System Crash

Hi!

I have an issure where, when I go into Windows Explorer - Tools and select the File Types tab, my system crashes. It also does this when I try to access my Panda AV config module or when I try to uninstall Panda AV. I can uninstall other progs fine, just can't get rid of this one. I've gone into safe mode and tried with no luck. Panda support hasn't been able to assist me with the prob as yet. The following is a memory dump file from today. If I could get assistance in deciphering what's going on and a way I can fix this I'd really appreciate it!

Thank you!

Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible
Built by: 2600.xpsp_sp2_rtm.040803-2158
Kernel base = 0x804d7000 PsLoadedModuleList = 0x805531a0
Debug session time: Thu Dec 30 20:38:20 2004
System Uptime: 0 days 0:03:19
start end module name
804d7000 806cd280 nt Checksum: 001FB94E Timestamp: Wed Aug 04 01:
58:36 2004 (41107B0C)

Unloaded modules:
b6ee3000 b6f0d000 kmixer.sys Timestamp: Thu Dec 30 20:36:46 2004 (41D4AD2E)

f8b80000 f8b82000 MSPQM.sys Timestamp: Thu Dec 30 20:36:21 2004 (41D4AD15)
b758c000 b75b6000 kmixer.sys Timestamp: Thu Dec 30 20:36:02 2004 (41D4AD02)

f8d3a000 f8d3b000 drmkaud.sys Timestamp: Thu Dec 30 20:35:46 2004 (41D4ACF2
)
b76be000 b76cb000 DMusic.sys Timestamp: Thu Dec 30 20:35:46 2004 (41D4ACF2)

b76ce000 b76dc000 swmidi.sys Timestamp: Thu Dec 30 20:35:46 2004 (41D4ACF2)

b75b6000 b75d9000 aec.sys Timestamp: Thu Dec 30 20:35:46 2004 (41D4ACF2)
f8b90000 f8b92000 splitter.sys Timestamp: Thu Dec 30 20:35:46 2004 (41D4ACF
2)
b7835000 b7849000 parport.sys Timestamp: Thu Dec 30 20:35:29 2004 (41D4ACE1
)
f8a16000 f8a1b000 Cdaudio.SYS Timestamp: Thu Dec 30 20:35:20 2004 (41D4ACD8
)
f7331000 f7334000 Sfloppy.SYS Timestamp: Thu Dec 30 20:35:20 2004 (41D4ACD8
)

Finished dump check

 

I'm not sure what that spew is from, but can you run This Tool on your dump

 

I apologize, I should have included this earlier if this helps any?

C:\Documents and Settings\Perry McCorkle>dumpchk c:\windows\memory.dmp
Loading dump file c:\windows\memory.dmp
----- 32 bit Kernel Summary Dump Analysis

DUMP_HEADER32:
MajorVersion 0000000f
MinorVersion 00000a28
DirectoryTableBase 0c9c8240
PfnDataBase 810a2000
PsLoadedModuleList 805531a0
PsActiveProcessHead 80559258
MachineImageType 0000014c
NumberProcessors 00000001
BugCheckCode 0000008e
BugCheckParameter1 c0000005
BugCheckParameter2 8062431e
BugCheckParameter3 b749d964
BugCheckParameter4 00000000
PaeEnabled 00000001
KdDebuggerDataBlock 80544ce0

SUMMARY_DUMP32:
DumpOptions 504d4453
HeaderSize 00006000
BitmapSize 0001ff30
Pages 00005aad
Bitmap.SizeOfBitMap 0001ff30

KiProcessorBlock at 80552020
1 KiProcessorBlock entries:
ffdff120

 

I want to help you, really. But i need you to run the dump you have through the debugwiz tool i linked to. It will open the dump inside a debugger and extract the key information. This will allow us to determine what crashed and usually why. if you are hesitant to run some random code off the internet (which you should be), then open the dump under the debugger and get a !analyze -v;kb;lmnt output and post it.

