BSOD: Major Issue, need to know what is causing it.

Page 2 of 4 FirstFirst 1234 LastLast

  1. Posts : 28,845
    Win 8 Release candidate 8400
       #11

    Jordyi said:
    Hi there Carl, nice to see you again :) I've already run both a memtest and windows memory diagnostic with you before and both showed no errors with the RAM after around 8 passes on memtest.

    This was the only Wininit related information file in the event viewer after the CHKDSK. Also, the CHKDSK seemed to skip and say the drive was clear? I forget what termonology it used exactly but it was something of that sort.

    Here is the event viewer log I have:

    Log Name: Application
    Source: Microsoft-Windows-Wininit
    Date: 07/10/2010 19:39:34
    Event ID: 1001
    Task Category: None
    Level: Information
    Keywords: Classic
    User: N/A
    Computer: Jordan-PC
    Description:
    The description for Event ID 1001 from source Microsoft-Windows-Wininit cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.

    If the event originated on another computer, the display information had to be saved with the event.

    The following information was included with the event:

    Windows Live Communications Platform
    15.4.3502.0922
    0
    0
    Microsoft Corporation
    (NULL)

    the message resource is present but the message is not found in the string/message table

    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
    <Provider Name="MsiInstaller" />
    <EventID Qualifiers="0">1033</EventID>
    <Level>4</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2010-10-07T20:56:12.000000000Z" />
    <EventRecordID>359</EventRecordID>
    <Channel>Application</Channel>
    <Computer>Jordan-PC</Computer>
    <Security UserID="S-1-5-21-940806814-3963168932-2268050668-1000" />
    </System>
    <EventData>
    <Data>Windows Live Communications Platform</Data>
    <Data>15.4.3502.0922</Data>
    <Data>0</Data>
    <Data>0</Data>
    <Data>Microsoft Corporation</Data>
    <Data>(NULL)</Data>
    <Data>
    </Data>
    <Binary>7B44343532343044332D423642332D344646392D423234332D3534454345334531303036367D3030303062363465 373961623739356138623462323462653039306137353231336330393030303030303030</Binary>
    </EventData>
    </Event>


    This event viewer entry is "informational" not a critical event.


    Haven't been following this thread but if they haven't asked your to run SFC /scannow yet you should.

    SFC /SCANNOW Command - System File Checker
      My Computer


  2. Posts : 11,990
    Windows 7 Ultimate 32 bit
       #12

    OK, very good. I was just going by things I saw in the dumps. I looked at five of them.
    Error code 1, APC_INDEX_MISMATCH. This is a kernel internal error. The most common reason to see this
    bugcheck is when a filesystem or a driver has a mismatched number of
    calls to disable and re-enable APCs.

    Error code D1, DRIVER_IRQL_NOT_LESS_OR_EQUAL. Caused by a device driver.

    Error code 24, NTFS_FILE_SYSTEM. Usual causes: Disk corruption, insufficient physical memory, Device driver, Indexing, Resident antivirus, backup, defrag programs, Disk/Drive failing/failure.

    Error code FC, ATTEMPTED_EXECUTE_OF_NOEXECUTE_MEMORY. Caused by a device driver.
    Code:
    Kernel base = 0x8280f000 PsLoadedModuleList = 0x82957810
    Debug session time: Sat Oct  9 13:52:43.894 2010 (GMT-4)
    System Uptime: 0 days 0:05:44.188
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    ..................
    Loading User Symbols
    Loading unloaded module list
    ......
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck 1, {82a89654, 0, 1, 0}
    
    Probably caused by : ntkrpamp.exe ( nt!NtOpenFile+0 )
    
    Followup: MachineOwner
    ---------
    
    0: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    APC_INDEX_MISMATCH (1)
    This is a kernel internal error. The most common reason to see this
    bugcheck is when a filesystem or a driver has a mismatched number of
    calls to disable and re-enable APCs. The key data item is the
    Thread->KernelApcDisable field. A negative value indicates that a driver
    has disabled APC calls without re-enabling them.  A positive value indicates
    that the reverse is true. This check is made on exit from a system call.
    Arguments:
    Arg1: 82a89654, address of system function (system call)
    Arg2: 00000000, Thread->ApcStateIndex << 8 | Previous ApcStateIndex
    Arg3: 00000001, Thread->KernelApcDisable
    Arg4: 00000000, Previous KernelApcDisable
    
