp gdr - Machine Name Kernel base x d PsLoadedModuleList x Debug session time Fri Jun UTC - System Uptime days Loading Kernel Symbols Loading User Symbols Loading unloaded module list Bugcheck Analysis Use analyze -v to get detailed debugging information BugCheck E c bf b eec Probably caused by win k sys win k GreGetGlyphIndicesW af Followup MachineOwner --------- kd gt analyze -v Bugcheck Analysis KERNEL MODE EXCEPTION NOT HANDLED M e This is a very common bugcheck Usually the exception address pinpoints the driver function that caused the problem Always note this address as well as the link date of the driver image that contains this address Some common problems are exception code x This means a hard coded breakpoint or assertion was hit but this system was booted NODEBUG This is not supposed to happen as developers should never have hardcoded breakpoints in retail code but If this happens make sure a debugger gets connected and the system is booted DEBUG This will let us see why this breakpoint is happening Arguments Arg c The exception code that was not handled Arg bf The address that the exception occurred at Arg b eec Trap Frame Arg Debugging Details ------------------ EXCEPTION CODE NTSTATUS xc - The instruction at quot x lx quot referenced memory at quot x lx quot The memory could not be quot s quot FAULTING IP win k GreGetGlyphIndicesW af bf b mov eax dword ptr eax TRAP FRAME b eec -- trap xffffffffb eec ErrCode eax ebx ecx edx e a c esi e af edi e a eip bf esp b eec ebp b eec c iopl nv up ei pl zr na pe nc cs ss ds es fs gs efl win k GreGetGlyphIndicesW xaf bf b mov eax dword ptr eax ds Resetting default scope CUSTOMER CRASH COUNT DEFAULT BUCKET ID DRIVER FAULT BUGCHECK STR x E PROCESS NAME chrome exe LAST CONTROL TRANSFER from bf ada to bf STACK TEXT b eec c bf ada e e e e af e b win k GreGetGlyphIndicesW xaf b eed bf ae e c e edb win k NtGdiGetGlyphIndicesWInternal xf b eed d c e edb win k NtGdiGetGlyphIndicesW x b b eed c e c e edb nt KiFastCallEntry xf WARNING Frame IP not in any known module Following frames may be wrong eb x c e STACK COMMAND kb FOLLOWUP IP win k GreGetGlyphIndicesW af bf b mov eax dword ptr eax SYMBOL STACK INDEX SYMBOL NAME win k GreGetGlyphIndicesW af FOLLOWUP NAME MachineOwner MODULE NAME win k IMAGE NAME win k sys DEBUG FLR IMAGE TIMESTAMP bdd c FAILURE BUCKET ID x E win k GreGetGlyphIndicesW af BUCKET ID x E win k GreGetGlyphIndicesW af Followup MachineOwner --------- kd gt analyze -v Bugcheck Analysis KERNEL MODE EXCEPTION NOT HANDLED M e This is a very common bugcheck Usually the exception address pinpoints the driver function that caused the problem Always note this address as well as the link date of the driver image that contains this address Some common problems are exception code x This means a hard coded breakpoint or assertion was hit but this system was booted NODEBUG This is not supposed to happen as developers should never have hardcoded breakpoints in retail code but If this happens make sure a debugger gets connected and the system is booted DEBUG This will let us see why this breakpoint is happening Arguments Arg c The exception code that was not handled A... Read more

A:BSOD Errors - Dump File analysis

Try using less tabs in Chrome, and see if the issue still exists. If it stops, then your computer doesn't have the resources available to handle that many tabs.

http://www.bleepingcomputer.com/forums/t/325501/bsod-errors-dump-file-analysis/
Relevancy 45.58%

Hello We have systems that are all Many Across analysis identical Dump BSOD Need systems. running on identical hardware Custom Computer MB Intel X Proc Intel i HT enabled Mem GB DDR Int Sound BSOD Across Many identical systems. Need Dump analysis x GB RPM Sata W PS Custom Matrox Video For legal reasons we cannot run windows updates or make software changes on the systems regularly All systems are running the base OS install and have no network or BSOD Across Many identical systems. Need Dump analysis internet access recently on the systems we started getting Random BSOD's I am unable to BSOD Across Many identical systems. Need Dump analysis reproduce them even when exercising the same steps that caused it not min before I have assesed the dump files as much as I can and was wondering if someone else can look at on for me The dump files is below from WinDBG Loading Dump File C Users acoleman Desktop Windows Dump Logs - - dmp Mini Kernel Dump File Only registers and stack trace are available Code Symbol search path is SRV C SymCache http msdl microsoft com download symbols Executable search path is Windows Kernel Version MP procs Free x Product WinNt suite TerminalServer SingleUserTS Built by amd fre win rtm - Machine Name Kernel base xfffff e f PsLoadedModuleList xfffff ce Debug session time Mon Oct UTC - System Uptime days Loading Kernel Symbols Loading User Symbols Loading unloaded module list Bugcheck Analysis Use analyze -v to get detailed debugging information BugCheck E ffffffffc fffff eaf f fffff f fffff Unable to load image SystemRoot System Drivers EloUsbG sys Win error n WARNING Unable to verify timestamp for EloUsbG sys ERROR Module load completed but symbols could not be loaded for EloUsbG sys Probably caused by EloUsbG sys EloUsbG d f Followup MachineOwner --------- kd gt analyze -v Bugcheck Analysis SYSTEM THREAD EXCEPTION NOT HANDLED M e This is a very common bugcheck Usually the exception address pinpoints the driver function that caused the problem Always note this address as well as the link date of the driver image that contains this address Some common problems are exception code x This means a hard coded breakpoint or assertion was hit but this system was booted NODEBUG This is not supposed to happen as developers should never have hardcoded breakpoints in retail code but If this happens make sure a debugger gets connected and the system is booted DEBUG This will let us see why this breakpoint is happening Arguments Arg ffffffffc The exception code that was not handled Arg fffff eaf f The address that the exception occurred at Arg fffff f Exception Record Address Arg fffff Context Record Address Debugging Details ------------------ EXCEPTION CODE NTSTATUS xc - An attempt was made to release a semaphore such that its maximum count would have been exceeded FAULTING IP nt RtlRaiseStatus fffff eaf f b b mov rax qword ptr rsp B h EXCEPTION RECORD fffff f -- exr xfffff f ExceptionAddress fffff eaf f nt RtlRaiseStatus x ExceptionCode c ExceptionFlags NumberParameters CONTEXT fffff -- cxr xfffff rax rbx c rcx fffff rdx rsi fffff ba rdi rip fffff eaf f rsp fffff d rbp fffff f r r r r fffffa b d r r fffff b r r iopl nv up ei ng nz na pe nc cs ss ds b es b fs gs b efl nt RtlRaiseStatus x fffff eaf f b b mov rax qword ptr rsp B h ss fffff fffff eaf f Resetting default scope CUSTOMER CRASH COUNT DEFAULT BUCKET ID VISTA DRIVER FAULT BUGCHECK STR x E PROCESS NAME System CURRENT IRQL ERROR CODE NTSTATUS xc - An attempt was made to release a semaphore such that its maximum count would have been exceeded LAST CONTROL TRANSFER from fffff edd c to fffff eaf f STACK TEXT fffff d fffff edd c ffffffff ffff ccbc fffff b fffff e ab nt RtlRaiseStatus x fffff a fffff e f f f ff fffff fffff b fffff b nt FNODOBFM string' xf c fffff af f f ff fffff fffff b fffff b fffff b EloUsbG xd f fffff af fffff fffff b fffff b fffff b fffff fa x f f ff fffff b fffff b fffff b fffff b fffff fa fffff ba xfffff fffff b fffff b fffff b fffff fa fffff b... Read more

A:BSOD Across Many identical systems. Need Dump analysis

What do you mean by this?







  
Quote: Originally Posted by Optimedica


For legal reasons we cannot run windows updates or make software changes on the systems regularly. All systems are running the base OS install and have no network or internet access.


