Windows 10 Need a help with BSOD

[Vitalijs]

Hi there,

I am looking for someone that could help me with dmp file analysis, I want to find out what's causing BSOD, attaching 2 dmp from yesterday, first BSOD happened on web browsing, other one on McAfee antivirus full computer scan.

Win 10 x64
4Gb of RAM
GeForce 560Ti

Let me know if you need additional info.

Thank you in advance.

First Log:

Microsoft (R) Windows Debugger Version 10.0.10240.9 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\092315-19781-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available


************* Symbol Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       
Symbol search path is: 
Executable search path is:
No .natvis files found at C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\Visualizers.
Windows 10 Kernel Version 10240 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 10240.16463.amd64fre.th1.150819-1946
Machine Name:
Kernel base = 0xfffff802`b8e7d000 PsLoadedModuleList = 0xfffff802`b91a2030
Debug session time: Wed Sep 23 12:52:21.008 2015 (UTC + 1:00)
System Uptime: 0 days 14:56:19.747
Loading Kernel Symbols
.

Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.

..............................................................
................................................................
.........................................
Loading User Symbols
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 50, {fffffc01383da910, 0, fffff802b8f11bf5, 2}


Could not read faulting driver name
Probably caused by : ntkrnlmp.exe ( nt!FsRtlCheckOplockEx+165 )

Followup:     MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced.  This cannot be protected by try-except.
Typically the address is just plain bad or it is pointing at freed memory.
Arguments:
Arg1: fffffc01383da910, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffff802b8f11bf5, If non-zero, the instruction address which referenced the bad memory
    address.
Arg4: 0000000000000002, (reserved)

Debugging Details:
------------------


Could not read faulting driver name

SYSTEM_VERSION:         

BIOS_DATE:  10/02/2009

BASEBOARD_PRODUCT:  D2950-A1

BASEBOARD_VERSION:  S26361-D2950-A1

BUGCHECK_P1: fffffc01383da910

BUGCHECK_P2: 0

BUGCHECK_P3: fffff802b8f11bf5

BUGCHECK_P4: 2

READ_ADDRESS: fffff802b9241500: Unable to get MiVisibleState
fffffc01383da910

FAULTING_IP:
nt!FsRtlCheckOplockEx+165
fffff802`b8f11bf5 448b8690000000  mov     r8d,dword ptr [rsi+90h]

MM_INTERNAL_CODE:  2

CPU_COUNT: 2

CPU_MHZ: a8c

CPU_VENDOR:  GenuineIntel

CPU_FAMILY: 6

CPU_MODEL: 17

CPU_STEPPING: a

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT

BUGCHECK_STR:  AV

PROCESS_NAME:  System

CURRENT_IRQL:  0

ANALYSIS_VERSION: 10.0.10240.9 amd64fre

TRAP_FRAME:  ffffd0013026f440 -- (.trap 0xffffd0013026f440)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000404 rbx=0000000000000000 rcx=ffffc00144b323e8
rdx=ffffe00012b3c180 rsi=0000000000000000 rdi=0000000000000000
rip=fffff802b8f11bf5 rsp=ffffd0013026f5d0 rbp=0000000000000000
r8=0000000000000000  r9=0000000000000000 r10=0000000000000028
r11=fffff802b8e7d000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl zr na po nc
nt!FsRtlCheckOplockEx+0x165:
fffff802`b8f11bf5 448b8690000000  mov     r8d,dword ptr [rsi+90h] ds:00000000`00000090=????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff802b901b095 to fffff802b8fcb240

