BSoD right after start up

[inphinity00]

Given enough time it will eventually start, and once it starts and lasts for longer then 10 minutes it's usually good to go, but every time I shut down and turn it back on later in the day or days later it will start doing the BSoD thing again, often times 5-6 times before starting properly.

Windows 7 64bit on the machine now, originally came with Vista, installed windows 7 when it first came out, had no problems from then till recently. Did a fresh install of 7 about a week ago, thought it might fix the problem, it didn't help. Computer is about 2-3 years old.

 

[CarlTR6]

I looked at all five dump files. All five indicated memory corruption. This looks to be a hardware/hardware related issue. Here are the error codes:

Error code 3B, SYSTEM_SERVICE_EXCEPTION - usually caused by System service, Device driver, graphics driver, ?memory

Error code 1E, KMODE_EXCEPTION_NOT_HANDLED - usually caused by Device driver, hardware, System service, compatibility, Remote control programs, memory, BIOS

Error code A, IRQL_NOT_LESS_OR_EQUAL - usually caused by Kernel mode driver, System Service, BIOS, Windows, Virus scanner, Backup tool, compatibility

Kernel base = 0xfffff800`02a57000 PsLoadedModuleList = 0xfffff800`02c94e50
Debug session time: Wed Sep 29 16:12:37.826 2010 (GMT-4)
System Uptime: 0 days 0:01:35.902
Loading Kernel Symbols
...............................................................
................................................................
.........................
Loading User Symbols
Loading unloaded module list
...
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 3B, {c0000005, fffff80002aa3f97, fffff880079270e0, 0}

Probably caused by : win32k.sys ( win32k!NtUserGetMessage+a1 )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff80002aa3f97, Address of the exception record for the exception that caused the bugcheck
Arg3: fffff880079270e0, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
nt!KiDeliverApc+a7
fffff800`02aa3f97 498b4a30        mov     rcx,qword ptr [r10+30h]

CONTEXT:  fffff880079270e0 -- (.cxr 0xfffff880079270e0)
rax=0000000000000002 rbx=fffffa8008460690 rcx=0000000000000001
rdx=0000000000000000 rsi=fffffa80084606e0 rdi=000000000008e300
rip=fffff80002aa3f97 rsp=fffff88007927ab0 rbp=0000000000000000
 r8=fbfffa80084606e0  r9=0000000000000000 r10=fbfffa80084606d0
r11=fffffa8008460690 r12=0000000000000001 r13=000000000008fd00
r14=fffffa800842a2a0 r15=fffff88007927c20
iopl=0         nv up ei ng nz na po cy
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010287
nt!KiDeliverApc+0xa7:
fffff800`02aa3f97 498b4a30        mov     rcx,qword ptr [r10+30h] ds:002b:fbfffa80`08460700=????????????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x3B

PROCESS_NAME:  Xfire.exe

CURRENT_IRQL:  2

LAST_CONTROL_TRANSFER:  from fffff80002a7abb5 to fffff80002aa3f97

STACK_TEXT:  
fffff880`07927ab0 fffff800`02a7abb5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDeliverApc+0xa7
fffff880`07927b30 fffff800`02ad3843 : 00000000`0008e300 00000000`72a72450 00000000`00000001 00000000`00000001 : nt!KiCheckForKernelApcDelivery+0x25
fffff880`07927b60 fffff960`0011b751 : 00000000`0008ec70 00000000`0008fd20 00000000`72a9ab7c 00000000`7efdb000 : nt!ExReleaseResourceAndLeavePriorityRegion+0x4b
fffff880`07927b90 fffff800`02ac6993 : fffffa80`08460690 00000000`7efdb000 00000000`00000020 00000000`00000020 : win32k!NtUserGetMessage+0xa1
fffff880`07927c20 00000000`72abfc2a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0008e2d8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x72abfc2a


FOLLOWUP_IP: 
win32k!NtUserGetMessage+a1
fffff960`0011b751 8bc3            mov     eax,ebx

SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  win32k!NtUserGetMessage+a1

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: win32k

IMAGE_NAME:  win32k.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c483f

STACK_COMMAND:  .cxr 0xfffff880079270e0 ; kb

FAILURE_BUCKET_ID:  X64_0x3B_win32k!NtUserGetMessage+a1

BUCKET_ID:  X64_0x3B_win32k!NtUserGetMessage+a1

Followup: MachineOwner
---------

ebug session time: Tue Sep 28 12:33:21.901 2010 (GMT-4)
System Uptime: 0 days 0:02:31.602
Loading Kernel Symbols
...............................................................
................................................................
..........................
Loading User Symbols
Loading unloaded module list
...
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1E, {ffffffffc0000005, fffff88007944830, 0, 0}

