System_Service_exception BSOD HELP!!

[joejones789]

Hi there,

I am new to this forum and would love it if i could have some help ASAP

I have been getting this blue screen many times after just building my first PC and i really dont know what to do.

I have attatched my dump files cos, from reading the forums, that will help
Also i've done the process of running both microsofts memory checker, startup repair and memtest program (not microsoft) Also i have run the system checker and received no errors....

Really dont know what to do!

Cheers

Joe

 

[cybercore]

Hi,




1. Update Realtek LAN driver:
Rt64win7.sys Thu Aug 20 12:05:06 2009
http://www.realtek.com.tw/downloads...n=4&DownTypeID=3&GetDown=false&Downloads=true




2. Then, if crashes persist, uninstall AVG and replace that with MSE:
http://www.microsoft.com/security_essentials/








Enjoy.




CRASH DUMPS

Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [F:\DMP\031611-23281-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0xfffff800`02c18000 PsLoadedModuleList = 0xfffff800`02e55e50
Debug session time: Wed Mar 16 08:44:23.112 2011 (UTC - 4:00)
System Uptime: 0 days 0:01:10.299
Loading Kernel Symbols
...............................................................
................................................................
..................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 3B, {c0000005, fffff80002f7f570, fffff88007ca8e70, 0}

Probably caused by : ntkrnlmp.exe ( nt!ObpCreateHandle+300 )

Followup: MachineOwner
---------

2: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff80002f7f570, Address of the instruction which caused the bugcheck
Arg3: fffff88007ca8e70, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
nt!ObpCreateHandle+300
fffff800`02f7f570 418b442408      mov     eax,dword ptr [r12+8]

CONTEXT:  fffff88007ca8e70 -- (.cxr 0xfffff88007ca8e70)
rax=0000000000000400 rbx=0000000000000000 rcx=fffffa80057b8060
rdx=00000000001f0003 rsi=fffffa80057b8060 rdi=fffff8a00355aed0
rip=fffff80002f7f570 rsp=fffff88007ca9850 rbp=00000000000008a8
 r8=00000000000008a8  r9=0000000000000098 r10=0000000000000000
r11=fffffa80050cc520 r12=0000000000000000 r13=0000000000000000
r14=fffffa80050cc540 r15=0000000000000001
iopl=0         nv up ei pl nz na pe nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010202
nt!ObpCreateHandle+0x300:
fffff800`02f7f570 418b442408      mov     eax,dword ptr [r12+8] ds:002b:00000000`00000008=????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x3B

PROCESS_NAME:  avgcsrva.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from 0000000000000000 to fffff80002f7f570

STACK_TEXT:  
fffff880`07ca9850 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!ObpCreateHandle+0x300


FOLLOWUP_IP: 
nt!ObpCreateHandle+300
fffff800`02f7f570 418b442408      mov     eax,dword ptr [r12+8]

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!ObpCreateHandle+300

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc600

STACK_COMMAND:  .cxr 0xfffff88007ca8e70 ; kb

FAILURE_BUCKET_ID:  X64_0x3B_nt!ObpCreateHandle+300

BUCKET_ID:  X64_0x3B_nt!ObpCreateHandle+300

Followup: MachineOwner
---------






















Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [F:\DMP\031711-21671-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0xfffff800`02c19000 PsLoadedModuleList = 0xfffff800`02e56e50
Debug session time: Thu Mar 17 08:03:55.625 2011 (UTC - 4:00)
System Uptime: 0 days 0:00:24.875
Loading Kernel Symbols
...............................................................
...............................................................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1E, {ffffffffc0000005, fffff80002f66606, 0, ffffffffffffffff}

Probably caused by : ntkrnlmp.exe ( nt!CmpAllocateKeyControlBlock+72 )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff80002f66606, The address that the exception occurred at
Arg3: 0000000000000000, Parameter 0 of the exception
Arg4: ffffffffffffffff, Parameter 1 of the exception

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
nt!CmpAllocateKeyControlBlock+72
fffff800`02f66606 48895808        mov     qword ptr [rax+8],rbx

EXCEPTION_PARAMETER1:  0000000000000000

EXCEPTION_PARAMETER2:  ffffffffffffffff

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002ec10e0
 ffffffffffffffff 

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

BUGCHECK_STR:  0x1E_c0000005

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  svchost.exe

CURRENT_IRQL:  0

EXCEPTION_RECORD:  fffff880027f2da8 -- (.exr 0xfffff880027f2da8)
ExceptionAddress: fffff80002f66606 (nt!CmpAllocateKeyControlBlock+0x0000000000000072)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: ffffffffffffffff
Attempt to read from address ffffffffffffffff

TRAP_FRAME:  fffff880027f2e50 -- (.trap 0xfffff880027f2e50)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=02d0fffff8a00008 rbx=0000000000000000 rcx=fffff8a000084e62
rdx=fffff98000020654 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80002f66606 rsp=fffff880027f2fe0 rbp=000000000099e498
 r8=000000000000000d  r9=000000000000007d r10=fffff8a001095ff0
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz na po nc
nt!CmpAllocateKeyControlBlock+0x72:
fffff800`02f66606 48895808        mov     qword ptr [rax+8],rbx ds:deb8:02d0ffff`f8a00010=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff80002cc3a39 to fffff80002c89740

STACK_TEXT:  
fffff880`027f25d8 fffff800`02cc3a39 : 00000000`0000001e ffffffff`c0000005 fffff800`02f66606 00000000`00000000 : nt!KeBugCheckEx
fffff880`027f25e0 fffff800`02c88d82 : fffff880`027f2da8 fffff800`02e8f040 fffff880`027f2e50 fffff8a0`00023380 : nt!KiDispatchException+0x1b9
fffff880`027f2c70 fffff800`02c8768a : 00000000`00000000 00000000`00000801 00000000`00000000 fffff800`00000000 : nt!KiExceptionDispatch+0xc2
fffff880`027f2e50 fffff800`02f66606 : fffff880`027f3078 fffffa80`03ad694c 00000000`00000000 00000000`00000000 : nt!KiGeneralProtectionFault+0x10a
fffff880`027f2fe0 fffff800`02f66167 : 00000000`00000000 00000000`7101aef6 fffff8a0`01096520 fffff8a0`03c5deb8 : nt!CmpAllocateKeyControlBlock+0x72
fffff880`027f3010 fffff800`02f64ea7 : fffff8a0`00023380 00000000`0099e498 fffff8a0`0361749c fffff8a0`00fb0de8 : nt!CmpCreateKeyControlBlock+0xe8
fffff880`027f30b0 fffff800`02f60e85 : fffff8a0`00000000 fffff8a0`0099e498 fffff8a0`00023380 fffffa80`06258010 : nt!CmpDoOpen+0x387
fffff880`027f3170 fffff800`02f80b84 : fffff800`02f609b0 00000000`00000001 fffffa80`06258010 00000000`00000700 : nt!CmpParseKey+0x4d5
fffff880`027f3440 fffff800`02f85b4d : fffffa80`06258010 fffff880`027f35a0 00000000`00000240 fffffa80`03ad6900 : nt!ObpLookupObjectName+0x585
fffff880`027f3540 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!ObOpenObjectByName+0x1cd


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!CmpAllocateKeyControlBlock+72
fffff800`02f66606 48895808        mov     qword ptr [rax+8],rbx

SYMBOL_STACK_INDEX:  4

SYMBOL_NAME:  nt!CmpAllocateKeyControlBlock+72

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4cc791bd

FAILURE_BUCKET_ID:  X64_0x1E_c0000005_nt!CmpAllocateKeyControlBlock+72

BUCKET_ID:  X64_0x1E_c0000005_nt!CmpAllocateKeyControlBlock+72

Followup: MachineOwner
---------






















Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [F:\DMP\031711-24546-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0xfffff800`02c11000 PsLoadedModuleList = 0xfffff800`02e4ee50
Debug session time: Thu Mar 17 08:05:29.548 2011 (UTC - 4:00)
System Uptime: 0 days 0:00:47.783
Loading Kernel Symbols
...............................................................
................................................................
..................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000007E, {ffffffffc0000094, fffff80002f72238, fffff880031c49f8, fffff880031c4260}

Probably caused by : ntkrnlmp.exe ( nt!CmpDereferenceKeyControlBlock+5c )

Followup: MachineOwner
---------

2: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003.  This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG.  This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG.  This will let us see why this breakpoint is
happening.
Arguments:
Arg1: ffffffffc0000094, The exception code that was not handled
Arg2: fffff80002f72238, The address that the exception occurred at
Arg3: fffff880031c49f8, Exception Record Address
Arg4: fffff880031c4260, Context Record Address

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000094 - {EXCEPTION}  Integer division by zero.

FAULTING_IP: 
nt!CmpDereferenceKeyControlBlock+5c
fffff800`02f72238 f7b618060000    div     eax,dword ptr [rsi+618h]

EXCEPTION_RECORD:  fffff880031c49f8 -- (.exr 0xfffff880031c49f8)
ExceptionAddress: fffff80002f72238 (nt!CmpDereferenceKeyControlBlock+0x000000000000005c)
   ExceptionCode: c0000094 (Integer divide-by-zero)
  ExceptionFlags: 00000000
NumberParameters: 0

CONTEXT:  fffff880031c4260 -- (.cxr 0xfffff880031c4260)
rax=000000000d9a17f2 rbx=0000000000000000 rcx=000000003b9aca07
rdx=0000000000000000 rsi=fffff8a00095bac0 rdi=fffff8a0020366f8
rip=fffff80002f72238 rsp=fffff880031c4c30 rbp=0000000000000001
 r8=fffff8a003222010  r9=000000000c281d56 r10=fffff8a001d22cc0
r11=fffffa8003abf680 r12=000000004934e1f9 r13=0000000000000001
r14=0000000000000000 r15=0000000000000001
iopl=0         nv up ei pl nz na pe nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010202
nt!CmpDereferenceKeyControlBlock+0x5c:
fffff800`02f72238 f7b618060000    div     eax,dword ptr [rsi+618h] ds:002b:fffff8a0`0095c0d8=????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x7E

PROCESS_NAME:  System

CURRENT_IRQL:  0

ERROR_CODE: (NTSTATUS) 0xc0000094 - {EXCEPTION}  Integer division by zero.

LAST_CONTROL_TRANSFER:  from fffff80002f726c0 to fffff80002f72238

STACK_TEXT:  
fffff880`031c4c30 fffff800`02f726c0 : 00000000`00000000 00000000`00000001 fffff8a0`0095bac0 fffffa80`03abf680 : nt!CmpDereferenceKeyControlBlock+0x5c
fffff880`031c4c80 fffff800`02c8e961 : fffff800`02f725d8 fffff800`02e265f8 fffffa80`03abf680 00000000`00000000 : nt!CmpDelayDerefKCBWorker+0xe8
fffff880`031c4cb0 fffff800`02f247c6 : fffff6fd`40006f88 fffffa80`03abf680 00000000`00000080 fffffa80`03a30890 : nt!ExpWorkerThread+0x111
fffff880`031c4d40 fffff800`02c5fc26 : fffff880`02f64180 fffffa80`03abf680 fffff880`02f6efc0 00000000`00000001 : nt!PspSystemThreadStartup+0x5a
fffff880`031c4d80 00000000`00000000 : fffff880`031c5000 fffff880`031bf000 fffff880`031c49f0 00000000`00000000 : nt!KxStartSystemThread+0x16


FOLLOWUP_IP: 
nt!CmpDereferenceKeyControlBlock+5c
fffff800`02f72238 f7b618060000    div     eax,dword ptr [rsi+618h]

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!CmpDereferenceKeyControlBlock+5c