STACK_TEXT: 
ffffd001`3026f1f8 fffff802`b901b095 : 00000000`00000050 fffffc01`383da910 00000000`00000000 ffffd001`3026f440 : nt!KeBugCheckEx
ffffd001`3026f200 fffff802`b8e9c536 : 00000000`00000000 00000000`00000000 ffffd001`3026f440 fffff802`b8e8e529 : nt! ?? ::FNODOBFM::`string'+0x41295
ffffd001`3026f2f0 fffff802`b8fd42bd : 00000000`00000000 ffffe000`0751f2d0 00000000`00000000 ffffe000`075ad040 : nt!MmAccessFault+0x696
ffffd001`3026f440 fffff802`b8f11bf5 : ffffe000`08968d1c 00000000`00000000 ffffe000`00000000 fffffc01`383da880 : nt!KiPageFault+0x13d
ffffd001`3026f5d0 fffff800`802276af : ffffe000`0e8162b0 00000000`00000000 00000000`00000000 00000000`00000000 : nt!FsRtlCheckOplockEx+0x165
ffffd001`3026f6d0 fffff800`7f9051c4 : ffffe000`12b3c100 ffffe000`12b3c180 00000000`00000001 ffffd001`00000005 : NTFS!NtfsFsdClose+0x77f
ffffd001`3026f7e0 fffff800`7f903a16 : ffffe000`087224c0 ffffe000`07807df0 00000000`00000001 ffffe000`08724240 : FLTMGR!FltpLegacyProcessingAfterPreCallbacksCompleted+0x2a4
ffffd001`3026f860 fffff802`b931594f : ffffe000`0e8162b0 ffffc001`45e4adf0 00000000`00000001 ffffe000`07548030 : FLTMGR!FltpDispatch+0xb6
ffffd001`3026f8c0 fffff802`b92a8558 : ffffc001`45e4adf0 00000000`00000000 ffffe000`07630dc0 fffff802`b91c3a80 : nt!IopDeleteFile+0x12f
ffffd001`3026f940 fffff802`b8ec496f : 00000000`00000000 00000000`00000000 ffffc001`45e4adf0 ffffe000`0e8162b0 : nt!ObpRemoveObjectRoutine+0x78
ffffd001`3026f9a0 fffff802`b92b2c2d : 00000000`00088081 ffffe000`0d149550 00000000`00000000 00000000`00000000 : nt!ObfDereferenceObject+0xbf
ffffd001`3026f9e0 fffff802`b8f9376f : fffff802`b91be4c0 ffffd001`3026faa0 ffffe000`0d149558 00000000`00000000 : nt!MiSegmentDelete+0x121
ffffd001`3026fa20 fffff802`b8fb11a5 : fffff802`b91c3a80 00000000`00000000 fffff802`b91c3f10 fffff802`b91c3a80 : nt!MiProcessDereferenceList+0x10b
ffffd001`3026fad0 fffff802`b8f63e88 : 80000000`006c0121 ffffe000`07634040 00000000`00000080 ffffe000`075ad040 : nt!MiDereferenceSegmentThread+0x121
ffffd001`3026fd00 fffff802`b8fd0326 : fffff802`b91e0180 ffffe000`07634040 fffff802`b9256740 80000000`006c0121 : nt!PspSystemThreadStartup+0x58
ffffd001`3026fd60 00000000`00000000 : ffffd001`30270000 ffffd001`3026a000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x16


STACK_COMMAND:  kb

FOLLOWUP_IP:
nt!FsRtlCheckOplockEx+165
fffff802`b8f11bf5 448b8690000000  mov     r8d,dword ptr [rsi+90h]

SYMBOL_STACK_INDEX:  4

SYMBOL_NAME:  nt!FsRtlCheckOplockEx+165

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  55d5626b

IMAGE_VERSION:  10.0.10240.16463

BUCKET_ID_FUNC_OFFSET:  165

FAILURE_BUCKET_ID:  AV_R_INVALID_nt!FsRtlCheckOplockEx

BUCKET_ID:  AV_R_INVALID_nt!FsRtlCheckOplockEx

PRIMARY_PROBLEM_CLASS:  AV_R_INVALID_nt!FsRtlCheckOplockEx

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  km:av_r_invalid_nt!fsrtlcheckoplockex

FAILURE_ID_HASH:  {5cd1180b-b3a0-93c9-a226-644d09e5c2fd}

Followup:     MachineOwner
---------

And the other one:

Microsoft (R) Windows Debugger Version 10.0.10240.9 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\092315-17718-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available


************* Symbol Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       
Symbol search path is: 
Executable search path is:
No .natvis files found at C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\Visualizers.
Windows 10 Kernel Version 10240 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 10240.16463.amd64fre.th1.150819-1946
Machine Name:
Kernel base = 0xfffff802`c2011000 PsLoadedModuleList = 0xfffff802`c2336030
Debug session time: Wed Sep 23 16:01:01.137 2015 (UTC + 1:00)
System Uptime: 0 days 2:56:33.874
Loading Kernel Symbols
.

Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.