 

Is this ok?

KERNEL_MODE_EXCEPTION_NOT_HANDLED (8e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
An exception code of 0x80000002 (STATUS_DATATYPE_MISALIGNMENT) indicates
that an unaligned data reference was encountered. The trap frame will
supply additional information.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 8062431e, The address that the exception occurred at
Arg3: b749d964, Trap Frame
Arg4: 00000000

Debugging Details:

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx ". The memory could not be "%s ".

FAULTING_IP:
nt!CmpParseKey+510
8062431e ff5604 call dword ptr [esi+0x4]

TRAP_FRAME: b749d964 -- (.trap ffffffffb749d964)
.trap ffffffffb749d964
ErrCode = 00000000
eax=e1727150 ebx=000158a8 ecx=81a1fa70 edx=00000000 esi=ffffffff edi=cd2d6774
eip=8062431e esp=b749d9d8 ebp=b749dba0 iopl=0 nv up ei pl nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010202
nt!CmpParseKey+0x510:
8062431e ff5604 call dword ptr [esi+0x4] ds:0023:00000003=????????
.trap
Resetting default scope

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0x8E

LAST_CONTROL_TRANSFER: from 805b365e to 8062431e

STACK_TEXT:
b749dba0 805b365e 000158a8 00015770 8171c558 nt!CmpParseKey+0x510
b749dc28 805afb3f 00000000 b749dc68 00000040 nt!ObpLookupObjectName+0x56a
b749dc7c 8061a117 00000000 825c3870 00000001 nt!ObOpenObjectByName+0xeb
b749dd50 8053c808 01bbefbc 02000000 01bbed08 nt!NtOpenKey+0x1af
b749dd50 7c90eb94 01bbefbc 02000000 01bbed08 nt!KiFastCallEntry+0xf8
WARNING: Frame IP not in any known module. Following frames may be wrong.
01bbece4 00000000 00000000 00000000 00000000 0x7c90eb94


FOLLOWUP_IP:
nt!CmpParseKey+510
8062431e ff5604 call dword ptr [esi+0x4]

SYMBOL_STACK_INDEX: 0

FOLLOWUP_NAME: MachineOwner

SYMBOL_NAME: nt!CmpParseKey+510

MODULE_NAME: nt

IMAGE_NAME: ntkrnlpa.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 41107b0c

