# Microsoft-Windows-Kernel-Power problem



## lysergic1 (May 28, 2010)

Hello. My pc freezing or restarting few times per day. In event viewer im getting this error:
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
<Provider Name="Microsoft-Windows-Kernel-Power" Guid="{331C3B3A-2005-44C2-AC5E-77220C37D6B4}" /> 
<EventID>41</EventID> 
<Version>2</Version> 
<Level>1</Level> 
<Task>63</Task> 
<Opcode>0</Opcode> 
<Keywords>0x8000000000000002</Keywords> 
<TimeCreated SystemTime="2010-05-28T11:37:10.000416600Z" /> 
<EventRecordID>8256</EventRecordID> 
<Correlation /> 
<Execution ProcessID="4" ThreadID="8" /> 
<Channel>System</Channel> 
<Computer>Visi-PC</Computer> 
<Security UserID="S-1-5-18" /> 
</System>
- <EventData>
<Data Name="BugcheckCode">0</Data> 
<Data Name="BugcheckParameter1">0x0</Data> 
<Data Name="BugcheckParameter2">0x0</Data> 
<Data Name="BugcheckParameter3">0x0</Data> 
<Data Name="BugcheckParameter4">0x0</Data> 
<Data Name="SleepInProgress">false</Data> 
<Data Name="PowerButtonTimestamp">0</Data> 
</EventData>
</Event>

I have attached full report of my pc (it's zipped, because it's bigger than 1.96mb). Pls help someone.


----------



## TorrentG (Apr 17, 2010)

Hello.

Others are probably going to disrespect my advice, but I strongly urge you to uninstall NIS and then install MSE as a replacement.

Please use this tool to uninstall NIS and when it's gone, see the magic back in your pc.

http://www.sevenforums.com/tutorials/78961-av-uninstallers.html

If there has been any bsod (blue screens), please go to C:\Windows\Minidump to copy the files in there to any other location. Then rar or zip them and attach the compressed file to a post.


----------



## usasma (Apr 11, 2009)

Please provide this information: http://www.techsupportforum.com/f217/blue-screen-of-death-bsod-posting-instructions-452654.html


----------



## lysergic1 (May 28, 2010)

usasma said:


> Please provide this information: http://www.techsupportforum.com/f217/blue-screen-of-death-bsod-posting-instructions-452654.html


But i'm getting no bsod's and no dump files. Computer just freezing and sound freez too or just restarting without bsod. Few times i have had bsod and here it is error of it :
- System 

- Provider 

[ Name] Microsoft-Windows-Kernel-Power 
[ Guid] {331C3B3A-2005-44C2-AC5E-77220C37D6B4} 

EventID 41 

Version 2 

Level 1 

Task 63 

Opcode 0 

Keywords 0x8000000000000002 

- TimeCreated 

[ SystemTime] 2010-05-18T18:21:27.460426200Z 

EventRecordID 3747 

Correlation 

- Execution 

[ ProcessID] 4 
[ ThreadID] 8 

Channel System 

Computer Visi-PC 

- Security 

[ UserID] S-1-5-18 


- EventData 

BugcheckCode 36 
BugcheckParameter1 0x1904fb 
BugcheckParameter2 0xfffff8800a115fc8 
BugcheckParameter3 0xfffff8800a115830 
BugcheckParameter4 0xfffff80002aeae7e 
SleepInProgress false 
PowerButtonTimestamp 0 

I have attached minidump of this error.


----------



## lysergic1 (May 28, 2010)

TorrentG said:


> Hello.
> 
> Others are probably going to disrespect my advice, but I strongly urge you to uninstall NIS and then install MSE as a replacement.
> 
> ...


ok, i have installed mse, it looks very primitive, like beta version. Why norton is bad? It can be, that my problem is caused by norton?


----------



## Jonathan_King (Apr 3, 2010)

Norton has caused BSODs before. Installing MSE does nothing for your system, though, unless you uninstall Norton completely.

