Have problems with BSOD

CoralTrout · 25 Sep 2010

Hello, New to forum and know I am meant to be starting to thread but could not see where. Would much appreciate any advice on these dump files. I suspect that it is my Dlink network card - but am not good enough to tell.

CarlTR6 · 25 Sep 2010

Welcome to the forum, CoralTrout. I like your handle. I will ask the mods to take your post and mine and start a new thread for you. It will be in the Crashes and Debugging section. I will take a look at your BSODs. That is a lot of dumps. This will take a few minutes.

I looked at six of your dumps. Each one indicates memory corruption. Here are the error codes:

Stop error code 24, NTFS_FILE_SYSTEM - Usual causes are Disk corruption, insufficient physical memory, Device driver, Indexing, Resident antivirus, backup, defrag programs, Disk/Drive failing/failure

Stop error code 1A, MEMORY_MANAGEMENT - usual causes are Device driver, memory, kernel

Stop error code 3B, SYSTEM_SERVICE_EXCEPTION -usual causes are System service, Device driver, graphics driver, ?memory

Stop error code 7E, SYSTEM_THREAD_EXCEPTION_NOT_HANDLED - Insufficient disk space, Device driver, Video card, BIOS, Breakpoint with no debugger attached, Hardware incompatibility, Faulty system service, Memory, 3rd party remote control.

Code:

Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\Owner\AppData\Local\Temp\Temp1_082610-11310-01.zip\092610-18782-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*Symbol information
Executable search path is: 
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02e4a000 PsLoadedModuleList = 0xfffff800`03087e50
Debug session time: Sat Sep 25 17:10:07.560 2010 (GMT-4)
System Uptime: 0 days 0:00:12.746
Loading Kernel Symbols
...............................................................
................................................................
....
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 24, {1904fb, fffff88003346898, fffff88003346100, fffff8800125a80c}

Probably caused by : Ntfs.sys ( Ntfs!NtfsDecrementCloseCounts+2c )

Followup: MachineOwner
---------

3: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

NTFS_FILE_SYSTEM (24)
    If you see NtfsExceptionFilter on the stack then the 2nd and 3rd
    parameters are the exception record and context record. Do a .cxr
    on the 3rd parameter and then kb to obtain a more informative stack
    trace.
Arguments:
Arg1: 00000000001904fb
Arg2: fffff88003346898
Arg3: fffff88003346100
Arg4: fffff8800125a80c

Debugging Details:
------------------


EXCEPTION_RECORD:  fffff88003346898 -- (.exr 0xfffff88003346898)
ExceptionAddress: fffff8800125a80c (Ntfs!NtfsDecrementCloseCounts+0x000000000000002c)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: ffffffffffffffff
Attempt to read from address ffffffffffffffff

CONTEXT:  fffff88003346100 -- (.cxr 0xfffff88003346100)
rax=effffa80044a1180 rbx=fffffa80061e3c70 rcx=fffffa80061e3c70
rdx=fffff8a001b28140 rsi=fffff8a001b28010 rdi=fffff88003346c38
rip=fffff8800125a80c rsp=fffff88003346ad0 rbp=fffff8000305f5a0
 r8=fffff8a001b283a8  r9=0000000000000000 r10=fffff8a001b28010
r11=fffff88003346b52 r12=fffffa80044a1180 r13=0000000000000000
r14=fffff8a001b283a8 r15=0000000000000001
iopl=0         nv up ei pl zr ac po cy
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010257
Ntfs!NtfsDecrementCloseCounts+0x2c:
fffff880`0125a80c f08380dc000000ff lock add dword ptr [rax+0DCh],0FFFFFFFFh ds:002b:effffa80`044a125c=????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  System

CURRENT_IRQL:  0

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1:  0000000000000000

EXCEPTION_PARAMETER2:  ffffffffffffffff

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800030f20e0
 ffffffffffffffff 

FOLLOWUP_IP: 
Ntfs!NtfsDecrementCloseCounts+2c
fffff880`0125a80c f08380dc000000ff lock add dword ptr [rax+0DCh],0FFFFFFFFh

