parents are having problems with their computer.. so.. I found this article:
http://www.networkworld.com/news/2005/041105-windows-crash.html?t5&story=home3

which was semi useful but I had problems with the debugger..

so, to debug, install this:
http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx

then install debugwiz:
http://windowsbbs.com/debugwiz.zip
(I've also attached it since it is relatively small)

which essentially runs this command:
C:\Program Files\Debugging Tools for Windows\cdb.exe -logo c:\debuglog.txt -c "!analyze -v;r;kv;lmtn;.logclose;q" -y SRV*c:\symbols*http://msdl.microsoft.com/download/symbols -i C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS\system32\drivers -z "C:\WINDOWS\Minidump\Mini101805-01.dmp"

windows bsod's creates a dump located at c:\windows\minidump

so choose the latest dump with the debugwiz..

then the output of running debugwiz is something like:


Opened log file 'c:\debuglog.txt'

Microsoft (R) Windows Debugger Version 6.5.0003.7
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\WINDOWS\Minidump\Mini101805-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS\system32\drivers
Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 2600.xpsp_sp2_gdr.050301-1519
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055a420
Debug session time: Tue Oct 18 15:19:15.329 2005 (GMT-5)
System Uptime: 0 days 5:58:08.928
Loading Kernel Symbols
.......................................................................................................
Loading unloaded module list
.........
Loading User Symbols
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 77, {c000000e, c000000e, 0, 493000}

Probably caused by : memory_corruption ( nt!MiMakeOutswappedPageResident+362 )

Followup: MachineOwner
---------

kd> !analyze -v;r;kv;lmtn;.logclose;q
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

KERNEL_STACK_INPAGE_ERROR (77)
The requested page of kernel data could not be read in. Caused by
bad block in paging file or disk controller error.
In the case when the first and second arguments are 0, the stack signature
in the kernel stack was not found. Again, bad hardware.
An I/O status of c000009c (STATUS_DEVICE_DATA_ERROR) or
C000016AL (STATUS_DISK_OPERATION_FAILED) normally indicates
the data could not be read from the disk due to a bad
block. Upon reboot autocheck will run and attempt to map out the bad
sector. If the status is C0000185 (STATUS_IO_DEVICE_ERROR) and the paging
file is on a SCSI disk device, then the cabling and termination should be
checked. See the knowledge base article on SCSI termination.
Arguments:
Arg1: c000000e, status code
Arg2: c000000e, i/o status code
Arg3: 00000000, page file number
Arg4: 00493000, offset into page file

Debugging Details:
------------------


ERROR_CODE: (NTSTATUS) 0xc000000e - A device which does not exist was specified.

DISK_HARDWARE_ERROR: There was error with disk hardware

BUGCHECK_STR: 0x77_c000000e

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT

LAST_CONTROL_TRANSFER: from 80520b96 to 8053331e

STACK_TEXT:
f9e9ccf0 80520b96 00000077 c000000e c000000e nt!KeBugCheckEx+0x1b
f9e9cd60 804e80c6 c03dc168 c03dc168 00000001 nt!MiMakeOutswappedPageResident+0x362
f9e9cd8c 804e6b39 00933a88 00000000 81bc38b8 nt!MmInPageKernelStack+0xf0
f9e9cda4 804e6b1c 81933ae8 8057be15 00000000 nt!KiInSwapKernelStacks+0x16
f9e9cdac 8057be15 00000000 00000000 00000000 nt!KeSwapProcessOrStack+0x89
f9e9cddc 804fa4da 804e6a98 00000000 00000000 nt!PspSystemThreadStartup+0x34
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16