Unable to load image \SystemRoot\System32\DRIVERS\fvevol.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for fvevol.sys
*** ERROR: Module load completed but symbols could not be loaded for fvevol.sys
Probably caused by : volmgr.sys ( volmgr! ?? ::FNODOBFM::`string'+696 )

Followup: MachineOwner
---------

3: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff88007944830, The address that the exception occurred at
Arg3: 0000000000000000, Parameter 0 of the exception
Arg4: 0000000000000000, Parameter 1 of the exception

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
+5d3d952f01c4dbe8
fffff880`07944830 4857            push    rdi

EXCEPTION_PARAMETER1:  0000000000000000

EXCEPTION_PARAMETER2:  0000000000000000

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002cfc0e0
 0000000000000000 

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x1E

PROCESS_NAME:  SearchIndexer.

CURRENT_IRQL:  0

EXCEPTION_RECORD:  fffff88007945748 -- (.exr 0xfffff88007945748)
ExceptionAddress: 0000000000760074
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000008
   Parameter[1]: 0000000000760074
Attempt to execute non-executable address 0000000000760074

TRAP_FRAME:  fffff880079457f0 -- (.trap 0xfffff880079457f0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffffa8004ab6a00 rbx=0000000000000000 rcx=fffffa80057a1930
rdx=fffffa8003e1beb0 rsi=0000000000000000 rdi=0000000000000000
rip=0000000000760074 rsp=fffff88007945988 rbp=0000000000000001
 r8=fffffa8004ab6c50  r9=0000000000000004 r10=0000000000000000
r11=fffffa8003e1be98 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz ac pe nc
00000000`00760074 ??              ???
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff80002b56bdb to fffff80002ac4740

STACK_TEXT:  
fffff880`07944778 fffff800`02b56bdb : 00000000`0000001e ffffffff`c0000005 fffff880`07944830 00000000`00000000 : nt!KeBugCheckEx
fffff880`07944780 fffff800`02b15d30 : 000007fe`fe535088 00000000`00000000 000007fe`fe843c24 00000000`00000000 : nt!KipFatalFilter+0x1b
fffff880`079447c0 fffff800`02af2d1c : 000007fe`fe843d58 000007fe`fe4e69b8 000007fe`fe4e69ac 000007fe`fe4e69a0 : nt! ?? ::FNODOBFM::`string'+0x95d
fffff880`07944800 fffff800`02aea40d : fffff800`02c10bc4 fffff880`07945cc0 00000000`00000000 fffff800`02a54000 : nt!_C_specific_handler+0x8c
fffff880`07944870 fffff800`02af1a90 : fffff800`02c10bc4 fffff880`079448e8 fffff880`07945748 fffff800`02a54000 : nt!RtlpExecuteHandlerForException+0xd
fffff880`079448a0 fffff800`02afe9ef : fffff880`07945748 fffff880`07944fb0 fffff880`00000000 fffffa80`05796b70 : nt!RtlDispatchException+0x410
fffff880`07944f80 fffff800`02ac3d82 : fffff880`07945748 fffffa80`05796cc0 fffff880`079457f0 fffffa80`03e1bc60 : nt!KiDispatchException+0x16f
fffff880`07945610 fffff800`02ac28fa : 00000000`00000008 fffffa80`05796cc0 fffff880`031d3100 fffff880`017b4b7d : nt!KiExceptionDispatch+0xc2
fffff880`079457f0 00000000`00760074 : fffff880`00fe70be fffffa80`03e1be50 fffffa80`03e1bc60 fffffa80`05796b70 : nt!KiPageFault+0x23a
fffff880`07945988 fffff880`00fe70be : fffffa80`03e1be50 fffffa80`03e1bc60 fffffa80`05796b70 fffff880`00fe512c : 0x760074
fffff880`07945990 fffff880`018012bf : 00000000`00000001 fffffa80`0579bb90 fffffa80`03e1bc60 00000000`00000000 : volmgr! ?? ::FNODOBFM::`string'+0x696
fffff880`079459d0 00000000`00000001 : fffffa80`0579bb90 fffffa80`03e1bc60 00000000`00000000 00000000`00000001 : fvevol+0x12bf
fffff880`079459d8 fffffa80`0579bb90 : fffffa80`03e1bc60 00000000`00000000 00000000`00000001 fffffa80`0579bb90 : 0x1
fffff880`079459e0 fffffa80`03e1bc60 : 00000000`00000000 00000000`00000001 fffffa80`0579bb90 00000000`00000000 : 0xfffffa80`0579bb90
fffff880`079459e8 00000000`00000000 : 00000000`00000001 fffffa80`0579bb90 00000000`00000000 fffff880`0180153c : 0xfffffa80`03e1bc60


