On Fri, Jun 19, 2009 at 7:52 AM, Ziots, Edward <[email protected]> wrote: > When you have the dump loaded and pointing to the correct symbols > directory, when you do a !analyze -v what does it come back to you with?
That the system crashed due to an IRQL screw-up in the POSTCLS.SYS driver. This I already knew. It was on the BSOD. :-) It also gives me a stack trace which only mentions NT and PORTCLS. I posted extracts in my previous message. They were mostly from "!analyze -v". > That should get to the root of what is causing the BSOD, or very close. The crash is occurring in PORTCLS.SYS, which is the "Class Driver for Port/Miniport Devices". I'm not exactly sure what it does, but I gather it's some kind of common driver layer provided by Windows. I've got two "identical" laptops faulting in the same way, with the same codes, and starting around the same time. So it's not likely to be hardware. My guess is, either of two similar scenarios: (1) A recent Windows Update broke something. Perhaps a corner case in PORTCLS.SYS itself, or something PORTCLS.SYS depends on. (2) A driver on the system is broken and corrupting the system in way that causes PORTCLS.SYS to explode. The driver was broken before, but the problem wasn't manifesting due to luck. Then a Windows Update changed something, and the luck was removed. The problem is, figuring out what the "something" is from #1, or which driver it is for #2. > I think if you use the old !drivers command its going to bitch at you > and say use LM t m or LM T V to get the models. I've never done this before, so I have no old commands to try. :) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
