# [SOLVED] BSoD on Idle



## TechNewbie (Oct 10, 2005)

For the past few weeks, when my computer goes into idle for a few minutes (whether it goes to screensaver, the power plan switches the display off, or turn all that off and just leave it for a while) my computer either totally freezes or gets a blue screen of death. The actual BSoD I only started getting today; before that, my computer would completely freeze and I would have to do a hard power-off. It doesn't happen when I'm gaming or doing any other activity as long as I don't let the computer go idle. I've tried de-fragging my hard drive, cleaning old drivers out, I have the latest graphics drivers (I update usually every month), I've changed my power plan, I've done full scans in safe mode with McAfee Total Protection 2008, Ad-Aware, Spybot, and Windows Defender (all updated, scans have no results), and it still happens. Any help is appreciated.

System Specs:
Windows Vista 32-bit Home Ultimate w/SP1, no available updates left to download
Gateway FX530XG desktop
Intel Core2 Extreme QX6700 on an Intel 975X Viiv Mobo
2 ATI Radeon X1950's in Crossfire (enabled)
250 GB 7200 RPM SATA II Hard Drive 
Delta 700W PSU (came with the system)
4GB (1x4) DDR2 667MHz SDRAM, dunno the brand offhand
Logitech G5 Mouse and G15 keyboard
Current display is a common Gateway 17" LCD monitor



I also got this info when I rebooted, if it helps:

Problem signature:
Problem Event Name:	BlueScreen
OS Version:	6.0.6001.2.1.0.256.1
Locale ID:	1033

Additional information about the problem:
BCCode:	117
BCP1:	89068510
BCP2:	8E82849E
BCP3:	00000000
BCP4:	00000000
OS Version:	6_0_6001
Service Pack:	1_0
Product:	256_1

Files that help describe the problem:
C:\Windows\Minidump\Mini062908-01.dmp
C:\Users\Administrator\AppData\Local\Temp\WER-40265-0.sysdata.xml
C:\Users\Administrator\AppData\Local\Temp\WERCBBC.tmp.version.txt


----------



## dai (Jul 2, 2004)

*Re: BSoD on Idle*

to turn off the auto reboot
control panel /sysytem/advanced/startup and recovery settings
then untick the auto reboot box
post any bsod error messages the computer freezes on in full


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*










Oh, and now my computer is freezing when playing in fullscreen after running for a dozen or so seconds, doesn't matter what game. Windowed modes runs just fine though.


----------



## dai (Jul 2, 2004)

*Re: BSoD on Idle*

reinstall your video drivers
in the device manager uninstall the card
when windows finishes rebooting
disable a/virus
install your drivers
reboot the computer


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

Reinstall the drivers first thing....? Did you mean uninstall? If so, do you want me to uninstall Catalyst Control Center with it, or just the drivers?


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

Also, when I uninstall both my video cards, do I also choose to "delete the driver software for this device"?


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

Well, after my computer completely freezing for the first time while I was actively using it, I went ahead and did what you said to do, and am waiting for something to happen with it.


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

Yep, it happened again. Walked away to grab some dinner, came back and there was the same blue screen as before staring back at me.


----------



## dai (Jul 2, 2004)

*Re: BSoD on Idle*

run
memtest on the ram 1 stick at a time
http://www.memtest.org/
post the zipped mini dump file and someone will check them


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

Yeah, I've never checked my memory before so I don't know how to use this program at all, and the menu isn't exactly user-friendly. How do I go about checking my ram one stick at a time, and how long should I check each one for?


----------



## dai (Jul 2, 2004)

*Re: BSoD on Idle*

you d/load the app put it on disk and boot the computer from the disk and only have 1 stick of ram in the computer


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

I did two scans on each stick and each one came up error-free. Here is the minidump file I listed in my first post, I assume that's the one you wanted.
View attachment Mini062908-01.rar
There have been other ones since; if you want those too, lemme know.


----------



## dai (Jul 2, 2004)

*Re: BSoD on Idle*

i have asked someone to have alook at the dumps


----------



## Cherry Bomb (Jun 17, 2008)

*Re: BSoD on Idle*

Check Device Manager. Check "show hidden devices". Pay particular attention to the "System Devices" sub-section. I am wondering if there is a problem with the ACPI. Uninstall any flagged items and restart.


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*

Hi. . .

The original STOP error message or bug check was 
 0x00000117 (0x89068510, 0x8E82849E, 0x00000000, 0x0000000), which refers to a VIDEO_TDR_TIMEOUT_DETECTED and indicates that the display driver failed to respond in a timely fashion. 
The four parameters following the x117 bug check are (1) The pointer to the internal TDR recovery context; (2) A pointer into the responsible device driver module (for example, the owner tag).; (3) The secondary driver-specific bucketing key; (4) Reserved area. 

It does in fact appear to involve the video drivers.

Regards. . .

jcgriff2

.


----------



## dai (Jul 2, 2004)

*Re: BSoD on Idle*

if you are using the latest video driver and software,try an older version


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

Device Manager is showing no problems. How far back would you suggest I went with the drivers? Also, should I switch out Catalyst Control Center as well, or the drivers only?


----------



## dai (Jul 2, 2004)

*Re: BSoD on Idle*

do the drivers and control centre
if you are using the latest go back 1 or 2 versions


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

I tried the 8.3 drivers before bringing my problem here and they locked up on me, so I'm gonna try the 8.1 from January. I'll let you know how it goes.


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

No good, my system froze when I left it alone again, had to do a hard power-off as usual. No blue screen this time.


----------



## dai (Jul 2, 2004)

*Re: BSoD on Idle*

see if you can borrow anther psu to try in it


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*

Hi. . .

Just reviewed the thread.

Please gather up and attach ALL dump files - even if there are 100 of them. Just one may show some additional problem lurking within the system.

Regards. . .

jcgriff2

.


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

I'd like to note that it only started creating the minidumps when I updated my drivers and CCC to 8.6 - before that all it did was freeze up on me with the sound still going/looping, leaving me in the dark as to what was going on. Here are all the minidump files, including the one I posted previously.
View attachment Minidump.rar
Also, I don't have another PSU to try, but I don't know if that's the issue because I let my computer sit for an hour and a half in safe mode without it locking up on me.


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

View attachment Mini070108-01.rar

Here's my latest minidump from my latest BSoD 5 minutes ago, if you wanna take a look at it. I still have the 8.1 drivers/CCC, so I guess my 8.6 theory is out the window. This time it happened when I came back from being away, moved the mouse and the computer was turning my display back on. The BSoD's stop code was slightly different this time:
STOP: 0x000000EA (0x8468BD78, 0x00000000, 0x00000000, 0x00000000). Dunno if it makes a difference, but every little bit, right?

That PSU idea is looking better every time I post.


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

Okay, with some assistance from a friend and a lot of spitballing, I installed Windows Debugging Tools and read through a couple dump files, and I keep seeing "dxgkrnl" and "dxgkrnl.sys". After a Google search, it seems this is a part of DirectX. So does that mean my problem is stemming from corrupted/damaged DirectX files, and if so, is there anything I need to know about reinstalling it?


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

I've also noticed that my computer's temperature is going insanely high. I was playing a game on fullscreen and I accidentally alt-tabbed out to my desktop where I still had CCC open to the little temperature monitor in the Overdrive section (I don't have Overdrive unlocked, but it still tells the temperature) and it was freakin' NINETY degrees Celcius. I've never seen it so high before. I immediately shut off my game and it's down to about 60. Can this be related to the drivers somehow, or is that how high my setup goes and I just haven't been paying attention? Cause that just seems crazy hot to me. I downloaded Speedfan so I could better gauge my temperatures, but I have no idea what temp goes to what since it's not very user friendly.


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

Here's what my BIOS had to say on the temp subject if anyone's interested:









Incidentally, does anyone know how to get that front fan spinning other than on the first few seconds of startup?


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*

Hi. . .

Please run a dxdiag report - 

START | type dxdiag into the start search box | right-click on dxdiag | run as admin

dxdiag viewer will appear - save as text file and attach to your next post.

I looked at the mini dumps and saw the dxgkrnl.sys and the 0xea bugcheck. I don't believe that this is the problem at all. Let's see what the dxdiag shows me.