STACK_COMMAND: .trap ffffffffb749d964 ; kb

BUCKET_ID: 0x8E_nt!CmpParseKey+510

Followup: MachineOwner
---------

eax=ffdff13c ebx=8062431e ecx=00000000 edx=80541b06 esi=b749d910 edi=00000000
eip=804f8925 esp=b749d514 ebp=b749d52c iopl=0 nv up ei ng nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286
nt!KeBugCheckEx+0x1b:
804f8925 5d pop ebp
ChildEBP RetAddr Args to Child
b749d52c 804fc973 0000008e c0000005 8062431e nt!KeBugCheckEx+0x1b (FPO: [Non-Fpo])
b749d8f4 8053d251 b749d910 00000000 b749d964 nt!KiDispatchException+0x3b1 (FPO: [Non-Fpo])
b749d95c 8053d202 b749dba0 8062431e badb0d00 nt!CommonDispatchException+0x4d (FPO: [0,20,0])
b749d974 8062bff7 e1705008 e1af80f0 8062c0ef nt!Kei386EoiHelper+0x18a
b749d9d0 00010202 ffffffff 000158a8 8171c5fc nt!HvpGetCellMapped+0x9f (FPO: [Non-Fpo])
WARNING: Frame IP not in any known module. Following frames may be wrong.
00000008 00000000 00000000 00000000 00000000 0x10202
start end module name
804d7000 806cd280 nt ntkrnlpa.exe Wed Aug 04 01:58:36 2004 (41107B0C)
806ce000 806ee380 hal halaacpi.dll Wed Aug 04 01:59:05 2004 (41107B29)
b6ebb000 b6ee4f00 kmixer kmixer.sys Wed Aug 04 02:07:46 2004 (41107D32)
b727d000 b72bd380 HTTP HTTP.sys Wed Aug 04 02:00:09 2004 (41107B69)
b75d9000 b75ed400 wdmaud wdmaud.sys Wed Aug 04 02:15:03 2004 (41107EE7)
b761a000 b761c1e0 WFIOCTL WFIOCTL.SYS Tue Sep 09 21:53:07 2003 (3F5E8403)
b76de000 b76ecd80 sysaudio sysaudio.sys Wed Aug 04 02:15:54 2004 (41107F1A)
b77ce000 b7820180 srv srv.sys Wed Aug 04 02:14:44 2004 (41107ED4)
b7871000 b789d400 mrxdav mrxdav.sys Wed Aug 04 02:00:49 2004 (41107B91)
b9d26000 b9d3d480 dump_atapi dump_atapi.sys Wed Aug 04 01:59:41 2004 (41107B4D)
b9d3e000 b9d4e280 Udfs Udfs.SYS Wed Aug 04 02:00:27 2004 (41107B7B)
b9d4f000 b9d693e0 pfc027 pfc027.sys Thu Sep 18 04:50:18 2003 (3F6971CA)
b9d82000 b9d85280 ndisuio ndisuio.sys Wed Aug 04 02:03:10 2004 (41107C1E)
b9d92000 b9db2f00 ipnat ipnat.sys Wed Sep 29 18:28:36 2004 (415B3714)
b9db3000 b9e20680 mrxsmb mrxsmb.sys Wed Oct 27 21:14:16 2004 (418047E8)
b9e21000 b9e4ba00 rdbss rdbss.sys Wed Oct 27 21:13:57 2004 (418047D5)
b9e4c000 b9e6dd00 afd afd.sys Wed Aug 04 02:14:13 2004 (41107EB5)
b9e6e000 b9e95c00 netbt netbt.sys Wed Aug 04 02:14:36 2004 (41107ECC)