    Debugging Details:
    ------------------
    
    
    FAULTING_IP: 
    nt!NtOpenFile+0
    82a89654 8bff            mov     edi,edi
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    
    BUGCHECK_STR:  0x1
    
    PROCESS_NAME:  Steam.exe
    
    CURRENT_IRQL:  0
    
    LAST_CONTROL_TRANSFER:  from 77a164f4 to 828527d3
    
    STACK_TEXT:  
    a10efd34 77a164f4 badb0d00 0846ec98 00000000 nt!KiServiceExit2+0x17a
    WARNING: Frame IP not in any known module. Following frames may be wrong.
    0846ef88 00000000 00000000 00000000 00000000 0x77a164f4
    
    
    STACK_COMMAND:  .bugcheck ; kb
    
    FOLLOWUP_IP: 
    nt!NtOpenFile+0
    82a89654 8bff            mov     edi,edi
    
    SYMBOL_NAME:  nt!NtOpenFile+0
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: nt
    
    IMAGE_NAME:  ntkrpamp.exe
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c3fac
    
    FAILURE_BUCKET_ID:  0x1_nt!NtOpenFile+0
    
    BUCKET_ID:  0x1_nt!NtOpenFile+0
    
    Followup: MachineOwner
    ---------
    
    Kernel base = 0x82856000 PsLoadedModuleList = 0x8299e810
    Debug session time: Sat Oct  9 14:47:48.106 2010 (GMT-4)
    System Uptime: 0 days 0:53:41.400
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    .................
    Loading User Symbols
    Loading unloaded module list
    ......
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck D1, {c20f8abe, 2, 1, 93ab1852}
    
    Unable to load image \SystemRoot\system32\DRIVERS\nvlddmkm.sys, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for nvlddmkm.sys
    *** ERROR: Module load completed but symbols could not be loaded for nvlddmkm.sys
    Probably caused by : hardware ( nvlddmkm+9a852 )
    
    Followup: MachineOwner
    ---------
    
    0: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high.  This is usually
    caused by drivers using improper addresses.
    If kernel debugger is available get stack backtrace.
    Arguments:
    Arg1: c20f8abe, memory referenced
    Arg2: 00000002, IRQL
    Arg3: 00000001, value 0 = read operation, 1 = write operation
    Arg4: 93ab1852, address which referenced memory
    
    Debugging Details:
    ------------------
    
    
    WRITE_ADDRESS: GetPointerFromAddress: unable to read from 829be718
    Unable to read MiSystemVaType memory at 8299e160
     c20f8abe 
    
    CURRENT_IRQL:  2
    
    FAULTING_IP: 
    nvlddmkm+9a852
    93ab1852 010f            add     dword ptr [edi],ecx
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    
    BUGCHECK_STR:  0xD1
    
    PROCESS_NAME:  System
    
    TRAP_FRAME:  8297ca74 -- (.trap 0xffffffff8297ca74)
    ErrCode = 00000002
    eax=00001af3 ebx=00000000 ecx=0023c346 edx=00000000 esi=8539d000 edi=c20f8abe
    eip=93ab1852 esp=8297cae8 ebp=8297cb38 iopl=0         nv up ei ng nz na po cy
    cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010283
    nvlddmkm+0x9a852:
    93ab1852 010f            add     dword ptr [edi],ecx  ds:0023:c20f8abe=????????
    Resetting default scope
    
    MISALIGNED_IP: 
    nvlddmkm+9a852
    93ab1852 010f            add     dword ptr [edi],ecx
    