Thanks.

Regards. . .

jcgriff2

.


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

View attachment DxDiag.txt


There ya go.


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*

Hi. . .

I believe that I MAY have found the (or A) problem - 

In the dumps, I found an Intel driver IntelDH.sys with a time stamp of Wed Sep 06 18:41:54 2006 that is for your Intel Viiv Processor. I found this to be odd, given its date and the fact that you have updated various/all drivers throughout your system.

Intel published a bulletin on March 12, 2008, stating that it plans no software updates for the Viiv processor to accommodate Vista SP1 - or any other future Vista Service Packs for that matter. You can see this Intel bulletin HERE.

These bulletins are not published unless problems arise - which tells me that your chipset is not compatible and therefore unstable with Vista SP1 and is the likely cause of the varying bug checks within the numerous BSOD's.

Regards. . .

jcgriff2

.


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

I've only updated the common/easy drivers to update, I'm not that advanced a user (hence my forum name). So........ what am I supposed to do?


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*

I am not a hardware expert by any means, but that Intel bulletin tells me that the Viiv chipset can't be relied upon within Vista SP1. I don't know exactly what is involved with replacing the chipset - assuming that is an option.

How old is the system and when did you (or Windows Updates) install Vista SP1?

.


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

The system is about a year old, and I installed SP1 through Windows Updates on March 19th. According to the Reliability and Performance Monitor, my first "disruptive shutdown" (my hard power-off due to getting frozen) was on June 9th. And no, unless it's something covered under the 3-year warranty I got, replacing the chipset out-of-pocket isn't an option at the moment.


----------



## dai (Jul 2, 2004)

*Re: BSoD on Idle*

the usual causes
power supply----try another psu of higher quality
faulty ram --- run memtest 1 stick at a time----check the voltage range on the manufacturers site
corrupted video drivers----- clean reinstall
faulty video card-----try the card in another computer


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

Bad news / good news situation, dai. The bad news:
--Don't have another PSU.
--I ran 2 passes on each individual stick already, came up clean.
--I've done uninstall/driver clean/install of several sets of drivers, none helped.
--Don't have another computer to swap vid cards with.

The good news:
............Yeah, I don't have any of that. Sorry to get your hopes up.

From the bit of research I did on the BSoD stop code I keep getting (0x000000EA), it keeps coming up faulty video drivers or video hardware. Since I've swapped drivers half a dozen times to no avail, I'm leaning towards faulty hardware. I think sometime soon I'm gonna end up calling Gateway and bitching about the video cards and see if they'll send someone up to swap em out. If you guys can come up with more ideas of stuff to try in the mean time, I'm still willing to try em out; anything to avoid over-the-phone customer support. lthumbsd


----------



## dai (Jul 2, 2004)

*Re: BSoD on Idle*

try safe mode and see if it runs normally without the bsod
if it does it will point to software being the problem
if it dosen't it points to hardware


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

In one of my previous posts I said I had let my computer idle in safe mode for nearly two hours and nothing bad happened, but I'll try it again later today.


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*

While in SAFEMODE w/Networking - push the system - i.e., run programs, connect to the Internet - in fact bring up several IE screens or tabs - let it watch a TV show or movie from some site like cbs.com.

JC


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

I've been using my PC normally all day, waiting for it to fail and then I would do the safe mode stuff - somehow I've managed to go all day without a single problem. I haven't been brave enough for fullscreen games though. If I stay problem free for the rest of today, I'll try your suggestions tomorrow morning.


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*

Glad to hear it!

I would suggest that you keep an eye on the Event Viewer (eventvwr), also check wercon - type wercon into the start search box, also perfom - type perfmon into the start search box.

JC


----------



## Cherry Bomb (Jun 17, 2008)

*Re: BSoD on Idle*



jcgriff2 said:


> While in SAFEMODE w/Networking - push the system - i.e., run programs, connect to the Internet - in fact bring up several IE screens or tabs - let it watch a TV show or movie from some site like cbs.com.
> 
> JC


Also, have you checked Event Viewer for any hints that occur at or about the time of the crashes ?


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

Oh, I'm definitely gonna be keeping an eye on it; I know well enough that just because a problem isn't showing itself it doesn't mean that it's gone. I didn't know about the wercon thing, thank you for the heads-up on that little tidbit.


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*

Hi again. . .

Hope your weekend was good.

Seeing your great technical ability and understanding (this is flattery, I assure you!), look into the awesome set of dozens of programs included in the SysInternals Suite, by Mark Russinovich - now of Microsoft Corporation. SysInternals is a wholly owned subsidiary Corporation of Microsoft - since 2006.

You can download the entire SysInternals Suite from Microsoft TechNet HERE. It was just updated by Mark on June 26, 2008.

Regards. . .

jcgriff2

.


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

Well, I WAS doing ok for the last few days- playing games in fullscreen with no problems at all, watching video clips, tried the suggestion of safe mode w/networking and played a bunch of different videos all at the same time - everything was cool. Until about 4pm today when it froze up on me with no BSoD's or error codes or anything, and the latest time around an hour ago. This last one was a BSoD with a stop code of 0x0000001A. Here's the minidump:
View attachment Mini070708-01.rar


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*



TechNewbie said:


> Well, I WAS doing ok for the last few days- playing games in fullscreen with no problems at all, watching video clips, tried the suggestion of safe mode w/networking and played a bunch of different videos all at the same time - everything was cool. Until about 4pm today when it froze up on me with no BSoD's or error codes or anything, and the latest time around an hour ago. This last one was a BSoD with a stop code of 0x0000001A. Here's the minidump:
> View attachment 30691



Hi. . .

The bug check 0x0000001a (0x00041287, 0x000061c4, 0x00000000, 0x00000000) is as follows:

The MEMORY_MANAGEMENT bugcheck 0x1a, indicates that a severe memory management error occurred.

The first parameter 0x41287  says that internal memory management structures are corrupted and a kernel memory dump file is needed to further investigate! While kernel dumps contain tons of information, certain features of debugging it are null and void as there is no "live kernel mode" session - you need two different computers hooked together to take full advantage of such. 

My next suggestion is to produce a FULL memory dump - in your case this would be in excess of 3gb - and would be so named \windows\memory.dmp. Still - please know hat there are no guarantees a to a successful outcome to resolve the BSODs. This is just the next logical step - to me anyway.

If you would like to do so and assuming we can figure out a way to get the file to me, I would be glad to see what I can find in it. I do have one thought as to how to transfer the file (zipped, of course) - via a desktop remote session using CrossLoop, found HERE. It has many security features including a 12 digit randomly assigned number that you would need to provide me with to gain access to your system for each session. But the call is yours.

Regards. . .