STACK_COMMAND:  kb

FOLLOWUP_IP: 
volmgr! ?? ::FNODOBFM::`string'+696
fffff880`00fe70be 90              nop

SYMBOL_STACK_INDEX:  a

SYMBOL_NAME:  volmgr! ?? ::FNODOBFM::`string'+696

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: volmgr

IMAGE_NAME:  volmgr.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc11d

FAILURE_BUCKET_ID:  X64_0x1E_volmgr!_??_::FNODOBFM::_string_+696

BUCKET_ID:  X64_0x1E_volmgr!_??_::FNODOBFM::_string_+696

Followup: MachineOwner
---------

Kernel base = 0xfffff800`02a60000 PsLoadedModuleList = 0xfffff800`02c9de50
Debug session time: Mon Sep 27 21:03:43.569 2010 (GMT-4)
System Uptime: 0 days 0:03:47.644
Loading Kernel Symbols
...............................................................
................................................................
...........................
Loading User Symbols
Loading unloaded module list
...
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck A, {8, 2, 1, fffff80002adc3f2}

Probably caused by : ntkrnlmp.exe ( nt!KiTimerExpiration+f2 )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000000000000008, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, bitfield :
    bit 0 : value 0 = read operation, 1 = write operation
    bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff80002adc3f2, address which referenced memory

Debugging Details:
------------------


WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff80002d080e0
 0000000000000008 

CURRENT_IRQL:  2

FAULTING_IP: 
nt!KiTimerExpiration+f2
fffff800`02adc3f2 48894808        mov     qword ptr [rax+8],rcx

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0xA

PROCESS_NAME:  System

TRAP_FRAME:  fffff800041b3aa0 -- (.trap 0xfffff800041b3aa0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffff80002c4d288
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80002adc3f2 rsp=fffff800041b3c30 rbp=0000000000003900
 r8=fffff80002c4d200  r9=00000000000000c1 r10=0000000000000000
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz ac pe cy
nt!KiTimerExpiration+0xf2:
fffff800`02adc3f2 48894808        mov     qword ptr [rax+8],rcx ds:00000000`00000008=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff80002acfca9 to fffff80002ad0740

STACK_TEXT:  
fffff800`041b3958 fffff800`02acfca9 : 00000000`0000000a 00000000`00000008 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
fffff800`041b3960 fffff800`02ace920 : 00000000`00000000 00000000`87afdba8 fffffa80`04773000 fffffa80`06a844c0 : nt!KiBugCheckDispatch+0x69
fffff800`041b3aa0 fffff800`02adc3f2 : 00000000`87af8d87 fffff800`041b3c58 00000000`00003900 fffff800`02c4d288 : nt!KiPageFault+0x260
fffff800`041b3c30 fffff800`02adbcb7 : 00000000`1fd9dbc1 00000000`00003900 00000000`1fd9dba8 00000000`00000000 : nt!KiTimerExpiration+0xf2
fffff800`041b3cd0 fffff800`02ad8eea : fffff800`02c4ae80 fffff800`02c58c40 00000000`00000000 fffff880`045d44d0 : nt!KiRetireDpcList+0x277
fffff800`041b3d80 00000000`00000000 : fffff800`041b4000 fffff800`041ae000 fffff800`041b3d40 00000000`00000000 : nt!KiIdleLoop+0x5a


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!KiTimerExpiration+f2
fffff800`02adc3f2 48894808        mov     qword ptr [rax+8],rcx

SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  nt!KiTimerExpiration+f2

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c44a9

FAILURE_BUCKET_ID:  X64_0xA_nt!KiTimerExpiration+f2

BUCKET_ID:  X64_0xA_nt!KiTimerExpiration+f2

Followup: MachineOwner
---------

Notice the error code causes and what they have in common - drivers. You have a number of out of date drivers and the ones in bold font are really obsolete. These can and do cause conflicts, memory corruption and BSOD's. The following drivers need to be updated.