Please follow these directions for enabling Driver Verifier: http://www.techsupportforum.com/f217/driver-verifier-windows-7-and-vista-bsod-related-473665.html


```
Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\Jonathan\_jcgriff2_\dbug\__Kernel__\051810-27128-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16539.amd64fre.win7_gdr.100226-1909
Machine Name:
Kernel base = 0xfffff800`02a55000 PsLoadedModuleList = 0xfffff800`02c92e50
Debug session time: Tue May 18 14:20:22.781 2010 (GMT-4)
System Uptime: 0 days 0:26:44.654
Loading Kernel Symbols
...............................................................
................................................................
.....................................
Loading User Symbols
Loading unloaded module list
.........
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 24, {1904fb, fffff8800a115fc8, fffff8800a115830, fffff80002aeae7e}

Probably caused by : Ntfs.sys ( Ntfs! ?? ::FNODOBFM::`string'+2cc9 )

Followup: MachineOwner
---------

2: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

NTFS_FILE_SYSTEM (24)
    If you see NtfsExceptionFilter on the stack then the 2nd and 3rd
    parameters are the exception record and context record. Do a .cxr
    on the 3rd parameter and then kb to obtain a more informative stack
    trace.
Arguments:
Arg1: 00000000001904fb
Arg2: fffff8800a115fc8
Arg3: fffff8800a115830
Arg4: fffff80002aeae7e

Debugging Details:
------------------


EXCEPTION_RECORD:  fffff8800a115fc8 -- (.exr 0xfffff8800a115fc8)
Cannot read Exception record @ fffff8800a115fc8

CONTEXT:  fffff8800a115830 -- (.cxr 0xfffff8800a115830)
rax=0000000000000002 rbx=000000000000000b rcx=0000000000000000
rdx=0000000000000001 rsi=fffffa8006f00bb8 rdi=fffff7ffffffffff
rip=fffff80002aeae7e rsp=fffff8800a116200 rbp=fffff8800a116240
 r8=0000000000000000  r9=0000000000000000 r10=0000000000000001
r11=0000000000000000 r12=fffe7a7fffffffd0 r13=0000000000000000
r14=000000000000003f r15=000000000000002d
iopl=0         nv up ei pl zr na po nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010246
nt!MiRemoveAnyPage+0x13e:
fffff800`02aeae7e f0410fba6c241000 lock bts dword ptr [r12+10h],0 ds:002b:fffe7a7f`ffffffe0=????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  msiexec.exe

CURRENT_IRQL:  2

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1:  0000000000000000

EXCEPTION_PARAMETER2:  ffffffffffffffff

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002cfd0e0
 ffffffffffffffff 

FOLLOWUP_IP: 
Ntfs! ?? ::FNODOBFM::`string'+2cc9
fffff880`014583d8 cc              int     3

FAULTING_IP: 
nt!MiRemoveAnyPage+13e
fffff800`02aeae7e f0410fba6c241000 lock bts dword ptr [r12+10h],0

BUGCHECK_STR:  0x24

LAST_CONTROL_TRANSFER:  from 0000000000000000 to fffff80002aeae7e

STACK_TEXT:  
fffff880`0a114fc8 fffff880`014583d8 : 00000000`00000024 00000000`001904fb fffff880`0a115fc8 fffff880`0a115830 : nt!KeBugCheckEx
fffff880`0a114fd0 fffff880`01450951 : fffff880`014841b4 fffff880`0a116880 fffff880`0a116850 fffffa80`07039da0 : Ntfs! ?? ::FNODOBFM::`string'+0x2cc9
fffff880`0a115010 fffff800`02af3bdc : 00000000`00000000 00000000`00000000 fffffa80`07039da0 00000000`00000000 : Ntfs! ?? ::FNODOBFM::`string'+0x1446
fffff880`0a115050 fffff880`01450775 : fffff880`014841bc fffff880`0a116850 fffff880`0a115fc8 fffff880`0a116850 : nt!_C_specific_handler+0x8c
fffff880`0a1150c0 fffff800`02aeb2ed : fffff880`014841a8 00000000`00000000 fffff880`01437000 00000000`00000000 : Ntfs!_GSHandlerCheck_SEH+0x75
fffff880`0a1150f0 fffff800`02af2950 : fffff880`014841a8 fffff880`0a115168 fffff880`0a115fc8 fffff880`01437000 : nt!RtlpExecuteHandlerForException+0xd
