# BSOD - new computer



## seenk (Dec 20, 2009)

I just got a new computer and getting the BSOD error.

I should have copied it but it is:
BCCode 50

Possible files:
C:\windows\minidump\121909-32760-01.dmp
C:\users\sean\appdata\local\temp\WER-47486-0.sysdata.xml

I activated windows 7 and started downloading the windows updates, left the room, came back and the computer was asking if i wanted to start in safe mode. i started in normal and got the blue screen error as posted above. It seems to be random so far, as it happened only once more when trying to install dragon age: origins.

I thought maybe it was bad ram, but the memory test i let run for a while passed 4 times with no errors.

So attached is the TSF report if someone could help.

it is a Gigabyte P55M-UD2 motherboard, Intel Core i7 860 2.8 ghz processor, 4 GB DDR3 RAM (dual channel 2x2GB), Radeon HD4670 1GB video card running Windows 7 Home Premium 64 bit.

Thanks!!!!!


----------



## jcgriff2 (Sep 30, 2007)

Hi Sean - 

The bugchecks - 

```
[font=lucida console]  
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Debug session time: Sat Dec 19 21:19:50.677 2009 (GMT-5)
System Uptime: 0 days 0:41:01.692
[B]BugCheck 1A, [/B]{31, fffffa80069896e0, fffff88005398000, fffff8a00719688c}
Probably caused by : ntkrnlmp.exe ( nt! ?? ::NNGAKEGL::`string'+6378 )
BUGCHECK_STR:  0x1a_31
PROCESS_NAME:  mscorsvw.exe
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Debug session time: Sat Dec 19 21:35:50.626 2009 (GMT-5)
System Uptime: 0 days 0:14:50.640
[B]BugCheck 50[/B], {fffff8800811d000, 1, fffff880010eca75, 0}
Probably caused by : memory_corruption
BUGCHECK_STR:  0x50
PROCESS_NAME:  wuauclt.exe
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Debug session time: Sat Dec 19 20:37:53.962 2009 (GMT-5)
System Uptime: 0 days 0:25:45.977
[B]BugCheck A[/B], {fffffa8022c17968, 2, 1, fffff80002d481db}
Probably caused by : memory_corruption ( nt!MiRemoveLowestPriorityStandbyPage+24b )
BUGCHECK_STR:  0xA
PROCESS_NAME:  Installer.exe

.[/font]
```
3 different bugchecks within 45 minutes on a brand new system is indicative of hardware failure. The dumps show overlapping memory address regions for your video drivers. Re-installing the ATI drivers would usually be a single focus for me, except for some other items found.

Everything in most of the files appears picture-perfect except the system logs which show the actual initial boot of your system to be 10 November 2009, then silence in the logs until yesterday, 19 December 2009. I also wonder about the installation source used for Windows 7 by the retailer you purchased the system from based on the Security Identifier (SID) of the username. It is not the usual one that I see in the logs.

Did you purchase the system with Windows 7 pre-installed? I am leaning much more toward OS corruption v. hardware failure at this time.

Also - check out the Windows 7 Health Report for yourself. A system with specs such as yours would not yield "poor CPU, video, HDD, etc.." performance as the report suggests - 

```
[font=lucida console]
 Intel Core i7 860 2.8 ghz processor 
 4 GB DDR3 RAM (dual channel 2x2GB) 
 Radeon HD4670 1GB video c
[/font]
```
The Health Report - 
START | type *perfmon /report*

Regards. . .

jcgriff2

.


----------



## seenk (Dec 20, 2009)

Thanks jcgriff2 for getting back to me so quickly!

Yes Win7 was preloaded and the product key said it was expired so i had to use the auto phone service to actually activate windows 7, which worked great. 

They provided me with a "reinstallation DVD" that is a recovery DVD that says Windows 7 home premium 64-bit on it.
Is it worth running it and reinstalling?

I noticed all those performance issues when i ran that system diagnostics, but now today, none of those issues showed up (see attached). I ran the windows experience for fun too, and the processor and memory show up as 7.5, graphics 5.1, gaming graphics 6.4, primary hard disk 5.9 which sounds about what i would expect for this system.

I did end up downloading the latest ATI drivers for my video card and I haven't got an error since, so i'm not sure if that was part of the problem too? Those were installed before I did the first perfmon test yesterday and the TSF report.

Thanks!!


----------



## seenk (Dec 20, 2009)

Well it hasn't given another error since saturday.
I'm still wondering if i should try the recovery disk to reinstall windows.
Would the disk likely do a fairly clean wipe and reinstall of windows?
Is it worth the bother if it's working OK now?

Performance seems to be fine, so I'm not sure why those errors showed up the first time.

Thanks


----------



## seenk (Dec 20, 2009)

I just realized the power settings in control panel was set to put the computer to sleep after 10 minutes. The first three errors all happened when I had left the room for more than 10 minutes, so I'm wondering if that was also causing a problem?

I changed it now, but instead of a blue screen error when it sleeps, it just closes internet explorer, and i have to restore my last session when I open it back up.


----------



## seenk (Dec 20, 2009)

BAH! Well I tried scanning for viruses with McAfee and left the room for about 10 minutes, and windows had restarted and said it had recovered from a problem, but no further information was available.

I think I'm just going to try and use the recovery CD tomorrow and see if that does anything.


----------



## jcgriff2 (Sep 30, 2007)

Hi - 

Thank you for telling me about the licensing issue. The fact that you had to phone Microsoft and obtain a new key explains a lot to me. It was the issues related to security that I found most troublesome and why I placed "conditional" solution probabilities on the ATI driver updates alone.

As for the Health Report - it is tied to WINSAT, which runs the performance indices during/post installation. It is possible that the bad conditions found in the initial health report simply used the PERFMON numbers obtained from WINSAT during OS installation - which we now know had a licensing issue, so the system may have initially been running in a reduced functionality mode -

http://support.microsoft.com/kb/925582

The power issue is one that you will need to adjust as you see fit. Having the system go to sleep after 10 minutes is more of a personal choice; settings to have the logon screen show after sleep resumption is the same. I would choose a power plan (I use high-performance myself), click on reset defaults, then adjust any single itmes you wish.

Use the system as normal and see if BSODs or other troubles persist. But from you tell me, you may just be out of the woods.

Happy Holidays!

jcgriff2

.


----------



## DT Roberts (Jun 22, 2009)

If you'd rather not reinstall, follow the instructions here: http://www.techsupportforum.com/1871981-post2.html

I'd like to see what that "problem" was and if it's fixable.


----------



## jcgriff2 (Sep 30, 2007)

OOPS... I just saw your last post after I submitted mine...

My next suggestion is to rid your system of McAfee...... its 3rd party firewall does not play nicely with Windows 7 system services, just like it and other competitor's products cause many problems in Vista.


Download the McAfee Removal Tool (MRT); save to desktop. Then go to desktop, RIGHT-click on the MRT icon and select Run as Administrator. When complete - re-boot.

Reset the Windows Firewall to its default settings - 
START | type FirewallSettings.exe into the start search box | click on FirewallSettings.exe above | select the Advanced Tab | click on "Restore Defaults" | Click Apply, OK

Use AVG for a/v if you wish - http://free.avg.com/download-avg-anti-virus-free-edition


Regards. . .

jcgriff2

.


----------



## seenk (Dec 20, 2009)

Ok, attached is the latest files if you can have a look.
I'm not sure why the perfmon report says it can't find an anti-virus program since mcafee is still installed, but I think I'm going to take jcgriff's advice and uninstall it, as I did have some troubles with it in Vista too.

I'll try playing with the power options some more, but I don't think it should be closing internet explorer and having to restore my last session every time the computer goes to sleep? I'll see if some other settings help.


