BSOD 0x0000008E

[DaveThomas]

I need help please. I tried following the instructions to post something about the BSOD, but it won't let me run a System Health Report (when I try a window opens that looks like its the report but is just says, "Error"). I hope the dmp info is enough.
I have a HP Pavillion dv6768se I bought in 2008. It's running Vista Premium Home 32bit. I'm not positive on the OS info, and it's an OEM version. (I have never re-installed the OS.)
I am getting real mad b/c all I can do is open in safe mode, and there isn't much to do in safe mode.
My exact stop error is --> STOP: 0x0000008E (0xC0000005, 0x82091227, 0x998c591c, 0x00000000)
Thank you in advance.

 

[richc46]

Welcome to the Forum
You do show about a dozen of so reports, but they are mostly very old. Some go back to 09. Most do not show 8E. Would you please following the posting instuctions, again, so that we might have some current reports. The cause of a BSOD, today, may not be the same as a year ago.
http://www.vistax64.com/crashes-debugging/282419-blue-screen-death-bsod-posting-instructions.html

 

[DaveThomas]

That was quick! Thanks!

Here is the error I get when I try to do the system health report:

Am I doing something wrong? If I type in "perfmon /rep" and hit enter, then I get this:

Is this what I want? Where do I save it ... I tried saving this as HTML and opened the file and got a website that looked like a text file w/ a ton of 'A's on it.

I guess at this point I'm lost. I'll try it again, though.

I apologize for any confusion - I think I'm getting tired. Thanks for the help.

 

[richc46]

Sorry Dave
Its the same the most current is Jan 2011. Most of the rest go to 09 and 10. I think that you may not be set to write dumps. This is how you make sure
Go to your computer icon on desktop
Go to properties
Advanced
Start up and recovery
Makes sure you are set write the small dump reports

You must be doing it right because we have the right reports, just some seem to be missing
If you see that you have to reset, then wait for a new bsod and give us the dump then.

 

[DaveThomas]

I've attached it, but I think it's the same thing as before. I don't know how to perform a small dump ... I change it in the settings and then what do I do?
I was under the assumption, I restarted it and let the crash dump it. But when I do that, and log back on in safe mode and check the settings it's back to kernel dump again - and I think I'm getting the same dump as earlier (kernel).
This help is very appreciated, thanks.

 

[richc46]

Unfortunately the dumps are the same as before. What I will try is to find an 8E that is fairly current. I found one from Oct of last year. I will analyze that one and hope that it helps. Actually it should.

00000008E
Usual causes: Insufficient disk space, Device driver, Video card, BIOS, Breakpoint in startup without having a debugger attached, Hardware incompatibility, Faulty system service, 3rd party remote control, Memory

 icrosoft (R) Windows Debugger Version 6.11.0001.404 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
 
Loading Dump File [C:\Users\richc46\AppData\Local\Temp\Temp1_Windows_NT6_BSOD_jcgriff2 (3).zip\Windows_NT6_BSOD_jcgriff2\Mini091310-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows Server 2008/Windows Vista Kernel Version 6001 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6001.18145.x86fre.vistasp1_gdr.080917-1612
Machine Name:
Kernel base = 0x81c4d000 PsLoadedModuleList = 0x81d64c70
Debug session time: Mon Sep 13 18:58:25.179 2010 (GMT-4)
System Uptime: 20 days 1:00:02.174
Loading Kernel Symbols
...............................................................
................................................................
..................................
Loading User Symbols
Loading unloaded module list
..................................
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 1000008E, {c0000005, 8d366b3a, a9ab3754, 0}
Probably caused by : ntkrpamp.exe ( nt!PsCallImageNotifyRoutines+5e )
Followup: MachineOwner
---------
1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************
KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003.  This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG.  This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG.  This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 8d366b3a, The address that the exception occurred at
Arg3: a9ab3754, Trap Frame
Arg4: 00000000
Debugging Details:
------------------
 
