BSOD - Probably caused by : csrss.exe

Hello,

I am new to this forum, and I hope I have understood the rules correctly and posted in the proper forum. I recently built a new Win7x64 box with the following components:

ASUS Rampage III Formula
Intel Core i7-950
Corsair Dominator (3x4GB) DDR3 1600
OCZ RevoDrive PCI-E SSD
VisionTek Radeon HD 5750

It ran for about a month without incident, then a BSOD every couple of weeks, and now 3 in the past week. The only thing going on in the Event Viewer that looks out-of-place is an intermittent NetBT error (that I assume is unrelated):

The name "****** :1d" could not be registered on the interface with IP address 192.168.x.xxx. The computer with the IP address 192.168.x.xxx did not allow the name to be claimed by this computer.

Here is the latest dump. I would greatly appreciate any assistance you all could provide. Thank you so much!!!

Opened log file 'c:debuglog.txt'

Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: C:\Windows;C:\Windows\system32;C:\Windows\system32\drivers
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02c5a000 PsLoadedModuleList = 0xfffff800`02e97e50
Debug session time: Mon Dec 20 09:53:26.529 2010 (UTC - 5:00)
System Uptime: 0 days 15:59:18.466
Loading Kernel Symbols
...............................................................
................................................................
..Page 31ae82 not present in the dump file. Type ".hh dbgerr004" for details
.......Page 31a951 not present in the dump file. Type ".hh dbgerr004" for details
........Page 316392 not present in the dump file. Type ".hh dbgerr004" for details
...........................
Loading User Symbols
PEB is paged out (Peb.Ldr = 000007ff`fffda018). Type ".hh dbgerr001" for details
Loading unloaded module list
...........
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck F4, {3, fffffa800cbb5b30, fffffa800cbb5e10, fffff80002fd55d0}

Page 31ae82 not present in the dump file. Type ".hh dbgerr004" for details
Probably caused by : csrss.exe

Followup: MachineOwner
---------

6: kd> !analyze -v;r;kv;lmtn;.logclose;q
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

CRITICAL_OBJECT_TERMINATION (f4)
A process or thread crucial to system operation has unexpectedly exited or been
terminated.
Several processes and threads are necessary for the operation of the
system; when they are terminated (for any reason), the system can no
longer function.
Arguments:
Arg1: 0000000000000003, Process
Arg2: fffffa800cbb5b30, Terminating object
Arg3: fffffa800cbb5e10, Process image file name
Arg4: fffff80002fd55d0, Explanatory message (ascii)

Debugging Details:
------------------

Page 31ae82 not present in the dump file. Type ".hh dbgerr004" for details

PROCESS_OBJECT: fffffa800cbb5b30

IMAGE_NAME: csrss.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 0

MODULE_NAME: csrss

FAULTING_MODULE: 0000000000000000

PROCESS_NAME: csrss.exe

EXCEPTION_RECORD: fffff88002cb3b78 -- (.exr 0xfffff88002cb3b78)
.exr 0xfffff88002cb3b78
ExceptionAddress: 0000000077af592d
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000001
Parameter[1]: 0000000000240ce8
Attempt to write to address 0000000000240ce8

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

CURRENT_IRQL: 0

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1: 0000000000000001

EXCEPTION_PARAMETER2: 0000000000240ce8

WRITE_ADDRESS: 0000000000240ce8

FOLLOWUP_IP:
+6465306539326532
00000000`77af592d ?? ???

FAULTING_IP:
+6465306539326532
00000000`77af592d ?? ???

FAILED_INSTRUCTION_ADDRESS:
+6465306539326532
00000000`77af592d ?? ???

BUGCHECK_STR: 0xF4_C0000005

STACK_TEXT:
fffff880`02cb30f8 fffff800`03056652 : 00000000`000000f4 00000000`00000003 fffffa80`0cbb5b30 fffffa80`0cbb5e10 : nt!KeBugCheckEx
fffff880`02cb3100 fffff800`02fff3e3 : ffffffff`ffffffff fffffa80`0cc3db60 fffffa80`0cbb5b30 fffffa80`0cbb5b30 : nt!PspCatchCriticalBreak+0x92
fffff880`02cb3140 fffff800`02f8780c : ffffffff`ffffffff 00000000`00000001 fffffa80`0cbb5b30 fffff6fb`00000008 : nt! ?? ::NNGAKEGL::`string'+0x17946
fffff880`02cb3190 fffff800`02cc9993 : fffffa80`0cbb5b30 fffff800`c0000005 ffffc92f`ece02bb8 fffffa80`0cc3db60 : nt!NtTerminateProcess+0x20c
fffff880`02cb3210 fffff800`02cc5f30 : fffff800`02d04dbc fffff880`02cb3b78 fffff880`02cb38e0 fffff880`02cb3c20 : nt!KiSystemServiceCopyEnd+0x13
fffff880`02cb33a8 fffff800`02d04dbc : fffff880`02cb3b78 fffff880`02cb38e0 fffff880`02cb3c20 00000000`00241f70 : nt!KiServiceLinkage
fffff880`02cb33b0 fffff800`02cc9d82 : fffff880`02cb3b78 00000000`000131b0 fffff880`02cb3c20 00000000`00241a48 : nt!KiDispatchException+0x53b
fffff880`02cb3a40 fffff800`02cc88fa : 00000000`00000001 00000000`000131b0 00000000`00000201 fffffa80`0d635ca0 : nt!KiExceptionDispatch+0xc2
fffff880`02cb3c20 00000000`77af592d : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x23a
00000000`00240cf0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x77af592d