    LAST_CONTROL_TRANSFER:  from 93ab1852 to 8289c82b
    
    STACK_TEXT:  
    8297ca74 93ab1852 badb0d00 00000000 ffa47280 nt!KiTrap0E+0x2cf
    WARNING: Stack unwind information not available. Following frames may be wrong.
    8297cb38 828c004d 86891568 00000000 77d75670 nvlddmkm+0x9a852
    8297cb7c 828bfff1 8297fd20 8297cca8 00000001 nt!KiProcessTimerDpcTable+0x50
    8297cc68 828bfeae 8297fd20 8297cca8 00000000 nt!KiProcessExpiredTimerList+0x101
    8297ccdc 828be20e 000326a2 86065d48 82989280 nt!KiTimerExpiration+0x25c
    8297cd20 828be038 00000000 0000000e 00000000 nt!KiRetireDpcList+0xcb
    8297cd24 00000000 0000000e 00000000 00000000 nt!KiIdleLoop+0x38
    
    
    STACK_COMMAND:  kb
    
    FOLLOWUP_IP: 
    nvlddmkm+9a852
    93ab1852 010f            add     dword ptr [edi],ecx
    
    SYMBOL_STACK_INDEX:  1
    
    SYMBOL_NAME:  nvlddmkm+9a852
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: hardware
    
    IMAGE_NAME:  hardware
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  0
    
    FAILURE_BUCKET_ID:  IP_MISALIGNED_nvlddmkm.sys
    
    BUCKET_ID:  IP_MISALIGNED_nvlddmkm.sys
    
    Followup: MachineOwner
    ---------
    
    Kernel base = 0x82840000 PsLoadedModuleList = 0x82988810
    Debug session time: Sat Oct  9 17:39:49.291 2010 (GMT-4)
    System Uptime: 0 days 0:03:33.585
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    .............
    Loading User Symbols
    Loading unloaded module list
    ......
    3: kd> !Analyze
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck 24, {1904fb, 8db73898, 8db73470, 82ab8229}
    
    Probably caused by : fileinfo.sys ( fileinfo!FIStreamLog+6f )
    
    Followup: MachineOwner
    ---------
    
    3: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    NTFS_FILE_SYSTEM (24)
        If you see NtfsExceptionFilter on the stack then the 2nd and 3rd
        parameters are the exception record and context record. Do a .cxr
        on the 3rd parameter and then kb to obtain a more informative stack
        trace.
    Arguments:
    Arg1: 001904fb
    Arg2: 8db73898
    Arg3: 8db73470
    Arg4: 82ab8229
    
    Debugging Details:
    ------------------
    
    
    EXCEPTION_RECORD:  8db73898 -- (.exr 0xffffffff8db73898)
    ExceptionAddress: 82ab8229 (nt!PfpRpFileKeyUpdate+0x00000199)
       ExceptionCode: c0000005 (Access violation)
      ExceptionFlags: 00000000
    NumberParameters: 2
       Parameter[0]: 00000000
       Parameter[1]: 0055004c
    Attempt to read from address 0055004c
    
    CONTEXT:  8db73470 -- (.cxr 0xffffffff8db73470)
    eax=9c07afdc ebx=00520052 ecx=9c6a2490 edx=ffffffff esi=82977730 edi=00550048
    eip=82ab8229 esp=8db73960 ebp=8db73990 iopl=0         nv up ei pl zr na pe nc
    cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010246
    nt!PfpRpFileKeyUpdate+0x199:
    82ab8229 8b5f04          mov     ebx,dword ptr [edi+4] ds:0023:0055004c=????????
    Resetting default scope
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  STRING_DEREFERENCE
    
    PROCESS_NAME:  System
    
    CURRENT_IRQL:  0
    
    ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
    
    EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
    
    EXCEPTION_PARAMETER1:  00000000
    
    EXCEPTION_PARAMETER2:  0055004c
    
    READ_ADDRESS: GetPointerFromAddress: unable to read from 829a8718
    Unable to read MiSystemVaType memory at 82988160
     0055004c 
    
    FOLLOWUP_IP: 
    fileinfo!FIStreamLog+6f
    8b7edbc3 8b0d80c77e8b    mov     ecx,dword ptr [fileinfo!FIGlobals+0x5c0 (8b7ec780)]
    
    FAULTING_IP: 
    nt!PfpRpFileKeyUpdate+199
    82ab8229 8b5f04          mov     ebx,dword ptr [edi+4]
    