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
FAULTING_IP: 
+12a
8d366b3a 0fb611          movzx   edx,byte ptr [ecx]
TRAP_FRAME:  a9ab3754 -- (.trap 0xffffffffa9ab3754)
ErrCode = 00000000
eax=fcdcc6d4 ebx=bb707758 ecx=6885d000 edx=0000005b esi=68840080 edi=00022000
eip=8d366b3a esp=a9ab37c8 ebp=a9ab3b4c iopl=0         nv up ei pl nz na po nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010202
8d366b3a 0fb611          movzx   edx,byte ptr [ecx]         ds:0023:6885d000=??
Resetting default scope
CUSTOMER_CRASH_COUNT:  1
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
BUGCHECK_STR:  0x8E
PROCESS_NAME:  BlackBerry Musi
CURRENT_IRQL:  0
LAST_CONTROL_TRANSFER:  from 81e7f8fe to 8d366b3a
STACK_TEXT:  
WARNING: Frame IP not in any known module. Following frames may be wrong.
a9ab3b4c 81e7f8fe 8679c3c0 00001fc0 a9ab3b9c 0x8d366b3a
a9ab3b74 81e7f6c2 8679c3c0 00001fc0 81d5a484 nt!PsCallImageNotifyRoutines+0x5e
a9ab3c18 81e71655 867419f0 84b9b3c8 a9ab3d14 nt!MiMapViewOfImageSection+0x812
a9ab3c88 81e71745 84b9b3c8 a9ab3d14 00000000 nt!MiMapViewOfSection+0x22a
a9ab3cb8 81e71952 aef6b2b8 84b9b3c8 a9ab3d14 nt!MmMapViewOfSection+0x2a
a9ab3d34 81ca4a1a 00000270 ffffffff 001bbed8 nt!NtMapViewOfSection+0x203
a9ab3d34 77b79a94 00000270 ffffffff 001bbed8 nt!KiFastCallEntry+0x12a
001bbec4 00000000 00000000 00000000 00000000 0x77b79a94
 
STACK_COMMAND:  kb
FOLLOWUP_IP: 
nt!PsCallImageNotifyRoutines+5e
81e7f8fe 8b4510          mov     eax,dword ptr [ebp+10h]
SYMBOL_STACK_INDEX:  1
SYMBOL_NAME:  nt!PsCallImageNotifyRoutines+5e
FOLLOWUP_NAME:  MachineOwner
MODULE_NAME: nt
IMAGE_NAME:  ntkrpamp.exe
DEBUG_FLR_IMAGE_TIMESTAMP:  48d1b7fa
FAILURE_BUCKET_ID:  0x8E_nt!PsCallImageNotifyRoutines+5e
BUCKET_ID:  0x8E_nt!PsCallImageNotifyRoutines+5e
Followup: MachineOwner
---------

Start with a memory test
Guide to using Memtest86+ - Geeks to Go Forums

 

[niemiro]

Hello!

Looks like a driver problem to me.

1: kd> .bugcheck
Bugcheck code [B][COLOR=Red]1000008E[/COLOR][/B]
Arguments [B][COLOR=Red]c0000005[/COLOR][/B] 8d366b3a a9ab3754 00000000

The bugcheck itself (1000008E) is very curious, and has plenty of possibilities. However, to get to the very crux of this bugcheck, parameter 1 (C0000005, STATUS_ACCESS_VIOLATION), a sub-bugcheck if you will, contains most of the information, and so needs to be analysed.

"STATUS_ACCESS_VIOLATION indicates that a memory access violation occurred."

We must make sure to understand the differences between probable cause, and probably causes. Probable causes includes everything likely, including hardware if we can't find a pattern. Probable cause is harder to find, and is what we actually believe the problem to be.

To be good at debugging BSoDs, ideally one must understand the mechanics of a computer, and the Assembly programming language. STATUS_ACCESS_VIOLATION screams "driver" at me. Oh, there are other causes and meanings, but I am going to take my Probably Cause (singular) as "driver".

We use the the d* commands (Display Memory) (d, da, db, dc, dd, dD, df, dp, dq, du, dw, dW, dyb, dyd) to do just that, display memory.

In this case, I am going to use db, just for ease (although not necessarily accuracy). db dumps "Byte values and ASCII characters."