STACK_COMMAND: kb

FOLLOWUP_NAME: MachineOwner

FAILURE_BUCKET_ID: X64_0xF4_C0000005_IMAGE_csrss.exe

BUCKET_ID: X64_0xF4_C0000005_IMAGE_csrss.exe

Followup: MachineOwner
---------

rax=fffff88002cb3188 rbx=ffffffffffffff00 rcx=00000000000000f4
rdx=0000000000000003 rsi=fffffa800cbb5e10 rdi=fffffa800cbb5b30
rip=fffff80002cca740 rsp=fffff88002cb30f8 rbp=fffff80002fd55d0
r8=fffffa800cbb5b30 r9=fffffa800cbb5e10 r10=fffff80002f87600
r11=fffff88002cb3208 r12=00000000c0000005 r13=00000000c0000005
r14=0000000000000008 r15=ffffffffffffffff
iopl=0 nv up ei pl nz na po nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00000206
nt!KeBugCheckEx:
fffff800`02cca740 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:fffff880`02cb3100=00000000000000f4
Child-SP RetAddr : Args to Child : Call Site
fffff880`02cb30f8 fffff800`03056652 : 00000000`000000f4 00000000`00000003 fffffa80`0cbb5b30 fffffa80`0cbb5e10 : nt!KeBugCheckEx
fffff880`02cb3100 fffff800`02fff3e3 : ffffffff`ffffffff fffffa80`0cc3db60 fffffa80`0cbb5b30 fffffa80`0cbb5b30 : nt!PspCatchCriticalBreak+0x92
fffff880`02cb3140 fffff800`02f8780c : ffffffff`ffffffff 00000000`00000001 fffffa80`0cbb5b30 fffff6fb`00000008 : nt! ?? ::NNGAKEGL::`string'+0x17946
fffff880`02cb3190 fffff800`02cc9993 : fffffa80`0cbb5b30 fffff800`c0000005 ffffc92f`ece02bb8 fffffa80`0cc3db60 : nt!NtTerminateProcess+0x20c
fffff880`02cb3210 fffff800`02cc5f30 : fffff800`02d04dbc fffff880`02cb3b78 fffff880`02cb38e0 fffff880`02cb3c20 : nt!KiSystemServiceCopyEnd+0x13 (TrapFrame @ fffff880`02cb3210)
fffff880`02cb33a8 fffff800`02d04dbc : fffff880`02cb3b78 fffff880`02cb38e0 fffff880`02cb3c20 00000000`00241f70 : nt!KiServiceLinkage
fffff880`02cb33b0 fffff800`02cc9d82 : fffff880`02cb3b78 00000000`000131b0 fffff880`02cb3c20 00000000`00241a48 : nt!KiDispatchException+0x53b
fffff880`02cb3a40 fffff800`02cc88fa : 00000000`00000001 00000000`000131b0 00000000`00000201 fffffa80`0d635ca0 : nt!KiExceptionDispatch+0xc2
fffff880`02cb3c20 00000000`77af592d : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x23a (TrapFrame @ fffff880`02cb3c20)
00000000`00240cf0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x77af592d
start end module name
fffff800`00bc0000 fffff800`00bca000 kdcom kdcom.dll Mon Jul 13 21:31:07 2009 (4A5BDFDB)
fffff800`02c11000 fffff800`02c5a000 hal hal.dll Mon Jul 13 21:27:36 2009 (4A5BDF08)
fffff800`02c5a000 fffff800`03236000 nt ntkrnlmp.exe Sat Jun 19 00:16:41 2010 (4C1C44A9)
fffff880`00c00000 fffff880`00c2f000 SCSIPORT SCSIPORT.SYS Mon Jul 13 20:01:04 2009 (4A5BCAC0)
fffff880`00c5f000 fffff880`00ca3000 mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 21:29:10 2009 (4A5BDF66)
fffff880`00ca3000 fffff880`00cb7000 PSHED PSHED.dll Mon Jul 13 21:32:23 2009 (4A5BE027)
fffff880`00cb7000 fffff880`00d15000 CLFS CLFS.SYS Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`00d15000 fffff880`00dd5000 CI CI.dll Mon Jul 13 21:32:13 2009 (4A5BE01D)
fffff880`00e09000 fffff880`00ead000 Wdf01000 Wdf01000.sys Mon Jul 13 19:22:07 2009 (4A5BC19F)
fffff880`00ead000 fffff880`00ebc000 WDFLDR WDFLDR.SYS Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`00ebc000 fffff880`00fe2000 sptd sptd.sys Sun Oct 11 16:55:14 2009 (4AD24632)
fffff880`00fe2000 fffff880`00feb000 WMILIB WMILIB.SYS Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`01000000 fffff880`010260c0 vnaap vnaap.sys Mon Dec 29 07:10:44 2008 (4958BE44)
fffff880`0104b000 fffff880`010a2000 ACPI ACPI.sys Mon Jul 13 19:19:34 2009 (4A5BC106)
fffff880`010a2000 fffff880`010ac000 msisadrv msisadrv.sys Mon Jul 13 19:19:26 2009 (4A5BC0FE)
fffff880`010ac000 fffff880`010b9000 vdrvroot vdrvroot.sys Mon Jul 13 20:01:31 2009 (4A5BCADB)
fffff880`010b9000 fffff880`010ec000 pci pci.sys Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`010ec000 fffff880`01101000 partmgr partmgr.sys Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`01101000 fffff880`01116000 volmgr volmgr.sys Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`01116000 fffff880`01172000 volmgrx volmgrx.sys Mon Jul 13 19:20:33 2009 (4A5BC141)
fffff880`01172000 fffff880`01179000 pciide pciide.sys Mon Jul 13 19:19:49 2009 (4A5BC115)
fffff880`01179000 fffff880`01189000 PCIIDEX PCIIDEX.SYS Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`01189000 fffff880`011a9000 jraid jraid.sys Thu Oct 29 04:14:20 2009 (4AE94EDC)
fffff880`011a9000 fffff880`011c3000 mountmgr mountmgr.sys Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`011c3000 fffff880`011dd000 rassstp rassstp.sys Mon Jul 13 20:10:25 2009 (4A5BCCF1)
fffff880`01200000 fffff880`01221000 raspptp raspptp.sys Mon Jul 13 20:10:18 2009 (4A5BCCEA)