----------



## DT Roberts (Jun 22, 2009)

The latest one is 0x4E pointing to *memory_corruption* once again:

```
Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\Devin\Downloads\TSF\seenk\TSF_Vista_Support\122109-18158-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*f:\localsymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0xfffff800`02c60000 PsLoadedModuleList = 0xfffff800`02e9de50
Debug session time: Mon Dec 21 23:16:20.625 2009 (GMT-5)
System Uptime: 0 days 0:11:40.639
Loading Kernel Symbols
...............................................................
................................................................
...............
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1A, {5003, fffff70001080000, a720, 5ae7409}

Probably caused by : ntkrnlmp.exe ( nt! ?? ::FNODOBFM::`string'+21bc6 )

Followup: MachineOwner
---------

2: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

MEMORY_MANAGEMENT (1a)
    # Any other values for parameter 1 must be individually examined.
Arguments:
Arg1: 0000000000005003, The subtype of the bugcheck.
Arg2: fffff70001080000
Arg3: 000000000000a720
Arg4: 0000000005ae7409

Debugging Details:
------------------


BUGCHECK_STR:  0x1a_5003

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  svchost.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from fffff80002d3a536 to fffff80002cd1f00

STACK_TEXT:  
fffff880`07020a68 fffff800`02d3a536 : 00000000`0000001a 00000000`00005003 fffff700`01080000 00000000`0000a720 : nt!KeBugCheckEx
fffff880`07020a70 fffff800`02cec82c : fffff680`00044138 fffff880`07020b40 00000000`00000000 ffffffff`ffffffff : nt! ?? ::FNODOBFM::`string'+0x21bc6
fffff880`07020ac0 fffff800`02ccffee : 00000000`00000001 00000000`0195eef8 00000000`00000001 00000000`00000002 : nt!MmAccessFault+0xc4c
fffff880`07020c20 000007fe`feb05a4a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x16e
00000000`0195e668 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7fe`feb05a4a


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt! ?? ::FNODOBFM::`string'+21bc6
fffff800`02d3a536 cc              int     3

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  nt! ?? ::FNODOBFM::`string'+21bc6

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc600

FAILURE_BUCKET_ID:  X64_0x1a_5003_nt!_??_::FNODOBFM::_string_+21bc6

BUCKET_ID:  X64_0x1a_5003_nt!_??_::FNODOBFM::_string_+21bc6

Followup: MachineOwner
---------

2: kd> r
rax=0000000005ae7409 rbx=000000000000a720 rcx=000000000000001a
rdx=0000000000005003 rsi=fffff68000044138 rdi=fffffa8005d7fec8
rip=fffff80002cd1f00 rsp=fffff88007020a68 rbp=0000000000000000
 r8=fffff70001080000  r9=000000000000a720 r10=0000000000000000
r11=fffff70001080488 r12=fffff70001080000 r13=fffffa8000e57a90
r14=0000000000000000 r15=00000000ffffffff
iopl=0         nv up ei pl nz na pe nc
cs=0010  ss=0000  ds=002b  es=002b  fs=0053  gs=002b             efl=00000202
nt!KeBugCheckEx:
fffff800`02cd1f00 48894c2408      mov     qword ptr [rsp+8],rcx ss:fffff880`07020a70=000000000000001a
2: kd> k
Child-SP          RetAddr           Call Site
fffff880`07020a68 fffff800`02d3a536 nt!KeBugCheckEx
fffff880`07020a70 fffff800`02cec82c nt! ?? ::FNODOBFM::`string'+0x21bc6
fffff880`07020ac0 fffff800`02ccffee nt!MmAccessFault+0xc4c
fffff880`07020c20 000007fe`feb05a4a nt!KiPageFault+0x16e
00000000`0195e668 00000000`00000000 0x7fe`feb05a4a
2: kd> kv
Child-SP          RetAddr           : Args to Child                                                           : Call Site
fffff880`07020a68 fffff800`02d3a536 : 00000000`0000001a 00000000`00005003 fffff700`01080000 00000000`0000a720 : nt!KeBugCheckEx
fffff880`07020a70 fffff800`02cec82c : fffff680`00044138 fffff880`07020b40 00000000`00000000 ffffffff`ffffffff : nt! ?? ::FNODOBFM::`string'+0x21bc6
fffff880`07020ac0 fffff800`02ccffee : 00000000`00000001 00000000`0195eef8 00000000`00000001 00000000`00000002 : nt!MmAccessFault+0xc4c
fffff880`07020c20 000007fe`feb05a4a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x16e (TrapFrame @ fffff880`07020c20)
00000000`0195e668 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7fe`feb05a4a
2: kd> lmntsm
start             end                 module name
fffff880`040fe000 fffff880`0413c000   1394ohci 1394ohci.sys Mon Jul 13 20:07:12 2009 (4A5BCC30)
fffff880`00f85000 fffff880`00fdc000   ACPI     ACPI.sys     Mon Jul 13 19:19:34 2009 (4A5BC106)
fffff880`02800000 fffff880`0288a000   afd      afd.sys      Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`04158000 fffff880`0416e000   AgileVpn AgileVpn.sys Mon Jul 13 20:10:24 2009 (4A5BCCF0)
fffff880`00dc3000 fffff880`00dce000   amdxata  amdxata.sys  Tue May 19 13:56:59 2009 (4A12F2EB)
fffff880`0727c000 fffff880`07287000   asyncmac asyncmac.sys Mon Jul 13 20:10:13 2009 (4A5BCCE5)
fffff880`00d90000 fffff880`00d99000   atapi    atapi.sys    Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00d99000 fffff880`00dc3000   ataport  ataport.SYS  Mon Jul 13 19:19:52 2009 (4A5BC118)
fffff880`0449b000 fffff880`04ad1000   atikmdag atikmdag.sys Tue Nov 24 22:44:50 2009 (4B0CA832)
fffff880`00df8000 fffff880`00dff000   Beep     Beep.SYS     Mon Jul 13 20:00:13 2009 (4A5BCA8D)
fffff880`03e77000 fffff880`03e88000   blbdrive blbdrive.sys Mon Jul 13 19:35:59 2009 (4A5BC4DF)
fffff880`034d4000 fffff880`034f2000   bowser   bowser.sys   Mon Jul 13 19:23:50 2009 (4A5BC206)
fffff960`007a0000 fffff960`007c7000   cdd      cdd.dll      unavailable (00000000)
fffff880`06187000 fffff880`061a4000   cdfs     cdfs.sys     Mon Jul 13 19:19:46 2009 (4A5BC112)
fffff880`00dce000 fffff880`00df8000   cdrom    cdrom.sys    Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`00c00000 fffff880`00cc0000   CI       CI.dll       Mon Jul 13 21:32:13 2009 (4A5BE01D)
fffff880`011ae000 fffff880`011de000   CLASSPNP CLASSPNP.SYS Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`00d18000 fffff880`00d76000   CLFS     CLFS.SYS     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`01000000 fffff880`01073000   cng      cng.sys      Mon Jul 13 19:49:40 2009 (4A5BC814)
fffff880`04148000 fffff880`04158000   CompositeBus CompositeBus.sys Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`04fb6000 fffff880`04fc4000   crashdmp crashdmp.sys Mon Jul 13 20:01:01 2009 (4A5BCABD)
fffff880`03e59000 fffff880`03e77000   dfsc     dfsc.sys     Mon Jul 13 19:23:44 2009 (4A5BC200)
fffff880`03e4a000 fffff880`03e59000   discache discache.sys Mon Jul 13 19:37:18 2009 (4A5BC52E)
fffff880`0120a000 fffff880`01220000   disk     disk.sys     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`04f73000 fffff880`04f95000   drmk     drmk.sys     Mon Jul 13 21:01:25 2009 (4A5BD8E5)
fffff880`04fd0000 fffff880`04fd9000   dump_atapi dump_atapi.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`04fc4000 fffff880`04fd0000   dump_dumpata dump_dumpata.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`04fd9000 fffff880`04fec000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
fffff880`0617b000 fffff880`06187000   Dxapi    Dxapi.sys    Mon Jul 13 19:38:28 2009 (4A5BC574)
fffff880`04ad1000 fffff880`04bc5000   dxgkrnl  dxgkrnl.sys  Thu Oct 01 21:00:14 2009 (4AC5509E)
fffff880`04400000 fffff880`04446000   dxgmms1  dxgmms1.sys  Mon Jul 13 19:38:32 2009 (4A5BC578)
fffff880`0113c000 fffff880`01150000   fileinfo fileinfo.sys Mon Jul 13 19:34:25 2009 (4A5BC481)
fffff880`010f0000 fffff880`0113c000   fltmgr   fltmgr.sys   Mon Jul 13 19:19:59 2009 (4A5BC11F)
fffff880`01200000 fffff880`0120a000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 19:19:45 2009 (4A5BC111)
fffff880`010ad000 fffff880`010e7000   fvevol   fvevol.sys   Mon Jul 13 19:22:15 2009 (4A5BC1A7)
fffff880`0290c000 fffff880`02956000   fwpkclnt fwpkclnt.sys Mon Jul 13 19:21:08 2009 (4A5BC164)
fffff800`02c17000 fffff800`02c60000   hal      hal.dll      Mon Jul 13 21:27:36 2009 (4A5BDF08)
fffff880`04446000 fffff880`0446a000   HDAudBus HDAudBus.sys Mon Jul 13 20:06:13 2009 (4A5BCBF5)
fffff880`04eda000 fffff880`04f36000   HdAudio  HdAudio.sys  Mon Jul 13 20:06:59 2009 (4A5BCC23)
fffff880`061df000 fffff880`061f8000   HIDCLASS HIDCLASS.SYS Mon Jul 13 20:06:21 2009 (4A5BCBFD)
fffff880`06000000 fffff880`06008080   HIDPARSE HIDPARSE.SYS Mon Jul 13 20:06:17 2009 (4A5BCBF9)
fffff880`061d1000 fffff880`061df000   hidusb   hidusb.sys   Mon Jul 13 20:06:22 2009 (4A5BCBFE)
fffff880`0340c000 fffff880`034d4000   HTTP     HTTP.sys     Mon Jul 13 19:22:16 2009 (4A5BC1A8)
fffff880`0149d000 fffff880`014a6000   hwpolicy hwpolicy.sys Mon Jul 13 19:19:22 2009 (4A5BC0FA)
fffff880`03e88000 fffff880`03e9e000   intelppm intelppm.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD)
fffff880`029be000 fffff880`029dc000   ipfltdrv ipfltdrv.sys Mon Jul 13 20:10:03 2009 (4A5BCCDB)
fffff880`0403b000 fffff880`0404a000   kbdclass kbdclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`04f9b000 fffff880`04fa9000   kbdhid   kbdhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff800`00bb0000 fffff800`00bba000   kdcom    kdcom.dll    Mon Jul 13 21:31:07 2009 (4A5BDFDB)
fffff880`04e16000 fffff880`04e59000   ks       ks.sys       Mon Jul 13 20:00:31 2009 (4A5BCA9F)
fffff880`013d4000 fffff880`013ee000   ksecdd   ksecdd.sys   Mon Jul 13 19:20:54 2009 (4A5BC156)
fffff880`01460000 fffff880`0148b000   ksecpkg  ksecpkg.sys  Mon Jul 13 19:50:34 2009 (4A5BC84A)
fffff880`04f95000 fffff880`04f9a200   ksthunk  ksthunk.sys  Mon Jul 13 20:00:19 2009 (4A5BCA93)
fffff880`04e00000 fffff880`04e15000   lltdio   lltdio.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`04477000 fffff880`0449a000   luafv    luafv.sys    Mon Jul 13 19:26:13 2009 (4A5BC295)
fffff880`00cc0000 fffff880`00d04000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 21:29:10 2009 (4A5BDF66)
fffff880`0737d000 fffff880`07394600   mfeavfk  mfeavfk.sys  Fri Jul 31 18:02:42 2009 (4A736A02)
fffff880`03e00000 fffff880`03e49a00   mfehidk  mfehidk.sys  Fri Jul 31 17:59:58 2009 (4A73695E)
fffff880`07287000 fffff880`07291700   mfesmfk  mfesmfk.sys  Fri Jul 31 18:05:34 2009 (4A736AAE)
fffff880`061a4000 fffff880`061b2000   monitor  monitor.sys  Mon Jul 13 19:38:52 2009 (4A5BC58C)
fffff880`0404a000 fffff880`04059000   mouclass mouclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`04fa9000 fffff880`04fb6000   mouhid   mouhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff880`00d76000 fffff880`00d90000   mountmgr mountmgr.sys Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`02956000 fffff880`02993000   Mpfp     Mpfp.sys     Thu Apr 09 14:22:13 2009 (49DE3CD5)
fffff880`034f2000 fffff880`0350a000   mpsdrv   mpsdrv.sys   Mon Jul 13 20:08:25 2009 (4A5BCC79)
fffff880`0350a000 fffff880`03536000   mrxsmb   mrxsmb.sys   Mon Jul 13 19:23:59 2009 (4A5BC20F)
fffff880`03536000 fffff880`03583000   mrxsmb10 mrxsmb10.sys Mon Jul 13 19:24:08 2009 (4A5BC218)
fffff880`03583000 fffff880`035a6000   mrxsmb20 mrxsmb20.sys Mon Jul 13 19:24:05 2009 (4A5BC215)
fffff880`028f0000 fffff880`028fb000   Msfs     Msfs.SYS     Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00fe5000 fffff880`00fef000   msisadrv msisadrv.sys Mon Jul 13 19:19:26 2009 (4A5BC0FE)
fffff880`01150000 fffff880`011ae000   msrpc    msrpc.sys    Mon Jul 13 19:21:32 2009 (4A5BC17C)
fffff880`03fcb000 fffff880`03fd6000   mssmbios mssmbios.sys Mon Jul 13 19:31:10 2009 (4A5BC3BE)
fffff880`0148b000 fffff880`0149d000   mup      mup.sys      Mon Jul 13 19:23:45 2009 (4A5BC201)
fffff880`014b7000 fffff880`015a9000   ndis     ndis.sys     Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`04192000 fffff880`0419e000   ndistapi ndistapi.sys Mon Jul 13 20:10:00 2009 (4A5BCCD8)
fffff880`0419e000 fffff880`041cd000   ndiswan  ndiswan.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`04ec5000 fffff880`04eda000   NDProxy  NDProxy.SYS  Mon Jul 13 20:10:05 2009 (4A5BCCDD)
fffff880`03f13000 fffff880`03f22000   netbios  netbios.sys  Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff880`03e9f000 fffff880`03ee4000   netbt    netbt.sys    Mon Jul 13 19:21:28 2009 (4A5BC178)
fffff880`01400000 fffff880`01460000   NETIO    NETIO.SYS    Mon Jul 13 19:21:46 2009 (4A5BC18A)
fffff880`028fb000 fffff880`0290c000   Npfs     Npfs.SYS     Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`03fbf000 fffff880`03fcb000   nsiproxy nsiproxy.sys Mon Jul 13 19:21:02 2009 (4A5BC15E)
fffff800`02c60000 fffff800`0323d000   nt       ntkrnlmp.exe Mon Jul 13 19:40:48 2009 (4A5BC600)
fffff880`01231000 fffff880`013d4000   Ntfs     Ntfs.sys     Mon Jul 13 19:20:47 2009 (4A5BC14F)
fffff880`010e7000 fffff880`010f0000   Null     Null.SYS     Mon Jul 13 19:19:37 2009 (4A5BC109)
fffff880`03eed000 fffff880`03f13000   pacer    pacer.sys    Mon Jul 13 20:09:41 2009 (4A5BCCC5)
fffff880`00e40000 fffff880`00e55000   partmgr  partmgr.sys  Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`00e00000 fffff880`00e33000   pci      pci.sys      Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`00ec6000 fffff880`00ecd000   pciide   pciide.sys   Mon Jul 13 19:19:49 2009 (4A5BC115)
fffff880`00fef000 fffff880`00fff000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`013ee000 fffff880`013ff000   pcw      pcw.sys      Mon Jul 13 19:19:27 2009 (4A5BC0FF)
fffff880`06e50000 fffff880`06ef6000   peauth   peauth.sys   Mon Jul 13 21:01:19 2009 (4A5BD8DF)
fffff880`04f36000 fffff880`04f73000   portcls  portcls.sys  Mon Jul 13 20:06:27 2009 (4A5BCC03)
fffff880`00d04000 fffff880`00d18000   PSHED    PSHED.dll    Mon Jul 13 21:32:23 2009 (4A5BE027)
fffff880`0416e000 fffff880`04192000   rasl2tp  rasl2tp.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`041cd000 fffff880`041e8000   raspppoe raspppoe.sys Mon Jul 13 20:10:17 2009 (4A5BCCE9)
fffff880`04000000 fffff880`04021000   raspptp  raspptp.sys  Mon Jul 13 20:10:18 2009 (4A5BCCEA)
fffff880`04021000 fffff880`0403b000   rassstp  rassstp.sys  Mon Jul 13 20:10:25 2009 (4A5BCCF1)
fffff880`03f6e000 fffff880`03fbf000   rdbss    rdbss.sys    Mon Jul 13 19:24:09 2009 (4A5BC219)
fffff880`028d5000 fffff880`028de000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`028de000 fffff880`028e7000   rdpencdd rdpencdd.sys Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`028e7000 fffff880`028f0000   rdprefmp rdprefmp.sys Mon Jul 13 20:16:35 2009 (4A5BCE63)
fffff880`01073000 fffff880`010ad000   rdyboost rdyboost.sys Mon Jul 13 19:34:34 2009 (4A5BC48A)
fffff880`041e8000 fffff880`04200000   rspndr   rspndr.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`040cc000 fffff880`040fe000   Rt64win7 Rt64win7.sys Thu Feb 26 04:04:13 2009 (49A65B0D)
fffff880`0600f000 fffff880`0617a600   RTKVHD64 RTKVHD64.sys Tue Sep 09 06:06:40 2008 (48C64AB0)
fffff880`06ef6000 fffff880`06f01000   secdrv   secdrv.SYS   Wed Sep 13 09:18:38 2006 (4508052E)
fffff880`0413c000 fffff880`04148000   serenum  serenum.sys  Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`03f22000 fffff880`03f3f000   serial   serial.sys   Mon Jul 13 20:00:40 2009 (4A5BCAA8)
fffff880`015f5000 fffff880`015fd000   spldr    spldr.sys    Mon May 11 12:56:27 2009 (4A0858BB)
fffff880`072e5000 fffff880`0737d000   srv      srv.sys      Mon Jul 13 19:25:11 2009 (4A5BC257)
fffff880`06f40000 fffff880`06fa9000   srv2     srv2.sys     Mon Jul 13 19:25:02 2009 (4A5BC24E)
fffff880`06f01000 fffff880`06f2e000   srvnet   srvnet.sys   Mon Jul 13 19:24:58 2009 (4A5BC24A)
fffff880`04059000 fffff880`0405a480   swenum   swenum.sys   Mon Jul 13 20:00:18 2009 (4A5BCA92)
fffff880`03801000 fffff880`039fe000   tcpip    tcpip.sys    Mon Jul 13 19:25:34 2009 (4A5BC26E)
fffff880`06f2e000 fffff880`06f40000   tcpipreg tcpipreg.sys Mon Jul 13 20:09:49 2009 (4A5BCCCD)
fffff880`02993000 fffff880`029a0000   TDI      TDI.SYS      Mon Jul 13 19:21:18 2009 (4A5BC16E)
fffff880`029a0000 fffff880`029be000   tdx      tdx.sys      Mon Jul 13 19:21:15 2009 (4A5BC16B)
fffff880`03f5a000 fffff880`03f6e000   termdd   termdd.sys   Mon Jul 13 20:16:36 2009 (4A5BCE64)
fffff960`00500000 fffff960`0050a000   TSDDD    TSDDD.dll    Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`03fd6000 fffff880`03ffc000   tunnel   tunnel.sys   Mon Jul 13 20:09:37 2009 (4A5BCCC1)
fffff880`04e59000 fffff880`04e6b000   umbus    umbus.sys    Mon Jul 13 20:06:56 2009 (4A5BCC20)
fffff880`061b2000 fffff880`061cf000   usbccgp  usbccgp.sys  Mon Jul 13 20:06:45 2009 (4A5BCC15)
fffff880`061cf000 fffff880`061d0f00   USBD     USBD.SYS     Mon Jul 13 20:06:23 2009 (4A5BCBFF)
fffff880`040bb000 fffff880`040cc000   usbehci  usbehci.sys  Mon Jul 13 20:06:30 2009 (4A5BCC06)
fffff880`04e6b000 fffff880`04ec5000   usbhub   usbhub.sys   Mon Jul 13 20:07:09 2009 (4A5BCC2D)
fffff880`04065000 fffff880`040bb000   USBPORT  USBPORT.SYS  Mon Jul 13 20:06:31 2009 (4A5BCC07)
fffff880`0446a000 fffff880`04477000   usbuhci  usbuhci.sys  Mon Jul 13 20:06:27 2009 (4A5BCC03)
fffff880`00e33000 fffff880`00e40000   vdrvroot vdrvroot.sys Mon Jul 13 20:01:31 2009 (4A5BCADB)
fffff880`02892000 fffff880`028a0000   vga      vga.sys      Mon Jul 13 19:38:47 2009 (4A5BC587)
fffff880`028a0000 fffff880`028c5000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:38:51 2009 (4A5BC58B)
fffff880`00e55000 fffff880`00e6a000   volmgr   volmgr.sys   Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`00e6a000 fffff880`00ec6000   volmgrx  volmgrx.sys  Mon Jul 13 19:20:33 2009 (4A5BC141)
fffff880`015a9000 fffff880`015f5000   volsnap  volsnap.sys  Mon Jul 13 19:20:08 2009 (4A5BC128)
fffff880`03f3f000 fffff880`03f5a000   wanarp   wanarp.sys   Mon Jul 13 20:10:21 2009 (4A5BCCED)
fffff880`028c5000 fffff880`028d5000   watchdog watchdog.sys Mon Jul 13 19:37:35 2009 (4A5BC53F)
fffff880`00ed2000 fffff880`00f76000   Wdf01000 Wdf01000.sys Mon Jul 13 19:22:07 2009 (4A5BC19F)
fffff880`00f76000 fffff880`00f85000   WDFLDR   WDFLDR.SYS   Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`03ee4000 fffff880`03eed000   wfplwf   wfplwf.sys   Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff960`00060000 fffff960`0036f000   win32k   win32k.sys   Mon Jul 13 19:40:16 2009 (4A5BC5E0)
fffff880`00fdc000 fffff880`00fe5000   WMILIB   WMILIB.SYS   Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`07271000 fffff880`0727c000   WSDPrint WSDPrint.sys Mon Jul 13 20:39:20 2009 (4A5BD3B8)
fffff880`04bc5000 fffff880`04be6000   WudfPf   WudfPf.sys   Mon Jul 13 20:05:37 2009 (4A5BCBD1)

Unloaded modules:
fffff880`07200000 fffff880`07271000   spsys.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffff880`014a6000 fffff880`014b4000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffff880`01220000 fffff880`0122c000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffff880`011de000 fffff880`011e7000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffff880`011e7000 fffff880`011fa000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
```
All of these references to *memory_corruption *definitely could point to a driver, but we should also test memory and the hard drive (page file). A memory issue would also explain the variance in bugchecks.

