Yahoo BSOD with 3 different dumps


  1. andre75
    Posts : 5
    Windows 7 Professional x64
       New #1

    Yahoo BSOD with 3 different dumps


    Hi guys,
    In last 3 days I got some BSOD when I login into Yahoo Mail, it's weird because the BSOD always happenned when login to Yahoo, but not in other site.

    There are two mainly dump files, they are about fltmgr.sys and ntoskrnl but with the different bug checking string.

    These are the dumps cand RaPM :
    Minidumps and RaPM.rar
    [I view the dumps with BlueScreenView]

    Code:
    I'm using :
- Win 7 Pro 64-bit [Original from MSDNAA]
      My Computer
    Quote Quote

  3. writhziden
    Posts : 11,269
    Windows 7 Home Premium 64 Bit
       New #2

    Code:
    1. 
Loading Dump File [C:\Users\Mike\Downloads\BSODDmpFiles\andre75\122811-19000-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02a65000 PsLoadedModuleList = 0xfffff800`02ca2e50
Debug session time: Tue Dec 27 21:25:48.275 2011 (GMT-7)
System Uptime: 0 days 2:03:21.164
Loading Kernel Symbols
...............................................................
................................................................
...............................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 3B, {c0000005, fffff80002acc863, fffff88006ba4070, 0}

Probably caused by : ntkrnlmp.exe ( nt!EtwpFindGuidEntryByGuid+73 )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff80002acc863, Address of the exception record for the exception that caused the bugcheck
Arg3: fffff88006ba4070, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
nt!memcmp+93
fffff800`02acc863 483b040a        cmp     rax,qword ptr [rdx+rcx]

CONTEXT:  fffff88006ba4070 -- (.cxr 0xfffff88006ba4070)
rax=4de768e55a1600d2 rbx=ffffffffffffffff rcx=fffff8a0032e3010
rdx=453972b24a2c3b65 rsi=fffff80002c82380 rdi=45396b524d5a6b61
rip=fffff80002acc863 rsp=fffff88006ba4a48 rbp=0000000000000000
 r8=0000000000000010  r9=0000000000000002 r10=4de768e55a1600d2
r11=fffff8a0032e3010 r12=fffff8a0032e3010 r13=0000000000000000
r14=0000000000000029 r15=fffff88006ba4b20
iopl=0         nv up ei pl nz na pe nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010202
nt!memcmp+0x93:
fffff800`02acc863 483b040a        cmp     rax,qword ptr [rdx+rcx] ds:002b:45396b52`4d5a6b75=????????????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x3B

PROCESS_NAME:  chrome.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from fffff80002d7ede7 to fffff80002acc863

STACK_TEXT:  
fffff880`06ba4a48 fffff800`02d7ede7 : fffffa80`018dd810 ffffffff`ffffffff 00000000`00000000 fffff880`06ba4b00 : nt!memcmp+0x93
fffff880`06ba4a50 fffff800`02d7e8de : 00000000`03e1ec00 fffff8a0`032e3010 00000000`00000000 fffff800`02af659c : nt!EtwpFindGuidEntryByGuid+0x73
fffff880`06ba4a90 fffff800`02d7f29c : 00000000`00000000 00000000`000000a0 00000000`03e1ec00 00000000`00000000 : nt!EtwpRegisterUMGuid+0x66
fffff880`06ba4b00 fffff800`02ad4993 : fffffa80`018dd810 00000000`026be0b8 00000000`000000a0 0000007f`ffffffff : nt!NtTraceControl+0x198
fffff880`06ba4b70 00000000`7711159a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`026be098 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7711159a


FOLLOWUP_IP: 
nt!EtwpFindGuidEntryByGuid+73
fffff800`02d7ede7 413bc5          cmp     eax,r13d

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  nt!EtwpFindGuidEntryByGuid+73

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c44a9

STACK_COMMAND:  .cxr 0xfffff88006ba4070 ; kb

FAILURE_BUCKET_ID:  X64_0x3B_nt!EtwpFindGuidEntryByGuid+73

BUCKET_ID:  X64_0x3B_nt!EtwpFindGuidEntryByGuid+73

Followup: MachineOwner
---------
    2. 
Loading Dump File [C:\Users\Mike\Downloads\BSODDmpFiles\andre75\122811-18049-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02a01000 PsLoadedModuleList = 0xfffff800`02c3ee50
Debug session time: Tue Dec 27 21:39:09.646 2011 (GMT-7)
System Uptime: 0 days 0:13:01.535
Loading Kernel Symbols
...............................................................
................................................................
...............................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1E, {ffffffffc0000005, fffff88006fd13c0, 0, 0}

