whatisthesolution
asked on
Blue screen error - Probably caused by : ntoskrnl.exe ( nt!ExFreePoolWithTag+436 ) ??? - 2003 ent ed.
Hi we got a blue screen on a 2003 server.
How can we track down what is causing the error?
As follows:
Microsoft (R) Windows Debugger Version 6.6.0007.5
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [H:\WINDOWS\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available
Symbol search path is: H:\Debugging_2003_server\S
Executable search path is:
Windows Server 2003 Kernel Version 3790 (Service Pack 1) UP Free x86 compatible
Product: Server, suite: Enterprise TerminalServer SingleUserTS
Built by: 3790.srv03_sp1_rtm.050324-
Kernel base = 0x80800000 PsLoadedModuleList = 0x808a8e48
Debug session time: Tue Feb 6 17:00:32.534 2007 (GMT+1)
System Uptime: 0 days 5:43:18.453
Loading Kernel Symbols
..........................
Loading User Symbols
Loading unloaded module list
..
**************************
* *
* Bugcheck Analysis *
* *
**************************
Use !analyze -v to get detailed debugging information.
BugCheck C2, {7, 121a, 320033, e205dbf8}
Probably caused by : ntoskrnl.exe ( nt!ExFreePoolWithTag+436 )
Followup: MachineOwner
---------
kd> !analyze -v
**************************
* *
* Bugcheck Analysis *
* *
**************************
BAD_POOL_CALLER (c2)
The current thread is making a bad pool request. Typically this is at a bad IRQL level or double freeing the same allocation, etc.
Arguments:
Arg1: 00000007, Attempt to free pool which was already freed
Arg2: 0000121a, (reserved)
Arg3: 00320033, Memory contents of the pool block
Arg4: e205dbf8, Address of the block of pool being deallocated
Debugging Details:
------------------
POOL_ADDRESS: e205dbf8 Paged pool
FREED_POOL_TAG: NtFU
BUGCHECK_STR: 0xc2_7_NtFU
DEFAULT_BUCKET_ID: DRIVER_FAULT
PROCESS_NAME: System
CURRENT_IRQL: 1
LAST_CONTROL_TRANSFER: from 80896586 to 80875d0e
STACK_TEXT:
f78beb20 80896586 000000c2 00000007 0000121a nt!KeBugCheckEx+0x1b
f78beb84 f71bef58 e205dbf8 00000000 e10ee0d0 nt!ExFreePoolWithTag+0x436
f78beb98 f719b4e5 89232b68 f78bebb4 89232b68 Ntfs!NtfsDeleteLcb+0xae
f78bebe0 f71c80a8 89232b68 8968b7f8 e1e77a10 Ntfs!NtfsTeardownFromLcb+0
f78bec38 f719ef5d 89232b68 e1e77ad8 00000000 Ntfs!NtfsTeardownStructure
f78bec64 f71cc5ae 89232b68 e1e77ad8 00000000 Ntfs!NtfsDecrementCloseCou
f78becec f71cef67 89232b68 e1e77ad8 e1e77a10 Ntfs!NtfsCommonClose+0x3a1
f78bed80 808203bd 00000000 00000000 8979a8d0 Ntfs!NtfsFspClose+0xe2
f78bedac 80905d2c 00000000 00000000 00000000 nt!ExpWorkerThread+0xeb
f78beddc 80828499 80820300 00000000 00000000 nt!PspSystemThreadStartup+
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!ExFreePoolWithTag+436
80896586 cc int 3
SYMBOL_STACK_INDEX: 1
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntoskrnl.exe
DEBUG_FLR_IMAGE_TIMESTAMP:
SYMBOL_NAME: nt!ExFreePoolWithTag+436
FAILURE_BUCKET_ID: 0xc2_7_NtFU_nt!ExFreePoolW
BUCKET_ID: 0xc2_7_NtFU_nt!ExFreePoolW
Followup: MachineOwner
---------
How can we track down what is causing the error?