    BUGCHECK_STR:  0x24
    
    LAST_CONTROL_TRANSFER:  from 828d6c0b to 82ab8229
    
    STACK_TEXT:  
    8db73990 828d6c0b 00000000 9c6a2490 8db73a68 nt!PfpRpFileKeyUpdate+0x199
    8db739ec 8b7edbc3 8db73a54 85c7a4b8 9c0d0fd0 nt!PfFileInfoNotify+0x4ae
    8db73a78 8b7edd3d 8db73a88 9c0d0fa0 87745e07 fileinfo!FIStreamLog+0x6f
    8db73a9c 82fbd5f4 9c0d0fd0 00000008 00000000 fileinfo!FIStreamCleanup+0x79
    8db73ab8 82fbd7c0 9c0d0fa0 9c0d0fa0 8db73adc fltmgr!DoFreeContext+0x66
    8db73ac8 82fce722 9c0d0fa0 87745e00 87745dd8 fltmgr!DoReleaseContext+0x42
    8db73adc 82fdb793 87745e04 87745e00 ffffffff fltmgr!FltpDeleteContextList+0x15c
    8db73afc 82fdb9b4 87745dd8 9c6a2490 00000000 fltmgr!CleanupStreamListCtrl+0x1b
    8db73b10 82a5e818 87745ddc a25e1dc2 00000000 fltmgr!DeleteStreamListCtrlCallback+0x5a
    8db73b50 8b8d1fb2 9c6a2490 9c6a23a0 9c6a2490 nt!FsRtlTeardownPerStreamContexts+0x13a
    8db73b6c 8b8c8b3b 00000705 9c6a23c8 9c6a23a0 Ntfs!NtfsDeleteScb+0x214
    8db73b84 8b83871e 8826bb18 9c6a2490 00000000 Ntfs!NtfsRemoveScb+0xc5
    8db73ba0 8b8b90d2 8826bb18 9c6a23a0 00000000 Ntfs!NtfsPrepareFcbForRemoval+0x62
    8db73be4 8b835bec 8826bb18 9c6a2490 9c6a2638 Ntfs!NtfsTeardownStructures+0x68
    8db73c0c 8b8b555b 8826bb18 9c6a2490 9c6a2638 Ntfs!NtfsDecrementCloseCounts+0xaf
    8db73c6c 8b8d44c3 8826bb18 9c6a2490 9c6a23a0 Ntfs!NtfsCommonClose+0x4f2
    8db73d00 828adf3b 00000000 00000000 853ae7f0 Ntfs!NtfsFspClose+0x118
    8db73d50 82a4e6d3 00000000 a25e1b02 00000000 nt!ExpWorkerThread+0x10d
    8db73d90 829000f9 828ade2e 00000000 00000000 nt!PspSystemThreadStartup+0x9e
    00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19
    
    
    SYMBOL_STACK_INDEX:  2
    
    SYMBOL_NAME:  fileinfo!FIStreamLog+6f
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: fileinfo
    
    IMAGE_NAME:  fileinfo.sys
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc18f
    
    STACK_COMMAND:  .cxr 0xffffffff8db73470 ; kb
    
    FAILURE_BUCKET_ID:  0x24_fileinfo!FIStreamLog+6f
    
    BUCKET_ID:  0x24_fileinfo!FIStreamLog+6f
    
    Followup: MachineOwner
    ---------
    
    Kernel base = 0x8280c000 PsLoadedModuleList = 0x82954810
    Debug session time: Sat Oct  9 17:03:59.503 2010 (GMT-4)
    System Uptime: 0 days 0:00:59.782
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    ................
    Loading User Symbols
    Loading unloaded module list
    ......
    0: kd> !Analyze
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck FC, {fe81de60, 8971f863, 9fdeeba8, 2}
    
    Probably caused by : win32k.sys ( win32k!UT_GetParentDCClipBox+15 )
    
