I've been getting the blue screen consistently for several weeks now and dispite my trying and troubleshooting I can't find a cause. So far I've reinstalled Windows 7 RC, stopped using Kaspersky (I read it was causing problems for some), completely removed my video card, checked the memory and the HDD... I'm at the end of my rope.Hopefully you fine folks can help me figure this pickle out? Let me know what I can provide that may help. For now here are two instances since I reinstalled Win7 RC:Problem signature: Problem Event Name:BlueScreen OS Version:6.1.7100.2.0.0.256.1 Locale ID:4105 Additional information about the problem: BCCode:1000007e BCP1:FFFFFFFFC0000005 BCP2:FFFFF800028C8E49 BCP3:FFFFF880009A99D8 BCP4:FFFFF880009A9230 OS Version:6_1_7100 Service Pack:0_0 Product:256_1Problem signature: Problem Event Name:BlueScreen OS Version:6.1.7100.2.0.0.256.1 Locale ID:4105 Additional information about the problem: BCCode:3b BCP1:00000000C0000005 BCP2:FFFFF960000E27BF BCP3:FFFFF880020250C0 BCP4:0000000000000000 OS Version:6_1_7100 Service Pack:0_0 Product:256_1Here's another one I just got:Problem signature: Problem Event Name:BlueScreen OS Version:6.1.7100.2.0.0.256.1 Locale ID:4105 Additional information about the problem: BCCode:d1 BCP1:FFFFF8800128035C BCP2:0000000000000002 BCP3:0000000000000000 BCP4:FFFFF8800128035C OS Version:6_1_7100 Service Pack:0_0 Product:256_1

Hi,you need to analyse memory dump files from C:\Windows\minidump using http://www.microsoft.com/whdc/devtools/debugging/default.mspxIf you are not familiar with it - you can send me these files to zhukovx(at)gmail.com (add these files to zip folder), I'll try to help you.My English is not very well.

What kind of information is contained in the dump files? Do they contain any records of usernames or passwords?

Dump fileis created when an application (for example) crashes,there is no any personal info in it. Dump file records the smallest set of useful information that may help identify why your computer has stopped unexpectedly.Debugging results are listed below:BUGCHECK_STR: 0x3B PROCESS_NAME: csrss.exe CURRENT_IRQL: 0 LAST_CONTROL_TRANSFER: from 0000000000000000 to fffff960000e27bf STACK_TEXT: fffff880`02025aa0 00000000`00000000 : 00000000`00000001 00000000`00000004 fffff800`02894407 00000000`00000001 : win32k+0xc27bf FOLLOWUP_IP: win32k+c27bffffff960`000e27bf 8b5348 mov edx,dword ptr [rbx+48h] SYMBOL_STACK_INDEX: 0 SYMBOL_NAME: win32k+c27bf FOLLOWUP_NAME: MachineOwner MODULE_NAME: win32k IMAGE_NAME: win32k.sys DEBUG_FLR_IMAGE_TIMESTAMP: 4a0a3ad0 STACK_COMMAND: .cxr 0xfffff880020250c0 ; kb FAILURE_BUCKET_ID: X64_0x3B_win32k+c27bf BUCKET_ID: X64_0x3B_win32k+c27bf Followup: MachineOwner----------------------------------------------------------------------------Csrss.exe process is a reason of the BSOD. First of all, check that there's no virus or malware on your machine. What are you doing whenthe BSOD appears? Maybe whenusing one of your installed programs or something else?My English is not very well.

The first thing I did when this situation started was run a virus scan, which showed no problems. A quick Google search on csrss.exe seems to say pretty difinitively that it's a trojan or some other malicious file. Unfortunately it's running as a system process and ending the process causes the computer to blue screen. I'll try to find a way to remove it.Thank you, sick_. I'll mark your response as answer once I get the problem fixed.

If csrss.exe is in the C:\Windows\system32 directory, then it's a system component. If it is in any other directories - it's a malware. You can check where are the running process with pressing ctrl+alt+del -> task manager -> processes tab,right clicking on the process csrss, then "Open file location". If this file from thesystem32 folderand you'll try to kill this process - BSOD will appear, 'cause the csrss.exe is a critical system process. There are many reasons for the csrss.exe BSOD(if it is a system file fromthe C:\Windows\system32 directory)and if you'll send me some new dump files maybe I'll try to write more concrete recommendations. My English is not very well.

I'm only finding csrss.exe in system32 but there are two identicalinstances of it running. I'll send you a couple of myprevious dump files.