As follows:
Microsoft (R) Windows Debugger Version 6.6.0007.5
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [H:\WINDOWS\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available
Symbol search path is: H:\Debugging_2003_server\S
Executable search path is:
Windows Server 2003 Kernel Version 3790 (Service Pack 1) UP Free x86 compatible
Product: Server, suite: Enterprise TerminalServer SingleUserTS
Built by: 3790.srv03_sp1_rtm.050324-
Kernel base = 0x80800000 PsLoadedModuleList = 0x808a8e48
Debug session time: Tue Feb 6 17:00:32.534 2007 (GMT+1)
System Uptime: 0 days 5:43:18.453
Loading Kernel Symbols
..........................
Loading User Symbols
Loading unloaded module list
..
**************************
* *
* Bugcheck Analysis *
* *
**************************
Use !analyze -v to get detailed debugging information.
BugCheck C2, {7, 121a, 320033, e205dbf8}
Probably caused by : ntoskrnl.exe ( nt!ExFreePoolWithTag+436 )
Followup: MachineOwner
---------
kd> !analyze -v
**************************
* *
* Bugcheck Analysis *
* *
**************************
BAD_POOL_CALLER (c2)
The current thread is making a bad pool request. Typically this is at a bad IRQL level or double freeing the same allocation, etc.
Arguments:
Arg1: 00000007, Attempt to free pool which was already freed
Arg2: 0000121a, (reserved)
Arg3: 00320033, Memory contents of the pool block
Arg4: e205dbf8, Address of the block of pool being deallocated
Debugging Details:
------------------
POOL_ADDRESS: e205dbf8 Paged pool
FREED_POOL_TAG: NtFU
BUGCHECK_STR: 0xc2_7_NtFU
DEFAULT_BUCKET_ID: DRIVER_FAULT
PROCESS_NAME: System
CURRENT_IRQL: 1
LAST_CONTROL_TRANSFER: from 80896586 to 80875d0e
STACK_TEXT:
f78beb20 80896586 000000c2 00000007 0000121a nt!KeBugCheckEx+0x1b
f78beb84 f71bef58 e205dbf8 00000000 e10ee0d0 nt!ExFreePoolWithTag+0x436
f78beb98 f719b4e5 89232b68 f78bebb4 89232b68 Ntfs!NtfsDeleteLcb+0xae
f78bebe0 f71c80a8 89232b68 8968b7f8 e1e77a10 Ntfs!NtfsTeardownFromLcb+0
f78bec38 f719ef5d 89232b68 e1e77ad8 00000000 Ntfs!NtfsTeardownStructure
f78bec64 f71cc5ae 89232b68 e1e77ad8 00000000 Ntfs!NtfsDecrementCloseCou
f78becec f71cef67 89232b68 e1e77ad8 e1e77a10 Ntfs!NtfsCommonClose+0x3a1
f78bed80 808203bd 00000000 00000000 8979a8d0 Ntfs!NtfsFspClose+0xe2
f78bedac 80905d2c 00000000 00000000 00000000 nt!ExpWorkerThread+0xeb
f78beddc 80828499 80820300 00000000 00000000 nt!PspSystemThreadStartup+
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!ExFreePoolWithTag+436
80896586 cc int 3
SYMBOL_STACK_INDEX: 1
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntoskrnl.exe
DEBUG_FLR_IMAGE_TIMESTAMP:
SYMBOL_NAME: nt!ExFreePoolWithTag+436
FAILURE_BUCKET_ID: 0xc2_7_NtFU_nt!ExFreePoolW
BUCKET_ID: 0xc2_7_NtFU_nt!ExFreePoolW
Followup: MachineOwner
---------
1003 is a SNMP configuration issue (typically)
does it occur when some one is connecting via terminal services.?????
does it occur when some one is connecting via terminal services.?????
ASKER
Hmm.... We have recieved one more on this machine.. So there is 3 types of stop errors. As follows:
Microsoft (R) Windows Debugger Version 6.6.0007.5
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [H:\WINDOWS\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available
Symbol search path is: H:\Debugging_2003_server\S
Executable search path is:
Windows Server 2003 Kernel Version 3790 (Service Pack 1) UP Free x86 compatible
Product: Server, suite: Enterprise TerminalServer SingleUserTS
Built by: 3790.srv03_sp1_rtm.050324-
Kernel base = 0x80800000 PsLoadedModuleList = 0x808a8e48
Debug session time: Thu Feb 8 08:01:59.611 2007 (GMT+1)
System Uptime: 0 days 12:24:30.048
Loading Kernel Symbols
..........................