FAULTING_IP: 
Ntfs!NtfsDecrementCloseCounts+2c
fffff880`0125a80c f08380dc000000ff lock add dword ptr [rax+0DCh],0FFFFFFFFh

BUGCHECK_STR:  0x24

LAST_CONTROL_TRANSFER:  from fffff880012f3813 to fffff8800125a80c

STACK_TEXT:  
fffff880`03346ad0 fffff880`012f3813 : fffffa80`061e3c70 fffff800`0305f5a0 fffff8a0`01b28010 00000000`00000009 : Ntfs!NtfsDecrementCloseCounts+0x2c
fffff880`03346b10 fffff880`012cd38f : fffffa80`061e3c70 fffff8a0`01b28140 fffff8a0`01b28010 fffffa80`044a1180 : Ntfs!NtfsCommonClose+0x353
fffff880`03346be0 fffff800`02ec7961 : 00000000`00000000 fffff800`02eae300 fffff800`030c1101 fffffa80`00000002 : Ntfs!NtfsFspClose+0x15f
fffff880`03346cb0 fffff800`0315ec06 : 80d4522c`9cd20e0a fffffa80`0371a680 00000000`00000080 fffffa80`036dc040 : nt!ExpWorkerThread+0x111
fffff880`03346d40 fffff800`02e98c26 : fffff880`03167180 fffffa80`0371a680 fffff880`031720c0 70c0f944`83adc468 : nt!PspSystemThreadStartup+0x5a
fffff880`03346d80 00000000`00000000 : fffff880`03347000 fffff880`03341000 fffff880`033469f0 00000000`00000000 : nt!KxStartSystemThread+0x16


SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  Ntfs!NtfsDecrementCloseCounts+2c

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: Ntfs

IMAGE_NAME:  Ntfs.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc14f

STACK_COMMAND:  .cxr 0xfffff88003346100 ; kb

FAILURE_BUCKET_ID:  X64_0x24_Ntfs!NtfsDecrementCloseCounts+2c

BUCKET_ID:  X64_0x24_Ntfs!NtfsDecrementCloseCounts+2c

Followup: MachineOwner
---------


Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\Owner\AppData\Local\Temp\Temp1_082610-11310-01.zip\092410-12620-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*Symbol information
Executable search path is: 
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02e56000 PsLoadedModuleList = 0xfffff800`03093e50
Debug session time: Thu Sep 23 10:20:54.444 2010 (GMT-4)
System Uptime: 0 days 0:02:26.630
Loading Kernel Symbols
...............................................................
................................................................
........................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1A, {41790, fffffa8000325800, ffff, 0}

Probably caused by : ntkrnlmp.exe ( nt! ?? ::FNODOBFM::`string'+33906 )

Followup: MachineOwner
---------

4: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

MEMORY_MANAGEMENT (1a)
    # Any other values for parameter 1 must be individually examined.
Arguments:
Arg1: 0000000000041790, The subtype of the bugcheck.
Arg2: fffffa8000325800
Arg3: 000000000000ffff
Arg4: 0000000000000000

Debugging Details:
------------------


BUGCHECK_STR:  0x1a_41790

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  WerFault.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from fffff80002f39f9e to fffff80002ec6740

