NON-STOP CRASHES/BSODS on BRAND NEW PC


  1. MLT
    Posts : 20
    Windows 7 Pro (x64)
       New #1

    NON-STOP CRASHES/BSODS on BRAND NEW PC


    Win 7 Pro x64
    i7 2.8Ghz
    OnBoard Audio
    ATI HD 5750


    OS is Full Retail and clean install. System is only a couple months old but has seen little use due to crashing constantly. Was installed on new drive. Stability was fine for about a month or so but terribly unstable now. It seems random but the predictable part is if I successfully boot up and am able to run without crashing, the next time I reboot it will crash (always different reason/error given too)

    I gathered the latest drivers for everything (as far as I can tell) but don't want to touch anything because it is working (right now anyway) until someone can tell me whether any drivers need to be updated or not.

    Using MSE (doesn't show in Sys Report for some reason though)



    Attached is Sys Health Report and crash dump files.

    Thanks in advance.
      My Computer
    Quote Quote

  3. fimble
    Posts : 927
    windows 7 ultimate
       New #2

    Hi MLT and Welcome.

    I'm looking through your dump files, but, as a start, I looked at your msinfo file.
    Under your start programs is listed:
    Program: cbwhecte
    C:\Windows\Temp\cfevqwjgs\dsugqcilajb.exe
    USERNAME: .Default

    As a Priority:

    Download TDSSKiller and run it in Safe Mode.

    Download, install and update Malwarebytes' Free. Run a full scan in Safe Mode.

    Run a scan with your MSE in Safe Mode.
      My Computer
    Quote Quote

  4. fimble
    Posts : 927
    windows 7 ultimate
       New #3

    STOP 0x0000000A: IRQL_NOT_LESS_OR_EQUAL
    Usual causes:     Kernel mode driver, System Service, BIOS, Windows, Virus scanner, Backup tool, compatibility.

    Your latest dump file lists ntkrnlmp.exe as the probable cause. This is a Windows System file and for it to be the cause is highly.
    Old and incompatible drivers can and do cause issues with Windows 7, often giving false error codes.

    Drivers with Updates:

    jraid.sys Wed Jan 27 08:58:17 2010 JMicron Raid Driver

    nusb3hub.sys Fri Nov 20 10:15:57 2009
    nusb3xhc.sys Fri Nov 20 10:16:01 2009 Go to your Motherboard Mfrs. Support website and update your USB 3.0 drivers.

    Rt64win7.sys Thu Mar 04 13:42:52 2010 Realtek PCIe GBE Family Controller 7.037

    RTKVHD64.sys Fri Mar 26 10:30:50 2010 Realtek HD Audio R2.57

    Bugcheck Analysis
    Code:
    Loading Dump File [C:\DUMPS\MLT\021211-16489-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`03c0f000 PsLoadedModuleList = 0xfffff800`03e4ce50
Debug session time: Sat Feb 12 23:54:01.513 2011 (UTC + 0:00)
System Uptime: 0 days 0:00:22.574
Loading Kernel Symbols
..

Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.

.............................................................
................................................................
....
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck A, {fffff8a001b8203e, 2, 1, fffff80003f65901}

Probably caused by : ntkrnlmp.exe ( nt!ObpQueryNameString+4ed )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: fffff8a001b8203e, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, bitfield :
    bit 0 : value 0 = read operation, 1 = write operation
    bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff80003f65901, address which referenced memory

Debugging Details:
------------------


WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff80003eb70e0
 fffff8a001b8203e 

CURRENT_IRQL:  2

FAULTING_IP: 
nt!ObpQueryNameString+4ed
fffff800`03f65901 668939          mov     word ptr [rcx],di

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0xA

PROCESS_NAME:  MpCmdRun.exe

TRAP_FRAME:  fffff88002a4c240 -- (.trap 0xfffff88002a4c240)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000020 rbx=0000000000000000 rcx=fffff8a001b8203e
rdx=fffff8a00000b010 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80003f65901 rsp=fffff88002a4c3d0 rbp=fffff88002a4c780
 r8=0000000000002000  r9=fffff88002a4c5d0 r10=0000000000000000
r11=00000000000001c8 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz ac pe nc
nt!ObpQueryNameString+0x4ed:
fffff800`03f65901 668939          mov     word ptr [rcx],di ds:1c10:fffff8a0`01b8203e=????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff80003c7eca9 to fffff80003c7f740