jcgriff2

Here is the dump output:

```
[FONT=calibri]

Loading Dump File [E:\#Dumps\TechNewbie  - Vist Ultimate - DAI - 07-01-08\Mini070708-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows Server 2008 Kernel Version 6001 (Service Pack 1) MP (4 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 6001.18000.x86fre.longhorn_rtm.080118-1840
Kernel base = 0x8200e000 PsLoadedModuleList = 0x8211b930
Debug session time: Mon Jul  7 00:34:22.490 2008 (GMT-4)
System Uptime: 0 days 6:53:54.186
Loading Kernel Symbols
.....................................................................................................................................................................
Loading User Symbols
Loading unloaded module list
........
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1A, {41287, 61c4, 0, 0}

Probably caused by : ntkrnlmp.exe ( nt!KiTrap0E+dc )

Followup: MachineOwner
---------

0: kd> !analyze -v;r;kv;lmtn
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

MEMORY_MANAGEMENT (1a)
    # Any other values for parameter 1 must be individually examined.
Arguments:
Arg1: 00041287, The subtype of the bugcheck.
Arg2: 000061c4
Arg3: 00000000
Arg4: 00000000

Debugging Details:
------------------


BUGCHECK_STR:  0x1a_41287

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  System

CURRENT_IRQL:  ba

TRAP_FRAME:  807e87cc -- (.trap 0xffffffff807e87cc)
ErrCode = 00000000
eax=000061c0 ebx=00000ffc ecx=000061c0 edx=052bdfff esi=051c0000 edi=05142000
eip=8208bf8c esp=807e8840 ebp=807e8868 iopl=0         nv up ei pl nz na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010206
nt!MiGetNextNode+0x20:
8208bf8c 8b4804          mov     ecx,dword ptr [eax+4] ds:0023:000061c4=????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from 82068ae4 to 8207eb4e

STACK_TEXT:  
807e87b4 82068ae4 00000000 000061c4 00000000 nt!MmAccessFault+0x158
807e87b4 8208bf8c 00000000 000061c4 00000000 nt!KiTrap0E+0xdc
807e883c 820b6d33 8464eac0 000000fe 846987d0 nt!MiGetNextNode+0x20
807e8868 820b672b 051c0000 000000fe 807e8c9c nt!MiGetClusterBounds+0x1c1
807e8cdc 820265ee 00000000 886e4764 00000000 nt!MiBuildPageFileCluster+0x15f
807e8d4c 820262cf 886e4728 00000000 846987d0 nt!MiGatherPagefilePages+0x285
807e8d7c 821b66ad 00000000 aab58a60 00000000 nt!MiModifiedPageWriter+0x17a
807e8dc0 8209d686 82026156 00000000 00000000 nt!PspSystemThreadStartup+0x9d
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!KiTrap0E+dc
82068ae4 85c0            test    eax,eax

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  nt!KiTrap0E+dc

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  47918b0a

FAILURE_BUCKET_ID:  0x1a_41287_nt!KiTrap0E+dc

BUCKET_ID:  0x1a_41287_nt!KiTrap0E+dc

Followup: MachineOwner
---------

eax=820fd920 ebx=000061c4 ecx=821049b8 edx=00000374 esi=820fd93c edi=807e83d8
eip=8207eb4e esp=807e8748 ebp=807e87b4 iopl=0         nv up ei pl nz na po nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00000202
nt!MmAccessFault+0x158:
8207eb4e 837c242800      cmp     dword ptr [esp+28h],0 ss:0010:807e8770=00000000
ChildEBP RetAddr  Args to Child              
807e87b4 82068ae4 00000000 000061c4 00000000 nt!MmAccessFault+0x158
807e87b4 8208bf8c 00000000 000061c4 00000000 nt!KiTrap0E+0xdc (FPO: [0,0] TrapFrame @ 807e87cc)
807e883c 820b6d33 8464eac0 000000fe 846987d0 nt!MiGetNextNode+0x20 (FPO: [0,0,0])
807e8868 820b672b 051c0000 000000fe 807e8c9c nt!MiGetClusterBounds+0x1c1
807e8cdc 820265ee 00000000 886e4764 00000000 nt!MiBuildPageFileCluster+0x15f
807e8d4c 820262cf 886e4728 00000000 846987d0 nt!MiGatherPagefilePages+0x285
807e8d7c 821b66ad 00000000 aab58a60 00000000 nt!MiModifiedPageWriter+0x17a
807e8dc0 8209d686 82026156 00000000 00000000 nt!PspSystemThreadStartup+0x9d
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16
start    end        module name
8200e000 823b8000   nt       ntkrnlmp.exe Sat Jan 19 00:30:50 2008 (47918B0A)
823b8000 823eb000   hal      halmacpi.dll Sat Jan 19 00:27:20 2008 (47918A38)
8280d000 82815000   kdcom    kdcom.dll    Sat Jan 19 02:31:53 2008 (4791A769)
82815000 82875000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Sat Jan 19 02:29:43 2008 (4791A6E7)
82875000 82886000   PSHED    PSHED.dll    Sat Jan 19 02:31:21 2008 (4791A749)
82886000 8288e000   BOOTVID  BOOTVID.dll  Sat Jan 19 02:27:15 2008 (4791A653)
8288e000 828cf000   CLFS     CLFS.SYS     Sat Jan 19 00:28:01 2008 (47918A61)
828cf000 829af000   CI       CI.dll       Fri Feb 22 00:00:56 2008 (47BE5708)
829af000 82a2b000   Wdf01000 Wdf01000.sys Sat Jan 19 00:52:21 2008 (47919015)
82a2b000 82a38000   WDFLDR   WDFLDR.SYS   Sat Jan 19 00:52:19 2008 (47919013)
82a38000 82a7e000   acpi     acpi.sys     Sat Jan 19 00:32:48 2008 (47918B80)
82a7e000 82a87000   WMILIB   WMILIB.SYS   Sat Jan 19 00:53:08 2008 (47919044)
82a87000 82a8f000   msisadrv msisadrv.sys Thu Nov 02 04:35:08 2006 (4549ADBC)
82a8f000 82ab6000   pci      pci.sys      Sat Jan 19 00:32:57 2008 (47918B89)
82ab6000 82ac5000   partmgr  partmgr.sys  Sat Jan 19 00:49:54 2008 (47918F82)
82ac5000 82ac7900   compbatt compbatt.sys Sat Jan 19 00:32:47 2008 (47918B7F)
82ac8000 82ad2000   BATTC    BATTC.SYS    Sat Jan 19 00:32:45 2008 (47918B7D)
82ad2000 82ae1000   volmgr   volmgr.sys   Sat Jan 19 00:49:51 2008 (47918F7F)
82ae1000 82b2b000   volmgrx  volmgrx.sys  Sat Jan 19 00:50:00 2008 (47918F88)
82b2b000 82b32000   intelide intelide.sys Thu Nov 02 04:51:35 2006 (4549B197)
82b32000 82b40000   PCIIDEX  PCIIDEX.SYS  Sat Jan 19 00:49:40 2008 (47918F74)
82b40000 82b47000   pciide   pciide.sys   Sat Jan 19 00:49:42 2008 (47918F76)
82b47000 82b57000   mountmgr mountmgr.sys Sat Jan 19 00:49:13 2008 (47918F59)
82b57000 82bf7000   iastorv  iastorv.sys  Fri Oct 06 14:01:40 2006 (45269A04)
8a400000 8a4b8000   iaStor   iaStor.sys   Tue Oct 31 17:46:33 2006 (4547C439)
