Cronic BSOD


Joined
Aug 8, 2010
Messages
7
Reaction score
0
I have been having this problem for a while now. Sometimes my computer crashes a few times a week, sometimes a few times an hour. In fact, it crashed 4 times while writing this. Here is my setup.

Motherboard: Intel DX58SO
CPU: Core i7 940
Memory: Kingston Hyper X 1600
Video: HIS Radion HD5870
OS: Windows 7 Pro 64bit

If anyone can figure this out, I will love you forever. I attached the mini dumps.
 

Attachments

Ad

Advertisements

Joined
Nov 30, 2009
Messages
1,752
Reaction score
396
Hello and welcome....

Yep, all sorts of issues. Let's see what we can do:

1)
Code:
LMouFilt LMouFilt.Sys Tue Jul 17 20:35:26 2007
LHidFilt LHidFilt.Sys Tue Jul 17 20:35:22 2007
LGPBTDD  LGPBTDD.sys  Wed Jul 01 14:47:52 2009
Update the drivers for all your Logitech mouse, game pad and other devices if you have any. If you can't find your particular mouse and/or other device, please let me know about this:

http://www.logitech.com/en-us/support-downloads

2) Your D-Link wireless adapter driver desperately needs an update:

Code:
jswpslwfx jswpslwfx.sys Mon Apr 28 19:59:25 2008
http://www.dlink.com/support/

If you don't know which you have, then type msinfo32 in the start menu then hit enter. Double click components, then double click network. Click adapter then scroll the right side until you see which it is.

3) Your Intel storage driver needs an update very much as well:

Code:
iaStorV  iaStorV.sys  Wed Apr 08 12:57:17 2009
Let Intel's driver update utility at the top in blue scan your machine to install all the latest drivers available for it. The iaStorV.sys should be available as the only one shown or amongst others. install all. If you can't get it updated this way, then visit your motherboard manufacturer's website for the latest storage driver. Use Vista x64 if no 7 x64 available.

http://downloadcenter.intel.com/default.aspx?iid=gg_support-EN_01+home_downloadctr

4) Uninstall PerfectDisk to remove this driver if the above hasn't helped completely.

Code:
DefragFS.SYS
5) For good measure, download and install Malwarebytes. Update the definitions in the program. Then scan with it and let it remove anything it finds.

That's really all for now. Use safe mode + networking to do any of this if it becomes necessary. Let me know how it's going in any case and post a new crash dump if needed, after attention to the above.

Good luck and hopefully, enjoy.
 
Last edited:
Joined
Aug 8, 2010
Messages
7
Reaction score
0
I did everything you said. All is updated. But There were no new drivers for my wireless network card. So I pulled it out and uninstalled it. Still getting random blue screens. Here are the dump files.
 

Attachments

Joined
Nov 30, 2009
Messages
1,752
Reaction score
396
Install the latest bios update for the motherboard:

http://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&DwnldID=19271&ProdId=3018&lang=eng

Install the latest chipset software:

http://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&DwnldID=10884&lang=eng

Then because of the following:

Code:
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [E:\Temp\Rar$DI00.998\081210-22776-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16539.amd64fre.win7_gdr.100226-1909
Machine Name:
Kernel base = 0xfffff800`02c06000 PsLoadedModuleList = 0xfffff800`02e43e50
Debug session time: Thu Aug 12 12:33:42.063 2010 (UTC - 4:00)
System Uptime: 0 days 1:55:20.125
Loading Kernel Symbols
...............................................................
................................................................
............................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000007E, {ffffffffc0000005, fffff880047322af, fffff880040b78f8, fffff880040b7160}

Probably caused by : dxgmms1.sys ( dxgmms1!VIDMM_GLOBAL::ProcessDeferredCommand+9bf )

Followup: MachineOwner
---------

4: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003.  This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG.  This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG.  This will let us see why this breakpoint is
happening.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff880047322af, The address that the exception occurred at
Arg3: fffff880040b78f8, Exception Record Address
Arg4: fffff880040b7160, Context Record Address

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
dxgmms1!VIDMM_GLOBAL::ProcessDeferredCommand+9bf
fffff880`047322af 488908          mov     qword ptr [rax],rcx

EXCEPTION_RECORD:  fffff880040b78f8 -- (.exr 0xfffff880040b78f8)
ExceptionAddress: fffff880047322af (dxgmms1!VIDMM_GLOBAL::ProcessDeferredCommand+0x00000000000009bf)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000001
   Parameter[1]: 0000000000000000
Attempt to write to address 0000000000000000

CONTEXT:  fffff880040b7160 -- (.cxr 0xfffff880040b7160)
rax=0000000000000000 rbx=fffff8a00b3fc6b0 rcx=0000000000000000
rdx=fffff8a00b3fc6b0 rsi=fffffa80057ea1b0 rdi=0000000000000001
rip=fffff880047322af rsp=fffff880040b7b30 rbp=fffffa8009800000
 r8=fffffa8009800c70  r9=fffffa8009800c70 r10=0000000000000001
r11=fffffa8009800000 r12=0000000000000001 r13=0000000000000000
r14=0000000000000001 r15=fffff880040b7ca0
iopl=0         nv up ei pl nz na po nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010206
dxgmms1!VIDMM_GLOBAL::ProcessDeferredCommand+0x9bf:
fffff880`047322af 488908          mov     qword ptr [rax],rcx ds:002b:00000000`00000000=????????????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  NULL_DEREFERENCE

PROCESS_NAME:  System

CURRENT_IRQL:  0

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1:  0000000000000001

EXCEPTION_PARAMETER2:  0000000000000000

WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff80002eae0e0
 0000000000000000 

FOLLOWUP_IP: 
dxgmms1!VIDMM_GLOBAL::ProcessDeferredCommand+9bf
fffff880`047322af 488908          mov     qword ptr [rax],rcx