fffff880`01231000 fffff880`0134d000 iaStor iaStor.sys Mon Feb 08 19:11:06 2010 (4B70A81A)
fffff880`0134d000 fffff880`01356000 atapi atapi.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`01356000 fffff880`01380000 ataport ataport.SYS Mon Jul 13 19:19:52 2009 (4A5BC118)
fffff880`01380000 fffff880`0138b000 msahci msahci.sys Mon Jul 13 20:01:01 2009 (4A5BCABD)
fffff880`0138b000 fffff880`013e1000 Si3124r5 Si3124r5.sys Tue Jan 05 22:00:46 2010 (4B43FCDE)
fffff880`013e1000 fffff880`013fc000 raspppoe raspppoe.sys Mon Jul 13 20:10:17 2009 (4A5BCCE9)
fffff880`01400000 fffff880`0142f000 ndiswan ndiswan.sys Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`0142f000 fffff880`0143e000 mouclass mouclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`01448000 fffff880`014d4000 mv91xx mv91xx.sys Fri Dec 25 01:45:39 2009 (4B345F93)
fffff880`014d4000 fffff880`014dc000 mvxxmm mvxxmm.sys Fri Dec 25 01:45:15 2009 (4B345F7B)
fffff880`014dc000 fffff880`014e7000 amdxata amdxata.sys Tue May 19 13:56:59 2009 (4A12F2EB)
fffff880`014e7000 fffff880`01533000 fltmgr fltmgr.sys Mon Jul 13 19:19:59 2009 (4A5BC11F)
fffff880`01533000 fffff880`01547000 fileinfo fileinfo.sys Mon Jul 13 19:34:25 2009 (4A5BC481)
fffff880`01547000 fffff880`01551000 SiWinAcc SiWinAcc.sys Mon Nov 01 15:23:29 2004 (41868D31)
fffff880`01551000 fffff880`015af000 msrpc msrpc.sys Mon Jul 13 19:21:32 2009 (4A5BC17C)
fffff880`015af000 fffff880`015f4000 azz5fnop azz5fnop.SYS Tue Jul 14 17:12:55 2009 (4A5CF4D7)
fffff880`01600000 fffff880`0161a000 ksecdd ksecdd.sys Mon Jul 13 19:20:54 2009 (4A5BC156)
fffff880`0161a000 fffff880`01658000 1394ohci 1394ohci.sys Mon Jul 13 20:07:12 2009 (4A5BCC30)
fffff880`0165a000 fffff880`017fd000 Ntfs Ntfs.sys Mon Jul 13 19:20:47 2009 (4A5BC14F)
fffff880`01800000 fffff880`01816000 disk disk.sys Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`01816000 fffff880`01846000 CLASSPNP CLASSPNP.SYS Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`0185e000 fffff880`01882000 rasl2tp rasl2tp.sys Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`01882000 fffff880`0188d000 rdpbus rdpbus.sys Mon Jul 13 20:17:46 2009 (4A5BCEAA)
fffff880`01894000 fffff880`01907000 cng cng.sys Mon Jul 13 19:49:40 2009 (4A5BC814)
fffff880`01907000 fffff880`01918000 pcw pcw.sys Mon Jul 13 19:19:27 2009 (4A5BC0FF)
fffff880`01918000 fffff880`01922000 Fs_Rec Fs_Rec.sys Mon Jul 13 19:19:45 2009 (4A5BC111)
fffff880`01922000 fffff880`0196e000 volsnap volsnap.sys Mon Jul 13 19:20:08 2009 (4A5BC128)
fffff880`0196e000 fffff880`019a8000 rdyboost rdyboost.sys Mon Jul 13 19:34:34 2009 (4A5BC48A)
fffff880`019a8000 fffff880`019b1000 hwpolicy hwpolicy.sys Mon Jul 13 19:19:22 2009 (4A5BC0FA)
fffff880`019b1000 fffff880`019eb000 fvevol fvevol.sys Fri Sep 25 22:34:26 2009 (4ABD7DB2)
fffff880`019eb000 fffff880`019fa000 kbdclass kbdclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`01a00000 fffff880`01a2b000 ksecpkg ksecpkg.sys Fri Dec 11 01:03:32 2009 (4B21E0B4)
fffff880`01a2b000 fffff880`01a75000 fwpkclnt fwpkclnt.sys Mon Jul 13 19:21:08 2009 (4A5BC164)
fffff880`01a75000 fffff880`01a85000 vmstorfl vmstorfl.sys Mon Jul 13 19:42:54 2009 (4A5BC67E)
fffff880`01a85000 fffff880`01a8d000 spldr spldr.sys Mon May 11 12:56:27 2009 (4A0858BB)
fffff880`01a8d000 fffff880`01a95000 SiRemFil SiRemFil.sys Wed Oct 18 18:20:39 2006 (4536A8B7)
fffff880`01a9a000 fffff880`01b8c000 ndis ndis.sys Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`01b8c000 fffff880`01bec000 NETIO NETIO.SYS Mon Jul 13 19:21:46 2009 (4A5BC18A)
fffff880`01bec000 fffff880`01bfe000 mup mup.sys Mon Jul 13 19:23:45 2009 (4A5BC201)
fffff880`01c01000 fffff880`01dfe000 tcpip tcpip.sys Sun Jun 13 23:39:04 2010 (4C15A458)
fffff880`03c00000 fffff880`03ca6000 peauth peauth.sys Mon Jul 13 21:01:19 2009 (4A5BD8DF)
fffff880`03ca9000 fffff880`03d81000 eamonm eamonm.sys Fri Aug 13 08:38:55 2010 (4C653CDF)
fffff880`03d81000 fffff880`03da2000 WudfPf WudfPf.sys Mon Jul 13 20:05:37 2009 (4A5BCBD1)
fffff880`03da2000 fffff880`03dcf000 epfw epfw.sys Wed Jul 14 04:10:34 2010 (4C3D70FA)
fffff880`03dcf000 fffff880`03de4000 lltdio lltdio.sys Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`03de4000 fffff880`03dfc000 rspndr rspndr.sys Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`04400000 fffff880`04416000 AgileVpn AgileVpn.sys Mon Jul 13 20:10:24 2009 (4A5BCCF0)
fffff880`04416000 fffff880`04422000 ndistapi ndistapi.sys Mon Jul 13 20:10:00 2009 (4A5BCCD8)
fffff880`04491000 fffff880`044bb000 cdrom cdrom.sys Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`044bb000 fffff880`044c4000 Null Null.SYS Mon Jul 13 19:19:37 2009 (4A5BC109)