8a4b8000 8a4c0000   atapi    atapi.sys    Sat Jan 19 00:49:40 2008 (47918F74)
8a4c0000 8a4de000   ataport  ataport.SYS  Sat Jan 19 00:49:40 2008 (47918F74)
8a4de000 8a510000   fltmgr   fltmgr.sys   Sat Jan 19 00:28:10 2008 (47918A6A)
8a510000 8a520000   fileinfo fileinfo.sys Sat Jan 19 00:34:27 2008 (47918BE3)
8a520000 8a591000   ksecdd   ksecdd.sys   Sat Jan 19 00:41:20 2008 (47918D80)
8a591000 8a69c000   ndis     ndis.sys     Sat Jan 19 00:55:51 2008 (479190E7)
8a69c000 8a6c7000   msrpc    msrpc.sys    Sat Jan 19 00:48:15 2008 (47918F1F)
8a6c7000 8a701000   NETIO    NETIO.SYS    Sat Jan 19 00:56:19 2008 (47919103)
8a701000 8a78a000   rdpdr    rdpdr.sys    Sat Jan 19 01:02:27 2008 (47919273)
8a78a000 8a79a000   termdd   termdd.sys   Sat Jan 19 01:01:06 2008 (47919222)
8a79a000 8a7a5000   mouclass mouclass.sys Sat Jan 19 00:49:14 2008 (47918F5A)
8a7a5000 8a7af000   mssmbios mssmbios.sys Sat Jan 19 00:32:55 2008 (47918B87)
8a7af000 8a7bc000   umbus    umbus.sys    Sat Jan 19 00:53:40 2008 (47919064)
8a7bc000 8a7f0000   usbhub   usbhub.sys   Sat Jan 19 00:53:40 2008 (47919064)
8a800000 8a90f000   Ntfs     Ntfs.sys     Sat Jan 19 00:28:54 2008 (47918A96)
8a90f000 8a948000   volsnap  volsnap.sys  Sat Jan 19 00:50:10 2008 (47918F92)
8a948000 8a950000   spldr    spldr.sys    Thu Jun 21 20:29:17 2007 (467B17DD)
8a950000 8a951480   speedfan speedfan.sys Sun Sep 24 09:28:47 2006 (4516880F)
8a952000 8a961000   mup      mup.sys      Sat Jan 19 00:28:20 2008 (47918A74)
8a961000 8a961680   giveio   giveio.sys   Wed Apr 03 22:33:25 1996 (316334F5)
8a962000 8a989000   ecache   ecache.sys   Sat Jan 19 00:50:47 2008 (47918FB7)
8a989000 8a9ad000   fvevol   fvevol.sys   Sat Jan 19 00:27:09 2008 (47918A2D)
8a9ad000 8a9be000   disk     disk.sys     Sat Jan 19 00:49:47 2008 (47918F7B)
8a9be000 8a9df000   CLASSPNP CLASSPNP.SYS Sat Jan 19 00:49:36 2008 (47918F70)
8a9df000 8a9e8000   crcdisk  crcdisk.sys  Thu Nov 02 04:52:27 2006 (4549B1CB)
8a9e8000 8aaa0000   dump_iaStor dump_iaStor.sys Tue Oct 31 17:46:33 2006 (4547C439)
8aabe000 8aac9000   tunnel   tunnel.sys   Sat Jan 19 00:55:50 2008 (479190E6)
8aac9000 8aad2000   tunmp    tunmp.sys    Sat Jan 19 00:55:40 2008 (479190DC)
8aad2000 8aae1000   intelppm intelppm.sys Sat Jan 19 00:27:20 2008 (47918A38)
8aae1000 8aaf9000   cdrom    cdrom.sys    Sat Jan 19 00:49:50 2008 (47918F7E)
8aaf9000 8ab04080   intelsmb intelsmb.sys Wed Dec 27 22:57:13 2006 (45934099)
8ab05000 8ab33000   msiscsi  msiscsi.sys  Sat Jan 19 00:50:44 2008 (47918FB4)
8ab33000 8ab74000   storport storport.sys Sat Jan 19 00:49:49 2008 (47918F7D)
8ab74000 8ab8b000   rasl2tp  rasl2tp.sys  Sat Jan 19 00:56:33 2008 (47919111)
8ab8b000 8ab96000   ndistapi ndistapi.sys Sat Jan 19 00:56:24 2008 (47919108)
8ab96000 8abb9000   ndiswan  ndiswan.sys  Sat Jan 19 00:56:32 2008 (47919110)
8abb9000 8abc8000   raspppoe raspppoe.sys Sat Jan 19 00:56:33 2008 (47919111)
8abc8000 8abdc000   raspptp  raspptp.sys  Sat Jan 19 00:56:34 2008 (47919112)
8abdc000 8abf1000   rassstp  rassstp.sys  Sat Jan 19 00:56:43 2008 (4791911B)
8abf1000 8abfc000   kbdclass kbdclass.sys Sat Jan 19 00:49:14 2008 (47918F5A)
8e800000 8e80b000   TDI      TDI.SYS      Sat Jan 19 00:57:10 2008 (47919136)
8e80b000 8ed1e000   atikmdag atikmdag.sys Mon Jun 02 23:48:31 2008 (4844BF0F)
8ed1e000 8edbd000   dxgkrnl  dxgkrnl.sys  Sat Jan 19 00:36:36 2008 (47918C64)
8edbd000 8edca000   watchdog watchdog.sys Sat Jan 19 00:35:29 2008 (47918C21)
8edca000 8ee01000   e1e6032  e1e6032.sys  Thu Nov 16 13:07:21 2006 (455CA8D9)
8ee01000 8ee1b000   serial   serial.sys   Sat Jan 19 00:49:34 2008 (47918F6E)
8ee1b000 8ee25000   serenum  serenum.sys  Sat Jan 19 00:49:29 2008 (47918F69)
8ee25000 8ee33000   IAMTV    IAMTV.sys    Thu Oct 19 03:12:40 2006 (45372568)
8ee33000 8ee3e000   usbuhci  usbuhci.sys  Sat Jan 19 00:53:20 2008 (47919050)
8ee3e000 8ee7c000   USBPORT  USBPORT.SYS  Sat Jan 19 00:53:23 2008 (47919053)
8ee7c000 8ee8b000   usbehci  usbehci.sys  Sat Jan 19 00:53:21 2008 (47919051)
8ee8b000 8ef08b00   ctaud2k  ctaud2k.sys  Thu Oct 25 09:45:42 2007 (47209E06)
8ef09000 8ef36000   portcls  portcls.sys  Sat Jan 19 00:53:17 2008 (4791904D)
8ef36000 8ef5b000   drmk     drmk.sys     Sat Jan 19 01:53:02 2008 (47919E4E)
8ef5b000 8ef85000   ks       ks.sys       Sat Jan 19 00:49:21 2008 (47918F61)
8ef85000 8efb9000   ctoss2k  ctoss2k.sys  Thu Oct 25 09:45:17 2007 (47209DED)
8efb9000 8efc1000   ctprxy2k ctprxy2k.sys Thu Oct 25 09:45:43 2007 (47209E07)
8efc1000 8efd0200   ohci1394 ohci1394.sys Sat Jan 19 00:53:33 2008 (4791905D)
8efd1000 8efde080   1394BUS  1394BUS.SYS  Sat Jan 19 00:53:27 2008 (47919057)
8efdf000 8eff7000   parport  parport.sys  Sat Jan 19 00:49:32 2008 (47918F6C)
8eff7000 8eff8380   swenum   swenum.sys   Sat Jan 19 00:49:20 2008 (47918F60)
8eff9000 8effa580   IntelDH  IntelDH.sys  Wed Sep 06 18:41:54 2006 (44FF4EB2)
93c08000 93d28000   ha20x2k  ha20x2k.sys  Thu Oct 25 09:45:30 2007 (47209DFA)
93d28000 93d57000   emupia2k emupia2k.sys Thu Oct 25 09:45:08 2007 (47209DE4)
93d57000 93d80000   ctsfm2k  ctsfm2k.sys  Thu Oct 25 09:45:10 2007 (47209DE6)
93d80000 93da1000   VIDEOPRT VIDEOPRT.SYS Sat Jan 19 00:52:10 2008 (4791900A)
93da1000 93da9000   RDPCDD   RDPCDD.sys   Sat Jan 19 01:01:08 2008 (47919224)
93da9000 93db1000   rdpencdd rdpencdd.sys Sat Jan 19 01:01:09 2008 (47919225)
93db1000 93dbc000   Msfs     Msfs.SYS     Sat Jan 19 00:28:08 2008 (47918A68)
93dbc000 93dca000   Npfs     Npfs.SYS     Sat Jan 19 00:28:09 2008 (47918A69)
93dca000 93dd3000   rasacd   rasacd.sys   Sat Jan 19 00:56:31 2008 (4791910F)
93e1c000 93e2d000   NDProxy  NDProxy.SYS  Sat Jan 19 00:56:28 2008 (4791910C)
93e2d000 93e42000   CTHWIUT  CTHWIUT.DLL  Thu Oct 25 09:46:34 2007 (47209E3A)
93e42000 93e6e000   CT20XUT  CT20XUT.DLL  Thu Oct 25 09:46:32 2007 (47209E38)
93e6e000 93fb5000   CTEXFIFX CTEXFIFX.DLL Thu Oct 25 09:46:30 2007 (47209E36)