b9e96000 b9eeda80 tcpip tcpip.sys Wed Aug 04 02:14:39 2004 (41107ECF)
b9eee000 b9f00400 ipsec ipsec.sys Wed Aug 04 02:14:27 2004 (41107EC3)
b9f01000 b9f17d00 InCDfs InCDfs.SYS Mon Sep 13 05:54:06 2004 (41456E3E)
b9f48000 b9f56b00 pavdrv51 pavdrv51.sys Fri Oct 03 10:17:05 2003 (3F7D84E1)
b9fe4000 b9fe6580 hidusb hidusb.sys Fri Aug 17 17:02:16 2001 (3B7D8658)
b9fe8000 b9febb00 usbscan usbscan.sys Wed Aug 04 01:58:44 2004 (41107B14)
bf800000 bf9c0380 win32k win32k.sys Wed Aug 04 02:17:30 2004 (41107F7A)
bf9c1000 bf9d2580 dxg dxg.sys Wed Aug 04 02:00:51 2004 (41107B93)
bf9d3000 bfa0d000 ati2dvag ati2dvag.dll Tue Nov 30 22:12:50 2004 (41AD36B2)
bfa0d000 bfa4a000 ati2cqag ati2cqag.dll Tue Nov 30 21:26:49 2004 (41AD2BE9)
bfa4a000 bfc7cfc0 ati3duag ati3duag.dll Tue Nov 30 21:51:04 2004 (41AD3198)
bfc7d000 bfce7140 ativvaxx ativvaxx.dll Tue Nov 30 21:45:21 2004 (41AD3041)
f6e55000 f6e88200 update update.sys Wed Aug 04 01:58:32 2004 (41107B08)
f6e91000 f6e94180 usb8023 usb8023.sys Wed Aug 04 02:04:30 2004 (41107C6E)
f6ea9000 f6eab900 Dxapi Dxapi.sys Fri Aug 17 16:53:19 2001 (3B7D843F)
f6eb1000 f6ec1e00 psched psched.sys Wed Aug 04 02:04:16 2004 (41107C60)
f6f12000 f6f1ad80 HIDCLASS HIDCLASS.SYS Wed Aug 04 02:08:18 2004 (41107D52)
f6f52000 f6f60d80 arp1394 arp1394.sys Wed Aug 04 01:58:28 2004 (41107B04)
f6f62000 f6f78680 ndiswan ndiswan.sys Wed Aug 04 02:14:30 2004 (41107EC6)
f6f79000 f6f9c980 portcls portcls.sys Wed Aug 04 02:15:47 2004 (41107F13)
f6fbd000 f704a340 smwdm smwdm.sys Tue Jul 15 15:59:58 2003 (3F145D3E)
f704b000 f706de80 USBPORT USBPORT.SYS Wed Aug 04 02:08:34 2004 (41107D62)
f706e000 f71a42c0 AGRSM AGRSM.sys Fri Oct 08 10:51:06 2004 (4166A95A)
f71a5000 f71c7680 ks ks.sys Wed Aug 04 02:15:20 2004 (41107EF8)
f71c8000 f71f88a0 wf88vcap wf88vcap.sys Thu Feb 05 07:34:32 2004 (40223858)
f71f9000 f722fb00 yk51x86 yk51x86.sys Fri Nov 26 02:42:27 2004 (41A6DE63)
f7230000 f7243780 VIDEOPRT VIDEOPRT.SYS Wed Aug 04 02:07:04 2004 (41107D08)
f7244000 f7325000 ati2mtag ati2mtag.sys Tue Nov 30 22:12:28 2004 (41AD369C)
f732d000 f732f280 rasacd rasacd.sys Fri Aug 17 16:55:39 2001 (3B7D84CB)
f836d000 f8387580 Mup Mup.sys Wed Aug 04 02:15:20 2004 (41107EF8)