BUGCHECK_STR:  0x7E

LAST_CONTROL_TRANSFER:  from fffff8800472d358 to fffff880047322af

STACK_TEXT:  
fffff880`040b7b30 fffff880`0472d358 : fffffa80`0a044ed0 00000000`00000080 00000000`00000000 fffff880`040b7ca0 : dxgmms1!VIDMM_GLOBAL::ProcessDeferredCommand+0x9bf
fffff880`040b7c50 fffff880`0474b16d : fffffa80`00000000 fffffa80`0524f410 00000000`0000000f fffff880`0474cf09 : dxgmms1!VidMmiProcessTerminationCommand+0x4c
fffff880`040b7ca0 fffff880`0474a3f8 : fffff800`04863080 fffffa80`05383d50 00000000`00000000 fffffa80`0524f410 : dxgmms1!VidSchiSubmitDeviceCommand+0x39
fffff880`040b7cd0 fffff880`04749e96 : 00000000`00000000 fffffa80`05383d50 00000000`00000080 fffffa80`0524f410 : dxgmms1!VidSchiSubmitQueueCommand+0xb0
fffff880`040b7d00 fffff800`02f1ba86 : 00000000`043865b7 fffffa80`093b6b60 fffffa80`052009e0 fffffa80`093b6b60 : dxgmms1!VidSchiWorkerThread+0xd6
fffff880`040b7d40 fffff800`02c54b06 : fffff800`02df0e80 fffffa80`093b6b60 fffff800`02dfec40 fffff880`01615a90 : nt!PspSystemThreadStartup+0x5a
fffff880`040b7d80 00000000`00000000 : fffff880`040b8000 fffff880`040b2000 fffff880`040b7690 00000000`00000000 : nt!KxStartSystemThread+0x16


SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  dxgmms1!VIDMM_GLOBAL::ProcessDeferredCommand+9bf

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: dxgmms1

IMAGE_NAME:  dxgmms1.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc578

STACK_COMMAND:  .cxr 0xfffff880040b7160 ; kb

FAILURE_BUCKET_ID:  X64_0x7E_dxgmms1!VIDMM_GLOBAL::ProcessDeferredCommand+9bf

BUCKET_ID:  X64_0x7E_dxgmms1!VIDMM_GLOBAL::ProcessDeferredCommand+9bf

Followup: MachineOwner

....boot to safe mode + networking. Use Driver Sweeper from Guru3d.com to clear all ATI/AMD driver, files, settings etc...

Reboot to normal mode and re-install the latest driver again:

Drivers & Support | GAME.AMD.COM
 
Joined
Nov 30, 2009
Messages
1,752
Reaction score
396
I'm fairly sure it's not a hardware issue.

From the crash dump:

"1) A driver has inadvertently or deliberately modified critical kernel code
or data."

I would run a system file integrity check. To do so, open an elevated command prompt. Type sfc /scannow then hit enter.

If no integrity violations are found and nothing needed/was repaired, then run Driver Verifier in hopes of the actual faulting driver to be shown. Here's how:

http://www.techsupportforum.com/microsoft-support/windows-vista-windows-7-support/473665-driver-verifier-windows-7-vista.html

---

Edit: I wanted to and forgot to mention that the new dumps do not point to anything specific to do with video any longer. In case you're curious, here is the full debug outputs of the two types you're getting now, 0x109 and 0xA stops:

Code:
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [E:\Temp\Rar$DI00.703\081310-41246-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02c15000 PsLoadedModuleList = 0xfffff800`02e52e50
Debug session time: Fri Aug 13 23:28:16.415 2010 (UTC - 4:00)
System Uptime: 0 days 0:14:36.476
Loading Kernel Symbols
...............................................................
................................................................
.............................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck A, {1a, d, 0, fffff8000320439a}

Probably caused by : ntkrnlmp.exe ( nt!KiPageFault+260 )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 000000000000001a, memory referenced
Arg2: 000000000000000d, IRQL
Arg3: 0000000000000000, bitfield :
    bit 0 : value 0 = read operation, 1 = write operation
    bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff8000320439a, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002ebd0e0
 000000000000001a 

CURRENT_IRQL:  d

FAULTING_IP: 
hal!HalpSendFlatIpi+5b
fffff800`0320439a 0fb60c08        movzx   ecx,byte ptr [rax+rcx]

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0xA

PROCESS_NAME:  System

TRAP_FRAME:  fffff800048748d0 -- (.trap 0xfffff800048748d0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=000000000000001a
rdx=000000000000081a rsi=0000000000000000 rdi=0000000000000000
rip=fffff8000320439a rsp=fffff80004874a60 rbp=fffff800032199b0
 r8=0000000004000000  r9=fffffffffbffffff r10=0000000000000010
r11=fffff80004874af8 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up di pl nz na po nc
hal!HalpSendFlatIpi+0x5b:
fffff800`0320439a 0fb60c08        movzx   ecx,byte ptr [rax+rcx] ds:0001:00000000`0000001a=??
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff80002c84ca9 to fffff80002c85740

STACK_TEXT:  
fffff800`04874788 fffff800`02c84ca9 : 00000000`0000000a 00000000`0000001a 00000000`0000000d 00000000`00000000 : nt!KeBugCheckEx
fffff800`04874790 fffff800`02c83920 : fffffa80`05880010 00000000`0000005c 00000000`00000000 fffff800`02c93ca4 : nt!KiBugCheckDispatch+0x69
fffff800`048748d0 fffff800`0320439a : fffffa80`0834ba28 fffff880`04670dc6 00000000`00000001 fffff800`02e03208 : nt!KiPageFault+0x260
fffff800`04874a60 fffff800`0320444e : fffff780`00000320 00000000`000008d1 00000000`00000000 fffff780`00000320 : hal!HalpSendFlatIpi+0x5b
fffff800`04874a90 fffff800`02c8dcea : 00000000`00000000 fffff800`02dffe80 00000000`00000000 fffffa80`07ef65f0 : hal!HalpRequestIpiSpecifyVector+0x6d
fffff800`04874ac0 fffff800`031fb895 : fffff800`03220460 fffff800`04874c70 fffff800`03220460 00000000`00000000 : nt!KeUpdateSystemTime+0x27a
fffff800`04874bc0 fffff800`02c81c33 : fffff800`02dffe80 fffff800`04874c70 fffff800`02e03160 00000000`00000002 : hal!HalpHpetClockInterrupt+0x8d
fffff800`04874bf0 fffff800`02c8dec2 : fffff800`02dffe80 fffff800`00000000 00000000`00000000 fffff880`00000000 : nt!KiInterruptDispatchNoLock+0x163
fffff800`04874d80 00000000`00000000 : fffff800`04875000 fffff800`0486f000 fffff800`04874d40 00000000`00000000 : nt!KiIdleLoop+0x32


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!KiPageFault+260
fffff800`02c83920 440f20c0        mov     rax,cr8