STACK_TEXT:  
fffff880`02a4c0f8 fffff800`03c7eca9 : 00000000`0000000a fffff8a0`01b8203e 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
fffff880`02a4c100 fffff800`03c7d920 : ffffffff`fffffffe fffffa80`05c87c80 00000000`00000000 fffff800`03df9e80 : nt!KiBugCheckDispatch+0x69
fffff880`02a4c240 fffff800`03f65901 : fffff880`02a4c780 fffff8a0`0000b030 00000000`00000001 fffffa80`07bba000 : nt!KiPageFault+0x260
fffff880`02a4c3d0 fffff800`03f6656a : fffffa80`05c87cd0 fffff8a0`01b82000 fffffa80`00002000 fffff880`02a4c5d0 : nt!ObpQueryNameString+0x4ed
fffff880`02a4c4d0 fffff800`03f65ecf : fffff880`00401802 fffffa80`06aadd00 fffff8a0`20206f49 00000000`03c7ac13 : nt!ObQueryNameString+0xe
fffff880`02a4c510 fffff800`03f66612 : fffffa80`06aadd00 fffff960`00401802 00000000`00000000 fffffa80`07bba000 : nt!IopQueryNameInternal+0x9f
fffff880`02a4c5b0 fffff800`03f654c4 : 00000000`00000000 fffff800`00401802 00000000`00000000 fffffa80`07bba000 : nt!IopQueryName+0x26
fffff880`02a4c600 fffff800`03edada3 : fffffa80`06aadd00 fffffa80`07bba000 fffff8a0`00002000 fffff880`02a4c798 : nt!ObpQueryNameString+0xb0
fffff880`02a4c700 fffff800`03f3c43e : fffffa80`07b969d0 00000000`00000000 fffffa80`07bcb9a0 00000000`00000001 : nt! ?? ::NNGAKEGL::`string'+0x210a4
fffff880`02a4c8a0 fffff800`03f64cd4 : 000007ff`fffd8000 fffff880`02a4cc20 00000000`00000000 fffffa80`075ffa60 : nt!PspExitProcess+0x4e
fffff880`02a4c900 fffff800`03f3d635 : 00000000`00000000 fffffa80`07bcb901 000007ff`fffd8000 00000000`00000000 : nt!PspExitThread+0x834
fffff880`02a4c9c0 fffff800`03c5c1db : 00000000`00000000 00000000`00000000 fffffa80`07b905b0 00000000`00000000 : nt!PsExitSpecialApc+0x1d
fffff880`02a4c9f0 fffff800`03c5c620 : 00000000`0018ae90 fffff880`02a4ca70 fffff800`03f3d74c 00000000`00000001 : nt!KiDeliverApc+0x2eb
fffff880`02a4ca70 fffff800`03c7ea37 : ffffffff`ffffffff 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiInitiateUserApc+0x70
fffff880`02a4cbb0 00000000`777bfdba : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExit+0x9c
00000000`00efee98 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x777bfdba


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!ObpQueryNameString+4ed
fffff800`03f65901 668939          mov     word ptr [rcx],di

SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  nt!ObpQueryNameString+4ed