f8388000 f83b4a80 NDIS NDIS.sys Wed Aug 04 02:14:27 2004 (41107EC3)
f83b5000 f8441480 Ntfs Ntfs.sys Wed Aug 04 02:15:06 2004 (41107EEA)
f8442000 f8458780 KSecDD KSecDD.sys Wed Aug 04 01:59:45 2004 (41107B51)
f8459000 f846af00 sr sr.sys Wed Aug 04 02:06:22 2004 (41107CDE)
f846b000 f8489780 fltmgr fltmgr.sys Wed Aug 04 02:01:17 2004 (41107BAD)
f848a000 f84b1000 fasttx2k fasttx2k.sys Tue Aug 05 22:43:02 2003 (3F306B36)
f84b1000 f84c3e00 viasraid viasraid.sys Thu Oct 30 04:38:31 2003 (3FA0DC17)
f84c4000 f84db800 SCSIPORT SCSIPORT.SYS Wed Aug 04 01:59:39 2004 (41107B4B)
f84dc000 f84ee100 UlSata UlSata.sys Mon Jun 02 23:00:50 2003 (3EDC0F62)
f84ef000 f8506480 atapi atapi.sys Wed Aug 04 01:59:41 2004 (41107B4D)
f8507000 f8525880 ftdisk ftdisk.sys Fri Aug 17 16:52:41 2001 (3B7D8419)
f8526000 f8536a80 pci pci.sys Wed Aug 04 02:07:45 2004 (41107D31)
f8537000 f8564d80 ACPI ACPI.sys Wed Aug 04 02:07:35 2004 (41107D27)
f8666000 f866ec00 isapnp isapnp.sys Fri Aug 17 16:58:01 2001 (3B7D8559)
f8676000 f8684e80 ohci1394 ohci1394.sys Wed Aug 04 02:10:05 2004 (41107DBD)
f8686000 f8693000 1394BUS 1394BUS.SYS Wed Aug 04 02:10:03 2004 (41107DBB)
f8696000 f86a0500 MountMgr MountMgr.sys Wed Aug 04 01:58:29 2004 (41107B05)
f86a6000 f86b2c80 VolSnap VolSnap.sys Wed Aug 04 02:00:14 2004 (41107B6E)
f86b6000 f86bee00 disk disk.sys Wed Aug 04 01:59:53 2004 (41107B59)
f86c6000 f86d2200 CLASSPNP CLASSPNP.SYS Wed Aug 04 02:14:26 2004 (41107EC2)
f86f6000 f8700200 raspppoe raspppoe.sys Wed Aug 04 02:05:06 2004 (41107C92)
f8706000 f8711d00 raspptp raspptp.sys Wed Aug 04 02:14:26 2004 (41107EC2)
f8716000 f871e900 msgpc msgpc.sys Wed Aug 04 02:04:11 2004 (41107C5B)
f8756000 f875ff00 termdd termdd.sys Wed Aug 04 01:58:52 2004 (41107B1C)
f8796000 f879f480 NDProxy NDProxy.SYS Fri Aug 17 16:55:30 2001 (3B7D84C2)
f87a6000 f87ae4e0 WF88TUNE WF88TUNE.sys Thu Feb 05 07:34:31 2004 (40223857)
f87f6000 f8804100 usbhub usbhub.sys Wed Aug 04 02:08:40 2004 (41107D68)
f8816000 f881e700 netbios netbios.sys Wed Aug 04 02:03:19 2004 (41107C27)
f8826000 f882e880 Fips Fips.SYS Fri Aug 17 21:31:49 2001 (3B7DC585)
f8836000 f883e700 wanarp wanarp.sys Wed Aug 04 02:04:57 2004 (41107C89)
f8846000 f8855180 nic1394 nic1394.sys Wed Aug 04 01:58:28 2004 (41107B04)