Probably caused by : NETIO.SYS ( NETIO!FilterMatch+4f )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff88006fd13c0, The address that the exception occurred at
Arg3: 0000000000000000, Parameter 0 of the exception
Arg4: 0000000000000000, Parameter 1 of the exception

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
+0
fffff880`06fd13c0 d822            fsub    dword ptr [rdx]

EXCEPTION_PARAMETER1:  0000000000000000

EXCEPTION_PARAMETER2:  0000000000000000

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002ca90e0
 0000000000000000 

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x1E

PROCESS_NAME:  svchost.exe

CURRENT_IRQL:  2

EXCEPTION_RECORD:  fffff88006fd22d8 -- (.exr 0xfffff88006fd22d8)
ExceptionAddress: fffff8800176096f (NETIO!FilterMatch+0x000000000000004f)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: ffffffffffffffff
Attempt to read from address ffffffffffffffff

TRAP_FRAME:  fffff88006fd2380 -- (.trap 0xfffff88006fd2380)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=3932323331403134 rbx=0000000000000000 rcx=fffffa8002c23750
rdx=fffff88006fd2ac8 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8800176096f rsp=fffff88006fd2510 rbp=fffffa8002c23750
 r8=0000000000000000  r9=fffff88006fd2590 r10=fffff88006fd1de0
r11=fffff80002baf410 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl zr na po nc
NETIO!FilterMatch+0x4f:
fffff880`0176096f 460fb714e0      movzx   r10d,word ptr [rax+r12*8] ds:0001:39323233`31403134=????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff80002b03bdb to fffff80002a71740

STACK_TEXT:  
fffff880`06fd1308 fffff800`02b03bdb : 00000000`0000001e ffffffff`c0000005 fffff880`06fd13c0 00000000`00000000 : nt!KeBugCheckEx
fffff880`06fd1310 fffff800`02ac2d30 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KipFatalFilter+0x1b
fffff880`06fd1350 fffff800`02a9fd1c : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt! ?? ::FNODOBFM::`string'+0x95d
fffff880`06fd1390 fffff800`02a9740d : fffff800`02bbdbc4 fffff880`06fd4360 00000000`00000000 fffff800`02a01000 : nt!_C_specific_handler+0x8c
fffff880`06fd1400 fffff800`02a9ea90 : fffff800`02bbdbc4 fffff880`06fd1478 fffff880`06fd22d8 fffff800`02a01000 : nt!RtlpExecuteHandlerForException+0xd
fffff880`06fd1430 fffff800`02aab9ef : fffff880`06fd22d8 fffff880`06fd1b40 fffff880`00000000 fffffa80`00d76e40 : nt!RtlDispatchException+0x410
fffff880`06fd1b10 fffff800`02a70d82 : fffff880`06fd22d8 00000000`00000000 fffff880`06fd2380 00000000`00000000 : nt!KiDispatchException+0x16f
fffff880`06fd21a0 fffff800`02a6f68a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0xc2
fffff880`06fd2380 fffff880`0176096f : fffff880`06fd2578 fffff880`017609b5 fffffa80`02cf94c0 fffff880`0166a429 : nt!KiGeneralProtectionFault+0x10a
fffff880`06fd2510 fffff880`01760b30 : fffffa80`02664010 00000000`00000000 00000000`00000000 fffff880`06fd2ac8 : NETIO!FilterMatch+0x4f
fffff880`06fd2560 fffff880`01761ccb : 00000000`00000003 00000000`00000010 fffff880`06fd2e80 fffff880`06fd2ac8 : NETIO!IndexHashClassify+0xd0
fffff880`06fd25f0 fffff880`0183f417 : fffff880`06fd2ac8 fffff880`06fd2ac8 fffff880`06fd3800 fffffa80`00fdfa10 : NETIO!KfdClassify+0xa4e
fffff880`06fd2960 fffff880`0183883e : fffff880`01947690 00000000`00000000 fffffa80`0153a2a0 00000000`00000000 : tcpip!WfpAleClassify+0x57
fffff880`06fd29a0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : tcpip!WfpAlepAuthorizeSend+0x94e


STACK_COMMAND:  kb

FOLLOWUP_IP: 
NETIO!FilterMatch+4f
fffff880`0176096f 460fb714e0      movzx   r10d,word ptr [rax+r12*8]