STACK_TEXT:  
fffff880`03946648 fffff800`02f39f9e : 00000000`0000001a 00000000`00041790 fffffa80`00325800 00000000`0000ffff : nt!KeBugCheckEx
fffff880`03946650 fffff800`02f080da : 00000000`00000000 00000000`010cffff fffffa80`00000000 fffffa80`06af2060 : nt! ?? ::FNODOBFM::`string'+0x33906
fffff880`03946810 fffff800`02ec5993 : ffffffff`ffffffff fffff880`03946ad0 fffff880`03946ad8 00000000`00008000 : nt!NtFreeVirtualMemory+0x5ca
fffff880`03946900 fffff800`02ec1f30 : fffff800`03156a9f fffffa80`06af2060 fffffa80`064abb60 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
fffff880`03946a98 fffff800`03156a9f : fffffa80`06af2060 fffffa80`064abb60 00000000`00000000 00000000`800706ba : nt!KiServiceLinkage
fffff880`03946aa0 fffff800`031abc4e : 00000000`01050000 00000000`00000000 00000000`800706ba fffffa80`05ddc890 : nt!RtlFreeUserStack+0x27
fffff880`03946ad0 fffff800`031af72d : fffff880`800706ba fffff800`031dc500 000007ff`fffd8000 00000000`00000000 : nt!PspExitThread+0x7ae
fffff880`03946b90 fffff800`031af969 : fffffa80`064abb60 00000000`800706ba fffffa80`064abb60 00000000`00000000 : nt!PspTerminateThreadByPointer+0x4d
fffff880`03946be0 fffff800`02ec5993 : fffffa80`064abb60 fffff880`03946ca0 00000000`00000000 00000000`00000000 : nt!NtTerminateThread+0x45
fffff880`03946c20 00000000`770b028a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`010cfe18 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x770b028a


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt! ?? ::FNODOBFM::`string'+33906
fffff800`02f39f9e cc              int     3

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  nt! ?? ::FNODOBFM::`string'+33906

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c44a9

FAILURE_BUCKET_ID:  X64_0x1a_41790_nt!_??_::FNODOBFM::_string_+33906

BUCKET_ID:  X64_0x1a_41790_nt!_??_::FNODOBFM::_string_+33906

Followup: MachineOwner
---------


Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\Owner\AppData\Local\Temp\Temp1_082610-11310-01.zip\091210-17316-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*Symbol information
Executable search path is: 
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02e15000 PsLoadedModuleList = 0xfffff800`03052e50
Debug session time: Sat Sep 11 21:32:53.356 2010 (GMT-4)
System Uptime: 0 days 0:00:13.542
Loading Kernel Symbols
...............................................................
................................................................
.....................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 3B, {c0000005, fffff96000129651, fffff8800647f030, 0}

Probably caused by : win32k.sys ( win32k!xxxRealInternalGetMessage+211 )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff96000129651, Address of the exception record for the exception that caused the bugcheck
Arg3: fffff8800647f030, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
win32k!xxxRealInternalGetMessage+211
fffff960`00129651 39b9d8020000    cmp     dword ptr [rcx+2D8h],edi

CONTEXT:  fffff8800647f030 -- (.cxr 0xfffff8800647f030)
rax=0000000000000000 rbx=fffff900c1e02820 rcx=1000000000000000
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff96000129651 rsp=fffff8800647fa00 rbp=fffff8800647fca0
 r8=fffff900c1e00ea0  r9=000000003084c274 r10=00000000000034e4
r11=fffff900c1e12a50 r12=0000000000000001 r13=fffff8800647fb68
r14=00000000000020c8 r15=0000000000000000
iopl=0         nv up ei pl nz na po nc
cs=0010  ss=0000  ds=002b  es=002b  fs=0053  gs=002b             efl=00010206
win32k!xxxRealInternalGetMessage+0x211:
fffff960`00129651 39b9d8020000    cmp     dword ptr [rcx+2D8h],edi ds:002b:10000000`000002d8=????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x3B

PROCESS_NAME:  explorer.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from fffff96000129d21 to fffff96000129651

STACK_TEXT:  
fffff880`0647fa00 fffff960`00129d21 : 00000000`00000012 fffff800`000020c8 00000000`00000012 fffffa80`00000012 : win32k!xxxRealInternalGetMessage+0x211
fffff880`0647fae0 fffff960`00122787 : fffff8a0`012f0aa0 fffff8a0`01f23510 fffff8a0`01f23510 fffff800`0319b514 : win32k!xxxInternalGetMessage+0x35
fffff880`0647fb20 fffff800`02e84993 : fffffa80`05abf060 00000000`000cf508 fffff880`0647fbc8 0000007f`ffffffff : win32k!NtUserPeekMessage+0x77
fffff880`0647fbb0 00000000`77a3bb2a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`000cf4e8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x77a3bb2a