    Followup: MachineOwner
    ---------
    
    0: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    ATTEMPTED_EXECUTE_OF_NOEXECUTE_MEMORY (fc)
    An attempt was made to execute non-executable memory.  The guilty driver
    is on the stack trace (and is typically the current instruction pointer).
    When possible, the guilty driver's name (Unicode string) is printed on
    the bugcheck screen and saved in KiBugCheckDriver.
    Arguments:
    Arg1: fe81de60, Virtual address for the attempted execute.
    Arg2: 8971f863, PTE contents.
    Arg3: 9fdeeba8, (reserved)
    Arg4: 00000002, (reserved)
    
    Debugging Details:
    ------------------
    
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    
    BUGCHECK_STR:  0xFC
    
    PROCESS_NAME:  Safari.exe
    
    CURRENT_IRQL:  0
    
    TRAP_FRAME:  9fdeeba8 -- (.trap 0xffffffff9fdeeba8)
    ErrCode = 00000011
    eax=80000000 ebx=0b010b72 ecx=fdcc9010 edx=01e70740 esi=00000003 edi=9fdeecc8
    eip=fe81de60 esp=9fdeec1c ebp=9fdeec50 iopl=0         nv up ei ng nz na pe cy
    cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010287
    fe81de60 c60102          mov     byte ptr [ecx],2           ds:0023:fdcc9010=??
    Resetting default scope
    
    LAST_CONTROL_TRANSFER:  from 82852638 to 82891903
    
    STACK_TEXT:  
    9fdeeb90 82852638 00000008 fe81de60 00000000 nt!MmAccessFault+0x106
    9fdeeb90 fe81de60 00000008 fe81de60 00000000 nt!KiTrap0E+0xdc
    WARNING: Frame IP not in any known module. Following frames may be wrong.
    9fdeec50 9721b7f6 fe4c99a8 9fdeecd0 00000001 0xfe81de60
    9fdeec74 9721b648 fe81de60 0b010b72 9fdeecd0 win32k!UT_GetParentDCClipBox+0x15
    9fdeec98 9721b493 00000000 9fdeecc8 08eb8a8f win32k!xxxBeginPaint+0x11d
    9fdeed24 8284f44a 000201c6 0014e918 00000000 win32k!NtUserBeginPaint+0x4f
    9fdeed24 777264f4 000201c6 0014e918 00000000 nt!KiFastCallEntry+0x12a
    00000000 00000000 00000000 00000000 00000000 0x777264f4
    
    
    STACK_COMMAND:  kb
    
    FOLLOWUP_IP: 
    win32k!UT_GetParentDCClipBox+15
    9721b7f6 83f801          cmp     eax,1
    
    SYMBOL_STACK_INDEX:  3
    
    SYMBOL_NAME:  win32k!UT_GetParentDCClipBox+15
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: win32k
    
    IMAGE_NAME:  win32k.sys
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c425a
    
    FAILURE_BUCKET_ID:  0xFC_win32k!UT_GetParentDCClipBox+15
    
    BUCKET_ID:  0xFC_win32k!UT_GetParentDCClipBox+15
    
    Followup: MachineOwner
    ---------
    We are back to drivers again. I find these out of date drivers. Those 2007 drivers are obsolete.
    netr28u.sys Wed Feb 25 21:42:42 2009 - Ralink RT2870 series USB 802.11n Wireless Adapter Driver (you may have a different manufacturer) Ralink corp.. Update this driver or Upgrade your wireless adapter.

    Rt86win7.sys Thu Feb 26 04:04:22 2009 - Latest PCIe GBE (GigaBit Ethernet) drivers here: Realtek

    snapman.sys Thu Nov 22 03:19:58 2007
    - Acronis True Image Snapshot Manager driver http://www.acronis.com. Uninstall this old version and purchase a new copy. Or try Macrium Reflect (free).

    tdrpman.sys Mon Nov 12 08:35:28 2007 - Acronis Try&Decide and Restore Points Volume Filter Driver http://www.acronis.com. See above.

    tifsfilt.sys Wed Aug 29 08:37:17 2007 - Acronis True Image FS Filter http://www.acronis.com. See above.

    timntr.sys Wed Aug 29 08:13:12 2007 - Acronis True Image Backup Archive Explorer http://www.acronis.com. See above.
    Uninstall Acronis. This may well be the cause of your BSOD's. Update those other two drivers. Let's see how your system does.
      My Computer


  3. Posts : 72
    Windows 7 x64
    Thread Starter
       #13

    Ok, so I tried running the chkdsk again and it worked this time :) Here's the information from event viewer:

    Log Name: Application
    Source: Microsoft-Windows-Wininit
    Date: 10/10/2010 01:56:29
    Event ID: 1001
    Task Category: None
    Level: Information
    Keywords: Classic
    User: N/A
    Computer: Jordan-PC
    Description:


    Checking file system on C:
    The type of the file system is NTFS.