Loading User Symbols
PEB is paged out (Peb.Ldr = 7ffdc00c). Type ".hh dbgerr001" for details
Loading unloaded module list
..
**************************
* *
* Bugcheck Analysis *
* *
**************************
Use !analyze -v to get detailed debugging information.
BugCheck 8E, {c0000005, 808960cd, adf30018, 0}
*** ERROR: Module load completed but symbols could not be loaded for naiavf5x.sys
Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+172 )
Followup: Pool_corruption
---------
kd> !analyze -v
**************************
* *
* Bugcheck Analysis *
* *
**************************
KERNEL_MODE_EXCEPTION_NOT_
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 808960cd, The address that the exception occurred at
Arg3: adf30018, Trap Frame
Arg4: 00000000
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".
FAULTING_IP:
nt!ExDeferredFreePool+172
808960cd 8937 mov dword ptr [edi],esi
TRAP_FRAME: adf30018 -- (.trap ffffffffadf30018)
ErrCode = 00000002
eax=e310a1c8 ebx=00000001 ecx=000001ff edx=e310a4d0 esi=00000000 edi=00000000
eip=808960cd esp=adf3008c ebp=adf300c4 iopl=0 nv up ei ng nz ac pe cy
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010297
nt!ExDeferredFreePool+0x17
808960cd 8937 mov dword ptr [edi],esi ds:0023:00000000=????????
Resetting default scope
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0x8E
PROCESS_NAME: explorer.exe
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from 808553d1 to 80875d0e
STACK_TEXT:
adf2fbe4 808553d1 0000008e c0000005 808960cd nt!KeBugCheckEx+0x1b
adf2ffa8 80823dca adf2ffc4 00000000 adf30018 nt!KiDispatchException+0x3
adf30010 80823d7e adf300c4 808960cd badb0d00 nt!CommonDispatchException
adf300c4 80895b90 897c4030 80a6ea90 00000000 nt!Kei386EoiHelper+0x182
adf300c4 80895b90 897c4030 80a6ea90 00000000 nt!ExFreePoolWithTag+0x54b
adf30118 809025b1 e252b8d8 e56b6f54 8979c040 nt!ExFreePoolWithTag+0x54b
adf30134 8090483c e252b8e8 00000000 8979c040 nt!ObpFreeObject+0x192
adf30148 80828af5 e252b900 00000000 890ea008 nt!ObpRemoveObjectRoutine+
adf30168 ada7949d 89491008 896dd12c ada796ac nt!ObfDereferenceObject+0x
WARNING: Stack unwind information not available. Following frames may be wrong.
adf3018c ada79736 00000000 ada7781e 8825c304 naiavf5x+0x1349d
adf301b4 ada747bd ffffffff 00000008 02100049 naiavf5x+0x13736
adf30200 ada6d933 895aa0b8 892c7dd0 02100049 naiavf5x+0xe7bd
adf30290 ada6de92 895a8008 895a8198 895aa0b8 naiavf5x+0x7933
adf302d8 ada68800 00000000 895aa0b8 88685690 naiavf5x+0x7e92
adf302ec 80828c95 893f8f08 895a8008 895a8008 naiavf5x+0x2800
adf30300 80907bfa adf304a8 89694bf0 00000000 nt!IofCallDriver+0x45
adf303e8 80902fad 89694c08 00000000 895dae00 nt!IopParseDevice+0xa35
adf30468 80906a15 00000000 adf304a8 00000040 nt!ObpLookupObjectName+0x5
adf304bc 8090613b 00000000 00000000 00000001 nt!ObOpenObjectByName+0xea
adf30538 8092b2c2 00cdec38 00100020 00cdebfc nt!IopCreateFile+0x447
adf30594 8091bd30 00cdec38 00100020 00cdebfc nt!IoCreateFile+0xa3
adf305d4 8082337b 00cdec38 00100020 00cdebfc nt!NtOpenFile+0x27
adf305d4 7c82ed54 00cdec38 00100020 00cdebfc nt!KiFastCallEntry+0xf8