SYMBOL_STACK_INDEX:  9

SYMBOL_NAME:  NETIO!FilterMatch+4f

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: NETIO

IMAGE_NAME:  NETIO.SYS

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc18a

FAILURE_BUCKET_ID:  X64_0x1E_NETIO!FilterMatch+4f

BUCKET_ID:  X64_0x1E_NETIO!FilterMatch+4f

Followup: MachineOwner
---------
    3. 
Loading Dump File [C:\Users\Mike\Downloads\BSODDmpFiles\andre75\122811-19078-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02a09000 PsLoadedModuleList = 0xfffff800`02c46e50
Debug session time: Tue Dec 27 22:12:23.609 2011 (GMT-7)
System Uptime: 0 days 0:22:49.373
Loading Kernel Symbols
...............................................................
................................................................
................................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 19, {3, fffffa8001bf7730, fffffa8001bf7730, 656668613d42203a}

Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+c7b )

Followup: Pool_corruption
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 0000000000000003, the pool freelist is corrupt.
Arg2: fffffa8001bf7730, the pool entry being checked.
Arg3: fffffa8001bf7730, the read back flink freelist value (should be the same as 2).
Arg4: 656668613d42203a, the read back blink freelist value (should be the same as 2).

Debugging Details:
------------------


BUGCHECK_STR:  0x19_3

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  System

CURRENT_IRQL:  2

LAST_CONTROL_TRANSFER:  from fffff80002bac10b to fffff80002a79740

STACK_TEXT:  
fffff880`061a7798 fffff800`02bac10b : 00000000`00000019 00000000`00000003 fffffa80`01bf7730 fffffa80`01bf7730 : nt!KeBugCheckEx
fffff880`061a77a0 fffff800`02bae4c1 : 00000000`00000003 fffffa80`0106c2c0 00000000`00000000 fffff880`00d9266e : nt!ExDeferredFreePool+0xc7b
fffff880`061a7830 fffff880`00d8b633 : 00000000`00000705 fffff8a0`09547838 fffffa80`6c734d46 fffff800`000003ed : nt!ExFreePoolWithTag+0x411
fffff880`061a78e0 fffff800`02d68896 : 00000000`00000001 fffff880`012ab1a7 fffff8a0`09547700 fffff880`0121e6e1 : fltmgr! ?? ::FNODOBFM::`string'+0x429
fffff880`061a7910 fffff880`012aabcc : fffff8a0`095475d0 fffffa80`01609040 fffff880`061a79e8 00000000`00000706 : nt!FsRtlTeardownPerStreamContexts+0xe2
fffff880`061a7960 fffff880`012aa8d5 : fffffa00`01010000 00000000`00000000 fffff800`02c1e500 00000000`00000001 : Ntfs!NtfsDeleteScb+0x108
fffff880`061a79a0 fffff880`0121dcb4 : fffff8a0`095474d0 fffff8a0`095475d0 fffff800`02c1e500 fffff880`061a7b12 : Ntfs!NtfsRemoveScb+0x61
fffff880`061a79e0 fffff880`012a82dc : fffff8a0`095474a0 fffff800`02c1e5a0 fffff880`061a7b12 fffffa80`01094a40 : Ntfs!NtfsPrepareFcbForRemoval+0x50
fffff880`061a7a10 fffff880`01226882 : fffffa80`01094a40 fffffa80`01094a40 fffff8a0`095474a0 00000000`00000000 : Ntfs!NtfsTeardownStructures+0xdc
fffff880`061a7a90 fffff880`012bf813 : fffffa80`01094a40 fffff800`02c1e5a0 fffff8a0`095474a0 00000000`00000009 : Ntfs!NtfsDecrementCloseCounts+0xa2
fffff880`061a7ad0 fffff880`0129938f : fffffa80`01094a40 fffff8a0`095475d0 fffff8a0`095474a0 fffffa80`01c27180 : Ntfs!NtfsCommonClose+0x353
fffff880`061a7ba0 fffff800`02a86961 : 00000000`00000000 fffff880`01299200 fffffa80`01609001 fffffa80`00000002 : Ntfs!NtfsFspClose+0x15f
fffff880`061a7c70 fffff800`02d1dc06 : 00000000`0ec52bc4 fffffa80`01609040 00000000`00000080 fffffa80`00c496f0 : nt!ExpWorkerThread+0x111
fffff880`061a7d00 fffff800`02a57c26 : fffff800`02bf3e80 fffffa80`01609040 fffffa80`00d4f620 fffff880`01223534 : nt!PspSystemThreadStartup+0x5a
fffff880`061a7d40 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxStartSystemThread+0x16


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!ExDeferredFreePool+c7b
fffff800`02bac10b cc              int     3