SYMBOL_STACK_INDEX:  2

SYMBOL_NAME:  nt!KiPageFault+260

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c44a9

FAILURE_BUCKET_ID:  X64_0xA_nt!KiPageFault+260

BUCKET_ID:  X64_0xA_nt!KiPageFault+260

Followup: MachineOwner
---------

0: kd> lmtn
start             end                 module name
fffff800`00ba6000 fffff800`00bb0000   kdcom    kdcom.dll    Mon Jul 13 21:31:07 2009 (4A5BDFDB)
fffff800`02c15000 fffff800`031f1000   nt       ntkrnlmp.exe Sat Jun 19 00:16:41 2010 (4C1C44A9)
fffff800`031f1000 fffff800`0323a000   hal      hal.dll      Mon Jul 13 21:27:36 2009 (4A5BDF08)
fffff880`00c00000 fffff880`00c5c000   volmgrx  volmgrx.sys  Mon Jul 13 19:20:33 2009 (4A5BC141)
fffff880`00c5c000 fffff880`00c63000   pciide   pciide.sys   Mon Jul 13 19:19:49 2009 (4A5BC115)
fffff880`00c63000 fffff880`00c73000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`00c73000 fffff880`00c8d000   mountmgr mountmgr.sys Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`00c8d000 fffff880`00cb3000   pacer    pacer.sys    Mon Jul 13 20:09:41 2009 (4A5BCCC5)
fffff880`00cb3000 fffff880`00cf7000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 21:29:10 2009 (4A5BDF66)
fffff880`00cf7000 fffff880`00d0b000   PSHED    PSHED.dll    Mon Jul 13 21:32:23 2009 (4A5BE027)
fffff880`00d0b000 fffff880`00d69000   CLFS     CLFS.SYS     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`00d69000 fffff880`00d9c000   pci      pci.sys      Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`00d9c000 fffff880`00db1000   volmgr   volmgr.sys   Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`00db1000 fffff880`00dfd000   fltmgr   fltmgr.sys   Mon Jul 13 19:19:59 2009 (4A5BC11F)
fffff880`00e00000 fffff880`00e15000   partmgr  partmgr.sys  Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`00e16000 fffff880`00ed6000   CI       CI.dll       Mon Jul 13 21:32:13 2009 (4A5BE01D)
fffff880`00ed6000 fffff880`00f7a000   Wdf01000 Wdf01000.sys Mon Jul 13 19:22:07 2009 (4A5BC19F)
fffff880`00f7a000 fffff880`00f89000   WDFLDR   WDFLDR.SYS   Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`00f89000 fffff880`00fe0000   ACPI     ACPI.sys     Mon Jul 13 19:19:34 2009 (4A5BC106)
fffff880`00fe0000 fffff880`00fe9000   WMILIB   WMILIB.SYS   Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`00fe9000 fffff880`00ff3000   msisadrv msisadrv.sys Mon Jul 13 19:19:26 2009 (4A5BC0FE)
fffff880`00ff3000 fffff880`01000000   vdrvroot vdrvroot.sys Mon Jul 13 20:01:31 2009 (4A5BCADB)
fffff880`01000000 fffff880`01047000   mv61xx   mv61xx.sys   Tue Sep 15 07:28:12 2009 (4AAF7A4C)
fffff880`01047000 fffff880`01052000   amdxata  amdxata.sys  Tue May 19 13:56:59 2009 (4A12F2EB)
fffff880`01052000 fffff880`01066000   fileinfo fileinfo.sys Mon Jul 13 19:34:25 2009 (4A5BC481)
fffff880`0106c000 fffff880`01276000   iaStor   iaStor.sys   Wed Mar 03 21:51:31 2010 (4B8F2033)
fffff880`01276000 fffff880`01394000   iaStorV  iaStorV.sys  Wed Apr 08 12:57:17 2009 (49DCD76D)
fffff880`01394000 fffff880`0139d000   atapi    atapi.sys    Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`0139d000 fffff880`013c7000   ataport  ataport.SYS  Mon Jul 13 19:19:52 2009 (4A5BC118)
fffff880`013c7000 fffff880`013f6000   SCSIPORT SCSIPORT.SYS Mon Jul 13 20:01:04 2009 (4A5BCAC0)
fffff880`013f6000 fffff880`013fe000   mv61xxmm mv61xxmm.sys Tue Sep 15 07:27:13 2009 (4AAF7A11)
fffff880`01400000 fffff880`01430000   CLASSPNP CLASSPNP.SYS Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`01443000 fffff880`015e6000   Ntfs     Ntfs.sys     Mon Jul 13 19:20:47 2009 (4A5BC14F)
fffff880`01600000 fffff880`0164c000   volsnap  volsnap.sys  Mon Jul 13 19:20:08 2009 (4A5BC128)
fffff880`0164c000 fffff880`01686000   rdyboost rdyboost.sys Mon Jul 13 19:34:34 2009 (4A5BC48A)
fffff880`01686000 fffff880`0169c000   disk     disk.sys     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`016ba000 fffff880`01718000   msrpc    msrpc.sys    Mon Jul 13 19:21:32 2009 (4A5BC17C)
fffff880`01718000 fffff880`01732000   ksecdd   ksecdd.sys   Mon Jul 13 19:20:54 2009 (4A5BC156)
fffff880`01732000 fffff880`017a5000   cng      cng.sys      Mon Jul 13 19:49:40 2009 (4A5BC814)
fffff880`017a5000 fffff880`017b6000   pcw      pcw.sys      Mon Jul 13 19:19:27 2009 (4A5BC0FF)
fffff880`017b6000 fffff880`017c0000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 19:19:45 2009 (4A5BC111)
fffff880`017c0000 fffff880`017fa000   fvevol   fvevol.sys   Fri Sep 25 22:34:26 2009 (4ABD7DB2)
fffff880`01800000 fffff880`01860000   NETIO    NETIO.SYS    Mon Jul 13 19:21:46 2009 (4A5BC18A)
fffff880`01860000 fffff880`0188b000   ksecpkg  ksecpkg.sys  Fri Dec 11 01:03:32 2009 (4B21E0B4)
fffff880`0188b000 fffff880`01893000   spldr    spldr.sys    Mon May 11 12:56:27 2009 (4A0858BB)
fffff880`01893000 fffff880`018a5000   mup      mup.sys      Mon Jul 13 19:23:45 2009 (4A5BC201)
fffff880`018a5000 fffff880`018ae000   hwpolicy hwpolicy.sys Mon Jul 13 19:19:22 2009 (4A5BC0FA)
fffff880`018b3000 fffff880`019a5000   ndis     ndis.sys     Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`019a5000 fffff880`019ef000   fwpkclnt fwpkclnt.sys Mon Jul 13 19:21:08 2009 (4A5BC164)
fffff880`019ef000 fffff880`019ff000   vmstorfl vmstorfl.sys Mon Jul 13 19:42:54 2009 (4A5BC67E)