00cdecc8 00000000 00000000 00000000 00000000 0x7c82ed54
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!ExDeferredFreePool+172
808960cd 8937 mov dword ptr [edi],esi
SYMBOL_STACK_INDEX: 0
FOLLOWUP_NAME: Pool_corruption
IMAGE_NAME: Pool_Corruption
DEBUG_FLR_IMAGE_TIMESTAMP:
SYMBOL_NAME: nt!ExDeferredFreePool+172
MODULE_NAME: Pool_Corruption
FAILURE_BUCKET_ID: 0x8E_nt!ExDeferredFreePool
BUCKET_ID: 0x8E_nt!ExDeferredFreePool
Followup: Pool_corruption
---------
Event Type: Error
Event Source: System Error
Event Category: (102)
Event ID: 1003
Date: 2/8/2007
Time: 10:48:00 AM
User: N/A
Computer:
Description:
Error code 1000008e, parameter1 c0000005, parameter2 808960cd, parameter3 adf30018, parameter4 00000000.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 53 79 73 74 65 6d 20 45 System E
0008: 72 72 6f 72 20 20 45 72 rror Er
0010: 72 6f 72 20 63 6f 64 65 ror code
0018: 20 31 30 30 30 30 30 38 1000008
0020: 65 20 20 50 61 72 61 6d e Param
0028: 65 74 65 72 73 20 63 30 eters c0
0030: 30 30 30 30 30 35 2c 20 000005,
0038: 38 30 38 39 36 30 63 64 808960cd
0040: 2c 20 61 64 66 33 30 30 , adf300
0048: 31 38 2c 20 30 30 30 30 18, 0000
0050: 30 30 30 30 0000
Microsoft (R) Windows Debugger Version 6.6.0007.5
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [H:\WINDOWS\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available
Symbol search path is: H:\Debugging_2003_server\S
Executable search path is:
Windows Server 2003 Kernel Version 3790 (Service Pack 1) UP Free x86 compatible
Product: Server, suite: Enterprise TerminalServer SingleUserTS
Built by: 3790.srv03_sp1_rtm.050324-
Kernel base = 0x80800000 PsLoadedModuleList = 0x808a8e48
Debug session time: Thu Feb 8 08:01:59.611 2007 (GMT+1)
System Uptime: 0 days 12:24:30.048
Loading Kernel Symbols
..........................
Loading User Symbols
PEB is paged out (Peb.Ldr = 7ffdc00c). Type ".hh dbgerr001" for details
Loading unloaded module list
..
**************************
* *
* Bugcheck Analysis *
* *
**************************
Use !analyze -v to get detailed debugging information.
BugCheck 8E, {c0000005, 808960cd, adf30018, 0}
*** ERROR: Module load completed but symbols could not be loaded for naiavf5x.sys
Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+172 )
Followup: Pool_corruption
---------
kd> !analyze -v
**************************
* *
* Bugcheck Analysis *
* *
**************************
KERNEL_MODE_EXCEPTION_NOT_
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 808960cd, The address that the exception occurred at
Arg3: adf30018, Trap Frame
Arg4: 00000000
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".
FAULTING_IP:
nt!ExDeferredFreePool+172
808960cd 8937 mov dword ptr [edi],esi
TRAP_FRAME: adf30018 -- (.trap ffffffffadf30018)
ErrCode = 00000002
eax=e310a1c8 ebx=00000001 ecx=000001ff edx=e310a4d0 esi=00000000 edi=00000000
eip=808960cd esp=adf3008c ebp=adf300c4 iopl=0 nv up ei ng nz ac pe cy
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010297
nt!ExDeferredFreePool+0x17
808960cd 8937 mov dword ptr [edi],esi ds:0023:00000000=????????