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  nt!ExDeferredFreePool+c7b

FOLLOWUP_NAME:  Pool_corruption

IMAGE_NAME:  Pool_Corruption

DEBUG_FLR_IMAGE_TIMESTAMP:  0

MODULE_NAME: Pool_Corruption

FAILURE_BUCKET_ID:  X64_0x19_3_nt!ExDeferredFreePool+c7b

BUCKET_ID:  X64_0x19_3_nt!ExDeferredFreePool+c7b

Followup: Pool_corruption
---------
    4. 
Loading Dump File [C:\Users\Mike\Downloads\BSODDmpFiles\andre75\122811-15631-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02a0b000 PsLoadedModuleList = 0xfffff800`02c48e50
Debug session time: Wed Dec 28 06:40:50.917 2011 (GMT-7)
System Uptime: 0 days 2:08:19.805
Loading Kernel Symbols
...............................................................
................................................................
...............................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 3B, {c0000005, fffff80002baf90d, fffff880058ff9f0, 0}

Probably caused by : ntkrnlmp.exe ( nt!ExAllocatePoolWithTag+53d )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff80002baf90d, Address of the exception record for the exception that caused the bugcheck
Arg3: fffff880058ff9f0, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
nt!ExAllocatePoolWithTag+53d
fffff800`02baf90d 48895808        mov     qword ptr [rax+8],rbx

CONTEXT:  fffff880058ff9f0 -- (.cxr 0xfffff880058ff9f0)
rax=64693d676c263369 rbx=fffff80002c0abb0 rcx=fffffa8000f82e10
rdx=0000000000000000 rsi=0000000000001000 rdi=0000000000000000
rip=fffff80002baf90d rsp=fffff880059003c0 rbp=fffff80002c0a880
 r8=0000000000000000  r9=fffff80002c0abb0 r10=fffff80002c0a888
r11=0000000000000014 r12=000000000000001c r13=0000000000000000
r14=0000000000000000 r15=00000000c5646641
iopl=0         nv up ei pl zr na po nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010246
nt!ExAllocatePoolWithTag+0x53d:
fffff800`02baf90d 48895808        mov     qword ptr [rax+8],rbx ds:002b:64693d67`6c263371=????????????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x3B

PROCESS_NAME:  firefox.exe

CURRENT_IRQL:  2

LAST_CONTROL_TRANSFER:  from 0000000000000000 to fffff80002baf90d

STACK_TEXT:  
fffff880`059003c0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!ExAllocatePoolWithTag+0x53d


FOLLOWUP_IP: 
nt!ExAllocatePoolWithTag+53d
fffff800`02baf90d 48895808        mov     qword ptr [rax+8],rbx

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!ExAllocatePoolWithTag+53d

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c44a9

STACK_COMMAND:  .cxr 0xfffff880058ff9f0 ; kb

FAILURE_BUCKET_ID:  X64_0x3B_nt!ExAllocatePoolWithTag+53d

BUCKET_ID:  X64_0x3B_nt!ExAllocatePoolWithTag+53d

Followup: MachineOwner
---------
    5. 
Loading Dump File [C:\Users\Mike\Downloads\BSODDmpFiles\andre75\122911-23961-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02a01000 PsLoadedModuleList = 0xfffff800`02c3ee50
Debug session time: Wed Dec 28 16:49:39.449 2011 (GMT-7)
System Uptime: 0 days 0:16:52.337
Loading Kernel Symbols
...............................................................
................................................................
...............................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 3B, {c0000005, fffff80002a74905, fffff880050705c0, 0}

Probably caused by : ntkrnlmp.exe ( nt!ExpInterlockedPopEntrySListFault16+0 )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff80002a74905, Address of the exception record for the exception that caused the bugcheck
Arg3: fffff880050705c0, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
nt!ExpInterlockedPopEntrySListFault16+0
fffff800`02a74905 498b08          mov     rcx,qword ptr [r8]

CONTEXT:  fffff880050705c0 -- (.cxr 0xfffff880050705c0)
rax=000000004915001c rbx=000000000553ffff rcx=fffff880009e9d60
rdx=514a545356523353 rsi=fffff880009e9d60 rdi=0000000000000000
rip=fffff80002a74905 rsp=fffff88005070f90 rbp=fffff80002c00880
 r8=514a545356523352  r9=fffff80002a01000 r10=fffff880009e9d60
r11=0000000000000000 r12=000000000000000a r13=0000000000000000
r14=0000000000000002 r15=000000006d646156
iopl=0         nv up ei pl nz na pe nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010202
nt!ExpInterlockedPopEntrySListFault16:
fffff800`02a74905 498b08          mov     rcx,qword ptr [r8] ds:002b:514a5453`56523352=????????????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x3B