93fb5000 93fbe000   Fs_Rec   Fs_Rec.SYS   Sat Jan 19 00:27:57 2008 (47918A5D)
93fbe000 93fc5000   Null     Null.SYS     Sat Jan 19 00:49:12 2008 (47918F58)
93fc5000 93fcc000   Beep     Beep.SYS     Sat Jan 19 00:49:10 2008 (47918F56)
93fe8000 93fee380   HIDPARSE HIDPARSE.SYS Sat Jan 19 00:53:16 2008 (4791904C)
93fef000 93ffb000   vga      vga.sys      Sat Jan 19 00:52:06 2008 (47919006)
94004000 940eb000   tcpip    tcpip.sys    Sat Jan 19 00:56:48 2008 (47919120)
940eb000 94106000   fwpkclnt fwpkclnt.sys Sat Jan 19 00:55:44 2008 (479190E0)
94106000 9412d000   Mpfp     Mpfp.sys     Fri Jul 13 10:21:09 2007 (46978A55)
9412d000 94143000   tdx      tdx.sys      Sat Jan 19 00:55:58 2008 (479190EE)
94143000 94155000   ipfltdrv ipfltdrv.sys Sat Jan 19 00:56:23 2008 (47919107)
94155000 94169000   smb      smb.sys      Sat Jan 19 00:55:27 2008 (479190CF)
94169000 941b1000   afd      afd.sys      Sat Jan 19 00:57:00 2008 (4791912C)
941b1000 941e3000   netbt    netbt.sys    Sat Jan 19 00:55:33 2008 (479190D5)
941e3000 941f9000   pacer    pacer.sys    Sat Jan 19 00:55:53 2008 (479190E9)
941f9000 94207000   netbios  netbios.sys  Sat Jan 19 00:55:45 2008 (479190E1)
94207000 9421a000   wanarp   wanarp.sys   Sat Jan 19 00:56:31 2008 (4791910F)
9421a000 94256000   rdbss    rdbss.sys    Sat Jan 19 00:28:34 2008 (47918A82)
94256000 94260000   nsiproxy nsiproxy.sys Sat Jan 19 00:55:50 2008 (479190E6)
94260000 9428f820   mfehidk  mfehidk.sys  Thu Aug 16 11:51:29 2007 (46C47281)
94290000 942ea000   csc      csc.sys      Sat Jan 19 00:28:54 2008 (47918A96)
942ea000 94301000   dfsc     dfsc.sys     Sat Jan 19 00:28:20 2008 (47918A74)
94301000 94313000   USBSTOR  USBSTOR.SYS  Sat Jan 19 00:53:22 2008 (47919052)
94313000 94314700   USBD     USBD.SYS     Sat Jan 19 00:53:17 2008 (4791904D)
94315000 9432c000   usbccgp  usbccgp.sys  Sat Jan 19 00:53:29 2008 (47919059)
9432c000 94335000   hidusb   hidusb.sys   Sat Jan 19 00:53:17 2008 (4791904D)
94335000 94345000   HIDCLASS HIDCLASS.SYS Sat Jan 19 00:53:16 2008 (4791904C)
94345000 9434bd00   LHidFilt LHidFilt.Sys Wed Apr 11 19:28:19 2007 (461D6F13)
9434c000 94354000   mouhid   mouhid.sys   Sat Jan 19 00:49:16 2008 (47918F5C)
94354000 9435b200   LMouFilt LMouFilt.Sys Wed Apr 11 19:28:23 2007 (461D6F17)
9435c000 94372000   cdfs     cdfs.sys     Sat Jan 19 00:28:02 2008 (47918A62)
94372000 9437f000   crashdmp crashdmp.sys Sat Jan 19 00:49:43 2008 (47918F77)
9437f000 94390000   dump_dumpfve dump_dumpfve.sys Sat Jan 19 00:27:05 2008 (47918A29)
94390000 9439a000   Dxapi    Dxapi.sys    Sat Jan 19 00:36:12 2008 (47918C4C)
9439a000 943a3000   kbdhid   kbdhid.sys   Sat Jan 19 00:49:17 2008 (47918F5D)
943a3000 943b2000   monitor  monitor.sys  Sat Jan 19 00:52:19 2008 (47919013)
943b2000 943cd000   luafv    luafv.sys    Sat Jan 19 00:30:35 2008 (47918AFB)
943d5000 943e6b80   mfeavfk  mfeavfk.sys  Thu Aug 16 11:54:26 2007 (46C47332)
9b0d0000 9b2d1000   win32k   win32k.sys   unavailable (00000000)
9b2f0000 9b2f9000   TSDDD    TSDDD.dll    unavailable (00000000)
9b310000 9b35c000   ATMFD    ATMFD.DLL    unavailable (00000000)
9b360000 9b36e000   cdd      cdd.dll      unavailable (00000000)
9e000000 9e0083e0   mfesmfk  mfesmfk.sys  Mon Jul 16 13:47:52 2007 (469BAF48)
9e00d000 9e0bc000   spsys    spsys.sys    Thu Jun 21 20:33:02 2007 (467B18BE)
9e0bc000 9e0cc000   lltdio   lltdio.sys   Sat Jan 19 00:55:03 2008 (479190B7)
9e0cc000 9e0f6000   nwifi    nwifi.sys    Sat Jan 19 00:53:58 2008 (47919076)
9e0f6000 9e100000   ndisuio  ndisuio.sys  Sat Jan 19 00:55:40 2008 (479190DC)
9e100000 9e107000   nmsgopro nmsgopro.sys Wed Sep 27 10:32:52 2006 (451A8B94)
9e107000 9e11a000   rspndr   rspndr.sys   Sat Jan 19 00:55:03 2008 (479190B7)
9e11a000 9e185000   HTTP     HTTP.sys     Sat Jan 19 00:55:21 2008 (479190C9)
9e185000 9e1a2000   srvnet   srvnet.sys   Sat Jan 19 00:29:11 2008 (47918AA7)
9e1a2000 9e1bb000   bowser   bowser.sys   Sat Jan 19 00:28:26 2008 (47918A7A)
9e1bb000 9e1d0000   mpsdrv   mpsdrv.sys   Sat Jan 19 00:54:45 2008 (479190A5)
9e1d0000 9e1f0000   mrxdav   mrxdav.sys   Sat Jan 19 00:28:44 2008 (47918A8C)
9e1f0000 9e20f000   mrxsmb   mrxsmb.sys   Sat Jan 19 00:28:33 2008 (47918A81)
9e20f000 9e248000   mrxsmb10 mrxsmb10.sys Sat Jan 19 00:28:40 2008 (47918A88)
9e248000 9e260000   mrxsmb20 mrxsmb20.sys Sat Jan 19 00:28:35 2008 (47918A83)
9e260000 9e287000   srv2     srv2.sys     Sat Jan 19 00:29:14 2008 (47918AAA)
9e287000 9e2d3000   srv      srv.sys      Sat Jan 19 00:29:25 2008 (47918AB5)
9e2d3000 9e2da000   parvdm   parvdm.sys   Sat Jan 19 00:49:28 2008 (47918F68)
9e2da000 9e2dbd00   nmsunidr nmsunidr.sys Thu May 25 13:04:54 2006 (4475E3B6)
9e2dc000 9e3ba000   peauth   peauth.sys   Mon Oct 23 04:55:32 2006 (453C8384)
9e3ba000 9e3c4000   secdrv   secdrv.SYS   Wed Sep 13 09:18:32 2006 (45080528)
9e3c4000 9e3d0000   tcpipreg tcpipreg.sys Sat Jan 19 00:56:07 2008 (479190F7)
9e3d0000 9e3e4580   WUDFRd   WUDFRd.sys   Sat Jan 19 00:53:04 2008 (47919040)
9e3e5000 9e3f7000   WUDFPf   WUDFPf.sys   Sat Jan 19 00:52:49 2008 (47919031)
9e3f7000 9e3fdf60   mfebopk  mfebopk.sys  Thu Aug 16 11:55:06 2007 (46C4735A)

Unloaded modules:
943e7000 943f3000   ATITool.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
943cd000 943d5000   drmkaud.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
8a9e8000 8a9f5000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
8a9f5000 8aaad000   dump_iaStor.
    Timestamp: unavailable (00000000)
    Checksum:  00000000
8aaad000 8aabe000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
93fdf000 93fe8000   kbdhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
93fcc000 93fdf000   i8042prt.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
93d80000 93e1c000   ctac32k.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000


[/FONT]
```