If you mean that these are restrictions placed on the computers by your IT department, then you should take this issue up with them, especially if you are getting the same error on multiple machines (which would seem to indicate that something wants updating).

http://www.sevenforums.com/bsod-help-support/261396-bsod-across-many-identical-systems-need-dump-analysis.html
Relevancy 45.58%

can someone please help me analyze what happened Bugcheck Analysis WHEA playing C&C dump 4, BSOD analysis included UNCORRECTABLE ERROR A fatal hardware error has occurred Parameter identifies the type of error source that reported the error Parameter holds the address of the WHEA ERROR RECORD structure that describes the error conditon Arguments Arg Machine Check Exception Arg ffffe ee Address of the WHEA ERROR RECORD BSOD playing C&C 4, dump analysis included structure Arg be High order -bits of the MCi STATUS value Arg a Low order -bits of the MCi STATUS value Debugging Details ------------------ BUGCHECK STR x GenuineIntel CUSTOMER CRASH COUNT DEFAULT BUCKET ID WIN DRIVER FAULT PROCESS NAME explorer exe CURRENT IRQL f ANALYSIS VERSION debuggers dbg - amd fre STACK TEXT ffffd c df fffff f ffffe ee be nt KeBugCheckEx ffffd c e fffff f a ffffe ecaaf ffffe ecaaf ffffe ee hal HalBugCheckSystem xcf ffffd c e fffff f a ffffd c nt WheaReportHwError x d ffffd c ea fffff f a d ffffe ffffe ecaaf ffffd c ffffe ecaaf hal HalpMcaReportError x ffffd c ff fffff f f ffffe ecaaeb hal HalpMceHandlerCore xe ffffd c fffff f b hal HalpMceHandler xe ffffd c fffff f ccf ffffe ecaaeb ffffd c b hal HalpMceHandlerWithRendezvous xce ffffd c b fffff f db bb hal HalHandleMcheck x ffffd c e fffff f db nt KxMcheckAbort x b ffffd c fffff f dd c nt KiMcheckAbort x ffffd f fb nt memcpy x STACK COMMAND kb FOLLOWUP NAME MachineOwner MODULE NAME GenuineIntel IMAGE NAME GenuineIntel DEBUG FLR IMAGE TIMESTAMP IMAGE VERSION FAILURE BUCKET ID x GenuineIntel PROCESSOR CACHE BUCKET ID x GenuineIntel PROCESSOR CACHE ANALYSIS SOURCE KM FAILURE ID HASH STRING km x genuineintel processor cache FAILURE ID HASH c f f e- af -ed b-df -d b dfa Followup MachineOwner

A:BSOD playing C&C 4, dump analysis included

This is normally a hardware error reported by the CPU to Windows. More info here: BSOD Index
Get started with these free hardware diagnostics: Hardware Diagnostics

It can also be due to problems with low-level drivers. We'll need the following info/reports in order to analyze the crashes (from the Pinned Topic at the top of the forum): Blue Screen of Death (BSOD) Posting Instructions

http://www.eightforums.com/bsod-crashes-debugging/58581-bsod-playing-c-c-4-dump-analysis-included.html
Relevancy 45.58%

Hi all My Dump Help Analysis Needed BSOD/Memory computer is usually stable so I was a little surprised when I received a BSOD today I was doing nothing more than typing into a text file so I was hoping to get to the bottom of this to find any problems that may be lurking in my computer I have already followed the advice here http www bleepingcomputer com BSOD/Memory Dump Analysis Help Needed forums t how-to-use-event-viewer How to use the Event viewer and I'm at the point where suggestions on the memory dump analysis would be helpful Notes I have no idea what 'vinceo' refers to in the follow-up section Any suggestions would be greatly appreciated thanks Microsoft Windows Debugger Version X Copyright Microsoft Corporation All rights reserved Loading Dump File C Users MyName Desktop DUMP tmp Kernel Summary Dump File Only kernel address space is availableSymbol search path is SRV c symbols http msdl microsoft com download symbolsExecutable search path is Windows Vista Kernel Version MP procs Free x compatibleProduct WinNt suite TerminalServer SingleUserTS PersonalBuilt by x fre vista gdr - Machine Name Kernel base x PsLoadedModuleList x e Debug session time Sun Dec GMT- System Uptime days Loading Kernel Symbols Loading User SymbolsPEB is paged out Peb Ldr ffde c Type hh dbgerr for detailsLoading unloaded module list Bugcheck Analysis Use analyze -v to get detailed debugging information BugCheck c Page f b not present in the dump file Type hh dbgerr for detailsPEB is paged out Peb Ldr ffde c Type hh dbgerr for detailsPEB is paged out Peb Ldr ffde c Type hh dbgerr for detailsProbably caused by Unknown ImageFollowup vinceo--------- kd analyze -v Bugcheck Analysis CLOCK WATCHDOG TIMEOUT An expected clock interrupt was not received on a secondary processor in anMP system within the allocated interval This indicates that the specifiedprocessor is hung and not processing interrupts Arguments Arg Clock interrupt time out interval in nominal clock ticks Arg Arg c The PRCB address of the hung processor Arg Debugging Details ------------------Page f b not present in the dump file Type hh dbgerr for detailsPEB is paged out Peb Ldr ffde c Type hh dbgerr for detailsPEB is paged out Peb Ldr ffde c Type hh dbgerr for detailsBUGCHECK STR x AMD SP DEFAULT BUCKET ID VISTA DRIVER FAULTPROCESS NAME svchost exeCURRENT IRQL cSTACK TEXT c ec nt KeBugCheckEx x e c ed b d c b nt KeUpdateRunTime xd c cc b d c b nt KeUpdateSystemTime xed c b c nt KeFlushProcessWriteBuffers x f cd c caea da nt NtQuerySystemInformation x cd c aa f da nt KiFastCallEntry x aWARNING Frame IP not in any known module Following frames may be wrong e f x aa f STACK COMMAND kbFOLLOWUP NAME vinceoMODULE NAME Unknown ModuleIMAGE NAME Unknown ImageDEBUG FLR IMAGE TIMESTAMP FAILURE BUCKET ID x AMD SP BUCKET ID x AMD SP Followup vinceo---------

A:BSOD/Memory Dump Analysis Help Needed

Besides the Event Viewer there's also this guide for BSOD'shttp://www.bleepingcomputer.com/forums/t/176011/how-to-receive-help-diagnosing-blue-screens-and-windows-crashes/

http://www.bleepingcomputer.com/forums/t/188396/bsodmemory-dump-analysis-help-needed/
Relevancy 45.15%

I keep getting random PFN LIST CORRUPT BSOD s All but one of them occur while playing BF usually while a map is loading unloading or while trying to exit the PFN_LIST_CORRUPT (crash while BSOD analysis) mostly gaming dump game I will also get occasional system quot locks quot during BF that force me to reboot I also got one BSOD while doing nothing more than surfing the web after PFN_LIST_CORRUPT BSOD mostly while gaming (crash dump analysis) that one I had to reformat as it crashed my drive and wouldn t let me reboot I have crash dumps saved and they all show the same things Driver Fault Memory Corruption I have tested my memory separately together different slots and found no errors I had these issues on my old system using the same vid card I went through two sets of Mushkin memory but kept having the issue finally RMA d the mobo and upgraded to the AM platform NOW THE PROBLEM RETURNS I know the Microsoft site says bad memory but I ve gone through different sets and still have the problem I tested the hard drive and also tried another still get the BSOD s I ve narrowed it down to either PSU or Vid card ATI blames system memory but I ve ruled that out Could the Vid card memory be and causing the problem I ve tried old drivers new drivers Omega drivers my system really didn t like those but nothing helps Anybody have any ideas My system is Asus Crosshair Bios AMD X Stock clocked x gb G Skill DDR T F - PHU - GBHZ Sapphire X XT catalyst WD Raptor gb Seagate gb quot slave quot Creative X-Fi Gamer newest drivers JLMS XJ-HD S DVD-Rom latest firmware Lite-On DVDRW LH- A H latest firmware OCZ GameXstream w nbsp