PROCESS_NAME:  dwm.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from fffff80002ba54d3 to fffff80002a74905

STACK_TEXT:  
fffff880`05070f90 fffff800`02ba54d3 : fffffa80`01de8024 fffff880`05070fc8 fffffa80`02f34d50 00000000`00000000 : nt!ExpInterlockedPopEntrySListFault16
fffff880`05070fa0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!ExAllocatePoolWithTag+0x103


FOLLOWUP_IP: 
nt!ExpInterlockedPopEntrySListFault16+0
fffff800`02a74905 498b08          mov     rcx,qword ptr [r8]

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!ExpInterlockedPopEntrySListFault16+0

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c44a9

STACK_COMMAND:  .cxr 0xfffff880050705c0 ; kb

FAILURE_BUCKET_ID:  X64_0x3B_nt!ExpInterlockedPopEntrySListFault16+0

BUCKET_ID:  X64_0x3B_nt!ExpInterlockedPopEntrySListFault16+0

Followup: MachineOwner
---------
    6. 
Loading Dump File [C:\Users\Mike\Downloads\BSODDmpFiles\andre75\122911-16520-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02a63000 PsLoadedModuleList = 0xfffff800`02ca0e50
Debug session time: Thu Dec 29 05:16:10.356 2011 (GMT-7)
System Uptime: 0 days 1:36:19.245
Loading Kernel Symbols
...............................................................
................................................................
...............................
Loading User Symbols
Loading unloaded module list
........
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1E, {ffffffffc0000005, fffff80002aeb4c5, 0, ffffffffffffffff}

Probably caused by : ntkrnlmp.exe ( nt!FsRtlLookupPerFileObjectContext+a5 )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff80002aeb4c5, The address that the exception occurred at
Arg3: 0000000000000000, Parameter 0 of the exception
Arg4: ffffffffffffffff, Parameter 1 of the exception

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
nt!FsRtlLookupPerFileObjectContext+a5
fffff800`02aeb4c5 48395810        cmp     qword ptr [rax+10h],rbx

EXCEPTION_PARAMETER1:  0000000000000000

EXCEPTION_PARAMETER2:  ffffffffffffffff

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002d0b0e0
 ffffffffffffffff 

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x1E

PROCESS_NAME:  DUMeter.exe

CURRENT_IRQL:  1

EXCEPTION_RECORD:  fffff88006adad98 -- (.exr 0xfffff88006adad98)
ExceptionAddress: fffff80002aeb4c5 (nt!FsRtlLookupPerFileObjectContext+0x00000000000000a5)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: ffffffffffffffff
Attempt to read from address ffffffffffffffff

TRAP_FRAME:  fffff88006adae40 -- (.trap 0xfffff88006adae40)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=636d67444d7a5944 rbx=0000000000000000 rcx=fffffa8001bed1a8
rdx=fffffa8001a5a910 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80002aeb4c5 rsp=fffff88006adafd0 rbp=0000000000000000
 r8=0000000000000000  r9=fffffa8002146bc0 r10=fffffa8000c0cd50
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz ac po cy
nt!FsRtlLookupPerFileObjectContext+0xa5:
fffff800`02aeb4c5 48395810        cmp     qword ptr [rax+10h],rbx ds:b030:636d6744`4d7a5954=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff80002b0da39 to fffff80002ad3740