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

Nah, I'm not really that comfortable letting someone remote my system, or at least not yet anyway. I'll try and find a file hosting service that allows for a file that large. I'll post back when I've found one.


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*



TechNewbie said:


> Well, I WAS doing ok for the last few days- playing games in fullscreen with no problems at all, watching video clips, tried the suggestion of safe mode w/networking and played a bunch of different videos all at the same time - everything was cool. Until about 4pm today when it froze up on me with no BSoD's or error codes or anything, and the latest time around an hour ago. This last one was a BSoD with a stop code of 0x0000001A. Here's the minidump:
> View attachment 30691



As I said, the choice is yours.

Please note, however, that I did testing for CrossLoop and once the session is over - that's it. You can see exactly what I am doing and by simply using your mouse, you can override me at any time. It is the most secure package that I have yet to come across.

The only reason that I suggested such, was to easily transfer the file from your system to mine.

Regards and Good Luck to you.

jcgriff2

.


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

How big of an attachment can I post onto here? Because my memory.dmp file is only 51MB compressed (263MB uncompressed), nowhere near the 3GB you quoted me. If it isn't large enough, just PM me your e-mail address, I'll send it there.


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*



TechNewbie said:


> How big of an attachment can I post onto here? Because my memory.dmp file is only 51MB compressed (263MB uncompressed), nowhere near the 3GB you quoted me. If it isn't large enough, just PM me your e-mail address, I'll send it there.


If the file is 263mb uncompressed, it sounds to me to be a kernel dump - not a full memory dump. The FULL memory dump would be equal to your installed RAM ++.

To answer your question about where to send the file - use Media Fire - 
http://www.mediafire.com/index.php

Set up an account and provide me with the link.

But again, I can only perform a user-mode kernel debug session as I am not connected to your PC, so the results will be limited, but usually more than a mini dump can offer. Please remember - there are no guarantees.

Regards. . .

jcgriff2

.


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

Here's the link you asked for, sorry it took so long to get to you.

http://www.mediafire.com/?1kjmypfmcvx


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

And now my latest BSoD (0x000000C5), while starting up, wasn't even at the main screen yet.

View attachment Mini071108-01.rar


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

And the latest, again during bootup.
View attachment Mini071108-02.rar


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*

Hi. . .

I am in the process of downloading the dumps and will post the results hopefully this weekend.

Regards. . .

JC


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*


Hi. . .

The kernel dump of course had the same stop error as the minidump:

The bug check 0x0000001a (0x00041287, 0x000061c4, 0x00000000, 0x00000000) is as follows:

The MEMORY_MANAGEMENT bugcheck 0x1a, indicates that a severe memory management error occurred. 0x41287  = internal memory management structures are corrupted. This time I do believe I found something - and it directly relates to memory - the massive consumption of it anyway, but then there is video.

I have issued dozens+ of kd debugging commands while going through this lone kernel kernel dump over the last few days looking for something - anything. I kept finding win32k.sys(GUI), dxgkrnl and the word swap. This led me to virtual memory and the discovery of one item that I found extremely interesting and do hope that it leads us somewhere. 

At the time of the crash, a program named Gw.exe (Guild Wars) was utilizing more virtual memory than all of the other applications combined - 236,681 pages = 946,724kb, nearly 1gb. This ultimately took me deeper into the dump where the kd command !locks -v displayed 12,809 total locks held on resources by threads. All of the locks except two were listed as available. This appears to me to have caused a deadlock, in this case by two threads, one being idle and having an exclusive hold on a resource and the other thread continued to execute, spinning its wheels attempting to obtain a resource that it was never going to get. I believe the resource to be related to video.

The deadlock occurred between a system process, most likely svchost.exe and Gw.exe, with Gw.exe either spinning out of control or spinning while being in control - I am not sure which as I do not know this programming language. Hopefully someone that does can tell us more. I would think that Gw.exe would be the loser here, yet the kernel dump lists the system as the process executing at the time of the crash, although that can probably be explained away since the dump lists the probable cause as the Microsoft NT kernel module ntkrpamp.exe. I looked for the names of drivers for Gw.exe, but could not find any as they are unknown to me. The only driver in the module listing at the time of the BSOD beginning with the letter "G" ironically is giveio.sys, which belongs to Speedfan and has a time stamp of April 3, 1996. I would love to know what a 12 year old driver is doing within a Vista system.

First, the virtual memory figures - go about 1/2 way down to the hi-lighted portion and you will see the figures for Gw.exe:


```
[COLOR=blue][SIZE=2]
0: kd> !vm

*** Virtual Memory Usage ***
	Physical Memory:      785229 (   3140916 Kb)
	Page File: \??\C:\pagefile.sys
	  Current:   3448116 Kb  Free Space:   3307580 Kb
	  Minimum:   3448116 Kb  Maximum:      4193280 Kb
	Available Pages:      215426 (    861704 Kb)
	ResAvail Pages:       709031 (   2836124 Kb)
	Locked IO Pages:           0 (         0 Kb)
	Free System PTEs:      65697 (    262788 Kb)
	Modified Pages:        21506 (     86024 Kb)
	Modified PF Pages:     21480 (     85920 Kb)
	NonPagedPool Usage:    18397 (     73588 Kb)
	NonPagedPool Max:     522743 (   2090972 Kb)
	PagedPool 0 Usage:     14745 (     58980 Kb)
	PagedPool 1 Usage:      7155 (     28620 Kb)
	PagedPool 2 Usage:      1677 (      6708 Kb)
	PagedPool 3 Usage:      1790 (      7160 Kb)
	PagedPool 4 Usage:      1696 (      6784 Kb)
	PagedPool Usage:       27063 (    108252 Kb)
	PagedPool Maximum:    523264 (   2093056 Kb)
	Shared Commit:         68970 (    275880 Kb)
	Special Pool:              0 (         0 Kb)
	Shared Process:         3171 (     12684 Kb)
	PagedPool Commit:      27127 (    108508 Kb)
	Driver Commit:          5688 (     22752 Kb)
	Committed pages:      558550 (   2234200 Kb)
	Commit limit:        1622466 (   6489864 Kb)

	Total Private:        434036 (   1736144 Kb)
         13ac [COLOR=red]Gw.exe          236681 (    946724 Kb)[/COLOR]
         0404 svchost.exe      18741 (     74964 Kb)
         04cc Mcshield.exe     13600 (     54400 Kb)
         0410 svchost.exe      12496 (     49984 Kb)
         08c4 SearchIndexer.e  11418 (     45672 Kb)
         03b0 svchost.exe      10252 (     41008 Kb)
         0d64 CCC.exe          10176 (     40704 Kb)
         0e18 explorer.exe     10098 (     40392 Kb)
         13dc msnmsgr.exe       8146 (     32584 Kb)
         0fcc MOM.exe           6703 (     26812 Kb)
         0624 aawservice.exe    5781 (     23124 Kb)
         0584 svchost.exe       4856 (     19424 Kb)
         03e8 svchost.exe       4795 (     19180 Kb)
         0fb0 sidebar.exe       4641 (     18564 Kb)
         0c30 mcmscsvc.exe      3833 (     15332 Kb)
         04a8 audiodg.exe       3733 (     14932 Kb)
         06d8 svchost.exe       3483 (     13932 Kb)
         0270 csrss.exe         3109 (     12436 Kb)
         1058 McNASvc.exe       2807 (     11228 Kb)
         01fc McProxy.exe       2772 (     11088 Kb)
         0fc4 CTXFISPI.EXE      2549 (     10196 Kb)
         0df8 taskeng.exe       2532 (     10128 Kb)
         0f5c LGDCore.exe       2383 (      9532 Kb)
         0520 svchost.exe       2255 (      9020 Kb)
         0004 System            2162 (      8648 Kb)
         104c LCDMedia.exe      2072 (      8288 Kb)
         06c0 spoolsv.exe       2030 (      8120 Kb)
         0818 SAService.exe     2026 (      8104 Kb)
         0dc4 dwm.exe           1899 (      7596 Kb)
         0fa4 SiteAdv.exe       1671 (      6684 Kb)
         0600 MpfSrv.exe        1630 (      6520 Kb)
         0fd4 sidebar.exe       1628 (      6512 Kb)
         1750 mcsysmon.exe      1577 (      6308 Kb)
         0d84 mcagent.exe       1574 (      6296 Kb)
         0c44 KHALMNPR.exe      1406 (      5624 Kb)
         04e4 SLsvc.exe         1335 (      5340 Kb)
         0084 SetPoint.exe      1318 (      5272 Kb)
         0f4c IAAnotif.exe      1293 (      5172 Kb)
         0844 svchost.exe       1151 (      4604 Kb)
         0384 svchost.exe       1090 (      4360 Kb)
         0f98 CTXFIHLP.EXE      1025 (      4100 Kb)
         0f68 LCDMon.exe        1007 (      4028 Kb)
         09f4 WUDFHost.exe       995 (      3980 Kb)
         04c4 svchost.exe        951 (      3804 Kb)
         02a4 lsass.exe          951 (      3804 Kb)
         1040 LCDClock.exe       902 (      3608 Kb)
         0fe8 ehtray.exe         901 (      3604 Kb)
         124c WmiPrvSE.exe       877 (      3508 Kb)
         0f90 CTHELPER.EXE       845 (      3380 Kb)
         0344 svchost.exe        841 (      3364 Kb)
         0cf0 Ati2evxx.exe       790 (      3160 Kb)
         0290 services.exe       708 (      2832 Kb)
         120c unsecapp.exe       706 (      2824 Kb)
         0970 issm.exe           702 (      2808 Kb)
         097c MCLServiceATL.e    650 (      2600 Kb)
         03d8 Ati2evxx.exe       612 (      2448 Kb)
         1034 LCDCountdown.ex    595 (      2380 Kb)
         0a0c taskeng.exe        571 (      2284 Kb)
         02b0 lsm.exe            561 (      2244 Kb)
         118c wmpnscfg.exe       519 (      2076 Kb)
         046c winlogon.exe       518 (      2072 Kb)
         1024 LCDPOP3.exe        499 (      1996 Kb)
         0658 msksrver.exe       470 (      1880 Kb)
         0220 csrss.exe          452 (      1808 Kb)
         02dc svchost.exe        420 (      1680 Kb)
         0340 ehmsas.exe         382 (      1528 Kb)
         0264 wininit.exe        338 (      1352 Kb)
         0174 AlertService.ex    338 (      1352 Kb)
         1478 Creative_ALchem    332 (      1328 Kb)
         0190 DQLWinService.e    228 (       912 Kb)
         1384 AL1Licensing.ex    213 (       852 Kb)
         088c svchost.exe        176 (       704 Kb)
         01e0 IAANTmon.exe       174 (       696 Kb)
         01d8 smss.exe            85 (       340 Kb)
         1548 mcupdate.exe         0 (         0 Kb)
         14b0 firefox.exe          0 (         0 Kb)
         14ac firefox.exe          0 (         0 Kb)
         13e8 mcupdate.exe         0 (         0 Kb)

[/SIZE][/COLOR]
```