fffff880`01a01000 fffff880`01bfe000   tcpip    tcpip.sys    Sun Jun 13 23:39:04 2010 (4C15A458)
fffff880`02e00000 fffff880`02e26000   tunnel   tunnel.sys   Mon Jul 13 20:09:37 2009 (4A5BCCC1)
fffff880`02e26000 fffff880`02e3c000   intelppm intelppm.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD)
fffff880`02e3c000 fffff880`02e82000   atikmpag atikmpag.sys Tue Jul 06 21:15:42 2010 (4C33D53E)
fffff880`02ea5000 fffff880`02ec0000   wanarp   wanarp.sys   Mon Jul 13 20:10:21 2009 (4A5BCCED)
fffff880`02ec0000 fffff880`02ed4000   termdd   termdd.sys   Mon Jul 13 20:16:36 2009 (4A5BCE64)
fffff880`02ed4000 fffff880`02f25000   rdbss    rdbss.sys    Mon Jul 13 19:24:09 2009 (4A5BC219)
fffff880`02f25000 fffff880`02f31000   nsiproxy nsiproxy.sys Mon Jul 13 19:21:02 2009 (4A5BC15E)
fffff880`02f31000 fffff880`02f3c000   mssmbios mssmbios.sys Mon Jul 13 19:31:10 2009 (4A5BC3BE)
fffff880`02f3c000 fffff880`02f4b000   discache discache.sys Mon Jul 13 19:37:18 2009 (4A5BC52E)
fffff880`02f4b000 fffff880`02fce000   csc      csc.sys      Mon Jul 13 19:24:26 2009 (4A5BC22A)
fffff880`02fce000 fffff880`02fec000   dfsc     dfsc.sys     Mon Jul 13 19:23:44 2009 (4A5BC200)
fffff880`02fec000 fffff880`02ffd000   blbdrive blbdrive.sys Mon Jul 13 19:35:59 2009 (4A5BC4DF)
fffff880`04200000 fffff880`0428a000   afd      afd.sys      Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`0428a000 fffff880`042a0000   vwififlt vwififlt.sys Mon Jul 13 20:07:22 2009 (4A5BCC3A)
fffff880`042a0000 fffff880`042af000   netbios  netbios.sys  Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff880`042af000 fffff880`044b9000   dump_iaStor dump_iaStor.sys Wed Mar 03 21:51:31 2010 (4B8F2033)
fffff880`044cc000 fffff880`044f6000   cdrom    cdrom.sys    Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`044f6000 fffff880`044ff000   Null     Null.SYS     Mon Jul 13 19:19:37 2009 (4A5BC109)
fffff880`044ff000 fffff880`04506000   Beep     Beep.SYS     Mon Jul 13 20:00:13 2009 (4A5BCA8D)
fffff880`04506000 fffff880`04514000   vga      vga.sys      Mon Jul 13 19:38:47 2009 (4A5BC587)
fffff880`04514000 fffff880`04539000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:38:51 2009 (4A5BC58B)
fffff880`04539000 fffff880`04549000   watchdog watchdog.sys Mon Jul 13 19:37:35 2009 (4A5BC53F)
fffff880`04549000 fffff880`04552000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`04552000 fffff880`0455b000   rdpencdd rdpencdd.sys Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`0455b000 fffff880`04564000   rdprefmp rdprefmp.sys Mon Jul 13 20:16:35 2009 (4A5BCE63)
fffff880`04564000 fffff880`0456f000   Msfs     Msfs.SYS     Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`0456f000 fffff880`04580000   Npfs     Npfs.SYS     Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`04580000 fffff880`0459e000   tdx      tdx.sys      Mon Jul 13 19:21:15 2009 (4A5BC16B)
fffff880`0459e000 fffff880`045ab000   TDI      TDI.SYS      Mon Jul 13 19:21:18 2009 (4A5BC16E)
fffff880`045ab000 fffff880`045f0000   netbt    netbt.sys    Mon Jul 13 19:21:28 2009 (4A5BC178)
fffff880`045f0000 fffff880`045f9000   wfplwf   wfplwf.sys   Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff880`04600000 fffff880`04646000   dxgmms1  dxgmms1.sys  Mon Jul 13 19:38:32 2009 (4A5BC578)
fffff880`04646000 fffff880`0466a000   HDAudBus HDAudBus.sys Mon Jul 13 20:06:13 2009 (4A5BCBF5)
fffff880`0466a000 fffff880`046b4000   e1y62x64 e1y62x64.sys Wed Apr 07 18:58:49 2010 (4BBD0E29)
fffff880`046b4000 fffff880`046c1000   usbuhci  usbuhci.sys  Mon Jul 13 20:06:27 2009 (4A5BCC03)
fffff880`046c1000 fffff880`046d2000   usbehci  usbehci.sys  Mon Jul 13 20:06:30 2009 (4A5BCC06)
fffff880`046d2000 fffff880`046db000   wmiacpi  wmiacpi.sys  Mon Jul 13 19:31:02 2009 (4A5BC3B6)
fffff880`046e6000 fffff880`047da000   dxgkrnl  dxgkrnl.sys  Thu Oct 01 21:00:14 2009 (4AC5509E)
fffff880`047da000 fffff880`047ea000   CompositeBus CompositeBus.sys Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`047ea000 fffff880`04800000   AgileVpn AgileVpn.sys Mon Jul 13 20:10:24 2009 (4A5BCCF0)
fffff880`04a00000 fffff880`04a56000   USBPORT  USBPORT.SYS  Mon Jul 13 20:06:31 2009 (4A5BCC07)
fffff880`04a56000 fffff880`04a7a000   rasl2tp  rasl2tp.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`04a7a000 fffff880`04a86000   ndistapi ndistapi.sys Mon Jul 13 20:10:00 2009 (4A5BCCD8)
fffff880`04a86000 fffff880`051b5000   atikmdag atikmdag.sys Tue Jul 06 21:37:28 2010 (4C33DA58)
fffff880`051b5000 fffff880`051f3000   1394ohci 1394ohci.sys Mon Jul 13 20:07:12 2009 (4A5BCC30)
fffff880`05400000 fffff880`05443000   ks       ks.sys       Mon Jul 13 20:00:31 2009 (4A5BCA9F)
fffff880`05443000 fffff880`05446d80   LGBusEnum LGBusEnum.sys Mon Nov 23 20:36:48 2009 (4B0B38B0)
fffff880`05447000 fffff880`05459000   umbus    umbus.sys    Mon Jul 13 20:06:56 2009 (4A5BCC20)
fffff880`05459000 fffff880`054b3000   usbhub   usbhub.sys   Mon Jul 13 20:07:09 2009 (4A5BCC2D)
fffff880`054c0000 fffff880`054ef000   ndiswan  ndiswan.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`054ef000 fffff880`0550a000   raspppoe raspppoe.sys Mon Jul 13 20:10:17 2009 (4A5BCCE9)
fffff880`0550a000 fffff880`0552b000   raspptp  raspptp.sys  Mon Jul 13 20:10:18 2009 (4A5BCCEA)