FOLLOWUP_IP:
nt!MiMakeOutswappedPageResident+362
80520b96 cc int 3

SYMBOL_STACK_INDEX: 1

FOLLOWUP_NAME: MachineOwner

SYMBOL_NAME: nt!MiMakeOutswappedPageResident+362

MODULE_NAME: nt

DEBUG_FLR_IMAGE_TIMESTAMP: 42250ff9

STACK_COMMAND: kb

IMAGE_NAME: memory_corruption

FAILURE_BUCKET_ID: 0x77_c000000e_nt!MiMakeOutswappedPageResident+362

BUCKET_ID: 0x77_c000000e_nt!MiMakeOutswappedPageResident+362

Followup: MachineOwner
---------

eax=ffdff13c ebx=c000000e ecx=00000000 edx=c000000e esi=00004bac edi=00493080
eip=8053331e esp=f9e9ccd8 ebp=f9e9ccf0 iopl=0 nv up ei ng nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286
nt!KeBugCheckEx+0x1b:
8053331e 5d pop ebp
ChildEBP RetAddr Args to Child
f9e9ccf0 80520b96 00000077 c000000e c000000e nt!KeBugCheckEx+0x1b (FPO: [Non-Fpo])
f9e9cd60 804e80c6 c03dc168 c03dc168 00000001 nt!MiMakeOutswappedPageResident+0x362 (FPO: [Non-Fpo])
f9e9cd8c 804e6b39 00933a88 00000000 81bc38b8 nt!MmInPageKernelStack+0xf0 (FPO: [Non-Fpo])
f9e9cda4 804e6b1c 81933ae8 8057be15 00000000 nt!KiInSwapKernelStacks+0x16 (FPO: [Non-Fpo])
f9e9cdac 8057be15 00000000 00000000 00000000 nt!KeSwapProcessOrStack+0x89 (FPO: [1,0,0])
f9e9cddc 804fa4da 804e6a98 00000000 00000000 nt!PspSystemThreadStartup+0x34 (FPO: [Non-Fpo])
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16
start end module name
804d7000 806eb100 nt ntoskrnl.exe Tue Mar 01 18:59:37 2005 (42250FF9)
806ec000 80705c00 hal hal.dll Wed Aug 04 00:59:18 2004 (41107B36)
bf800000 bf9c0500 win32k win32k.sys Tue Mar 01 19:06:42 2005 (422511A2)
bf9c1000 bf9d2580 dxg dxg.sys Wed Aug 04 01:00:51 2004 (41107B93)
bff30000 bff4e380 nv3_bff30000 nv3.dll Sat Aug 18 00:36:03 2001 (3B7DFEC3)
f67bd000 f67c0800 asyncmac asyncmac.sys Wed Aug 04 01:05:02 2004 (41107C8E)
f67d1000 f6811100 HTTP HTTP.sys Fri Oct 08 18:48:20 2004 (41672744)
f6c77000 f6c8b400 wdmaud wdmaud.sys Wed Aug 04 01:15:03 2004 (41107EE7)
f6cb4000 f6d05300 srv srv.sys Mon May 09 19:17:49 2005 (427FFDAD)
f6d56000 f6d82400 mrxdav mrxdav.sys Wed Aug 04 01:00:49 2004 (41107B91)
f6ec3000 f6ed1d80 sysaudio sysaudio.sys Wed Aug 04 01:15:54 2004 (41107F1A)
f70a7000 f70aa280 ndisuio ndisuio.sys Wed Aug 04 01:03:10 2004 (41107C1E)
f7193000 f71aa480 dump_atapi dump_atapi.sys Wed Aug 04 00:59:41 2004 (41107B4D)
f71d3000 f71f3f00 ipnat ipnat.sys Wed Sep 29 17:28:36 2004 (415B3714)
f71f4000 f7262400 mrxsmb mrxsmb.sys Tue Jan 18 22:26:50 2005 (41EDE18A)
f7263000 f728da00 rdbss rdbss.sys Wed Oct 27 20:13:57 2004 (418047D5)
f728e000 f72afd00 afd afd.sys Wed Aug 04 01:14:13 2004 (41107EB5)
f72b0000 f72d7c00 netbt netbt.sys Wed Aug 04 01:14:36 2004 (41107ECC)
f72d8000 f732fd80 tcpip tcpip.sys Wed May 25 14:04:00 2005 (4294CC20)
f7330000 f7342400 ipsec ipsec.sys Wed Aug 04 01:14:27 2004 (41107EC3)
f8f7b000 f8f7d900 Dxapi Dxapi.sys Fri Aug 17 15:53:19 2001 (3B7D843F)
f9053000 f9066900 parport parport.sys Wed Aug 04 00:59:04 2004 (41107B28)