fffff880`044c4000 fffff880`044cb000 Beep Beep.SYS Mon Jul 13 20:00:13 2009 (4A5BCA8D)
fffff880`044cb000 fffff880`044f0000 ehdrv ehdrv.sys Wed Jul 14 04:14:21 2010 (4C3D71DD)
fffff880`044f0000 fffff880`044fe000 vga vga.sys Mon Jul 13 19:38:47 2009 (4A5BC587)
fffff880`044fe000 fffff880`04523000 VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:38:51 2009 (4A5BC58B)
fffff880`04523000 fffff880`04533000 watchdog watchdog.sys Mon Jul 13 19:37:35 2009 (4A5BC53F)
fffff880`04533000 fffff880`0453c000 RDPCDD RDPCDD.sys Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`0453c000 fffff880`04545000 rdpencdd rdpencdd.sys Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`04545000 fffff880`0454e000 rdprefmp rdprefmp.sys Mon Jul 13 20:16:35 2009 (4A5BCE63)
fffff880`0454e000 fffff880`04559000 Msfs Msfs.SYS Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`04559000 fffff880`0456a000 Npfs Npfs.SYS Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`0456a000 fffff880`04588000 tdx tdx.sys Mon Jul 13 19:21:15 2009 (4A5BC16B)
fffff880`04588000 fffff880`04595000 TDI TDI.SYS Mon Jul 13 19:21:18 2009 (4A5BC16E)
fffff880`04595000 fffff880`045eb000 USBPORT USBPORT.SYS Mon Jul 13 20:06:31 2009 (4A5BCC07)
fffff880`045eb000 fffff880`045f6000 Epfwndis Epfwndis.sys Wed Jul 14 04:10:31 2010 (4C3D70F7)
fffff880`04600000 fffff880`0464b000 atikmpag atikmpag.sys Tue Oct 26 22:14:23 2010 (4CC78AFF)
fffff880`0464b000 fffff880`0466e000 AnyDVD AnyDVD.sys Tue Sep 14 09:16:14 2010 (4C8F759E)
fffff880`04673000 fffff880`046fd000 afd afd.sys Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`046fd000 fffff880`04742000 netbt netbt.sys Mon Jul 13 19:21:28 2009 (4A5BC178)
fffff880`04742000 fffff880`0474b000 wfplwf wfplwf.sys Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff880`0474b000 fffff880`04771000 pacer pacer.sys Mon Jul 13 20:09:41 2009 (4A5BCCC5)
fffff880`04771000 fffff880`0478f000 dfsc dfsc.sys Mon Jul 13 19:23:44 2009 (4A5BC200)
fffff880`0478f000 fffff880`047b5000 tunnel tunnel.sys Mon Jul 13 20:09:37 2009 (4A5BCCC1)
fffff880`047b5000 fffff880`047cb000 intelppm intelppm.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD)
fffff880`047cb000 fffff880`047fb000 nusb3xhc nusb3xhc.sys Thu Jan 21 22:22:21 2010 (4B5919ED)
fffff880`04800000 fffff880`04811000 blbdrive blbdrive.sys Mon Jul 13 19:35:59 2009 (4A5BC4DF)
fffff880`04811000 fffff880`04812f00 USBD USBD.SYS Mon Jul 13 20:06:23 2009 (4A5BCBFF)
fffff880`04817000 fffff880`048ad000 vsdatant vsdatant.sys Mon Aug 30 11:11:16 2010 (4C7BCA14)
fffff880`048ad000 fffff880`048bc000 netbios netbios.sys Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff880`048bc000 fffff880`048d7000 wanarp wanarp.sys Mon Jul 13 20:10:21 2009 (4A5BCCED)
fffff880`048d7000 fffff880`048eb000 termdd termdd.sys Mon Jul 13 20:16:36 2009 (4A5BCE64)
fffff880`048eb000 fffff880`0493c000 rdbss rdbss.sys Mon Jul 13 19:24:09 2009 (4A5BC219)
fffff880`0493c000 fffff880`04948000 nsiproxy nsiproxy.sys Mon Jul 13 19:21:02 2009 (4A5BC15E)
fffff880`04948000 fffff880`04953000 mssmbios mssmbios.sys Mon Jul 13 19:31:10 2009 (4A5BC3BE)
fffff880`04953000 fffff880`0495f000 ElbyCDIO ElbyCDIO.sys Thu Sep 30 17:25:08 2010 (4CA50034)
fffff880`0495f000 fffff880`0496e000 discache discache.sys Mon Jul 13 19:37:18 2009 (4A5BC52E)
fffff880`0496e000 fffff880`049f1000 csc csc.sys Mon Jul 13 19:24:26 2009 (4A5BC22A)
fffff880`049f1000 fffff880`049fe000 dsNcAdpt dsNcAdpt.sys Mon Mar 30 22:33:33 2009 (49D180FD)
fffff880`04c02000 fffff880`053f7000 atikmdag atikmdag.sys Tue Oct 26 22:29:53 2010 (4CC78EA1)
fffff880`05400000 fffff880`05410000 CompositeBus CompositeBus.sys Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`05410000 fffff880`05411480 swenum swenum.sys Mon Jul 13 20:00:18 2009 (4A5BCA92)
fffff880`05417000 fffff880`0550b000 dxgkrnl dxgkrnl.sys Thu Oct 01 21:00:14 2009 (4AC5509E)
fffff880`0550b000 fffff880`05551000 dxgmms1 dxgmms1.sys Mon Jul 13 19:38:32 2009 (4A5BC578)
fffff880`05551000 fffff880`05575000 HDAudBus HDAudBus.sys Mon Jul 13 20:06:13 2009 (4A5BCBF5)
fffff880`05575000 fffff880`055bf000 e1y62x64 e1y62x64.sys Wed Apr 07 18:58:49 2010 (4BBD0E29)
fffff880`055bf000 fffff880`055cc000 usbuhci usbuhci.sys Mon Jul 13 20:06:27 2009 (4A5BCC03)
fffff880`055cc000 fffff880`055dd000 usbehci usbehci.sys Mon Jul 13 20:06:30 2009 (4A5BCC06)
fffff880`055dd000 fffff880`055e5000 ASACPI ASACPI.sys Wed Jul 15 23:31:29 2009 (4A5E9F11)
fffff880`055e5000 fffff880`055f2000 GEARAspiWDM GEARAspiWDM.sys Mon May 18 08:17:04 2009 (4A1151C0)
fffff880`055f2000 fffff880`055fb000 wmiacpi wmiacpi.sys Mon Jul 13 19:31:02 2009 (4A5BC3B6)