*Now, the two locked threads:*


```
Resource @ 0x8897bdf8    Shared 1 owning threads
    Contention Count = 3242
     Threads: 8675f030-01<*> 

     THREAD 8675f030  Cid 13ac.0e34  Teb: 7ffdb000 Win32Thread: fa6afe90 WAIT: (Executive) KernelMode Non-Alertable
         8f729994  SynchronizationEvent
     Not impersonating
     DeviceMap                 a7c5ae08
     Owning Process            0       Image:         <Unknown>
     Attached Process  867dd750  Image: [COLOR=Red] Gw.exe
     Wait Start TickCount      1589387        Ticks: 0
     Context Switch Count      159648             
     UserTime                  00:00:43.421
     KernelTime                00:00:22.453
     Win32 Start Address 0x706f2e0b
     Stack Init 8f72a000 Current 8f729830 Base 8f72a000 Limit 8f727000 Call 0
     Priority 10 BasePriority 8 PriorityDecrement 2 IoPriority 2 PagePriority 5
     ChildEBP RetAddr  
     8f729848 [COLOR=red]82079943[/COLOR] nt!KiSwapContext+0x26 (FPO: [Uses EBP] [0,0,4])
     8f72988c [COLOR=red]82076999[/COLOR] nt!KiSwapThread+0x433
     8f7298e4 [COLOR=red]8ed245dd [/COLOR]nt!KeWaitForMultipleObjects+0x53d
     8f729914 [COLOR=red]8ed4827d[/COLOR] dxgkrnl!VidSchWaitForEvents+0x87 (FPO: [Non-Fpo])
     8f72993c 8ed45a54 dxgkrnl!VidSchWaitForCompletionEvent+0x110 (FPO: [Non-Fpo])
     8f7299bc 8ed446a3 dxgkrnl!VidSchWaitForQueuedPresentLimit+0xdb (FPO: [Non-Fpo])
     8f729ba4 8ed44bc4 dxgkrnl!DXGCONTEXT::Present+0x17a3 (FPO: [Non-Fpo])      8f729d58 820659aa dxgkrnl!DxgkPresent+0x271 (FPO: [Non-Fpo])
     8f729d58 77499a94 nt!KiFastCallEntry+0x12a (FPO: [0,3] TrapFrame @ 8f729d64)
WARNING: Frame IP not in any known module. Following frames may be wrong.
     0496fc78 00000000 0x77499a94[/color]
```


```
[color=blue][size=2]

Resource @ 0x88971b48    Exclusively owned
    Contention Count = 1604
     Threads: 889bc788-01<*> 

     THREAD 889bc788  Cid 0004.0244  Teb: 00000000 [COLOR=red]Win32Thread[/COLOR]: 00000000 WAIT: (Executive) KernelMode Non-Alertable
         88971c18  SynchronizationEvent
         88971bf8  SynchronizationEvent
         889bc810  NotificationTimer
     Not impersonating
     DeviceMap                 8b408dc8
     Owning Process            0       Image:         <Unknown>
     Attached Process          8464e8f0       Image: [COLOR=red]System[/COLOR]
     Wait Start TickCount      1589387        Ticks: 0
     Context Switch Count      22749065             
     UserTime                  00:00:00.000
     KernelTime                00:09:49.328
     Win32 Start Address dxgkrnl!VidSchiWorkerThread (0x8ed84fdf)
     Stack Init 80f9a000 Current 80f99bb0 Base 80f9a000 Limit 80f97000 Call 0
     Priority 15 BasePriority 15 PriorityDecrement 0 IoPriority 2 PagePriority 5
     ChildEBP RetAddr  
     80f99bc8 [COLOR=red]82079943[/COLOR] nt!KiSwapContext+0x26 (FPO: [Uses EBP] [0,0,4])
     80f99c0c [COLOR=red]82076999[/COLOR] nt!KiSwapThread+0x433
     80f99c64 [COLOR=red]8ed245dd[/COLOR] nt!KeWaitForMultipleObjects+0x53d
     80f99c94 [COLOR=Red]8ed4827d[/COLOR] dxgkrnl!VidSchWaitForEvents+0x87 (FPO: [Non-Fpo])
     80f99cbc 8ed24aec dxgkrnl!VidSchWaitForCompletionEvent+0x110 (FPO: [Non-Fpo])
     80f99d54 8ed47f98 dxgkrnl!VidSchiScheduleCommandToRun+0x14d (FPO: [Non-Fpo])
     80f99d68 8ed85041 dxgkrnl!VidSchiRun_PriorityTable+0xf (FPO: [Non-Fpo])
     80f99d7c 821b66ad dxgkrnl!VidSchiWorkerThread+0x62 (FPO: [Non-Fpo])
     80f99dc0 8209d686 nt!PspSystemThreadStartup+0x9d
     00000000 00000000 nt!KiThreadStartup+0x16

[/COLOR][/SIZE]
```
I have attached the 4.3mb kernel debug output (607.3kb zipped) for those that care to see it.

I am now off to a ball game with my 7 year-old. He has been very patient! Good Luck to you.

Regards. . .

jcgriff2


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

....I understood almost none of that.  Gw.exe is the MMO game Guild Wars, and it was probably running when my system froze and the report was made, so it's no surprise to me that it was using a majority of the resources. I can't see how it would account for all the other freezes when it wasn't running, though. As a side note, the other day I ran memtest86 again and let it go for 8 passes (took like 9 hours) and again it came up clean, so I'm pretty sure we can rule out a RAM problem.


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

Well, I'm still having regular freezing and the 0xC5 BSoD again a couple days ago, but since no one has posted any help in over a week, am I right in assuming that everyone is fresh out of ideas? Also, is there any kind of read-me file or something to help me learn to use that Sysinternals Suite that was recommended?


----------



## dai (Jul 2, 2004)

*Re: BSoD on Idle*

run driver verifier
http://msdn.microsoft.com/en-us/library/ms792872.aspx


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

Ok, I ran driver verifier, did the standard procedure or whatever, and selected the 3 drivers that seem to have been giving me the most troubles (atikmdag.sys, ctaud2k.sys, and ntoskrnl.exe is the very latest), and restarted so it could do its thing. Now I can't start my computer normally. Each and every time I get to the progress bar before Windows loads I get a BSoD with >>THIS<< stop code. I'm working right now from safe mode with networking. How do I undo whatever it is the verifier is doing? Use "Delete existing settings"?