..............................................................
................................................................
........................................
Loading User Symbols
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 50, {ffffdc00a3f21a18, 0, fffff800f3f67557, 2}


Could not read faulting driver name
Probably caused by : FLTMGR.SYS ( FLTMGR!TreeUnlinkMulti+47 )

Followup:     MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced.  This cannot be protected by try-except.
Typically the address is just plain bad or it is pointing at freed memory.
Arguments:
Arg1: ffffdc00a3f21a18, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffff800f3f67557, If non-zero, the instruction address which referenced the bad memory
    address.
Arg4: 0000000000000002, (reserved)

Debugging Details:
------------------


Could not read faulting driver name

SYSTEM_VERSION:         

BIOS_DATE:  10/02/2009

BASEBOARD_PRODUCT:  D2950-A1

BASEBOARD_VERSION:  S26361-D2950-A1

BUGCHECK_P1: ffffdc00a3f21a18

BUGCHECK_P2: 0

BUGCHECK_P3: fffff800f3f67557

BUGCHECK_P4: 2

READ_ADDRESS: fffff802c23d5500: Unable to get MiVisibleState
ffffdc00a3f21a18

FAULTING_IP:
FLTMGR!TreeUnlinkMulti+47
fffff800`f3f67557 488b4320        mov     rax,qword ptr [rbx+20h]

MM_INTERNAL_CODE:  2

CPU_COUNT: 2

CPU_MHZ: a8c

CPU_VENDOR:  GenuineIntel

CPU_FAMILY: 6

CPU_MODEL: 17

CPU_STEPPING: a

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT

BUGCHECK_STR:  AV

PROCESS_NAME:  System

CURRENT_IRQL:  0

ANALYSIS_VERSION: 10.0.10240.9 amd64fre

TRAP_FRAME:  ffffd000c326f440 -- (.trap 0xffffd000c326f440)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=ffffe000ab202b00
rdx=ffffe000ab1c7f20 rsi=0000000000000000 rdi=0000000000000000
rip=fffff800f3f67557 rsp=ffffd000c326f5d0 rbp=ffffe000ab1c7f20
r8=ffffffffffffffff  r9=0000000000000000 r10=7fffe000ab202ae8
r11=7ffffffffffffffc r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz na pe nc
FLTMGR!TreeUnlinkMulti+0x47:
fffff800`f3f67557 488b4320        mov     rax,qword ptr [rbx+20h] ds:00000000`00000020=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff802c21af095 to fffff802c215f240

STACK_TEXT: 
ffffd000`c326f1f8 fffff802`c21af095 : 00000000`00000050 ffffdc00`a3f21a18 00000000`00000000 ffffd000`c326f440 : nt!KeBugCheckEx
ffffd000`c326f200 fffff802`c2030536 : 00000000`00000000 00000000`00000000 ffffd000`c326f440 fffffa80`03901290 : nt! ?? ::FNODOBFM::`string'+0x41295
ffffd000`c326f2f0 fffff802`c21682bd : 3045464d`00000014 ffffe000`a151b510 00000000`00000000 ffffe000`a151c040 : nt!MmAccessFault+0x696
ffffd000`c326f440 fffff800`f3f67557 : ffffffff`ffffffff 00000000`10000004 ffffe000`ab1c7f20 ffffe000`a2d34010 : nt!KiPageFault+0x13d
ffffd000`c326f5d0 fffff800`f3f93ec9 : ffffe000`ab202a80 ffffe000`00000002 ffffe000`a27f3010 00000000`00000000 : FLTMGR!TreeUnlinkMulti+0x47
ffffd000`c326f620 fffff800`f3f64aeb : ffffe000`a2d35490 ffffe000`ab1c7f20 ffffe000`ab1c7f20 ffffd000`c326f739 : FLTMGR!FltpRemoveAllNamesCachedForFileObject+0xa9
ffffd000`c326f690 fffff800`f3f641dc : ffffd000`c326f880 ffffe000`a162d400 fffff802`c2357f02 ffffe000`aa438300 : FLTMGR!FltpPerformPreCallbacks+0x7bb
ffffd000`c326f7a0 fffff800`f3f63c03 : ffffe000`aa4383a0 ffffd000`c326f880 ffffe000`aa4383a0 ffffd000`c326f890 : FLTMGR!FltpPassThroughInternal+0x8c
ffffd000`c326f7d0 fffff800`f3f639fe : ffffffff`fffe7960 ffffe000`a28edbf0 00000000`00000000 ffffc000`a3ea9bb0 : FLTMGR!FltpPassThrough+0x173
ffffd000`c326f860 fffff802`c24a994f : ffffe000`ab1c7f20 ffffc000`a3ea9bb0 00000000`00000001 ffffe000`a1542030 : FLTMGR!FltpDispatch+0x9e
ffffd000`c326f8c0 fffff802`c243c558 : ffffc000`a3ea9bb0 00000000`00000000 ffffe000`a1634c60 fffff802`c2357a80 : nt!IopDeleteFile+0x12f
ffffd000`c326f940 fffff802`c205896f : 00000000`00000000 00000000`00000000 ffffc000`a3ea9bb0 ffffe000`ab1c7f20 : nt!ObpRemoveObjectRoutine+0x78
ffffd000`c326f9a0 fffff802`c2446c2d : 00000000`00088081 ffffe000`ab2d9ce0 00000000`00000000 00000000`00000000 : nt!ObfDereferenceObject+0xbf
ffffd000`c326f9e0 fffff802`c212776f : fffff802`c23524c0 ffffd000`c326faa0 ffffe000`ab2d9ce8 00000000`00000000 : nt!MiSegmentDelete+0x121
ffffd000`c326fa20 fffff802`c21451a5 : fffff802`c2357a80 00000000`00000000 fffff802`c2357f10 fffff802`c2357a80 : nt!MiProcessDereferenceList+0x10b
ffffd000`c326fad0 fffff802`c20f7e88 : 80000000`006c0121 ffffe000`a1638040 00000000`00000080 ffffe000`a151c040 : nt!MiDereferenceSegmentThread+0x121
ffffd000`c326fd00 fffff802`c2164326 : fffff802`c2374180 ffffe000`a1638040 fffff802`c23ea740 80000000`006c0121 : nt!PspSystemThreadStartup+0x58
ffffd000`c326fd60 00000000`00000000 : ffffd000`c3270000 ffffd000`c326a000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x16


