I did a google search for those files and like u said they are considered malware, but its debatable, they may not necessarily be as there isn't much info on it. I ran memtest for 9 hours w/o a problem so i'm leaving this to a bad driver/virus/software issue. Any more info would be great, thanks.
You could always ask about the file in the security forum. The reason I mentioned it was because your last two dumps crashed at security programs - i.e. Zonealarm and Spysweeper.
*** ERROR: Module load completed but symbols could not be loaded for SSIDRV.SYS
*** ERROR: Module load completed but symbols could not be loaded for vsdatant.sys
Probably caused by : SSIDRV.SYS ( SSIDRV+c6c4 )
I removed webroot spyware so SSIDRV.SYS should be gone too, searched for SSIDRV.SYS and ssfs041a.sys which is supposedly the file name, both were not found and I have "show hidden files" checked. argggg.
vsdatant.sys belongs to zonealarm, pissing me off because ZA is supposed to be a good firewall, if i remove it now what should i get in its place?
And what the hell is this "unloadable modules" kmixer.sys business?
how come the latest memory dump didn't write to MEMORY.dmp for the latest session? It has the last session as WED for the last crash, same as the one attached above.
edit: I guess this is why it didn't log it, WTF!???
ERROR: 49 in event viewer
Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
You can set the dump file to overwrite itself if there is a disk space or page file issue. In Startup and Recovery Options under Write debugging information check Overwrite any existing file.
If you cannot find and remove SSIDRV.SYS and vsdatant.sys I'd agree with peterdiva that you should go to the security section and post a HijackThis log.
hi ive got some errors on a pc of mine and i did copying of all and did some research on all them but no luck on these yet and if some one here would help it would be much appreciated
Event Type: Warning
Event Source: Dhcp
Event Category: None
Event ID: 1003
Date: 6/19/2009
Time: 3:44:46 AM
User: N/A
Computer: COMPUTER_1
Description:
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001CDF48178C. The following error occurred:
The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Event Type: Error
Event Source: Application Hang
Event Category: (101)
Event ID: 1002
Date: 6/16/2009
Time: 8:46:25 PM
User: N/A
Computer: COMPUTER_1
Description:
Hanging application Cheat Engine.exe, version 5.5.0.31, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
For more information, see Help and Support Center at Events and Errors Message Center: Basic Search.
Data:
0000: 41 70 70 6c 69 63 61 74 Applicat
0008: 69 6f 6e 20 48 61 6e 67 ion Hang
0010: 20 20 43 68 65 61 74 20 Cheat
0018: 45 6e 67 69 6e 65 2e 65 Engine.e
0020: 78 65 20 35 2e 35 2e 30 xe 5.5.0
0028: 2e 33 31 20 69 6e 20 68 .31 in h
0030: 75 6e 67 61 70 70 20 30 ungapp 0
0038: 2e 30 2e 30 2e 30 20 61 .0.0.0 a
0040: 74 20 6f 66 66 73 65 74 t offset
0048: 20 30 30 30 30 30 30 30 0000000
0050: 30 0
Event Type: Warning
Event Source: ASP.NET 2.0.50727.0
Event Category: Setup
Event ID: 1020
Date: 6/16/2009
Time: 1:33:29 PM
User: N/A
Computer: COMPUTER_1
Description:
Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i.
Event Type: Warning
Event Source: WinMgmt
Event Category: None
Event ID: 5603
Date: 6/16/2009
Time: 3:47:48 PM
User: NT AUTHORITY\SYSTEM
Computer: COMPUTER_1
Description:
A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.
Event Type: Warning
Event Source: WinMgmt
Event Category: None
Event ID: 63
Date: 6/16/2009
Time: 3:45:02 PM
User: NT AUTHORITY\SYSTEM
Computer: COMPUTER_1
Description:
A provider, CmdTriggerConsumer, has been registered in the WMI namespace, Root\cimv2, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Event Type: Warning
Event Source: WinMgmt
Event Category: None
Event ID: 63
Date: 6/16/2009
Time: 3:45:00 PM
User: NT AUTHORITY\SYSTEM
Computer: COMPUTER_1
Description:
A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
Newbie
