Vista BSOD - 0x27 - RDR

Bluescreen rdbss.sys giving me problems on two Vista PC's

by jcgriff2 -

0x27 (0xbaad0075, 0xa600780e008, 0xa600780d9e0, 0xa600342cfee), probable cause = rdbss.sys
The process running at the time of the crash = nmsrvc.exe = Network Magic Service

The parms (#'s inside parenthesis) -
Parm #1 = 1st 4 hexadecimal digits (the high 16-bits) of the 1st parm is the RDBSS bugcheck code = baad
Parm #2 = 0xa600780e008 = exception record
Parm #3 = 0xa600780d9e0 = context
Parm #4 = 0xa600342cfee = exception address

That led me to an NTSTATUS exception code = 0xc00000005 = memory access violation

I looked through the loaded driver listing and found these drivers -

fffffa60`038f1000 BHDrvx64 BHDrvx64.sys Wed Jul 29 18:07:44 2009 (4A70F260)
fffffa60`034c4000 IDSvia64 IDSvia64.sys Wed Jul 08 17:53:35 2009 (4A553F8F)
fffffa60`03298000 SYMNDISV SYMNDISV.SYS Mon Jul 06 17:33:26 2009 (4A5297D6)
fffffa60`032ba000 SYMFW SYMFW.SYS Mon Jul 06 17:29:22 2009 (4A5296E2)
fffffa60`03252000 SYMTDI SYMTDI.SYS Mon Jul 06 17:28:48 2009 (4A5296C0)
fffffa60`00aca000 SYMEFA64 SYMEFA64.SYS Tue Jun 23 14:52:39 2009 (4A414EA7)
fffffa60`033eb000 SRTSPX64 SRTSPX64.SYS Mon Jun 22 19:47:54 2009 (4A40425A)
fffffa60`06c81000 SRTSP64 SRTSP64.SYS Mon Jun 22 19:45:21 2009 (4A4041C1)
fffffa60`033ad000 SymIMv SymIMv.sys Mon Jun 22 16:11:56 2009 (4A400FBC)
fffffa60`0389a000 ccHPx64 ccHPx64.sys Fri Jun 19 16:28:39 2009 (4A3C1F27)


Those drivers belong to either Norton Internet Security or N360.

The date of the 1st driver BHDrvx64.sys = July 29, 2009 (internal programming-related date). It would have been released for update to you on or after 7-29-09, which probably matches the time frame for your vacation (-- ?).

I would be willing to bet that Norton IS/ N360 is installed on both systems. I don't believe the D-Line contributed here at all; the jury is still out on the possible contribution made by GotomyPC software to the BSODs.

Use the Norton Removal Tool (NRT) written by Symantec to remove Norton from your systems. Download the NRT to your Desktop; RIGHT-click on the NRT, select "Run as Administrator". Upon Completion re-boot.

NRT - ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe

Reset the Windows Firewall to its default settings -
START type FirewallSettings.exe into the start search box click on FirewallSettings.exe above select the Advanced Tab click on "Restore Defaults" Click Apply, OK

Use AVG for a/v if you wish - http://free.avg.com/download-avg-anti-virus-free-edition

I think that Symantec/ Norton produces a good anti-virus product, but I would stay away from any personal firewall whether it be NIS, KIS, McAfee, etc... unless you have hours each day to spend on the configuration of such. These firewalls tend to block the local NETNBIOS ports which then interferes with Vista / Windows 7 system services causing APPHANGS. APPCRASHES and then BSODs.

You may have experienced an APPHANG/ CRASH and not known what it was ---
- While on Windows Explorer or Internet Explorer
- The background fades to white
- The spinning blue circle
- The message "Not Responding..."

That would be a personal firewall at work (my opinion, anyway)

Please let me know how you make out.

Regards. . .

jcgriff2

.