f9067000 f909a200 update update.sys Wed Aug 04 00:58:32 2004 (41107B08)
f909b000 f90cb100 rdpdr rdpdr.sys Wed Aug 04 01:01:10 2004 (41107BA6)
f90cc000 f90ef980 portcls portcls.sys Wed Aug 04 01:15:47 2004 (41107F13)
f90f0000 f91b1f00 USR1806V USR1806V.SYS Fri May 18 14:25:47 2001 (3B05773B)
f91b2000 f91d4e80 USBPORT USBPORT.SYS Wed Aug 04 01:08:34 2004 (41107D62)
f91d5000 f91f7680 ks ks.sys Wed Aug 04 01:15:20 2004 (41107EF8)
f91f8000 f920b780 VIDEOPRT VIDEOPRT.SYS Wed Aug 04 01:07:04 2004 (41107D08)
f920c000 f923c600 nv3 nv3.sys Tue Jul 31 17:12:08 2001 (3B672D38)
f923d000 f924de00 psched psched.sys Wed Aug 04 01:04:16 2004 (41107C60)
f924e000 f9264680 ndiswan ndiswan.sys Wed Aug 04 01:14:30 2004 (41107EC6)
f9296000 f9298980 gameenum gameenum.sys Wed Aug 04 01:08:20 2004 (41107D54)
f929a000 f929df00 MODEMCSA MODEMCSA.sys Fri Aug 17 15:57:37 2001 (3B7D8541)
f9885000 f989f580 Mup Mup.sys Wed Aug 04 01:15:20 2004 (41107EF8)
f98a0000 f98cca80 NDIS NDIS.sys Wed Aug 04 01:14:27 2004 (41107EC3)
f98cd000 f9959480 Ntfs Ntfs.sys Wed Aug 04 01:15:06 2004 (41107EEA)
f995a000 f9970780 KSecDD KSecDD.sys Wed Aug 04 00:59:45 2004 (41107B51)
f9971000 f9982f00 sr sr.sys Wed Aug 04 01:06:22 2004 (41107CDE)
f9983000 f99a1780 fltmgr fltmgr.sys Wed Aug 04 01:01:17 2004 (41107BAD)
f99a2000 f99b9480 atapi atapi.sys Wed Aug 04 00:59:41 2004 (41107B4D)
f99ba000 f99df700 dmio dmio.sys Wed Aug 04 01:07:13 2004 (41107D11)
f99e0000 f99fe880 ftdisk ftdisk.sys Fri Aug 17 15:52:41 2001 (3B7D8419)
f99ff000 f9a0fa80 pci pci.sys Wed Aug 04 01:07:45 2004 (41107D31)
f9a31000 f9a39c00 isapnp isapnp.sys Fri Aug 17 15:58:01 2001 (3B7D8559)
f9a41000 f9a4b500 MountMgr MountMgr.sys Wed Aug 04 00:58:29 2004 (41107B05)
f9a51000 f9a5dc80 VolSnap VolSnap.sys Wed Aug 04 01:00:14 2004 (41107B6E)
f9a61000 f9a69e00 disk disk.sys Wed Aug 04 00:59:53 2004 (41107B59)
f9a71000 f9a7d200 CLASSPNP CLASSPNP.SYS Wed Aug 04 01:14:26 2004 (41107EC2)
f9a81000 f9a8b580 agp440 agp440.sys Wed Aug 04 01:07:40 2004 (41107D2C)
f9ac1000 f9acf100 usbhub usbhub.sys Wed Aug 04 01:08:40 2004 (41107D68)
f9af1000 f9af9700 netbios netbios.sys Wed Aug 04 01:03:19 2004 (41107C27)
f9b01000 f9b09880 Fips Fips.SYS Fri Aug 17 20:31:49 2001 (3B7DC585)
f9b11000 f9b19700 wanarp wanarp.sys Wed Aug 04 01:04:57 2004 (41107C89)
f9b31000 f9b40900 Cdfs Cdfs.SYS Wed Aug 04 01:14:09 2004 (41107EB1)
f9b51000 f9b59a00 SDSTOR2K SDSTOR2K.SYS Thu Jan 10 23:23:04 2002 (3C3E76B8)
f9bd1000 f9bdd880 rasl2tp rasl2tp.sys Wed Aug 04 01:14:21 2004 (41107EBD)
f9be1000 f9beb200 raspppoe raspppoe.sys Wed Aug 04 01:05:06 2004 (41107C92)
f9bf1000 f9bfcd00 raspptp raspptp.sys Wed Aug 04 01:14:26 2004 (41107EC2)
f9c01000 f9c09900 msgpc msgpc.sys Wed Aug 04 01:04:11 2004 (41107C5B)
f9c11000 f9c1b380 imapi imapi.sys Wed Aug 04 01:00:12 2004 (41107B6C)
f9c21000 f9c2d180 cdrom cdrom.sys Wed Aug 04 00:59:52 2004 (41107B58)
f9c31000 f9c3f080 redbook redbook.sys Wed Aug 04 00:59:34 2004 (41107B46)
