Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

'kernel Memory Crash Dump'! Icons That Move On Their Own!


  • Please log in to reply
20 replies to this topic

#1 konigstiger

konigstiger

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:52 PM

Posted 12 August 2006 - 06:51 PM

I have 2 problems, (i think).

1. Sometimes, about once a week, I will be on the computer, and suddenly, w/o warning, the screen will go black for a few seconds, and then change to blue w/ white text saying: Something about a kernel memory crash dump. there is a counter going up in seconds, and some instructions saying restart your computer.... if you see this often... do something about BIO's... and then I restart it, and it works fine, i think, but if I run a chkdsk now, it comes up with piles of 'truncated files'.
I regularily run AVG AV (free), Lavasoft AD-Aware SE personal, and have Sunbelt 'Kerio Personal Firewall', Java Cool's 'Spyward Guard' and 'Spyware Blaster' running too. I also sometimes run TweakNow RegCleaner, and Spybot S&D My computer is a VPR Matrix, windows xp home, sp2 (and many other official updates installed too)
dxdiag shows these specs:
Time of this report: 8/12/2006, 18:44:02
Machine name: THUMPER
Operating System: Windows XP Home Edition (5.1, Build 2600) Service Pack 2 (2600.xpsp_sp2_gdr.050301-1519)
Language: English (Regional Setting: English)
System Manufacturer: vpr Matrix, Inc.
System : Personal Computer
BIOS: Default System BIOS
Processor: Intel® Pentium® 4 CPU 2.00GHz
Memory: 256MB RAM
Page File: 462MB used, 220MB available
Windows Dir: C:\WINDOWS
DirectX Version: DirectX 9.0c (4.09.0000.0904)
DX Setup Parameters: Not found
DxDiag Version: 5.03.2600.2180 32bit Unicode

2. My second problem seems a lot less major, sometimes when I am in an application, or folder, when I close it or minimize it, and look at the desktop, all the icons have moved around, usually scrunched against the left side of the screen.
any and all help is appreciated.

BC AdBot (Login to Remove)

 


#2 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:02:52 PM

Posted 12 August 2006 - 11:03 PM

I don't know if these two anomalies are related, but from what you have written it seems you have some type of setting wrong in the bios or you may need to update the bios.

What exactly does the message say?

#3 TMacK

TMacK

  • Members
  • 4,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B.C. Canada
  • Local time:12:52 PM

Posted 13 August 2006 - 12:24 AM

Have you installed memory.dmp or WinDbg? This is a program that will write a kernel dump of a crash.
When you have a crash you will get a Window that provides the option
to report the problem to Micro$oft. If you use this and if your
problem is one that is currently under investigation by MS you
will get a response that will request the memory dump,and it will go to Mico$oft for analysis.
For your Icon issue,place the Icons where you want them on your desktop and then right-click in an empty area of the desktop, put
the cursor over "Arrange icons by" and select "Lock the desktop". If it does not work try selecting "Align to Grid"
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.

aaaaaaaa a~Suzie Wagner

#4 konigstiger

konigstiger
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:52 PM

Posted 13 August 2006 - 12:44 PM

hmmm, next time I have a crash dump, I will write down exactly what it says, and post it...
I don't think I have either of those programs, If possible I will try to download one of them. thanks so far.

#5 TMacK

TMacK

  • Members
  • 4,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B.C. Canada
  • Local time:12:52 PM

Posted 13 August 2006 - 03:14 PM

This link might shed some light on the situation.
http://support.microsoft.com/kb/315263/
The Dump Check Utility is included with the Windows XP Support Tools.
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.

aaaaaaaa a~Suzie Wagner

#6 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:03:52 PM

Posted 13 August 2006 - 09:29 PM

Blue Screens are typically hardware errors - and it's been my experience that the large majority of them are due to driver corruption or errors.

Here's a link to a picture of a Blue Screen error. Use it to make sure that you get the information necessary to start troubleshooting this problem: http://www.bleepingcomputer.com/forums/t/40108/how-to-use-event-viewer/

The article also tells you how to find the information in your Event Viewer.

Finally, search your hard drive for files that end in .dmp and .mdmp - if you find them, you can use this tutorial to analyze the dump: http://forums.majorgeeks.com/showthread.php?t=35246

The !Analyze -v goes in the bar at the bottom of the window that the debugger runs in.

Just copy the dump info to your clipboard and paste it into a post here. From that we'll get an idea of where to start looking.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#7 konigstiger

konigstiger
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:52 PM

Posted 14 August 2006 - 09:58 AM

ok I ran the event viewer and it had tons of errors in applications, tons of success audits in securuty, and many informations w/ occasional warnings and errors mixed in.

I have about 7 or so minidumps files, and here is the first one (top), (I followed the tutorial):

Use !analyze -v to get detailed debugging information.

BugCheck D1, {0, 2, 0, f3b537fc}

Probably caused by : SYMTDI.SYS ( SYMTDI+1ac3f )

Followup: MachineOwner
---------

kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 00000000, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, value 0 = read operation, 1 = write operation
Arg4: f3b537fc, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS: 00000000

CURRENT_IRQL: 2

FAULTING_IP:
afd!AfdBReceiveEventHandler+5e
f3b537fc 668b06 mov ax,word ptr [esi]

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0xD1

TRAP_FRAME: f2e72984 -- (.trap fffffffff2e72984)
ErrCode = 00000000
eax=00000002 ebx=f2e72a30 ecx=0000001c edx=f2e72a00 esi=00000000 edi=827faa20
eip=f3b537fc esp=f2e729f8 ebp=f2e72a28 iopl=0 nv up ei pl nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010202
afd!AfdBReceiveEventHandler+0x5e:
f3b537fc 668b06 mov ax,word ptr [esi] ds:0023:00000000=????
Resetting default scope

LAST_CONTROL_TRANSFER: from f3b537fc to 804e187f

STACK_TEXT:
f2e72984 f3b537fc badb0d00 f2e72a00 f2e72a04 nt!KiTrap0E+0x233
f2e72a30 f3c23c3f 8261c5e0 827faa20 00000e20 afd!AfdBReceiveEventHandler+0x5e
WARNING: Stack unwind information not available. Following frames may be wrong.
f2e72a60 f3c23a42 81eb1e20 f2e72a9c 827faa20 SYMTDI+0x1ac3f
f2e72aa4 f3d52d18 824d0680 827faa20 00000e20 SYMTDI+0x1aa42
f2e72ae8 f3d509a7 f3c23950 824d0680 827faa20 fwdrv+0x22d18
f2e72b44 f3d5158e 81dc26d0 81da0038 00000168 fwdrv+0x209a7
f2e72b74 f3d51bfd 81dc26d0 00000001 81da0038 fwdrv+0x2158e
f2e72bc8 f3d33d63 81da0000 00000009 00e72c0c fwdrv+0x21bfd
f2e72be0 f3d31be9 81f3e280 81da0000 f2e72c08 fwdrv+0x3d63
f2e72bf0 f3d3311d 81da0000 00002038 00000000 fwdrv+0x1be9
f2e72c08 f3d3322b 824b6b28 00000034 0000000e fwdrv+0x311d
f2e72c24 f3d3331b 825aed30 824b6b28 f2e72c58 fwdrv+0x322b
f2e72c34 804e37f7 825aed30 824b6b28 806ee2d0 fwdrv+0x331b
f2e72c44 8056a101 824b6b98 827571a8 824b6b28 nt!IopfCallDriver+0x31
f2e72c58 80579a8a 825aed30 824b6b28 827571a8 nt!IopSynchronousServiceTail+0x60
f2e72d00 8057bfa5 00000468 00000000 00000000 nt!IopXxxControlFile+0x611
f2e72d34 804de7ec 00000468 00000000 00000000 nt!NtDeviceIoControlFile+0x2a
f2e72d34 7c90eb94 00000468 00000000 00000000 nt!KiFastCallEntry+0xf8
0760ae9c 00000000 00000000 00000000 00000000 0x7c90eb94


STACK_COMMAND: kb

FOLLOWUP_IP:
SYMTDI+1ac3f
f3c23c3f ?? ???

SYMBOL_STACK_INDEX: 2

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: SYMTDI

IMAGE_NAME: SYMTDI.SYS

DEBUG_FLR_IMAGE_TIMESTAMP: 4252d4ac

SYMBOL_NAME: SYMTDI+1ac3f

FAILURE_BUCKET_ID: 0xD1_SYMTDI+1ac3f

BUCKET_ID: 0xD1_SYMTDI+1ac3f

Followup: MachineOwner
---------

have fun with that, and thanks.

#8 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:03:52 PM

Posted 15 August 2006 - 02:44 PM

The file SYMTDI.SYS refers to a Norton or Symantec security file.

I'd suggest completely removing the Norton/Symantec product(s) and then installing another, more reliable (and free) program. A google search should let you find a Norton Removal Tool (I can't recall where it is).

Let us know what Norton/Symantec products that you're using so that we can recommend some free, quality alternatives.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#9 konigstiger

konigstiger
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:52 PM

Posted 15 August 2006 - 05:31 PM

hmm, lucky me, I was already planning to uninstall/get rid of Norton, because its terrible, Its currently completely disabled. I us AVG, and Clam AV, (free)

#10 Albert Frankenstein

Albert Frankenstein

  • Members
  • 2,707 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Michigan, USA
  • Local time:03:52 PM

Posted 15 August 2006 - 05:42 PM

Do not use two antivirus programs. Neither one will work correctly and together they can cause all sorts of buggy behavior on your computer.
ALBERT FRANKENSTEIN
I'M SO SMART IT'S SCARY!


Currently home chillin' with the fam and my two dogs!


#11 TMacK

TMacK

  • Members
  • 4,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B.C. Canada
  • Local time:12:52 PM

Posted 15 August 2006 - 07:05 PM

konigstiger,
Recently I had great success using the SymNRT Removal Tool. It can be found in This BC article.
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.

aaaaaaaa a~Suzie Wagner

#12 konigstiger

konigstiger
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:52 PM

Posted 15 August 2006 - 07:37 PM

^^ Clam AV, doesnt real time scan, it only does anything if i run it for a computer scan. I think this would eliminate problems.
^ I already found, downloaded and executed that exact program (it worked) thanks anyway though.

I have more error minidump logs, should I post them too?

Edited by konigstiger, 15 August 2006 - 07:40 PM.


#13 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:02:52 PM

Posted 16 August 2006 - 11:57 AM

Are you still experiencing the problems?

#14 konigstiger

konigstiger
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:03:52 PM

Posted 17 August 2006 - 09:23 AM

i havent had a blue screen for a few days, but I never got them more than once, or twice a week anyway. only time will tell...

#15 TMacK

TMacK

  • Members
  • 4,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B.C. Canada
  • Local time:12:52 PM

Posted 17 August 2006 - 10:22 AM

Did you get your Icon issue sorted out?
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.

aaaaaaaa a~Suzie Wagner




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users