If uninstalling *McAfee* doesn't help, download and run *MemTest86+*: www.memtest86.org

You need a blank CD or DVD and ISO burning software in order to run the test. If you need the software, I recommend *ImgBurn*: www.imgburn.com

Burn the CD and boot the computer from it. Let it run for at least seven passes and report any errors.

Good luck.


----------



## seenk (Dec 20, 2009)

Thanks DT Roberts

When I first had problems i ran the memory test while I was out, and it passed 4 times so I stopped it.

I'll try it again and see what happens.
Is there anything wrong with leaving it run all night?
Maybe I'll just start it tomorrow after work and run it for a couple hours.

Since uninstalling Mcafee i haven't had any errors when the computer or monitor goes to sleep, and the last error was when i did a mcafee scan, so I can't really test that again. Maybe I'll try a AVG scan tonight.


----------



## DT Roberts (Jun 22, 2009)

Nothing wrong with leaving it on all night, but it looks like it might not be necessary if you already ran it. Now that we think the memory is fine, it's time to test the hard drive. Open an elevated command prompt (*Start*>type *cmd*>right-click>*Run as administrator*) and run the command *chkdsk /r /f*. It may require a reboot. It can take a while, so just check back periodically if possible and let us know if it finds any errors.


----------



## seenk (Dec 20, 2009)

Well checkdisk passed and no errors were found.
I had to research how to find the log file to see if there were any errors, and stumbled upon the "windows log application" report where it saves the checkdisk report.

There are 25 errors since Dec 19 when I started up the computer for the first time. 9 of them refer to "Windows Live Movie Maker.exe" though I've never ran this program. Would something be trying to open this program to use it?
Edit: Found this article http://support.microsoft.com/kb/KB976229 so it looks like it's not a concern, though I've never opened the program so I'm not sure what is trying to access it

A few say "license acquisition failure" but I think I took care of that when using the auto phone service.

4 errors refer to "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll".

2 errors refer to "iexplore"

2 errors refer to "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".

I guess It's probably best to try and google these errors and see what I can find, and try to update or remove whatever I can.