fffff880`0552b000 fffff880`05545000   rassstp  rassstp.sys  Mon Jul 13 20:10:25 2009 (4A5BCCF1)
fffff880`05545000 fffff880`05550000   rdpbus   rdpbus.sys   Mon Jul 13 20:17:46 2009 (4A5BCEAA)
fffff880`05550000 fffff880`0555f000   kbdclass kbdclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`0555f000 fffff880`0556e000   mouclass mouclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`0556e000 fffff880`05583000   NDProxy  NDProxy.SYS  Mon Jul 13 20:10:05 2009 (4A5BCCDD)
fffff880`05583000 fffff880`055a6000   AtiHdmi  AtiHdmi.sys  Thu May 06 05:20:39 2010 (4BE289E7)
fffff880`055d0000 fffff880`055d1480   swenum   swenum.sys   Mon Jul 13 20:00:18 2009 (4A5BCA92)
fffff880`06081000 fffff880`060be000   portcls  portcls.sys  Mon Jul 13 20:06:27 2009 (4A5BCC03)
fffff880`060be000 fffff880`060e0000   drmk     drmk.sys     Mon Jul 13 21:01:25 2009 (4A5BD8E5)
fffff880`060e0000 fffff880`060e5200   ksthunk  ksthunk.sys  Mon Jul 13 20:00:19 2009 (4A5BCA93)
fffff880`060e6000 fffff880`06139000   nwifi    nwifi.sys    Mon Jul 13 20:07:23 2009 (4A5BCC3B)
fffff880`06139000 fffff880`0616f000   fastfat  fastfat.SYS  Mon Jul 13 19:23:28 2009 (4A5BC1F0)
fffff880`06400000 fffff880`0642d000   mrxsmb   mrxsmb.sys   Sat Feb 27 02:52:19 2010 (4B88CF33)
fffff880`0642d000 fffff880`0647b000   mrxsmb10 mrxsmb10.sys Sat Feb 27 02:52:28 2010 (4B88CF3C)
fffff880`0647b000 fffff880`0649e000   mrxsmb20 mrxsmb20.sys Sat Feb 27 02:52:26 2010 (4B88CF3A)
fffff880`0649e000 fffff880`064ac000   hidusb   hidusb.sys   Mon Jul 13 20:06:22 2009 (4A5BCBFE)
fffff880`064ac000 fffff880`064c5000   HIDCLASS HIDCLASS.SYS Mon Jul 13 20:06:21 2009 (4A5BCBFD)
fffff880`064c5000 fffff880`064cd080   HIDPARSE HIDPARSE.SYS Mon Jul 13 20:06:17 2009 (4A5BCBF9)
fffff880`064ce000 fffff880`064dc000   kbdhid   kbdhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff880`064f7000 fffff880`065bf000   HTTP     HTTP.sys     Mon Jul 13 19:22:16 2009 (4A5BC1A8)
fffff880`065bf000 fffff880`065dd000   bowser   bowser.sys   Mon Jul 13 19:23:50 2009 (4A5BC206)
fffff880`065dd000 fffff880`065f5000   mpsdrv   mpsdrv.sys   Mon Jul 13 20:08:25 2009 (4A5BCC79)
fffff880`06600000 fffff880`06615000   lltdio   lltdio.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`06615000 fffff880`06628000   ndisuio  ndisuio.sys  Mon Jul 13 20:09:25 2009 (4A5BCCB5)
fffff880`06628000 fffff880`06640000   rspndr   rspndr.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`06650000 fffff880`06890200   RTKVHD64 RTKVHD64.sys Fri May 07 06:56:11 2010 (4BE3F1CB)
fffff880`06891000 fffff880`0689d000   Dxapi    Dxapi.sys    Mon Jul 13 19:38:28 2009 (4A5BC574)
fffff880`0689d000 fffff880`068ba000   usbccgp  usbccgp.sys  Mon Jul 13 20:06:45 2009 (4A5BCC15)
fffff880`068ba000 fffff880`068bbf00   USBD     USBD.SYS     Mon Jul 13 20:06:23 2009 (4A5BCBFF)
fffff880`068bc000 fffff880`068cd000   usbscan  usbscan.sys  Mon Jul 13 20:35:32 2009 (4A5BD2D4)
fffff880`068cd000 fffff880`068d9000   usbprint usbprint.sys Mon Jul 13 20:38:18 2009 (4A5BD37A)
fffff880`068d9000 fffff880`068e7000   monitor  monitor.sys  Mon Jul 13 19:38:52 2009 (4A5BC58C)
fffff880`068e7000 fffff880`0693b000   udfs     udfs.sys     Mon Jul 13 19:23:37 2009 (4A5BC1F9)
fffff880`0693b000 fffff880`0695e000   luafv    luafv.sys    Mon Jul 13 19:26:13 2009 (4A5BC295)
fffff880`0695e000 fffff880`0697f000   WudfPf   WudfPf.sys   Mon Jul 13 20:05:37 2009 (4A5BCBD1)
fffff880`0697f000 fffff880`0699a000   USBSTOR  USBSTOR.SYS  Mon Jul 13 20:06:34 2009 (4A5BCC0A)
fffff880`0699a000 fffff880`069cb000   WUDFRd   WUDFRd.sys   Mon Jul 13 20:06:06 2009 (4A5BCBEE)
fffff880`069cb000 fffff880`069d9000   crashdmp crashdmp.sys Mon Jul 13 20:01:01 2009 (4A5BCABD)
fffff880`069d9000 fffff880`069ec000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
fffff880`08a85000 fffff880`08b2b000   peauth   peauth.sys   Mon Jul 13 21:01:19 2009 (4A5BD8DF)
fffff880`08b2b000 fffff880`08b36000   secdrv   secdrv.SYS   Wed Sep 13 09:18:38 2006 (4508052E)
fffff880`08b36000 fffff880`08b63000   srvnet   srvnet.sys   Mon Jun 21 23:20:32 2010 (4C202C00)
fffff880`08b63000 fffff880`08b75000   tcpipreg tcpipreg.sys Mon Jul 13 20:09:49 2009 (4A5BCCCD)
fffff880`08b75000 fffff880`08bdd000   srv2     srv2.sys     Mon Jun 21 23:20:47 2010 (4C202C0F)
fffff880`08e55000 fffff880`08eeb000   srv      srv.sys      Mon Jun 21 23:21:11 2010 (4C202C27)
fffff880`08eeb000 fffff880`08ef6000   LGPBTDD  LGPBTDD.sys  Wed Jul 01 14:47:52 2009 (4A4BAF58)
fffff880`08ef6000 fffff880`08f0b000   LHidFilt LHidFilt.Sys Thu Mar 18 04:51:17 2010 (4BA1E985)
fffff880`08f0b000 fffff880`08f18000   mouhid   mouhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff880`08f18000 fffff880`08f2c000   LMouFilt LMouFilt.Sys Thu Mar 18 04:51:24 2010 (4BA1E98C)
fffff880`08f2c000 fffff880`08f2e480   LGVirHid LGVirHid.sys Mon Nov 23 20:36:48 2009 (4B0B38B0)
fffff880`08fa0000 fffff880`08fab000   asyncmac asyncmac.sys Mon Jul 13 20:10:13 2009 (4A5BCCE5)
fffff960`00030000 fffff960`0033f000   win32k   win32k.sys   unavailable (00000000)
fffff960`00450000 fffff960`0045a000   TSDDD    TSDDD.dll    unavailable (00000000)
fffff960`006c0000 fffff960`006e7000   cdd      cdd.dll      unavailable (00000000)