Relevancy 44.72%

My year old machine Regular BSOD malware, in be SP3, attached appear doesn't XP to dump analysis specs Regular BSOD in XP SP3, doesn't appear to be malware, dump analysis attached are the following ASUS A N SLI Deluxe mobo AMD FX processor GB OCZ RAM can't remember the Regular BSOD in XP SP3, doesn't appear to be malware, dump analysis attached exact model BFG nVidia GT video card Sharp Aquos quot TV DVI out WD Raptor k HDD in RAID C drive GB Hitachi HDD D drive Sony DVD -RW can't remember exact model Onboard RealTek AC audio S PDIF out to receiver Sondigo Inferno CMI- sound card S PDIF out to receiver M-Audio JamLab sound card USB Netgear WAG PCI WiFi card Saitek Eclipse keyboard USB Logitech MX- mouse USB Nostromo n gamepad USB I've included Belarc Advisor output in the attached ZIP for full details named Htpc html licenses removed This is my hobby HTPC machine so in terms of software I have everything from Photoshop to Pro Tools to MATLAB and everything in between installed see attached Belarc Advisor output for details It's run extremely well for over years virtually with a BSOD or other lockup occurring only every weeks or so About a month ago I upgraded to XP SP installed a new antivirus Kaspersky Internet Security and upgraded various drivers to the latest versions including my motherboard sound card and a few others recommended by Microsoft Update Since then I've been experiencing random BSODs that seem to be getting more frequent in the past days I've had for example There doesn't seem to be a clear trigger in that one time it crashed in the middle of a movie another time upon loading iTunes another time it crashed overnight with uTorrent running I don't have System Restore or any rollback options available so diagnosing and fixing the problem is the only option available to me I've gotten minidumps from the past dumps the text output from analyze -v is included in the attached ZIP Here's a summary Dump KERNEL MODE EXCEPTION NOT HANDLED M e Process Name wmiprvse exe Image Name aksfridge sys Dump PAGE FAULT IN NONPAGED AREA Process Name System Image Name SiWinAcc sys Dump DRIVER IRQL NOT LESS OR EQUAL d Process Name zplayer exe Image Name wag n sys Dump BAD POOL HEADER Process Name System Image Name ntkrnlpa exe Dump PFN LIST CORRUPT e Process Name firefox exe Image Name nv disp dll Dump NTFS FILE SYSTEM Process Name ekrn exe Image Name Ntfs sys Dump NTFS FILE SYSTEM Process Name ekrn exe Image Name Ntfs sys I have all available Microsoft Updates installed as of November I ran full scans with Kaspersky Internet Security and NOD with latest definitions and found nothing I've attached a HijackThis log in the ZIP just in case I thought it might be bad RAM so I ran memtest overnight for passes but got no errors I saw a few of the errors might be IRQ related so I checked my IRQ settings in Device Manager and noticed a couple of IRQs are shared between relatively high-performance devices this may be a red herring but I thought it was unusual Screenshot below Any advice would be helpful as I don't seem to be making any progress on my own Thanks in advance

A:Regular BSOD in XP SP3, doesn't appear to be malware, dump analysis attached

Check the voltages, fan speeds and temps in the BIOS.

What's the brand and model of the power supply ? With your video card and additional pci cards you need a good quality 750W+ supply, check the recommended models for that wattage and above at the bottom of this thread. An insufficient supply will build up heat inside the case, damage components and cause unexpected shutdowns.

Check the hard drive for errors : chkdsk c: /R.

You admited using a P2P program (utorrent). As Geekgirl said in your other thread we won't help further. This thread will be closed. Please don't start a new one and contact Geekgirl if you have more to say.

http://www.techsupportforum.com/forums/f10/regular-bsod-in-xp-sp3-doesnt-appear-to-be-malware-dump-analysis-attached-317410.html
Relevancy 44.72%

Attachment Attachment I have an Asus G JW notebook that has BSOD failures Tried updating all drivers with Driver Reviver run memtest to check ram and checked disk dump help BSOD please suspected, file with usbport.sys analysis crash with SeaTools for Windows but no faults so far The notebook has no USB devices connected externally BSOD crash usbport.sys suspected, please help with dump file analysis when the BSOD occurs on most occasions the BSOD occurs when the G is doing very little Below is a report from Who Crashed software and it repeated states the BSOD was caused by usbport sys USBPORT USBPORTSVC MapHwPhysicalToVirtual x A I am currently checking usbport sys using verifier exe I'm not really sure where to go from here could someone who is good with Windows dump files offer an opinion Is there a possibility that this is a hardware fault Asus Support have been less than useful John System Information local computer name DPC windows version Windows Service Pack build windows dir C Windows CPU GenuineIntel Intel R Core TM i CPU Q GHz Intel level logical processors active mask RAM total VM free Crash Dump Analysis Crash dump directory C Windows Minidump Crash dumps are enabled on your computer On Sun AM your computer crashed crash dump file C Windows Minidump - - dmp uptime This was probably caused by the following module usbport sys USBPORT USBPORTSVC MapHwPhysicalToVirtual x A Bugcheck code xFE x xFFFFFA A x B C xFFFFFA A B Error BUGCODE USB DRIVER file path C Windows system drivers usbport sys product Microsoft Windows Operating System company Microsoft Corporation description USB amp Port Driver Bug check description This indicates that an error has occurred in a Universal Serial Bus USB driver The crash took place in a standard Microsoft module Your system configuration may be incorrect Possibly this problem is caused by another driver on your system which cannot be identified at this time On Sun AM your computer crashed crash dump file C Windows memory dmp uptime This was probably caused by the following module usbport sys USBPORT USBPORTSVC MapHwPhysicalToVirtual x A Bugcheck code xFE x xFFFFFA A x B C xFFFFFA A B Error BUGCODE USB DRIVER file path C Windows system drivers usbport sys product Microsoft Windows Operating System company Microsoft Corporation description USB amp Port Driver Bug check description This indicates that an error has occurred in a Universal Serial Bus USB driver The crash took place in a standard Microsoft module Your system configuration may be incorrect Possibly this problem is caused by another driver on your system which cannot be identified at this time On Mon AM your computer crashed crash dump file C Windows Minidump - - dmp uptime This was probably caused by the following module usbport sys USBPORT USBPORTSVC MapHwPhysicalToVirtual x A Bugcheck code xFE x xFFFFFA D E A x B C xFFFFFA A C Error BUGCODE USB DRIVER file path C Windows system drivers usbport sys product Microsoft Windows Operating System company Microsoft Corporation description USB amp Port Driver Bug check description This indicates that an error has occurred in a Universal Serial Bus USB driver The crash took place in a standard Microsoft module Your system configuration may be incorrect Possibly this problem is caused by another driver on your system which cannot be identified at this time On Thu PM your computer crashed crash dump file C Windows Minidump - - dmp uptime This was probably caused by the following module usbport sys USBPORT USBPORTSVC MapHwPhysicalToVirtual x A Bugcheck code xFE x xFFFFFA DD A x B C xFFFFFA A FA Error BUGCODE USB DRIVER file path C Windows system drivers usbport sys product Microsoft Windows Operating System company Microsoft Corporation description USB amp Port Driver Bug check description This indicates that an error has occurred in a Universal Serial Bus USB driver The crash took place in a standard Microsoft module Your system configuration may be incorrect Possibly this problem is cau... Read more

A:BSOD crash usbport.sys suspected, please help with dump file analysis

Start by running sfc /verifyonly from and elevated command prompt (Run as Administrator). Report back with any messages.

Then attach the dump files to your next post. (Follow the directions at the top of the page.)
http://www.sevenforums.com/crashes-d...tructions.html

http://www.sevenforums.com/bsod-help-support/229502-bsod-crash-usbport-sys-suspected-please-help-dump-file-analysis.html
Relevancy 44.72%

My year old machine specs are the following ASUS A N SLI Deluxe mobo AMD FX processor GB OCZ RAM can't remember the exact model BFG nVidia GT video card Sharp Aquos quot TV DVI out WD Raptor k HDD in RAID C drive GB Hitachi HDD D drive Sony DVD -RW can't remember exact model Onboard RealTek AC audio S PDIF out to receiver Sondigo Inferno CMI- sound card S PDIF out to receiver M-Audio JamLab sound card USB Netgear WAG PCI WiFi card Saitek Eclipse keyboard USB Logitech MX- mouse USB Nostromo n gamepad USB I've included Belarc Advisor output in the attached ZIP for full details named Htpc html licenses removed This is my hobby HTPC machine so in terms of software I have everything from Photoshop to Pro Tools to MATLAB and everything in between installed see attached Belarc Advisor output for details It's run extremely well for over years virtually with a BSOD or other in to malware, BSOD SP3, appear attached doesn't dump be analysis XP Regular lockup occurring only every weeks or so About a month ago I upgraded to XP SP installed a new antivirus Kaspersky Internet Security and upgraded various drivers to the latest versions including my motherboard sound card and a few others recommended by Microsoft Update Since then I've been experiencing random BSODs that seem to be getting more frequent in the past days I've Regular BSOD in XP SP3, doesn't appear to be malware, dump analysis attached had for example There doesn't seem to be a clear trigger in that one time it crashed in the Regular BSOD in XP SP3, doesn't appear to be malware, dump analysis attached middle of a movie another time upon loading iTunes another time it crashed overnight with uTorrent Regular BSOD in XP SP3, doesn't appear to be malware, dump analysis attached running I don't have System Restore or any rollback options available so diagnosing and fixing the problem is the only option available to me I've gotten minidumps from the past dumps the text output from analyze -v is included in the attached ZIP Here's a summary Dump DRIVER IRQL NOT LESS OR EQUAL d Process Name utorrent exe Image Name kl sys Dump IRQL NOT LESS OR EQUAL a Process Name utorrent exe Image Name memory corruption Dump KERNEL MODE EXCEPTION NOT HANDLED M e Process Name wmiprvse exe Image Name aksfridge sys Dump PAGE FAULT IN NONPAGED AREA Process Name System Image Name SiWinAcc sys Dump DRIVER IRQL NOT LESS OR EQUAL d Process Name zplayer exe Image Name wag n sys Dump BAD POOL HEADER Process Name System Image Name ntkrnlpa exe I have all available Microsoft Updates installed as of November I ran full scans with Kaspersky Internet Security and NOD with latest definitions and found nothing I've attached a HijackThis log in the ZIP just in case I thought it might be bad RAM so I ran memtest overnight for passes but got no errors I saw a few of the errors might be IRQ related so I checked my IRQ settings in Device Manager and noticed a couple of IRQs are shared between relatively high-performance devices this may be a red herring but I thought it was unusual Screenshot below Any advice would be helpful as I don't seem to be making any progress on my own Thanks in advance