fffff880`0a115120 fffff800`02aff8df : fffff880`0a115fc8 fffff880`0a115830 fffff880`00000000 fffff7ff`ffffffff : nt!RtlDispatchException+0x410
fffff880`0a115800 fffff800`02ac4c42 : fffff880`0a115fc8 00000000`0000000b fffff880`0a116070 fffffa80`06f00bb8 : nt!KiDispatchException+0x16f
fffff880`0a115e90 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0xc2


STACK_COMMAND:  kb

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  Ntfs! ?? ::FNODOBFM::`string'+2cc9

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: Ntfs

IMAGE_NAME:  Ntfs.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc14f

FAILURE_BUCKET_ID:  X64_0x24_Ntfs!_??_::FNODOBFM::_string_+2cc9

BUCKET_ID:  X64_0x24_Ntfs!_??_::FNODOBFM::_string_+2cc9

Followup: MachineOwner
---------

2: kd> lmtsmn
start             end                 module name
fffff880`045b9000 fffff880`045f7000   1394ohci 1394ohci.sys Mon Jul 13 20:07:12 2009 (4A5BCC30)
fffff880`01016000 fffff880`0106d000   ACPI     ACPI.sys     Mon Jul 13 19:19:34 2009 (4A5BC106)
fffff880`02e00000 fffff880`02e8a000   afd      afd.sys      Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`042ad000 fffff880`042c3000   AgileVpn AgileVpn.sys Mon Jul 13 20:10:24 2009 (4A5BCCF0)
fffff880`011b6000 fffff880`011c1000   amdxata  amdxata.sys  Tue May 19 13:56:59 2009 (4A12F2EB)
fffff880`04000000 fffff880`04045000   asj7t2wc asj7t2wc.SYS Tue Jul 14 17:12:55 2009 (4A5CF4D7)
fffff880`01183000 fffff880`0118c000   atapi    atapi.sys    Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`0118c000 fffff880`011b6000   ataport  ataport.SYS  Mon Jul 13 19:19:52 2009 (4A5BC118)
fffff880`04a39000 fffff880`050e3000   atikmdag atikmdag.sys Tue Apr 06 21:47:17 2010 (4BBBE425)
fffff880`044f3000 fffff880`04529000   atikmpag atikmpag.sys Tue Apr 06 21:23:30 2010 (4BBBDE92)
fffff880`010d5000 fffff880`010e1000   BATTC    BATTC.SYS    Mon Jul 13 19:31:01 2009 (4A5BC3B5)
fffff880`01bda000 fffff880`01be1000   Beep     Beep.SYS     Mon Jul 13 20:00:13 2009 (4A5BCA8D)
fffff880`04424000 fffff880`044cd000   BHDrvx64 BHDrvx64.sys Fri Apr 23 19:37:13 2010 (4BD22F29)
fffff880`0429c000 fffff880`042ad000   blbdrive blbdrive.sys Mon Jul 13 19:35:59 2009 (4A5BC4DF)
fffff880`063a9000 fffff880`063c7000   bowser   bowser.sys   Mon Jul 13 19:23:50 2009 (4A5BC206)
fffff880`04200000 fffff880`0429c000   ccHPx64  ccHPx64.sys  Fri Feb 05 16:05:45 2010 (4B6C8829)
fffff960`00730000 fffff960`00757000   cdd      cdd.dll      unavailable (00000000)
fffff880`01ba7000 fffff880`01bd1000   cdrom    cdrom.sys    Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`00ceb000 fffff880`00dab000   CI       CI.dll       Mon Jul 13 21:32:13 2009 (4A5BE01D)
fffff880`05326000 fffff880`05338000   circlass circlass.sys Mon Jul 13 20:06:34 2009 (4A5BCC0A)
fffff880`01b41000 fffff880`01b71000   CLASSPNP CLASSPNP.SYS Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`00c8d000 fffff880`00ceb000   CLFS     CLFS.SYS     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`01200000 fffff880`01273000   cng      cng.sys      Mon Jul 13 19:49:40 2009 (4A5BC814)
fffff880`010cc000 fffff880`010d5000   compbatt compbatt.sys Mon Jul 13 19:31:02 2009 (4A5BC3B6)
fffff880`043e5000 fffff880`043f5000   CompositeBus CompositeBus.sys Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`05f92000 fffff880`05fa0000   crashdmp crashdmp.sys Mon Jul 13 20:01:01 2009 (4A5BCABD)
fffff880`042d8000 fffff880`0435b000   csc      csc.sys      Mon Jul 13 19:24:26 2009 (4A5BC22A)