    A disk check has been scheduled.
    Windows will now check the disk.

    CHKDSK is verifying files (stage 1 of 5)...
    79872 file records processed.

    File verification completed.
    75 large file records processed.

    0 bad file records processed.

    2 EA records processed.

    44 reparse records processed.

    CHKDSK is verifying indexes (stage 2 of 5)...
    104916 index entries processed.

    Index verification completed.
    0 unindexed files scanned.

    0 unindexed files recovered.

    CHKDSK is verifying security descriptors (stage 3 of 5)...
    79872 file SDs/SIDs processed.

    Cleaning up 189 unused index entries from index $SII of file 0x9.
    Cleaning up 189 unused index entries from index $SDH of file 0x9.
    Cleaning up 189 unused security descriptors.
    Security descriptor verification completed.
    12523 data files processed.

    CHKDSK is verifying Usn Journal...
    37105752 USN bytes processed.

    Usn Journal verification completed.
    CHKDSK is verifying file data (stage 4 of 5)...
    79856 files processed.

    File data verification completed.
    CHKDSK is verifying free space (stage 5 of 5)...
    142106332 free clusters processed.

    Free space verification is complete.
    CHKDSK discovered free space marked as allocated in the
    master file table (MFT) bitmap.
    CHKDSK discovered free space marked as allocated in the volume bitmap.
    Windows has made corrections to the file system.

    612543487 KB total disk space.
    43875552 KB in 67082 files.
    40976 KB in 12524 indexes.
    0 KB in bad sectors.
    201627 KB in use by the system.
    65536 KB occupied by the log file.
    568425332 KB available on disk.

    4096 bytes in each allocation unit.
    153135871 total allocation units on disk.
    142106333 allocation units available on disk.

    Internal Info:
    00 38 01 00 01 37 01 00 40 60 02 00 00 00 00 00 .8...7..@`......
    bf 00 00 00 2c 00 00 00 00 00 00 00 00 00 00 00 ....,...........
    70 5d 26 00 50 01 24 00 38 1a 24 00 00 00 24 00 p]&.P.$.8.$...$.

    Windows has finished checking your disk.
    Please wait while your computer restarts.

    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
    <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
    <EventID Qualifiers="16384">1001</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2010-10-10T00:56:29.000000000Z" />
    <EventRecordID>1955</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer>Jordan-PC</Computer>
    <Security />
    </System>
    <EventData>
    <Data>

    Checking file system on C:
    The type of the file system is NTFS.

    A disk check has been scheduled.
    Windows will now check the disk.

    CHKDSK is verifying files (stage 1 of 5)...
    79872 file records processed.

    File verification completed.
    75 large file records processed.

    0 bad file records processed.

    2 EA records processed.

    44 reparse records processed.

    CHKDSK is verifying indexes (stage 2 of 5)...
    104916 index entries processed.

    Index verification completed.
    0 unindexed files scanned.

    0 unindexed files recovered.

    CHKDSK is verifying security descriptors (stage 3 of 5)...
    79872 file SDs/SIDs processed.

    Cleaning up 189 unused index entries from index $SII of file 0x9.
    Cleaning up 189 unused index entries from index $SDH of file 0x9.
    Cleaning up 189 unused security descriptors.
    Security descriptor verification completed.
    12523 data files processed.

    CHKDSK is verifying Usn Journal...
    37105752 USN bytes processed.

    Usn Journal verification completed.
    CHKDSK is verifying file data (stage 4 of 5)...
    79856 files processed.