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4cc791bd

STACK_COMMAND:  .cxr 0xfffff880031c4260 ; kb

FAILURE_BUCKET_ID:  X64_0x7E_nt!CmpDereferenceKeyControlBlock+5c

BUCKET_ID:  X64_0x7E_nt!CmpDereferenceKeyControlBlock+5c

Followup: MachineOwner
---------

DRIVERS

start             end                 module name
fffff880`00ee1000 fffff880`00f38000   ACPI     ACPI.sys     Mon Jul 13 19:19:34 2009 (4A5BC106)
fffff880`02c75000 fffff880`02cff000   afd      afd.sys      Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`10b8b000 fffff880`10ba1000   AgileVpn AgileVpn.sys Mon Jul 13 20:10:24 2009 (4A5BCCF0)
fffff880`00fef000 fffff880`00ffa000   amdxata  amdxata.sys  Tue May 19 13:56:59 2009 (4A12F2EB)
fffff880`00fe6000 fffff880`00fef000   atapi    atapi.sys    Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00e00000 fffff880`00e2a000   ataport  ataport.SYS  Mon Jul 13 19:19:52 2009 (4A5BC118)
fffff880`01958000 fffff880`01963000   avgfwd6a avgfwd6a.sys Tue Oct 06 18:04:57 2009 (4ACBBF09)
fffff880`03918000 fffff880`03945000   AVGIDSDriver AVGIDSDriver.sys Tue May 11 20:49:44 2010 (4BE9FB28)
fffff880`0390c000 fffff880`03918000   AVGIDSFilter AVGIDSFilter.sys Tue May 11 20:48:52 2010 (4BE9FAF4)
fffff880`01864000 fffff880`0186e000   AVGIDSwa AVGIDSwa.sys Tue May 11 20:50:03 2010 (4BE9FB3B)
fffff880`04093000 fffff880`040da000   avgldx64 avgldx64.sys Thu Jun 03 17:06:48 2010 (4C081968)
fffff880`019df000 fffff880`019e6080   avgmfx64 avgmfx64.sys Sun Apr 25 17:06:15 2010 (4BD4AEC7)
fffff880`01857000 fffff880`018630c0   avgrkx64 avgrkx64.sys Wed Feb 10 22:52:44 2010 (4B737F0C)
fffff880`0198e000 fffff880`019df000   avgtdia  avgtdia.sys  Thu Jun 03 17:09:57 2010 (4C081A25)
fffff880`018d7000 fffff880`018de000   Beep     Beep.SYS     Mon Jul 13 20:00:13 2009 (4A5BCA8D)
fffff880`02c1e000 fffff880`02c2f000   blbdrive blbdrive.sys Mon Jul 13 19:35:59 2009 (4A5BC4DF)
fffff880`038c8000 fffff880`038e6000   bowser   bowser.sys   Mon Jul 13 19:23:50 2009 (4A5BC206)
fffff960`00790000 fffff960`007b7000   cdd      cdd.dll      unavailable (00000000)
fffff880`053e0000 fffff880`053fd000   cdfs     cdfs.sys     Mon Jul 13 19:19:46 2009 (4A5BC112)
fffff880`018a4000 fffff880`018ce000   cdrom    cdrom.sys    Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`00d1b000 fffff880`00ddb000   CI       CI.dll       Mon Jul 13 21:32:13 2009 (4A5BE01D)
fffff880`01827000 fffff880`01857000   CLASSPNP CLASSPNP.SYS Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`00cbd000 fffff880`00d1b000   CLFS     CLFS.SYS     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`010cc000 fffff880`0113f000   cng      cng.sys      Mon Jul 13 19:49:40 2009 (4A5BC814)
fffff880`10b7b000 fffff880`10b8b000   CompositeBus CompositeBus.sys Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`05200000 fffff880`0520e000   crashdmp crashdmp.sys Mon Jul 13 20:01:01 2009 (4A5BCABD)
fffff880`02c00000 fffff880`02c1e000   dfsc     dfsc.sys     Mon Jul 13 19:23:44 2009 (4A5BC200)
fffff880`02df1000 fffff880`02e00000   discache discache.sys Mon Jul 13 19:37:18 2009 (4A5BC52E)
fffff880`0121b000 fffff880`01231000   disk     disk.sys     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`041d6000 fffff880`041f8000   drmk     drmk.sys     Mon Jul 13 21:01:25 2009 (4A5BD8E5)
fffff880`0400c000 fffff880`04015000   dump_atapi dump_atapi.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`04000000 fffff880`0400c000   dump_dumpata dump_dumpata.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`04015000 fffff880`04028000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
fffff880`053d4000 fffff880`053e0000   Dxapi    Dxapi.sys    Mon Jul 13 19:38:28 2009 (4A5BC574)
fffff880`042de000 fffff880`043d2000   dxgkrnl  dxgkrnl.sys  Tue Jan 25 23:22:56 2011 (4D3FA1A0)
fffff880`04200000 fffff880`04246000   dxgmms1  dxgmms1.sys  Tue Jan 25 23:22:12 2011 (4D3FA174)
fffff880`0105a000 fffff880`0106e000   fileinfo fileinfo.sys Mon Jul 13 19:34:25 2009 (4A5BC481)
fffff880`0100e000 fffff880`0105a000   fltmgr   fltmgr.sys   Mon Jul 13 19:19:59 2009 (4A5BC11F)
fffff880`01211000 fffff880`0121b000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 19:19:45 2009 (4A5BC111)
fffff880`011c5000 fffff880`011ff000   fvevol   fvevol.sys   Fri Sep 25 22:34:26 2009 (4ABD7DB2)
fffff880`01400000 fffff880`0144a000   fwpkclnt fwpkclnt.sys Mon Jul 13 19:21:08 2009 (4A5BC164)
fffff800`031ee000 fffff800`03237000   hal      hal.dll      Mon Jul 13 21:27:36 2009 (4A5BDF08)
fffff880`04246000 fffff880`0426a000   HDAudBus HDAudBus.sys Mon Jul 13 20:06:13 2009 (4A5BCBF5)
fffff880`019e7000 fffff880`01a00000   HIDCLASS HIDCLASS.SYS Mon Jul 13 20:06:21 2009 (4A5BCBFD)
fffff880`0407c000 fffff880`04084080   HIDPARSE HIDPARSE.SYS Mon Jul 13 20:06:17 2009 (4A5BCBF9)
fffff880`0406e000 fffff880`0407c000   hidusb   hidusb.sys   Mon Jul 13 20:06:22 2009 (4A5BCBFE)
fffff880`03800000 fffff880`038c8000   HTTP     HTTP.sys     Mon Jul 13 19:22:16 2009 (4A5BC1A8)
fffff880`015e4000 fffff880`015ed000   hwpolicy hwpolicy.sys Mon Jul 13 19:19:22 2009 (4A5BC0FA)
fffff880`04100000 fffff880`04116000   intelppm intelppm.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD)
fffff880`0fe56000 fffff880`0fe65000   kbdclass kbdclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`04085000 fffff880`04093000   kbdhid   kbdhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff800`00bcd000 fffff800`00bd7000   kdcom    kdcom.dll    Mon Jul 13 21:31:07 2009 (4A5BDFDB)
fffff880`0fe74000 fffff880`0feb7000   ks       ks.sys       Wed Mar 03 23:32:25 2010 (4B8F37D9)
fffff880`013dc000 fffff880`013f6000   ksecdd   ksecdd.sys   Mon Jul 13 19:20:54 2009 (4A5BC156)
fffff880`015b9000 fffff880`015e4000   ksecpkg  ksecpkg.sys  Fri Dec 11 01:03:32 2009 (4B21E0B4)
fffff880`10bf4000 fffff880`10bf9200   ksthunk  ksthunk.sys  Mon Jul 13 20:00:19 2009 (4A5BCA93)
fffff880`0180d000 fffff880`01822000   lltdio   lltdio.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`0186e000 fffff880`01891000   luafv    luafv.sys    Mon Jul 13 19:26:13 2009 (4A5BC295)
fffff880`00c65000 fffff880`00ca9000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 21:29:10 2009 (4A5BDF66)
fffff880`04028000 fffff880`04036000   monitor  monitor.sys  Mon Jul 13 19:38:52 2009 (4A5BC58C)
fffff880`0fe65000 fffff880`0fe74000   mouclass mouclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`01800000 fffff880`0180d000   mouhid   mouhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff880`00fcc000 fffff880`00fe6000   mountmgr mountmgr.sys Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`03945000 fffff880`0395d000   mpsdrv   mpsdrv.sys   Mon Jul 13 20:08:25 2009 (4A5BCC79)
fffff880`0395d000 fffff880`0398a000   mrxsmb   mrxsmb.sys   Sat Feb 27 02:52:19 2010 (4B88CF33)
fffff880`0398a000 fffff880`039d8000   mrxsmb10 mrxsmb10.sys Sat Feb 27 02:52:28 2010 (4B88CF3C)
fffff880`039d8000 fffff880`039fb000   mrxsmb20 mrxsmb20.sys Sat Feb 27 02:52:26 2010 (4B88CF3A)
fffff880`0193c000 fffff880`01947000   Msfs     Msfs.SYS     Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00f41000 fffff880`00f4b000   msisadrv msisadrv.sys Mon Jul 13 19:19:26 2009 (4A5BC0FE)
fffff880`0106e000 fffff880`010cc000   msrpc    msrpc.sys    Mon Jul 13 19:21:32 2009 (4A5BC17C)
fffff880`02de6000 fffff880`02df1000   mssmbios mssmbios.sys Mon Jul 13 19:31:10 2009 (4A5BC3BE)
fffff880`01452000 fffff880`01464000   mup      mup.sys      Mon Jul 13 19:23:45 2009 (4A5BC201)
fffff880`01467000 fffff880`01559000   ndis     ndis.sys     Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`042d1000 fffff880`042dd000   ndistapi ndistapi.sys Mon Jul 13 20:10:00 2009 (4A5BCCD8)
fffff880`10bc5000 fffff880`10bf4000   ndiswan  ndiswan.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`0fec9000 fffff880`0fede000   NDProxy  NDProxy.SYS  Mon Jul 13 20:10:05 2009 (4A5BCCDD)
fffff880`02d2e000 fffff880`02d3d000   netbios  netbios.sys  Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff880`02c30000 fffff880`02c75000   netbt    netbt.sys    Mon Jul 13 19:21:28 2009 (4A5BC178)
fffff880`01559000 fffff880`015b9000   NETIO    NETIO.SYS    Mon Jul 13 19:21:46 2009 (4A5BC18A)
fffff880`01947000 fffff880`01958000   Npfs     Npfs.SYS     Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`02dda000 fffff880`02de6000   nsiproxy nsiproxy.sys Mon Jul 13 19:21:02 2009 (4A5BC15E)
fffff800`02c11000 fffff800`031ee000   nt       ntkrnlmp.exe Tue Oct 26 22:43:09 2010 (4CC791BD)
fffff880`01239000 fffff880`013dc000   Ntfs     Ntfs.sys     Mon Jul 13 19:20:47 2009 (4A5BC14F)
fffff880`018ce000 fffff880`018d7000   Null     Null.SYS     Mon Jul 13 19:19:37 2009 (4A5BC109)
fffff880`10b3a000 fffff880`10b3b180   nvBridge nvBridge.kmd Fri Jan 07 20:57:22 2011 (4D27C482)
fffff880`04170000 fffff880`04199000   nvhda64v nvhda64v.sys Thu Nov 11 18:10:36 2010 (4CDC77EC)
fffff880`0fedf000 fffff880`10b39d00   nvlddmkm nvlddmkm.sys Fri Jan 07 21:07:22 2011 (4D27C6DA)
fffff880`02d08000 fffff880`02d2e000   pacer    pacer.sys    Mon Jul 13 20:09:41 2009 (4A5BCCC5)
fffff880`043d2000 fffff880`043ef000   parport  parport.sys  Mon Jul 13 20:00:40 2009 (4A5BCAA8)
fffff880`00f8b000 fffff880`00fa0000   partmgr  partmgr.sys  Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`00f4b000 fffff880`00f7e000   pci      pci.sys      Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`00fb5000 fffff880`00fbc000   pciide   pciide.sys   Mon Jul 13 19:19:49 2009 (4A5BC115)
fffff880`00fbc000 fffff880`00fcc000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`01200000 fffff880`01211000   pcw      pcw.sys      Mon Jul 13 19:19:27 2009 (4A5BC0FF)
fffff880`05aea000 fffff880`05b90000   peauth   peauth.sys   Mon Jul 13 21:01:19 2009 (4A5BD8DF)
fffff880`04199000 fffff880`041d6000   portcls  portcls.sys  Mon Jul 13 20:06:27 2009 (4A5BCC03)
fffff880`00ca9000 fffff880`00cbd000   PSHED    PSHED.dll    Mon Jul 13 21:32:23 2009 (4A5BE027)
fffff880`10ba1000 fffff880`10bc5000   rasl2tp  rasl2tp.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`0fe00000 fffff880`0fe1b000   raspppoe raspppoe.sys Mon Jul 13 20:10:17 2009 (4A5BCCE9)
fffff880`0fe1b000 fffff880`0fe3c000   raspptp  raspptp.sys  Mon Jul 13 20:10:18 2009 (4A5BCCEA)
fffff880`0fe3c000 fffff880`0fe56000   rassstp  rassstp.sys  Mon Jul 13 20:10:25 2009 (4A5BCCF1)
fffff880`02d89000 fffff880`02dda000   rdbss    rdbss.sys    Mon Jul 13 19:24:09 2009 (4A5BC219)
fffff880`01921000 fffff880`0192a000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`0192a000 fffff880`01933000   rdpencdd rdpencdd.sys Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`01933000 fffff880`0193c000   rdprefmp rdprefmp.sys Mon Jul 13 20:16:35 2009 (4A5BCE63)
fffff880`0118b000 fffff880`011c5000   rdyboost rdyboost.sys Mon Jul 13 19:34:34 2009 (4A5BC48A)
fffff880`038f4000 fffff880`0390c000   rspndr   rspndr.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`10b3c000 fffff880`10b7b000   Rt64win7 Rt64win7.sys Thu Aug 20 12:05:06 2009 (4A8D7432)
fffff880`05b90000 fffff880`05b9b000   secdrv   secdrv.SYS   Wed Sep 13 09:18:38 2006 (4508052E)
fffff880`043ef000 fffff880`043fb000   serenum  serenum.sys  Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`02d3d000 fffff880`02d5a000   serial   serial.sys   Mon Jul 13 20:00:40 2009 (4A5BCAA8)
fffff880`0144a000 fffff880`01452000   spldr    spldr.sys    Mon May 11 12:56:27 2009 (4A0858BB)
fffff880`05c04000 fffff880`05c9a000   srv      srv.sys      Thu Aug 26 23:38:00 2010 (4C773318)
fffff880`05a00000 fffff880`05a67000   srv2     srv2.sys     Thu Aug 26 23:37:46 2010 (4C77330A)
fffff880`05b9b000 fffff880`05bc8000   srvnet   srvnet.sys   Thu Aug 26 23:37:24 2010 (4C7732F4)
fffff880`043fb000 fffff880`043fc480   swenum   swenum.sys   Mon Jul 13 20:00:18 2009 (4A5BCA92)
fffff880`01600000 fffff880`017fd000   tcpip    tcpip.sys    Sun Jun 13 23:39:04 2010 (4C15A458)
fffff880`05bc8000 fffff880`05bda000   tcpipreg tcpipreg.sys Mon Jul 13 20:09:49 2009 (4A5BCCCD)
fffff880`01981000 fffff880`0198e000   TDI      TDI.SYS      Mon Jul 13 19:21:18 2009 (4A5BC16E)
fffff880`01963000 fffff880`01981000   tdx      tdx.sys      Mon Jul 13 19:21:15 2009 (4A5BC16B)
fffff880`02d75000 fffff880`02d89000   termdd   termdd.sys   Mon Jul 13 20:16:36 2009 (4A5BCE64)
fffff960`00550000 fffff960`0055a000   TSDDD    TSDDD.dll    unavailable (00000000)
fffff880`040da000 fffff880`04100000   tunnel   tunnel.sys   Mon Jul 13 20:09:37 2009 (4A5BCCC1)
fffff880`0feb7000 fffff880`0fec9000   umbus    umbus.sys    Mon Jul 13 20:06:56 2009 (4A5BCC20)
fffff880`04051000 fffff880`0406e000   usbccgp  usbccgp.sys  Mon Jul 13 20:06:45 2009 (4A5BCC15)
fffff880`0520e000 fffff880`0520ff00   USBD     USBD.SYS     Mon Jul 13 20:06:23 2009 (4A5BCBFF)
fffff880`0426a000 fffff880`0427b000   usbehci  usbehci.sys  Mon Jul 13 20:06:30 2009 (4A5BCC06)
fffff880`04116000 fffff880`04170000   usbhub   usbhub.sys   Mon Jul 13 20:07:09 2009 (4A5BCC2D)
fffff880`0427b000 fffff880`042d1000   USBPORT  USBPORT.SYS  Mon Jul 13 20:06:31 2009 (4A5BCC07)
fffff880`04036000 fffff880`04051000   USBSTOR  USBSTOR.SYS  Mon Jul 13 20:06:34 2009 (4A5BCC0A)
fffff880`00f7e000 fffff880`00f8b000   vdrvroot vdrvroot.sys Mon Jul 13 20:01:31 2009 (4A5BCADB)
fffff880`018de000 fffff880`018ec000   vga      vga.sys      Mon Jul 13 19:38:47 2009 (4A5BC587)
fffff880`05213000 fffff880`053d4000   viahduaa viahduaa.sys Wed Aug 04 03:51:53 2010 (4C591C19)
fffff880`018ec000 fffff880`01911000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:38:51 2009 (4A5BC58B)
fffff880`00fa0000 fffff880`00fb5000   volmgr   volmgr.sys   Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`00c00000 fffff880`00c5c000   volmgrx  volmgrx.sys  Mon Jul 13 19:20:33 2009 (4A5BC141)
fffff880`0113f000 fffff880`0118b000   volsnap  volsnap.sys  Mon Jul 13 19:20:08 2009 (4A5BC128)
fffff880`02d5a000 fffff880`02d75000   wanarp   wanarp.sys   Mon Jul 13 20:10:21 2009 (4A5BCCED)
fffff880`01911000 fffff880`01921000   watchdog watchdog.sys Mon Jul 13 19:37:35 2009 (4A5BC53F)
fffff880`00e2e000 fffff880`00ed2000   Wdf01000 Wdf01000.sys Mon Jul 13 19:22:07 2009 (4A5BC19F)
fffff880`00ed2000 fffff880`00ee1000   WDFLDR   WDFLDR.SYS   Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`02cff000 fffff880`02d08000   wfplwf   wfplwf.sys   Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff960`00070000 fffff960`00380000   win32k   win32k.sys   unavailable (00000000)
fffff880`00f38000 fffff880`00f41000   WMILIB   WMILIB.SYS   Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`00ddb000 fffff880`00dfc000   WudfPf   WudfPf.sys   Mon Jul 13 20:05:37 2009 (4A5BCBD1)
fffff880`05c9a000 fffff880`05ccb000   WUDFRd   WUDFRd.sys   Mon Jul 13 20:06:06 2009 (4A5BCBEE)