fffff880`0435b000 fffff880`04379000   dfsc     dfsc.sys     Mon Jul 13 19:23:44 2009 (4A5BC200)
fffff880`041de000 fffff880`041ed000   discache discache.sys Mon Jul 13 19:37:18 2009 (4A5BC52E)
fffff880`01b2b000 fffff880`01b41000   disk     disk.sys     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`05ee3000 fffff880`05f05000   drmk     drmk.sys     Mon Jul 13 21:01:25 2009 (4A5BD8E5)
fffff880`05fac000 fffff880`05fb5000   dump_atapi dump_atapi.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`05fa0000 fffff880`05fac000   dump_dumpata dump_dumpata.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`05fb5000 fffff880`05fc8000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
fffff880`05f86000 fffff880`05f92000   Dxapi    Dxapi.sys    Mon Jul 13 19:38:28 2009 (4A5BC574)
fffff880`050e3000 fffff880`051d7000   dxgkrnl  dxgkrnl.sys  Thu Oct 01 21:00:14 2009 (4AC5509E)
fffff880`04529000 fffff880`0456f000   dxgmms1  dxgmms1.sys  Mon Jul 13 19:38:32 2009 (4A5BC578)
fffff880`0456f000 fffff880`045b9000   e1y62x64 e1y62x64.sys Tue Oct 20 17:06:09 2009 (4ADE2641)
fffff880`04143000 fffff880`041b9000   eeCtrl64 eeCtrl64.sys Mon Aug 17 19:05:31 2009 (4A89E23B)
fffff880`083d1000 fffff880`083f1000   ENG64    ENG64.SYS    Wed May 05 01:28:11 2010 (4BE101EB)
fffff880`041b9000 fffff880`041de000   EraserUtilRebootDrv EraserUtilRebootDrv.sys Mon Aug 17 19:05:31 2009 (4A89E23B)
fffff880`0821c000 fffff880`083d1000   EX64     EX64.SYS     Wed May 05 01:35:11 2010 (4BE1038F)
fffff880`07da7000 fffff880`07ddd000   fastfat  fastfat.SYS  Mon Jul 13 19:23:28 2009 (4A5BC1F0)
fffff880`0134a000 fffff880`0135e000   fileinfo fileinfo.sys Mon Jul 13 19:34:25 2009 (4A5BC481)
fffff880`01290000 fffff880`012dc000   fltmgr   fltmgr.sys   Mon Jul 13 19:19:59 2009 (4A5BC11F)
fffff880`01411000 fffff880`0141b000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 19:19:45 2009 (4A5BC111)
fffff880`01af1000 fffff880`01b2b000   fvevol   fvevol.sys   Fri Sep 25 22:34:26 2009 (4ABD7DB2)
fffff880`0179b000 fffff880`017e5000   fwpkclnt fwpkclnt.sys Mon Jul 13 19:21:08 2009 (4A5BC164)
fffff800`02a0c000 fffff800`02a55000   hal      hal.dll      Mon Jul 13 21:27:36 2009 (4A5BDF08)
fffff880`051d7000 fffff880`051fb000   HDAudBus HDAudBus.sys Mon Jul 13 20:06:13 2009 (4A5BCBF5)
fffff880`05e4a000 fffff880`05ea6000   HdAudio  HdAudio.sys  Mon Jul 13 20:06:59 2009 (4A5BCC23)
fffff880`05fd9000 fffff880`05ff2000   HIDCLASS HIDCLASS.SYS Mon Jul 13 20:06:21 2009 (4A5BCBFD)
fffff880`05fc8000 fffff880`05fd9000   hidir    hidir.sys    Mon Jul 13 20:06:23 2009 (4A5BCBFF)
fffff880`05ff2000 fffff880`05ffa080   HIDPARSE HIDPARSE.SYS Mon Jul 13 20:06:17 2009 (4A5BCBF9)
fffff880`0521b000 fffff880`05229000   hidusb   hidusb.sys   Mon Jul 13 20:06:22 2009 (4A5BCBFE)
fffff880`062e1000 fffff880`063a9000   HTTP     HTTP.sys     Mon Jul 13 19:22:16 2009 (4A5BC1A8)
fffff880`01ae8000 fffff880`01af1000   hwpolicy hwpolicy.sys Mon Jul 13 19:19:22 2009 (4A5BC0FA)
fffff880`040cc000 fffff880`04143000   IDSvia64 IDSvia64.sys Tue Oct 27 17:32:54 2009 (4AE76706)
fffff880`043cf000 fffff880`043e5000   intelppm intelppm.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD)
fffff880`00c00000 fffff880`00c27000   Ironx64  Ironx64.SYS  Thu Feb 25 20:34:29 2010 (4B872525)
fffff880`052c3000 fffff880`052d2000   kbdclass kbdclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`05e00000 fffff880`05e0e000   kbdhid   kbdhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff800`00bb6000 fffff800`00bc0000   kdcom    kdcom.dll    Mon Jul 13 21:31:07 2009 (4A5BDFDB)
fffff880`052e3000 fffff880`05326000   ks       ks.sys       Mon Jul 13 20:00:31 2009 (4A5BCA9F)