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c44a9

FAILURE_BUCKET_ID:  X64_0xA_nt!ObpQueryNameString+4ed

BUCKET_ID:  X64_0xA_nt!ObpQueryNameString+4ed

Followup: MachineOwner
    Drivers:
    Code:
    fffff880`0507e000 fffff880`050bc000   1394ohci 1394ohci.sys Tue Jul 14 01:07:12 2009 (4A5BCC30)
fffff880`00f5e000 fffff880`00fb5000   ACPI     ACPI.sys     Tue Jul 14 00:19:34 2009 (4A5BC106)
fffff880`03ca6000 fffff880`03d30000   afd      afd.sys      Tue Jul 14 00:21:40 2009 (4A5BC184)
fffff880`050e2000 fffff880`050f8000   AgileVpn AgileVpn.sys Tue Jul 14 01:10:24 2009 (4A5BCCF0)
fffff880`01048000 fffff880`01053000   amdxata  amdxata.sys  Tue May 19 18:56:59 2009 (4A12F2EB)
fffff880`04309000 fffff880`04311000   AppleCharger AppleCharger.sys Thu Apr 22 08:05:49 2010 (4BCFF54D)
fffff880`00ddf000 fffff880`00de8000   atapi    atapi.sys    Tue Jul 14 00:19:47 2009 (4A5BC113)
fffff880`0101e000 fffff880`01048000   ataport  ataport.SYS  Tue Jul 14 00:19:52 2009 (4A5BC118)
fffff880`056f0000 fffff880`05710000   AtihdW76 AtihdW76.sys Mon Aug 16 11:41:02 2010 (4C6915BE)
fffff880`04804000 fffff880`04ff9000   atikmdag atikmdag.sys Wed Oct 27 03:29:53 2010 (4CC78EA1)
fffff880`0437f000 fffff880`043ca000   atikmpag atikmpag.sys Wed Oct 27 03:14:23 2010 (4CC78AFF)
fffff960`00960000 fffff960`009c1000   ATMFD    ATMFD.DLL    Wed Oct 20 04:05:45 2010 (4CBE5C89)
fffff880`0199d000 fffff880`019a4000   Beep     Beep.SYS     Tue Jul 14 01:00:13 2009 (4A5BCA8D)
fffff880`042f8000 fffff880`04309000   blbdrive blbdrive.sys Tue Jul 14 00:35:59 2009 (4A5BC4DF)
fffff960`00620000 fffff960`00647000   cdd      cdd.dll      unavailable (00000000)
fffff880`01939000 fffff880`01963000   cdrom    cdrom.sys    Tue Jul 14 00:19:54 2009 (4A5BC11A)
fffff880`00c00000 fffff880`00cc0000   CI       CI.dll       Tue Jul 14 02:32:13 2009 (4A5BE01D)
fffff880`018d3000 fffff880`01903000   CLASSPNP CLASSPNP.SYS Tue Jul 14 00:19:58 2009 (4A5BC11E)
fffff880`00d38000 fffff880`00d96000   CLFS     CLFS.SYS     Tue Jul 14 00:19:57 2009 (4A5BC11D)
fffff880`01111000 fffff880`01184000   cng      cng.sys      Tue Jul 14 00:49:40 2009 (4A5BC814)
fffff880`050d2000 fffff880`050e2000   CompositeBus CompositeBus.sys Tue Jul 14 01:00:33 2009 (4A5BCAA1)
fffff880`06b1d000 fffff880`06b2b000   crashdmp crashdmp.sys Tue Jul 14 01:01:01 2009 (4A5BCABD)
fffff880`04257000 fffff880`042da000   csc      csc.sys      Tue Jul 14 00:24:26 2009 (4A5BC22A)
fffff880`042da000 fffff880`042f8000   dfsc     dfsc.sys     Tue Jul 14 00:23:44 2009 (4A5BC200)
fffff880`03c68000 fffff880`03c77000   discache discache.sys Tue Jul 14 00:37:18 2009 (4A5BC52E)
fffff880`018bd000 fffff880`018d3000   disk     disk.sys     Tue Jul 14 00:19:57 2009 (4A5BC11D)
fffff880`0574d000 fffff880`0576f000   drmk     drmk.sys     Tue Jul 14 02:01:25 2009 (4A5BD8E5)
fffff880`06b37000 fffff880`06b40000   dump_atapi dump_atapi.sys Tue Jul 14 00:19:47 2009 (4A5BC113)
fffff880`06b2b000 fffff880`06b37000   dump_dumpata dump_dumpata.sys Tue Jul 14 00:19:47 2009 (4A5BC113)
fffff880`06b40000 fffff880`06b53000   dump_dumpfve dump_dumpfve.sys Tue Jul 14 00:21:51 2009 (4A5BC18F)
fffff880`06b11000 fffff880`06b1d000   Dxapi    Dxapi.sys    Tue Jul 14 00:38:28 2009 (4A5BC574)
