HI Please can some tell me how to stop this BSOD I have pasted my dump file Regards Matt Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C:\Windows\Minidump\Mini062411-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols Executable search path is: Windows Server 2008/Windows Vista Kernel Version 6001 (Service Pack 1) MP (8 procs) Free x64 Product: LanManNt, suite: TerminalServer SingleUserTS Built by: 6001.18427.amd64fre.vistasp1_gdr.100218-0019 Machine Name: Kernel base = 0xfffff800`01c07000 PsLoadedModuleList = 0xfffff800`01dccdb0 Debug session time: Fri Jun 24 09:24:10.944 2011 (UTC + 1:00) System Uptime: 0 days 0:00:06.522 Loading Kernel Symbols ............................................................... ...................... Loading User Symbols Loading unloaded module list .. ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 1000007E, {ffffffffc0000005, fffffa6000a1baab, fffffa600217ee38, fffffa600217e810} Unable to load image tcpip.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for tcpip.sys *** ERROR: Module load completed but symbols could not be loaded for tcpip.sys Probably caused by : NETIO.SYS ( NETIO! ?? ::FNODOBFM::`string'+2eab ) Followup: MachineOwner --------- 3: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e) This is a very common bugcheck. Usually the exception address pinpoints the driver/function that caused the problem. Always note this address as well as the link date of the driver/image that contains this address. Some common problems are exception code 0x80000003. This means a hard coded breakpoint or assertion was hit, but this system was booted /NODEBUG. This is not supposed to happen as developers should never have hardcoded breakpoints in retail code, but ... If this happens, make sure a debugger gets connected, and the system is booted /DEBUG. This will let us see why this breakpoint is happening. Arguments: Arg1: ffffffffc0000005, The exception code that was not handled Arg2: fffffa6000a1baab, The address that the exception occurred at Arg3: fffffa600217ee38, Exception Record Address Arg4: fffffa600217e810, Context Record Address Debugging Details: ------------------ EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s. FAULTING_IP: NETIO! ?? ::FNODOBFM::`string'+2eab fffffa60`00a1baab 49393c0f cmp qword ptr [r15+rcx],rdi EXCEPTION_RECORD: fffffa600217ee38 -- (.exr 0xfffffa600217ee38) ExceptionAddress: fffffa6000a1baab (NETIO! ?? ::FNODOBFM::`string'+0x0000000000002eab) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 0000000000000000 Parameter[1]: 0000000000000000 Attempt to read from address 0000000000000000 CONTEXT: fffffa600217e810 -- (.cxr 0xfffffa600217e810) rax=0000000000000066 rbx=0000000000000000 rcx=0000000000000000 rdx=fffffa8006f26260 rsi=fffffa600217f230 rdi=0000000000000000 rip=fffffa6000a1baab rsp=fffffa600217f070 rbp=0000000000000066 r8=fffffa600217f230 r9=0000000000000004 r10=0000000000000001 r11=fffffa600217f1c8 r12=fffffa8006f26260 r13=fffffa600217f218 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei pl nz na pe nc cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010202 NETIO! ?? ::FNODOBFM::`string'+0x2eab: fffffa60`00a1baab 49393c0f cmp qword ptr [r15+rcx],rdi ds:002b:00000000`00000000=???????????????? Resetting default scope CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: NULL_DEREFERENCE PROCESS_NAME: System CURRENT_IRQL: 0 ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s. EXCEPTION_PARAMETER1: 0000000000000000 EXCEPTION_PARAMETER2: 0000000000000000 READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80001e30080 0000000000000000 FOLLOWUP_IP: NETIO! ?? ::FNODOBFM::`string'+2eab fffffa60`00a1baab 49393c0f cmp qword ptr [r15+rcx],rdi BUGCHECK_STR: 0x7E LAST_CONTROL_TRANSFER: from fffffa6000a0a311 to fffffa6000a1baab STACK_TEXT: fffffa60`0217f070 fffffa60`00a0a311 : 00000000`00000000 fffffa60`017dbc00 00000000`00000066 00000000`00000002 : NETIO! ?? ::FNODOBFM::`string'+0x2eab fffffa60`0217f0c0 fffffa60`00a0debd : fffffa60`0217f280 fffffa80`06f170d0 00000000`00000066 fffff880`00000000 : NETIO!NsiGetAllParametersEx+0x361 fffffa60`0217f1d0 fffffa60`03059405 : fffffa80`06f26260 00000000`00000000 fffffa80`06f1c870 00000000`00000000 : NETIO!NsiGetAllParameters+0xbd fffffa60`0217f270 fffffa80`06f26260 : 00000000`00000000 fffffa80`06f1c870 00000000`00000000 fffffa80`00000006 : tcpip+0x5405 fffffa60`0217f278 00000000`00000000 : fffffa80`06f1c870 00000000`00000000 fffffa80`00000006 fffffa80`06f26260 : 0xfffffa80`06f26260 SYMBOL_STACK_INDEX: 0 SYMBOL_NAME: NETIO! ?? ::FNODOBFM::`string'+2eab FOLLOWUP_NAME: MachineOwner MODULE_NAME: NETIO IMAGE_NAME: NETIO.SYS DEBUG_FLR_IMAGE_TIMESTAMP: 47919aa7 STACK_COMMAND: .cxr 0xfffffa600217e810 ; kb FAILURE_BUCKET_ID: X64_0x7E_NETIO!_??_::FNODOBFM::_string_+2eab BUCKET_ID: X64_0x7E_NETIO!_??_::FNODOBFM::_string_+2eab Followup: MachineOwner --------- 3: kd> lmvm NETIO start end module name fffffa60`00a05000 fffffa60`00a5d000 NETIO (pdb symbols) c:\symbols\netio.pdb\60925DD27F724CB7AEAB4F9151262B6D2\netio.pdb Loaded symbol image file: NETIO.SYS Mapped memory image file: c:\symbols\NETIO.SYS\47919AA758000\NETIO.SYS Image path: NETIO.SYS Image name: NETIO.SYS Timestamp: Sat Jan 19 06:37:27 2008 (47919AA7) CheckSum: 00062189 ImageSize: 00058000 File version: 6.0.6001.18000 Product version: 6.0.6001.18000 File flags: 0 (Mask 3F) File OS: 40004 NT Win32 File type: 3.6 Driver File date: 00000000.00000000 Translations: 0409.04b0 CompanyName: Microsoft Corporation ProductName: Microsoft® Windows® Operating System InternalName: netio.sys OriginalFilename: netio.sys ProductVersion: 6.0.6001.18000 FileVersion: 6.0.6001.18000 (longhorn_rtm.080118-1840) FileDescription: Network I/O Subsystem LegalCopyright: © Microsoft Corporation. All rights reserved.