I figured out how to save the errors to a tab delimited file as attached.
Does this help at all? Does this give any more signs as to what might be causing problems?

Thanks again!


----------



## seenk (Dec 20, 2009)

seenk said:


> 2 errors refer to "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".


Can you only edit your post once?
Some googling looks like I don't need adobe air, so I uninstalled it and acrobat.



seenk said:


> 4 errors refer to "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll".


And this also appears to belong with Windows Live as well, so I uninstalled all windows live essentials, and just reinstalled the few I wanted to see if it will help (photo gallery, movie maker-> only because it says it also installs microsoft application error reporting)


----------



## DT Roberts (Jun 22, 2009)

You can only edit your post for 30 minutes.

If we could see your application logs...please run these commands in order:

```
cd C:\Users\%username%\Documents
wevtutil qe System /c:35000 /rd:true /f:text > SysLog.txt
wevtutil qe Application /c:35000 /rd:true /f:text > AppLog.txt
```
Once it completes, navigate to your *Documents* folder and upload the files named *AppLog.txt* and *SysLog.txt*. Let us know if you have any more questions.


----------



## seenk (Dec 20, 2009)

Here they are...


----------



## DT Roberts (Jun 22, 2009)

Thanks for the files.

Look what we have here, courtesy of the application log...

```
Event[153]:
  Log Name: Application
  Source: SideBySide
  Date: 2009-12-23T03:43:10.000
  Event ID: 59
  Task: N/A
  Level: Error
  Opcode: N/A
  Keyword: Classic
  User: N/A
  User Name: N/A
  Computer: GamingDesktop
  Description: 
Activation context generation failed for "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll".Error in manifest or policy file "c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll" on line 2. Invalid Xml syntax.
```
What is *SideBySide*? All I can find is this: http://www.symantec.com/security_response/writeup.jsp?docid=2005-070514-5200-99


> Type: Adware
> Publisher: sidebysidesearch.com
> Risk Impact: Low
> File Names: sbss.exe
> Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP


We're going to have to get rid of that malware. I'm still digging, just thought I'd let you know what I found so far.

EDIT: It looks like *SideBySide* is effecting more than just the search helper, it looks like it was the reason that *Adobe AIR* was giving you trouble in the first place:

```
Event[155]:
  Log Name: Application
  Source: SideBySide
  Date: 2009-12-23T03:42:44.000
  Event ID: 63
  Task: N/A
  Level: Error
  Opcode: N/A
  Keyword: Classic
  User: N/A
  User Name: N/A
  Computer: GamingDesktop
  Description: 
Activation context generation failed for "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
```
EDIT 2: Same with *Movie Maker*...

```
Event[222]:
  Log Name: Application
  Source: SideBySide
  Date: 2009-12-22T21:44:28.000
  Event ID: 35
  Task: N/A
  Level: Error
  Opcode: N/A
  Keyword: Classic
  User: N/A
  User Name: N/A
  Computer: GamingDesktop
  Description: 
Activation context generation failed for "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use sxstrace.exe for detailed diagnosis.
```


----------



## DT Roberts (Jun 22, 2009)

I apologize for the double post, but I've edited enough for my own liking :laugh:

Have you activated your copy of Windows 7?

```
Event[1106]:
  Log Name: Application
  Source: Microsoft-Windows-Security-SPP
  Date: 2009-12-19T18:51:45.000
  Event ID: 1014
  Task: N/A
  Level: Error
  Opcode: N/A
  Keyword: Classic
  User: N/A
  User Name: N/A
  Computer: GamingDesktop
  Description: 
Acquisition of End User License failed. hr=0xC004C016
Sku Id=5e017a8a-f3f9-4167-b1bd-ba3e236a4d8f
```
You should definitely activate it ASAP. And, finally, the HAL is reporting a problem with your firmware:

```
Event[515]:
  Log Name: System
  Source: Microsoft-Windows-HAL
  Date: 2009-12-22T22:27:47.121
  Event ID: 12
  Task: N/A
  Level: Error
  Opcode: Info
  Keyword: N/A
  User: N/A
  User Name: N/A
  Computer: GamingDesktop
  Description: 
The platform firmware has corrupted memory across the previous system power transition.  Please check for updated firmware for your system.
```
Make sure you have the latest chipset drivers installed for your motherboard. They should be available from your manufacturer's website.

If you have questions about anything I've said, feel free to ask for clarification.


----------



## seenk (Dec 20, 2009)

http://www.microsoft.com/technet/support/ee/transform.aspx?ProdName=Windows+Operating+System&ProdVer=5.2&EvtID=59&EvtSrc=SideBySide&LCID=1033

Well, I think sidebyside is actually OK and not a spyware. The above link talks about having missing application, but it definately is the event ID 59. Oh and both AVG and stopzilla only found some tracking cookies, not the sidebyside virus, and I even made sure to run AVG in safe mode to check for it.

This link http://support.microsoft.com/kb/923014 this link talks about Microsoft Dynamics 3.0, but when searching, numerous people all keep saying to download the Microsoft Visual 2005 C++ redistributable package. Does windows 7 even use this?? I wonder if I should just give it a shot and see what happens.

Yes when I first put in my code it said it was expired, but I used the auto phone service and got it activated, so I think that part is all good.

I am going to update the chipset drivers right now, thanks!


----------



## seenk (Dec 20, 2009)

Well looky here:
http://support.microsoft.com/kb/976229
This is the exact error I keep getting once a day so something must be trying to open the moviemaker program, but what would that be? I've yet to ever open this program.
Edit: I opened the moviemaker application and the event error was logged 5 times when I opened it, but the program worked just fine. What would be trying to access this program every day?

I updated my chipset drivers which seemed to work fine.
Sometime on the 24th or 25th I got another blue screen error, but haven't gotten one since.


----------



## usasma (Apr 11, 2009)

> Resolution:
> 
> *No action is needed*. The side-by-side (SxS) DLL loader will load the 32-bit version of Wlmfds.dll correctly. This event that is logged *does not cause any functionality or stability problems* with Windows Live Movie Maker.


What this says is that the Side-By-Side errors are not a reason for your problems - because they don't cause stability problems.

The question of what's trying to open it will take even more diagnostics (which are beyond my ability to accomplish).


----------



## seenk (Dec 20, 2009)

thanks usasma, I figured as much but was just curious what would even be accessing that.

Well I just got another blue screen error while trying to install Hellgate: London game. 

Attached is the latest TSF Report.

I just want to thank everyone again for the time you are putting into helping me with this. Much appreciated!


----------



## usasma (Apr 11, 2009)

Try these tests (if you've passed them already it's OK to skip them):


> H/W Diagnostics:
> Please start by running these hardware diagnostics:
> http://www.carrona.org/memdiag.html (read the details at the link)
> http://www.carrona.org/hddiag.html (read the details at the link)
> ...


No great information from the dump files.
Summaries here:

```
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Debug session time: Thu Dec 24 10:58:18.748 2009 (GMT-5)
System Uptime: 0 days 9:46:25.763
BugCheck 1E, {ffffffffc0000005, fffff80002cf8b74, 0, ffffffffffffffff}
Probably caused by : memory_corruption ( nt!MiUnlinkFreeOrZeroedPage+1ca )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  dwm.exe
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Debug session time: Sat Dec 26 11:42:56.858 2009 (GMT-5)
System Uptime: 2 days 0:43:29.873
BugCheck A, {248, 2, 1, fffff80002ceba0e}
Probably caused by : win32k.sys ( win32k!memset+80 )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  iexplore.exe
```
Try running Driver Verifier using these settings:


> Using Driver Verifier is an iffy proposition. Most times it'll crash and it'll tell you what the driver is. But sometimes it'll crash and won't tell you the driver. Other times it'll crash before you can log in to Windows. If you can't get to Safe Mode, then you'll have to resort to offline editing of the registry to disable Driver Verifier.
> 
> So, I'd suggest that you first backup your stuff and then make sure you've got access to another computer so you can contact us if problems arise. Then make a System Restore point (so you can restore the system using the Vista Startup Repair feature).
> 
> ...


----------



## seenk (Dec 20, 2009)

well Panda Activescan is running right now, but I tried the driver verifier and got the blue screen before I could even get into windows.
I logged in, in safe mode and deleted the settings so I can get back into windows, but now how do I located the memory dump file??
Edit: Is the attached the correct file? It was under c:\windows\minidump