STACK_TEXT:  
fffff880`06ada5c8 fffff800`02b0da39 : 00000000`0000001e ffffffff`c0000005 fffff800`02aeb4c5 00000000`00000000 : nt!KeBugCheckEx
fffff880`06ada5d0 fffff800`02ad2d82 : fffff880`06adad98 fffffa80`01a5a910 fffff880`06adae40 fffffa80`01bed170 : nt!KiDispatchException+0x1b9
fffff880`06adac60 fffff800`02ad168a : 00000000`00000000 fffff880`00000030 fffffa80`02a05740 fffffa80`01c5a010 : nt!KiExceptionDispatch+0xc2
fffff880`06adae40 fffff800`02aeb4c5 : fffffa80`01141280 00000000`00000000 fffffa80`01141280 00000000`00000000 : nt!KiGeneralProtectionFault+0x10a
fffff880`06adafd0 fffff880`00da9aaf : 00000000`00000000 fffff880`06adb0d0 fffffa80`02146bc0 00000000`00000000 : nt!FsRtlLookupPerFileObjectContext+0xa5
fffff880`06adb010 fffff880`00da7922 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : fltmgr!FltpGetStartingCallbackNode+0x3f
fffff880`06adb0a0 fffff800`02aeac21 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : fltmgr!FltpPreFsFilterOperation+0xa2
fffff880`06adb130 fffff800`02dc5b48 : fffff880`00da7710 00000000`00000000 fffff880`06adb1c8 fffff880`00da7880 : nt!FsFilterPerformCallbacks+0xcd
fffff880`06adb190 fffff800`02ab5186 : fffffa80`02146bc0 fffff8a0`03cd26b0 fffffa80`01408801 ffffffff`80000b00 : nt!FsRtlAcquireFileExclusiveCommon+0xe8
fffff880`06adb430 fffff800`02dc4052 : fffffa80`02146bc0 fffff8a0`03cd26b0 fffffa80`014088e0 00000000`04000000 : nt!CcZeroEndOfLastPage+0x56
fffff880`06adb470 fffff800`02f2f6b5 : fffff8a0`031a3a10 00000000`00000000 00000000`00000001 00000002`00000000 : nt!NtCreateSection+0x1a1
fffff880`06adb4f0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!PfSnGetSectionObject+0x2d5


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!FsRtlLookupPerFileObjectContext+a5
fffff800`02aeb4c5 48395810        cmp     qword ptr [rax+10h],rbx

SYMBOL_STACK_INDEX:  4

SYMBOL_NAME:  nt!FsRtlLookupPerFileObjectContext+a5

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c44a9

FAILURE_BUCKET_ID:  X64_0x1E_nt!FsRtlLookupPerFileObjectContext+a5

BUCKET_ID:  X64_0x1E_nt!FsRtlLookupPerFileObjectContext+a5

Followup: MachineOwner
---------
    7. 
Loading Dump File [C:\Users\Mike\Downloads\BSODDmpFiles\andre75\122911-17674-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02a01000 PsLoadedModuleList = 0xfffff800`02c3ee50
Debug session time: Thu Dec 29 05:23:08.471 2011 (GMT-7)
System Uptime: 0 days 0:06:35.359
Loading Kernel Symbols
...............................................................
................................................................
..............................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck A, {b0, 2, 0, fffff80002b2998c}

Probably caused by : ntkrnlmp.exe ( nt!PsCheckThreadCpuQuota+8c )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 00000000000000b0, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
	bit 0 : value 0 = read operation, 1 = write operation
	bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff80002b2998c, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002ca90e0
 00000000000000b0 

CURRENT_IRQL:  2

FAULTING_IP: 
nt!PsCheckThreadCpuQuota+8c
fffff800`02b2998c 394330          cmp     dword ptr [rbx+30h],eax

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0xA

PROCESS_NAME:  svchost.exe

TRAP_FRAME:  fffff80000b9cb40 -- (.trap 0xfffff80000b9cb40)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000
rdx=000000f800000001 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80002b2998c rsp=fffff80000b9ccd0 rbp=fffff80002bebe80
 r8=fffffa80014693a0  r9=0000000000000000 r10=fffff80002a01000
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up di pl nz na pe nc
nt!PsCheckThreadCpuQuota+0x8c:
fffff800`02b2998c 394330          cmp     dword ptr [rbx+30h],eax ds:9c40:00000000`00000030=????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff80002a70ca9 to fffff80002a71740

STACK_TEXT:  
fffff800`00b9c9f8 fffff800`02a70ca9 : 00000000`0000000a 00000000`000000b0 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
fffff800`00b9ca00 fffff800`02a6f920 : 00000000`44610000 00000000`00000080 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
fffff800`00b9cb40 fffff800`02b2998c : 00000000`0000015f fffff800`02a77a6f 00000000`00000010 00000000`00000246 : nt!KiPageFault+0x260
fffff800`00b9ccd0 fffff800`02a77ad2 : fffffa80`00cb79e0 fffff800`02bebe80 00000000`00000002 fffffa80`014693a0 : nt!PsCheckThreadCpuQuota+0x8c
fffff800`00b9cd00 fffff800`02a79f9d : fffff800`02bebe80 fffff800`02bf9c40 00000000`00000000 fffffa80`01ee50f0 : nt!SwapContext_PatchXRstor+0xec
fffff800`00b9cd40 00000000`00000000 : fffff800`00b9d000 fffff800`00b97000 fffff800`00b9cd00 00000000`00000000 : nt!KiIdleLoop+0x10d