fffff880`0442b000 fffff880`0451f000   dxgkrnl  dxgkrnl.sys  Tue Nov 02 02:51:31 2010 (4CCF7CB3)
fffff880`0451f000 fffff880`04565000   dxgmms1  dxgmms1.sys  Tue Nov 02 02:50:56 2010 (4CCF7C90)
fffff880`0109f000 fffff880`010b3000   fileinfo fileinfo.sys Tue Jul 14 00:34:25 2009 (4A5BC481)
fffff880`01053000 fffff880`0109f000   fltmgr   fltmgr.sys   Tue Jul 14 00:19:59 2009 (4A5BC11F)
fffff880`01200000 fffff880`0120a000   Fs_Rec   Fs_Rec.sys   Tue Jul 14 00:19:45 2009 (4A5BC111)
fffff880`01883000 fffff880`018bd000   fvevol   fvevol.sys   Sat Sep 26 03:34:26 2009 (4ABD7DB2)
fffff880`015a7000 fffff880`015f1000   fwpkclnt fwpkclnt.sys Tue Jul 14 00:21:08 2009 (4A5BC164)
fffff880`050bc000 fffff880`050c9000   GEARAspiWDM GEARAspiWDM.sys Mon May 18 13:17:04 2009 (4A1151C0)
fffff800`041eb000 fffff800`04234000   hal      hal.dll      Tue Jul 14 02:27:36 2009 (4A5BDF08)
fffff880`04565000 fffff880`04589000   HDAudBus HDAudBus.sys Tue Jul 14 01:06:13 2009 (4A5BCBF5)
fffff880`06b61000 fffff880`06b7a000   HIDCLASS HIDCLASS.SYS Tue Jul 14 01:06:21 2009 (4A5BCBFD)
fffff880`06b7a000 fffff880`06b82080   HIDPARSE HIDPARSE.SYS Tue Jul 14 01:06:17 2009 (4A5BCBF9)
fffff880`06b53000 fffff880`06b61000   hidusb   hidusb.sys   Tue Jul 14 01:06:22 2009 (4A5BCBFE)
fffff880`0187a000 fffff880`01883000   hwpolicy hwpolicy.sys Tue Jul 14 00:19:22 2009 (4A5BC0FA)
fffff880`04337000 fffff880`0434d000   intelppm intelppm.sys Tue Jul 14 00:19:25 2009 (4A5BC0FD)
fffff880`00cc0000 fffff880`00ce0000   jraid    jraid.sys    Wed Jan 27 08:58:17 2010 (4B600029)
fffff880`051b8000 fffff880`051c7000   kbdclass kbdclass.sys Tue Jul 14 00:19:50 2009 (4A5BC116)
fffff880`06bad000 fffff880`06bbb000   kbdhid   kbdhid.sys   Tue Jul 14 01:00:20 2009 (4A5BCA94)
fffff800`00bc2000 fffff800`00bc5000   kdcom    kdcom.dll    Tue Nov 30 14:40:39 2010 (4CF50CE7)
fffff880`05000000 fffff880`05043000   ks       ks.sys       Thu Mar 04 04:32:25 2010 (4B8F37D9)
fffff880`013d3000 fffff880`013ed000   ksecdd   ksecdd.sys   Tue Jul 14 00:20:54 2009 (4A5BC156)
fffff880`0157c000 fffff880`015a7000   ksecpkg  ksecpkg.sys  Fri Dec 11 06:03:32 2009 (4B21E0B4)
fffff880`0576f000 fffff880`05774200   ksthunk  ksthunk.sys  Tue Jul 14 01:00:19 2009 (4A5BCA93)
fffff880`06bc9000 fffff880`06bec000   luafv    luafv.sys    Tue Jul 14 00:26:13 2009 (4A5BC295)
fffff880`00ce0000 fffff880`00d24000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Tue Jul 14 02:29:10 2009 (4A5BDF66)
fffff880`06bbb000 fffff880`06bc9000   monitor  monitor.sys  Tue Jul 14 00:38:52 2009 (4A5BC58C)
fffff880`051c7000 fffff880`051d6000   mouclass mouclass.sys Tue Jul 14 00:19:50 2009 (4A5BC116)
fffff880`06b83000 fffff880`06b90000   mouhid   mouhid.sys   Tue Jul 14 01:00:20 2009 (4A5BCA94)
fffff880`00dc5000 fffff880`00ddf000   mountmgr mountmgr.sys Tue Jul 14 00:19:54 2009 (4A5BC11A)
fffff880`01963000 fffff880`01994000   MpFilter MpFilter.sys Wed Sep 15 01:19:28 2010 (4C901110)
fffff880`01809000 fffff880`01814000   Msfs     Msfs.SYS     Tue Jul 14 00:19:47 2009 (4A5BC113)
fffff880`00fbe000 fffff880`00fc8000   msisadrv msisadrv.sys Tue Jul 14 00:19:26 2009 (4A5BC0FE)
fffff880`010b3000 fffff880`01111000   msrpc    msrpc.sys    Tue Jul 14 00:21:32 2009 (4A5BC17C)
fffff880`03c5d000 fffff880`03c68000   mssmbios mssmbios.sys Tue Jul 14 00:31:10 2009 (4A5BC3BE)
