Sometimes when my PC is starting up, I get a blue screen immediately after the welcome screen. it happens 2/3 times. These are the problem details _______________________________________________________________________________________________________ Problem signature: Problem Event Name: BlueScreen OS Version: 6.1.7600.2.0.0.256.1 Locale ID: 1033 Additional information about the problem: BCCode: 3b BCP1: 00000000C0000005 BCP2: FFFFF80003299448 BCP3: FFFFF8800978E630 BCP4: 0000000000000000 OS Version: 6_1_7600 Service Pack: 0_0 Product: 256_1 Files that help describe the problem: C:\Windows\Minidump\012911-15584-01.dmp C:\Users\Bluegenie\AppData\Local\Temp\WER-49452-0.sysdata.xml Read our privacy statement online: http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409 If the online privacy statement is not available, please read our privacy statement offline: C:\Windows\system32\en-US\erofflps.txt _______________________________________________________________________________________________________ Please help me as soon as possible. Thanks! Here are some .dmp files that I've attached:- 012911-17269-01.dmp 012911-16068-01.dmp

Sometimes when my PC is starting up, I get a blue screen immediately after the welcome screen. it happens 2/3 times. These are the problem details _______________________________________________________________________________________________________ Problem signature: Problem Event Name: BlueScreen OS Version: 6.1.7600.2.0.0.256.1 Locale ID: 1033 Additional information about the problem: BCCode: 3b BCP1: 00000000C0000005 BCP2: FFFFF80003299448 BCP3: FFFFF8800978E630 BCP4: 0000000000000000 OS Version: 6_1_7600 Service Pack: 0_0 Product: 256_1 Files that help describe the problem: C:\Windows\Minidump\012911-15584-01.dmp C:\Users\Bluegenie\AppData\Local\Temp\WER-49452-0.sysdata.xml Read our privacy statement online: http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409 If the online privacy statement is not available, please read our privacy statement offline: C:\Windows\system32\en-US\erofflps.txt _______________________________________________________________________________________________________ Please help me as soon as possible. Thanks! Here are some .dmp files that I've attached:- 012911-17269-01.dmp 012911-16068-01.dmp Windows Debugger found a problem in ataport.sys file. What should I do?

Windows Debugger found a problem in ataport.sys file. What should I do? Check your HDD cable. Can you uplaod the dmps somewhere else? I can't download them. // Edit I got the dumps and it maybe casued by 1 of those 2 drivers: GEARAspiWDM.sys Mon May 18 14:17:04 2009 SCDEmu.SYS Tue Aug 07 17:19:48 2007 This driver provides virtual CD/DVD and can casue the ATAport issues. So update [1] the GEAR driver, please. The SCDEmu.SYS is part of PowerISO DVD Drive. So upodate or remove the tool. André [1] http://www.gearsoftware.com/support/drivers.php "A programmer is just a tool which converts caffeine into code" CLIP- Stellvertreter http://www.winvistaside.de/

The ataport.sys problem is solved but I got another Blue Screen and this time Windows Debugger found a problem in msrpc.sys file. The dump file is attached by me here.. 013011-19562-01.dmp