For this one, I am going to dump the memory at the reference which caused the exception.

So this time, I am going to take the second parameter:

0: kd> .bugcheck
Bugcheck code 1000008E
Arguments c0000005 [B][COLOR=Red]8cd50b3a[/COLOR][/B] 81179754 00000000

and dump the memory at that location:

0: kd> db [B][COLOR=Red]8cd50b3a[/COLOR][/B]
8cd50b3a  0f b6 11 33 d0 81 e2 ff-00 00 00 c1 e8 08 33 04  ...3..........3.
8cd50b4a  95 08 2e d6 8c 41 ff 4c-24 04 75 e4 f7 d0 c2 04  .....A.L$.u.....
8cd50b5a  00 6a 00 ff 74 24 08 ff-15 58 30 d5 8c 6a 00 6a  .j..t$...X0..j.j
8cd50b6a  ff ff 15 74 30 d5 8c c2-14 00 56 33 f6 56 ff 74  ...t0.....V3.V.t
8cd50b7a  24 0c ff 15 58 30 d5 8c-56 56 56 56 ff 15 60 30  $...X0..VVVV..`0
8cd50b8a  d5 8c 50 ff 15 70 30 d5-8c 5e c2 14 00 6a 00 ff  ..P..p0..^...j..
8cd50b9a  74 24 08 ff 15 58 30 d5-8c 6a 00 ff 15 6c 30 d5  t$...X0..j...l0.
8cd50baa  8c c2 14 00 6a 00 ff 74-24 08 ff 15 58 30 d5 8c  ....j..t$...X0..

As a way to speed things up:

If you omit [I]Range[/I], the command will display memory starting at the ending  location of the last display command. If [I]Range[/I] is omitted and no previous  display command has been used, the display begins at the current instruction  pointer.

Be very wary of this! It is useful, but remember that if you start fiddling with the dump file, you can actually change where this command is going to start, and break your pattern. Read and fully understand the above!

Right, memory dumped, let's do some comparisons, between 0x1000008E dumps:

0: kd> db
8cd50b3a  0f b6 11 33 d0 81 e2 ff-00 00 00 c1 e8 08 33 04  ...3..........3.
8cd50b4a  95 08 2e d6 8c 41 ff 4c-24 04 75 e4 f7 d0 c2 04  .....A.L$.u.....
8cd50b5a  00 6a 00 ff 74 24 08 ff-15 58 30 d5 8c 6a 00 6a  .j..t$...X0..j.j
8cd50b6a  ff ff 15 74 30 d5 8c c2-14 00 56 33 f6 56 ff 74  ...t0.....V3.V.t
8cd50b7a  24 0c ff 15 58 30 d5 8c-56 56 56 56 ff 15 60 30  $...X0..VVVV..`0
8cd50b8a  d5 8c 50 ff 15 70 30 d5-8c 5e c2 14 00 6a 00 ff  ..P..p0..^...j..
8cd50b9a  74 24 08 ff 15 58 30 d5-8c 6a 00 ff 15 6c 30 d5  t$...X0..j...l0.
8cd50baa  8c c2 14 00 6a 00 ff 74-24 08 ff 15 58 30 d5 8c  ....j..t$...X0..

1: kd> db
8ca60b3a  0f b6 11 33 d0 81 e2 ff-00 00 00 c1 e8 08 33 04  ...3..........3.
8ca60b4a  95 08 2e a7 8c 41 ff 4c-24 04 75 e4 f7 d0 c2 04  .....A.L$.u.....
8ca60b5a  00 6a 00 ff 74 24 08 ff-15 58 30 a6 8c 6a 00 6a  .j..t$...X0..j.j
8ca60b6a  ff ff 15 74 30 a6 8c c2-14 00 56 33 f6 56 ff 74  ...t0.....V3.V.t
8ca60b7a  24 0c ff 15 58 30 a6 8c-56 56 56 56 ff 15 60 30  $...X0..VVVV..`0
8ca60b8a  a6 8c 50 ff 15 70 30 a6-8c 5e c2 14 00 6a 00 ff  ..P..p0..^...j..
8ca60b9a  74 24 08 ff 15 58 30 a6-8c 6a 00 ff 15 6c 30 a6  t$...X0..j...l0.
8ca60baa  8c c2 14 00 6a 00 ff 74-24 08 ff 15 58 30 a6 8c  ....j..t$...X0..