Unloaded modules:
fffff880`0186e000 fffff880`0187c000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`0187c000 fffff880`01888000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000C000
fffff880`01888000 fffff880`01891000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00009000
fffff880`01891000 fffff880`018a4000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00013000

 

[joejones789]

IT WORKED! Thanks for the help, another BSOD has come up now...

Hi

Thanks so much for the quick help with my BSOD problem..

Another BSOD has now come up. Could you please help me out again?
its a memory_management BSOD this time.

I have attatched the dumps if you could look at them fo me

Cheers

Joe

 

[cybercore]

Give me this information:


http://windows7forums.com/blue-scree...lease-see.html


1. CPU-Z memory and CPU tab
2. RAMMon report saved as HTML

 

[joejones789]

Here is the info you wanted. Thaks so much for the help. I have also had another BSOD come up which seemed to have no origin. I've attatched the dumps for that too if you could please help me with that. Cant tell you how glad i am to get some help with this

Cheers

Joe

 

[joejones789]

More BSOD's !!!

Since my last posting, i have had a load more BSODS...all seming to have no origin. I have attatched the dump info.

PLEASE HELP!!...

I am honestly lost as to what to do!!

 

[cybercore]

PLEASE HELP!!...

I am honestly lost as to what to do!!

Ya, nice try.


What causes your blue screens, in case you have no idea:

1. Dangerously overclocked CPU - Core i5 760 @ 2,8 currently clocked 3800Mhz



2. Memory being set way wrong:

rated 1333Mhz 9-9-9-24 1.5v

currently set wrong 1140Mhz 8-8-8-21





What to do?

- Set your hardware (everything) in EXACT ACCORDANCE WITH the manufacturer's RECOMMENDED DEFAULT values.

- Loading optimized defaults in the bios could help

- If you don't know how to sort things in bios, ask someone savvy enough near you do this job.


Best regards, enjoy.

 

[joejones789]

I took your advice...Still getting BSODS

Hi

I took your advice and stopped being clever with "overclocking" or what i thought it was...

I've attatched the minidump if i could ask you to help me again

Cheers

Joe

 

[cybercore]

I'd like to see your clocks, reattach CPUZ and Rammon.


Update Citrix
ctxusbm.sys Mon Sep 07 14:09:28 2009



CRASH DUMPS

Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [F:\DMP\032711-29625-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0xfffff800`02c04000 PsLoadedModuleList = 0xfffff800`02e41e50
Debug session time: Sun Mar 27 10:27:03.718 2011 (UTC - 4:00)
System Uptime: 0 days 0:00:16.906
Loading Kernel Symbols
...............................................................
.................................................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000007E, {ffffffffc0000005, fffff80003003c31, fffff88002faf7d8, fffff88002faf040}

Probably caused by : ntkrnlmp.exe ( nt!WmipFindISinGEbyName+c1 )

Followup: MachineOwner
---------

3: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003.  This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG.  This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG.  This will let us see why this breakpoint is
happening.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff80003003c31, The address that the exception occurred at
Arg3: fffff88002faf7d8, Exception Record Address
Arg4: fffff88002faf040, Context Record Address

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
nt!WmipFindISinGEbyName+c1
fffff800`03003c31 460fb70409      movzx   r8d,word ptr [rcx+r9]

EXCEPTION_RECORD:  fffff88002faf7d8 -- (.exr 0xfffff88002faf7d8)
ExceptionAddress: fffff80003003c31 (nt!WmipFindISinGEbyName+0x00000000000000c1)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: ffffffffffffffff
Attempt to read from address ffffffffffffffff

CONTEXT:  fffff88002faf040 -- (.cxr 0xfffff88002faf040)
rax=0000000000000000 rbx=fffff8a00016f068 rcx=fffff8a0018bbcf8
rdx=fffff8a000108442 rsi=0000000000000000 rdi=0000000000000044
rip=fffff80003003c31 rsp=fffff88002fafa10 rbp=fffff8a00019c340
 r8=0000000000000052  r9=0053075ff7144318 r10=0000000000000000
r11=fffff88002dd5180 r12=fffff88002fafa70 r13=fffff8a0018bbcf8
r14=0000000000000001 r15=000000000000005a
iopl=0         nv up ei pl nz ac po cy
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010217
nt!WmipFindISinGEbyName+0xc1:
fffff800`03003c31 460fb70409      movzx   r8d,word ptr [rcx+r9] ds:002b:0052ffff`f8a00010=????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  System

CURRENT_IRQL:  0

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1:  0000000000000000

EXCEPTION_PARAMETER2:  ffffffffffffffff

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002eac0e0
 ffffffffffffffff 

FOLLOWUP_IP: 
nt!WmipFindISinGEbyName+c1
fffff800`03003c31 460fb70409      movzx   r8d,word ptr [rcx+r9]

BUGCHECK_STR:  0x7E

LAST_CONTROL_TRANSFER:  from fffff80003014f1f to fffff80003003c31

STACK_TEXT:  
fffff880`02fafa10 fffff800`03014f1f : fffff8a0`018b005a fffff8a0`018bbcf8 00000000`00000000 fffff800`02d07b1b : nt!WmipFindISinGEbyName+0xc1
fffff880`02fafa50 fffff800`03085649 : fffff8a0`018bbcf8 fffffa80`05f05208 fffff8a0`018bbcf0 00000000`000007ff : nt!WmipMangleInstanceName+0x7f
fffff880`02fafab0 fffff800`0309f211 : 00000000`00000050 00000000`00000028 fffffa80`000000fc fffffa80`05f0527c : nt!WmipBuildInstanceSet+0x239
fffff880`02fafb30 fffff800`0309f496 : fffff8a0`0016d208 00000000`000000fc 00000000`000000fc 00000000`00000000 : nt!WmipAddDataSource+0xd1
fffff880`02fafbc0 fffff800`0309ff41 : 00000000`00000000 00000000`00000000 00000000`00002000 00000000`000002cc : nt!WmipProcessWmiRegInfo+0x96
fffff880`02fafc20 fffff800`030cc7ec : fffffa80`04f7d8a0 fffff800`02e195f8 fffffa80`03aa7680 fffff8a0`01886500 : nt!WmipRegisterOrUpdateDS+0x101
fffff880`02fafc80 fffff800`02c81961 : fffff800`030cc790 fffff800`02f6e920 fffffa80`03aa7680 00000000`00000000 : nt!WmipRegistrationWorker+0x5c
fffff880`02fafcb0 fffff800`02f177c6 : 00000000`00000000 fffffa80`03aa7680 00000000`00000080 fffffa80`03a2b9e0 : nt!ExpWorkerThread+0x111
fffff880`02fafd40 fffff800`02c52c26 : fffff880`02d64180 fffffa80`03aa7680 fffff880`02d6efc0 00000000`00000000 : nt!PspSystemThreadStartup+0x5a
fffff880`02fafd80 00000000`00000000 : fffff880`02fb0000 fffff880`02faa000 fffff880`02faf830 00000000`00000000 : nt!KxStartSystemThread+0x16


SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!WmipFindISinGEbyName+c1

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4cc791bd

STACK_COMMAND:  .cxr 0xfffff88002faf040 ; kb

FAILURE_BUCKET_ID:  X64_0x7E_nt!WmipFindISinGEbyName+c1

BUCKET_ID:  X64_0x7E_nt!WmipFindISinGEbyName+c1

Followup: MachineOwner
---------

DRIVERS

start             end                 module name
fffff880`00ecd000 fffff880`00f24000   ACPI     ACPI.sys     Mon Jul 13 19:19:34 2009 (4A5BC106)
fffff880`02a0d000 fffff880`02a97000   afd      afd.sys      Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`03efc000 fffff880`03f12000   AgileVpn AgileVpn.sys Mon Jul 13 20:10:24 2009 (4A5BCCF0)
fffff880`00c4d000 fffff880`00c58000   amdxata  amdxata.sys  Tue May 19 13:56:59 2009 (4A12F2EB)
fffff880`00c1a000 fffff880`00c23000   atapi    atapi.sys    Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00c23000 fffff880`00c4d000   ataport  ataport.SYS  Mon Jul 13 19:19:52 2009 (4A5BC118)
fffff880`02b5f000 fffff880`02b66000   Beep     Beep.SYS     Mon Jul 13 20:00:13 2009 (4A5BCA8D)
fffff880`03954000 fffff880`03965000   blbdrive blbdrive.sys Mon Jul 13 19:35:59 2009 (4A5BC4DF)
fffff880`04377000 fffff880`04394000   cdfs     cdfs.sys     Mon Jul 13 19:19:46 2009 (4A5BC112)
fffff880`02afb000 fffff880`02b25000   cdrom    cdrom.sys    Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`00d3f000 fffff880`00dff000   CI       CI.dll       Mon Jul 13 21:32:13 2009 (4A5BE01D)
fffff880`00c58000 fffff880`00c88000   CLASSPNP CLASSPNP.SYS Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`00ce1000 fffff880`00d3f000   CLFS     CLFS.SYS     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`010ca000 fffff880`0113d000   cng      cng.sys      Mon Jul 13 19:49:40 2009 (4A5BC814)
fffff880`03eec000 fffff880`03efc000   CompositeBus CompositeBus.sys Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`04394000 fffff880`043a2000   crashdmp crashdmp.sys Mon Jul 13 20:01:01 2009 (4A5BCABD)
fffff880`03939000 fffff880`03954000   ctxusbm  ctxusbm.sys  Mon Sep 07 14:09:28 2009 (4AA54C58)
fffff880`0391b000 fffff880`03939000   dfsc     dfsc.sys     Mon Jul 13 19:23:44 2009 (4A5BC200)
fffff880`0390c000 fffff880`0391b000   discache discache.sys Mon Jul 13 19:37:18 2009 (4A5BC52E)
fffff880`013de000 fffff880`013f4000   disk     disk.sys     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`042f3000 fffff880`04315000   drmk     drmk.sys     Mon Jul 13 21:01:25 2009 (4A5BD8E5)
fffff880`043ae000 fffff880`043b7000   dump_atapi dump_atapi.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`043a2000 fffff880`043ae000   dump_dumpata dump_dumpata.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`043b7000 fffff880`043ca000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
fffff880`043ca000 fffff880`043d6000   Dxapi    Dxapi.sys    Mon Jul 13 19:38:28 2009 (4A5BC574)
fffff880`10867000 fffff880`1095b000   dxgkrnl  dxgkrnl.sys  Tue Jan 25 23:22:56 2011 (4D3FA1A0)
fffff880`1095b000 fffff880`109a1000   dxgmms1  dxgmms1.sys  Tue Jan 25 23:22:12 2011 (4D3FA174)
fffff880`01058000 fffff880`0106c000   fileinfo fileinfo.sys Mon Jul 13 19:34:25 2009 (4A5BC481)
fffff880`0100c000 fffff880`01058000   fltmgr   fltmgr.sys   Mon Jul 13 19:19:59 2009 (4A5BC11F)
fffff880`013d4000 fffff880`013de000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 19:19:45 2009 (4A5BC111)
fffff880`011c3000 fffff880`011fd000   fvevol   fvevol.sys   Fri Sep 25 22:34:26 2009 (4ABD7DB2)
fffff880`01400000 fffff880`0144a000   fwpkclnt fwpkclnt.sys Mon Jul 13 19:21:08 2009 (4A5BC164)
fffff800`031e1000 fffff800`0322a000   hal      hal.dll      Mon Jul 13 21:27:36 2009 (4A5BDF08)
fffff880`109a1000 fffff880`109c5000   HDAudBus HDAudBus.sys Mon Jul 13 20:06:13 2009 (4A5BCBF5)
fffff880`0431b000 fffff880`04377000   HdAudio  HdAudio.sys  Mon Jul 13 20:06:59 2009 (4A5BCC23)
fffff880`015f2000 fffff880`015fb000   hwpolicy hwpolicy.sys Mon Jul 13 19:19:22 2009 (4A5BC0FA)
fffff880`0398b000 fffff880`039a1000   intelppm intelppm.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD)
fffff880`03fc7000 fffff880`03fd6000   kbdclass kbdclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff800`00bcb000 fffff800`00bd5000   kdcom    kdcom.dll    Mon Jul 13 21:31:07 2009 (4A5BDFDB)
fffff880`03e00000 fffff880`03e43000   ks       ks.sys       Wed Mar 03 23:32:25 2010 (4B8F37D9)
fffff880`013a9000 fffff880`013c3000   ksecdd   ksecdd.sys   Mon Jul 13 19:20:54 2009 (4A5BC156)
fffff880`015b5000 fffff880`015e0000   ksecpkg  ksecpkg.sys  Fri Dec 11 01:03:32 2009 (4B21E0B4)
fffff880`04315000 fffff880`0431a200   ksthunk  ksthunk.sys  Mon Jul 13 20:00:19 2009 (4A5BCA93)
fffff880`00c89000 fffff880`00ccd000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 21:29:10 2009 (4A5BDF66)
fffff880`043d6000 fffff880`043e4000   monitor  monitor.sys  Mon Jul 13 19:38:52 2009 (4A5BC58C)
fffff880`03fd6000 fffff880`03fe5000   mouclass mouclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`00c00000 fffff880`00c1a000   mountmgr mountmgr.sys Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`02b25000 fffff880`02b56000   MpFilter MpFilter.sys Tue Sep 14 20:19:28 2010 (4C901110)
fffff880`02bc4000 fffff880`02bcf000   Msfs     Msfs.SYS     Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00f2d000 fffff880`00f37000   msisadrv msisadrv.sys Mon Jul 13 19:19:26 2009 (4A5BC0FE)
fffff880`0106c000 fffff880`010ca000   msrpc    msrpc.sys    Mon Jul 13 19:21:32 2009 (4A5BC17C)
fffff880`03901000 fffff880`0390c000   mssmbios mssmbios.sys Mon Jul 13 19:31:10 2009 (4A5BC3BE)
fffff880`015e0000 fffff880`015f2000   mup      mup.sys      Mon Jul 13 19:23:45 2009 (4A5BC201)
fffff880`01463000 fffff880`01555000   ndis     ndis.sys     Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`03f36000 fffff880`03f42000   ndistapi ndistapi.sys Mon Jul 13 20:10:00 2009 (4A5BCCD8)
fffff880`03f42000 fffff880`03f71000   ndiswan  ndiswan.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`04278000 fffff880`0428d000   NDProxy  NDProxy.SYS  Mon Jul 13 20:10:05 2009 (4A5BCCDD)
fffff880`03849000 fffff880`03858000   netbios  netbios.sys  Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff880`02a97000 fffff880`02adc000   netbt    netbt.sys    Mon Jul 13 19:21:28 2009 (4A5BC178)
fffff880`01555000 fffff880`015b5000   NETIO    NETIO.SYS    Thu Apr 08 22:43:59 2010 (4BBE946F)
fffff880`02bcf000 fffff880`02be0000   Npfs     Npfs.SYS     Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`038f5000 fffff880`03901000   nsiproxy nsiproxy.sys Mon Jul 13 19:21:02 2009 (4A5BC15E)
fffff800`02c04000 fffff800`031e1000   nt       ntkrnlmp.exe Tue Oct 26 22:43:09 2010 (4CC791BD)
fffff880`01206000 fffff880`013a9000   Ntfs     Ntfs.sys     Mon Jul 13 19:20:47 2009 (4A5BC14F)
fffff880`02b56000 fffff880`02b5f000   Null     Null.SYS     Mon Jul 13 19:19:37 2009 (4A5BC109)
fffff880`10865000 fffff880`10866180   nvBridge nvBridge.kmd Fri Jan 07 20:57:22 2011 (4D27C482)
fffff880`0428d000 fffff880`042b6000   nvhda64v nvhda64v.sys Thu Nov 11 18:10:36 2010 (4CDC77EC)
fffff880`0fc0a000 fffff880`10864d00   nvlddmkm nvlddmkm.sys Fri Jan 07 21:07:22 2011 (4D27C6DA)
fffff880`03823000 fffff880`03849000   pacer    pacer.sys    Mon Jul 13 20:09:41 2009 (4A5BCCC5)
fffff880`03ec3000 fffff880`03ee0000   parport  parport.sys  Mon Jul 13 20:00:40 2009 (4A5BCAA8)
fffff880`00f77000 fffff880`00f8c000   partmgr  partmgr.sys  Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`00f37000 fffff880`00f6a000   pci      pci.sys      Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`00e00000 fffff880`00e07000   pciide   pciide.sys   Mon Jul 13 19:19:49 2009 (4A5BC115)
fffff880`00e07000 fffff880`00e17000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`013c3000 fffff880`013d4000   pcw      pcw.sys      Mon Jul 13 19:19:27 2009 (4A5BC0FF)
fffff880`042b6000 fffff880`042f3000   portcls  portcls.sys  Mon Jul 13 20:06:27 2009 (4A5BCC03)
fffff880`00ccd000 fffff880`00ce1000   PSHED    PSHED.dll    Mon Jul 13 21:32:23 2009 (4A5BE027)
fffff880`03f12000 fffff880`03f36000   rasl2tp  rasl2tp.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`03f71000 fffff880`03f8c000   raspppoe raspppoe.sys Mon Jul 13 20:10:17 2009 (4A5BCCE9)
fffff880`03f8c000 fffff880`03fad000   raspptp  raspptp.sys  Mon Jul 13 20:10:18 2009 (4A5BCCEA)
fffff880`03fad000 fffff880`03fc7000   rassstp  rassstp.sys  Mon Jul 13 20:10:25 2009 (4A5BCCF1)
fffff880`038a4000 fffff880`038f5000   rdbss    rdbss.sys    Mon Jul 13 19:24:09 2009 (4A5BC219)
fffff880`02ba9000 fffff880`02bb2000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`02bb2000 fffff880`02bbb000   rdpencdd rdpencdd.sys Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`02bbb000 fffff880`02bc4000   rdprefmp rdprefmp.sys Mon Jul 13 20:16:35 2009 (4A5BCE63)
fffff880`01189000 fffff880`011c3000   rdyboost rdyboost.sys Mon Jul 13 19:34:34 2009 (4A5BC48A)
fffff880`03e59000 fffff880`03ec3000   Rt64win7 Rt64win7.sys Wed Jan 26 08:34:03 2011 (4D4022CB)
fffff880`03ee0000 fffff880`03eec000   serenum  serenum.sys  Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`03858000 fffff880`03875000   serial   serial.sys   Mon Jul 13 20:00:40 2009 (4A5BCAA8)
fffff880`0144a000 fffff880`01452000   spldr    spldr.sys    Mon May 11 12:56:27 2009 (4A0858BB)
fffff880`03fe5000 fffff880`03fe6480   swenum   swenum.sys   Mon Jul 13 20:00:18 2009 (4A5BCA92)
fffff880`01603000 fffff880`01800000   tcpip    tcpip.sys    Sun Jun 13 23:39:04 2010 (4C15A458)
fffff880`02a00000 fffff880`02a0d000   TDI      TDI.SYS      Mon Jul 13 19:21:18 2009 (4A5BC16E)
fffff880`02be0000 fffff880`02bfe000   tdx      tdx.sys      Mon Jul 13 19:21:15 2009 (4A5BC16B)
fffff880`03890000 fffff880`038a4000   termdd   termdd.sys   Mon Jul 13 20:16:36 2009 (4A5BCE64)
fffff880`03965000 fffff880`0398b000   tunnel   tunnel.sys   Mon Jul 13 20:09:37 2009 (4A5BCCC1)
fffff880`03e43000 fffff880`03e55000   umbus    umbus.sys    Mon Jul 13 20:06:56 2009 (4A5BCC20)
fffff880`109c5000 fffff880`109d6000   usbehci  usbehci.sys  Mon Jul 13 20:06:30 2009 (4A5BCC06)
fffff880`0421e000 fffff880`04278000   usbhub   usbhub.sys   Mon Jul 13 20:07:09 2009 (4A5BCC2D)
fffff880`039a1000 fffff880`039f7000   USBPORT  USBPORT.SYS  Mon Jul 13 20:06:31 2009 (4A5BCC07)
fffff880`00f6a000 fffff880`00f77000   vdrvroot vdrvroot.sys Mon Jul 13 20:01:31 2009 (4A5BCADB)
fffff880`02b66000 fffff880`02b74000   vga      vga.sys      Mon Jul 13 19:38:47 2009 (4A5BC587)
fffff880`02b74000 fffff880`02b99000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:38:51 2009 (4A5BC58B)
fffff880`00f8c000 fffff880`00fa1000   volmgr   volmgr.sys   Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`00fa1000 fffff880`00ffd000   volmgrx  volmgrx.sys  Mon Jul 13 19:20:33 2009 (4A5BC141)
fffff880`0113d000 fffff880`01189000   volsnap  volsnap.sys  Mon Jul 13 19:20:08 2009 (4A5BC128)
fffff880`03875000 fffff880`03890000   wanarp   wanarp.sys   Mon Jul 13 20:10:21 2009 (4A5BCCED)
fffff880`02b99000 fffff880`02ba9000   watchdog watchdog.sys Mon Jul 13 19:37:35 2009 (4A5BC53F)
fffff880`00e1a000 fffff880`00ebe000   Wdf01000 Wdf01000.sys Mon Jul 13 19:22:07 2009 (4A5BC19F)
fffff880`00ebe000 fffff880`00ecd000   WDFLDR   WDFLDR.SYS   Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`02adc000 fffff880`02ae5000   wfplwf   wfplwf.sys   Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff960`00000000 fffff960`00310000   win32k   win32k.sys   unavailable (00000000)
fffff880`00f24000 fffff880`00f2d000   WMILIB   WMILIB.SYS   Mon Jul 13 19:19:51 2009 (4A5BC117)

Unloaded modules:
fffff880`01452000 fffff880`01460000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`013f4000 fffff880`01400000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000C000
fffff880`01000000 fffff880`01009000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00009000
fffff880`02ae8000 fffff880`02afb000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00013000

 

[joejones789]

Still getting BSODs

Hi there, I've attatched the cpu z and rammon outputs. I've had a few more BSOD's that i'm really not sure what origins they had...I really dont get why it keeps breaking. Thanks for your help

 

[cybercore]

1. Again, attach the screenshots of CPU-Z a) MEMORY and b) CPU tabs.


2. Right now you have MSE + AVG. Uninstall AVG:

http://www.avg.com/ww-en/download-tools


3. Update Citrix at last:
ctxusbm.sys Mon Sep 07 14:09:28 2009
http://www.citrix.com/site/SS/downloads/index.asp



CRASH DUMPS

Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [F:\DMP\032811-16781-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0xfffff800`02c59000 PsLoadedModuleList = 0xfffff800`02e96e50
Debug session time: Mon Mar 28 08:06:32.390 2011 (UTC - 4:00)
System Uptime: 0 days 0:00:17.578
Loading Kernel Symbols
.

Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.

..............................................................
...............................................................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000007E, {ffffffffc0000005, fffff80002fba6ae, fffff880031bda48, fffff880031bd2b0}

Probably caused by : ntkrnlmp.exe ( nt!CmpDelayDerefKCBWorker+d6 )

Followup: MachineOwner
---------

2: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003.  This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG.  This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG.  This will let us see why this breakpoint is
happening.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff80002fba6ae, The address that the exception occurred at
Arg3: fffff880031bda48, Exception Record Address
Arg4: fffff880031bd2b0, Context Record Address

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
nt!CmpDelayDerefKCBWorker+d6
fffff800`02fba6ae 4038ae380b0000  cmp     byte ptr [rsi+0B38h],bpl

EXCEPTION_RECORD:  fffff880031bda48 -- (.exr 0xfffff880031bda48)
ExceptionAddress: fffff80002fba6ae (nt!CmpDelayDerefKCBWorker+0x00000000000000d6)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: 0000000000000b38
Attempt to read from address 0000000000000b38

CONTEXT:  fffff880031bd2b0 -- (.cxr 0xfffff880031bd2b0)
rax=fffffa8003aa5bb0 rbx=0000000000000000 rcx=fffff8a00321bd98
rdx=00000000000003bd rsi=0000000000000000 rdi=fffff8a00321bcc0
rip=fffff80002fba6ae rsp=fffff880031bdc80 rbp=0000000000000001
 r8=fffff8a000dccde8  r9=000000001b748b3f r10=fffff8a000a044a8
r11=fffffa8003aa5b60 r12=fffff80002eceee0 r13=fffff80002ecef40
r14=0000000000000000 r15=0000000000000001
iopl=0         nv up ei pl zr na po nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010246
nt!CmpDelayDerefKCBWorker+0xd6:
fffff800`02fba6ae 4038ae380b0000  cmp     byte ptr [rsi+0B38h],bpl ds:002b:00000000`00000b38=??
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  System

CURRENT_IRQL:  0

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1:  0000000000000000

EXCEPTION_PARAMETER2:  0000000000000b38

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002f010e0
 0000000000000b38 

FOLLOWUP_IP: 
nt!CmpDelayDerefKCBWorker+d6
fffff800`02fba6ae 4038ae380b0000  cmp     byte ptr [rsi+0B38h],bpl

BUGCHECK_STR:  0x7E

LAST_CONTROL_TRANSFER:  from fffff80002cd6961 to fffff80002fba6ae

STACK_TEXT:  
fffff880`031bdc80 fffff800`02cd6961 : fffff800`02fba5d8 fffff800`02e6e5f8 fffffa80`03aa5b60 00000000`00000000 : nt!CmpDelayDerefKCBWorker+0xd6
fffff880`031bdcb0 fffff800`02f6c7c6 : 00000000`00000000 fffffa80`03aa5b60 00000000`00000080 fffffa80`03a2b9e0 : nt!ExpWorkerThread+0x111
fffff880`031bdd40 fffff800`02ca7c26 : fffff880`02f64180 fffffa80`03aa5b60 fffff880`02f6efc0 00000000`00000000 : nt!PspSystemThreadStartup+0x5a
fffff880`031bdd80 00000000`00000000 : fffff880`031be000 fffff880`031b8000 fffff880`031bd9f0 00000000`00000000 : nt!KxStartSystemThread+0x16


SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!CmpDelayDerefKCBWorker+d6

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4cc791bd

STACK_COMMAND:  .cxr 0xfffff880031bd2b0 ; kb

FAILURE_BUCKET_ID:  X64_0x7E_nt!CmpDelayDerefKCBWorker+d6

BUCKET_ID:  X64_0x7E_nt!CmpDelayDerefKCBWorker+d6

Followup: MachineOwner
---------





















Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [F:\DMP\032711-29625-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0xfffff800`02c04000 PsLoadedModuleList = 0xfffff800`02e41e50
Debug session time: Sun Mar 27 10:27:03.718 2011 (UTC - 4:00)
System Uptime: 0 days 0:00:16.906
Loading Kernel Symbols
.

Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.

..............................................................
.................................................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000007E, {ffffffffc0000005, fffff80003003c31, fffff88002faf7d8, fffff88002faf040}

Probably caused by : ntkrnlmp.exe ( nt!WmipFindISinGEbyName+c1 )

Followup: MachineOwner
---------

3: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003.  This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG.  This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG.  This will let us see why this breakpoint is
happening.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff80003003c31, The address that the exception occurred at
Arg3: fffff88002faf7d8, Exception Record Address
Arg4: fffff88002faf040, Context Record Address

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
nt!WmipFindISinGEbyName+c1
fffff800`03003c31 460fb70409      movzx   r8d,word ptr [rcx+r9]

EXCEPTION_RECORD:  fffff88002faf7d8 -- (.exr 0xfffff88002faf7d8)
ExceptionAddress: fffff80003003c31 (nt!WmipFindISinGEbyName+0x00000000000000c1)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: ffffffffffffffff
Attempt to read from address ffffffffffffffff

CONTEXT:  fffff88002faf040 -- (.cxr 0xfffff88002faf040)
rax=0000000000000000 rbx=fffff8a00016f068 rcx=fffff8a0018bbcf8
rdx=fffff8a000108442 rsi=0000000000000000 rdi=0000000000000044
rip=fffff80003003c31 rsp=fffff88002fafa10 rbp=fffff8a00019c340
 r8=0000000000000052  r9=0053075ff7144318 r10=0000000000000000
r11=fffff88002dd5180 r12=fffff88002fafa70 r13=fffff8a0018bbcf8
r14=0000000000000001 r15=000000000000005a
iopl=0         nv up ei pl nz ac po cy
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010217
nt!WmipFindISinGEbyName+0xc1:
fffff800`03003c31 460fb70409      movzx   r8d,word ptr [rcx+r9] ds:002b:0052ffff`f8a00010=????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  System

CURRENT_IRQL:  0

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1:  0000000000000000

EXCEPTION_PARAMETER2:  ffffffffffffffff

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002eac0e0
 ffffffffffffffff 

FOLLOWUP_IP: 
nt!WmipFindISinGEbyName+c1
fffff800`03003c31 460fb70409      movzx   r8d,word ptr [rcx+r9]

BUGCHECK_STR:  0x7E

LAST_CONTROL_TRANSFER:  from fffff80003014f1f to fffff80003003c31

STACK_TEXT:  
fffff880`02fafa10 fffff800`03014f1f : fffff8a0`018b005a fffff8a0`018bbcf8 00000000`00000000 fffff800`02d07b1b : nt!WmipFindISinGEbyName+0xc1
fffff880`02fafa50 fffff800`03085649 : fffff8a0`018bbcf8 fffffa80`05f05208 fffff8a0`018bbcf0 00000000`000007ff : nt!WmipMangleInstanceName+0x7f
fffff880`02fafab0 fffff800`0309f211 : 00000000`00000050 00000000`00000028 fffffa80`000000fc fffffa80`05f0527c : nt!WmipBuildInstanceSet+0x239
fffff880`02fafb30 fffff800`0309f496 : fffff8a0`0016d208 00000000`000000fc 00000000`000000fc 00000000`00000000 : nt!WmipAddDataSource+0xd1
fffff880`02fafbc0 fffff800`0309ff41 : 00000000`00000000 00000000`00000000 00000000`00002000 00000000`000002cc : nt!WmipProcessWmiRegInfo+0x96
fffff880`02fafc20 fffff800`030cc7ec : fffffa80`04f7d8a0 fffff800`02e195f8 fffffa80`03aa7680 fffff8a0`01886500 : nt!WmipRegisterOrUpdateDS+0x101
fffff880`02fafc80 fffff800`02c81961 : fffff800`030cc790 fffff800`02f6e920 fffffa80`03aa7680 00000000`00000000 : nt!WmipRegistrationWorker+0x5c
fffff880`02fafcb0 fffff800`02f177c6 : 00000000`00000000 fffffa80`03aa7680 00000000`00000080 fffffa80`03a2b9e0 : nt!ExpWorkerThread+0x111
fffff880`02fafd40 fffff800`02c52c26 : fffff880`02d64180 fffffa80`03aa7680 fffff880`02d6efc0 00000000`00000000 : nt!PspSystemThreadStartup+0x5a
fffff880`02fafd80 00000000`00000000 : fffff880`02fb0000 fffff880`02faa000 fffff880`02faf830 00000000`00000000 : nt!KxStartSystemThread+0x16


SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!WmipFindISinGEbyName+c1

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4cc791bd

STACK_COMMAND:  .cxr 0xfffff88002faf040 ; kb

FAILURE_BUCKET_ID:  X64_0x7E_nt!WmipFindISinGEbyName+c1

BUCKET_ID:  X64_0x7E_nt!WmipFindISinGEbyName+c1

Followup: MachineOwner
---------



















Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [F:\DMP\033011-26687-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0xfffff800`02c66000 PsLoadedModuleList = 0xfffff800`02ea3e50
Debug session time: Wed Mar 30 04:35:44.218 2011 (UTC - 4:00)
System Uptime: 0 days 0:01:18.406
Loading Kernel Symbols
.

Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.

..............................................................
................................................................
........................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1A, {41790, fffffa8001669dd0, ffff, 0}

Probably caused by : ntkrnlmp.exe ( nt! ?? ::FNODOBFM::`string'+33906 )

Followup: MachineOwner
---------

3: kd> 
3: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

MEMORY_MANAGEMENT (1a)
    # Any other values for parameter 1 must be individually examined.
Arguments:
Arg1: 0000000000041790, The subtype of the bugcheck.
Arg2: fffffa8001669dd0
Arg3: 000000000000ffff
Arg4: 0000000000000000

Debugging Details:
------------------


BUGCHECK_STR:  0x1a_41790

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  avgtray.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from fffff80002d49f9e to fffff80002cd6740

STACK_TEXT:  
fffff880`074b0648 fffff800`02d49f9e : 00000000`0000001a 00000000`00041790 fffffa80`01669dd0 00000000`0000ffff : nt!KeBugCheckEx
fffff880`074b0650 fffff800`02d180da : 00000000`00000000 00000000`030effff fffffa80`00000000 fffffa80`04fa7b30 : nt! ?? ::FNODOBFM::`string'+0x33906
fffff880`074b0810 fffff800`02cd5993 : ffffffff`ffffffff fffff880`074b0ad0 fffff880`074b0ad8 fffffa80`00008000 : nt!NtFreeVirtualMemory+0x5ca
fffff880`074b0900 fffff800`02cd1f30 : fffff800`02f65fe7 fffffa80`04fa7b30 fffffa80`06366920 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
fffff880`074b0a98 fffff800`02f65fe7 : fffffa80`04fa7b30 fffffa80`06366920 00000000`00000000 00000000`00000000 : nt!KiServiceLinkage
fffff880`074b0aa0 fffff800`02fb9953 : 00000000`02ff0000 00000000`00000000 00000000`00000000 fffffa80`04a2ae60 : nt!RtlFreeUserStack+0x27
fffff880`074b0ad0 fffff800`02fbd41d : fffff880`00000000 00000000`02fee800 00000000`7efd5000 00000000`00000000 : nt!PspExitThread+0x7c3
fffff880`074b0b90 fffff800`02fbd659 : fffffa80`06366920 00000000`00000000 fffffa80`06366920 00000000`7efd5000 : nt!PspTerminateThreadByPointer+0x4d
fffff880`074b0be0 fffff800`02cd5993 : fffffa80`06366920 fffff880`074b0ca0 00000000`7efd5000 fffffa80`0636db80 : nt!NtTerminateThread+0x45
fffff880`074b0c20 00000000`7791fbea : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`02fee808 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7791fbea


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt! ?? ::FNODOBFM::`string'+33906
fffff800`02d49f9e cc              int     3

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  nt! ?? ::FNODOBFM::`string'+33906

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4cc791bd

FAILURE_BUCKET_ID:  X64_0x1a_41790_nt!_??_::FNODOBFM::_string_+33906

BUCKET_ID:  X64_0x1a_41790_nt!_??_::FNODOBFM::_string_+33906

Followup: MachineOwner
---------





















Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [F:\DMP\033111-25593-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0xfffff800`02e19000 PsLoadedModuleList = 0xfffff800`03056e50
Debug session time: Thu Mar 31 07:46:24.062 2011 (UTC - 4:00)
System Uptime: 0 days 0:01:08.296
Loading Kernel Symbols
...............................................................
................................................................
...
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1A, {41790, fffffa80013b7cb0, ffff, 0}

Probably caused by : ntkrnlmp.exe ( nt! ?? ::FNODOBFM::`string'+33906 )

Followup: MachineOwner
---------

3: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

MEMORY_MANAGEMENT (1a)
    # Any other values for parameter 1 must be individually examined.
Arguments:
Arg1: 0000000000041790, The subtype of the bugcheck.
Arg2: fffffa80013b7cb0
Arg3: 000000000000ffff
Arg4: 0000000000000000

Debugging Details:
------------------


BUGCHECK_STR:  0x1a_41790

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  smss.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from fffff80002efcf9e to fffff80002e89740

STACK_TEXT:  
fffff880`04bc28c8 fffff800`02efcf9e : 00000000`0000001a 00000000`00041790 fffffa80`013b7cb0 00000000`0000ffff : nt!KeBugCheckEx
fffff880`04bc28d0 fffff800`02e5cc13 : ffffffff`00000000 00000000`0028ffff fffffa80`00000000 fffffa80`03afa060 : nt! ?? ::FNODOBFM::`string'+0x33906
fffff880`04bc2a90 fffff800`0316cabf : fffff8a0`03746060 00000000`00000001 00000000`00000000 fffffa80`03afa060 : nt!MmCleanProcessAddressSpace+0x62f
fffff880`04bc2ae0 fffff800`0314595b : 00000000`00000000 00000000`00000001 000007ff`fffdd000 00000000`00000000 : nt!PspExitThread+0x92f
fffff880`04bc2ba0 fffff800`02e88993 : fffffa80`054ba360 00000000`00000000 fffffa80`03afa001 fffffa80`03afa060 : nt!NtTerminateProcess+0x25b
fffff880`04bc2c20 00000000`77bcf97a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0028fe78 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x77bcf97a


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt! ?? ::FNODOBFM::`string'+33906
fffff800`02efcf9e cc              int     3

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  nt! ?? ::FNODOBFM::`string'+33906

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4cc791bd

FAILURE_BUCKET_ID:  X64_0x1a_41790_nt!_??_::FNODOBFM::_string_+33906

BUCKET_ID:  X64_0x1a_41790_nt!_??_::FNODOBFM::_string_+33906

Followup: MachineOwner
---------

DRIVERS

start             end                 module name
fffff880`00fa2000 fffff880`00ff9000   ACPI     ACPI.sys     Mon Jul 13 19:19:34 2009 (4A5BC106)
fffff880`02d3f000 fffff880`02dc9000   afd      afd.sys      Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`04104000 fffff880`0411a000   AgileVpn AgileVpn.sys Mon Jul 13 20:10:24 2009 (4A5BCCF0)
fffff880`00dcf000 fffff880`00dda000   amdxata  amdxata.sys  Tue May 19 13:56:59 2009 (4A12F2EB)
fffff880`00c86000 fffff880`00c8f000   atapi    atapi.sys    Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00da5000 fffff880`00dcf000   ataport  ataport.SYS  Mon Jul 13 19:19:52 2009 (4A5BC118)
fffff880`0186c000 fffff880`01877000   avgfwd6a avgfwd6a.sys Tue Oct 06 18:04:57 2009 (4ACBBF09)
fffff880`0193e000 fffff880`01948000   AVGIDSwa AVGIDSwa.sys Tue May 11 20:50:03 2010 (4BE9FB3B)
fffff880`03f38000 fffff880`03f7f000   avgldx64 avgldx64.sys Thu Jun 03 17:06:48 2010 (4C081968)
fffff880`03f30000 fffff880`03f37080   avgmfx64 avgmfx64.sys Sun Apr 25 17:06:15 2010 (4BD4AEC7)
fffff880`01931000 fffff880`0193d0c0   avgrkx64 avgrkx64.sys Wed Feb 10 22:52:44 2010 (4B737F0C)
fffff880`02ca9000 fffff880`02cfa000   avgtdia  avgtdia.sys  Thu Jun 03 17:09:57 2010 (4C081A25)
fffff880`019e2000 fffff880`019e9000   Beep     Beep.SYS     Mon Jul 13 20:00:13 2009 (4A5BCA8D)
fffff880`03f1f000 fffff880`03f30000   blbdrive blbdrive.sys Mon Jul 13 19:35:59 2009 (4A5BC4DF)
fffff880`04572000 fffff880`0458f000   cdfs     cdfs.sys     Mon Jul 13 19:19:46 2009 (4A5BC112)
fffff880`0197e000 fffff880`019a8000   cdrom    cdrom.sys    Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`00ee2000 fffff880`00fa2000   CI       CI.dll       Mon Jul 13 21:32:13 2009 (4A5BE01D)
fffff880`01901000 fffff880`01931000   CLASSPNP CLASSPNP.SYS Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`00cea000 fffff880`00d48000   CLFS     CLFS.SYS     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`0113e000 fffff880`011b1000   cng      cng.sys      Mon Jul 13 19:49:40 2009 (4A5BC814)
fffff880`040f4000 fffff880`04104000   CompositeBus CompositeBus.sys Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`0458f000 fffff880`0459d000   crashdmp crashdmp.sys Mon Jul 13 20:01:01 2009 (4A5BCABD)
fffff880`03f04000 fffff880`03f1f000   ctxusbm  ctxusbm.sys  Mon Sep 07 14:09:28 2009 (4AA54C58)
fffff880`03ee6000 fffff880`03f04000   dfsc     dfsc.sys     Mon Jul 13 19:23:44 2009 (4A5BC200)
fffff880`03ed7000 fffff880`03ee6000   discache discache.sys Mon Jul 13 19:37:18 2009 (4A5BC52E)
fffff880`018eb000 fffff880`01901000   disk     disk.sys     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`044ee000 fffff880`04510000   drmk     drmk.sys     Mon Jul 13 21:01:25 2009 (4A5BD8E5)
fffff880`045a9000 fffff880`045b2000   dump_atapi dump_atapi.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`0459d000 fffff880`045a9000   dump_dumpata dump_dumpata.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`045b2000 fffff880`045c5000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
fffff880`04055000 fffff880`04061000   Dxapi    Dxapi.sys    Mon Jul 13 19:38:28 2009 (4A5BC574)
fffff880`10a69000 fffff880`10b5d000   dxgkrnl  dxgkrnl.sys  Tue Jan 25 23:22:56 2011 (4D3FA1A0)
fffff880`10b5d000 fffff880`10ba3000   dxgmms1  dxgmms1.sys  Tue Jan 25 23:22:12 2011 (4D3FA174)
fffff880`010cc000 fffff880`010e0000   fileinfo fileinfo.sys Mon Jul 13 19:34:25 2009 (4A5BC481)
fffff880`01080000 fffff880`010cc000   fltmgr   fltmgr.sys   Mon Jul 13 19:19:59 2009 (4A5BC11F)
fffff880`013e0000 fffff880`013ea000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 19:19:45 2009 (4A5BC111)
fffff880`018b1000 fffff880`018eb000   fvevol   fvevol.sys   Fri Sep 25 22:34:26 2009 (4ABD7DB2)
fffff880`011b1000 fffff880`011fb000   fwpkclnt fwpkclnt.sys Mon Jul 13 19:21:08 2009 (4A5BC164)
fffff800`033f6000 fffff800`0343f000   hal      hal.dll      Mon Jul 13 21:27:36 2009 (4A5BDF08)
fffff880`10ba3000 fffff880`10bc7000   HDAudBus HDAudBus.sys Mon Jul 13 20:06:13 2009 (4A5BCBF5)
fffff880`04516000 fffff880`04572000   HdAudio  HdAudio.sys  Mon Jul 13 20:06:59 2009 (4A5BCC23)
fffff880`10bd8000 fffff880`10bf1000   HIDCLASS HIDCLASS.SYS Mon Jul 13 20:06:21 2009 (4A5BCBFD)
fffff880`0440e000 fffff880`04416080   HIDPARSE HIDPARSE.SYS Mon Jul 13 20:06:17 2009 (4A5BCBF9)
fffff880`04400000 fffff880`0440e000   hidusb   hidusb.sys   Mon Jul 13 20:06:22 2009 (4A5BCBFE)
fffff880`014af000 fffff880`014b8000   hwpolicy hwpolicy.sys Mon Jul 13 19:19:22 2009 (4A5BC0FA)
fffff880`03fa5000 fffff880`03fbb000   intelppm intelppm.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD)
fffff880`041cf000 fffff880`041de000   kbdclass kbdclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`041ef000 fffff880`041fd000   kbdhid   kbdhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff800`00bad000 fffff800`00bb7000   kdcom    kdcom.dll    Mon Jul 13 21:31:07 2009 (4A5BDFDB)
fffff880`04000000 fffff880`04043000   ks       ks.sys       Wed Mar 03 23:32:25 2010 (4B8F37D9)
fffff880`013b5000 fffff880`013cf000   ksecdd   ksecdd.sys   Mon Jul 13 19:20:54 2009 (4A5BC156)
fffff880`01460000 fffff880`0148b000   ksecpkg  ksecpkg.sys  Fri Dec 11 01:03:32 2009 (4B21E0B4)
fffff880`04510000 fffff880`04515200   ksthunk  ksthunk.sys  Mon Jul 13 20:00:19 2009 (4A5BCA93)
fffff880`00c92000 fffff880`00cd6000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 21:29:10 2009 (4A5BDF66)
fffff880`03fe9000 fffff880`03ff7000   monitor  monitor.sys  Mon Jul 13 19:38:52 2009 (4A5BC58C)
fffff880`041de000 fffff880`041ed000   mouclass mouclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`10bf1000 fffff880`10bfe000   mouhid   mouhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff880`00c6c000 fffff880`00c86000   mountmgr mountmgr.sys Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`019a8000 fffff880`019d9000   MpFilter MpFilter.sys Tue Sep 14 20:19:28 2010 (4C901110)
fffff880`01850000 fffff880`0185b000   Msfs     Msfs.SYS     Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00ebc000 fffff880`00ec6000   msisadrv msisadrv.sys Mon Jul 13 19:19:26 2009 (4A5BC0FE)
fffff880`010e0000 fffff880`0113e000   msrpc    msrpc.sys    Mon Jul 13 19:21:32 2009 (4A5BC17C)
fffff880`03ecc000 fffff880`03ed7000   mssmbios mssmbios.sys Mon Jul 13 19:31:10 2009 (4A5BC3BE)
fffff880`0149d000 fffff880`014af000   mup      mup.sys      Mon Jul 13 19:23:45 2009 (4A5BC201)
fffff880`014d1000 fffff880`015c3000   ndis     ndis.sys     Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`0413e000 fffff880`0414a000   ndistapi ndistapi.sys Mon Jul 13 20:10:00 2009 (4A5BCCD8)
fffff880`0414a000 fffff880`04179000   ndiswan  ndiswan.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`04473000 fffff880`04488000   NDProxy  NDProxy.SYS  Mon Jul 13 20:10:05 2009 (4A5BCCDD)
fffff880`02c00000 fffff880`02c0f000   netbios  netbios.sys  Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff880`02cfa000 fffff880`02d3f000   netbt    netbt.sys    Mon Jul 13 19:21:28 2009 (4A5BC178)
fffff880`01400000 fffff880`01460000   NETIO    NETIO.SYS    Thu Apr 08 22:43:59 2010 (4BBE946F)
fffff880`0185b000 fffff880`0186c000   Npfs     Npfs.SYS     Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`03ec0000 fffff880`03ecc000   nsiproxy nsiproxy.sys Mon Jul 13 19:21:02 2009 (4A5BC15E)
fffff800`02e19000 fffff800`033f6000   nt       ntkrnlmp.exe Tue Oct 26 22:43:09 2010 (4CC791BD)
fffff880`01212000 fffff880`013b5000   Ntfs     Ntfs.sys     Mon Jul 13 19:20:47 2009 (4A5BC14F)
fffff880`019d9000 fffff880`019e2000   Null     Null.SYS     Mon Jul 13 19:19:37 2009 (4A5BC109)
fffff880`10a67000 fffff880`10a68180   nvBridge nvBridge.kmd Fri Jan 07 20:57:22 2011 (4D27C482)
fffff880`04488000 fffff880`044b1000   nvhda64v nvhda64v.sys Thu Nov 11 18:10:36 2010 (4CDC77EC)
fffff880`0fe0c000 fffff880`10a66d00   nvlddmkm nvlddmkm.sys Fri Jan 07 21:07:22 2011 (4D27C6DA)
fffff880`02dd2000 fffff880`02df8000   pacer    pacer.sys    Mon Jul 13 20:09:41 2009 (4A5BCCC5)
fffff880`040cb000 fffff880`040e8000   parport  parport.sys  Mon Jul 13 20:00:40 2009 (4A5BCAA8)
fffff880`00d7b000 fffff880`00d90000   partmgr  partmgr.sys  Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`00d48000 fffff880`00d7b000   pci      pci.sys      Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`00ed3000 fffff880`00eda000   pciide   pciide.sys   Mon Jul 13 19:19:49 2009 (4A5BC115)
fffff880`00c5c000 fffff880`00c6c000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`013cf000 fffff880`013e0000   pcw      pcw.sys      Mon Jul 13 19:19:27 2009 (4A5BC0FF)
fffff880`044b1000 fffff880`044ee000   portcls  portcls.sys  Mon Jul 13 20:06:27 2009 (4A5BCC03)
fffff880`00cd6000 fffff880`00cea000   PSHED    PSHED.dll    Mon Jul 13 21:32:23 2009 (4A5BE027)
fffff880`0411a000 fffff880`0413e000   rasl2tp  rasl2tp.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`04179000 fffff880`04194000   raspppoe raspppoe.sys Mon Jul 13 20:10:17 2009 (4A5BCCE9)
fffff880`04194000 fffff880`041b5000   raspptp  raspptp.sys  Mon Jul 13 20:10:18 2009 (4A5BCCEA)
fffff880`041b5000 fffff880`041cf000   rassstp  rassstp.sys  Mon Jul 13 20:10:25 2009 (4A5BCCF1)
fffff880`03e6f000 fffff880`03ec0000   rdbss    rdbss.sys    Mon Jul 13 19:24:09 2009 (4A5BC219)
fffff880`01835000 fffff880`0183e000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`0183e000 fffff880`01847000   rdpencdd rdpencdd.sys Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`01847000 fffff880`01850000   rdprefmp rdprefmp.sys Mon Jul 13 20:16:35 2009 (4A5BCE63)
fffff880`015c3000 fffff880`015fd000   rdyboost rdyboost.sys Mon Jul 13 19:34:34 2009 (4A5BC48A)
fffff880`04061000 fffff880`040cb000   Rt64win7 Rt64win7.sys Wed Jan 26 08:34:03 2011 (4D4022CB)
fffff880`040e8000 fffff880`040f4000   serenum  serenum.sys  Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`02c0f000 fffff880`02c2c000   serial   serial.sys   Mon Jul 13 20:00:40 2009 (4A5BCAA8)
fffff880`01493000 fffff880`0149d000   speedfan speedfan.sys Sat Dec 18 06:03:51 2010 (4D0C9517)
fffff880`0148b000 fffff880`01493000   spldr    spldr.sys    Mon May 11 12:56:27 2009 (4A0858BB)
fffff880`041ed000 fffff880`041ee480   swenum   swenum.sys   Mon Jul 13 20:00:18 2009 (4A5BCA92)
fffff880`01600000 fffff880`017fd000   tcpip    tcpip.sys    Sun Jun 13 23:39:04 2010 (4C15A458)
fffff880`01895000 fffff880`018a2000   TDI      TDI.SYS      Mon Jul 13 19:21:18 2009 (4A5BC16E)
fffff880`01877000 fffff880`01895000   tdx      tdx.sys      Mon Jul 13 19:21:15 2009 (4A5BC16B)
fffff880`02c47000 fffff880`02c5b000   termdd   termdd.sys   Mon Jul 13 20:16:36 2009 (4A5BCE64)
fffff960`00590000 fffff960`0059a000   TSDDD    TSDDD.dll    Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`03f7f000 fffff880`03fa5000   tunnel   tunnel.sys   Mon Jul 13 20:09:37 2009 (4A5BCCC1)
fffff880`04043000 fffff880`04055000   umbus    umbus.sys    Mon Jul 13 20:06:56 2009 (4A5BCC20)
fffff880`045e4000 fffff880`045fec00   usbaudio usbaudio.sys Mon Jul 13 20:06:31 2009 (4A5BCC07)
fffff880`045c5000 fffff880`045e2000   usbccgp  usbccgp.sys  Mon Jul 13 20:06:45 2009 (4A5BCC15)
fffff880`045e2000 fffff880`045e3f00   USBD     USBD.SYS     Mon Jul 13 20:06:23 2009 (4A5BCBFF)
fffff880`10bc7000 fffff880`10bd8000   usbehci  usbehci.sys  Mon Jul 13 20:06:30 2009 (4A5BCC06)
fffff880`04419000 fffff880`04473000   usbhub   usbhub.sys   Mon Jul 13 20:07:09 2009 (4A5BCC2D)
fffff880`03e00000 fffff880`03e56000   USBPORT  USBPORT.SYS  Mon Jul 13 20:06:31 2009 (4A5BCC07)
fffff880`02c5b000 fffff880`02c76000   USBSTOR  USBSTOR.SYS  Mon Jul 13 20:06:34 2009 (4A5BCC0A)
fffff880`03fbb000 fffff880`03fe8200   usbvideo usbvideo.sys Wed Mar 03 23:40:57 2010 (4B8F39D9)
fffff880`00ec6000 fffff880`00ed3000   vdrvroot vdrvroot.sys Mon Jul 13 20:01:31 2009 (4A5BCADB)
fffff880`019e9000 fffff880`019f7000   vga      vga.sys      Mon Jul 13 19:38:47 2009 (4A5BC587)
fffff880`01800000 fffff880`01825000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:38:51 2009 (4A5BC58B)
fffff880`00d90000 fffff880`00da5000   volmgr   volmgr.sys   Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`00c00000 fffff880`00c5c000   volmgrx  volmgrx.sys  Mon Jul 13 19:20:33 2009 (4A5BC141)
fffff880`01000000 fffff880`0104c000   volsnap  volsnap.sys  Mon Jul 13 19:20:08 2009 (4A5BC128)
fffff880`02c2c000 fffff880`02c47000   wanarp   wanarp.sys   Mon Jul 13 20:10:21 2009 (4A5BCCED)
fffff880`01825000 fffff880`01835000   watchdog watchdog.sys Mon Jul 13 19:37:35 2009 (4A5BC53F)
fffff880`00e00000 fffff880`00ea4000   Wdf01000 Wdf01000.sys Mon Jul 13 19:22:07 2009 (4A5BC19F)
fffff880`00ea4000 fffff880`00eb3000   WDFLDR   WDFLDR.SYS   Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`02dc9000 fffff880`02dd2000   wfplwf   wfplwf.sys   Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff960`000c0000 fffff960`003d0000   win32k   win32k.sys   Tue Jan 04 22:59:44 2011 (4D23ECB0)
fffff880`00eb3000 fffff880`00ebc000   WMILIB   WMILIB.SYS   Mon Jul 13 19:19:51 2009 (4A5BC117)

Unloaded modules:
fffff880`01948000 fffff880`01956000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`01956000 fffff880`01962000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000C000
fffff880`01962000 fffff880`0196b000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00009000
fffff880`0196b000 fffff880`0197e000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00013000

 

[joejones789]

Screen Shots Attatched (plus another BSOD)

Hi

I have attatched screen shots of the CPU z info. Everythinng os set to auto using the Bios from my AS Rock motherboard. I have tried to update citrix many times, i use thwe xen app part of it during my studies. it has said several times that it is already fully updatted as the screenshot shows

Another Bsod happened between your reply and me writing this, please see attatched

Againg, thanks so much

 

[cybercore]