There are two another fragments ofthe dump-files analyze: DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT BUGCHECK_STR: 0x1E PROCESS_NAME: System CURRENT_IRQL: 2 EXCEPTION_RECORD: fffff80003c18898 -- (.exr 0xfffff80003c18898) ExceptionAddress: fffff880016215f5 (tcpip+0x000000000001d5f5) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 0000000000000000 Parameter[1]: ffffffffffffffff Attempt to read from address ffffffffffffffff TRAP_FRAME: fffff80003c18940 -- (.trap 0xfffff80003c18940) NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000000 rdx=fffffffffdf70a28 rsi=0000000000000000 rdi=0000000000000000 rip=fffff880016215f5 rsp=fffff80003c18ad0 rbp=fffffa8004714830 r8=0000000000000000 r9=0000000000000000 r10=b9c21c94f2c60409 r11=fffffa80059e5010 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei pl zr na po nc tcpip+0x1d5f5: fffff880`016215f5 ?? ??? Resetting default scope LAST_CONTROL_TRANSFER: from fffff80002959c0b to fffff800028d8f80 STACK_TEXT: fffff800`03c178d8 fffff800`02959c0b : 00000000`0000001e ffffffff`c0000005 fffff800`03c17990 00000000`00000000 : nt!KeBugCheckEx fffff800`03c178e0 fffff800`02911604 : fffff880`01620416 fffff880`016203dc fffff880`01749734 00000000`03c17ac0 : nt!KipFatalFilter+0x1b fffff800`03c17920 fffff800`028c4fb0 : 00000000`0008efac fffff800`028c4b9d 00000000`00000010 00000000`00000216 : nt! ?? ::FNODOBFM::`string'+0x98d fffff800`03c17960 fffff800`028f7d5d : fffff800`02ad5b48 fffff800`03c19310 fffff800`028c4f24 fffff800`028e540a : nt!_C_specific_handler+0x8c fffff800`03c179d0 fffff800`028c4514 : fffff800`02ad5b48 fffff800`0285a000 fffff800`028c4f24 fffff800`028e540a : nt!RtlpExecuteHandlerForException+0xd fffff800`03c17a00 fffff800`028fe089 : fffff800`00000000 fffff800`03c180f0 fffff800`00000000 fffff800`03c19310 : nt!RtlDispatchException+0x1f4 fffff800`03c180c0 fffff800`028d85c2 : fffff800`03c18898 fdfffa80`032ffd80 fffff800`03c18940 00000000`000005b4 : nt!KiDispatchException+0x135 fffff800`03c18760 fffff800`028d6eca : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0xc2 fffff800`03c18940 fffff880`016215f5 : fffffa80`03a08620 00000000`00000000 fffff800`03c18b10 00000000`00000000 : nt!KiGeneralProtectionFault+0x10a fffff800`03c18ad0 fffffa80`03a08620 : 00000000`00000000 fffff800`03c18b10 00000000`00000000 00000000`00000000 : tcpip+0x1d5f5 fffff800`03c18ad8 00000000`00000000 : fffff800`03c18b10 00000000`00000000 00000000`00000000 fffff880`01620582 : 0xfffffa80`03a08620 STACK_COMMAND: kb FOLLOWUP_IP: tcpip+1d5f5 fffff880`016215f5 ?? ??? SYMBOL_STACK_INDEX: 9 SYMBOL_NAME: tcpip+1d5f5 FOLLOWUP_NAME: MachineOwner MODULE_NAME: tcpip IMAGE_NAME: tcpip.sys DEBUG_FLR_IMAGE_TIMESTAMP: 4a0a35f6 FAILURE_BUCKET_ID: X64_0x1E_tcpip+1d5f5 BUCKET_ID: X64_0x1E_tcpip+1d5f5 Followup: MachineOwner --------- and DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT PROCESS_NAME: System CURRENT_IRQL: 2 ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s. EXCEPTION_PARAMETER1: 0000000000000000 EXCEPTION_PARAMETER2: ffffffffffffffff READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002ac10e0 ffffffffffffffff FOLLOWUP_IP: nt!MmZeroPageThread+3d4 fffff800`028c8e49 f0410fba6d1000 lock bts dword ptr [r13+10h],0 BUGCHECK_STR: 0x7E LAST_CONTROL_TRANSFER: from fffff80002b21e66 to fffff800028c8e49 STACK_TEXT: fffff880`009a9c10 fffff800`02b21e66 : fffffa80`024b9b60 00000000`00000080 fffffa80`024b9040 fffff800`0284ea79 : nt!MmZeroPageThread+0x3d4 fffff880`009a9d40 fffff800`0284ea86 : fffff800`02a03e80 fffffa80`024b9b60 fffff800`02a11c40 4127733c`5d3b0000 : nt!PspSystemThreadStartup+0x5a fffff880`009a9d80 00000000`00000000 : fffff880`009aa000 fffff880`009a4000 fffff880`009a99b0 00000000`00000000 : nt!KxStartSystemThread+0x16 SYMBOL_STACK_INDEX: 0 SYMBOL_NAME: nt!MmZeroPageThread+3d4 FOLLOWUP_NAME: MachineOwner MODULE_NAME: nt DEBUG_FLR_IMAGE_TIMESTAMP: 49ee9439 STACK_COMMAND: .cxr 0xfffff880009a9230 ; kb IMAGE_NAME: memory_corruption FAILURE_BUCKET_ID: X64_0x7E_nt!MmZeroPageThread+3d4 BUCKET_ID: X64_0x7E_nt!MmZeroPageThread+3d4 Followup: MachineOwner --------- What can I say... all fourBSODs were caused bythe various reasons. There are few common suggestions: as I can see, you uses x64 version of W7. Probably, your hardware x64drivers are not compatible with this W7RC version or with each other, maybe there is a problem with your hardware, I mean if you uses 4 GBRAM or more - try to temporarily use 2 GB,update you BIOS, temporarily delete all your antivirus and same programs.Disconnect all plug-in peripherals, such as USB-disks,printers ( all except mouse and keyboard), network cableand thentest for the OS work.What with your system updates through WU?Hope it will be helpfull. My English is not very well.

Thanks for your help sick_. I'll probably end up upgrading my older parts for this, since it seems like it's not exactly a software problem. My motherboard is pretty old now.