0: kd> db
8d366b3a  0f b6 11 33 d0 81 e2 ff-00 00 00 c1 e8 08 33 04  ...3..........3.
8d366b4a  95 08 8e 37 8d 41 ff 4c-24 04 75 e4 f7 d0 c2 04  ...7.A.L$.u.....
8d366b5a  00 6a 00 ff 74 24 08 ff-15 58 90 36 8d 6a 00 6a  .j..t$...X.6.j.j
8d366b6a  ff ff 15 74 90 36 8d c2-14 00 56 33 f6 56 ff 74  ...t.6....V3.V.t
8d366b7a  24 0c ff 15 58 90 36 8d-56 56 56 56 ff 15 60 90  $...X.6.VVVV..`.
8d366b8a  36 8d 50 ff 15 70 90 36-8d 5e c2 14 00 6a 00 ff  6.P..p.6.^...j..
8d366b9a  74 24 08 ff 15 58 90 36-8d 6a 00 ff 15 6c 90 36  t$...X.6.j...l.6
8d366baa  8d c2 14 00 6a 00 ff 74-24 08 ff 15 58 90 36 8d  ....j..t$...X.6.

8d366b3a  0f b6 11 33 d0 81 e2 ff-00 00 00 c1 e8 08 33 04  ...3..........3.
8d366b4a  95 08 8e 37 8d 41 ff 4c-24 04 75 e4 f7 d0 c2 04  ...7.A.L$.u.....
8d366b5a  00 6a 00 ff 74 24 08 ff-15 58 90 36 8d 6a 00 6a  .j..t$...X.6.j.j
8d366b6a  ff ff 15 74 90 36 8d c2-14 00 56 33 f6 56 ff 74  ...t.6....V3.V.t
8d366b7a  24 0c ff 15 58 90 36 8d-56 56 56 56 ff 15 60 90  $...X.6.VVVV..`.
8d366b8a  36 8d 50 ff 15 70 90 36-8d 5e c2 14 00 6a 00 ff  6.P..p.6.^...j..
8d366b9a  74 24 08 ff 15 58 90 36-8d 6a 00 ff 15 6c 90 36  t$...X.6.j...l.6
8d366baa  8d c2 14 00 6a 00 ff 74-24 08 ff 15 58 90 36 8d  ....j..t$...X.6.

1000007E:

1: kd> db 81e1b890
81e1b890  0f b7 0c 51 66 83 f9 61-72 41 66 83 f9 7a 77 08  ...Qf..arAf..zw.
81e1b8a0  0f b7 c9 83 e9 20 eb 36-8b 4e 04 0f b7 14 51 0f  ..... .6.N....Q.
81e1b8b0  b7 ca 8b f9 c1 ef 08 0f-b7 3c 78 8b d9 c1 eb 04  .........<x.....
81e1b8c0  83 e3 0f 03 fb 0f b7 3c-78 83 e1 0f 03 f9 66 8b  .......<x.....f.
81e1b8d0  0c 78 66 03 ca 8b 7d 08-8b 55 e4 0f b7 c9 8b 5f  .xf...}..U....._
81e1b8e0  04 66 89 0c 53 42 89 55-e4 8b 4d e0 eb 9b c7 45  .f..SB.U..M....E
81e1b8f0  fc fe ff ff ff c7 45 dc-00 00 00 00 e8 20 00 00  ......E...... ..
81e1b900  00 66 8b 06 66 89 07 33-c0 e8 bf ac e4 ff c2 0c  .f..f..3........