Resetting default scope
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0x8E
PROCESS_NAME: explorer.exe
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from 808553d1 to 80875d0e
STACK_TEXT:
adf2fbe4 808553d1 0000008e c0000005 808960cd nt!KeBugCheckEx+0x1b
adf2ffa8 80823dca adf2ffc4 00000000 adf30018 nt!KiDispatchException+0x3
adf30010 80823d7e adf300c4 808960cd badb0d00 nt!CommonDispatchException
adf300c4 80895b90 897c4030 80a6ea90 00000000 nt!Kei386EoiHelper+0x182
adf300c4 80895b90 897c4030 80a6ea90 00000000 nt!ExFreePoolWithTag+0x54b
adf30118 809025b1 e252b8d8 e56b6f54 8979c040 nt!ExFreePoolWithTag+0x54b
adf30134 8090483c e252b8e8 00000000 8979c040 nt!ObpFreeObject+0x192
adf30148 80828af5 e252b900 00000000 890ea008 nt!ObpRemoveObjectRoutine+
adf30168 ada7949d 89491008 896dd12c ada796ac nt!ObfDereferenceObject+0x
WARNING: Stack unwind information not available. Following frames may be wrong.
adf3018c ada79736 00000000 ada7781e 8825c304 naiavf5x+0x1349d
adf301b4 ada747bd ffffffff 00000008 02100049 naiavf5x+0x13736
adf30200 ada6d933 895aa0b8 892c7dd0 02100049 naiavf5x+0xe7bd
adf30290 ada6de92 895a8008 895a8198 895aa0b8 naiavf5x+0x7933
adf302d8 ada68800 00000000 895aa0b8 88685690 naiavf5x+0x7e92
adf302ec 80828c95 893f8f08 895a8008 895a8008 naiavf5x+0x2800
adf30300 80907bfa adf304a8 89694bf0 00000000 nt!IofCallDriver+0x45
adf303e8 80902fad 89694c08 00000000 895dae00 nt!IopParseDevice+0xa35
adf30468 80906a15 00000000 adf304a8 00000040 nt!ObpLookupObjectName+0x5
adf304bc 8090613b 00000000 00000000 00000001 nt!ObOpenObjectByName+0xea
adf30538 8092b2c2 00cdec38 00100020 00cdebfc nt!IopCreateFile+0x447
adf30594 8091bd30 00cdec38 00100020 00cdebfc nt!IoCreateFile+0xa3
adf305d4 8082337b 00cdec38 00100020 00cdebfc nt!NtOpenFile+0x27
adf305d4 7c82ed54 00cdec38 00100020 00cdebfc nt!KiFastCallEntry+0xf8
00cdecc8 00000000 00000000 00000000 00000000 0x7c82ed54
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!ExDeferredFreePool+172
808960cd 8937 mov dword ptr [edi],esi
SYMBOL_STACK_INDEX: 0
FOLLOWUP_NAME: Pool_corruption
IMAGE_NAME: Pool_Corruption
DEBUG_FLR_IMAGE_TIMESTAMP:
SYMBOL_NAME: nt!ExDeferredFreePool+172
MODULE_NAME: Pool_Corruption
FAILURE_BUCKET_ID: 0x8E_nt!ExDeferredFreePool
BUCKET_ID: 0x8E_nt!ExDeferredFreePool
Followup: Pool_corruption
---------
Event Type: Error
Event Source: System Error
Event Category: (102)
Event ID: 1003
Date: 2/8/2007
Time: 10:48:00 AM
User: N/A
Computer:
Description:
Error code 1000008e, parameter1 c0000005, parameter2 808960cd, parameter3 adf30018, parameter4 00000000.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 53 79 73 74 65 6d 20 45 System E
0008: 72 72 6f 72 20 20 45 72 rror Er
0010: 72 6f 72 20 63 6f 64 65 ror code
0018: 20 31 30 30 30 30 30 38 1000008
0020: 65 20 20 50 61 72 61 6d e Param
0028: 65 74 65 72 73 20 63 30 eters c0
0030: 30 30 30 30 30 35 2c 20 000005,
0038: 38 30 38 39 36 30 63 64 808960cd
0040: 2c 20 61 64 66 33 30 30 , adf300
0048: 31 38 2c 20 30 30 30 30 18, 0000
0050: 30 30 30 30 0000
ASKER
"Does it occur when some one is connecting via terminal services.?????"
Not that we know of...
Not that we know of...