fffff880`01868000 fffff880`0187a000   mup      mup.sys      Tue Jul 14 00:23:45 2009 (4A5BC201)
fffff880`0142a000 fffff880`0151c000   ndis     ndis.sys     Tue Jul 14 00:21:40 2009 (4A5BC184)
fffff880`0511c000 fffff880`05128000   ndistapi ndistapi.sys Tue Jul 14 01:10:00 2009 (4A5BCCD8)
fffff880`05128000 fffff880`05157000   ndiswan  ndiswan.sys  Tue Jul 14 01:10:11 2009 (4A5BCCE3)
fffff880`056db000 fffff880`056f0000   NDProxy  NDProxy.SYS  Tue Jul 14 01:10:05 2009 (4A5BCCDD)
fffff880`03da4000 fffff880`03db3000   netbios  netbios.sys  Tue Jul 14 01:09:26 2009 (4A5BCCB6)
fffff880`03d30000 fffff880`03d75000   netbt    netbt.sys    Tue Jul 14 00:21:28 2009 (4A5BC178)
fffff880`0151c000 fffff880`0157c000   NETIO    NETIO.SYS    Fri Apr 09 03:43:59 2010 (4BBE946F)
fffff880`01814000 fffff880`01825000   Npfs     Npfs.SYS     Tue Jul 14 00:19:48 2009 (4A5BC114)
fffff880`03c51000 fffff880`03c5d000   nsiproxy nsiproxy.sys Tue Jul 14 00:21:02 2009 (4A5BC15E)
fffff800`03c0f000 fffff800`041eb000   nt       ntkrnlmp.exe Sat Jun 19 05:16:41 2010 (4C1C44A9)
fffff880`01230000 fffff880`013d3000   Ntfs     Ntfs.sys     Tue Jul 14 00:20:47 2009 (4A5BC14F)
fffff880`01994000 fffff880`0199d000   Null     Null.SYS     Tue Jul 14 00:19:37 2009 (4A5BC109)
fffff880`05055000 fffff880`0506c000   nusb3hub nusb3hub.sys Fri Nov 20 10:15:57 2009 (4B066C5D)
fffff880`0434d000 fffff880`0437d000   nusb3xhc nusb3xhc.sys Fri Nov 20 10:16:01 2009 (4B066C61)
fffff880`03d7e000 fffff880`03da4000   pacer    pacer.sys    Tue Jul 14 01:09:41 2009 (4A5BCCC5)
fffff880`00e0d000 fffff880`00e22000   partmgr  partmgr.sys  Tue Jul 14 00:19:58 2009 (4A5BC11E)
fffff880`00fc8000 fffff880`00ffb000   pci      pci.sys      Tue Jul 14 00:19:51 2009 (4A5BC117)
fffff880`00e93000 fffff880`00e9a000   pciide   pciide.sys   Tue Jul 14 00:19:49 2009 (4A5BC115)
fffff880`00e9a000 fffff880`00eaa000   PCIIDEX  PCIIDEX.SYS  Tue Jul 14 00:19:48 2009 (4A5BC114)
fffff880`013ed000 fffff880`013fe000   pcw      pcw.sys      Tue Jul 14 00:19:27 2009 (4A5BC0FF)
fffff880`05710000 fffff880`0574d000   portcls  portcls.sys  Tue Jul 14 01:06:27 2009 (4A5BCC03)
fffff880`00d24000 fffff880`00d38000   PSHED    PSHED.dll    Tue Jul 14 02:32:23 2009 (4A5BE027)
fffff880`050f8000 fffff880`0511c000   rasl2tp  rasl2tp.sys  Tue Jul 14 01:10:11 2009 (4A5BCCE3)
fffff880`05157000 fffff880`05172000   raspppoe raspppoe.sys Tue Jul 14 01:10:17 2009 (4A5BCCE9)
fffff880`05172000 fffff880`05193000   raspptp  raspptp.sys  Tue Jul 14 01:10:18 2009 (4A5BCCEA)
fffff880`05193000 fffff880`051ad000   rassstp  rassstp.sys  Tue Jul 14 01:10:25 2009 (4A5BCCF1)
fffff880`03c00000 fffff880`03c51000   rdbss    rdbss.sys    Tue Jul 14 00:24:09 2009 (4A5BC219)
fffff880`051ad000 fffff880`051b8000   rdpbus   rdpbus.sys   Tue Jul 14 01:17:46 2009 (4A5BCEAA)
fffff880`019e7000 fffff880`019f0000   RDPCDD   RDPCDD.sys   Tue Jul 14 01:16:34 2009 (4A5BCE62)
fffff880`019f0000 fffff880`019f9000   rdpencdd rdpencdd.sys Tue Jul 14 01:16:34 2009 (4A5BCE62)
fffff880`01800000 fffff880`01809000   rdprefmp rdprefmp.sys Tue Jul 14 01:16:35 2009 (4A5BCE63)
fffff880`0182e000 fffff880`01868000   rdyboost rdyboost.sys Tue Jul 14 00:34:34 2009 (4A5BC48A)