f9c41000 f9c4af80 es1371mp es1371mp.sys Mon Jun 03 13:18:31 2002 (3CFBB2F7)
f9c51000 f9c5fb80 drmk drmk.sys Wed Aug 04 01:07:54 2004 (41107D3A)
f9c61000 f9c6af00 termdd termdd.sys Wed Aug 04 00:58:52 2004 (41107B1C)
f9c71000 f9c7de00 i8042prt i8042prt.sys Wed Aug 04 01:14:36 2004 (41107ECC)
f9c81000 f9c90d80 serial serial.sys Wed Aug 04 01:15:51 2004 (41107F17)
f9c91000 f9c9a480 NDProxy NDProxy.SYS Fri Aug 17 15:55:30 2001 (3B7D84C2)
f9cb1000 f9cb7200 PCIIDEX PCIIDEX.SYS Wed Aug 04 00:59:40 2004 (41107B4C)
f9cb9000 f9cbd900 PartMgr PartMgr.sys Fri Aug 17 20:32:23 2001 (3B7DC5A7)
f9d31000 f9d35880 TDI TDI.SYS Wed Aug 04 01:07:47 2004 (41107D33)
f9d39000 f9d3d580 ptilink ptilink.sys Fri Aug 17 15:49:53 2001 (3B7D8371)
f9d41000 f9d45080 raspti raspti.sys Fri Aug 17 15:55:32 2001 (3B7D84C4)
f9d49000 f9d4e000 usbuhci usbuhci.sys Wed Aug 04 01:08:34 2004 (41107D62)
f9d51000 f9d58580 Modem Modem.SYS Wed Aug 04 01:08:04 2004 (41107D44)
f9d59000 f9d5f000 kbdclass kbdclass.sys Wed Aug 04 00:58:32 2004 (41107B08)
f9d61000 f9d66a00 mouclass mouclass.sys Wed Aug 04 00:58:32 2004 (41107B08)
f9d69000 f9d6a000 fdc fdc.sys unavailable (00000000)
f9d79000 f9d7e000 flpydisk flpydisk.sys Wed Aug 04 00:59:24 2004 (41107B3C)
f9d99000 f9d9e200 vga vga.sys Wed Aug 04 01:07:06 2004 (41107D0A)
f9da1000 f9da5a80 Msfs Msfs.SYS Wed Aug 04 01:00:37 2004 (41107B85)
f9da9000 f9db0880 Npfs Npfs.SYS Wed Aug 04 01:00:38 2004 (41107B86)
f9dc9000 f9dcd500 watchdog watchdog.sys Wed Aug 04 01:07:32 2004 (41107D24)
f9e41000 f9e44000 BOOTVID BOOTVID.dll Fri Aug 17 15:49:09 2001 (3B7D8345)
f9ec9000 f9ecb280 rasacd rasacd.sys Fri Aug 17 15:55:39 2001 (3B7D84CB)
f9ed9000 f9edb580 ndistapi ndistapi.sys Fri Aug 17 15:55:29 2001 (3B7D84C1)
f9f05000 f9f08c80 mssmbios mssmbios.sys Wed Aug 04 01:07:47 2004 (41107D33)
f9f0d000 f9f10c80 serenum serenum.sys Wed Aug 04 00:59:06 2004 (41107B2A)
f9f31000 f9f32b80 kdcom kdcom.dll Fri Aug 17 15:49:10 2001 (3B7D8346)
f9f33000 f9f34580 intelide intelide.sys Wed Aug 04 00:59:40 2004 (41107B4C)
f9f35000 f9f36100 WMILIB WMILIB.SYS Fri Aug 17 16:07:23 2001 (3B7D878B)
f9f37000 f9f38700 dmload dmload.sys Fri Aug 17 15:58:15 2001 (3B7D8567)
f9f43000 f9f44a80 ParVdm ParVdm.SYS Fri Aug 17 15:49:49 2001 (3B7D836D)
f9f53000 f9f54100 swenum swenum.sys Wed Aug 04 00:58:41 2004 (41107B11)
f9f59000 f9f5a280 USBD USBD.SYS Fri Aug 17 16:02:58 2001 (3B7D8682)
f9f7b000 f9f7cf00 Fs_Rec Fs_Rec.SYS Fri Aug 17 15:49:37 2001 (3B7D8361)
f9f7d000 f9f7e080 Beep Beep.SYS Fri Aug 17 15:47:33 2001 (3B7D82E5)
f9f7f000 f9f80080 mnmdd mnmdd.SYS Fri Aug 17 15:57:28 2001 (3B7D8538)
f9f81000 f9f82080 RDPCDD RDPCDD.sys Fri Aug 17 15:46:56 2001 (3B7D82C0)
f9f93000 f9f94100 dump_WMILIB dump_WMILIB.SYS Fri Aug 17 16:07:23 2001 (3B7D878B)
fa0f6000 fa0f6c00 audstub audstub.sys Fri Aug 17 15:59:40 2001 (3B7D85BC)
fa0f8000 fa0f8b80 Null Null.SYS Fri Aug 17 15:47:39 2001 (3B7D82EB)
fa10e000 fa10ed00 dxgthk dxgthk.sys Fri Aug 17 15:53:12 2001 (3B7D8438)