Bug Check 0xF7: DRIVER_OVERRAN_STACK_BUFFER This indicates that a driver has overrun a stack-based buffer. A driver has overrun a stack-based buffer. This overrun could potentially allow a malicious user to gain control of this machine. DESCRIPTION A driver overran a stack-based buffer (or local variable) in a way that would have overwritten the function's return address and jumped back to an arbitrary address when the function returned. This is the classic "buffer overrun" hacking attack and the system has been brought down to prevent a malicious user from gaining complete control of it. Do a kb to get a stack backtrace -- the last routine on the stack before the buffer overrun handlers and bugcheck call is the one that overran its local variable(s). http://msdn.microsoft.com/en-us/library/ff560389%28VS.85%29.aspx STACK_TEXT: nt!KeBugCheckEx msrpc!_report_gsfailure+0x26 msrpc!_GSHandlerCheck+0x13 nt!RtlpExecuteHandlerForException+0xd nt!RtlDispatchException+0x410 nt!KiDispatchException+0x16f nt!KiExceptionDispatch+0xc2 nt!KiGeneralProtectionFault+0x10a I checked what happens around the msrpc DLL and found this: fffff880`0975e220 fffff880`0113ae34 msrpc!__PchSym_ <PERF> (msrpc+0x14e34) fffff880`0975e228 fffff880`01133dc0 msrpc!NDR64_MEMSIZE_POINTER_QUEUE_ELEMENT::`vftable'+0x3b0 fffff880`0975e230 fffff880`01126000 msrpc!_security_check_cookie <PERF> (msrpc+0x0) fffff880`0975e238 fffff880`0975f0f8 fffff880`0975e240 fffff880`0975e2e0 fffff880`0975e248 fffff800`032a7a90 nt!RtlDispatchException+0x410 fffff880`0975e250 fffff880`01133e6c msrpc!NDR64_MEMSIZE_POINTER_QUEUE_ELEMENT::`vftable'+0x45c fffff880`0975e258 fffff880`0975e298 fffff880`0975e260 fffff880`0975f0f8 fffff880`0975e268 fffff880`01126000 msrpc!_security_check_cookie <PERF> (msrpc+0x0) fffff880`0975e270 00000000`00000001 fffff880`0975e278 00000000`00000000 fffff880`0975e280 00000000`00000000 fffff880`0975e288 fffffa80`061aa568 fffff880`0975e290 fffff880`0975f620 fffff880`0975e298 fffff880`01126000 msrpc!_security_check_cookie <PERF> (msrpc+0x0) 1: kd> dqs fffff880`0975e2a0 fffff880`01133e6c msrpc!NDR64_MEMSIZE_POINTER_QUEUE_ELEMENT::`vftable'+0x45c fffff880`0975e2a8 fffff880`0975e800 fffff880`0975e2b0 00000000`00000000 fffff880`0975e2b8 fffff880`0113ad14 msrpc!__PchSym_ <PERF> (msrpc+0x14d14) fffff880`0975e2c0 fffff880`09760000 fffff880`0975e2c8 fffff880`0975a000 fffff880`0975e2d0 00000000`00000000 fffff880`0975e2d8 fffff800`035896df nt!RtlpCopyEffectiveAce+0x1af fffff880`0975e2e0 fffff880`0114b05d msrpc!LRPC_BASE_BINDING_HANDLE::BaseBindingCopy+0x15d fffff880`0975e2e8 fffff880`01126000 msrpc!_security_check_cookie <PERF> (msrpc+0x0) fffff880`0975e2f0 fffff880`0113ad14 msrpc!__PchSym_ <PERF> (msrpc+0x14d14) fffff880`0975e2f8 fffff880`0975f620 fffff880`0975e300 00000000`00000000 fffff880`0975e308 fffff880`0975e330 fffff880`0975e310 fffff880`011276a4 msrpc!_GSHandlerCheck fffff880`0975e318 fffff880`01133e6c msrpc!NDR64_MEMSIZE_POINTER_QUEUE_ELEMENT::`vftable'+0x45c fffff880`0975e3e0 00000000`00000000 fffff880`0975e3e8 fffff800`03281992 nt!KiCommitThreadWait+0x1d2 fffff880`0975e3f0 fffff880`0975e800 fffff880`0975e428 fffff880`0114b37b msrpc!LRPC_FAST_BINDING_HANDLE::BindingCopy+0x8b fffff880`0975e430 fffff880`01100470*** WARNING: Unable to verify timestamp for mfehidk.sys *** ERROR: Module load completed but symbols could not be loaded for mfehidk.sys mfehidk+0x59470 fffff880`0975e438 fffff880`01100460 mfehidk +0x59460 Image path: \SystemRoot\system32\drivers\mfehidk.sys Image name: mfehidk.sys Timestamp: Wed Oct 06 21:55:49 2010 This is a McAfee driver. So update McAfee, too. André"A programmer is just a tool which converts caffeine into code" CLIP- Stellvertreter http://www.winvistaside.de/