ASKER
I would say that it happens more randomly, without saying to much....
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The stack trace of the second dump has the footprint of naiavf5x.sys (ie Mcafee Anti Virus Filter). What version of Mcafee Anti Virus Filter are you using?
adf3018c ada79736 00000000 ada7781e 8825c304 naiavf5x+0x1349d
adf301b4 ada747bd ffffffff 00000008 02100049 naiavf5x+0x13736
adf3018c ada79736 00000000 ada7781e 8825c304 naiavf5x+0x1349d
adf301b4 ada747bd ffffffff 00000008 02100049 naiavf5x+0x13736
ASKER
We have Network Associates (Mcafee) VirusScan Enterprise 8.0i Patch 13, and are planning for upgrading to 8.5. We havn't done that yet becasue the new version is very comprehensive and we need to dig through the docs before implementing it.
Ho w can we found out which version of the filter is running on the server? If you click "about" that info does not pop up..
Hm ram issue you say?
That is very anoying - We have just for about a month changed all ram blocks on this server due to corrupted ram blocks.
Ho w can we found out which version of the filter is running on the server? If you click "about" that info does not pop up..
Hm ram issue you say?
That is very anoying - We have just for about a month changed all ram blocks on this server due to corrupted ram blocks.
ASKER
Hmm looks like I'm all alone here! :-(
Anyhow if could get some help with the question towards the version of Mcafee Anti Virus Filter I would be very happy.
//whatisthesolution
Anyhow if could get some help with the question towards the version of Mcafee Anti Virus Filter I would be very happy.
//whatisthesolution
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi PowerIT,
Have you run those? Yup we did and it came out negative. Did not find anything.
We are running memtest and we will hopefully soon have result of that.
Have you run those? Yup we did and it came out negative. Did not find anything.
We are running memtest and we will hopefully soon have result of that.
ASKER
Hi guys- sorry for the time gone by - but we need to test it thoroughly to be sure.. - same thing again RAM error. That's quite annoying.. Ggrr
I'll split the pts between you cpc2004 and powerit.
thanks for the help.
whatisthesolution
I'll split the pts between you cpc2004 and powerit.
thanks for the help.
whatisthesolution
ASKER
Event Type: Error
Event Source: System Error
Event Category: (102)
Event ID: 1003
Date: 2/7/2007
Time: 12:33:26 PM
User: N/A
Computer:
Description:
Error code 000000c2, parameter1 00000007, parameter2 0000121a, parameter3 00320033, parameter4 e205dbf8.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 53 79 73 74 65 6d 20 45 System E
0008: 72 72 6f 72 20 20 45 72 rror Er
0010: 72 6f 72 20 63 6f 64 65 ror code
0018: 20 30 30 30 30 30 30 63 000000c
0020: 32 20 20 50 61 72 61 6d 2 Param
0028: 65 74 65 72 73 20 30 30 eters 00
0030: 30 30 30 30 30 37 2c 20 000007,
0038: 30 30 30 30 31 32 31 61 0000121a
0040: 2c 20 30 30 33 32 30 30 , 003200
0048: 33 33 2c 20 65 32 30 35 33, e205
0050: 64 62 66 38 dbf8
AND
Event Type: Error
Event Source: System Error
Event Category: (102)
Event ID: 1003
Date: 2/7/2007
Time: 12:32:53 PM
User: N/A
Computer:
Description:
Error code 1000008e, parameter1 c0000005, parameter2 8092c1f4, parameter3 aba29828, parameter4 00000000.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 53 79 73 74 65 6d 20 45 System E
0008: 72 72 6f 72 20 20 45 72 rror Er
0010: 72 6f 72 20 63 6f 64 65 ror code
0018: 20 31 30 30 30 30 30 38 1000008
0020: 65 20 20 50 61 72 61 6d e Param
0028: 65 74 65 72 73 20 63 30 eters c0
0030: 30 30 30 30 30 35 2c 20 000005,
0038: 38 30 39 32 63 31 66 34 8092c1f4
0040: 2c 20 61 62 61 32 39 38 , aba298
0048: 32 38 2c 20 30 30 30 30 28, 0000
0050: 30 30 30 30 0000