Unloaded modules:
f6707000 f6731000 kmixer.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f6b8a000 f6bb4000 kmixer.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f6c54000 f6c77000 aec.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
fa0e1000 fa0e2000 drmkaud.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f6e83000 f6e90000 DMusic.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f6e93000 f6ea1000 swmidi.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f9f4b000 f9f4d000 splitter.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
f9d91000 f9d96000 Cdaudio.SYS
Timestamp: unavailable (00000000)
Checksum: 00000000
f9ec5000 f9ec8000 Sfloppy.SYS
Timestamp: unavailable (00000000)
Checksum: 00000000
Closing open log file c:\debuglog.txt


which means.. I have no idea.. I'm going to open the box up and sniff around..
and, I'll possibly post the log at (which is the author of debugwiz):
http://windowsbbs.com
there hasn't been any data corruption so I think it might be a bad cable or faulty hardware

What a nice place for an error to occur... it looks most definitively like faulty hardware. If a surface scan reveals nothing, try look at the RAM.

there hasn't been any data corruption so I think it might be a bad cable or faulty hardware

?? That doesn't make sense. A bad driver is just as likely as a bad cable to cause data corruption. A BSOD doesn't mean that data will be corrupted however.

That list you posted above looks like a list of running processes and drivers.

Notice these lines:


ERROR_CODE: (NTSTATUS) 0xc000000e - A device which does not exist was specified.

DISK_HARDWARE_ERROR: There was error with disk hardware

( . . . )

DEFAULT_BUCKET_ID: DRIVER_FAULT

There is an obvious problem with the drivers for your storage media. Check the IDE controller drivers, CD/DVD drivers, etc. Of course, it is possible that a bad drive (that is failing) or a bad cable caused the device to be unaccessible, and the problem is hiding behind the false pretense of a bad driver. One possible cause could be running 2 hard drives on a cheap IDE cable at high UDMA settings.

I'm thinking driver, for sure. Any new hardware lately? Is Automatic Updates running?

What a nice place for an error to occur... it looks most definitively like faulty hardware. If a surface scan reveals nothing, try look at the RAM.

ran memtest last night without issue.


?? That doesn't make sense. A bad driver is just as likely as a bad cable to cause data corruption. A BSOD doesn't mean that data will be corrupted however.

That list you posted above looks like a list of running processes and drivers.
yeah.. I'm not that good with hardware.


Notice these lines:


ERROR_CODE: (NTSTATUS) 0xc000000e - A device which does not exist was specified.

DISK_HARDWARE_ERROR: There was error with disk hardware

( . . . )

DEFAULT_BUCKET_ID: DRIVER_FAULT

There is an obvious problem with the drivers for your storage media. Check the IDE controller drivers, CD/DVD drivers, etc. Of course, it is possible that a bad drive (that is failing) or a bad cable caused the device to be unaccessible, and the problem is hiding behind the false pretense of a bad driver. One possible cause could be running 2 hard drives on a cheap IDE cable at high UDMA settings.

one of the notable problems has been when booting up it will take 10-30 seconds for the hard drive to get recognized. then when it gets to the windows boot screen, it shows that for at least a minute (this is not always consistent)

the setup is this:
1 hard drive
2 cd rom drives
1 floppy drive
1 235 watt powersupply with a dead fan (thinking it was related to the powersupply I tested with another one but it still exhibited what I mentioned above.. )
I checked the jumper on the hard drive, it was not set as master but it said(on the label on the hard drive) that if it only booting with one drive at the default jumper setting it would be ok (so I changed it then changed it back.. didn't change anything)
then I tested with another hard drive and that seemed to act 'normally' so I plugged it back into the main drive then it was acting normal again (I will try this again though when I see it acting up again).
I ran the debugger on another one of the minidumps and that one appeared to be related to the cd-rom drive (atapi.sys more specifically). the cd-rom drive was checking for something in the drive over and over again(which soon led to a crash)
I also swapped the ide cable which did not seem to make a difference.


I'm thinking driver, for sure. Any new hardware lately? Is Automatic Updates running?
this is some 500mhz POS with no changes.. I am trying to only fix it since my parents don't want/need a new machine (and don't want to spend money).

so...
I'm back where I started.. just want to swap the hard drive again when it appears like it is 'acting up' to see if it occurs on the other drive (if it is consistent across both drives, maybe it is the motherboard?..)