STACK_COMMAND:  kb

FOLLOWUP_IP:
FLTMGR!TreeUnlinkMulti+47
fffff800`f3f67557 488b4320        mov     rax,qword ptr [rbx+20h]

SYMBOL_STACK_INDEX:  4

SYMBOL_NAME:  FLTMGR!TreeUnlinkMulti+47

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: FLTMGR

IMAGE_NAME:  FLTMGR.SYS

DEBUG_FLR_IMAGE_TIMESTAMP:  559f383f

IMAGE_VERSION:  10.0.10240.16384

BUCKET_ID_FUNC_OFFSET:  47

FAILURE_BUCKET_ID:  AV_R_INVALID_FLTMGR!TreeUnlinkMulti

BUCKET_ID:  AV_R_INVALID_FLTMGR!TreeUnlinkMulti

PRIMARY_PROBLEM_CLASS:  AV_R_INVALID_FLTMGR!TreeUnlinkMulti

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  km:av_r_invalid_fltmgr!treeunlinkmulti

FAILURE_ID_HASH:  {4b324e3e-0a0b-c995-dded-a6bf7681490b}

Followup:     MachineOwner
---------

 

[kemical]

Hi,
please read the thread posted here:
How to ask for help with a BSOD problem

We need to see your actual dump files and the above thread as an app which will collect all the information we need. Please post the results.

 

[Vitalijs]

My apologies,

Here is the zip file, another BSOD happened 15 min ago while browsing chrome...

Edited at 16:00 GMT

 

[kemical]

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1A, {41793, fffff68000035870, f, e}

Probably caused by : ntkrnlmp.exe ( nt! ?? ::FNODOBFM::`string'+20a0e )

Followup: MachineOwner

Hi,
you have two types of Bugcheck. Bugcheck 50 which can be caused by failing hardware (usually RAM), Anti-Virus apps and an out of date bios. The above Bugcheck means a severe memory management issue occurred and coupled with the Bugcheck 50 could well mean you have some failing RAM. However I would first try uninstalling McAfee as well as the drivers listed below:

tapoas.sys Mon Jul 12 01:31:59 2010: OpenVPN Virtual Network Driver please update:
OpenVPN - Open Source VPN

As your system is of some age drivers or at least up to date drivers aren't really available although you can do something about the AV and the above driver.

If the bsod continues then you'll need to test your RAM. Windows does have a memory testing app but it can miss errors and the best app for the job is Memtest86.
If you open the link below you'll see you can run Memtest86 in two ways. You can either burn it to disk or install it onto a USB drive it's entirely up to you. You'll then need to enter the bios to change the boot order so you can boot from either the Disk or USB stick you have Memtest86 on.
You must test for at least 12 hours unless it becomes obvious there is a problem straight away (you'll see errors outlined in red.
Memtest86+ - Advanced Memory Diagnostic Tool


Post any new dump files.

 

[Vitalijs]

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1A, {41793, fffff68000035870, f, e}

Probably caused by : ntkrnlmp.exe ( nt! ?? ::FNODOBFM::`string'+20a0e )

Followup: MachineOwner

Hi,
you have two types of Bugcheck. Bugcheck 50 which can be caused by failing hardware (usually RAM), Anti-Virus apps and an out of date bios. The above Bugcheck means a severe memory management issue occurred and coupled with the Bugcheck 50 could well mean you have some failing RAM. However I would first try uninstalling McAfee as well as the drivers listed below:

tapoas.sys Mon Jul 12 01:31:59 2010: OpenVPN Virtual Network Driver please update:
OpenVPN - Open Source VPN

As your system is of some age drivers or at least up to date drivers aren't really available although you can do something about the AV and the above driver.

If the bsod continues then you'll need to test your RAM. Windows does have a memory testing app but it can miss errors and the best app for the job is Memtest86.
If you open the link below you'll see you can run Memtest86 in two ways. You can either burn it to disk or install it onto a USB drive it's entirely up to you. You'll then need to enter the bios to change the boot order so you can boot from either the Disk or USB stick you have Memtest86 on.
You must test for at least 12 hours unless it becomes obvious there is a problem straight away (you'll see errors outlined in red.
Memtest86+ - Advanced Memory Diagnostic Tool


Post any new dump files.

Do you suggest to reinstall McAfee or get rid of it completely ?
Also I can't locate "OpenVPN Virtual Network Driver" to uninstall it, is it TAP-Win32 Adapter OAS (blank - #6) and TAP-Windows Adapter v9 (blank - #3)?

 

[kemical]

Try removing it totally for now. You can always re-install later. Just use the onboard defender for this period as it's very stable.

Try checking your add and remove programs and see if you have anything installed relating to VPN. If so either remove or update.

 

[Vitalijs]

Try removing it totally for now. You can always re-install later. Just use the onboard defender for this period as it's very stable.

Try checking your add and remove programs and see if you have anything installed relating to VPN. If so either remove or update.

McAfee and vpn related apps and drivers was uninstalled but BSOD happen again twice in a row when i started Speccy app from Piriform to check my bios version as I think it's out of date (could be 2009 or 2010 version) and you mentioned something about outdated bios.
So, what do we have now, RAM or bios? do you need last 2 BSOD reports?

Bios version - 6.00 R1.05.2950.A1

 

[kemical]

Yup test your RAM. Also did you check to see if your machine is compatible with windows 10? The only drivers I could find for it were for XP so it must be quite old.

 

[Vitalijs]

Yup test your RAM. Also did you check to see if your machine is compatible with windows 10? The only drivers I could find for it were for XP so it must be quite old.

Ok, I'll test my RAM.
Yes I did check compability and everything was ok. I have Pentium(R) Dual-Core CPU E5400 2.70GHz
Previously I had Windows 7 for years and BSOD started to appear maybe 5-6 months ago maybe once per month or sometimes twice. But as I installed Windows 10 last week, it is happening daily...
Few months ago I had Ubuntu installed on my pc for a week and I think even then BSOD appeared and I went back to Windows 7. I thought it was faulty graphics card...

 

[Vitalijs]

Yup test your RAM. Also did you check to see if your machine is compatible with windows 10? The only drivers I could find for it were for XP so it must be quite old.

Tested for 15 min, system made 8 tests, there was errors in every single test, in total 2002 errors in 8 tests.
Do I still need to test it for 12 hours or this is it and the ram is faulty?

 

[kemical]

No need to test for 12hrs. RAM is faulty I'm afraid. You could try and find which stick is bad but if you only have two sticks it's not really worth it as RAM kit's usually come in either two or 4 sticks so you may as well just replace both.

 

[Vitalijs]

No need to test for 12hrs. RAM is faulty I'm afraid. You could try and find which stick is bad but if you only have two sticks it's not really worth it as RAM kit's usually come in either two or 4 sticks so you may as well just replace both.

Thanks god it's not a graphics card, I have only 2 sticks by 2Gb each, I think I'll buy 1 4Gb stick and will replace the faulty one (hope just 1 is faulty ).
Thank you very much for your assistance!

 

[kemical]

Your very welcome. Any problems post back..