A:Regular BSOD in XP SP3, doesn't appear to be malware, dump analysis attached

Welcome to TSF

The forum rules state that we do not assist with problems caused or related to torrents or p2p. 2 of the mini dumps are directly related to utorrent.exe which is a p2p file sharing program.
Please read the Rules


Quote:




P2P

We believe that the main purpose of P2P programs is to illegally download and use copyrighted material of whatever description. We further understand that there may be legal uses for P2P, but as we are not able to assess a user's intent when he/ she asks for help, we do not support P2P software and we will not assist any user in this regard. This includes but is not limited to Bearshare, Kazaa and many others.

http://www.techsupportforum.com/forums/f10/regular-bsod-in-xp-sp3-doesnt-appear-to-be-malware-dump-analysis-attached-317040.html
Relevancy 44.29%

I have frequent crashes and freezes so I decided to get whocrashed software to analyze the crash dump files and now have no idea what to do next I would greatly appreciate help in decoding the analysts so I can investigate this further to hopefully fix this problem I have a Dell Inspiron One and I read awhile back that this is a frequent dump BSOD crash - screen frequently and analysis freezes Decoding help problem that may reside in a faulty SATA cable and needs to be replace but am as BSOD and screen freezes frequently - help Decoding crash dump analysis yet unsure how to confirm this I installed windows over one that couldn't boot and also installed another instance on the recovery partition which is still there I keep just in case All but two drivers are up to date The ATI I O Communications Processor SMBus Controller usb controller computer name GOLDENDAWN-PC windows version Windows build windows dir C Windows CPU AuthenticAMD AMD Athlon tm II X e Processor AMD level logical processors active mask RAM total VM free -------------------------------------------------------------------------------- Crash Dump Analysis -------------------------------------------------------------------------------- Crash dump directory C Windows Minidump Crash dumps BSOD and screen freezes frequently - help Decoding crash dump analysis are enabled on your computer On Mon PM GMT your computer crashed crash dump file C Windows Minidump - - dmp uptime This was probably caused by the following module ntfs sys Ntfs FNODOBFM string' x Bugcheck code x x FB xFFFFF F E xFFFFF F F xFFFFF F E Error NTFS FILE SYSTEM file path C Windows system drivers ntfs sys product Microsoft Windows Operating System company Microsoft Corporation description NT File System Driver Bug check description This indicates a problem occurred in the NTFS file system The crash took place in a standard Microsoft module Your system configuration may be incorrect Possibly this problem is caused by another driver on your system that cannot be identified at this time On Mon PM GMT your computer crashed crash dump file C Windows memory dmp uptime This was probably caused by the following module ntfs sys Ntfs FNODOBFM string' x Bugcheck code x x FB xFFFFF F E xFFFFF F F xFFFFF F E Error NTFS FILE SYSTEM file path C Windows system drivers ntfs sys product Microsoft Windows Operating System company Microsoft Corporation description NT File System Driver Bug check description This indicates a problem occurred in the NTFS file system The crash took place in a standard Microsoft module Your system configuration may be incorrect Possibly this problem is caused by another driver on your system that cannot be identified at this time On Sun AM GMT your computer crashed crash dump file C Windows Minidump - - dmp uptime This was probably caused by the following module usbport sys USBPORT USBPORT AssertSig x Bugcheck code xFE x xFFFFFA AB x x Error BUGCODE USB DRIVER file path C Windows system drivers usbport sys product Microsoft Windows Operating System company Microsoft Corporation description USB amp Port Driver Bug check description This indicates that an error has occurred in a Universal Serial Bus USB driver The crash took place in a standard Microsoft module Your system configuration may be incorrect Possibly this problem is caused by another driver on your system that cannot be identified at this time On Thu AM GMT your computer crashed crash dump file C Windows Minidump - - dmp uptime This was probably caused by the following module ntkrnlmp exe nt KeBugCheckEx x Bugcheck code x x xFFFFF FA xFFFFF F FF xFFFFF EE Error CACHE MANAGER Bug check description This indicates that a problem occurred in the file system's cache manager This might be a case of memory corruption More often memory corruption happens because of software errors in buggy drivers not because of faulty RAM modules The crash took place in the Windows kernel Possibly this problem is caused by another driver that cannot be id... Read more

A:BSOD and screen freezes frequently - help Decoding crash dump analysis

I am also a little hesitant to install an update to a driver because it might freeze mid way and I heard that is really bad and I might permanently loose access to computer, is this true?

http://www.sevenforums.com/bsod-help-support/317547-bsod-screen-freezes-frequently-help-decoding-crash-dump-analysis.html
Relevancy 44.29%

My kingdom for a resolution I've troubleshooted everything I can think of My computer just randomly freezes I receive no BSOD either It just stops responding the monitor goes dead since it Log Analysis, dump, Freezes, Random Desperate Event BSOD/memory No loses signal yet the computer fans and HD lights continue to run There is no response from it via mouse or keyboard however No MEMORY DMP files No BSOD/memory dump, Random Freezes, Event Log Analysis, Desperate are created either I disabled automatic restart so it doesn't reboot at least Sometimes it freezes when I'm using it other times in the middle of the night when I'm dead asleep To troubleshoot I've -Swapped out VGA cards One seems to produce many more crashes once or twice a day but the other still crashes on occassion once every couple of days lt -- could this be it why the difference -Tested PSU no problems -Reformatted and reinstalled OS -Did full virus and malware scan with a half dozen different vendors all came out clean -Used CPU temp monitoring software while running Prime temps are all fine -Ran Memtest overnight on my memory all passed -Updated all drivers and windows updates including Direct X -Completely removed all video drivers did a clean install of video drivers -Updated BIOS -Completely cleaned PC of dust made it look brand new all fans are fine good ventilation The only quot hint quot I have is the event logs but after searching the internet for a month on what it means I'm still stuck I will post what they say here in the hopes that some kind smart soul will understand what its pointing at There are Errors and Critical in the log each time this happens First an error Event ID General Tab The previous system shutdown at AM on was unexpected Details Tab Friendly View - System - Provider Name EventLog - EventID Qualifiers Level Task Keywords x - TimeCreated SystemTime - - T Z EventRecordID Channel System Computer PhatBox Security - EventData AM DD B D D F DD B D D F C C C E Binary data In Words B DD D F D B DD D F D C C C E In Bytes DD B D D F - DD B D D F - C C lt C E N Now the Critical Source Kernel-Power Event ID User System OpCode Info Task Category Keywords General tab The system has rebooted without cleanly shutting down first This error could be caused if the system stopped responding crashed or lost power unexpectedly Details tab friendly view - System - Provider Name Microsoft-Windows-Kernel-Power Guid C B A- - C -AC E- C D B EventID Version Level Task Opcode Keywords x - TimeCreated SystemTime - - T Z EventRecordID Correlation - Execution ProcessID ThreadID Channel System Computer PhatBox - Security UserID S- - - - EventData BugcheckCode BugcheckParameter x BugcheckParameter x BugcheckParameter x BugcheckParameter x SleepInProgress false PowerButtonTimestamp The final Error event Event ID OpCode Info Task Category Event processing Keywords Audit Success General tab Audit events have been dropped by the transport Details tab friendly view - System - Provider Name Microsoft-Windows-Eventlog Guid fc ddd -d ef- - d - e cfe ce EventID Version Level Task Opcode Keywords x - TimeCreated SystemTime - - T Z EventRecordID Correlation - Execution ProcessID ThreadID Channel Security Computer PhatBox Security - UserData - AuditEventsDropped Reason -------------------------------------- Please Help

A:No BSOD/memory dump, Random Freezes, Event Log Analysis, Desperate

I'm no smart soul but it looks to me like power faults. Start by checking all the connections from the power supply to the motherboard. A few disconnects and reconnect will clean the pins. Be sure all the pins in the connectors are fully seated. Sometimes a pin will get ejected from the connector (pushed out by the motherboard pins).