81e18890  0f b7 0c 51 66 83 f9 61-72 41 66 83 f9 7a 77 08  ...Qf..arAf..zw.
81e188a0  0f b7 c9 83 e9 20 eb 36-8b 4e 04 0f b7 14 51 0f  ..... .6.N....Q.
81e188b0  b7 ca 8b f9 c1 ef 08 0f-b7 3c 78 8b d9 c1 eb 04  .........<x.....
81e188c0  83 e3 0f 03 fb 0f b7 3c-78 83 e1 0f 03 f9 66 8b  .......<x.....f.
81e188d0  0c 78 66 03 ca 8b 7d 08-8b 55 e4 0f b7 c9 8b 5f  .xf...}..U....._
81e188e0  04 66 89 0c 53 42 89 55-e4 8b 4d e0 eb 9b c7 45  .f..SB.U..M....E
81e188f0  fc fe ff ff ff c7 45 dc-00 00 00 00 e8 20 00 00  ......E...... ..
81e18900  00 66 8b 06 66 89 07 33-c0 e8 bf ac e4 ff c2 0c  .f..f..3........

0: kd> db
81e51890  0f b7 0c 51 66 83 f9 61-72 41 66 83 f9 7a 77 08  ...Qf..arAf..zw.
81e518a0  0f b7 c9 83 e9 20 eb 36-8b 4e 04 0f b7 14 51 0f  ..... .6.N....Q.
81e518b0  b7 ca 8b f9 c1 ef 08 0f-b7 3c 78 8b d9 c1 eb 04  .........<x.....
81e518c0  83 e3 0f 03 fb 0f b7 3c-78 83 e1 0f 03 f9 66 8b  .......<x.....f.
81e518d0  0c 78 66 03 ca 8b 7d 08-8b 55 e4 0f b7 c9 8b 5f  .xf...}..U....._
81e518e0  04 66 89 0c 53 42 89 55-e4 8b 4d e0 eb 9b c7 45  .f..SB.U..M....E
81e518f0  fc fe ff ff ff c7 45 dc-00 00 00 00 e8 20 00 00  ......E...... ..
81e51900  00 66 8b 06 66 89 07 33-c0 e8 bf ac e4 ff c2 0c  .f..f..3........

1: kd> db
81e0b890  0f b7 0c 51 66 83 f9 61-72 41 66 83 f9 7a 77 08  ...Qf..arAf..zw.
81e0b8a0  0f b7 c9 83 e9 20 eb 36-8b 4e 04 0f b7 14 51 0f  ..... .6.N....Q.
81e0b8b0  b7 ca 8b f9 c1 ef 08 0f-b7 3c 78 8b d9 c1 eb 04  .........<x.....
81e0b8c0  83 e3 0f 03 fb 0f b7 3c-78 83 e1 0f 03 f9 66 8b  .......<x.....f.
81e0b8d0  0c 78 66 03 ca 8b 7d 08-8b 55 e4 0f b7 c9 8b 5f  .xf...}..U....._
81e0b8e0  04 66 89 0c 53 42 89 55-e4 8b 4d e0 eb 9b c7 45  .f..SB.U..M....E
81e0b8f0  fc fe ff ff ff c7 45 dc-00 00 00 00 e8 20 00 00  ......E...... ..
81e0b900  00 66 8b 06 66 89 07 33-c0 e8 bf ac e4 ff c2 0c  .f..f..3........

1: kd> db
81e4c890  0f b7 0c 51 66 83 f9 61-72 41 66 83 f9 7a 77 08  ...Qf..arAf..zw.
81e4c8a0  0f b7 c9 83 e9 20 eb 36-8b 4e 04 0f b7 14 51 0f  ..... .6.N....Q.
81e4c8b0  b7 ca 8b f9 c1 ef 08 0f-b7 3c 78 8b d9 c1 eb 04  .........<x.....
81e4c8c0  83 e3 0f 03 fb 0f b7 3c-78 83 e1 0f 03 f9 66 8b  .......<x.....f.
81e4c8d0  0c 78 66 03 ca 8b 7d 08-8b 55 e4 0f b7 c9 8b 5f  .xf...}..U....._
81e4c8e0  04 66 89 0c 53 42 89 55-e4 8b 4d e0 eb 9b c7 45  .f..SB.U..M....E
81e4c8f0  fc fe ff ff ff c7 45 dc-00 00 00 00 e8 20 00 00  ......E...... ..
81e4c900  00 66 8b 06 66 89 07 33-c0 e8 bf ac e4 ff c2 0c  .f..f..3........