fffff880`04200000 fffff880`04257000   Rt64win7 Rt64win7.sys Thu Mar 04 13:42:52 2010 (4B8FB8DC)
fffff880`068df000 fffff880`06b10c00   RTKVHD64 RTKVHD64.sys Fri Mar 26 10:30:50 2010 (4BAC8CDA)
fffff880`00d96000 fffff880`00dc5000   SCSIPORT SCSIPORT.SYS Tue Jul 14 01:01:04 2009 (4A5BCAC0)
fffff880`01410000 fffff880`01418000   spldr    spldr.sys    Mon May 11 17:56:27 2009 (4A0858BB)
fffff880`051d6000 fffff880`051d7480   swenum   swenum.sys   Tue Jul 14 01:00:18 2009 (4A5BCA92)
fffff880`01600000 fffff880`017fd000   tcpip    tcpip.sys    Mon Jun 14 04:39:04 2010 (4C15A458)
fffff880`01418000 fffff880`01425000   TDI      TDI.SYS      Tue Jul 14 00:21:18 2009 (4A5BC16E)
fffff880`0120a000 fffff880`01228000   tdx      tdx.sys      Tue Jul 14 00:21:15 2009 (4A5BC16B)
fffff880`03dce000 fffff880`03de2000   termdd   termdd.sys   Tue Jul 14 01:16:36 2009 (4A5BCE64)
fffff960`00540000 fffff960`0054a000   TSDDD    TSDDD.dll    Tue Jul 14 01:16:34 2009 (4A5BCE62)
fffff880`04311000 fffff880`04337000   tunnel   tunnel.sys   Tue Jul 14 01:09:37 2009 (4A5BCCC1)
fffff880`05043000 fffff880`05055000   umbus    umbus.sys    Tue Jul 14 01:06:56 2009 (4A5BCC20)
fffff880`06b90000 fffff880`06bad000   usbccgp  usbccgp.sys  Tue Jul 14 01:06:45 2009 (4A5BCC15)
fffff880`0437d000 fffff880`0437ef00   USBD     USBD.SYS     Tue Jul 14 01:06:23 2009 (4A5BCBFF)
fffff880`045ec000 fffff880`045fd000   usbehci  usbehci.sys  Tue Jul 14 01:06:30 2009 (4A5BCC06)
fffff880`05681000 fffff880`056db000   usbhub   usbhub.sys   Tue Jul 14 01:07:09 2009 (4A5BCC2D)
fffff880`04596000 fffff880`045ec000   USBPORT  USBPORT.SYS  Tue Jul 14 01:06:31 2009 (4A5BCC07)
fffff880`04589000 fffff880`04596000   usbuhci  usbuhci.sys  Tue Jul 14 01:06:27 2009 (4A5BCC03)
fffff880`00e00000 fffff880`00e0d000   vdrvroot vdrvroot.sys Tue Jul 14 01:01:31 2009 (4A5BCADB)
fffff880`019a4000 fffff880`019b2000   vga      vga.sys      Tue Jul 14 00:38:47 2009 (4A5BC587)
fffff880`019b2000 fffff880`019d7000   VIDEOPRT VIDEOPRT.SYS Tue Jul 14 00:38:51 2009 (4A5BC58B)
fffff880`01400000 fffff880`01410000   vmstorfl vmstorfl.sys Tue Jul 14 00:42:54 2009 (4A5BC67E)
fffff880`00e22000 fffff880`00e37000   volmgr   volmgr.sys   Tue Jul 14 00:19:57 2009 (4A5BC11D)
fffff880`00e37000 fffff880`00e93000   volmgrx  volmgrx.sys  Tue Jul 14 00:20:33 2009 (4A5BC141)
fffff880`01184000 fffff880`011d0000   volsnap  volsnap.sys  Tue Jul 14 00:20:08 2009 (4A5BC128)
fffff880`03db3000 fffff880`03dce000   wanarp   wanarp.sys   Tue Jul 14 01:10:21 2009 (4A5BCCED)
fffff880`019d7000 fffff880`019e7000   watchdog watchdog.sys Tue Jul 14 00:37:35 2009 (4A5BC53F)
fffff880`00eab000 fffff880`00f4f000   Wdf01000 Wdf01000.sys Tue Jul 14 00:22:07 2009 (4A5BC19F)
fffff880`00f4f000 fffff880`00f5e000   WDFLDR   WDFLDR.SYS   Tue Jul 14 00:19:54 2009 (4A5BC11A)
fffff880`03d75000 fffff880`03d7e000   wfplwf   wfplwf.sys   Tue Jul 14 01:09:26 2009 (4A5BCCB6)
fffff960`000f0000 fffff960`00400000   win32k   win32k.sys   Wed Oct 20 04:08:46 2010 (4CBE5D3E)
fffff880`050c9000 fffff880`050d2000   wmiacpi  wmiacpi.sys  Tue Jul 14 00:31:02 2009 (4A5BC3B6)
fffff880`00fb5000 fffff880`00fbe000   WMILIB   WMILIB.SYS   Tue Jul 14 00:19:51 2009 (4A5BC117)
fffff880`06800000 fffff880`06821000   WudfPf   WudfPf.sys   Tue Jul 14 01:05:37 2009 (4A5BCBD1)