Next would be to verify the power supply voltages. These should not vary by more than +/- 5% on any of the rails.
One method is to down load and install HWiNFO64, if you don't already have a voltage monitor.

http://www.sevenforums.com/bsod-help-support/313393-no-bsod-memory-dump-random-freezes-event-log-analysis-desperate.html
Relevancy 40.85%

Alright I'm pulling my hair out over this I have driver files by "dxgkrnl.sys", BSOD attached analysis a blue screen issue that happens about once a day but the stuff I'm doing while it happens is really inconsistent Sometimes I'll be playing a graphic heavy game sometimes I'll be watching YouTube sometimes I'll be typing a document in Word It usually happens once I reboot and then I'm fine for the rest of the day I formatted my hard drive and freshly installed Windows then got the latest drivers for my video card the latest Windows Updates etc hoping that a clean fresh start would just magically fix the problem It hasn't BlueScreenView says that my problem is with quot dxgkrnl BSOD by driver "dxgkrnl.sys", analysis files attached sys quot and so I did a search for that and BSOD by driver "dxgkrnl.sys", analysis files attached the quot consistent yet inconsistent quot pattern I explained above seems pretty common with this particular BSOD The thing is I didn't really find any thread that identified just one solution --- the threads I've seen either died off with no solution or just sort of either fixed themselves or were something very specific to that particular users computer So anyway I'm at a loss --- this is a freshly formatted machine so I think that narrows it down to a hardware issue The problem is I have no idea where to even begin or what to try I did a memory test and that came out fine I grabbed GPU-Z and CPU-Z and everything looked fine in terms of heating Nothing overheating even under heavily graphical stress My hardware Motherboard ASUS P P D Graphics card NVIDIA GeForce GTX CPU Intel Core i GHz RAM GB I have attached a zip file containing the Perfmon system report and the result of the BSOD Dump amp System File Collection app as detailed in the sticky on posting for BSODs I'm hoping that someone can look at all of this and identify something specific to my environment or push me in the right direction of things to try in a specific order that have the greatest chances of succeeding rather than me just trying random stuff Also in addition to these logs I have kept a manual log over the past week detailing what happened and what I was doing when it happened That log is as follows ----- Screen went black for a second while just on the desktop The screen returned and an information bubble popped up saying quot NVIDIA driver stopped responding but recovered quot This was after about an hour of playing Anomaly Warzone Earth No bluescreen or crash but I suspect all of this has something to do with the video card so I logged it The computer had been on for a while and I had done various tasks then launched Orcs Must Die and was in the menus before beginning the game The screen went black sound got stuck and the system rebooted after about seconds Upon return blue screen message indicated the faulty driver to be dxgkrnl sys and also highlighted dxgmms sys and nvlddmkm sys in red pink in BlueScreenView Cold boot computer had been off all day Just got to the desktop and started watching YouTube Within seconds same thing as above screen went black sound stuck and system rebooted about seconds later Blue screen message the same as above While on the desktop screen went black for a second quot NVIDIA driver stopped responding but recovered quot This was after playing several hours of Sequence Cold boot for the first time today upon logging in immediately the screen went crazy displaying like flashing neon colors It looked very much like a spider crack in an LCD but the monitor is just fine The system was frozen I could sort of see the Windows login screen stuck underneath all the colors but it was frozen Only option was to manually restart the machine No log was created no blue screen message While working on my work PC through RDP and listening to music through YouTube on my PC the music stopped and the screen went grey Everything seemingly froze The only option was to restart the computer mys... Read more

A:BSOD by driver "dxgkrnl.sys", analysis files attached

Quote:
"It's not a true crash, in the sense that the bluescreen was initiated only because the combination of video driver and video hardware was being unresponsive, and not because of any synchronous processing exception".

Since Vista, the "Timeout Detection and Recovery" (TDR) components of the OS video subsystem have been capable of doing some truly impressive things to try to recover from issues which would have caused earlier OSs like XP to crash.

As a last resort, the TDR subsystem sends the video driver a "please restart yourself now!" command and waits a few seconds.

If there's no response, the OS concludes that the video driver/hardware combo has truly collapsed in a heap, and it fires off that stop 0x116 BSOD.

If playing with video driver versions hasn't helped, make sure the box is not overheating.

Try removing a side panel and aiming a big mains fan straight at the motherboard and GPU.

Run it like that for a few hours or days - long enough to ascertain whether cooler temperatures make a difference.

If so, it might be as simple as dust buildup and subsequently inadequate cooling.

I would download cpu-z and gpu-z (both free) and keep an eye on the video temps Let us know if you need help


STOP 0x116: VIDEO_TDR_ERROR troubleshooting

http://www.sevenforums.com/bsod-help-support/205751-bsod-driver-dxgkrnl-sys-analysis-files-attached.html
Relevancy 40.42%

After downloading & installing the debugging tools , I followed step 2 of the process :
" Associate .dmp files with WinDBG" : Open an elevated cmd window. Copy the highlighted text below, and paste it into the cmd window and hit enter to change directory to the installation location path.
cd\Program Files (x86)\Windows Kits\8.1\Debuggers\x64\
now after I entered that prompt I get "The system can not find the bath specified "? any help please ?

A:" Install and Configure WinDBG for BSOD Analysis "

Welcome to the forum. In file manager does that folder exist? Is that what it suggest to associate the file or is it something else

http://www.pchelpforum.com/laptop-support/127491-install-configure-windbg-bsod-analysis.html
Relevancy 35.69%

Hi - Ive been getting > Analysis needed BSOD Needed] Vista. [Vista in yet another Help Hardware with a few different blue screens of Death errors ever since I bought my new PC I bought the parts on and built it myself had previous experience My specs Mobo - Asus P N -E SLI Chip - intel Core Duo E OS - Vista Home Premium GPU - Inno D Help needed with yet another BSOD in Vista. [Vista > Hardware Analysis Needed] GTS OC MB Ram - Kingston G Mhz PC X HD - Segate g Sata x All drivers that are being used are from the part manufacturers and are the latest I have also flashed the MOBO with the latest firmware The BSOD often occured when I was playing Games at maxed settings - so Help needed with yet another BSOD in Vista. [Vista > Hardware Analysis Needed] I tried lower Help needed with yet another BSOD in Vista. [Vista > Hardware Analysis Needed] settings with no change Soon enough BlueScreens were happening with an idilling desktop I have had different errors see below and one re-occuring a - I ve only had different ones since i turned off auto-reset - cause i cant write that quick lol Here are the error messages in full A x - x c ef- x - x E xc d- x dff - b c b - b c F x - x - x - x A x - x ff- x - x c f f E xc - x df e - xa b c- x I suppose what Im after is for some one to tell me if i been sold faulty hardware or if its Vista compatablilty or even my incorrect build and setup I havent included the minidump for reasons - - dont know how and - ive done a cleanup and removed all of them since my quot maxi quot dump files were over gig I ll include them as soon as it happens again anyhow if someone has alittle knowledge and suggestions for me to try - It would be appreciated thx EDIT-Ive also since done a registry clean out using Abexo Regestry cleaner yet to see if it works EDIT - just went off to play ETquakewars Demo and had this blue screen - x A x - x - x - x c c EDIT - Then surfed for a bit on the net - only to get this error - x A x ffffff- x - x - x de Edit - Now this x E xc - x b cc- xa e c c- x nbsp

A:Help needed with yet another BSOD in Vista. [Vista > Hardware Analysis Needed]

https://forums.techguy.org/threads/help-needed-with-yet-another-bsod-in-vista-vista-hardware-analysis-needed.643159/
Relevancy 32.68%