f8856000 f8861e00 STREAM STREAM.SYS Wed Aug 04 02:07:58 2004 (41107D3E)
f8866000 f8870380 imapi imapi.sys Wed Aug 04 02:00:12 2004 (41107B6C)
f8876000 f8882180 cdrom cdrom.sys Wed Aug 04 01:59:52 2004 (41107B58)
f8886000 f8894080 redbook redbook.sys Wed Aug 04 01:59:34 2004 (41107B46)
f8896000 f88a2e00 i8042prt i8042prt.sys Wed Aug 04 02:14:36 2004 (41107ECC)
f88a6000 f88b5d80 serial serial.sys Wed Aug 04 02:15:51 2004 (41107F17)
f88b6000 f88c4b80 drmk drmk.sys Wed Aug 04 02:07:54 2004 (41107D3A)
f88c6000 f88cea00 processr processr.sys Wed Aug 04 01:59:14 2004 (41107B32)
f88d6000 f88e2880 rasl2tp rasl2tp.sys Wed Aug 04 02:14:21 2004 (41107EBD)
f88e6000 f88ec200 PCIIDEX PCIIDEX.SYS Wed Aug 04 01:59:40 2004 (41107B4C)
f88ee000 f88f2900 PartMgr PartMgr.sys Fri Aug 17 21:32:23 2001 (3B7DC5A7)
f88f6000 f88fa080 PxHelp20 PxHelp20.sys Fri Jan 03 17:10:17 2003 (3E160A49)
f88fe000 f8904900 viaagp1 viaagp1.sys Thu Dec 26 23:14:21 2002 (3E0BD39D)
f8926000 f892c180 HIDPARSE HIDPARSE.SYS Wed Aug 04 02:08:15 2004 (41107D4F)
f892e000 f8932500 watchdog watchdog.sys Wed Aug 04 02:07:32 2004 (41107D24)
f898e000 f8995580 Modem Modem.SYS Wed Aug 04 02:08:04 2004 (41107D44)
f8996000 f899c7c0 incdrm incdrm.SYS Tue Dec 30 07:38:51 2003 (3FF171DB)
f899e000 f89a5000 InCDPass InCDPass.sys Mon Sep 13 05:54:45 2004 (41456E65)
f89a6000 f89ab000 usbuhci usbuhci.sys Wed Aug 04 02:08:34 2004 (41107D62)
f89ae000 f89b4800 usbehci usbehci.sys Wed Aug 04 02:08:34 2004 (41107D62)
f89b6000 f89bc000 kbdclass kbdclass.sys Wed Aug 04 01:58:32 2004 (41107B08)
f89be000 f89c3a00 mouclass mouclass.sys Wed Aug 04 01:58:32 2004 (41107B08)
f89c6000 f89ccb00 fdc fdc.sys Wed Aug 04 01:59:25 2004 (41107B3D)
f89ce000 f89d2880 TDI TDI.SYS Wed Aug 04 02:07:47 2004 (41107D33)
f89d6000 f89da580 ptilink ptilink.sys Fri Aug 17 16:49:53 2001 (3B7D8371)
f89de000 f89e2080 raspti raspti.sys Fri Aug 17 16:55:32 2001 (3B7D84C4)
f89e6000 f89eb000 amdtools amdtools.sys Wed Oct 22 15:49:15 2003 (3F96DF3B)
f8a0e000 f8a13000 flpydisk flpydisk.sys Wed Aug 04 01:59:24 2004 (41107B3C)
f8a1e000 f8a23200 vga vga.sys Wed Aug 04 02:07:06 2004 (41107D0A)
f8a26000 f8a2aa80 Msfs Msfs.SYS Wed Aug 04 02:00:37 2004 (41107B85)
f8a2e000 f8a35880 Npfs Npfs.SYS Wed Aug 04 02:00:38 2004 (41107B86)