Unloaded modules:
fffff880`01903000 fffff880`01911000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`01911000 fffff880`0191d000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000C000
fffff880`0191d000 fffff880`01926000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00009000
fffff880`01926000 fffff880`01939000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00013000
    Let us know how it goes. If you get further problems with blue screens, attach your new dump files and details and we'll move on from there.
      My Computer
    Quote Quote

  6. MLT
    Posts : 20
    Windows 7 Pro (x64)
    Thread Starter
       New #4

    Downloading the drivers mentioned now and have malwarebytes already but haven't run in safe. Will see if I can get into Safe and doing everything you suggested now. Thank you SO much for your time and reply. I REALLY appreciate you help.
      My Computer
    Quote Quote

  7. MLT
    Posts : 20
    Windows 7 Pro (x64)
    Thread Starter
       New #5

    so I am trying to get into safe mode but literally crashing non stop. Twice (out of maybe 30x) I have gotten into safe mode but taskbar never loads, no programs load, I have command promt though so will try to run the av cleaner you mentioned but any ideas why I don't have more functionality in safe mode?

    most crash errors say IRQ not less or equal
      My Computer
    Quote Quote

  8. fimble
    Posts : 927
    windows 7 ultimate
       New #6

    Sorry for the delay in reply. There's a rootkit doing the rounds that shows itself through blue screens with a IRQ not less or equal stop code. Usually, blaming iastor.sys as the cause.
    I have my suspicions that this is your problem. It starts by blue screening on random programs, then when you try to boot, eventually allowing no access whatsoever. If you can get the TDSSKiller, as long as you can keep Safe Mode open for 30 seconds to run it, it should be enough to remove it. I'm hoping that helps.
      My Computer
    Quote Quote

  10. MLT
    Posts : 20
    Windows 7 Pro (x64)
    Thread Starter
       New #7

    I was finally able to get into safe mode and found/removed the TDSS - updated all mentioned drivers and am now logged into normal boot and so far everything seems to be alright.