fffff880`05a00000 fffff880`05a05200 ksthunk ksthunk.sys Mon Jul 13 20:00:19 2009 (4A5BCA93)
fffff880`05a06000 fffff880`05a6d000 srv2 srv2.sys Thu Aug 26 23:37:46 2010 (4C77330A)
fffff880`05aa2000 fffff880`05ae5000 ks ks.sys Wed Mar 03 23:32:25 2010 (4B8F37D9)
fffff880`05ae5000 fffff880`05af7000 umbus umbus.sys Mon Jul 13 20:06:56 2009 (4A5BCC20)
fffff880`05af7000 fffff880`05b0f000 nusb3hub nusb3hub.sys Thu Jan 21 22:22:18 2010 (4B5919EA)
fffff880`05b0f000 fffff880`05b69000 usbhub usbhub.sys Mon Jul 13 20:07:09 2009 (4A5BCC2D)
fffff880`05b69000 fffff880`05b7e000 NDProxy NDProxy.SYS Mon Jul 13 20:10:05 2009 (4A5BCCDD)
fffff880`05b7e000 fffff880`05ba0000 AtiHdmi AtiHdmi.sys Tue Mar 09 05:08:38 2010 (4B961E26)
fffff880`05ba0000 fffff880`05bdd000 portcls portcls.sys Mon Jul 13 20:06:27 2009 (4A5BCC03)
fffff880`05bdd000 fffff880`05bff000 drmk drmk.sys Mon Jul 13 21:01:25 2009 (4A5BD8E5)
fffff880`06810000 fffff880`06a60600 RTKVHD64 RTKVHD64.sys Tue Jul 20 05:03:23 2010 (4C45665B)
fffff880`06a61000 fffff880`06a7c000 USBSTOR USBSTOR.SYS Mon Jul 13 20:06:34 2009 (4A5BCC0A)
fffff880`06a7c000 fffff880`06a88000 Dxapi Dxapi.sys Mon Jul 13 19:38:28 2009 (4A5BC574)
fffff880`06a88000 fffff880`06a96000 crashdmp crashdmp.sys Mon Jul 13 20:01:01 2009 (4A5BCABD)
fffff880`06a96000 fffff880`06aa0000 dump_diskdump dump_diskdump.sys Mon Jul 12 23:32:05 2010 (4C3BDE35)
fffff880`06aa0000 fffff880`06af6000 dump_Si3124r5 dump_Si3124r5.sys Tue Jan 05 22:00:46 2010 (4B43FCDE)
fffff880`06af6000 fffff880`06b09000 dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
fffff880`06b09000 fffff880`06b17000 monitor monitor.sys Mon Jul 13 19:38:52 2009 (4A5BC58C)
fffff880`06b17000 fffff880`06b34000 usbccgp usbccgp.sys Mon Jul 13 20:06:45 2009 (4A5BCC15)
fffff880`06b34000 fffff880`06b42000 hidusb hidusb.sys Mon Jul 13 20:06:22 2009 (4A5BCBFE)
fffff880`06b42000 fffff880`06b5b000 HIDCLASS HIDCLASS.SYS Mon Jul 13 20:06:21 2009 (4A5BCBFD)
fffff880`06b5b000 fffff880`06b63080 HIDPARSE HIDPARSE.SYS Mon Jul 13 20:06:17 2009 (4A5BCBF9)
fffff880`06b64000 fffff880`06b72000 kbdhid kbdhid.sys Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff880`06b72000 fffff880`06b7f000 mouhid mouhid.sys Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff880`06b7f000 fffff880`06ba2000 luafv luafv.sys Mon Jul 13 19:26:13 2009 (4A5BC295)
fffff880`06ba2000 fffff880`06bb4000 tcpipreg tcpipreg.sys Mon Jul 13 20:09:49 2009 (4A5BCCCD)
fffff880`06bb4000 fffff880`06bdf000 000 000.fcl Fri Sep 26 09:11:22 2008 (48DCDF7A)
fffff880`07800000 fffff880`07811000 epfwwfp epfwwfp.sys Wed Jul 14 04:10:34 2010 (4C3D70FA)
fffff880`07811000 fffff880`0781c000 secdrv secdrv.SYS Wed Sep 13 09:18:38 2006 (4508052E)
fffff880`0781c000 fffff880`07849000 srvnet srvnet.sys Thu Aug 26 23:37:24 2010 (4C7732F4)
fffff880`07857000 fffff880`0791f000 HTTP HTTP.sys Mon Jul 13 19:22:16 2009 (4A5BC1A8)
fffff880`0791f000 fffff880`0793d000 bowser bowser.sys Mon Jul 13 19:23:50 2009 (4A5BC206)
fffff880`0793d000 fffff880`07955000 mpsdrv mpsdrv.sys Mon Jul 13 20:08:25 2009 (4A5BCC79)
fffff880`07955000 fffff880`07982000 mrxsmb mrxsmb.sys Sat Feb 27 02:52:19 2010 (4B88CF33)
fffff880`07982000 fffff880`079d0000 mrxsmb10 mrxsmb10.sys Sat Feb 27 02:52:28 2010 (4B88CF3C)
fffff880`079d0000 fffff880`079f3000 mrxsmb20 mrxsmb20.sys Sat Feb 27 02:52:26 2010 (4B88CF3A)
fffff880`08000000 fffff880`08056000 hiber_Si3124r5 hiber_Si3124r5.sys Tue Jan 05 22:00:46 2010 (4B43FCDE)
fffff880`08056000 fffff880`08069000 hiber_dumpfve hiber_dumpfve.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
fffff880`08071000 fffff880`0807c000 asyncmac asyncmac.sys Mon Jul 13 20:10:13 2009 (4A5BCCE5)
fffff880`0807c000 fffff880`08086000 hiber_diskdump hiber_diskdump.sys Mon Jul 12 23:32:05 2010 (4C3BDE35)
fffff880`080c6000 fffff880`0815c000 srv srv.sys Thu Aug 26 23:38:00 2010 (4C773318)
fffff880`0815c000 fffff880`081af000 nwifi nwifi.sys Mon Jul 13 20:07:23 2009 (4A5BCC3B)
fffff880`081af000 fffff880`081c2000 ndisuio ndisuio.sys Mon Jul 13 20:09:25 2009 (4A5BCCB5)
Page 31ae82 not present in the dump file. Type ".hh dbgerr004" for details
fffff960`00020000 fffff960`00330000 win32k win32k.sys Tue Oct 19 23:08:46 2010 (4CBE5D3E)
Page 31a951 not present in the dump file. Type ".hh dbgerr004" for details
fffff960`005b0000 fffff960`005ba000 TSDDD TSDDD.dll Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff960`00680000 fffff960`006a7000 cdd cdd.dll Wed May 19 15:48:26 2010 (4BF4408A)
Page 316392 not present in the dump file. Type ".hh dbgerr004" for details
fffff960`00810000 fffff960`00871000 ATMFD ATMFD.DLL Tue Oct 19 23:05:45 2010 (4CBE5C89)