Pop-ups have taken over my son's computer - adserver loadingwebsite com popups that look like Microsoft Internet Explorer messages etc I don't have a lot of experience with computers but am learning I followed all your instructions listed on the quot Before submitting your HJT log quot Ad-Aware Customized scan virus scan etc The result of my HJT analysis is below I would greatly appreciate any help you can give THANK YOU Log was analyzed using KRC HijackThis Analyzer - Updated on Get updates at http www Please me help HJT-Analysis: p-ups get rid of greyknight com download htm programs Security Programs Detected C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Norton AntiVirus navapsvc exe C Program Files Norton AntiVirus IWP NPFMntor exe HJT-Analysis: Please help me get rid of p-ups C Program Files Common Files Symantec Shared SNDSrvc exe C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C Program Files Common Files Symantec Shared ccEvtMgr exe C Program Files Common Files Symantec Shared ccApp exe C Program Files AdSubtract adsub exe O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - Global Startup AdSubtract lnk C Program Files AdSubtract adsub exe O - Service Symantec Event Manager ccEvtMgr - Symantec Corporation - C Program Files Common Files Symantec Shared ccEvtMgr exe O - Service Symantec Password Validation ccPwdSvc - Symantec Corporation - C Program Files Common Files Symantec Shared ccPwdSvc exe O - Service Symantec Settings Manager ccSetMgr - Symantec Corporation - C Program Files Common Files Symantec Shared ccSetMgr exe O - Service Norton AntiVirus Auto-Protect Service navapsvc - Symantec Corporation - C Program Files Norton AntiVirus navapsvc exe O - Service Norton AntiVirus Firewall Monitor Service NPFMntor - Symantec Corporation - C Program Files Norton AntiVirus IWP NPFMntor exe O - Service SAVScan - Symantec Corporation - C Program Files Norton AntiVirus SAVScan exe O - Service ScriptBlocking Service SBService - Symantec Corporation - C PROGRA COMMON SYMANT SCRIPT SBServ exe O - Service Symantec Network Drivers Service SNDSrvc - Symantec Corporation - C Program Files Common Files Symantec Shared SNDSrvc exe O - Service Symantec SPBBCSvc SPBBCSvc - Symantec Corporation - C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe O - Service Symantec Core LC - Symantec Corporation - C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe O - Service SymWMI Service SymWSC - Symantec Corporation - C Program Files Common Files Symantec Shared Security Center SymWSC exe Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C Program Files Viewpoint Viewpoint Manager ViewMgr exe C WINDOWS System vidctrl vidctrl exe C program files tvs tvs b exe C WINDOWS System m hta exe C Program Files Dell Support DSAgnt exe C Program Files rdso eetu exe C hijackthisfolder HJT exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKLM Software Microsoft Internet Explorer Main Start Page http www dellnet com R - HKCU Software Microsoft Internet Connection Wizard ShellNext http www dellnet com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer http AdSubtract R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride http localhost O - BHO no name - C-C E- - A - B EC CA - C WINDOWS System wiktzbka dll file missing O - BHO no name - C E FFB -CE -A -F C-BF BAEA EA C - C WINDOWS System ywrbffsz dll file missing O - HKLM Run new iMwin c WINDOWS System new iMwin O - HKLM Run Copyright by EIS AG amp nbsp amp nbsp lt a href quot https joker com mode page amp page impressum quot gt Contact c WINDOWS System Copyright by EIS AG amp nbsp amp nbsp lt a href quot https joker com mode page amp page impressum quot gt Contact lt a gt O... Read more

A:HJT-Analysis: Please help me get rid of p-ups

Please do the following:

L2mfix - Download & Save to Desktop

This is a self extracting file. By double clicking on it, it will automatically extract it's contents to a new folder on Desktop.Double click L2mfix.exe.
When prompted, answer "Accept"
Then click the "Install" button to extract the files to a newly created folder named - L2mfix
Open the L2mfix folder & double click L2mfix.bat
Select option #1 for Run Find Log by typing "1" and pressing Enter.
This will scan your computer and it may appear as if nothing is happening for a period of few minutes. When it has finished, you will be presented with a log. Copy the contents of that log and paste it into this thread.

IMPORTANT: Do NOT run option #2 OR any other files in the l2mfix folder until you are asked to do so!

http://www.techsupportforum.com/forums/f284/hjt-analysis-please-help-me-get-rid-of-p-ups-58858.html
Relevancy 32.68%

Guys Thank you for the great job you'll are doing I had a problem with a windows explorer and few oracle related services on my system namely onrsd exe oracle client cache and tnslsnr listener services The programs keep crashing Please help HJT with analysis of log I followed the steps mentioned and cleaned up many spyware on the system mainly PE PASSMA B Please advise what else i need to do Thanks Loks Log was analyzed using KRC HijackThis Analyzer - Updated on Get updates at http www greyknight com download htm programs Security Programs Detected Logfile of HijackThis v Scan saved at AM on Platform Windows Please help with analysis of HJT log SP WinNT MSIE Internet Explorer v SP Running processes D WINDOWS System smss exe D WINDOWS system winlogon exe D WINDOWS system services exe D WINDOWS system lsass exe D WINDOWS system svchost exe D WINDOWS System svchost exe D WINDOWS system spoolsv exe D WINDOWS system netdde exe D WINDOWS system serverappliance appmgr exe D WINDOWS system Please help with analysis of HJT log cisvc exe D WINDOWS system clipsrv exe D WINDOWS System dns exe D WINDOWS system serverappliance elementmgr exe D WINDOWS System svchost exe e antispyware ewido security suite ewidoctrl exe e antispyware ewido security suite ewidoguard exe D WINDOWS system inetsrv inetinfo Please help with analysis of HJT log exe D WINDOWS system imapi exe D Program Files Common Files Microsoft Shared VS Debug mdm exe D Program Files Microsoft SQL Server MSSQL UDDI Binn sqlservr exe C oracle ora bin omtsreco exe D WINDOWS Explorer EXE C oracle ora bin agntsrvc exe D WINDOWS system cmd exe C oracle ora bin dbsnmp exe C oracle ora Apache Apache apache exe C oracle ora bin pagntsrv exe C oracle ora BIN ENCSVC EXE D WINDOWS system cmd exe D Program Files Oracle jre bin jre exe C oracle ora BIN AGNTSVC EXE C oracle ora BIN TNSLSNR exe c oracle ora bin ORACLE EXE D WINDOWS system tcpsvcs exe D WINDOWS system serverappliance srvcsurg exe D WINDOWS System svchost exe D WINDOWS System tssdis exe D WINDOWS System wins exe D Program Files UltraVNC winvnc exe D WINDOWS system dllhost exe D WINDOWS system mqsvc exe D WINDOWS System svchost exe C oracle ora Apache Apache apache exe C oracle ora jdk bin java exe C oracle ora jdk bin java exe c oracle ora bin isqlplus D WINDOWS System svchost exe D WINDOWS system cidaemon exe D WINDOWS system cidaemon exe e antispyware Spybot-Search amp Destroy TeaTimer exe E antispyware hijackthis HijackThis exe R - HKCU Software Microsoft Internet Connection Wizard ShellNext http google com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride lt local gt O - Hosts mumbaiftp mtnl net in O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - D Program Files Adobe Acrobat Reader ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - e antispyware Spybot-Search amp Destroy SDHelper dll O - HKCU Run Yahoo Pager quot D Program Files Yahoo Messenger ypager exe quot -quiet O - HKCU Run SpybotSD TeaTimer e antispyware Spybot-Search amp Destroy TeaTimer exe O - Global Startup Microsoft Office lnk D Program Files Microsoft Office Office OSA EXE O - Global Startup Service Manager lnk D Program Files Microsoft SQL Server Tools Binn sqlmangr exe O - Extra context menu item E amp xport to Microsoft Excel - res D PROGRA MICROS Office EXCEL EXE O - Extra button no name - B E C - FCB- CF-AAA - C - D Program Files Java j re bin npjpi dll O - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - D Program Files Java j re bin npjpi dll O - Extra button Yahoo Messenger - E D C E- B F- D -B C - C C - D PROGRA Yahoo MESSEN YPager exe O - Extra 'Tools' menuitem Yahoo Messenger - E D C E- B F- D -B C - C C - D PROGRA Yahoo MESSEN YPager exe O - DPF ECA - F- D -BE F- A C DFE TDServer Control - http www maalaimalar com wfplayer tdserver cab O - DPF A A - DA - DAF-B - F E E ActiveScan Installer Class - htt... Read more

A:Please help with analysis of HJT log

Welcome to TSF.

So do you still have problems with PE_PASSMA.B or is it just Oracle?