    You have no idea how much I appreciate your time - this was driving me mad for weeks now. Will MSE alone (or N360) with occasional malwarebytes prevent this from happening again? I know MSE didn't detect it.

    Thanks again
      My Computer
    Quote Quote

  11. fimble
    Posts : 927
    windows 7 ultimate
       New #8

    You have no idea how much I appreciate your time - this was driving me mad for weeks now. Will MSE alone (or N360) with occasional malwarebytes prevent this from happening again? I know MSE didn't detect it.
    I'm glad to have helped and happy that you managed to catch it before it totally locked you out.
    MSE with Malwarebytes should do you fine. I couldn't, hand on heart, recommend N360. If I was going to get a paid AV I'd get (I have!!) ESET. 2nd would be Kasperky. At the moment there is no third. I also run WinPatrol as this always warns you of any programs trying to add themselves to your StartUp menus.

    HTH and Thanks for the feedback.
      My Computer
    Quote Quote

  12. MLT
    Posts : 20
    Windows 7 Pro (x64)
    Thread Starter
       New #9

    No thank YOU. Still running solid and have taken it down to install CPU cooler, another HD and an optical drive without a single issue.

    I scoured the web for AV reviews and have hated Norton in the past for its resource intensive presence but everything I read showed Norton's detection to be unbeaten and read several testimonials of how it had become less of a hog. So unfortunately I bought 3 licenses for N360 but when someone had implied it may be the origin of my frustration, I removed it immediately. I now know that it was not but it also failed to catch the problem. So I was debating reinstalling until I read your post.

    Ironically enough though, I had seen someone that ESET was very highly recommended and gave it a try (trial download). Was very happy with the simplicity and minimal attention it required. However, I hadn't been home when the trial ended and therefor wasn't there to purchase it when it came time to. That's when I realized, ESET is the ONLY AV trial I have ever used that will actually completely cese to function when the trial is up. Most stop updating definitions but ESET dropped my 'puter like it was 1993 and I was a tie-dyed shirt and stonewash jeans.

    Went several days unprotected and am fairly certain that's when I contracted.

    I will look into it if it is worth it though. Thanks again, I literally put a ton of money into this system and it had become that kid with the hairlip and mono that nobody wants to go near.

    Much thanks

    Mike
      My Computer
    Quote Quote

 

  Related Discussions
Random BSODs in brand new build
in BSOD Help and Support

Hello. Just put together new HTPC and it is randomly crashing. OS: Windows 7 64-bit, OEM Retail Processor: AMD A8-3850 Graphics: Onboard MOBO: ASRock A75M-ITX Memory: Mushkin Silverline 8GB (2x4) HD: Western Digital Caviar Black 1 TB (WD1002FAEX) Blu-Ray/DVD: Lite-On internal (IHES112-04)
Brand new computer constant bsods
in BSOD Help and Support

I got this computer now for 6 weeks, first 2 weeks was fine but now bsods keep coming, my computer can be on for 15 mins MAX and the bsod can come up instantly, i think its my ram . its windows 7 x64 im really frustrated. these bsods just happen. its not even while playing games or surfing the...
Win 7 x64, brand new built, BSODs
in BSOD Help and Support

Hi all, Just built this new PC: Original Retail Windows 7 Pro x64 Built entire computer two days ago Several BSODs since Rest of the info should be in the attached diagnostic files. I really appreciate any and all help you all can give! Reaching my wits end.
Bsod crashes with brand new computer
in BSOD Help and Support

So this post is not for me specifically but I am trying to help my friend who just built a new computer and isnt terribly computer savvy. Ive tried telling him to update his graphics card and sound card drivers to solve this issue but it is still happening and he says it is happening more...
Random Crashes on BRAND NEW laptop :(
in BSOD Help and Support

Ok so I bought a brand new Asus laptop the specs are below. The computer keeps giving me a BSOD for no reason, completely random. So I am begging for some people to help me out here. PLEASE. I am at witts end. Asus Notebook G60VX Intel Core 2 Duo Cpu P7450@2.13GHZ 4.00 GB Ram Windows 7...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 09:37.
Find Us