81e56890  0f b7 0c 51 66 83 f9 61-72 41 66 83 f9 7a 77 08  ...Qf..arAf..zw.
81e568a0  0f b7 c9 83 e9 20 eb 36-8b 4e 04 0f b7 14 51 0f  ..... .6.N....Q.
81e568b0  b7 ca 8b f9 c1 ef 08 0f-b7 3c 78 8b d9 c1 eb 04  .........<x.....
81e568c0  83 e3 0f 03 fb 0f b7 3c-78 83 e1 0f 03 f9 66 8b  .......<x.....f.
81e568d0  0c 78 66 03 ca 8b 7d 08-8b 55 e4 0f b7 c9 8b 5f  .xf...}..U....._
81e568e0  04 66 89 0c 53 42 89 55-e4 8b 4d e0 eb 9b c7 45  .f..SB.U..M....E
81e568f0  fc fe ff ff ff c7 45 dc-00 00 00 00 e8 20 00 00  ......E...... ..
81e56900  00 66 8b 06 66 89 07 33-c0 e8 bf ac e4 ff c2 0c  .f..f..3........

Do you see that pattern! Yes, there are some subtle differences at times. This is to be expected in normal memory, because memory isn't like an .exe file. It is designed to be constantly changing - it holds variables.

But I think that that is enough evidence to go on to say that it come from such a similar area in memory that it is most likely a driver. And although I have no evidence for this, I wouldn't be surprised if the 1000008e and 1000007e faulty driver were one and the same (and these bugchecks themselves point to a driver)

Richard

 

[DaveThomas]

Thanks Richard (niemiro),

That's a lot of good info, but what do you suggest I do?

 

[richc46]

It would be my suggestion, that if the memory test is negative, try a driver verifier.
Read and understand the warnings

Driver Verifier Inst

Since the driver that crashed you has not been listed you shouldrun driver verifier
Please run Verifier with these settings:

Using Driver Verifier is an iffy proposition. Most times it'll crash and it'lltell you what the driver is. But sometimes it'll crash and won't tell you thedriver. Other times it'll crash before you can log in to Windows. If you can'tget to Safe Mode, then you'll have to resort to offline editing of the registryto disable Driver Verifier.
So, I'd suggest that you first backup your stuff and then make sure you've gotaccess to another computer so you can contact us if problems arise. Then make aSystem Restore point (so you can restore the system using the Vista/Windows 7Startup Repair feature).
Then, here's the procedure:
- Go to Start and type in "verifier" (without the quotes) and pressEnter
- Select "Create custom settings (for code developers)" and click"Next"
- Select "Select individual settings from a full list" and click"Next"
- Select everything EXCEPT FOR "Low Resource Simulation" and click"Next"
NOTE: You can use Low Resource Simulation if you'd like. From my limitedexperimentation it makes the BSOD's come faster.
- Select "Select driver names from a list" and click "Next"
Then select all drivers NOT provided by Microsoft and click "Next"
- Select "Finish" on the next page.
Reboot the system and wait for it to crash to the Blue Screen. Continue to useyour system normally, and if you know what causes the crash, do thatrepeatedly. The objective here is to get the system to crash because DriverVerifier is stressing the drivers out. If it doesn't crash for you, then let itrun for at least 36 hours of continuous operation (an estimate on my part).
Reboot into Windows (after the crash) and turn off Driver Verifier by goingback in and selecting "Delete existing settings" on the first page,then locate and zip up the memory dump file and upload it with your next post.
If you can't get into Windows because it crashes too soon, try it in Safe Mode.
If you can't get into Safe Mode, try using System Restore from yourinstallation DVD to set the system back to the previous restore point that youcreated.

Enable the driver verifier

www.sevenforums.com/crash-lockup-debug-how/65331-using-driver-verifier-identify-issues-drivers.html