fffff880`015da000 fffff880`015f4000   ksecdd   ksecdd.sys   Mon Jul 13 19:20:54 2009 (4A5BC156)
fffff880`01770000 fffff880`0179b000   ksecpkg  ksecpkg.sys  Fri Dec 11 01:03:32 2009 (4B21E0B4)
fffff880`05f05000 fffff880`05f0a200   ksthunk  ksthunk.sys  Mon Jul 13 20:00:19 2009 (4A5BCA93)
fffff880`053e7000 fffff880`053fc000   lltdio   lltdio.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`01b71000 fffff880`01b94000   luafv    luafv.sys    Mon Jul 13 19:26:13 2009 (4A5BC295)
fffff880`00c35000 fffff880`00c79000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 21:29:10 2009 (4A5BDF66)
fffff880`05e3a000 fffff880`05e48000   monitor  monitor.sys  Mon Jul 13 19:38:52 2009 (4A5BC58C)
fffff880`052d2000 fffff880`052e1000   mouclass mouclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`05e0e000 fffff880`05e1b000   mouhid   mouhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff880`01169000 fffff880`01183000   mountmgr mountmgr.sys Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`063c7000 fffff880`063df000   mpsdrv   mpsdrv.sys   Mon Jul 13 20:08:25 2009 (4A5BCC79)
fffff880`06200000 fffff880`0622d000   mrxsmb   mrxsmb.sys   Sat Feb 27 02:52:19 2010 (4B88CF33)
fffff880`0622d000 fffff880`0627b000   mrxsmb10 mrxsmb10.sys Sat Feb 27 02:52:28 2010 (4B88CF3C)
fffff880`0627b000 fffff880`0629e000   mrxsmb20 mrxsmb20.sys Sat Feb 27 02:52:26 2010 (4B88CF3A)
fffff880`017f5000 fffff880`01800000   Msfs     Msfs.SYS     Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`0106d000 fffff880`01077000   msisadrv msisadrv.sys Mon Jul 13 19:19:26 2009 (4A5BC0FE)
fffff880`01399000 fffff880`013f7000   msrpc    msrpc.sys    Mon Jul 13 19:21:32 2009 (4A5BC17C)
fffff880`040c1000 fffff880`040cc000   mssmbios mssmbios.sys Mon Jul 13 19:31:10 2009 (4A5BC3BE)
fffff880`01ad6000 fffff880`01ae8000   mup      mup.sys      Mon Jul 13 19:23:45 2009 (4A5BC201)
fffff880`0161e000 fffff880`01710000   ndis     ndis.sys     Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`04a2a000 fffff880`04a36000   ndistapi ndistapi.sys Mon Jul 13 20:10:00 2009 (4A5BCCD8)
fffff880`05233000 fffff880`05262000   ndiswan  ndiswan.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`053a4000 fffff880`053b9000   NDProxy  NDProxy.SYS  Mon Jul 13 20:10:05 2009 (4A5BCCDD)
fffff880`02fcc000 fffff880`02fdb000   netbios  netbios.sys  Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff880`02e8a000 fffff880`02ecf000   netbt    netbt.sys    Mon Jul 13 19:21:28 2009 (4A5BC178)
fffff880`01710000 fffff880`01770000   NETIO    NETIO.SYS    Mon Jul 13 19:21:46 2009 (4A5BC18A)
fffff880`01600000 fffff880`01611000   Npfs     Npfs.SYS     Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`040b5000 fffff880`040c1000   nsiproxy nsiproxy.sys Mon Jul 13 19:21:02 2009 (4A5BC15E)
fffff800`02a55000 fffff800`03031000   nt       ntkrnlmp.exe Sat Feb 27 02:55:23 2010 (4B88CFEB)
fffff880`01437000 fffff880`015da000   Ntfs     Ntfs.sys     Mon Jul 13 19:20:47 2009 (4A5BC14F)
fffff880`01bd1000 fffff880`01bda000   Null     Null.SYS     Mon Jul 13 19:19:37 2009 (4A5BC109)
fffff880`02fa6000 fffff880`02fcc000   pacer    pacer.sys    Mon Jul 13 20:09:41 2009 (4A5BCCC5)
fffff880`010b7000 fffff880`010cc000   partmgr  partmgr.sys  Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`01084000 fffff880`010b7000   pci      pci.sys      Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`01152000 fffff880`01159000   pciide   pciide.sys   Mon Jul 13 19:19:49 2009 (4A5BC115)
fffff880`01159000 fffff880`01169000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`01400000 fffff880`01411000   pcw      pcw.sys      Mon Jul 13 19:19:27 2009 (4A5BC0FF)