Unloaded modules:
fffff880`08f2f000 fffff880`08fa0000   spsys.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00071000
fffff880`0169c000 fffff880`016aa000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`042af000 fffff880`044b9000   dump_iaStor.
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0020A000
fffff880`044b9000 fffff880`044cc000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00013000
fffff880`0559f000 fffff880`055d0000   WUDFRd.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00031000
fffff880`0556e000 fffff880`0559f000   WUDFRd.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00031000
Code:
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [E:\Temp\Rar$DI09.640\081310-30154-02.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02c51000 PsLoadedModuleList = 0xfffff800`02e8ee50
Debug session time: Fri Aug 13 23:11:35.481 2010 (UTC - 4:00)
System Uptime: 0 days 0:08:18.542
Loading Kernel Symbols
...............................................................
................................................................
.............................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 109, {a3a039d8975ef524, b3b7465ee9dbc71a, fffff80002d7b530, 1}

*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by : memory_corruption

Followup: memory_corruption
---------

4: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

CRITICAL_STRUCTURE_CORRUPTION (109)
This bugcheck is generated when the kernel detects that critical kernel code or
data have been corrupted. There are generally three causes for a corruption:
1) A driver has inadvertently or deliberately modified critical kernel code
 or data. See http://www.microsoft.com/whdc/driver/kernel/64bitPatching.mspx
2) A developer attempted to set a normal kernel breakpoint using a kernel
 debugger that was not attached when the system was booted. Normal breakpoints,
 "bp", can only be set if the debugger is attached at boot time. Hardware
 breakpoints, "ba", can be set at any time.
3) A hardware corruption occurred, e.g. failing RAM holding kernel code or data.
Arguments:
Arg1: a3a039d8975ef524, Reserved
Arg2: b3b7465ee9dbc71a, Reserved
Arg3: fffff80002d7b530, Failure type dependent information
Arg4: 0000000000000001, Type of corrupted region, can be
    0 : A generic data region
    1 : Modification of a function or .pdata
    2 : A processor IDT
    3 : A processor GDT
    4 : Type 1 process list corruption
    5 : Type 2 process list corruption
    6 : Debug routine modification
    7 : Critical MSR modification

Debugging Details:
------------------


BUGCHECK_STR:  0x109

CUSTOMER_CRASH_COUNT:  2

DEFAULT_BUCKET_ID:  CODE_CORRUPTION

PROCESS_NAME:  System

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from 0000000000000000 to fffff80002cc1740

STACK_TEXT:  
fffff880`0355b5d8 00000000`00000000 : 00000000`00000109 a3a039d8`975ef524 b3b7465e`e9dbc71a fffff800`02d7b530 : nt!KeBugCheckEx


STACK_COMMAND:  kb

CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
    fffff80002d7b4e0 - nt!DbgPrint
    [ 4c:c3 ]
    fffff80002d7b79b - nt!PpmPerfChooseCoresToUnpark+26b (+0x2bb)
    [ 48:4c ]
2 errors : !nt (fffff80002d7b4e0-fffff80002d7b79b)

MODULE_NAME: memory_corruption

IMAGE_NAME:  memory_corruption

FOLLOWUP_NAME:  memory_corruption

DEBUG_FLR_IMAGE_TIMESTAMP:  0

MEMORY_CORRUPTOR:  LARGE

FAILURE_BUCKET_ID:  X64_MEMORY_CORRUPTION_LARGE

BUCKET_ID:  X64_MEMORY_CORRUPTION_LARGE

Followup: memory_corruption
---------

4: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

CRITICAL_STRUCTURE_CORRUPTION (109)
This bugcheck is generated when the kernel detects that critical kernel code or
data have been corrupted. There are generally three causes for a corruption:
1) A driver has inadvertently or deliberately modified critical kernel code
 or data. See http://www.microsoft.com/whdc/driver/kernel/64bitPatching.mspx
2) A developer attempted to set a normal kernel breakpoint using a kernel
 debugger that was not attached when the system was booted. Normal breakpoints,
 "bp", can only be set if the debugger is attached at boot time. Hardware
 breakpoints, "ba", can be set at any time.
3) A hardware corruption occurred, e.g. failing RAM holding kernel code or data.
Arguments:
Arg1: a3a039d8975ef524, Reserved
Arg2: b3b7465ee9dbc71a, Reserved
Arg3: fffff80002d7b530, Failure type dependent information
Arg4: 0000000000000001, Type of corrupted region, can be
    0 : A generic data region
    1 : Modification of a function or .pdata
    2 : A processor IDT
    3 : A processor GDT
    4 : Type 1 process list corruption
    5 : Type 2 process list corruption
    6 : Debug routine modification
    7 : Critical MSR modification

Debugging Details:
------------------


BUGCHECK_STR:  0x109

CUSTOMER_CRASH_COUNT:  2

DEFAULT_BUCKET_ID:  CODE_CORRUPTION

PROCESS_NAME:  System

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from 0000000000000000 to fffff80002cc1740

STACK_TEXT:  
fffff880`0355b5d8 00000000`00000000 : 00000000`00000109 a3a039d8`975ef524 b3b7465e`e9dbc71a fffff800`02d7b530 : nt!KeBugCheckEx


STACK_COMMAND:  kb

CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
    fffff80002d7b4e0 - nt!DbgPrint
    [ 4c:c3 ]
    fffff80002d7b79b - nt!PpmPerfChooseCoresToUnpark+26b (+0x2bb)
    [ 48:4c ]
2 errors : !nt (fffff80002d7b4e0-fffff80002d7b79b)

MODULE_NAME: memory_corruption

IMAGE_NAME:  memory_corruption

FOLLOWUP_NAME:  memory_corruption

DEBUG_FLR_IMAGE_TIMESTAMP:  0

MEMORY_CORRUPTOR:  LARGE

FAILURE_BUCKET_ID:  X64_MEMORY_CORRUPTION_LARGE

BUCKET_ID:  X64_MEMORY_CORRUPTION_LARGE

Followup: memory_corruption
---------
 
Last edited:
Joined
Aug 8, 2010
Messages
7
Reaction score
0
I ran the sfc. It blue screened at 34%. I ran it again and it blue screened at 73%. The third time I ran it it went to 100% with no problem. Here are the blue screens i got. I am doing the verifier next.
 