----------



## DT Roberts (Jun 22, 2009)

It is the correct file. 0xC4 pointing to...*szkg64.sys*?

```
Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\Devin\AppData\Local\Temp\Rar$DI00.154\122609-26005-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*f:\localsymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0xfffff800`02c60000 PsLoadedModuleList = 0xfffff800`02e9de50
Debug session time: Sat Dec 26 15:24:10.322 2009 (GMT-5)
System Uptime: 0 days 0:00:24.211
Loading Kernel Symbols
...............................................................
.............................................................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck C4, {f6, 4, fffffa800371d640, fffff88000da7d1b}

Unable to load image \SystemRoot\SySWOW64\DRIVERS\szkg64.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for szkg64.sys
*** ERROR: Module load completed but symbols could not be loaded for szkg64.sys
Probably caused by : szkg64.sys ( szkg64+6d1b )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
A device driver attempting to corrupt the system has been caught.  This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 00000000000000f6, Referencing user handle as KernelMode.
Arg2: 0000000000000004, Handle value being referenced.
Arg3: fffffa800371d640, Address of the current process.
Arg4: fffff88000da7d1b, Address inside the driver that is performing the incorrect reference.

Debugging Details:
------------------


BUGCHECK_STR:  0xc4_f6

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VERIFIER_ENABLED_VISTA_MINIDUMP

PROCESS_NAME:  avgcsrva.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from fffff8000315b3dc to fffff80002cd1f00

STACK_TEXT:  
fffff880`01faae98 fffff800`0315b3dc : 00000000`000000c4 00000000`000000f6 00000000`00000004 fffffa80`0371d640 : nt!KeBugCheckEx
fffff880`01faaea0 fffff800`03170ae4 : 00000000`00000004 fffffa80`0371d640 00000000`00000004 fffff880`01fab070 : nt!VerifierBugCheckIfAppropriate+0x3c
fffff880`01faaee0 fffff800`02f2c720 : 00000000`00000000 fffff880`01fab0e8 fffff880`01fab500 00000000`00000030 : nt!VfCheckUserHandle+0x1b4
fffff880`01faafc0 fffff800`02fe1350 : fffff800`02c60000 00000000`00001000 fffffa80`03689de0 00000000`00000000 : nt! ?? ::NNGAKEGL::`string'+0x2105e
fffff880`01fab090 fffff800`02cd1153 : 00000000`00000004 fffff800`02dd8132 fffff980`07996fd0 00000000`00000030 : nt!NtQueryInformationProcess+0x37f
fffff880`01fab500 fffff800`02ccd6f0 : fffff800`031601a3 fffffa80`06b8d000 fffff800`0316d09d fffff980`078347a0 : nt!KiSystemServiceCopyEnd+0x13
fffff880`01fab708 fffff800`031601a3 : fffffa80`06b8d000 fffff800`0316d09d fffff980`078347a0 fffff800`02e7f4a8 : nt!KiServiceLinkage
fffff880`01fab710 fffff880`00da7d1b : fffff980`07996fd0 fffff800`02e7f4a8 00000000`00000030 fffffa80`06b8d000 : nt!VfZwQueryInformationProcess+0x63
fffff880`01fab760 fffff980`07996fd0 : fffff800`02e7f4a8 00000000`00000030 fffffa80`06b8d000 fffff880`01fab7f0 : szkg64+0x6d1b
fffff880`01fab768 fffff800`02e7f4a8 : 00000000`00000030 fffffa80`06b8d000 fffff880`01fab7f0 fffff800`02e7f4a8 : 0xfffff980`07996fd0
fffff880`01fab770 00000000`00000030 : fffffa80`06b8d000 fffff880`01fab7f0 fffff800`02e7f4a8 00000000`000002b4 : nt!PspLoadImageNotifyRoutine+0x8
fffff880`01fab778 fffffa80`06b8d000 : fffff880`01fab7f0 fffff800`02e7f4a8 00000000`000002b4 00000000`00000000 : 0x30
fffff880`01fab780 fffff880`01fab7f0 : fffff800`02e7f4a8 00000000`000002b4 00000000`00000000 fffff880`00da986e : 0xfffffa80`06b8d000
fffff880`01fab788 fffff800`02e7f4a8 : 00000000`000002b4 00000000`00000000 fffff880`00da986e 00000000`00000038 : 0xfffff880`01fab7f0
fffff880`01fab790 00000000`000002b4 : 00000000`00000000 fffff880`00da986e 00000000`00000038 fffff980`00000030 : nt!PspLoadImageNotifyRoutine+0x8
fffff880`01fab798 00000000`00000000 : fffff880`00da986e 00000000`00000038 fffff980`00000030 00000000`00000000 : 0x2b4


STACK_COMMAND:  kb

FOLLOWUP_IP: 
szkg64+6d1b
fffff880`00da7d1b 488b8c24a0000000 mov     rcx,qword ptr [rsp+0A0h]

SYMBOL_STACK_INDEX:  8

SYMBOL_NAME:  szkg64+6d1b

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: szkg64

IMAGE_NAME:  szkg64.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4ac3b102

FAILURE_BUCKET_ID:  X64_0xc4_f6_VRF_szkg64+6d1b

BUCKET_ID:  X64_0xc4_f6_VRF_szkg64+6d1b

Followup: MachineOwner
---------

1: kd> lmvm szkg64
start             end                 module name
fffff880`00da1000 fffff880`00db7000   szkg64   T (no symbols)           
    Loaded symbol image file: szkg64.sys
    Image path: \SystemRoot\SySWOW64\DRIVERS\szkg64.sys
    Image name: szkg64.sys
    Timestamp:        Wed Sep 30 15:26:58 2009 (4AC3B102)
    CheckSum:         00020584
    ImageSize:        00016000
    Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4
1: kd> r
rax=fffff88000da7d1b rbx=00000000000000c4 rcx=00000000000000c4
rdx=00000000000000f6 rsi=0000000000000004 rdi=0000000000000000
rip=fffff80002cd1f00 rsp=fffff88001faae98 rbp=0000000000000004
 r8=0000000000000004  r9=fffffa800371d640 r10=fffff800031a8cac
r11=000000000000000d r12=0000000000000000 r13=0000000000000004
r14=0000000000000000 r15=fffffa800371d640
iopl=0         nv up ei pl zr na po nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00000246
nt!KeBugCheckEx:
fffff800`02cd1f00 48894c2408      mov     qword ptr [rsp+8],rcx ss:0018:fffff880`01faaea0=00000000000000c4
1: kd> k
Child-SP          RetAddr           Call Site
fffff880`01faae98 fffff800`0315b3dc nt!KeBugCheckEx
fffff880`01faaea0 fffff800`03170ae4 nt!VerifierBugCheckIfAppropriate+0x3c
fffff880`01faaee0 fffff800`02f2c720 nt!VfCheckUserHandle+0x1b4
fffff880`01faafc0 fffff800`02fe1350 nt! ?? ::NNGAKEGL::`string'+0x2105e
fffff880`01fab090 fffff800`02cd1153 nt!NtQueryInformationProcess+0x37f
fffff880`01fab500 fffff800`02ccd6f0 nt!KiSystemServiceCopyEnd+0x13
fffff880`01fab708 fffff800`031601a3 nt!KiServiceLinkage
fffff880`01fab710 fffff880`00da7d1b nt!VfZwQueryInformationProcess+0x63
fffff880`01fab760 fffff980`07996fd0 szkg64+0x6d1b
fffff880`01fab768 fffff800`02e7f4a8 0xfffff980`07996fd0
fffff880`01fab770 00000000`00000030 nt!PspLoadImageNotifyRoutine+0x8
fffff880`01fab778 fffffa80`06b8d000 0x30
fffff880`01fab780 fffff880`01fab7f0 0xfffffa80`06b8d000
fffff880`01fab788 fffff800`02e7f4a8 0xfffff880`01fab7f0
fffff880`01fab790 00000000`000002b4 nt!PspLoadImageNotifyRoutine+0x8
fffff880`01fab798 00000000`00000000 0x2b4
1: kd> kv
Child-SP          RetAddr           : Args to Child                                                           : Call Site
fffff880`01faae98 fffff800`0315b3dc : 00000000`000000c4 00000000`000000f6 00000000`00000004 fffffa80`0371d640 : nt!KeBugCheckEx
fffff880`01faaea0 fffff800`03170ae4 : 00000000`00000004 fffffa80`0371d640 00000000`00000004 fffff880`01fab070 : nt!VerifierBugCheckIfAppropriate+0x3c
fffff880`01faaee0 fffff800`02f2c720 : 00000000`00000000 fffff880`01fab0e8 fffff880`01fab500 00000000`00000030 : nt!VfCheckUserHandle+0x1b4
fffff880`01faafc0 fffff800`02fe1350 : fffff800`02c60000 00000000`00001000 fffffa80`03689de0 00000000`00000000 : nt! ?? ::NNGAKEGL::`string'+0x2105e
fffff880`01fab090 fffff800`02cd1153 : 00000000`00000004 fffff800`02dd8132 fffff980`07996fd0 00000000`00000030 : nt!NtQueryInformationProcess+0x37f
fffff880`01fab500 fffff800`02ccd6f0 : fffff800`031601a3 fffffa80`06b8d000 fffff800`0316d09d fffff980`078347a0 : nt!KiSystemServiceCopyEnd+0x13 (TrapFrame @ fffff880`01fab570)
fffff880`01fab708 fffff800`031601a3 : fffffa80`06b8d000 fffff800`0316d09d fffff980`078347a0 fffff800`02e7f4a8 : nt!KiServiceLinkage
fffff880`01fab710 fffff880`00da7d1b : fffff980`07996fd0 fffff800`02e7f4a8 00000000`00000030 fffffa80`06b8d000 : nt!VfZwQueryInformationProcess+0x63
fffff880`01fab760 fffff980`07996fd0 : fffff800`02e7f4a8 00000000`00000030 fffffa80`06b8d000 fffff880`01fab7f0 : szkg64+0x6d1b
fffff880`01fab768 fffff800`02e7f4a8 : 00000000`00000030 fffffa80`06b8d000 fffff880`01fab7f0 fffff800`02e7f4a8 : 0xfffff980`07996fd0
fffff880`01fab770 00000000`00000030 : fffffa80`06b8d000 fffff880`01fab7f0 fffff800`02e7f4a8 00000000`000002b4 : nt!PspLoadImageNotifyRoutine+0x8
fffff880`01fab778 fffffa80`06b8d000 : fffff880`01fab7f0 fffff800`02e7f4a8 00000000`000002b4 00000000`00000000 : 0x30
fffff880`01fab780 fffff880`01fab7f0 : fffff800`02e7f4a8 00000000`000002b4 00000000`00000000 fffff880`00da986e : 0xfffffa80`06b8d000
fffff880`01fab788 fffff800`02e7f4a8 : 00000000`000002b4 00000000`00000000 fffff880`00da986e 00000000`00000038 : 0xfffff880`01fab7f0
fffff880`01fab790 00000000`000002b4 : 00000000`00000000 fffff880`00da986e 00000000`00000038 fffff980`00000030 : nt!PspLoadImageNotifyRoutine+0x8
fffff880`01fab798 00000000`00000000 : fffff880`00da986e 00000000`00000038 fffff980`00000030 00000000`00000000 : 0x2b4
```
I can find no information on this whatsoever, but *szkg.sys* belongs to the software* STOPzilla!*, which I've never heard of. Uninstall that program and see if BSOD's persist.


----------



## seenk (Dec 20, 2009)

Ha Stopzilla was a free program sort of like AVG that I downloaded to scan the computer to see if AVG missed something. I removed it and so far so good! 

I scanned the computer with that panda activescan, and it just found some low level tracking cookies that AVG was already picking up.

The only error I get is that sidebyside that the microsoft note said to ignore.
I tried running verifier again and couldn't get a blue screen to come up!:laugh: My games all installed fine once that stopzilla was gone.

So I'm gonna see how the next few days go and post up again if everything is working. Thanks everyone! ray:


----------



## seenk (Dec 20, 2009)

well i got a good half hour or so of playing hellgate at least.
I got another blue screen errror while playing, so attached is the file from running verifier. I'm running the game in vista Compatibility mode as well since it wasn't designed and isn't updated for windows 7.

If someone could look at this file for me again? Thanks


----------



## usasma (Apr 11, 2009)

> Reboot into Windows (after the crash) and *turn off Driver Verifier* by going back in and selecting "Delete existing settings" on the first page, then locate and zip up the memory dump file and upload it with your next post.


----------



## seenk (Dec 20, 2009)

Oops sorry, must read better
I had to add "02" on the end of the file name, because it said I had already attached this file in this thread


----------



## seenk (Dec 20, 2009)

bump 
can someone have a quick look?
I'm hoping this should be the last error, it seems to be working much better.