You have MSE and AVG running alongside, uninstall AVG for sure:

fffff880`0186c000 fffff880`01877000   avgfwd6a avgfwd6a.sys Tue Oct 06 18:04:57 2009 (4ACBBF09)
fffff880`011d0000 fffff880`011fd000   AVGIDSDriver AVGIDSDriver.sys Tue May 11 20:49:44 2010 (4BE9FB28)
fffff880`03ff4000 fffff880`04000000   AVGIDSFilter AVGIDSFilter.sys Tue May 11 20:48:52 2010 (4BE9FAF4)
fffff880`01945000 fffff880`0194f000   AVGIDSwa AVGIDSwa.sys Tue May 11 20:50:03 2010 (4BE9FB3B)
fffff880`03f71000 fffff880`03fb8000   avgldx64 avgldx64.sys Thu Jun 03 17:06:48 2010 (4C081968)
fffff880`03f69000 fffff880`03f70080   avgmfx64 avgmfx64.sys Sun Apr 25 17:06:15 2010 (4BD4AEC7)
fffff880`01938000 fffff880`019440c0   avgrkx64 avgrkx64.sys Wed Feb 10 22:52:44 2010 (4B737F0C)
fffff880`02c18000 fffff880`02c69000   avgtdia  avgtdia.sys  Thu Jun 03 17:09:57 2010 (4C081A25)