Seems you have to install a hotfix based on this Kb article http://support.microsoft.com/kb/955734 However, in this forum, we do not provide debugging support. If you would like to perform debugging, please contact Microsoft Customer Support Service (CSS). To obtain the phone numbers for specific technology request, please refer to the website listed below: http://support.microsoft.com/default.aspx?scid=fh;EN-US;PHONENUMBERS If you are outside the US, please refer to http://support.microsoft.com for regional support phone numbers. http://www.virmansec.com/blogs/skhairuddin

Seems you have to install a hotfix based on this Kb article http://support.microsoft.com/kb/955734 However, in this forum, we do not provide debugging support. If you would like to perform debugging, please contact Microsoft Customer Support Service (CSS). To obtain the phone numbers for specific technology request, please refer to the website listed below: http://support.microsoft.com/default.aspx?scid=fh;EN-US;PHONENUMBERS If you are outside the US, please refer to http://support.microsoft.com for regional support phone numbers. http://www.virmansec.com/blogs/skhairuddin Thanks for the information Syed but the hot fix only list Vista and not Server 2008 do you know if there is a different hotfix for Server 2008. Regards Matt Anderson

Bug Check Code 0x1000007e: http://msdn.microsoft.com/en-us/library/ff557196(v=VS.85).aspx Try what is mentioned here: http://msdn.microsoft.com/en-us/library/ff559239(v=VS.85).aspx Try the hotfix that Syed suggested to update the netio.sys driver. It is applied on Windows Server 2008. If it does not help, update NIC drivers. You can also contact Microsoft CSS. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner 2010 / 2011 Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows 7, Configuring Microsoft Certified IT Professional: Enterprise Administrator

Hi, You may also try to update the NETIO.sys version by installing the Microsoft Security Bulletin MS10-058 or update to Windows Server 2008 Service Pack 1 to check the result. For more information regarding MS10-058, please refer to the following Microsoft KB article: MS10-058: Vulnerabilities in TCP/IP could allow elevation of privilege http://support.microsoft.com/kb/978886 If the issue persists, you may contact Microsoft Customer Service and Support (CSS) via telephone so that a dedicated Support Professional can assist with your request as other mentioned. To troubleshoot this kind of kernel crash issue, we need to debug the crashed system dump. Unfortunately, debugging is beyond what we can do in the forum. Please be advised that contacting phone support will be a charged call. To obtain the phone numbers for specific technology request please take a look at the web site listed below: http://support.microsoft.com/default.aspx?scid=fh;EN-US;OfferProPhone#faq607 Regards,Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.