----------



## DT Roberts (Jun 22, 2009)

It's beginning to look like an issue with the motherboard's memory controller, or perhaps your chipset drivers.

```
Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\Devin\AppData\Local\Temp\Rar$DI00.007\122709-23665-01-02.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*f:\localsymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0xfffff800`02c02000 PsLoadedModuleList = 0xfffff800`02e3fe50
Debug session time: Sun Dec 27 12:26:36.184 2009 (GMT-5)
System Uptime: 0 days 1:21:23.199
Loading Kernel Symbols
...............................................................
................................................................
...................
Loading User Symbols
Loading unloaded module list
.......
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 3B, {c0000005, fffff80002d20dbf, fffff88006578ee0, 0}

Probably caused by : memory_corruption ( nt!MiRelinkStandbyPage+8f )

Followup: MachineOwner
---------

6: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff80002d20dbf, Address of the exception record for the exception that caused the bugcheck
Arg3: fffff88006578ee0, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
nt!MiRelinkStandbyPage+8f
fffff800`02d20dbf 440fb6421b      movzx   r8d,byte ptr [rdx+1Bh]

CONTEXT:  fffff88006578ee0 -- (.cxr 0xfffff88006578ee0)
rax=0000000000000006 rbx=0000000000000006 rcx=000000000000952f
rdx=0001aa800016f110 rsi=000000000000001e rdi=fffffa8000c9c030
rip=fffff80002d20dbf rsp=fffff880065798c0 rbp=0000000000000005
 r8=fffff880065798f0  r9=0000000000000002 r10=fffffa800480c2d0
r11=0000090000007a5b r12=fffff80002dfec80 r13=0000000000000000
r14=0000058000000000 r15=0000000000000000
iopl=0         nv up ei pl nz na pe nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010202
nt!MiRelinkStandbyPage+0x8f:
fffff800`02d20dbf 440fb6421b      movzx   r8d,byte ptr [rdx+1Bh] ds:002b:0001aa80`0016f12b=??
Resetting default scope

CUSTOMER_CRASH_COUNT:  2

DEFAULT_BUCKET_ID:  VERIFIER_ENABLED_VISTA_MINIDUMP

BUGCHECK_STR:  0x3B

PROCESS_NAME:  svchost.exe

CURRENT_IRQL:  2

LAST_CONTROL_TRANSFER:  from 0000000000000000 to fffff80002d20dbf

STACK_TEXT:  
fffff880`065798c0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!MiRelinkStandbyPage+0x8f


FOLLOWUP_IP: 
nt!MiRelinkStandbyPage+8f
fffff800`02d20dbf 440fb6421b      movzx   r8d,byte ptr [rdx+1Bh]

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!MiRelinkStandbyPage+8f

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc600

STACK_COMMAND:  .cxr 0xfffff88006578ee0 ; kb

IMAGE_NAME:  memory_corruption

FAILURE_BUCKET_ID:  X64_0x3B_VRF_nt!MiRelinkStandbyPage+8f

BUCKET_ID:  X64_0x3B_VRF_nt!MiRelinkStandbyPage+8f

Followup: MachineOwner
---------

6: kd> r
rax=fffff88006578720 rbx=fffff80002dc21e8 rcx=000000000000003b
rdx=00000000c0000005 rsi=fffff80002c02000 rdi=0000000000000000
rip=fffff80002c73f00 rsp=fffff88006578618 rbp=0000000000000000
 r8=fffff80002d20dbf  r9=fffff88006578ee0 r10=0000000000000000
r11=fffff88006578818 r12=fffff80002c73153 r13=fffff80002e80354
r14=fffff80002c72d40 r15=0000000000000000
iopl=0         nv up ei ng nz na pe nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00000282
nt!KeBugCheckEx:
fffff800`02c73f00 48894c2408      mov     qword ptr [rsp+8],rcx ss:0018:fffff880`06578620=000000000000003b
6: kd> k
Child-SP          RetAddr           Call Site
fffff880`06578618 fffff800`02c73469 nt!KeBugCheckEx
fffff880`06578620 fffff800`02c72dbc nt!KiBugCheckDispatch+0x69
fffff880`06578760 fffff800`02c99bed nt!KiSystemServiceHandler+0x7c
fffff880`065787a0 fffff800`02ca1250 nt!RtlpExecuteHandlerForException+0xd
fffff880`065787d0 fffff800`02cae1b5 nt!RtlDispatchException+0x410
fffff880`06578eb0 fffff800`02c73542 nt!KiDispatchException+0x135
fffff880`06579550 00000000`00000000 nt!KiExceptionDispatch+0xc2
6: kd> kv
Child-SP          RetAddr           : Args to Child                                                           : Call Site
fffff880`06578618 fffff800`02c73469 : 00000000`0000003b 00000000`c0000005 fffff800`02d20dbf fffff880`06578ee0 : nt!KeBugCheckEx
fffff880`06578620 fffff800`02c72dbc : fffff880`06579688 fffff880`06578ee0 00000000`00000000 fffff800`02ca2450 : nt!KiBugCheckDispatch+0x69
fffff880`06578760 fffff800`02c99bed : fffff800`02ea5158 00000000`00000000 fffff800`02c02000 fffff880`06579688 : nt!KiSystemServiceHandler+0x7c
fffff880`065787a0 fffff800`02ca1250 : fffff800`02dc21e8 fffff880`06578818 fffff880`06579688 fffff800`02c02000 : nt!RtlpExecuteHandlerForException+0xd
fffff880`065787d0 fffff800`02cae1b5 : fffff880`06579688 fffff880`06578ee0 fffff880`00000000 fffffa80`00c9c030 : nt!RtlDispatchException+0x410
fffff880`06578eb0 fffff800`02c73542 : fffff880`06579688 00000000`00000006 fffff880`06579730 00000000`0000001e : nt!KiDispatchException+0x135
fffff880`06579550 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0xc2
6: kd> lmntsm
start             end                 module name
fffff880`04059000 fffff880`04097000   1394ohci 1394ohci.sys Mon Jul 13 20:07:12 2009 (4A5BCC30)
fffff880`00f32000 fffff880`00f89000   ACPI     ACPI.sys     Mon Jul 13 19:19:34 2009 (4A5BC106)
fffff880`03f3d000 fffff880`03fc7000   afd      afd.sys      Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`0121b000 fffff880`01231000   AgileVpn AgileVpn.sys Mon Jul 13 20:10:24 2009 (4A5BCCF0)
fffff880`01085000 fffff880`01090000   amdxata  amdxata.sys  Tue May 19 13:56:59 2009 (4A12F2EB)
fffff880`06a00000 fffff880`06a0b000   asyncmac asyncmac.sys Mon Jul 13 20:10:13 2009 (4A5BCCE5)
fffff880`00db9000 fffff880`00dc2000   atapi    atapi.sys    Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00dc2000 fffff880`00dec000   ataport  ataport.SYS  Mon Jul 13 19:19:52 2009 (4A5BC118)
fffff880`046d1000 fffff880`04d07000   atikmdag atikmdag.sys Tue Nov 24 22:44:50 2009 (4B0CA832)
fffff960`008d0000 fffff960`00931000   ATMFD    ATMFD.DLL    unavailable (00000000)
fffff880`04159000 fffff880`041c6000   avgldx64 avgldx64.sys Sun Sep 20 11:04:15 2009 (4AB6446F)
fffff880`04152000 fffff880`04158bc0   avgmfx64 avgmfx64.sys Tue Oct 13 03:25:18 2009 (4AD42B5E)
fffff880`03e83000 fffff880`03ef8000   avgtdia  avgtdia.sys  Mon Nov 02 08:26:13 2009 (4AEEDDF5)
fffff880`01699000 fffff880`016a0000   Beep     Beep.SYS     Mon Jul 13 20:00:13 2009 (4A5BCA8D)
fffff880`04141000 fffff880`04152000   blbdrive blbdrive.sys Mon Jul 13 19:35:59 2009 (4A5BC4DF)
fffff880`05324000 fffff880`05342000   bowser   bowser.sys   Mon Jul 13 19:23:50 2009 (4A5BC206)
fffff960`00760000 fffff960`00787000   cdd      cdd.dll      unavailable (00000000)
fffff880`02441000 fffff880`0245e000   cdfs     cdfs.sys     Mon Jul 13 19:19:46 2009 (4A5BC112)
fffff880`01666000 fffff880`01690000   cdrom    cdrom.sys    Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`00ccf000 fffff880`00d8f000   CI       CI.dll       Mon Jul 13 21:32:13 2009 (4A5BE01D)
fffff880`01600000 fffff880`01630000   CLASSPNP CLASSPNP.SYS Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`00c71000 fffff880`00ccf000   CLFS     CLFS.SYS     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`0114e000 fffff880`011c1000   cng      cng.sys      Mon Jul 13 19:49:40 2009 (4A5BC814)
fffff880`041ec000 fffff880`041fc000   CompositeBus CompositeBus.sys Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`024a9000 fffff880`024b7000   crashdmp crashdmp.sys Mon Jul 13 20:01:01 2009 (4A5BCABD)
fffff880`04123000 fffff880`04141000   dfsc     dfsc.sys     Mon Jul 13 19:23:44 2009 (4A5BC200)
fffff880`04114000 fffff880`04123000   discache discache.sys Mon Jul 13 19:37:18 2009 (4A5BC52E)
fffff880`017d8000 fffff880`017ee000   disk     disk.sys     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`051ca000 fffff880`051ec000   drmk     drmk.sys     Mon Jul 13 21:01:25 2009 (4A5BD8E5)
fffff880`024c3000 fffff880`024cc000   dump_atapi dump_atapi.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`024b7000 fffff880`024c3000   dump_dumpata dump_dumpata.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`024cc000 fffff880`024df000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
fffff880`06200000 fffff880`0620c000   Dxapi    Dxapi.sys    Mon Jul 13 19:38:28 2009 (4A5BC574)
fffff880`04d07000 fffff880`04dfb000   dxgkrnl  dxgkrnl.sys  Thu Oct 01 21:00:14 2009 (4AC5509E)
fffff880`04600000 fffff880`04646000   dxgmms1  dxgmms1.sys  Mon Jul 13 19:38:32 2009 (4A5BC578)
fffff880`010dc000 fffff880`010f0000   fileinfo fileinfo.sys Mon Jul 13 19:34:25 2009 (4A5BC481)
fffff880`01090000 fffff880`010dc000   fltmgr   fltmgr.sys   Mon Jul 13 19:19:59 2009 (4A5BC11F)
fffff880`01211000 fffff880`0121b000   Fs_Rec   Fs_Rec.sys   unavailable (00000000)
fffff880`0179e000 fffff880`017d8000   fvevol   fvevol.sys   Mon Jul 13 19:22:15 2009 (4A5BC1A7)
fffff880`03e0e000 fffff880`03e58000   fwpkclnt fwpkclnt.sys Mon Jul 13 19:21:08 2009 (4A5BC164)
fffff800`031df000 fffff800`03228000   hal      hal.dll      Mon Jul 13 21:27:36 2009 (4A5BDF08)
fffff880`04646000 fffff880`0466a000   HDAudBus HDAudBus.sys Mon Jul 13 20:06:13 2009 (4A5BCBF5)
fffff880`05000000 fffff880`0505c000   HdAudio  HdAudio.sys  Mon Jul 13 20:06:59 2009 (4A5BCC23)
fffff880`0246c000 fffff880`02485000   HIDCLASS HIDCLASS.SYS Mon Jul 13 20:06:21 2009 (4A5BCBFD)
fffff880`02485000 fffff880`0248d080   HIDPARSE HIDPARSE.SYS Mon Jul 13 20:06:17 2009 (4A5BCBF9)
fffff880`0245e000 fffff880`0246c000   hidusb   hidusb.sys   Mon Jul 13 20:06:22 2009 (4A5BCBFE)
fffff880`0525c000 fffff880`05324000   HTTP     HTTP.sys     Mon Jul 13 19:22:16 2009 (4A5BC1A8)
fffff880`01795000 fffff880`0179e000   hwpolicy hwpolicy.sys Mon Jul 13 19:19:22 2009 (4A5BC0FA)
fffff880`04000000 fffff880`04016000   intelppm intelppm.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD)
fffff880`01038000 fffff880`01056000   jraid    jraid.sys    Thu Aug 13 04:10:27 2009 (4A83CA73)
fffff880`050e6000 fffff880`050f5000   kbdclass kbdclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`0248e000 fffff880`0249c000   kbdhid   kbdhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff800`00b99000 fffff800`00ba3000   kdcom    kdcom.dll    Mon Jul 13 21:31:07 2009 (4A5BDFDB)