http://www.avg.com/ww-en/download-tools


~~~~~~~

Memory is set well now, and the cpu is not overclocked. As long as you are sufferring from bsod's, don't try to overclock even at moderate levels.



CRASH DUMPS

Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [F:\DMP\040111-17796-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0xfffff800`02e04000 PsLoadedModuleList = 0xfffff800`03041e50
Debug session time: Fri Apr  1 07:07:28.765 2011 (UTC - 4:00)
System Uptime: 0 days 0:00:38.000
Loading Kernel Symbols
...............................................................
................................................................
............
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 34, {50830, fffff8800319a558, fffff88003199dc0, fffff80002e57cbf}

Probably caused by : ntkrnlmp.exe ( nt!RtlDeleteNoSplay+93 )

Followup: MachineOwner
---------

2: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

CACHE_MANAGER (34)
    See the comment for FAT_FILE_SYSTEM (0x23)
Arguments:
Arg1: 0000000000050830
Arg2: fffff8800319a558
Arg3: fffff88003199dc0
Arg4: fffff80002e57cbf

Debugging Details:
------------------


EXCEPTION_RECORD:  fffff8800319a558 -- (.exr 0xfffff8800319a558)
ExceptionAddress: fffff80002e57cbf (nt!RtlDeleteNoSplay+0x0000000000000093)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000001
   Parameter[1]: 0000000000000800
Attempt to write to address 0000000000000800

CONTEXT:  fffff88003199dc0 -- (.cxr 0xfffff88003199dc0)
rax=fffff8a001536c08 rbx=fffffa80062fef68 rcx=0000000000000800
rdx=fffffa80062fef68 rsi=fffff8a001536c08 rdi=0000000000000000
rip=fffff80002e57cbf rsp=fffff8800319a790 rbp=fffffa80062fef68
 r8=ffffffffffffffff  r9=ffffffffffffffff r10=ffffffffffffffec
r11=fffff8a001536c08 r12=fffffa80069c1070 r13=fffff8a001536c08
r14=fffff8a001536c08 r15=0000000000000001
iopl=0         nv up ei pl zr na po nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010246
nt!RtlDeleteNoSplay+0x93:
fffff800`02e57cbf 488909          mov     qword ptr [rcx],rcx ds:002b:00000000`00000800=????????????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  System

CURRENT_IRQL:  0

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1:  0000000000000001

EXCEPTION_PARAMETER2:  0000000000000800

WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff800030ac0e0
 0000000000000800 

FOLLOWUP_IP: 
nt!RtlDeleteNoSplay+93
fffff800`02e57cbf 488909          mov     qword ptr [rcx],rcx

FAULTING_IP: 
nt!RtlDeleteNoSplay+93
fffff800`02e57cbf 488909          mov     qword ptr [rcx],rcx

BUGCHECK_STR:  0x34

LAST_CONTROL_TRANSFER:  from fffff880010a41a3 to fffff80002e57cbf

STACK_TEXT:  
fffff880`0319a790 fffff880`010a41a3 : ffffffff`ffffffff fffffa80`062fef28 fffffa80`062fef18 fffff880`010c2388 : nt!RtlDeleteNoSplay+0x93
fffff880`0319a7c0 fffff880`010a1460 : fffffa80`069eb010 fffffa80`069c1070 fffffa80`04bb1684 fffffa80`0486bc20 : fltmgr!TreeUnlinkMulti+0xb3
fffff880`0319a810 fffff880`010a1be9 : fffff880`03198000 00000000`00000002 fffffa80`049d3d00 00000000`00000300 : fltmgr!FltpPerformPreCallbacks+0x730
fffff880`0319a910 fffff880`010a06c7 : fffffa80`06b05010 fffffa80`049d3de0 fffffa80`0486dc80 00000000`00000000 : fltmgr!FltpPassThrough+0x2d9
fffff880`0319a990 fffff800`031885ce : fffffa80`069c1070 fffffa80`04974f00 00000000`00000000 fffffa80`049d3de0 : fltmgr!FltpDispatch+0xb7
fffff880`0319a9f0 fffff800`02e798b4 : 00000000`00000011 fffffa80`069c1070 fffffa80`03aa3c90 fffffa80`03ab4f30 : nt!IopDeleteFile+0x11e
fffff880`0319aa80 fffff800`02e64431 : fffffa80`069c1070 00000000`00000002 00000000`00000000 00000000`00000000 : nt!ObfDereferenceObject+0xd4
fffff880`0319aae0 fffff800`02e67d1c : 00000000`00000000 00000000`00000000 fffffa80`06a6b710 fffff800`00000000 : nt!CcDeleteSharedCacheMap+0x2fd
fffff880`0319ab50 fffff800`02e68520 : fffff800`0307b100 fffff880`0319ac58 00000000`00000000 fffff880`00000000 : nt!CcWriteBehind+0x5bc
fffff880`0319ac00 fffff800`02e81961 : fffffa80`03aa7ab0 fffff800`02e68358 fffff800`0307b140 fffff800`00000004 : nt!CcWorkerThread+0x1c8
fffff880`0319acb0 fffff800`031177c6 : ee90cc2a`ca375fb8 fffffa80`03aa8040 00000000`00000080 fffffa80`03a90040 : nt!ExpWorkerThread+0x111
fffff880`0319ad40 fffff800`02e52c26 : fffff880`02f64180 fffffa80`03aa8040 fffff880`02f6efc0 4828246c`8b48c533 : nt!PspSystemThreadStartup+0x5a
fffff880`0319ad80 00000000`00000000 : fffff880`0319b000 fffff880`03195000 fffff880`03199c90 00000000`00000000 : nt!KxStartSystemThread+0x16


SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!RtlDeleteNoSplay+93

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4cc791bd

STACK_COMMAND:  .cxr 0xfffff88003199dc0 ; kb

FAILURE_BUCKET_ID:  X64_0x34_nt!RtlDeleteNoSplay+93

BUCKET_ID:  X64_0x34_nt!RtlDeleteNoSplay+93

Followup: MachineOwner
---------

DRIVERS

start             end                 module name
fffff880`00f7a000 fffff880`00fd1000   ACPI     ACPI.sys     Mon Jul 13 19:19:34 2009 (4A5BC106)
fffff880`02cae000 fffff880`02d38000   afd      afd.sys      Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`04164000 fffff880`0417a000   AgileVpn AgileVpn.sys Mon Jul 13 20:10:24 2009 (4A5BCCF0)
fffff880`00ded000 fffff880`00df8000   amdxata  amdxata.sys  Tue May 19 13:56:59 2009 (4A12F2EB)
fffff880`00c86000 fffff880`00c8f000   atapi    atapi.sys    Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00dc3000 fffff880`00ded000   ataport  ataport.SYS  Mon Jul 13 19:19:52 2009 (4A5BC118)
fffff880`0186c000 fffff880`01877000   avgfwd6a avgfwd6a.sys Tue Oct 06 18:04:57 2009 (4ACBBF09)
fffff880`011d0000 fffff880`011fd000   AVGIDSDriver AVGIDSDriver.sys Tue May 11 20:49:44 2010 (4BE9FB28)
fffff880`03ff4000 fffff880`04000000   AVGIDSFilter AVGIDSFilter.sys Tue May 11 20:48:52 2010 (4BE9FAF4)
fffff880`01945000 fffff880`0194f000   AVGIDSwa AVGIDSwa.sys Tue May 11 20:50:03 2010 (4BE9FB3B)
fffff880`03f71000 fffff880`03fb8000   avgldx64 avgldx64.sys Thu Jun 03 17:06:48 2010 (4C081968)
fffff880`03f69000 fffff880`03f70080   avgmfx64 avgmfx64.sys Sun Apr 25 17:06:15 2010 (4BD4AEC7)
fffff880`01938000 fffff880`019440c0   avgrkx64 avgrkx64.sys Wed Feb 10 22:52:44 2010 (4B737F0C)
fffff880`02c18000 fffff880`02c69000   avgtdia  avgtdia.sys  Thu Jun 03 17:09:57 2010 (4C081A25)
fffff880`019e9000 fffff880`019f0000   Beep     Beep.SYS     Mon Jul 13 20:00:13 2009 (4A5BCA8D)
fffff880`03f58000 fffff880`03f69000   blbdrive blbdrive.sys Mon Jul 13 19:35:59 2009 (4A5BC4DF)
fffff960`006c0000 fffff960`006e7000   cdd      cdd.dll      unavailable (00000000)
fffff880`04560000 fffff880`0457d000   cdfs     cdfs.sys     Mon Jul 13 19:19:46 2009 (4A5BC112)
fffff880`01985000 fffff880`019af000   cdrom    cdrom.sys    Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`00e07000 fffff880`00ec7000   CI       CI.dll       Mon Jul 13 21:32:13 2009 (4A5BE01D)
fffff880`01908000 fffff880`01938000   CLASSPNP CLASSPNP.SYS Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`00d08000 fffff880`00d66000   CLFS     CLFS.SYS     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`0115d000 fffff880`011d0000   cng      cng.sys      Mon Jul 13 19:49:40 2009 (4A5BC814)
fffff880`04154000 fffff880`04164000   CompositeBus CompositeBus.sys Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`0fe00000 fffff880`0fe0e000   crashdmp crashdmp.sys Mon Jul 13 20:01:01 2009 (4A5BCABD)
fffff880`03f3d000 fffff880`03f58000   ctxusbm  ctxusbm.sys  Mon Sep 07 14:09:28 2009 (4AA54C58)
fffff880`03f1f000 fffff880`03f3d000   dfsc     dfsc.sys     Mon Jul 13 19:23:44 2009 (4A5BC200)
fffff880`03f10000 fffff880`03f1f000   discache discache.sys Mon Jul 13 19:37:18 2009 (4A5BC52E)
fffff880`018f2000 fffff880`01908000   disk     disk.sys     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`044dc000 fffff880`044fe000   drmk     drmk.sys     Mon Jul 13 21:01:25 2009 (4A5BD8E5)
fffff880`10bf5000 fffff880`10bfe000   dump_atapi dump_atapi.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`041f4000 fffff880`04200000   dump_dumpata dump_dumpata.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`03e84000 fffff880`03e97000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
fffff880`0459a000 fffff880`045a6000   Dxapi    Dxapi.sys    Mon Jul 13 19:38:28 2009 (4A5BC574)
fffff880`10a6b000 fffff880`10b5f000   dxgkrnl  dxgkrnl.sys  Tue Jan 25 23:22:56 2011 (4D3FA1A0)
fffff880`10b5f000 fffff880`10ba5000   dxgmms1  dxgmms1.sys  Tue Jan 25 23:22:12 2011 (4D3FA174)
fffff880`010eb000 fffff880`010ff000   fileinfo fileinfo.sys Mon Jul 13 19:34:25 2009 (4A5BC481)
fffff880`0109f000 fffff880`010eb000   fltmgr   fltmgr.sys   Mon Jul 13 19:19:59 2009 (4A5BC11F)
fffff880`013f6000 fffff880`01400000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 19:19:45 2009 (4A5BC111)
fffff880`018b8000 fffff880`018f2000   fvevol   fvevol.sys   Fri Sep 25 22:34:26 2009 (4ABD7DB2)
fffff880`01595000 fffff880`015df000   fwpkclnt fwpkclnt.sys Mon Jul 13 19:21:08 2009 (4A5BC164)
fffff800`033e1000 fffff800`0342a000   hal      hal.dll      Mon Jul 13 21:27:36 2009 (4A5BDF08)
fffff880`10ba5000 fffff880`10bc9000   HDAudBus HDAudBus.sys Mon Jul 13 20:06:13 2009 (4A5BCBF5)
fffff880`04504000 fffff880`04560000   HdAudio  HdAudio.sys  Mon Jul 13 20:06:59 2009 (4A5BCC23)
fffff880`045b4000 fffff880`045cd000   HIDCLASS HIDCLASS.SYS Mon Jul 13 20:06:21 2009 (4A5BCBFD)
fffff880`045cd000 fffff880`045d5080   HIDPARSE HIDPARSE.SYS Mon Jul 13 20:06:17 2009 (4A5BCBF9)
fffff880`045a6000 fffff880`045b4000   hidusb   hidusb.sys   Mon Jul 13 20:06:22 2009 (4A5BCBFE)
fffff880`052c0000 fffff880`05388000   HTTP     HTTP.sys     Mon Jul 13 19:22:16 2009 (4A5BC1A8)
fffff880`015f1000 fffff880`015fa000   hwpolicy hwpolicy.sys Mon Jul 13 19:19:22 2009 (4A5BC0FA)
fffff880`03fde000 fffff880`03ff4000   intelppm intelppm.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD)
fffff880`0403b000 fffff880`0404a000   kbdclass kbdclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`040b0000 fffff880`040be000   kbdhid   kbdhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff800`00bcf000 fffff800`00bd9000   kdcom    kdcom.dll    Mon Jul 13 21:31:07 2009 (4A5BDFDB)
fffff880`0405b000 fffff880`0409e000   ks       ks.sys       Wed Mar 03 23:32:25 2010 (4B8F37D9)
fffff880`013cb000 fffff880`013e5000   ksecdd   ksecdd.sys   Mon Jul 13 19:20:54 2009 (4A5BC156)
fffff880`0156a000 fffff880`01595000   ksecpkg  ksecpkg.sys  Fri Dec 11 01:03:32 2009 (4B21E0B4)
fffff880`044fe000 fffff880`04503200   ksthunk  ksthunk.sys  Mon Jul 13 20:00:19 2009 (4A5BCA93)
fffff880`02c00000 fffff880`02c15000   lltdio   lltdio.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`02ddc000 fffff880`02dff000   luafv    luafv.sys    Mon Jul 13 19:26:13 2009 (4A5BC295)
fffff880`00cb0000 fffff880`00cf4000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 21:29:10 2009 (4A5BDF66)
fffff880`03e97000 fffff880`03ea5000   monitor  monitor.sys  Mon Jul 13 19:38:52 2009 (4A5BC58C)
fffff880`0404a000 fffff880`04059000   mouclass mouclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`045f3000 fffff880`04600000   mouhid   mouhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff880`00c6c000 fffff880`00c86000   mountmgr mountmgr.sys Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`019af000 fffff880`019e0000   MpFilter MpFilter.sys Tue Sep 14 20:19:28 2010 (4C901110)
fffff880`01850000 fffff880`0185b000   Msfs     Msfs.SYS     Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00fda000 fffff880`00fe4000   msisadrv msisadrv.sys Mon Jul 13 19:19:26 2009 (4A5BC0FE)
fffff880`010ff000 fffff880`0115d000   msrpc    msrpc.sys    Mon Jul 13 19:21:32 2009 (4A5BC17C)
fffff880`03f05000 fffff880`03f10000   mssmbios mssmbios.sys Mon Jul 13 19:31:10 2009 (4A5BC3BE)
fffff880`01400000 fffff880`01412000   mup      mup.sys      Mon Jul 13 19:23:45 2009 (4A5BC201)
fffff880`01418000 fffff880`0150a000   ndis     ndis.sys     Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`0419e000 fffff880`041aa000   ndistapi ndistapi.sys Mon Jul 13 20:10:00 2009 (4A5BCCD8)
fffff880`041aa000 fffff880`041d9000   ndiswan  ndiswan.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`04461000 fffff880`04476000   NDProxy  NDProxy.SYS  Mon Jul 13 20:10:05 2009 (4A5BCCDD)
fffff880`02d67000 fffff880`02d76000   netbios  netbios.sys  Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff880`02c69000 fffff880`02cae000   netbt    netbt.sys    Mon Jul 13 19:21:28 2009 (4A5BC178)
fffff880`0150a000 fffff880`0156a000   NETIO    NETIO.SYS    Thu Apr 08 22:43:59 2010 (4BBE946F)
fffff880`0185b000 fffff880`0186c000   Npfs     Npfs.SYS     Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`03ef9000 fffff880`03f05000   nsiproxy nsiproxy.sys Mon Jul 13 19:21:02 2009 (4A5BC15E)
fffff800`02e04000 fffff800`033e1000   nt       ntkrnlmp.exe Tue Oct 26 22:43:09 2010 (4CC791BD)
fffff880`01228000 fffff880`013cb000   Ntfs     Ntfs.sys     Mon Jul 13 19:20:47 2009 (4A5BC14F)
fffff880`019e0000 fffff880`019e9000   Null     Null.SYS     Mon Jul 13 19:19:37 2009 (4A5BC109)
fffff880`10a69000 fffff880`10a6a180   nvBridge nvBridge.kmd Fri Jan 07 20:57:22 2011 (4D27C482)
fffff880`04476000 fffff880`0449f000   nvhda64v nvhda64v.sys Thu Nov 11 18:10:36 2010 (4CDC77EC)
fffff880`0fe0e000 fffff880`10a68d00   nvlddmkm nvlddmkm.sys Fri Jan 07 21:07:22 2011 (4D27C6DA)
fffff880`02d41000 fffff880`02d67000   pacer    pacer.sys    Mon Jul 13 20:09:41 2009 (4A5BCCC5)
fffff880`0412b000 fffff880`04148000   parport  parport.sys  Mon Jul 13 20:00:40 2009 (4A5BCAA8)
fffff880`00d99000 fffff880`00dae000   partmgr  partmgr.sys  Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`00d66000 fffff880`00d99000   pci      pci.sys      Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`00ff1000 fffff880`00ff8000   pciide   pciide.sys   Mon Jul 13 19:19:49 2009 (4A5BC115)
fffff880`00c5c000 fffff880`00c6c000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`013e5000 fffff880`013f6000   pcw      pcw.sys      Mon Jul 13 19:19:27 2009 (4A5BC0FF)
fffff880`0449f000 fffff880`044dc000   portcls  portcls.sys  Mon Jul 13 20:06:27 2009 (4A5BCC03)
fffff880`00cf4000 fffff880`00d08000   PSHED    PSHED.dll    Mon Jul 13 21:32:23 2009 (4A5BE027)
fffff880`0417a000 fffff880`0419e000   rasl2tp  rasl2tp.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`041d9000 fffff880`041f4000   raspppoe raspppoe.sys Mon Jul 13 20:10:17 2009 (4A5BCCE9)
fffff880`04000000 fffff880`04021000   raspptp  raspptp.sys  Mon Jul 13 20:10:18 2009 (4A5BCCEA)
fffff880`04021000 fffff880`0403b000   rassstp  rassstp.sys  Mon Jul 13 20:10:25 2009 (4A5BCCF1)
fffff880`03ea8000 fffff880`03ef9000   rdbss    rdbss.sys    Mon Jul 13 19:24:09 2009 (4A5BC219)
fffff880`01835000 fffff880`0183e000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`0183e000 fffff880`01847000   rdpencdd rdpencdd.sys Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`01847000 fffff880`01850000   rdprefmp rdprefmp.sys Mon Jul 13 20:16:35 2009 (4A5BCE63)
fffff880`0104c000 fffff880`01086000   rdyboost rdyboost.sys Mon Jul 13 19:34:34 2009 (4A5BC48A)
fffff880`01200000 fffff880`01218000   rspndr   rspndr.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`040c1000 fffff880`0412b000   Rt64win7 Rt64win7.sys Wed Jan 26 08:34:03 2011 (4D4022CB)
fffff880`02dc2000 fffff880`02ddc000   SCDEmu   SCDEmu.SYS   Mon Apr 12 04:52:25 2010 (4BC2DF49)
fffff880`04148000 fffff880`04154000   serenum  serenum.sys  Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`02d76000 fffff880`02d93000   serial   serial.sys   Mon Jul 13 20:00:40 2009 (4A5BCAA8)
fffff880`015e7000 fffff880`015f1000   speedfan speedfan.sys Sat Dec 18 06:03:51 2010 (4D0C9517)
fffff880`015df000 fffff880`015e7000   spldr    spldr.sys    Mon May 11 12:56:27 2009 (4A0858BB)
fffff880`04059000 fffff880`0405a480   swenum   swenum.sys   Mon Jul 13 20:00:18 2009 (4A5BCA92)
fffff880`01600000 fffff880`017fd000   tcpip    tcpip.sys    Sun Jun 13 23:39:04 2010 (4C15A458)
fffff880`01895000 fffff880`018a2000   TDI      TDI.SYS      Mon Jul 13 19:21:18 2009 (4A5BC16E)
fffff880`01877000 fffff880`01895000   tdx      tdx.sys      Mon Jul 13 19:21:15 2009 (4A5BC16B)
fffff880`02dae000 fffff880`02dc2000   termdd   termdd.sys   Mon Jul 13 20:16:36 2009 (4A5BCE64)
fffff960`005b0000 fffff960`005ba000   TSDDD    TSDDD.dll    unavailable (00000000)
fffff880`03fb8000 fffff880`03fde000   tunnel   tunnel.sys   Mon Jul 13 20:09:37 2009 (4A5BCCC1)
fffff880`0409e000 fffff880`040b0000   umbus    umbus.sys    Mon Jul 13 20:06:56 2009 (4A5BCC20)
fffff880`10bda000 fffff880`10bf4c00   usbaudio usbaudio.sys Mon Jul 13 20:06:31 2009 (4A5BCC07)
fffff880`045d6000 fffff880`045f3000   usbccgp  usbccgp.sys  Mon Jul 13 20:06:45 2009 (4A5BCC15)
fffff880`04598000 fffff880`04599f00   USBD     USBD.SYS     Mon Jul 13 20:06:23 2009 (4A5BCBFF)
fffff880`10bc9000 fffff880`10bda000   usbehci  usbehci.sys  Mon Jul 13 20:06:30 2009 (4A5BCC06)
fffff880`04407000 fffff880`04461000   usbhub   usbhub.sys   Mon Jul 13 20:07:09 2009 (4A5BCC2D)
fffff880`03e00000 fffff880`03e56000   USBPORT  USBPORT.SYS  Mon Jul 13 20:06:31 2009 (4A5BCC07)
fffff880`0457d000 fffff880`04598000   USBSTOR  USBSTOR.SYS  Mon Jul 13 20:06:34 2009 (4A5BCC0A)
fffff880`03e56000 fffff880`03e83200   usbvideo usbvideo.sys Wed Mar 03 23:40:57 2010 (4B8F39D9)
fffff880`00fe4000 fffff880`00ff1000   vdrvroot vdrvroot.sys Mon Jul 13 20:01:31 2009 (4A5BCADB)
fffff880`019f0000 fffff880`019fe000   vga      vga.sys      Mon Jul 13 19:38:47 2009 (4A5BC587)
fffff880`01800000 fffff880`01825000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:38:51 2009 (4A5BC58B)
fffff880`00dae000 fffff880`00dc3000   volmgr   volmgr.sys   Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`00c00000 fffff880`00c5c000   volmgrx  volmgrx.sys  Mon Jul 13 19:20:33 2009 (4A5BC141)
fffff880`01000000 fffff880`0104c000   volsnap  volsnap.sys  Mon Jul 13 19:20:08 2009 (4A5BC128)
fffff880`02d93000 fffff880`02dae000   wanarp   wanarp.sys   Mon Jul 13 20:10:21 2009 (4A5BCCED)
fffff880`01825000 fffff880`01835000   watchdog watchdog.sys Mon Jul 13 19:37:35 2009 (4A5BC53F)
fffff880`00ec7000 fffff880`00f6b000   Wdf01000 Wdf01000.sys Mon Jul 13 19:22:07 2009 (4A5BC19F)
fffff880`00f6b000 fffff880`00f7a000   WDFLDR   WDFLDR.SYS   Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`02d38000 fffff880`02d41000   wfplwf   wfplwf.sys   Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff960`00030000 fffff960`00340000   win32k   win32k.sys   unavailable (00000000)
fffff880`00fd1000 fffff880`00fda000   WMILIB   WMILIB.SYS   Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`0194f000 fffff880`01970000   WudfPf   WudfPf.sys   Mon Jul 13 20:05:37 2009 (4A5BCBD1)

Unloaded modules:
fffff880`0194f000 fffff880`0195d000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`0195d000 fffff880`01969000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000C000
fffff880`01969000 fffff880`01972000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00009000
fffff880`01972000 fffff880`01985000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00013000

 

[joejones789]

Why might AVG be causing the problems?

I'd really like to keep AVG installed if i can, why might it be causing all these problems?
My system seems really unstable with a BSOD pretty much every time i load it up now. anything else i can do to improve stability?

Cheers

Joe

 

[shadowalk]

Two antivirus programs running at the same time isn't a very pretty thing and will most likely conflict with each other. It's best to choose one and remove the other but yeah, I'd choose MSE over AVG for sure as well.

Try installing Service Pack 1 if you haven't done so yet, I know that helped remove all my BSODs.

 

[Elmer BeFuddled]

A.V.G has known issues with Windows 7. Something (and this is as technical as I can get!) with windows 7 having its own in-built security, a.k.a, UAC, which uses different algorithms (??) to previous Windows versions. A lot of the 3rd party (especially AVG) haven't caught up with this yet, hence it (they) cause blue screens.

Obviously MSE will be up to speed with this. This is why it gets the recommendation to be installed, especially while blue screening. And its free. When your blue screens are cured, security wise, you can try what you want. But I'd still say, as things stand at the moment, to give AVG a wide berth.

Just my tuppence worth.

 

[joejones789]

Uninstalled AVG

Hi

I've uninstalled AVG and restarted...all seems well

Can anyone recommend a programme that either does all the processes in 1 (AV Malware, spyware etc) or a series of programmes that haven't been known to cause issues?

I dont mind paying a moderate ammount as i feel this is the safest option, i just feel a touch exposed with just MSE

Cheers

Joe

 

[shadowalk]

I find it weird that you feel 'exposed' with just MSE and yet you trust AVG. But that's just my opinion and I'm not about to turn this thread into yet another AV argument thread.

You can try the somewhat-popular combo of having MSE and Malwarebytes' Anti-Malware (MBAM) as your security programs although in my personal experienced, MBAM never detected anything apart from what MSE detected so I removed MBAM thinking it's unnecessary but you may have a different experience from me so if you're interested, go ahead and try it.

Personally, I keep MSE as my only security program and I run Bitdefender's online quickscan from time to time. I'd recommend it.

 

[Elmer BeFuddled]

Malwarebytes free is good, for real time protection you need a licence, but usually a manual weekly scan after updating its database will do. You can also, obviously, do a manual scan with it on anything you've downloaded before you run them.

AV? Can of worms there!! Personally I use ESET AV. But it's always a matter of personal choice. MSE is very good, I personally don't like it but no doubt if I didn't have an ESET licence I could get to learn to love it!
Windows 7 firewall is more than up to the job and bears no resemblance whatsoever to the bad memories of the XP version.

WinPatrol, free is a good program to have running, it lets you know if anything tries to add itself to your start up programs, or ActiveX etc.

A lot of people also have Super Anti Spyware as a part of their defence. I did try it but ended up uninstalling it, what with ESET and a licenced Malwarebytes plus WinPatrol, in three months SAS only found one tracking cookie so I decided it wasn't worth the disc space.

None of this will do you any good though, if the moment you switch the internet on you put your modicum of common sense in the drawer and forget it!

So for me: ESET AV, Mbam and WinPatrol keep my system clean and healthy.

(An added bonus with ESET is you can completely disable Windows Updates. ESET tells you when your system isn't up to date. You can then, at your leisure, pick n mix the updates you wish to install. Not let Auto updates take control.)

 

[Elmer BeFuddled]

An update Joe. To make sure A.V.G. has left nothing behind, download the correct AVG Remover for your system (32 or 64 bit).
If you have AVG ID protection installed, download the AVGID Protection Remover from the above link as well (it wouldn't hurt to download and run it anyway).
Once downloaded, boot into Safe Mode and run them. All parts of A.V.G. should now be gone. As has been pointed out, 2 AV's will cause problems. This includes the dregs they leave behind.

If you are thinking to go for a 3rd party security after your problems are solved, let us know here. At a minimum Cybercore or myself at least will be able to tell you if you can expect problems.