Unloaded modules:
fffff880`0807c000 fffff880`08086000 hiber_scsiport.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 0000A000
fffff880`08000000 fffff880`08056000 hiber_Si3124r5.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 00056000
fffff880`08056000 fffff880`08069000 hiber_dumpfve.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 00013000
fffff880`0807c000 fffff880`08086000 hiber_scsiport.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 0000A000
fffff880`08000000 fffff880`08056000 hiber_Si3124r5.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 00056000
fffff880`08056000 fffff880`08069000 hiber_dumpfve.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 00013000
fffff880`08000000 fffff880`08071000 spsys.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 00071000
fffff880`01846000 fffff880`01854000 crashdmp.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 0000E000
fffff880`01854000 fffff880`0185e000 dump_scsiport.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 0000A000
fffff880`04428000 fffff880`0447e000 dump_Si3124r5.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 00056000
fffff880`0447e000 fffff880`04491000 dump_dumpfve.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 00013000
Closing open log file c:debuglog.txt

 

Welcome to BBS,

Take a look in Task Manager and see if the file csrss.exe is using a lot of CPU. If it is that would suggest a corrupt profile. Follow this link to correct the problem

http://www.computerhope.com/issues/ch000916.htm

You should also check that there is only one instance of this file in Windows/System32, if you find it anywhere else it is most likley a virus.

Using Driver Verifier may help to identify any incompatible drivers, follow this guide.

 

Thanks for the help! I'll investigate with Driver Verifier.

I was reading your post, and it happened again. Right before it happened, I did the following things:

1) Resume from standby (it could just be my imagination, but these BSODs seem to happen in the neighborhood of standby resumes)
2) Checked email (Thunderbird)
3) Checked this forum
4) Checked Task Manager (sorted by CPU). Saw 2 csrss.exe processes like usual at 0%. Never really noticed much action with those processes. Both are from windows\system32. I thought this was normal?
5) Started browsing a network share (can't remember if it was an XP or Ubuntu machine)
6) BSOD!

Got this new response in the BSOD:

Dumping physical memory to disk : 80
Physical memory dump complete.
Physical memory dump FAILED with status 0xC0000001.

Waited a while and forced a button reset.

When I logged back in, tried to DebugWiz the file and it appears to have hung with this:

Opened log file 'c:debuglog.txt'

Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: C:\Windows;C:\Windows\system32;C:\Windows\system32\drivers
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02c5c000 PsLoadedModuleList = 0xfffff800`02e99e50
Debug session time: Mon Dec 20 14:22:26.840 2010 (UTC - 5:00)
System Uptime: 0 days 4:28:14.011
Loading Kernel Symbols
......................................................Missing image name, possible paged-out or corrupt data.
.*** WARNING: Unable to verify timestamp for Unknown_Module_00000000`00000000
Unable to add module at 00000000`00000000
Unable to read KLDR_DATA_TABLE_ENTRY at 00000000`00000000 - NTSTATUS 0xC0000147

WARNING: .reload failed, module list may be incomplete
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck F4, {3, fffffa800bd25b30, fffffa800bd25e10, fffff80002fd75d0}



Thanks again for the help!

 

Update: I reset my profile (that was a pain) and have been verifying drivers without incident for about 5 hours now (other than the massive slowdown that I assume is expected).

Any other ideas?

Thanks!

 

Well, that was timely. I submitted this post, finished demuxing an mp4, plugged in my iPhone (which triggered autoplay of MediaMonkey), and BSOD. The debug dump is even less useful than before:

Opened log file 'c:debuglog.txt'

Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: C:\Windows;C:\Windows\system32;C:\Windows\system32\drivers
Page 5a00580 too large to be in the dump file.
**************************************************************************
THIS DUMP FILE IS PARTIALLY CORRUPT.
KdDebuggerDataBlock is not present or unreadable.
**************************************************************************
Page 5a00580 too large to be in the dump file.
Unable to read PsLoadedModuleList
Page 5a00580 too large to be in the dump file.
**************************************************************************
THIS DUMP FILE IS PARTIALLY CORRUPT.
KdDebuggerDataBlock is not present or unreadable.
**************************************************************************
KdDebuggerData.KernBase < SystemRangeStart
Windows 7 Kernel Version 7600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Machine Name:
Kernel base = 0x00000000`00000000 PsLoadedModuleList = 0xfffff800`02e45e50
Debug session time: Mon Dec 20 20:41:15.865 2010 (UTC - 5:00)
System Uptime: 0 days 0:02:15.052
Page 5a00580 too large to be in the dump file.
**************************************************************************
THIS DUMP FILE IS PARTIALLY CORRUPT.
KdDebuggerDataBlock is not present or unreadable.
**************************************************************************
Page 5a00580 too large to be in the dump file.
Unable to read PsLoadedModuleList
Page 5a00580 too large to be in the dump file.
**************************************************************************
THIS DUMP FILE IS PARTIALLY CORRUPT.
KdDebuggerDataBlock is not present or unreadable.
**************************************************************************
KdDebuggerData.KernBase < SystemRangeStart
Loading Kernel Symbols
Page 5a00580 too large to be in the dump file.
Unable to read PsLoadedModuleList
GetContextState failed, 0xD0000147
CS descriptor lookup failed
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Page 5a00580 too large to be in the dump file.
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get program counter
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck C4, {e3, fffffa800c5ab081, 516f3b4, 0}

GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
***** Debugger could not find nt in module list, module list might be corrupt, error 0x80070057.

ReadControl failed - kernel symbols must be loaded first
ReadControl failed - kernel symbols must be loaded first
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
ReadControl failed - kernel symbols must be loaded first
ReadControl failed - kernel symbols must be loaded first
ReadControl failed - kernel symbols must be loaded first
ReadControl failed - kernel symbols must be loaded first
ReadControl failed - kernel symbols must be loaded first
ReadControl failed - kernel symbols must be loaded first
ReadControl failed - kernel symbols must be loaded first
ReadControl failed - kernel symbols must be loaded first
ReadControl failed - kernel symbols must be loaded first
Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )

Followup: MachineOwner
---------

?: kd> !analyze -v;r;kv;lmtn;.logclose;q
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get program counter
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
A device driver attempting to corrupt the system has been caught. This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 00000000000000e3, Kernel Zw API called with user-mode address as parameter.
Arg2: fffffa800c5ab081, Address inside the driver making the incorrect API call.
Arg3: 000000000516f3b4, User-mode address used as API parameter.
Arg4: 0000000000000000

Debugging Details:
------------------

GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
***** Debugger could not find nt in module list, module list might be corrupt, error 0x80070057.

ReadControl failed - kernel symbols must be loaded first
ReadControl failed - kernel symbols must be loaded first
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
ReadControl failed - kernel symbols must be loaded first
ReadControl failed - kernel symbols must be loaded first
ReadControl failed - kernel symbols must be loaded first
ReadControl failed - kernel symbols must be loaded first
ReadControl failed - kernel symbols must be loaded first
ReadControl failed - kernel symbols must be loaded first
ReadControl failed - kernel symbols must be loaded first
ReadControl failed - kernel symbols must be loaded first
ReadControl failed - kernel symbols must be loaded first

BUGCHECK_STR: 0xc4_e3

FAULTING_IP:
+3335336632366134
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
fffffa80`0c5ab081 ?? ???