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!PsCheckThreadCpuQuota+8c
fffff800`02b2998c 394330          cmp     dword ptr [rbx+30h],eax

SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  nt!PsCheckThreadCpuQuota+8c

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c44a9

FAILURE_BUCKET_ID:  X64_0xA_nt!PsCheckThreadCpuQuota+8c

BUCKET_ID:  X64_0xA_nt!PsCheckThreadCpuQuota+8c

Followup: MachineOwner
---------
    8. 
Loading Dump File [C:\Users\Mike\Downloads\BSODDmpFiles\andre75\123011-16582-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02a1a000 PsLoadedModuleList = 0xfffff800`02c57e50
Debug session time: Thu Dec 29 11:05:22.931 2011 (GMT-7)
System Uptime: 0 days 1:54:02.819
Loading Kernel Symbols
...............................................................
................................................................
...............................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 44, {fffffa80015ff0d0, eae, 0, 0}

Unable to load image \SystemRoot\system32\DRIVERS\avgntflt.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for avgntflt.sys
*** ERROR: Module load completed but symbols could not be loaded for avgntflt.sys
Probably caused by : avgntflt.sys ( avgntflt+46bf )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

MULTIPLE_IRP_COMPLETE_REQUESTS (44)
A driver has requested that an IRP be completed (IoCompleteRequest()), but
the packet has already been completed.  This is a tough bug to find because
the easiest case, a driver actually attempted to complete its own packet
twice, is generally not what happened.  Rather, two separate drivers each
believe that they own the packet, and each attempts to complete it.  The
first actually works, and the second fails.  Tracking down which drivers
in the system actually did this is difficult, generally because the trails
of the first driver have been covered by the second.  However, the driver
stack for the current request can be found by examining the DeviceObject
fields in each of the stack locations.
Arguments:
Arg1: fffffa80015ff0d0, Address of the IRP
Arg2: 0000000000000eae
Arg3: 0000000000000000
Arg4: 0000000000000000

Debugging Details:
------------------


IRP_ADDRESS:  fffffa80015ff0d0

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x44

PROCESS_NAME:  DUMeterSvc.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from fffff80002a74365 to fffff80002a8a740

STACK_TEXT:  
fffff880`046cd298 fffff800`02a74365 : 00000000`00000044 fffffa80`015ff0d0 00000000`00000eae 00000000`00000000 : nt!KeBugCheckEx
fffff880`046cd2a0 fffff880`00e0e1be : 00000000`00000000 00000000`00000001 fffff880`02033710 00000000`00000000 : nt! ?? ::FNODOBFM::`string'+0x3ec7e
fffff880`046cd380 fffff880`020296bf : 00000000`00000000 00000000`00100001 fffff8a0`04481010 fffffa80`000003d0 : fltmgr!FltSendMessage+0x60e
fffff880`046cd4b0 00000000`00000000 : 00000000`00100001 fffff8a0`04481010 fffffa80`000003d0 fffff880`046cd540 : avgntflt+0x46bf


STACK_COMMAND:  kb

FOLLOWUP_IP: 
avgntflt+46bf
fffff880`020296bf ??              ???

SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  avgntflt+46bf

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: avgntflt

IMAGE_NAME:  avgntflt.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4be43a4e

FAILURE_BUCKET_ID:  X64_0x44_avgntflt+46bf

BUCKET_ID:  X64_0x44_avgntflt+46bf

Followup: MachineOwner
---------
    Your blue screen errors are pretty far afield, but the last one was related to Avira which is known to cause blue screens from time to time on some systems. Please uninstall Avira using Windows uninstall and then Avira registry cleaner and install Microsoft Security Essentials - Free Antivirus for Windows in its place and run with Windows Firewall. Post back if this helps.
      My Computer
    Quote Quote

  4. andre75
    Posts : 5
    Windows 7 Professional x64
    Thread Starter
       New #3

    writhziden said:
    Your blue screen errors are pretty far afield, but the last one was related to Avira which is known to cause blue screens from time to time on some systems. Please uninstall Avira using Windows uninstall and then Avira registry cleaner and install Microsoft Security Essentials - Free Antivirus for Windows in its place and run with Windows Firewall. Post back if this helps.
    I already uninstall the avira and scanned using MSE, but there's no problem/infection detected, and I also never get the significant problem when repair the OS.