f8a3e000 f8a42320 asuskbnt asuskbnt.sys Sun Jul 20 23:04:08 2003 (3F1B5828)
f8a46000 f8a4d580 RNDISMP RNDISMP.SYS Wed Aug 04 02:04:27 2004 (41107C6B)
f8a5e000 f8a65b80 usbccgp usbccgp.sys Wed Aug 04 02:08:45 2004 (41107D6D)
f8a6e000 f8a74500 usbprint usbprint.sys Wed Aug 04 02:01:23 2004 (41107BB3)
f8a76000 f8a79000 BOOTVID BOOTVID.dll Fri Aug 17 16:49:09 2001 (3B7D8345)
f8b16000 f8b18240 pfc pfc.sys Sat Sep 29 07:27:03 2001 (3BB5B007)
f8b22000 f8b24600 Amps2prt Amps2prt.sys Wed Feb 26 05:28:33 2003 (3E5C96D1)
f8b26000 f8b29c80 serenum serenum.sys Wed Aug 04 01:59:06 2004 (41107B2A)
f8b2a000 f8b2c580 ndistapi ndistapi.sys Fri Aug 17 16:55:29 2001 (3B7D84C1)
f8b3a000 f8b3dc80 mssmbios mssmbios.sys Wed Aug 04 02:07:47 2004 (41107D33)
f8b66000 f8b67b80 kdcom kdcom.dll Fri Aug 17 16:49:10 2001 (3B7D8346)
f8b68000 f8b69100 WMILIB WMILIB.SYS Fri Aug 17 17:07:23 2001 (3B7D878B)
f8b6a000 f8b6b500 viaide viaide.sys Wed Aug 04 01:59:42 2004 (41107B4E)
f8b6c000 f8b6dde0 EIO EIO.sys Wed Jan 29 02:29:33 2003 (3E3782DD)
f8b86000 f8b87120 aeaudio aeaudio.sys Mon Apr 01 09:39:14 2002 (3CA87112)
f8b88000 f8b89100 swenum swenum.sys Wed Aug 04 01:58:41 2004 (41107B11)
f8b8a000 f8b8bfe0 WF88XBAR WF88XBAR.sys Thu Feb 05 07:34:33 2004 (40223859)
f8b96000 f8b97280 USBD USBD.SYS Fri Aug 17 17:02:58 2001 (3B7D8682)
f8ba6000 f8ba7f00 Fs_Rec Fs_Rec.SYS Fri Aug 17 16:49:37 2001 (3B7D8361)
f8ba8000 f8ba9080 Beep Beep.SYS Fri Aug 17 16:47:33 2001 (3B7D82E5)
f8baa000 f8bab080 mnmdd mnmdd.SYS Fri Aug 17 16:57:28 2001 (3B7D8538)
f8bac000 f8bad080 RDPCDD RDPCDD.sys Fri Aug 17 16:46:56 2001 (3B7D82C0)
f8bae000 f8bafe00 InCDrec InCDrec.SYS Mon Sep 13 05:58:10 2004 (41456F32)
f8bde000 f8bdf360 COMFiltr COMFiltr.sys Wed Sep 25 04:34:57 2002 (3D917531)
f8be4000 f8be5100 dump_WMILIB dump_WMILIB.SYS Fri Aug 17 17:07:23 2001 (3B7D878B)
f8c2c000 f8c2d660 Asusgio Asusgio.sys Mon Oct 06 08:08:02 2003 (3F815B22)
f8c7e000 f8c7ec00 audstub audstub.sys Fri Aug 17 16:59:40 2001 (3B7D85BC)
f8c8a000 f8c8ad00 dxgthk dxgthk.sys Fri Aug 17 16:53:12 2001 (3B7D8438)
f8d75000 f8d75b80 Null Null.SYS Fri Aug 17 16:47:39 2001 (3B7D82EB)
f8d7f000 f8d7fda0 aslm75 aslm75.sys Tue Apr 22 21:15:58 1997 (335D62CE)