fffff880`05106000 fffff880`05149000   ks       ks.sys       Mon Jul 13 20:00:31 2009 (4A5BCA9F)
fffff880`013e0000 fffff880`013fa000   ksecdd   ksecdd.sys   Mon Jul 13 19:20:54 2009 (4A5BC156)
fffff880`01460000 fffff880`0148b000   ksecpkg  ksecpkg.sys  Mon Jul 13 19:50:34 2009 (4A5BC84A)
fffff880`051ec000 fffff880`051f1200   ksthunk  ksthunk.sys  Mon Jul 13 20:00:19 2009 (4A5BCA93)
fffff880`02573000 fffff880`02588000   lltdio   lltdio.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`024ed000 fffff880`02510000   luafv    luafv.sys    Mon Jul 13 19:26:13 2009 (4A5BC295)
fffff880`00c19000 fffff880`00c5d000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 21:29:10 2009 (4A5BDF66)
fffff880`024df000 fffff880`024ed000   monitor  monitor.sys  Mon Jul 13 19:38:52 2009 (4A5BC58C)
fffff880`050f5000 fffff880`05104000   mouclass mouclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`0249c000 fffff880`024a9000   mouhid   mouhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff880`00d9f000 fffff880`00db9000   mountmgr mountmgr.sys Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`05342000 fffff880`0535a000   mpsdrv   mpsdrv.sys   Mon Jul 13 20:08:25 2009 (4A5BCC79)
fffff880`0535a000 fffff880`05386000   mrxsmb   mrxsmb.sys   Mon Jul 13 19:23:59 2009 (4A5BC20F)
fffff880`05386000 fffff880`053d3000   mrxsmb10 mrxsmb10.sys Mon Jul 13 19:24:08 2009 (4A5BC218)
fffff880`053d3000 fffff880`053f6000   mrxsmb20 mrxsmb20.sys Mon Jul 13 19:24:05 2009 (4A5BC215)
fffff880`0148b000 fffff880`01496000   Msfs     Msfs.SYS     Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00f92000 fffff880`00f9c000   msisadrv msisadrv.sys Mon Jul 13 19:19:26 2009 (4A5BC0FE)
fffff880`010f0000 fffff880`0114e000   msrpc    msrpc.sys    unavailable (00000000)
fffff880`04109000 fffff880`04114000   mssmbios mssmbios.sys Mon Jul 13 19:31:10 2009 (4A5BC3BE)
fffff880`01783000 fffff880`01795000   mup      mup.sys      Mon Jul 13 19:23:45 2009 (4A5BC201)
fffff880`014d5000 fffff880`015c7000   ndis     ndis.sys     Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`03e00000 fffff880`03e0c000   ndistapi ndistapi.sys Mon Jul 13 20:10:00 2009 (4A5BCCD8)
fffff880`01000000 fffff880`0102f000   ndiswan  ndiswan.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`051b5000 fffff880`051ca000   NDProxy  NDProxy.SYS  Mon Jul 13 20:10:05 2009 (4A5BCCDD)
fffff880`014a7000 fffff880`014b6000   netbios  netbios.sys  Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff880`03ef8000 fffff880`03f3d000   netbt    netbt.sys    Mon Jul 13 19:21:28 2009 (4A5BC178)
fffff880`01400000 fffff880`01460000   NETIO    NETIO.SYS    Mon Jul 13 19:21:46 2009 (4A5BC18A)
fffff880`01496000 fffff880`014a7000   Npfs     Npfs.SYS     Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`040fd000 fffff880`04109000   nsiproxy nsiproxy.sys Mon Jul 13 19:21:02 2009 (4A5BC15E)
fffff800`02c02000 fffff800`031df000   nt       ntkrnlmp.exe Mon Jul 13 19:40:48 2009 (4A5BC600)
fffff880`0123d000 fffff880`013e0000   Ntfs     Ntfs.sys     Mon Jul 13 19:20:47 2009 (4A5BC14F)
fffff880`01690000 fffff880`01699000   Null     Null.SYS     Mon Jul 13 19:19:37 2009 (4A5BC109)
fffff880`03fd0000 fffff880`03ff6000   pacer    pacer.sys    Mon Jul 13 20:09:41 2009 (4A5BCCC5)
fffff880`00fdc000 fffff880`00ff1000   partmgr  partmgr.sys  Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`00ff1000 fffff880`00ffc000   pavboot64 pavboot64.sys Mon Jun 29 07:50:23 2009 (4A48AA7F)
fffff880`00f9c000 fffff880`00fcf000   pci      pci.sys      Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`00e71000 fffff880`00e78000   pciide   pciide.sys   Mon Jul 13 19:19:49 2009 (4A5BC115)
fffff880`00d8f000 fffff880`00d9f000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`01200000 fffff880`01211000   pcw      pcw.sys      Mon Jul 13 19:19:27 2009 (4A5BC0FF)
fffff880`06649000 fffff880`066ef000   peauth   peauth.sys   Mon Jul 13 21:01:19 2009 (4A5BD8DF)
fffff880`0505c000 fffff880`05099000   portcls  portcls.sys  Mon Jul 13 20:06:27 2009 (4A5BCC03)
fffff880`00c5d000 fffff880`00c71000   PSHED    PSHED.dll    Mon Jul 13 21:32:23 2009 (4A5BE027)
fffff880`011c1000 fffff880`011e5000   rasl2tp  rasl2tp.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`011e5000 fffff880`01200000   raspppoe raspppoe.sys Mon Jul 13 20:10:17 2009 (4A5BCCE9)
fffff880`050ab000 fffff880`050cc000   raspptp  raspptp.sys  Mon Jul 13 20:10:18 2009 (4A5BCCEA)
fffff880`050cc000 fffff880`050e6000   rassstp  rassstp.sys  Mon Jul 13 20:10:25 2009 (4A5BCCF1)
fffff880`040ac000 fffff880`040fd000   rdbss    rdbss.sys    Mon Jul 13 19:24:09 2009 (4A5BC219)
fffff880`016e3000 fffff880`016ec000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`016ec000 fffff880`016f5000   rdpencdd rdpencdd.sys Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`017ee000 fffff880`017f7000   rdprefmp rdprefmp.sys Mon Jul 13 20:16:35 2009 (4A5BCE63)
fffff880`01749000 fffff880`01783000   rdyboost rdyboost.sys Mon Jul 13 19:34:34 2009 (4A5BC48A)
fffff880`02588000 fffff880`025a0000   rspndr   rspndr.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`04027000 fffff880`04059000   Rt64win7 Rt64win7.sys Thu Feb 26 04:04:13 2009 (49A65B0D)
fffff880`06218000 fffff880`063fc480   RTKVHD64 RTKVHD64.sys Tue Aug 25 07:28:04 2009 (4A93CAC4)
fffff880`01056000 fffff880`01085000   SCSIPORT SCSIPORT.SYS Mon Jul 13 20:01:04 2009 (4A5BCAC0)
fffff880`066ef000 fffff880`066fa000   secdrv   secdrv.SYS   Wed Sep 13 09:18:38 2006 (4508052E)
fffff880`04097000 fffff880`040a3000   serenum  serenum.sys  Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`014b6000 fffff880`014d3000   serial   serial.sys   Mon Jul 13 20:00:40 2009 (4A5BCAA8)
fffff880`01741000 fffff880`01749000   spldr    spldr.sys    Mon May 11 12:56:27 2009 (4A0858BB)
fffff880`06aeb000 fffff880`06b83000   srv      srv.sys      Mon Jul 13 19:25:11 2009 (4A5BC257)
fffff880`06739000 fffff880`067a2000   srv2     srv2.sys     Mon Jul 13 19:25:02 2009 (4A5BC24E)
fffff880`066fa000 fffff880`06727000   srvnet   srvnet.sys   Mon Jul 13 19:24:58 2009 (4A5BC24A)
fffff880`05104000 fffff880`05105480   swenum   swenum.sys   Mon Jul 13 20:00:18 2009 (4A5BCA92)
fffff880`02a00000 fffff880`02bfd000   tcpip    tcpip.sys    Mon Jul 13 19:25:34 2009 (4A5BC26E)
fffff880`06727000 fffff880`06739000   tcpipreg tcpipreg.sys Mon Jul 13 20:09:49 2009 (4A5BCCCD)
fffff880`03e76000 fffff880`03e83000   TDI      TDI.SYS      Mon Jul 13 19:21:18 2009 (4A5BC16E)
fffff880`03e58000 fffff880`03e76000   tdx      tdx.sys      Mon Jul 13 19:21:15 2009 (4A5BC16B)
fffff880`015e2000 fffff880`015f6000   termdd   termdd.sys   Mon Jul 13 20:16:36 2009 (4A5BCE64)
fffff960`00490000 fffff960`0049a000   TSDDD    TSDDD.dll    Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`041c6000 fffff880`041ec000   tunnel   tunnel.sys   Mon Jul 13 20:09:37 2009 (4A5BCCC1)
fffff880`05149000 fffff880`0515b000   umbus    umbus.sys    Mon Jul 13 20:06:56 2009 (4A5BCC20)
fffff880`01630000 fffff880`0164d000   usbccgp  usbccgp.sys  Mon Jul 13 20:06:45 2009 (4A5BCC15)
fffff880`0620c000 fffff880`0620df00   USBD     USBD.SYS     Mon Jul 13 20:06:23 2009 (4A5BCBFF)
fffff880`04016000 fffff880`04027000   usbehci  usbehci.sys  Mon Jul 13 20:06:30 2009 (4A5BCC06)
fffff880`0515b000 fffff880`051b5000   usbhub   usbhub.sys   Mon Jul 13 20:07:09 2009 (4A5BCC2D)
fffff880`04677000 fffff880`046cd000   USBPORT  USBPORT.SYS  Mon Jul 13 20:06:31 2009 (4A5BCC07)
fffff880`0466a000 fffff880`04677000   usbuhci  usbuhci.sys  Mon Jul 13 20:06:27 2009 (4A5BCC03)
fffff880`00fcf000 fffff880`00fdc000   vdrvroot vdrvroot.sys Mon Jul 13 20:01:31 2009 (4A5BCADB)
fffff880`016a0000 fffff880`016ae000   vga      vga.sys      Mon Jul 13 19:38:47 2009 (4A5BC587)
fffff880`016ae000 fffff880`016d3000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:38:51 2009 (4A5BC58B)
fffff880`00e00000 fffff880`00e15000   volmgr   volmgr.sys   Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`00e15000 fffff880`00e71000   volmgrx  volmgrx.sys  unavailable (00000000)
fffff880`016f5000 fffff880`01741000   volsnap  volsnap.sys  Mon Jul 13 19:20:08 2009 (4A5BC128)
fffff880`015c7000 fffff880`015e2000   wanarp   wanarp.sys   Mon Jul 13 20:10:21 2009 (4A5BCCED)
fffff880`016d3000 fffff880`016e3000   watchdog watchdog.sys Mon Jul 13 19:37:35 2009 (4A5BC53F)
fffff880`00e7f000 fffff880`00f23000   Wdf01000 Wdf01000.sys Mon Jul 13 19:22:07 2009 (4A5BC19F)
fffff880`00f23000 fffff880`00f32000   WDFLDR   WDFLDR.SYS   Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`03fc7000 fffff880`03fd0000   wfplwf   wfplwf.sys   Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff960`00000000 fffff960`0030f000   win32k   win32k.sys   Mon Jul 13 19:40:16 2009 (4A5BC5E0)
fffff880`02531000 fffff880`02542000   WinUsb   WinUsb.sys   Mon Jul 13 20:06:28 2009 (4A5BCC04)
fffff880`00f89000 fffff880`00f92000   WMILIB   WMILIB.SYS   Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`06b83000 fffff880`06b8e000   WSDPrint WSDPrint.sys Mon Jul 13 20:39:20 2009 (4A5BD3B8)
fffff880`02510000 fffff880`02531000   WudfPf   WudfPf.sys   Mon Jul 13 20:05:37 2009 (4A5BCBD1)
fffff880`02542000 fffff880`02573000   WUDFRd   WUDFRd.sys   Mon Jul 13 20:06:06 2009 (4A5BCBEE)

Unloaded modules:
fffff880`06b8e000 fffff880`06bff000   spsys.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffff880`05099000 fffff880`050aa000   WinUsb.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffff880`01630000 fffff880`01661000   WUDFRd.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffff880`01630000 fffff880`0163e000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffff880`0163e000 fffff880`0164a000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffff880`0164a000 fffff880`01653000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffff880`01653000 fffff880`01666000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
```
Download and install the latest drivers from your motherboard manufacturer's website. If that doesn't help, we'll have to check BIOS voltage settings.