fffff880`07600000 fffff880`076a6000   peauth   peauth.sys   Mon Jul 13 21:01:19 2009 (4A5BD8DF)
fffff880`05ea6000 fffff880`05ee3000   portcls  portcls.sys  Mon Jul 13 20:06:27 2009 (4A5BCC03)
fffff880`00c79000 fffff880`00c8d000   PSHED    PSHED.dll    Mon Jul 13 21:32:23 2009 (4A5BE027)
fffff880`00dda000 fffff880`00dfe000   rasl2tp  rasl2tp.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`05262000 fffff880`0527d000   raspppoe raspppoe.sys Mon Jul 13 20:10:17 2009 (4A5BCCE9)
fffff880`0527d000 fffff880`0529e000   raspptp  raspptp.sys  Mon Jul 13 20:10:18 2009 (4A5BCCEA)
fffff880`0529e000 fffff880`052b8000   rassstp  rassstp.sys  Mon Jul 13 20:10:25 2009 (4A5BCCF1)
fffff880`04064000 fffff880`040b5000   rdbss    rdbss.sys    Mon Jul 13 19:24:09 2009 (4A5BC219)
fffff880`052b8000 fffff880`052c3000   rdpbus   rdpbus.sys   Mon Jul 13 20:17:46 2009 (4A5BCEAA)
fffff880`01a35000 fffff880`01a3e000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`01a3e000 fffff880`01a47000   rdpencdd rdpencdd.sys Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`01bef000 fffff880`01bf8000   rdprefmp rdprefmp.sys Mon Jul 13 20:16:35 2009 (4A5BCE63)
fffff880`01a9c000 fffff880`01ad6000   rdyboost rdyboost.sys Mon Jul 13 19:34:34 2009 (4A5BC48A)
fffff880`04045000 fffff880`0405d000   rspndr   rspndr.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`00dab000 fffff880`00dda000   SCSIPORT SCSIPORT.SYS Mon Jul 13 20:01:04 2009 (4A5BCAC0)
fffff880`076a6000 fffff880`076b1000   secdrv   secdrv.SYS   Wed Sep 13 09:18:38 2006 (4508052E)
fffff880`04a1e000 fffff880`04a2a000   serenum  serenum.sys  Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`02fdb000 fffff880`02ff8000   serial   serial.sys   Mon Jul 13 20:00:40 2009 (4A5BCAA8)
fffff880`01a94000 fffff880`01a9c000   spldr    spldr.sys    Mon May 11 12:56:27 2009 (4A0858BB)
fffff880`00ecb000 fffff880`00ff1000   sptd     sptd.sys     Sun Oct 11 16:55:14 2009 (4AD24632)
fffff880`07cf0000 fffff880`07d76000   SRTSP64  SRTSP64.SYS  Wed Feb 24 18:59:29 2010 (4B85BD61)
fffff880`01273000 fffff880`01287000   SRTSPX64 SRTSPX64.SYS Wed Feb 24 18:59:48 2010 (4B85BD74)
fffff880`07c58000 fffff880`07cf0000   srv      srv.sys      Tue Dec 08 03:32:55 2009 (4B1E0F37)
fffff880`07761000 fffff880`077ca000   srv2     srv2.sys     Mon Jul 13 19:25:02 2009 (4A5BC24E)
fffff880`076b1000 fffff880`076de000   srvnet   srvnet.sys   Tue Dec 08 03:32:26 2009 (4B1E0F1A)
fffff880`05f0b000 fffff880`05f86000   stwrt64  stwrt64.sys  Sun Oct 11 21:38:26 2009 (4AD28892)
fffff880`052e1000 fffff880`052e2480   swenum   swenum.sys   Mon Jul 13 20:00:18 2009 (4A5BCA92)
fffff880`012dc000 fffff880`0134a000   SYMDS64  SYMDS64.SYS  Mon Aug 17 19:35:30 2009 (4A89E942)
fffff880`0135e000 fffff880`01399000   SYMEFA64 SYMEFA64.SYS Mon Nov 23 20:35:40 2009 (4B0B386C)
fffff880`02f70000 fffff880`02fa6000   SYMEVENT64x86 SYMEVENT64x86.SYS Thu Aug 13 18:28:21 2009 (4A849385)
fffff880`02efa000 fffff880`02f70000   SYMTDIV  SYMTDIV.SYS  Thu Nov 19 21:21:24 2009 (4B05FD24)
fffff880`01802000 fffff880`019ff000   tcpip    tcpip.sys    Mon Jul 13 19:25:34 2009 (4A5BC26E)
fffff880`0774f000 fffff880`07761000   tcpipreg tcpipreg.sys Mon Jul 13 20:09:49 2009 (4A5BCCCD)
fffff880`01611000 fffff880`0161e000   TDI      TDI.SYS      Mon Jul 13 19:21:18 2009 (4A5BC16E)
fffff880`011c1000 fffff880`011df000   tdx      tdx.sys      Mon Jul 13 19:21:15 2009 (4A5BC16B)
fffff880`0141b000 fffff880`0142f000   termdd   termdd.sys   Mon Jul 13 20:16:36 2009 (4A5BCE64)