If just Oracle, that might just be a problem on its own. Have you tried uninstalling and reinstalling it?

http://www.techsupportforum.com/forums/f284/please-help-with-analysis-of-hjt-log-69876.html
Relevancy 32.68%

I just downloaded Hijack this I hope my computers not too trashed up Any help is MUCH appreciated -JustinLogfile of HijackThis v Scan saved at PM on Platform Windows XP Help! PLEASE! Analysis WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system spoolsv exeC Program Files Alwil Software Avast aswUpdSv exeC Program Files Alwil Software Avast ashServ exeC WINDOWS System svchost exeC WINDOWS System Analysis Help! PLEASE! servicetask exeC WINDOWS Explorer EXEC PROGRA ALWILS Avast Analysis Help! PLEASE! ashDisp exeC Program Files Lavasoft Ad-aware Ad-watch exeC WINDOWS System wuauclt exeC Program Files Windows ServeAd WinServAd exeC PROGRA COMMON tsa tsm exeC Program Files Windows ServeAd WinServSuit exeC PROGRA COMMON tsa ts exeC Documents and Settings Justin Local Settings Temp Temporary Directory for hijackthis zip HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Start Page http www drudgereport com R - HKLM Software Microsoft Internet Explorer Main Start Page http www drudgereport comO - BHO Search Relevancy - D E B - CE- B-BE B-A B E - C PROGRA SEARCH SEARCH DLLO - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files Analysis Help! PLEASE! google googletoolbar dllO - BHO ADP UrlCatcher Class - F E - E- -BE D-ED A FD DA - C WINDOWS System msbe dllO - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocxO - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dllO - HKLM Run avast C PROGRA ALWILS Avast ashDisp exeO - HKLM Run usbdrv servicetask exeO - HKLM Run Ad-watch C Program Files Lavasoft Ad-aware Ad-watch exeO - HKLM Run Windows AdTools C Program Files Windows AdTools WinAdTools exeO - HKLM Run Windows ServeAd C Program Files Windows ServeAd WinServAd exeO - HKLM RunServices usbdrv servicetask exeO - HKLM RunServices WinGuard Professional guardu exeO - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot backgroundO - HKCU Run usbdrv servicetask exeO - HKCU Run AIM C Program Files AIM aim exe -cnetwait odlO - HKCU Run Tsa C PROGRA COMMON tsa tsm exeO - HKCU RunOnce usbdrv servicetask exeO - Extra button AIM - AC E - - d -BC D- B D A DE - C Program Files AIM aim exeO - DPF AD -CDB - E -A DA- EE E BAD - http public windupdates com get file php a c ae bO - DPF -C A- E-A -C C BBF Windows Genuine Advantage Validation Tool - http go microsoft com fwlink linkid clcid x O - DPF D D - - BB- - D D - file c counter cabO - DPF EB F EA- A - DA- A- D DCBA EF DownloadManager Control - http download akamaitools com edgesuite loadManager cabO - Service avast iAVS Control Service - Unknown - C Program Files Alwil Software Avast aswUpdSv exeO - Service avast Antivirus - Unknown - C Program Files Alwil Software Avast ashServ exeO - Service avast Mail Scanner - ALWIL Software - C Program Files Alwil Software Avast ashMaiSv exeO - Service ZESOFT - Unknown - C WINDOWS zeta exe

Relevancy 32.68%

Hi my computer's been acting sluggish lately i was wondering if Analysis someone can analyze my HJT log and see if there are Analysis any problems Thanks Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Intel Wireless Bin EvtEng exeC Program Files Intel Wireless Bin S EvMon exeC WINDOWS system spoolsv exeC Program Files Symantec AntiVirus DefWatch exeC WINDOWS System svchost exeC Program Files Common Files LightScribe LSSrvc exeC Program Files Common Files Microsoft Shared VS DEBUG MDM EXEC Program Files Microsoft SQL Server MSSQL VAIO VEDB Binn sqlservr exeC WINDOWS system nvsvc exeC Program Files Intel Wireless Bin RegSrvc exeC WINDOWS system ssisvr exeC WINDOWS system svchost exeC Program Files Symantec AntiVirus Rtvscan exeC Program Files Sony VAIO Event Service VESMgr exeC Program Files Common Files Sony Shared VAIO Entertainment Platform VCSW VCSW exeC WINDOWS system fxssvc exeC Program Files Common Files Sony Shared VAIO Entertainment Platform VzCdb VzCdbSvc exeC Program Files Common Files Sony Shared VAIO Entertainment Platform VzCdb VzFw exeC WINDOWS Explorer EXEC Program Files Apoint Apoint exeC Program Files Sony VAIO Power Management SPMgr exeC Program Files Sony ISB Utility ISBMgr exeC PROGRA SYMANT VPTray exeC Program Files Ahead ODD Toolkit DVDTray exeC Program Files Creative Shared Files Module Loader DLLML exeC Program Files Creative Sound Blaster Audigy DVDAudio CTDVDDET EXEC Program Files Creative Sound Blaster Audigy Surround Mixer CTSysVol exeC Program Files Creative Sound Blaster Audigy PCMCIA Sound Blaster Utility CTSBUtl exeC WINDOWS CTHELPER EXEC Program Files Apoint Apntex exeC WINDOWS system ctfmon exeC Program Files Windows Media Player WMPNSCFG exeC Program Files Creative Sound Blaster Audigy PCMCIA Sound Blaster Utility CTAPR exeC Program Files Internet Explorer iexplore exeC WINDOWS system wuauclt exeC Program Files Google Google Desktop Search GoogleDesktop exeC Program Files Google Google Desktop Search GoogleDesktop exeC Program Files Microsoft Office OFFICE WINWORD EXEG Desktop Backup HijackThis HijackThis exeR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Local Page R - HKCU Software Microsoft Internet Connection Wizard ShellNext http www sony com vaiopeopleO - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dllO - BHO no name - FFFFFEF - B - D - D- - C PROGRA STARDO SDIEInt dllO - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dllO - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartupO - HKLM Run Apoint C Program Files Apoint Apoint exeO - HKLM Run AzMixerSel C Program Files Realtek InstallShield AzMixerSel exeO - HKLM Run VAIO Recovery C WINDOWS Sonysys VAIO Recovery PartSeal exeO - HKLM Run SonyPowerCfg C Program Files Sony VAIO Power Management SPMgr exeO - HKLM Run ISBMgr exe C Program Files Sony ISB Utility ISBMgr exeO - HKLM Run VAIO Update quot C Program Files Sony VAIO Update VAIOUpdt exe quot StationaryO - HKLM Run vptray C PROGRA SYMANT VPTray exeO - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exeO - HKLM Run DVDTr... Read more

A:Analysis

Hello Tupaclypse and welcome to the BC HijackThis forum. I don't see any signs of viruses or malware in the log. It is clean.The HijackThis forum deals exclusively with virus and malware issues. HijackThis cannot analyze performance, hardware or application issues. For non-malware related performance issues I would suggest posting to the Windows XP Home and Professional forumThe techs in that forum specialize in matters pertaining to operating system issues. When posting to any other forum, do not post a HijackThis log or the post will simply be moved back to this forum for infection analysis. That is what HijackThis is used for and that is what we specialize in here in this forum.When posting in any other forum for assistance, give as much detail as possible regarding any issues that are occurring. The more information they have, the better the techs can analyze the issue and make any recommendations for resolving it.Cheers.OT

http://www.bleepingcomputer.com/forums/t/91537/analysis/
Relevancy 32.68%

To anyone that may know this kind of thing I would appreciate you giving my log a look I've followed the directions on the site using Ad-aware Spybot Cleanup etc to get rid of pop ups and spy ware If anyone can tell me if I've got work left to do or not by looking at the following HJT log I would appreciate it I've used the HJT analyzer as well and the results are below Thanks in advance Log was analyzed using HijackThis Analyzer - Updated on Get updates at http www greyknight com download htm programs Security Programs Detected Logfile of HijackThis v Scan saved at PM on Platform Windows SP WinNT MSIE Internet Explorer v SP Running processes C PROGRA EFFICI ENTERN app pppoeservice exe C WINNT System xl exe C Program Files Linksys Wireless-G Notebook Adapter OdHost exe C Program Files Linksys Wireless-G Notebook Adapter WPC Cfg exe C WINNT system OhuTT exe C WINNT system OhuTT exe C Analysis help, Log - HJT please Lil PROGRA MICROS Office OUTLOOK EXE C HijackThis exe R - HKCU Software Microsoft Internet Explorer SearchURL www yahoo com R - HKCU Software Microsoft Internet Explorer Main Default Page URL www yahoo com R - HKCU Software HJT Log Analysis - Lil help, please Microsoft Internet Explorer Main Default Search URL www yahoo com R - HKCU Software Microsoft Internet Explorer Main SearchAssistant www yahoo com R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Internet Explorer Main SearchURL www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Search URL www yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Bar www yahoo com R - HKLM Software Microsoft Internet Explorer Main Search Page www yahoo com R HJT Log Analysis - Lil help, please - HKLM Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKCU Software Microsoft Internet Explorer Search CustomizeSearch www yahoo com R - HKLM Software Microsoft Internet Explorer Search SearchAssistant www yahoo com R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch www yahoo com F - REG win ini load O - BHO no name - DD D- A- FC - E - B F FBF - C WINNT system windb dll file missing O - Toolbar Yahoo Toolbar - EF BD -C FB- D - F- D F - C Program Files Yahoo Companion Installs cpn ycomp dll O - HKLM Run XKTFYK BM MJ C WINNT system Bwdzm exe O - HKLM Run vPKD exe C temp vPKD exe O - HKLM Run BOCleanautostart C PROGRA NSClean BOClean BOClean exe O - Startup PowerReg SchedulerV exe O - Global Startup EPSON Status Monitor Environment Check lnk C WINNT system spool drivers w x E SRCV EXE O - Global Startup Quicken Scheduled Updates lnk C Program Files QUICKENW bagent exe O - Global Startup Wireless-G Notebook Adapter Utility lnk C Program Files Linksys Wireless-G Notebook Adapter Startup exe O - DPF D C - - BB- - DEA B CBF Web P P Installer - O - DPF - F - BB - D -FA D F A AB - http us dl yimg com download yaho st cab O - DPF F -B - -A -B BB A C - http a g akamai net eInstaller exe O - DPF D D - - D -BDCD- C F A B HouseCall Control - http a g akamai net ll xscan cab O - HKLM System CCS Services Tcpip Parameters Domain bus utexas edu O - HKLM System CS Services Tcpip Parameters Domain bus utexas edu O - HKLM System CS Services Tcpip Parameters Domain bus utexas edu O - Service EPSON Printer Status Agent - SEIKO EPSON CORPORATION - C Program Files Common Files EPSON EBAPI SAgent exe O - Service NICSer WPC G - Unknown - C Program Files Linksys Wireless-G Notebook Adapter NICServ exe O - Service PPPoE Service - Unknown - C PROGRA EFFICI ENTERN app pppoeservice exe O - Service XtreamLok License Manager - Unknown - C WINNT System xl exe End of HijackThis Analyzer Log