FOLLOWUP_IP: 
win32k!xxxRealInternalGetMessage+211
fffff960`00129651 39b9d8020000    cmp     dword ptr [rcx+2D8h],edi

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  win32k!xxxRealInternalGetMessage+211

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: win32k

IMAGE_NAME:  win32k.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c483f

STACK_COMMAND:  .cxr 0xfffff8800647f030 ; kb

FAILURE_BUCKET_ID:  X64_0x3B_win32k!xxxRealInternalGetMessage+211

BUCKET_ID:  X64_0x3B_win32k!xxxRealInternalGetMessage+211

Followup: MachineOwner
---------


Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\Owner\AppData\Local\Temp\Temp1_082610-11310-01.zip\091210-11528-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*Symbol information
Executable search path is: 
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02e02000 PsLoadedModuleList = 0xfffff800`0303fe50
Debug session time: Sat Sep 11 21:40:44.947 2010 (GMT-4)
System Uptime: 0 days 0:00:15.133
Loading Kernel Symbols
...............................................................
..............................................................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000007E, {ffffffffc0000005, fffff80003114ba3, fffff88003551618, fffff88003550e80}

Probably caused by : ntkrnlmp.exe ( nt! ?? ::NNGAKEGL::`string'+18088 )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003.  This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG.  This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG.  This will let us see why this breakpoint is
happening.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff80003114ba3, The address that the exception occurred at
Arg3: fffff88003551618, Exception Record Address
Arg4: fffff88003550e80, Context Record Address

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
nt! ?? ::NNGAKEGL::`string'+18088
fffff800`03114ba3 f00fc169f4      lock xadd dword ptr [rcx-0Ch],ebp

EXCEPTION_RECORD:  fffff88003551618 -- (.exr 0xfffff88003551618)
ExceptionAddress: fffff80003114ba3 (nt! ?? ::NNGAKEGL::`string'+0x0000000000018088)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: ffffffffffffffff
Attempt to read from address ffffffffffffffff

CONTEXT:  fffff88003550e80 -- (.cxr 0xfffff88003550e80)
rax=000000000000000e rbx=fffff8a000130910 rcx=1000000000000000
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80003114ba3 rsp=fffff88003551850 rbp=00000000ffffffff
 r8=0000000000000020  r9=fffff88003551ca0 r10=fffffa80059dab30
r11=fffffa80060ad588 r12=0000000000000000 r13=fffffa800371a140
r14=fffffa80060ad560 r15=fffff88003551c60
iopl=0         nv up ei pl nz na po nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010206
nt! ?? ::NNGAKEGL::`string'+0x18088:
fffff800`03114ba3 f00fc169f4      lock xadd dword ptr [rcx-0Ch],ebp ds:002b:0fffffff`fffffff4=????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  System

CURRENT_IRQL:  0

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1:  0000000000000000

EXCEPTION_PARAMETER2:  ffffffffffffffff

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800030aa0e0
 ffffffffffffffff 

FOLLOWUP_IP: 
nt! ?? ::NNGAKEGL::`string'+18088
fffff800`03114ba3 f00fc169f4      lock xadd dword ptr [rcx-0Ch],ebp