    File data verification completed.
    CHKDSK is verifying free space (stage 5 of 5)...
    142106332 free clusters processed.

    Free space verification is complete.
    CHKDSK discovered free space marked as allocated in the
    master file table (MFT) bitmap.
    CHKDSK discovered free space marked as allocated in the volume bitmap.
    Windows has made corrections to the file system.

    612543487 KB total disk space.
    43875552 KB in 67082 files.
    40976 KB in 12524 indexes.
    0 KB in bad sectors.
    201627 KB in use by the system.
    65536 KB occupied by the log file.
    568425332 KB available on disk.

    4096 bytes in each allocation unit.
    153135871 total allocation units on disk.
    142106333 allocation units available on disk.

    Internal Info:
    00 38 01 00 01 37 01 00 40 60 02 00 00 00 00 00 .8...7..@`......
    bf 00 00 00 2c 00 00 00 00 00 00 00 00 00 00 00 ....,...........
    70 5d 26 00 50 01 24 00 38 1a 24 00 00 00 24 00 p]&amp;.P.$.8.$...$.

    Windows has finished checking your disk.
    Please wait while your computer restarts.
    </Data>
    </EventData>
    </Event>
      My Computer


  4. Posts : 11,990
    Windows 7 Ultimate 32 bit
       #14

    That is good news; your hard drive seems to be fine. Now just uninstall Acronis and update those other tow drivers and we will see if your systems is more stable.
      My Computer


  5. Posts : 72
    Windows 7 x64
    Thread Starter
       #15

    I'm not entirely sure what acronis is. I've not installed it myself so it must be something that's come with my computer? Will that mean that the program will be located under windows installations?

    Also, how should I try and use Macrium Reflect to resolve this? Thanks.

    Edit: Figured out what program was using these files. Maxtor Maxblast seemed to be the program I had which was made by Acronis. Though, I've only installed this program as of starting this thread after being told to I believe, so I don't think this is the issue but I have uninstalled it anyway and now updated the other two drivers. I'll see how it goes from here, thanks. :)
    Last edited by Jordyi; 10 Oct 2010 at 08:42.
      My Computer


  6. Posts : 11,990
    Windows 7 Ultimate 32 bit
       #16

    Very; nice work. Let's see if that helps.

    Acronis itself is an imaging program. It enables you to make an image of your hard drive and store it on another drive. In the event you have to do a reinstall, get a virus, etc. you can simply reimage your your system back to the original hard drive. This saves having to reinstall software, redo your mods, and it preserves all of your data. Macrium Reflect and other imaging programs do the same thing. It is a great backup tool and I recommend it. Here is an excellent tutorial on the subject: Imaging with free Macrium
      My Computer


  7. Posts : 72
    Windows 7 x64
    Thread Starter
       #17

    Still getting more BSODs unfortuantly, that of which i've included. Thanks

    I've noticed a lot of USBPORT.sys BSODs coming up as of late as well as NTFS.sys. In device manager, I have a USB mass storage device labelled as being plugged in and working even when I have no USB devices in. When I disable this USB device, my system BSODs and shuts down. Don't know if this is just coincidental or has nothing to do with the issue, but thought it was worth a mention. Thanks again.


    CarlTR6 said:
    Acronis itself is an imaging program. It enables you to make an image of your hard drive and store it on another drive. In the event you have to do a reinstall, get a virus, etc. you can simply reimage your your system back to the original hard drive. This saves having to reinstall software, redo your mods, and it preserves all of your data. Macrium Reflect and other imaging programs do the same thing. It is a great backup tool and I recommend it. Here is an excellent tutorial on the subject: Imaging with free Macrium
    Ah I see, thanks. :)
      My Computer


  8. Posts : 72
    Windows 7 x64
    Thread Starter
       #18

    Bump for help. Thanks.
      My Computer


  9. Posts : 72
    Windows 7 x64
    Thread Starter
       #19

    24 hour bump. Thanks again.
      My Computer


  10. Posts : 72
    Windows 7 x64
    Thread Starter
       #20

    Bump for help, thanks.
      My Computer


 
Page 2 of 4 FirstFirst 1234 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 03:34.
Find Us