Alpham164.sys Mon Jul 23 03:57:03 2007 - Ideazon ZBoard http://www.steelseries.com/download

Alpham264.sys Tue Mar 20 05:51:03 2007 - Ideazon ZBoard http://www.steelseries.com/download

CAX_CNXT.sys Fri Feb 13 16:19:32 2009 - Conexant Modem Conexant: Support

CAX_DP.sys Fri Feb 13 16:18:25 2009 - Conexant Modem Conexant: Support

CAXHWBS2.sys Fri Feb 13 16:21:18 2009 - Conexant Modem Conexant: Support

iaStor.sys Thu Jun 04 21:53:40 2009 - Intel Storage drivers http://downloadcenter.intel.com/Default.aspx

iaStorV.sys Wed Apr 08 12:57:17 2009 - Intel Storage drivers http://downloadcenter.intel.com/Default.aspx

mdmxsdk.sys Mon Jun 19 17:27:26 2006 - Conexant Modem Diagnostic Interface x86 Driver/Zoltrix Conexant: Support

netr7364.sys Wed May 20 04:53:31 2009 - Ralink Wireless LAN Card (you may have a different manufacturer) Ralink corp.

Rt64win7.sys Thu Feb 26 04:04:13 2009 - Realtek 8101E/8168/8169 NDIS 6.20 64-bit Driver for Realtek 8101E/8168/8169 PCI/PCIe Adapters, Realtek

XAudio64.sys Wed Apr 29 14:21:07 2009 - Conexant modem audio driver Conexant: Support

xcbdaVx64.sys Mon Sep 15 05:04:16 2008 - ViXS XCode AVStreamViXS Support

xcfeVx64.sys Mon Sep 15 05:04:55 2008 - ViXS XCode AVStream Driver Front-End Library (x64)ViXS Support

xchalVx64.sys Mon Sep 15 05:04:54 2008 - ViXS XCode AVStreamViXS Support

xcmemVx64.sys Mon Sep 15 05:04:14 2008 - ViXS XCode AVStreamViXS Support

How to update drivers:

- I have listed links to most of the drivers in the code box below. Please use the links there to see what info I've found about those drivers.
- search Google for the name of the driver
- compare the Google results with what's installed on your system to figure out which device/program it belongs to
- visit the web site of the manufacturer of the hardware/program to get the latest drivers (DON'T use Windows Update or the Update driver function of Device Manager).
- if there are difficulties in locating them, post back with questions and someone will try and help you locate the appropriate program.

- - The most common drivers are listed on this page: Driver Reference
- - Driver manufacturer links are on this page: Drivers and Downloads
- - To remove any left over driver remnants, especially from graphics cards, use driver sweeper Guru3D - Driver Sweeper
Intel Driver Utility: Intel® Driver Update Utility

Update these drivers, reboot and let's see how your system does. Upload any new BSOD you get. I hope that simply updating these older drivers will solve your problem. If not we will go on to the next step.

 

[inphinity00]

Updating them now, having a difficult time finding the ViXS drivers though, and also the Conexant, but still looking.

 

[CarlTR6]

Since you have an HP Pavilion, try updating from the HP site.

 

[inphinity00]

So I reinstalled some of the drivers listed, but during it we had a power outage that turned the computer off, upon rebooting it, the windows explorer.dll was borked, so it would sort of load, but all I had was black screen and a mouse pointer. I opted to completely reinstall windows again, this time getting rid of the old partition that came with the computer that had vista files in it. Also didn't export any settings, or files. Slowly working on getting the computer going fully again, new drivers etc. Hopefully this works, if not I will update this page tomorrow, since I will power down my computer later tonight, and sleep, and usually the next day is when it BSoDs anyway after being off for several hours. Really not how I wanted to spend my evening, but fate had other ideas apparently. Thanks for the help so far!

 

[CarlTR6]

I am sure sorry that happened to you. At least you have a clean install. Please let us know how your new install goes.

 

[inphinity00]

I started up my computer this morning and after about 2-3 minutes it froze up, had to unplug it, waited a bit, restarted it again, another blue screen right after it logged into windows. This is the third boot, so hopefully this one sticks long enough to try and figure out why. All drivers were updated to the newest ones I could find, and this windows copy is 100% fresh, only downloaded and installed a few programs so far. Any help would be great.

 

[CarlTR6]

That points to a hardware or a driver problem. Upload the dump file when you can.