fffff960`004f0000 fffff960`004fa000   TSDDD    TSDDD.dll    Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`044cd000 fffff880`044f3000   tunnel   tunnel.sys   Mon Jul 13 20:09:37 2009 (4A5BCCC1)
fffff880`07c00000 fffff880`07c54000   udfs     udfs.sys     Mon Jul 13 19:23:37 2009 (4A5BC1F9)
fffff880`05338000 fffff880`0534a000   umbus    umbus.sys    Mon Jul 13 20:06:56 2009 (4A5BCC20)
fffff880`05200000 fffff880`0521ac00   usbaudio usbaudio.sys Mon Jul 13 20:06:31 2009 (4A5BCC07)
fffff880`05e1b000 fffff880`05e38000   usbccgp  usbccgp.sys  Mon Jul 13 20:06:45 2009 (4A5BCC15)
fffff880`05e38000 fffff880`05e39f00   USBD     USBD.SYS     Mon Jul 13 20:06:23 2009 (4A5BCBFF)
fffff880`04a0d000 fffff880`04a1e000   usbehci  usbehci.sys  Mon Jul 13 20:06:30 2009 (4A5BCC06)
fffff880`0534a000 fffff880`053a4000   usbhub   usbhub.sys   Mon Jul 13 20:07:09 2009 (4A5BCC2D)
fffff880`04379000 fffff880`043cf000   USBPORT  USBPORT.SYS  Mon Jul 13 20:06:31 2009 (4A5BCC07)
fffff880`04a00000 fffff880`04a0d000   usbuhci  usbuhci.sys  Mon Jul 13 20:06:27 2009 (4A5BCC03)
fffff880`053b9000 fffff880`053e6100   usbvideo usbvideo.sys Mon Jul 13 20:07:00 2009 (4A5BCC24)
fffff880`01077000 fffff880`01084000   vdrvroot vdrvroot.sys Mon Jul 13 20:01:31 2009 (4A5BCADB)
fffff880`01be1000 fffff880`01bef000   vga      vga.sys      Mon Jul 13 19:38:47 2009 (4A5BC587)
fffff880`01a00000 fffff880`01a25000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:38:51 2009 (4A5BC58B)
fffff880`017e5000 fffff880`017f5000   vmstorfl vmstorfl.sys Mon Jul 13 19:42:54 2009 (4A5BC67E)
fffff880`010e1000 fffff880`010f6000   volmgr   volmgr.sys   Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`010f6000 fffff880`01152000   volmgrx  volmgrx.sys  Mon Jul 13 19:20:33 2009 (4A5BC141)
fffff880`01a48000 fffff880`01a94000   volsnap  volsnap.sys  Mon Jul 13 19:20:08 2009 (4A5BC128)
fffff880`02ed8000 fffff880`02ef3000   wanarp   wanarp.sys   Mon Jul 13 20:10:21 2009 (4A5BCCED)
fffff880`01a25000 fffff880`01a35000   watchdog watchdog.sys Mon Jul 13 19:37:35 2009 (4A5BC53F)
fffff880`04400000 fffff880`04415000   wbondir  wbondir.sys  Tue Mar 20 10:03:57 2007 (45FFE9CD)
fffff880`00e18000 fffff880`00ebc000   Wdf01000 Wdf01000.sys Mon Jul 13 19:22:07 2009 (4A5BC19F)
fffff880`00ebc000 fffff880`00ecb000   WDFLDR   WDFLDR.SYS   Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`02ecf000 fffff880`02ed8000   wfplwf   wfplwf.sys   Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff960`00080000 fffff960`0038f000   win32k   win32k.sys   Mon Jul 13 19:40:16 2009 (4A5BC5E0)
fffff880`00ff1000 fffff880`00ffa000   WMILIB   WMILIB.SYS   Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`011df000 fffff880`01200000   WudfPf   WudfPf.sys   Mon Jul 13 20:05:37 2009 (4A5BCBD1)

Unloaded modules:
fffff880`07c00000 fffff880`07c31000   WUDFRd.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffff880`08200000 fffff880`0821b000   USBSTOR.SYS
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffff880`07d76000 fffff880`07da7000   WUDFRd.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffff880`08200000 fffff880`08211000   WinUsb.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffff880`076de000 fffff880`0774f000   spsys.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffff880`01b71000 fffff880`01b7f000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffff880`01b7f000 fffff880`01b8b000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffff880`01b8b000 fffff880`01b94000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffff880`01b94000 fffff880`01ba7000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
```