BUGCHECK_STR:  0x7E

LAST_CONTROL_TRANSFER:  from fffff80003174068 to fffff80003114ba3

STACK_TEXT:  
fffff880`03551850 fffff800`03174068 : 00000000`00000000 00000000`fffeffff fffff800`02feae68 00000000`00000000 : nt! ?? ::NNGAKEGL::`string'+0x18088
fffff880`03551890 fffff800`03172e52 : 00000000`00000000 00000000`00000001 00000000`00000000 00000000`00000001 : nt!AlpcpDestroyBlob+0x28
fffff880`035518c0 fffff800`03174006 : fffffa80`0371a140 00000000`00000000 00000000`00000000 fffffa80`0371a140 : nt!AlpcpReceiveMessage+0x65f
fffff880`03551960 fffff800`02e71993 : fffffa80`03721040 fffff880`03551b00 fffff880`03551c38 00000000`00000000 : nt!NtAlpcSendWaitReceivePort+0x1e6
fffff880`03551a10 fffff800`02e6df30 : fffff800`02e36d38 00000000`00000000 fffff880`03551c70 00000000`6f706d55 : nt!KiSystemServiceCopyEnd+0x13
fffff880`03551c18 fffff800`02e36d38 : 00000000`00000000 fffff880`03551c70 00000000`6f706d55 00000000`000007ff : nt!KiServiceLinkage
fffff880`03551c20 fffff800`03116c06 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!PopUmpoMessageThread+0x110
fffff880`03551d40 fffff800`02e50c26 : fffff880`009b1180 fffffa80`03721040 fffffa80`03705b60 00000000`00000000 : nt!PspSystemThreadStartup+0x5a
fffff880`03551d80 00000000`00000000 : fffff880`03552000 fffff880`0354c000 fffff880`03551750 00000000`00000000 : nt!KxStartSystemThread+0x16


SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt! ?? ::NNGAKEGL::`string'+18088

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c44a9

STACK_COMMAND:  .cxr 0xfffff88003550e80 ; kb

FAILURE_BUCKET_ID:  X64_0x7E_nt!_??_::NNGAKEGL::_string_+18088

BUCKET_ID:  X64_0x7E_nt!_??_::NNGAKEGL::_string_+18088

Followup: MachineOwner
---------

I find a driver on your system that is almost guaranteed to cause BSODs"

ASACPI.sys Sun Mar 27 22:30:36 2005

The 2005 version of this driver is a known BSOD cause.
Please visit this link: ASUSTeK Computer Inc.-Support- download_item_mkt Scroll down to the Utilities category, then scroll down to the "ATK0110 driver for WindowsXP/Vista/Windows 7 32&64-bit " (it's about the 8th item down). Download and install it.

Go to C:\Windows\System32\drivers to check and make sure that the ASACPI.sys file is date stamped from 2009 or 2010 (NOT 2005). Reboot.

Because you have two dumps indicating your NTFS file system, I recommend that you run Check Disk.

Run CHKDSK /R /F from an elevated (Run as adminstrator) Command Prompt. Please do this for each hard drive on your system.

When it tells you it can't do it right now - and asks you if you'd like to do it at the next reboot - answer Y (for Yes) and press Enter. Then reboot and let the test run. It may take a while for it to run, but keep an occasional eye on it to see if it generates any errors. See "CHKDSK LogFile" below in order to check the results of the test.

Elevated Command Prompt:
Go to Start and type in "cmd.exe" (without the quotes)
At the top of the Search Box, right click on Cmd.exe and select "Run as administrator"

CHKDSK LogFile:
Go to Start and type in "eventvwr.msc" (without the quotes) and press Enter
Expand the Windows logs heading, then select the Application log file entry.
Double click on the Source column header.
Scroll down the list until you find the Chkdsk entry (wininit for Windows 7) (winlogon for XP).

Copy/paste the results into your next post.

Airbot · 25 Sep 2010

This will show you how to make your own thread.

Windows 7 Forums - FAQ: Board FAQ

CarlTR6 · 25 Sep 2010

Thank you, Airbot.

CoralTrout · 25 Sep 2010

Guys, Thanks. Will try this now. I am running the computer with the problem in safe mode so will copy this link accross and get started. Not quick at this so will take me some time.

CarlTR6 · 25 Sep 2010

Post back with any questions you have and keep us updated. :)

CoralTrout · 29 Sep 2010

Guys, Thanks. Got a friend around and he was able to follow your instructions well. The ASUS download helped. The main problem was the DLink wireless card conflicting. Thanks again.

CarlTR6 · 29 Sep 2010

CoralTrout said:

Guys, Thanks. Got a friend around and he was able to follow your instructions well. The ASUS download helped. The main problem was the DLink wireless card conflicting. Thanks again.

Great news! Glad to hear you are running smoothly. Thank you for reporting back with the solution. Happy computing!