    Did avira or some utility software such as CCleaner, COMODO Firewall make a bad impact to Win7 systems so they can make my computer had these trouble? It is enough if I only install MSE to secure my system?
      My Computer
    Quote Quote

  6. writhziden
    Posts : 11,269
    Windows 7 Home Premium 64 Bit
       New #4

    andre75 said:
    writhziden said:
    Your blue screen errors are pretty far afield, but the last one was related to Avira which is known to cause blue screens from time to time on some systems. Please uninstall Avira using Windows uninstall and then Avira registry cleaner and install Microsoft Security Essentials - Free Antivirus for Windows in its place and run with Windows Firewall. Post back if this helps.
    I already uninstall the avira and scanned using MSE, but there's no problem/infection detected, and I also never get the significant problem when repair the OS.

    Did avira or some utility software such as CCleaner, COMODO Firewall make a bad impact to Win7 systems so they can make my computer had these trouble? It is enough if I only install MSE to secure my system?
    CCleaner registry cleaner can cause problems with Windows 7. Avira can also cause Blue Screen errors. MSE can be coupled with the free version of Malwarebytes : Free anti-malware, anti-virus and spyware removal download for full protection.

    If you have run any registry cleaners, recommend SFC /SCANNOW Command - System File Checker (which may have to run three times to fix all problems). If this does not fix the issue, Repair Install and then re-install any software that causes blue screen errors or application errors. Or you can backup your important user files and Clean Install Windows 7
      My Computer
    Quote Quote

  7. andre75
    Posts : 5
    Windows 7 Professional x64
    Thread Starter
       New #5

    writhziden said:

    CCleaner registry cleaner can cause problems with Windows 7. Avira can also cause Blue Screen errors. MSE can be coupled with the free version of Malwarebytes : Free anti-malware, anti-virus and spyware removal download for full protection.

    If you have run any registry cleaners, recommend SFC /SCANNOW Command - System File Checker (which may have to run three times to fix all problems). If this does not fix the issue, Repair Install and then re-install any software that causes blue screen errors or application errors. Or you can backup your important user files and Clean Install Windows 7
    okay, thanks for the tips....

    I'll do what can I do based on your tips
      My Computer
    Quote Quote

  8. andre75
    Posts : 5
    Windows 7 Professional x64
    Thread Starter
       New #6

    I just upgrade my OS, and use online help to update.

    After done, there are two option in my bootable menu, they are "Early version of windows" and "Windows 7", does it mean that I have two OS with double size of windows7?

    Then I found new folder on C:/, $WINDOWS.~Q and $INPLACE.~TR, is these folder are being used for the "early bersion of windows"?
      My Computer
    Quote Quote

  10. writhziden
    Posts : 11,269
    Windows 7 Home Premium 64 Bit
       New #7

    andre75 said:
    I just upgrade my OS, and use online help to update.

    After done, there are two option in my bootable menu, they are "Early version of windows" and "Windows 7", does it mean that I have two OS with double size of windows7?

    Then I found new folder on C:/, $WINDOWS.~Q and $INPLACE.~TR, is these folder are being used for the "early bersion of windows"?
    Yeah, those folders are for the roll back to the old version. If you do not want to roll back, just delete them and free up the space. You may also want to start Advanced Boot Options and get into System Recovery Options. Follow the steps to get the Startup Repair after deleting those files and it should fix it so you no longer have the "Early version of Windows" option.
      My Computer
    Quote Quote

  11. andre75
    Posts : 5
    Windows 7 Professional x64
    Thread Starter
       New #8

    okay, that's great..
    thank you so much.. :)
      My Computer
    Quote Quote

 

  Related Discussions
I had a computer that has been crashing and I turn on Driver Verifier to get the correct a dump from what has been causing the problem. Here are a few of the dumps to try and see what has been causing the crashing if you can help.
im not sure the problem with the browser or the connection, but im pretty sure there is something wrong with my internet conection. i unable to signin my yahoo messenger, skype and even cannot load to yahoo mail website. but i still can surf other website normally. i noticed that some of the...
My Yahoo home page and related yahoo pages won't display ads, does anyone know how to fix this. I have uninstalled IE8 reinstalled it, restored advanced settings and reset internet explorer it worked for a short while after i did this now its playing up again. Really annoying, I get the usual...
Bsod/Dumps
in BSOD Help and Support

Everything was working find but lately ive been having crashes .
W7 x64 BSOD Dumps.. Plz Help
in BSOD Help and Support

My issues have been ongoing for over a year, so I will give you the cliffs notes :) I fresh installed W7 x64 Retail after formatting C: in January. My computer had a Gigabyte GA-P35-DQ6 mobo. It ran stable for a little while then started BSOD. Memtest showed a bad DIMM. Crucial replaced all...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 02:15.
Find Us