----------



## usasma (Apr 11, 2009)

If Driver Verifier doesn't point to a specific driver, then please try these free tests for your hard drive:

http://www.carrona.org/hddiag.html (read the details at the link)



> *CHKDSK /R /F:*
> Run CHKDSK /R /F from an elevated (Run as adminstrator) Command Prompt. Please do this for each hard drive on your system.
> When it tells you it can't do it right now - and asks you if you'd like to do it at the next reboot - answer Y (for Yes) and press Enter. Then reboot and let the test run. It may take a while for it to run, but keep an occasional eye on it to see if it generates any errors. See "CHKDSK LogFile" below in order to check the results of the test.
> 
> ...


The reason for these tests is that the error you got was in NTFS.sys - that's the file system driver on your hard drive. Since it's associated with your hard drive, these tests will tell you if 1) the hard drive is physically OK, and 2) if the file system on the hard drive is OK.


----------



## lysergic1 (May 28, 2010)

usasma said:


> If Driver Verifier doesn't point to a specific driver, then please try these free tests for your hard drive:
> 
> http://www.carrona.org/hddiag.html (read the details at the link)
> 
> ...


I have checked c disc and it seems like its all fine:

- System 

- Provider 

[ Name] Microsoft-Windows-Wininit 
[ Guid] {206f6dea-d3c5-4d10-bc72-989f03c8b84b} 
[ EventSourceName] Wininit 

- EventID 1001 

[ Qualifiers] 16384 

Version 0 

Level 4 

Task 0 

Opcode 0 

Keywords 0x80000000000000 

- TimeCreated 

[ SystemTime] 2010-05-29T15:32:10.000000000Z 

EventRecordID 2138 

Correlation 

- Execution 

[ ProcessID] 0 
[ ThreadID] 0 

Channel Application 

Computer Visi-PC 

Security 


- EventData 

Checking file system on C: The type of the file system is NTFS. A disk check has been scheduled. Windows will now check the disk. CHKDSK is verifying files (stage 1 of 5)... 89344 file records processed. File verification completed. 55 large file records processed. 0 bad file records processed. 2 EA records processed. 44 reparse records processed. CHKDSK is verifying indexes (stage 2 of 5)... 123206 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 5)... 89344 file SDs/SIDs processed. Cleaning up 259 unused index entries from index $SII of file 0x9. Cleaning up 259 unused index entries from index $SDH of file 0x9. Cleaning up 259 unused security descriptors. Security descriptor verification completed. 16932 data files processed. CHKDSK is verifying Usn Journal... 35916616 USN bytes processed. Usn Journal verification completed. CHKDSK is verifying file data (stage 4 of 5)... 89328 files processed. File data verification completed. CHKDSK is verifying free space (stage 5 of 5)... 64671190 free clusters processed. Free space verification is complete. Windows has checked the file system and found no problems. 338738175 KB total disk space. 79805076 KB in 71208 files. 47368 KB in 16933 indexes. 0 KB in bad sectors. 200967 KB in use by the system. 65536 KB occupied by the log file. 258684764 KB available on disk. 4096 bytes in each allocation unit. 84684543 total allocation units on disk. 64671191 allocation units available on disk. Internal Info: 00 5d 01 00 58 58 01 00 15 99 02 00 00 00 00 00 .]..XX.......... 50 01 00 00 2c 00 00 00 00 00 00 00 00 00 00 00 P...,........... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Windows has finished checking your disk. Please wait while your computer restarts.


----------



## usasma (Apr 11, 2009)

That's a good sign (there were no problems discovered).
Now it's time to wait for the Driver Verifier to generate a BSOD.


----------



## lysergic1 (May 28, 2010)

usasma said:


> That's a good sign (there were no problems discovered).
> Now it's time to wait for the Driver Verifier to generate a BSOD.


Thanx a lot. You solved my problem. I have no chrashes since i enabled driver verifier.


----------



## usasma (Apr 11, 2009)

Not good. Driver Verifier is supposed to cause a BSOD crash (because it stresses the drivers).
If it's still on, turn it off.
Don't be surprised if you have a BSOD crash soon afterwards (it happens this way sometimes).


----------