Attachments

Joined
Aug 8, 2010
Messages
7
Reaction score
0
I am continuing to run the verifier, but it is crashing without a blue screen now. It just goes black and then restarts. That might defeat the purpose of the verifier, lol.
 
Ad

Advertisements

Joined
Nov 30, 2009
Messages
1,752
Reaction score
396
Let me ask this. I don't see any kind of antivirus installed. Do you have any?

If not, then two things I highly recommend.

1) Do this regardless - Download, install, run then update the definitions in a free program called Malwarebytes. Let it scan then remove everything it finds.

2) For 24x7 type of protection, install MSE which is free, never causes bsod and is great with resources (will not bog down the pc like others do.)
 
Joined
Aug 8, 2010
Messages
7
Reaction score
0
Malwarebytes found a trojan called Trojan.Agent.CK. After Removing it MSE found nothing. And there were no updates from Microsoft. The Bluescreens persist. But they all see to be the same error now. This is quite a puzzling problem.
 

Attachments

Joined
Nov 30, 2009
Messages
1,752
Reaction score
396
A driver is corrupting pool memory (data stored in RAM) that's used for holding pages destined for disk.

In plain English, that means one of the drivers is messing with what is eventually going to be placed on the hard drive.

The stack text of one of the crashes:

Code:
fffff880`035542d8 fffff800`02c203f3 : 00000000`000000de 00000000`00000002 fffff8a0`087b1798 fffff8a0`076b2809 : nt!KeBugCheckEx
fffff880`035542e0 fffff800`02c60b82 : 00000000`00000000 fffffa80`05851700 00000000`00000000 00000000`00000000 : nt! ?? ::FNODOBFM::`string'+0x2d260
fffff880`035543d0 fffff880`016a7e51 : fffffa80`056c56a8 fffffa80`08466010 00000000`00000000 00000000`00000000 : nt!CcPurgeCacheSection+0x172
fffff880`03554440 fffff880`016de06b : fffffa80`08466010 fffff8a0`04328c70 00000000`00000000 fffff8a0`04328c01 : Ntfs!NtfsFlushAndPurgeScb+0x1bb
fffff880`035544d0 fffff880`016cbe45 : fffffa80`08466010 fffffa80`054689e8 fffffa80`08261180 fffff8a0`04328ed8 : Ntfs!NtfsOpenAttribute+0x81b
fffff880`035545e0 fffff880`016c878b : fffff880`0a7b24b0 fffffa80`08466010 fffff8a0`04328ed8 fffff8a0`00000070 : Ntfs!NtfsOpenExistingAttr+0x145
fffff880`035546a0 fffff880`016c8eff : fffffa80`08466010 fffffa80`05468720 fffff8a0`04328ed8 fffff880`00000070 : Ntfs!NtfsOpenAttributeInExistingFile+0x5ab
fffff880`03554830 fffff880`016d9e76 : fffffa80`08466010 fffffa80`05468720 fffff8a0`04328ed8 00000001`a8aa4901 : Ntfs!NtfsOpenExistingPrefixFcb+0x1ef
fffff880`03554920 fffff880`016d428d : fffffa80`08466010 fffffa80`05468720 fffff880`03554b00 fffff880`03554b48 : Ntfs!NtfsFindStartingNode+0x5e6
fffff880`035549f0 fffff880`0162f4dd : fffffa80`08466010 fffffa80`05468720 fffff880`0a7b24b0 00000000`00000000 : Ntfs!NtfsCommonCreate+0x3dd
fffff880`03554bd0 fffff800`02c88961 : fffffa80`05216d00 fffff800`02c6f300 fffff800`02e82100 fffffa80`00000000 : Ntfs!NtfsFspDispatch+0x26d
fffff880`03554cb0 fffff800`02f1fc06 : c5d0c5d0`fcf2fcf2 fffffa80`05211040 00000000`00000080 fffffa80`051f19e0 : nt!ExpWorkerThread+0x111
fffff880`03554d40 fffff800`02c59c26 : fffff880`03386180 fffffa80`05211040 fffff880`033910c0 cd8dcd8d`ee1dee1d : nt!PspSystemThreadStartup+0x5a
fffff880`03554d80 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxStartSystemThread+0x16
See all those Ntfs references? NTFS means the type of file system in use. It means your hard drive.

This old driver is still on the system. I've looked for methods to update it for you from Intel's website, but the driver packages meant for your hardware all only contain iaStor.sys and not iaStorV.sys:

Code:
iaStorV  iaStorV.sys  Wed Apr 08 12:57:17 2009
After some further digging, I found this. I'd like you to install it as it will update that driver to latest:

http://thehotfixshare.net/board/index.php?autocom=downloads&showfile=12385

One further thing for now. Open an elevated command prompt. Type chkdsk /r then hit enter. Follow the simple instructions it will show.

This will repair any errors it can.

If stop errors continue after these things, enable Driver Verifier as previously shown. Then post those crash dumps.
 
Ad

Advertisements

Joined
Nov 30, 2009
Messages
1,752
Reaction score
396
The iaStorV.sys driver has successfully been updated.

These crash dumps are not Driver Verifier ones as I've been saying to enable.

Unfortunately, I don't really think that is going to matter much as it looks like bad RAM.

You can use Memtest86+ to test the modules. Overnight testing is best.
You might have to test one module at a time with all others removed to figure out which one is faulty.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top