Well some of you may or may not remember me posting a while back with some serious bsod troubles.....in the end I decided to cough up a few bucks and take my pc out to a technician....they said they found the problem....it was supposedly my chip on the mobo....so it was sent out to asus for a replacement......to make long story short all this took over a month and I just got my pc back this saturday....and in 3 days I had 3 BSODs.....so naturally I was a bit ticked and decided to do some more digging....as far as I can remember I was getting pretty much the same problem as before....just nowhere near as often....( i will attach my mini dumps at the end of this post)....after some playing around with the WinDbg I think I found the problem.... it says that its " ntoskrnl.exe" (I got the symbols from microsoft, loaded my dumb, typed in !analyze –v and voila.... this is what i got ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck D1, {1e0, 2, 0, 1e0} ***** Kernel symbols are WRONG. Please fix symbols to do analysis. Probably caused by : ntoskrnl.exe ( nt+2c1bb ) Followup: MachineOwner --------- kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If kernel debugger is available get stack backtrace. Arguments: Arg1: 000001e0, memory referenced Arg2: 00000002, IRQL Arg3: 00000000, value 0 = read operation, 1 = write operation Arg4: 000001e0, address which referenced memory Debugging Details: ------------------ ***** Kernel symbols are WRONG. Please fix symbols to do analysis. MODULE_NAME: nt FAULTING_MODULE: 804d0000 nt DEBUG_FLR_IMAGE_TIMESTAMP: 3b7de38f READ_ADDRESS: unable to get nt!MmSpecialPoolStart unable to get nt!MmSpecialPoolEnd unable to get nt!MmPoolCodeStart unable to get nt!MmPoolCodeEnd 000001e0 CURRENT_IRQL: 2 FAULTING_IP: +1e0 000001e0 ?? ??? CUSTOMER_CRASH_COUNT: 2 DEFAULT_BUCKET_ID: DRIVER_FAULT BUGCHECK_STR: 0xD1 LAST_CONTROL_TRANSFER: from 00000000 to 804fc1bb FAILED_INSTRUCTION_ADDRESS: +1e0 000001e0 ?? ??? STACK_TEXT: 8053bc6c 00000000 000001e0 00000002 00000000 nt+0x2c1bb STACK_COMMAND: kb FOLLOWUP_IP: nt+2c1bb 804fc1bb ?? ??? FAULTING_SOURCE_CODE: SYMBOL_STACK_INDEX: 0 FOLLOWUP_NAME: MachineOwner SYMBOL_NAME: nt+2c1bb IMAGE_NAME: ntoskrnl.exe BUCKET_ID: WRONG_SYMBOLS Followup: MachineOwner --------- I did some googleing but couldn't dfind any concrete answers....do you guys have any suggestions on what is next or what exactly is causing the problem? (As in...what is this ntoskrnl.exe) here is are the memory dumps... http://s38.yousendit.com/d.aspx?id=0L7EYGNFDKI6L2XY80TIST1DYL http://s38.yousendit.com/d.aspx?id=1XJ9YOYFLZY4P1XK1RFE03DYBP http://s38.yousendit.com/d.aspx?id=04KUS77VP65YC1AB3G6JTFIAYH note: I only did the analasys for the first (latest) dump... any help would be really appreciated... my specs are as follows AMD Athlon 3000+ Asus A8N SLI Deluxe 512x2 RAM Radeon X300 Graphics Card Audigy 2 sound card (Integrated) a 450W power supply (can't remember the brand) Maxtor 200GB SATA HDD (Slave) Western Digital 120 GB IDE HDD (Master)
If the ntoskrnl.exe file is corrupt or missing this can also generate the error. To restore this file follow the below steps. Insert the Microsoft Windows XP CD. Note: If you have a recovery CD or a restore CD and not a Microsoft Windows XP CD it is likely the below steps will not resolve your issue. Reboot the computer, as the computer is starting you should see a message to press any key to boot from the CD. When you see this message press any key. In the Microsoft Windows XP setup menu press the R key to enter the recovery console. Select the operating system you wish to fix, and then enter the administrator password. Type expand d:\i386\ntoskrnl.ex_ c:\windows\system32 You will then be prompted if you wish to overwrite the file type Y and press enter to overwrite the file. Type exit to reboot the computer. It sounds like a virus of some sort to me??