FOLLOWUP_IP:
+3335336632366134
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
fffffa80`0c5ab081 ?? ???

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

STACK_TEXT:
GetContextState failed, 0xD0000147
Unable to get current machine context, NTSTATUS 0xC0000147


STACK_COMMAND: kb

SYMBOL_NAME: ANALYSIS_INCONCLUSIVE

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: Unknown_Module

IMAGE_NAME: Unknown_Image

DEBUG_FLR_IMAGE_TIMESTAMP: 0

BUCKET_ID: CORRUPT_MODULELIST

Followup: MachineOwner
---------

GetContextState failed, 0xD0000147
GetContextState failed, 0xD0000147
^ Unable to get program counter '!analyze -v;r;kv;lmtn;.logclose;q'



I trimmed out a few hundred more instances of "GetContextState failed, 0xD0000147 ".

I don't have any idea what to do with this.

 

There is a lot of corruption in this log and a mention of a suspect driver so to be on the safe side please follow the link below to have your PC checked for any infections.

 

Thanks for the continued assistance. I posted the malware results in the malware forum in case the experts over there will see something, but it doesn't appear to be a malware or virus issue. Also ran a full scan with updated ESET.

 

OK, the next thing to do is to run some tests on the hard drive and the memory. I see you have three memory sticks, take two out and run the PC with one at a time to see if the problems persist. Also go to the hard drive manufacturers site below, download and burn the image file to a CD and run the diagnostics. You need to boot the PC with the disc in the drive with boot order changed to CD drive 1st. I appreciate this PC is not very old so these tests are purely to illiminate this hardware from the diagnosis, on occassion these components do break down at an early age.

Please also try to run the PC in safe mode to see if the problems persist, but so as not to confuse the diagnosis not at the same time as checking the memory modules.

ExcelStor: http://www.excelstor.com/eng/support.php?sub_id=3

Hitachi/IBM: http://www.hitachigst.com/support/downloads/

Samsung: http://www.samsung.com/global/business/hdd/support/utilities/Support_HUTIL.html

Toshiba: http://sdd.toshiba.com/main.aspx?Path=ServicesSupport/FujitsuDrivesUSandCanada/SoftwareUtilities

Seagate, Maxtor & Quantum:http://www.seagate.com/www/en-us/support/downloads

Western Digital:http://support.wdc.com/product/download.asp?lang=en


Please follow this instruction below so we can see your system details.

 

Having posted the above I looked for your thread in the Malware forum and see Broni may be onto something, I would stick with him for now, then report back here to let us know what has happened.

Looking deeper into the last crash dump report it appears that there was some kind of problem during its creation. I am sure Broni will get to the root of the problem.

 

What is the best way for me to update these drivers? Thanks!

 

Uninstalled Check Point.
Can't find any updated drivers from Asus on the SATA stuff, but I'm running my lone drive as PCI-E, so may not be related anyway.
No updates for the PowerDVD driver.

secdrv.SYS stands out. Tried to research it, but came up empty. I don't understand why I need/want it. Can I just disable it?

markmadras, broni and I are pretty much done checking for malware and have come up empty. I haven't had a BSOD since the rash of them that brought me here in the first place, but I did have an oddity when I woke my machine from a long (few days) "sleep ". All of my apps had crashed (including explorer), and when I restarted explorer, I saw a few hundred entries like this in my event log (all with the same timestamp):

The device, \Device\Harddisk0\DR0, is not ready for access yet.

I am using an OCZ Revodrive, which is a PCI-E SSD and isn't subject to the typical drive failure problems. I'm sure it has its own type of failure issues, but I am unsure how to test that.

Thanks to everyone for the continued help. This is a great forum.

 

Secdrv.sys, as far as I can remember has something to do with copying DVD or CD's that have copy protection on them, so I would not worry about that causing issues, likewise for the PowerDVD. As you have not been able to find any updates for the SATA related drivers then the existing ones will be up to date.

As SSD's are fairly new and not used by many people I have no experience with them, but, as with all electronic equipment, things can go wrong. From this last set of errors at startup I would say that your SSD is failing. A search did not find any diagnostic software so there is little more I can suggest on this other than to return the drive to the place of purchase for a replacement. The only thing you could check is that the connections to the drive are firmly in place.

 

I agree. Probably not critical. But now that I'm looking into it, I'm wondering what it is! No games, so I guess it's something with PowerDVD. Oh well.

My apologies. I know someone else asked me to do that, and I just forgot. I don't have much more information that what I already included in the original post, but it's entered in the system now.

Thanks!

 

It may be entered but we still can't see it, try this:

My System shoud then appear in your profile box to the left of every post you have done.


Did you see my post No15, not had a repsonse, or do you disagree with my observations

 

Whoops! You should see it now.

I actually did not see your post 15 (victim of being the last post of the previous page). I tend to agree with your observation, and I will investigate returning the SSD. It would be unfortunate to go through all that hassle and have the problem remain, but at this point, I'm not seeing much other choice.

 

System specs are now available to all, many people make the same mistake

I think, considering the cost of the SSD (close to the cost of a complete PC) I would return it without hesitation if there is even a small suspicion that it may be malfunctioning.

I have read some information on SSD's and although they sound fabulous in theory, with an expected life cycle way beyond that of an HDD and even beyond the life expectancy of the owner and his or her childrens children, there will always be a percentage that fail at an early age.