Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

tcpip.sys blue screen


  • Please log in to reply

#1
vega83mv

vega83mv

    New Member

  • Member
  • Pip
  • 8 posts
Hi, I am new here.
I have a blue screen problem with win 7. I bought my computer (Asus k52j) 15 days ago and sometimes (every two or three days) I get a blue screen.
I'm using win 7 and ubuntu in different partitions.
I have two type of connection:
- at university --> with a remote connection and ethernet or wireless (an autentication is required)
- at home --> with wireless or ethernet connection without autentication but only with the pwd for the wireless.
So far I have had blue screens when I was at university.
The security programs installed in my computer are: Comodo Firewall, Avast.

The error that cause the blue screen is:

120710-17877-01.dmp	07/12/2010 12:55:30	DRIVER_IRQL_NOT_LESS_OR_EQUAL	0x000000d1	fffffa80`0d26c000	00000000`00000002	00000000`00000000	fffff880`01848e6a	tcpip.sys	tcpip.sys+48e6a					x64		C:\Windows\Minidump\120710-17877-01.dmp	4	15	7600

Attached there are also the minidump's files.
Could someone help me?

Thanks in advance

Attached Files


  • 0

Advertisements


#2
Drix

Drix

    Member

  • Member
  • PipPip
  • 49 posts
That seems suspect to me. I would recommend running this to scan for a TDSS rootkit infection. I would also recommend following these instructions to just make sure.
  • 0

#3
vega83mv

vega83mv

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
I have used the utility but there are not infection found. Last week I have also formated and restored the PC...
  • 0

#4
Drix

Drix

    Member

  • Member
  • PipPip
  • 49 posts
Here is a Microsoft kbase entry that was mentioned in social.microsoft for this same issue.
  • 0

#5
vega83mv

vega83mv

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Thank you very much. I have downloaded the update... I'll let you know..
  • 0

#6
Drix

Drix

    Member

  • Member
  • PipPip
  • 49 posts
<---- Already read the answer. It's been a long day.

Edited by Drix, 07 December 2010 - 03:29 PM.

  • 0

#7
vega83mv

vega83mv

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Nothing, the same problem :D :

120710-15740-01.dmp	07/12/2010 23:52:27	DRIVER_IRQL_NOT_LESS_OR_EQUAL	0x000000d1	fffffa80`0f2ad000	00000000`00000002	00000000`00000000	fffff880`0184c95a	tcpip.sys	tcpip.sys+4995a					x64		C:\Windows\Minidump\120710-15740-01.dmp	4	15	7600	

  • 0

#8
vega83mv

vega83mv

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
This is the debug code using windebug:


Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [c:\Users\Marco\Desktop\primo.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path.           *
* Use .symfix to have the debugger choose a symbol path.                   *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is: 
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
*                                                                   *
* The Symbol Path can be set by:                                    *
*   using the _NT_SYMBOL_PATH environment variable.                 *
*   using the -y <symbol_path> argument when starting the debugger. *
*   using .sympath and .sympath+                                    *
*********************************************************************
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02c57000 PsLoadedModuleList = 0xfffff800`02e94e50
Debug session time: Tue Dec  7 23:44:37.518 2010 (UTC + 1:00)
System Uptime: 0 days 1:41:25.017
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
*                                                                   *
* The Symbol Path can be set by:                                    *
*   using the _NT_SYMBOL_PATH environment variable.                 *
*   using the -y <symbol_path> argument when starting the debugger. *
*   using .sympath and .sympath+                                    *
*********************************************************************
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
...............................................................
................................................................
..............................................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck D1, {fffffa800f2ad000, 2, 0, fffff8800184c95a}

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!_KPRCB                                     ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!KPRCB                                      ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!_KPRCB                                     ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!KPRCB                                      ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!_KPRCB                                     ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!_KPRCB                                     ***
***                                                                   ***
*************************************************************************
*** WARNING: Unable to verify timestamp for tcpip.sys
*** ERROR: Module load completed but symbols could not be loaded for tcpip.sys
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!_KPRCB                                     ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!_KPRCB                                     ***
***                                                                   ***
*************************************************************************
Probably caused by : tcpip.sys ( tcpip+4995a )

Followup: MachineOwner

  • 0

#9
Drix

Drix

    Member

  • Member
  • PipPip
  • 49 posts
I'm beginning to suspect your memory. Follow these instructions and let me know the results.

EDIT for spacing

Edited by Drix, 07 December 2010 - 07:00 PM.

  • 0

#10
vega83mv

vega83mv

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
I have already done a test with memtest86 but the result is ok.
For you is an hardware problem?
  • 0

#11
Drix

Drix

    Member

  • Member
  • PipPip
  • 49 posts
Blue screens are very difficult to track down, so we eliminate them one by one. Next uninstall Komodo and if it repeats then uninstall avast.
  • 0

#12
vega83mv

vega83mv

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
I have uninstall Comodo...So far I haven't get other blue screen... I'm waiting... :D
  • 0

#13
Drix

Drix

    Member

  • Member
  • PipPip
  • 49 posts
**Crosses fingers** :D
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP