Need help trying to localize problem (minidump analysis included)

By alphagamma
Feb 26, 2008
  1. I have this problem since September last year, always the same problem:


    Always: nt!RtlInitUnicodeString+1b

    changes: mostly explorer.exe, sometimes firefox.exe, SyncBack.exe

    It has something to do with hard disk access I think, it always happens during excessive hard disk access, and doesn't depend on one hard disk.

    I've checked all my drives with surface scan: no errors.
    Done a full memtest: no errors.

    The error time pattern is very random. Last 1,5 month it didn't happen and then suddenly it happens 2 days in a row. Maximum I've had was 2 times on a day.

    I've Included the last 2 minidumps and corresponding analysis with kz.
  2. peterdiva

    peterdiva TechSpot Ambassador Posts: 1,088

  3. pioneerx01

    pioneerx01 TS Maniac Posts: 274

    I am sorry, but I can't read minidumps, but if you think it is the HDD there is one more test you can do to see if it is faulty. download free HD-SPEED. Run it on your C drive and log the results. It will go through the HDD sector by sector and it will tell you where the errors are and how many. There is also a percentage indicator let it run all the way from 0% to 100%. if there are errors found that is what might be causing the problems. Attack the log if you can.
  4. alphagamma

    alphagamma TS Rookie Topic Starter

    Hmm weird I scan with ClamAV weekly never said anything about it.
    But anyway do you think this also causes the error?

    Checked all of my kz analysis files of this error and they all contain that yqfprhqr.sys and earlier ones (other errors) do not, so it could be the problem
    Hmm it seems to have special hiding tricks, should remember to run rootkitrevealer next to clamav.
    Now I just have to get it from my pc.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...