----------



## usasma (Apr 11, 2009)

This is a Verifier Enabled Minidump file - as such it should be showing the cause of the crash.

But it's showing that the kernel is to blame. If the kernel were actually at fault, you'd be having many more problems than you actually are having.

So, we're left with hardware issues or Windows issues. Hardware issues are more common - but troubleshooting them requires swapping out components.

I'd suggest, at this point, that you're looking at a clean installation of Windows (without anything additional being added) in order to rule out Windows corruption.


----------



## seenk (Dec 20, 2009)

Well I was getting ready to try and reinstall windows and found a new event viewer error from yesterday. It says:


> wuaueng.dll (1312) SUS20ClientDataStore: The database page read from the file "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" at offset 6717440 (0x0000000000668000) (database page 204 (0xCC)) for 32768 (0x00008000) bytes failed verification due to a page checksum mismatch. The expected checksum was [2a332a332e0e7ea8:6cb893475257835c:030a030a374cf6e1:090bf6f44e540093] and the actual checksum was [d68b2974753925ef:59565956525a835c:030a030a374cf6e1:67a267a24e7d0093]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.


Event ID 474; Source: ESENT

The only other errors I've been getting is Hellgate:London game freezing up, but it isn't supported for Windows 7 so that may be the problem.

Also, I haven't gotten a Kernal error since the 27th.

So now I'm thinking these signs are pointing to hardware failure. I can still try my recovery CD to reinstall windows I guess. What's best for a clean install? Format the hard drive, or just use the recovery disk I got?


----------



## DT Roberts (Jun 22, 2009)

The best way to wipe a hard drive is to use *KilllDisk*: www.killdisk.com

It's a bootable ISO used to completely wipe a hard drive clean. Burn it to a CD the same way you did with *MemTest86+* (using *ImgBurn*) and boot from the CD. Follow the instructions to wipe the hard drive, then boot from the installation CD and install Windows.

Good luck.


----------



## seenk (Dec 20, 2009)

DT Roberts said:


> It's beginning to look like an issue with the motherboard's memory controller, or perhaps your chipset drivers.
> 
> Download and install the latest drivers from your motherboard manufacturer's website. If that doesn't help, we'll have to check BIOS voltage settings.


OK I'm going to try reinstalling windows.
If that doesn't work, the above may be a good start? When I googled the Kernal errors, I found a suggestion that someone turned up the voltage in the BIOS just a small amount and it fixed their errors, but I have no idea how that affects the system.

Anyways, thanks again!


----------



## seenk (Dec 20, 2009)

Well, not sure what to make of this but ran killdisk and wiped the hard drive. Windows started installing, got to 99% done extracting the windows files and preparing to install, than got the blue screen. It says:

A problem has been detected and windows has been shut down to prevent damage to your computer.

If this is the first time you've seen this stop error screen, restart your computer. If this screen appears again, follow these steps:

Run a system diagnostic utility supplied by your hardware manufacturer. In particular, run a memory check, and check for faulty or mismatched memory. Try changing video adapters.

Disable or remove any newly installed hardware and drivers. Disable or remove any newly installed software. If you need to use safe mode to remove or disable components, restart your computer, press F8 to select advanced startup options, and then select safe mode.

Technical Information:

*** STOP: 0x0000007F (0x0000000000000008, 0x0000000080050031, 0x00000000000006F8, 0xFFFFF8000C0BCD50)


So I can't even install windows back on now. Does this sound like hardware problems??


----------



## usasma (Apr 11, 2009)

If you can't install Windows, it certainly sounds like a hardware issue to me.

Here's some info on the STOP 0x7F error: http://www.carrona.org/bsodindx.html#0x0000007F

Start with these tests:


> H/W Diagnostics:
> Please start by running these hardware diagnostics:
> http://www.carrona.org/memdiag.html (read the details at the link)
> http://www.carrona.org/hddiag.html (read the details at the link)


----------



## seenk (Dec 20, 2009)

Well looks like it's time to call the computer company on monday than.
I'm running the full hard drive test right now so I can report back.
I've ran that memtest twice and it passed 4 times the first, than 5 times the second, but I may as well run it again after the hard drive test is done.

Thanks!


----------



## seenk (Dec 20, 2009)

Well western digital hard drive complete test passed with no errors.
Memtest for the third time passed with no errors, with 6 passes.
Maybe a motherboard issue? Is there such a thing as a test for a motherboard??


----------



## seenk (Dec 20, 2009)

Well I think I finally figured out I got a bad memory stick.
I tried running a memory test one stick at a time, and they both still passed. So I instead tried installing windows with one stick at a time using the same DIMM slot. 
One stick installs it fine and works well (though slow with only 2 GB memory) and the other gives me a blue screen error when trying to reinstall windows.

So I'm requesting a new memory stick and hoping all will be well than!

Thanks everyone for your help, it's too bad the memory test didn't catch it


----------



## seenk (Dec 20, 2009)

Well thought it was one of the memory sticks, as the second memory got windows installed. Now I can't go more than a minute or two without a blue screen using the one "good" memory. I downloaded the chipset, video, etc drivers on my laptop and got them installed on the desktop as well as windows updates, but nothing has helped. It will blue screen just sitting not even running anything.

I'll try safe mode and see if I can post the blue screen files if someone cares to take a look and see if they still are pointing to those "kernal" errors. Can I have two bad memory sticks? Or does this sound like the motherboard?


----------



## seenk (Dec 20, 2009)

Well attached is the TSF report. I can't run perfmon in safe mode, and it blue screens before I can save the report in normal mode.

Also, I think I have a pretty clean install of windows now, as there are practically no programs installed; the only ones when I go to add/remove programs are the drivers for the chipset and video card.

Also, it doesn't seem to be blue screening in safe mode...

I'd rather not have to send the whole computer in for warranty, as that takes SO much time and I believe they want to charge me to ship it as well.


----------



## seenk (Dec 20, 2009)

Please someone I'm hoping this will be the last one


----------



## usasma (Apr 11, 2009)

A wide spectrum of errors - usually indicative of a hardware issue.
Since most of them are memory related, and you've passed the memory stuff - I'd have to assume that there's an issue with the motherboard.

There's no test for the motherboard, so it's a matter of ruling out everything else.
I'd suggest that you get on the manufacturer/reseller and have them either fix it or give you a new one.

Summary of the BSOD's:

```
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Debug session time: Thu Jan  7 19:49:26.402 2010 (GMT-5)
System Uptime: 0 days 0:14:58.448
BugCheck 3B, {c0000005, fffff800028aa35f, fffff88005479160, 0}
Probably caused by : memory_corruption ( nt!MiReplenishPageSlist+100 )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  explorer.exe
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Debug session time: Thu Jan  7 19:56:18.068 2010 (GMT-5)
System Uptime: 0 days 0:06:07.114
BugCheck 1E, {ffffffffc0000005, fffff800028f1b74, 0, ffffffffffffffff}
Probably caused by : memory_corruption ( nt!MiUnlinkFreeOrZeroedPage+1ca )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  iexplore.exe
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Debug session time: Thu Jan  7 20:20:14.449 2010 (GMT-5)
System Uptime: 0 days 0:07:31.495
BugCheck 1E, {ffffffffc0000005, fffff80002aeb35f, 0, ffffffffffffffff}
Probably caused by : memory_corruption ( nt!MiReplenishPageSlist+100 )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  audiodg.exe
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Debug session time: Thu Jan  7 20:23:24.641 2010 (GMT-5)
System Uptime: 0 days 0:02:04.687
BugCheck A, {68, 2, 1, fffff80002a74d5f}
Probably caused by : memory_corruption
DEFAULT_BUCKET_ID:  CODE_CORRUPTION
PROCESS_NAME:  wordpad.exe
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Debug session time: Thu Jan  7 20:44:31.858 2010 (GMT-5)
System Uptime: 0 days 0:03:50.904
BugCheck 1E, {ffffffffc0000005, fffff80002ae935f, 0, ffffffffffffffff}
Probably caused by : memory_corruption ( nt!MiReplenishPageSlist+100 )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  SearchFilterHo
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Debug session time: Thu Jan  7 21:23:49.441 2010 (GMT-5)
System Uptime: 0 days 0:38:12.503
BugCheck 7F, {8, 80050031, 6f8, fffff80002ac8e90}
Probably caused by : memory_corruption
DEFAULT_BUCKET_ID:  CODE_CORRUPTION
PROCESS_NAME:  TrustedInstall
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Debug session time: Thu Jan  7 22:14:48.492 2010 (GMT-5)
System Uptime: 0 days 0:49:54.427
BugCheck 1A, {5002, fffff90000812000, 9ca, f0b8fffffffe}
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by : win32k.sys ( win32k+c3ad0 )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  iexplore.exe
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Debug session time: Thu Jan  7 22:22:22.179 2010 (GMT-5)
System Uptime: 0 days 0:01:58.241
BugCheck A, {2a80001f0d50, 2, 1, fffff80002aea35f}
Probably caused by : memory_corruption ( nt!MiReplenishPageSlist+100 )
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  audiodg.exe
```


----------