EDIT: I DID do the "Delete existing settings" and yes, it solved that immediate problem. I'm still probably gonna freeze up sometime soon, but I can at least get on normally. So, does this mean that one of those three drivers could be my big culprit?


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*

Re-boot, but instead of SAFEMODE, choose Last Known Good Configuration.

Can you get the output from the verifier or do you know which drivers were flagged w/ bad signatures?

jcgriff2


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

I checked and there were no results from the verifier before I deleted the settings; I don't think it got to run or run long enough to finish and get results.


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*

Did last known good config get you back up?

Anything in event viewer or wercon?


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

No, I didn't use last known good config, I just reopened verifier and used the "delete existing options" setting while in safe mode+networking. EventID's I've gotten in the last hour on event viewer:
*4609: The COM+ Event System detected a bad return code during its internal processing. HRESULT was 8007043c from line 45 of d:\rtm\com\complus\src\events\tier1\eventsystemobj.cpp.
*6008 three times: The unexpected shutdown code I always get when I force my computer off when it freezes (and once while typing this)
*7001: The Computer Browser service depends on the Server service which failed to start because of the following error: 
The dependency service or group failed to start.
*7023 six times: The Intel(R) Remoting Service service terminated with the following error: 
General access denied error
*7026 four times: The following boot-start or system-start driver(s) failed to load: 
ATITool
i8042prt (I don;t have ATITool anymore, idk why that keeps showing up)
*10005 six times: DCOM got error "1084" attempting to start the service McNASvc with arguments "" in order to run the server:
{24F616A1-B755-4053-8018-C3425DC8B68A}
*15016 three times: Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number.


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*



Hi. . .

When I see Event Viewer entries involving Vista services - whether they will not start or their dependencies have not started, I have found it is usually related to a personal firewall of some sort.

Apologies that I don't have the time right now to review the 63 posts in this thread, but please tell me about your 3rd party firewall/anti-virus software.

Better yet, download and SAVE Deckard's System Scanner (DSS) from HERE to your desktop. Look about 1/4 of the page down for DSS.

The bring up an *Elevated* command prompt (START | type cmd.exe into the start search box | right-click on cmd.exe and a "DOS" box will appear. Issue the following commands, hitting enter after each:


```
[color=red]
c:

cd\

cd %userprofile%\desktop

dss /config

[/color]
```
A small screen will appear - check ALL boxes.
When dss asks about HiJackThis, allow it to install it.
Let it run - maybe a few minutes - it will appear as if nothing is happening, but it is.

Then a Notepad will appear with the file main.txt - save it as a text file; the file extra.txt will be minimized - save it as a text file.

Gather these 2 files, zip them up and ATTACH them to your next post.

Any ? - please let me know.

Regards. . .

jcgriff2


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

Here are the compressed files you asked for:
View attachment Desktop.rar


As for my firewall stuff, I use Windows Firewall and the one that comes with McAfee Total Protection 2008.


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*

Downloading now....

But I must first attend to my 14 year old who is tourmenting my 7 year old - at 2350 hours here - and will get back to this ASAP!!

JC


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

Haha, not a problem at all, personal stuff comes first.


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*

I see tha you have Windows Firewall enabled... can you go and please reset it to default settings - 

START | type firewall.cpl | click on "Allow a program theough...." on the left side | select Advanced tab | Click on restore to defaults - reboot

JC


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*

Also... any reason that WIndows Defender is disabled?


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*

Sorry for triple post here, but noticed these items in the Even Viewer - 


```
Event Record #/Type45346 / Error
Event Submitted/Written: 07/24/2008 11:31:11 PM
Event ID/Source: 3011 / LoadPerf
Event Description:
WmiApRplWmiApRpl8

Event Record #/Type45345 / Error
Event Submitted/Written: 07/24/2008 11:31:11 PM
Event ID/Source: 3012 / LoadPerf
Event Description:
Performance16
```
Please go into perfmon (START type perfmon into start search box)

Check out what's there.


Also try wercon
Same as above, but type wercon, then check "see problems to check"

Regards. . .

jcgriff2

.


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

Ok, I reset my Windows Firewall to default, and as far as I know, Windows Defender runs at start-up - it's enabled in the Defender options and when I go into msconfig it's enabled there too. Here's a pic of what wercon has to bring to the table: >>CLICKY 4 PICCY<< It seems to be listing programs that were running at the time when my computer froze.

Side note: when going into Reliability and Performance Monitor > Monitoring Tools > Performance Monitor, I get an error message that says "MMC cannot initialize the snap-in."


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*

I asked about Windows Defender because of the following in extra.txt:


```
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) [COLOR=RED]Disabled[/COLOR]
```
JC


----------



## jcgriff2 (Sep 30, 2007)

*Re: BSoD on Idle*

And these errors - unknown to me at this time:


```
-- System Event Log ------------------------------------------------------------

Event Record #/Type133543 / Warning
Event Submitted/Written: 07/24/2008 11:24:29 PM
Event ID/Source: 4227 / Tcpip
Event Description:
TCP/IP failed to establish an outgoing connection because the selected local endpoint
was recently used to connect to the same remote endpoint. This error typically occurs
when outgoing connections are opened and closed at a high rate, causing all available
local ports to be used and forcing TCP/IP to reuse a local port for an outgoing connection.
To minimize the risk of data corruption, the TCP/IP standard requires a minimum time period
to elapse between successive connections from a given local endpoint to a given remote endpoint.

Event Record #/Type133531 / Error
Event Submitted/Written: 07/24/2008 11:24:05 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
ATITool
i8042prt

Event Record #/Type133529 / Error
Event Submitted/Written: 07/24/2008 11:24:05 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
Intel(R) Remoting Service%%2147942405

Event Record #/Type133466 / Error
Event Submitted/Written: 07/24/2008 11:24:05 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
Offline Files%%2147942403

Event Record #/Type133449 / Error
Event Submitted/Written: 07/24/2008 11:23:41 PM
Event ID/Source: 15016 / HTTP
Event Description:
\Device\Http\ReqQueueKerberos
```


----------



## TechNewbie (Oct 10, 2005)

*Re: BSoD on Idle*

I finally got frustrated enough that I called up Gateway, told them all the problems I'd been having, and they sent me a box to ship it to one of their factories to get it repaired. They tore it apart, reformatted the hard drive, reloaded the OS, put it back together and sent it back to me. I wasn't able to confirm the repair at the time (it DID work, though) because when they "repaired" it they broke the power button so I couldn't power the system on, and they also broke off 3 of the 4 screws that hold the video cables in place. So I had to turn around and ship it back to them. I get it back a second time and -hooray- I can power it on. Too bad they never fixed the video card, but at least they threw in a bonus.... they broke the sound card, and now I can't play games (no sound card detected, so I don't meet the system requirements and programs won't even start up) or enjoy anything that requires sound - movies, music, online video or podcasts, etc. I'm scheduled to have their closest parts monkey come out to swap out the sound card and both the video cards, so hopefully that goes better than the factory repair nightmare. But as to my main problem, since I had them wipe and reinstall everything I guess we're gonna have to file it under M for Mystery. Thanks to everyone who tried helping me out, I appreciate the effort.


----------



## jcgriff2 (Sep 30, 2007)

Hi there...

I am glad to hear that your system is "repaired" as you mentioned... looks as if they did a more damage to it. It sure would be nice to know what, if anything they found. But I guess I'll chalk that one up to "trade secrets".

Thank you for sticking this out. I do know how frustrating these issues can be - from both sides of the fence.

One thing that I can now tell you that I have seen repeatedly recently - is that McAfee "total" protection certainly did not help here any. IT is the root cause of several of the errors found in the Event Logs - including the disablement of Windows Explorer and probably caused the mmv snap-in error as well. I would advise that you only use the Windows Firewall in the future.

Please do come back and start a new thread if any other issues surface.

I wish you the best of luck.

Regards. . .

jcgriff2

.


----------