A:HJT Log Analysis - Lil help, please

Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that Display the contents of System Folders' is checked. Windows XP's search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that Search system folders, Search hidden files and folders, and Search subfolders are checked.

For the options that you checked/enabled earlier, you may uncheck them after your log is clean. If we ask you to fix a program that you use or want to keep, please post back saying that (we don't know every program that exists, so we may tell you to delete a program that we think is bad to keep).

Turn off system restore by right clicking on My Computer and go to Properties->System Restore and check the box for Turn off System Restore. Click Apply and then OK. Restart your computer. After we are finished with your log file and verified that it's clean, you may turn it back on and create a new restore point.

You have the Peper infection. Download PeperUninstall. Make sure you are connected online to run this program. Run it once and reboot. Then run it again for the second time. Download PeperFix and save it to your Desktop. Run it and click Find and Fix (reboot if prompted).

If you have a fast internet connection (broadband), run an online virus scan at TrendMicro. Just follow the instructions on the site to run the online scan. Otherwise, make sure your antivirus program has the latest definitions and run a full system scan.

Reboot into Safe Mode (hit F8 key until menu shows up). Make sure to close any open browsers. Go into HijackThis->Config->Misc. Tools->Open process manager. Select the following and click Kill process for each one if they are still listed (they shouldn't be - but double check it):

C:\WINNT\System32\xl.exe
C:\WINNT\system32\OhuTT.exe

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

F3 - REG:win.ini: load=
O2 - BHO: (no name) - {1DD3455D-135A-2FC4-15E9-5B9F0FBF5169} - C:\WINNT\system32\windb32.dll (file missing)
O4 - HKLM\..\Run: [5XKTFYK49BM3MJ] C:\WINNT\system32\Bwdzm.exe
O4 - HKLM\..\Run: [vPKD.exe] C:\temp\vPKD.exe
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -

Delete the following Files/Folders (delete folders if no filename is specified) according to their directory (if none, just do a search for them) and delete them if they exist:

C:\WINNT\System32\xl.exe
C:\WINNT\system32\OhuTT.exe
C:\WINNT\system32\Bwdzm.exe
C:\temp\vPKD.exe

Reboot into Normal Mode and run new HijackThis scan. Save the log file and run HijackThis Analyzer in the same folder to get the result.txt log. Just post the contents of the result.txt file in the forum.

http://www.techsupportforum.com/forums/f100/hjt-log-analysis-lil-help-please-32608.html
Relevancy 32.68%

I've run all the required software Ad Aware SE Spybot etc I can run them twenty times in a row and the files keep coming back Problems Constant pop ups and I'm unable to view or empty my recycle bin have no idea if this is related I'm also getting an antivirus program that shows up despite repeated attempts to remove it and a new search bar keeps showing up on my computer Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system LEXBCES EXEC WINDOWS system LEXPPS EXEC WINDOWS system spoolsv exeC WINDOWS Explorer EXEC Program Files Common Files Microsoft Shared Works Shared WkUFind exeC WINDOWS System hkcmd exeC WINDOWS BCMSMMSG exeC WINDOWS System DSentry exeC Program Files MUSICMATCH MUSICMATCH Jukebox mm tray exeC Program Files Roxio Easy CD Creator DirectCD DirectCD exeC Program log analysis please - HJT Files Common Files Dell EUSW Support exeC Program Files iTunes iTunesHelper exeC Program HJT log - analysis please Files QuickTime qttask exeC Program Files Common HJT log - analysis please Files Real Update OB realsched exeC PROGRA SYMANT SYMANT vptray exeC Program Files SED SED exeC Program Files Dell Support Alert bin NotifyAlert exeC Program Files Digital Line Detect DLG exeC Program Files Common Files Microsoft Shared Works Shared wkcalrem exeC WINDOWS system cisvc exeC PROGRA SYMANT SYMANT DefWatch exeC PROGRA SYMANT SYMANT Rtvscan exeC WINDOWS System svchost exeC Program Files iPod bin iPodService exeC WINDOWS System wbem wmiapsrv exeC WINDOWS system rundll exeC Program Files Internet Explorer iexplore exeC Program Files Common Files WinTools WToolsA exeC Program Files Common Files WinTools WSup exeC Program Files Toolbar TBPS exeC PROGRA Toolbar PIB exeC PROGRA Toolbar TBPSSvc exeC WINDOWS system cidaemon exeC WINDOWS system cidaemon exeC Program Files Common Files WinTools WToolsS exeC Program Files Microsoft Office Office WINWORD EXEC Program Files Microsoft Works MSWorks exeC hijackthis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Default Page URL http www dellnet com R - HKCU Software Microsoft Internet Explorer Main Search Bar http www websearch com ie aspx tb id R - HKCU Software Microsoft Internet Explorer Main Start Page http www sph emory edu R - HKLM Software Microsoft Internet Explorer Main SearchAssistant http www websearch com ie aspx tb id R - HKLM Software Microsoft Internet Explorer Main CustomizeSearch res C PROGRA Toolbar toolbar dll saR - HKLM Software Microsoft Internet Explorer Main Start Page http www dellnet com R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http www websearch com ie aspx tb id R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch res C PROGRA Toolbar toolbar dll saR - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer sas se attbb net R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride se attbb netR - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - URLSearchHook no name - A - E E- -B D- DBE - C PROGRA Toolbar toolbar dllO - Hosts auto search msn comO - Hosts search netscape comO - Hosts ieautosearchO - BHO no name - - C- B - - D FEC A - C PROGRA COMMON WinTools WToolsB dllO - BHO no name - A - E E- -B D- DBE - C PROGRA Toolbar toolbar dllO - Toolbar amp Google - C B - - d - B - A CD F - c windows googletoolbar dllO - Toolbar amp Search Toolbar - BB F-A - C -A F- EA EC - C PROGRA Toolbar toolbar dllO - HKLM Run Microsoft Works Update Detection C Program Files Common Files Microsoft Shared Works Shared WkUFind exeO - HKLM Run IgfxTray C WINDOWS System igfxtray exeO - HKLM Run HotKeysCmds C WINDOWS System hkcmd exeO - HKLM Run BCMSMMSG BCMSMMSG exeO - HKLM Run DVDSentry C WINDOWS System DSentry exeO - HKLM ... Read more

A:HJT log - analysis please

I know everyone is just vollunteering their time on this board - but any help on the following would be GREATLY appreciated.

When I restart my computer, Spobot S&D tells me that a registry entry has been deleted. Here's the info:

System Startup global entry
Value Deleted
Narrator
wkroqa.exe

I have no idea if I should allow this change or not. If I don't allow it - RUNDLL message comes up, saying "An execute occured while running IISNAP.DLL"UMonitor".

Am I beyond help? Thanks in advance!

http://www.bleepingcomputer.com/forums/t/6153/hjt-log-analysis-please/