Unloaded modules:
b6ee3000 b6f0d000 kmixer.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f8b80000 f8b82000 MSPQM.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b758c000 b75b6000 kmixer.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f8d3a000 f8d3b000 drmkaud.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b76be000 b76cb000 DMusic.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b76ce000 b76dc000 swmidi.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b75b6000 b75d9000 aec.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f8b90000 f8b92000 splitter.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
b7835000 b7849000 parport.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f8a16000 f8a1b000 Cdaudio.SYS
Timestamp: unavailable (00000000)
Checksum: 00000000
f7331000 f7334000 Sfloppy.SYS
Timestamp: unavailable (00000000)
Checksum: 00000000
Closing open log file c:\debuglog.txt

 

Thats odd. Pretty weird place to crash especially in the same place from user mode. Wonder if the calling app is passing in some garbage. Check your private messages, i sent you some followup instructions

 

fireside chats with a hosed registry key

Your machine is crashing when trying to access a registry key.
This key is \HKEY_LOCAL_MACHINE\Software\Classes\AccessControlEntry.

This should not occur. Ill bet if you just try to open it using regedit that your machine dies in exactly the same way.

You have registry corruption on that KCB or Cell or something. Bad news.

(at this point i IM'd dragonhead asking him to open regedit and browse to the above registy key. He went offline suddenly)


Dragonheadsays:
yo Ben!
Ben says:
Dude!!
Ben says:
looks like i found the problem
Dragonheadsays:
No bull!
Ben says:
whats your backup situation?
Dragonheadsays:
haven't had a chance to do one up......
Ben says:
this a new install?
Ben says:
new machine?
Dragonheadsays:
Pretty much well
Dragonheadsays:
the Nero software has backup capabilities to cd or dvd
Ben says:
the problem is your registry is corrupt
Ben says:
on that key
Ben says:
so we can try to fix it, but it will probably not work
Ben says:
in which case, i would say 'restore from backup'
Dragonheadsays:
ok that's obviously not an option here since i don't have a clean backup file
Ben says:
how long have you noticed this problem, when did it start, what had you done most reciently?
Dragonheadsays:
i've been tackling this for over two weeks or so now, going back and forth with the AV ppl and trying to find help at a microsoft newsgroup.
Ben says:
how overclocked is this machine?
Dragonheadsays:
really couldn't say, I didn't make any changes like that to it.
Ben says:
hmm
Ben says:
http://support.microsoft.com/default.aspx?scid=kb;en-us;822705&Product=winxp
Ben says:
this is whats next
Ben says:
skim over that. im looking to see if there is a utility to fix corrupt reg blocks out there.
Dragonheadsays:
will do
Ben says:
do you have a system restore point from before the problem started occuring?
Dragonheadsays:
there may well be one but this has been going for so long. I'm not sure if there's a restore point that far back like 2 weeks or so...
Ben says:
go ahead and check, thats our best hope for getting out of it.
Dragonheadsays:
restore points only go back 3 days.
Ben says:
doh!
Dragonheadsays:
the problem probably started when i lose power in my apt
Ben says:
XP is normally quite resiliant to registry damage. it scans it on boot and cleans it up pretty good.
Ben says:
yes, as u saw in that article, its the flush to disk on shutdown that is the most common vector for a registry to go kaput
Dragonheadsays:
would repair windows help any?
Ben says:
ok, so with no good SR point. we have a couple options, you can melt the machine down by copying over some old registry backups that were made when you installed the OS (see http://support.microsoft.com/?kbid=307545 ) or you can save your data, and nuke and pave
Ben says:
no, im afraid not, that only fixes files
Ben says:
Go look in \windows\repair and tell me the dates on those files
Dragonheadsays:
the oldest file autoexec.nt is 3.31.03 the remaining files are dated 12.10.04
Ben says:
that was your install date, correct? (12/10)
Dragonheadsays:
i do believe so yes
Ben says:
ok. if we use those files you lose all your programs and drivers and have to reinstall just like you had a fresh clean brand new install of windows that just finished
Dragonheadsays:
if that's what it takes no prob
Ben says:
We (microsoft) dont normally recommend using cleaners, so i dont have any experience with them. let me finish searching the web to make sure someone hasnt written a cool tool
Dragonheadsays:
ok
Ben says:
The only thing i see out there is this http://home.t-online.de/home/lars.hederer/erunt/ NTREGOPT utility. its used to 'compress' the registry, but if your lucky, that will fix the error in process. it looks pretty complicated

Ben says:
i do NOT endorse that route, but you dont have anything to lose at this point
Ben says:
i would go ahead and make a SOLID and VERIFIED backup of all your important data before going any further
Dragonheadsays:
understood
Ben says:
You can follow http://support.microsoft.com/?kbid=307545 to get your machine's registry wiped out back to install time (noting that youll need to reinstall everything), or just do a new install of windows. This would be my RecommendPathOfResolution(tm)
Ben says:
I would also add a regular system backup to your maintaince routine, since its now proven that this machine doesnt like power outages
Dragonheadsays:
indeed!
Ben says:
ok. Im sorry you are in a bad state. Sometimes these corruption issues are just too complex to be detected or easily fixed.
Dragonheadsays:
as i'm learning
Ben says:
good luck with it. make sure to post back with what you had to do for the next guy. if that tool works, id be interested to know about it as well.

 

and spring the 30$ for a UPS so this doesnt happen anymore!

 

Hey Ben!

The NTREGOPT prog worked like a charm! I accessed that registry key without any failures! Brilliant work my friend! Have a most excellent new year!

Perry

 

Fantastic! Thanks for following up.