BSOD: za każdym razem około 5 minut po włączeniu komputera

Zaloguj się Zarejestruj się

Całe forum

Przeszukaj

Całe forum

Użytkownicy

Odpowiedz

Tryb drzewa \| Tryb normalny BSOD: za każdym razem około 5 minut po włączeniu komputera
Wojtek.wk Nowy Liczba postów: 7	Post: #1 BSOD: za każdym razem około 5 minut po włączeniu komputera Hej, nie jestem pewien czy to odpowiedni dział, ale lepszego nie znalazłem. Mam taki bardzo wkurzający problem - po ok. 5 minut po każdym uruchomieniu komputera, dostaję niebieski ekran i komputer restartuje się. Po restarcie już działa w porządku (czasami zdarzy się, że BSOD pokaże się jeszcze raz). Nie jestem pewien jakie logi przydadzą się do analizy, ale wklejam dumpy z programu BlueScreenView. Jak będzie trzeba, wykonam dodatkowe testy. Będę bardzo wdzięczny za wszelką pomoc! Załączone pliki BSOD_dumps.txt (Rozmiar: 46.12 KB / Pobrań: 2) 30.10.2012 22:59
Podziękowania od:

thermalfake Ostatni Mohikanin Liczba postów: 13.580	Post: #2 RE: BSOD 5 minut po uruchomieniu komputera No jest sporo różnych ale ten raport jest bezwartościowy do analizy. Pozrzucaj pliki *.dmp z C:\windows\minidump Podrzuć także plik dziennika systemowego c:\Windows\System32\winevt\Logs\system.evtx W zamian za pomoc oczekuję poprawnej pisowni. Stop niechlujstwu. Jak mądrze zadawać pytania? - przejrzyj poradnik na forum. Nie udzielam porad via PW. 30.10.2012 23:41
Podziękowania od:

Wojtek.wk Nowy Liczba postów: 7	Post: #3 RE: BSOD 5 minut po uruchomieniu komputera (30.10.2012 23:41)thermalfake napisał(a): No jest sporo różnych ale ten raport jest bezwartościowy do analizy. Pozrzucaj pliki .dmp z C:\windows\minidump Podrzuć także plik dziennika systemowego c:\Windows\System32\winevt\Logs\system.evtx Dziękuję bardzo za odpowiedź! Pliki, o których piszesz, są w załączniku. Załączone pliki* dump.zip (Rozmiar: 613.99 KB / Pobrań: 4) 31.10.2012 16:26
Podziękowania od:

thermalfake Ostatni Mohikanin Liczba postów: 13.580	Post: #4 RE: BSOD 5 minut po uruchomieniu komputera Pokręciłeś pliki c:\Windows\System32\winevt\Logs\system.evtx a nie setup.evtx Na razie same zrzuty, potem opiszę co i jak. Kod: Microsoft (R) Windows Debugger Version 6.12.0002.633 X86 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C: \Users\user\Desktop\bsody\22\dump\Minidump\103012-23805-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: symsrvsymsrv.dllc: \symbhttp: //msdl.microsoft.com/download/symbols Executable search path is: Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333 Machine Name: Kernel base = 0xfffff800`0404f000 PsLoadedModuleList = 0xfffff800`04293670 Debug session time: Tue Oct 30 13: 57: 18.117 2012 (UTC + 1: 00) System Uptime: 0 days 0: 07: 09.507 Loading Kernel Symbols ............................................................... ................................................................ .................................................. Loading User Symbols Loading unloaded module list .... ****************************************************************************** * * * Bugcheck Analysis * * * ***************************************************************************** Use !analyze -v to get detailed debugging information. BugCheck 7F, {8, 80050031, 6f8, fffff800041087c7} Probably caused by : ntkrnlmp.exe ( nt!KiDoubleFaultAbort+b2 ) Followup: MachineOwner --------- 3: kd> !analyze -v;r;kv;lmtn;.bugcheck;!sysinfo cpuinfo;!sysinfo machineid; !sysinfo cpuspeed; !sysinfo smbios ***************************************************************************** * * * Bugcheck Analysis * * * ******************************************************************************* UNEXPECTED_KERNEL_MODE_TRAP (7f) This means a trap occurred in kernel mode, and it's a trap of a kind that the kernel isn't allowed to have/catch (bound trap) or that is always instant death (double fault). The first number in the bugcheck params is the number of the trap (8 = double fault, etc) Consult an Intel x86 family manual to learn more about what these traps are. Here is a portion of those codes: If kv shows a taskGate use .tss on the part before the colon, then kv. Else if kv shows a trapframe use .trap on that value Else .trap on the appropriate frame will show where the trap was taken (on x86, this will be the ebp that goes with the procedure KiTrap) Endif kb will then show the corrected stack. Arguments: Arg1: 0000000000000008, EXCEPTION_DOUBLE_FAULT Arg2: 0000000080050031 Arg3: 00000000000006f8 Arg4: fffff800041087c7 Debugging Details: ------------------ BUGCHECK_STR: 0x7f_8 CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT PROCESS_NAME: firefox.exe CURRENT_IRQL: 0 EXCEPTION_RECORD: fffff880039aa558 -- (.exr 0xfffff880039aa558) ExceptionAddress: fffff800040f78f0 (nt!RtlDispatchException+0x0000000000000440) ExceptionCode: 10000002 ExceptionFlags: 00000000 NumberParameters: 0 TRAP_FRAME: fffff880039aa600 -- (.trap 0xfffff880039aa600) NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. rax=0000000000000001 rbx=0000000000000000 rcx=0000000000000000 rdx=0000000000000001 rsi=0000000000000000 rdi=0000000000000000 rip=fffff800040f78f0 rsp=fffff880039aa790 rbp=fffff880039ab648 r8=fffff880039aaea0 r9=fffff880039aa820 r10=0000000000000000 r11=fffff880039aa700 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei pl nz na po cy nt!RtlDispatchException+0x440: fffff800`040f78f0 0f84d4ca0000 je nt! ? : FNODOBFM: `string'+0x3006f (fffff800`041043ca) [br=0] Resetting default scope LAST_CONTROL_TRANSFER: from fffff800040cd569 to fffff800040cdfc0 STACK_TEXT: fffff880`02fd9ce8 fffff800`040cd569 : 00000000`0000007f 00000000`00000008 00000000`80050031 00000000`000006f8 : nt!KeBugCheckEx fffff880`02fd9cf0 fffff800`040cba32 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69 fffff880`02fd9e30 fffff800`041087c7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDoubleFaultAbort+0xb2 fffff880`039a9d80 fffff800`040cd642 : fffff880`039aa558 fffff800`04211ff4 fffff880`039aa600 fffff800`0404f000 : nt!KiDispatchException+0xab fffff880`039aa420 fffff800`040cb79f : fffff880`039aa600 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0xc2 fffff880`039aa600 fffff800`040f78f0 : fffff800`04211ff4 fffff880`039aa7d8 fffff880`039ab648 fffff800`0404f000 : nt!KiInvalidOpcodeFault+0x11f fffff880`039aa790 fffff800`04108851 : fffff880`039ab648 fffff880`039aaea0 fffff880`00000000 00000000`00000000 : nt!RtlDispatchException+0x440 fffff880`039aae70 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDispatchException+0x135 STACK_COMMAND: kb FOLLOWUP_IP: nt!KiDoubleFaultAbort+b2 fffff800`040cba32 90 nop SYMBOL_STACK_INDEX: 2 SYMBOL_NAME: nt!KiDoubleFaultAbort+b2 FOLLOWUP_NAME: MachineOwner MODULE_NAME: nt IMAGE_NAME: ntkrnlmp.exe DEBUG_FLR_IMAGE_TIMESTAMP: 503f82be FAILURE_BUCKET_ID: X64_0x7f_8_nt!KiDoubleFaultAbort+b2 BUCKET_ID: X64_0x7f_8_nt!KiDoubleFaultAbort+b2 Followup: MachineOwner --------- rax=fffff88002fd9df0 rbx=fffff880039aa558 rcx=000000000000007f rdx=0000000000000008 rsi=fffff880039aa600 rdi=0000000000000000 rip=fffff800040cdfc0 rsp=fffff88002fd9ce8 rbp=fffff88002fd9eb0 r8=0000000080050031 r9=00000000000006f8 r10=fffff800041087c7 r11=00000000000004f7 r12=fffff880039a9db0 r13=000000000010001f r14=fffff880039aa420 r15=0000000000000000 iopl=0 nv up ei ng nz na po nc cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00000286 nt!KeBugCheckEx: fffff800`040cdfc0 48894c2408 mov qword ptr [rsp+8],rcx ss: 0018: fffff880`02fd9cf0=000000000000007f Child-SP RetAddr : Args to Child : Call Site fffff880`02fd9ce8 fffff800`040cd569 : 00000000`0000007f 00000000`00000008 00000000`80050031 00000000`000006f8 : nt!KeBugCheckEx fffff880`02fd9cf0 fffff800`040cba32 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69 fffff880`02fd9e30 fffff800`041087c7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDoubleFaultAbort+0xb2 (TrapFrame @ fffff880`02fd9e30) fffff880`039a9d80 fffff800`040cd642 : fffff880`039aa558 fffff800`04211ff4 fffff880`039aa600 fffff800`0404f000 : nt!KiDispatchException+0xab fffff880`039aa420 fffff800`040cb79f : fffff880`039aa600 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0xc2 fffff880`039aa600 fffff800`040f78f0 : fffff800`04211ff4 fffff880`039aa7d8 fffff880`039ab648 fffff800`0404f000 : nt!KiInvalidOpcodeFault+0x11f (TrapFrame @ fffff880`039aa600) fffff880`039aa790 fffff800`04108851 : fffff880`039ab648 fffff880`039aaea0 fffff880`00000000 00000000`00000000 : nt!RtlDispatchException+0x440 fffff880`039aae70 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDispatchException+0x135 start end module name fffff800`00bbd000 fffff800`00bc7000 kdcom kdcom.dll Sat Feb 05 17: 52: 49 2011 (4D4D8061) fffff800`04006000 fffff800`0404f000 hal hal.dll Sat Nov 20 14: 00: 25 2010 (4CE7C669) fffff800`0404f000 fffff800`04637000 nt ntkrnlmp.exe Thu Aug 30 17: 11: 58 2012 (503F82BE) fffff880`00c08000 fffff880`00c57000 mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Sat Nov 20 14: 03: 51 2010 (4CE7C737) fffff880`00c57000 fffff880`00c6b000 PSHED PSHED.dll Tue Jul 14 03: 32: 23 2009 (4A5BE027) fffff880`00c6b000 fffff880`00cc9000 CLFS CLFS.SYS Tue Jul 14 01: 19: 57 2009 (4A5BC11D) fffff880`00cc9000 fffff880`00d89000 CI CI.dll Sat Nov 20 14: 12: 36 2010 (4CE7C944) fffff880`00d89000 fffff880`00da9000 vmci vmci.sys Wed Jul 27 04: 42: 09 2011 (4E2F7B01) fffff880`00da9000 fffff880`00dc3000 mountmgr mountmgr.sys Sat Nov 20 10: 19: 21 2010 (4CE79299) fffff880`00dc3000 fffff880`00dff000 vmbus vmbus.sys Sat Nov 20 10: 57: 29 2010 (4CE79B89) fffff880`00e00000 fffff880`00e15000 volmgr volmgr.sys Sat Nov 20 10: 19: 28 2010 (4CE792A0) fffff880`00e15000 fffff880`00e71000 volmgrx volmgrx.sys Sat Nov 20 10: 20: 43 2010 (4CE792EB) fffff880`00e71000 fffff880`00e78000 pciide pciide.sys Tue Jul 14 01: 19: 49 2009 (4A5BC115) fffff880`00e7d000 fffff880`00f21000 Wdf01000 Wdf01000.sys Tue Jul 14 01: 22: 07 2009 (4A5BC19F) fffff880`00f21000 fffff880`00f30000 WDFLDR WDFLDR.SYS Tue Jul 14 01: 19: 54 2009 (4A5BC11A) fffff880`00f30000 fffff880`00f87000 ACPI ACPI.sys Sat Nov 20 10: 19: 16 2010 (4CE79294) fffff880`00f87000 fffff880`00f90000 WMILIB WMILIB.SYS Tue Jul 14 01: 19: 51 2009 (4A5BC117) fffff880`00f90000 fffff880`00f9a000 msisadrv msisadrv.sys Tue Jul 14 01: 19: 26 2009 (4A5BC0FE) fffff880`00f9a000 fffff880`00fcd000 pci pci.sys Sat Nov 20 10: 19: 11 2010 (4CE7928F) fffff880`00fcd000 fffff880`00fda000 vdrvroot vdrvroot.sys Tue Jul 14 02: 01: 31 2009 (4A5BCADB) fffff880`00fda000 fffff880`00fef000 partmgr partmgr.sys Sat Mar 17 06: 06: 09 2012 (4F641BC1) fffff880`00fef000 fffff880`00fff000 PCIIDEX PCIIDEX.SYS Tue Jul 14 01: 19: 48 2009 (4A5BC114) fffff880`01000000 fffff880`01072000 cng cng.sys Fri Aug 24 17: 47: 16 2012 (5037A204) fffff880`01083000 fffff880`01097000 winhv winhv.sys Sat Nov 20 10: 20: 02 2010 (4CE792C2) fffff880`01097000 fffff880`010a0000 atapi atapi.sys Tue Jul 14 01: 19: 47 2009 (4A5BC113) fffff880`010a0000 fffff880`010ca000 ataport ataport.SYS Sat Nov 20 10: 19: 15 2010 (4CE79293) fffff880`010ca000 fffff880`010d5000 msahci msahci.sys Sat Nov 20 11: 33: 58 2010 (4CE7A416) fffff880`010d5000 fffff880`010e0000 amdxata amdxata.sys Fri Mar 19 17: 18: 18 2010 (4BA3A3CA) fffff880`010e0000 fffff880`0112c000 fltmgr fltmgr.sys Sat Nov 20 10: 19: 24 2010 (4CE7929C) fffff880`0112c000 fffff880`01140000 fileinfo fileinfo.sys Tue Jul 14 01: 34: 25 2009 (4A5BC481) fffff880`01140000 fffff880`01178000 MpFilter MpFilter.sys Fri Aug 24 01: 03: 14 2012 (5036B6B2) fffff880`01178000 fffff880`011d6000 msrpc msrpc.sys Sat Nov 20 10: 21: 56 2010 (4CE79334) fffff880`01200000 fffff880`0120a000 Fs_Rec Fs_Rec.sys Thu Mar 01 04: 41: 06 2012 (4F4EEFD2) fffff880`0122c000 fffff880`013cf000 Ntfs Ntfs.sys Fri Aug 31 17: 14: 14 2012 (5040D4C6) fffff880`013cf000 fffff880`013ea000 ksecdd ksecdd.sys Sat Jun 02 04: 50: 23 2012 (4FC97F6F) fffff880`013ea000 fffff880`013fb000 pcw pcw.sys Tue Jul 14 01: 19: 27 2009 (4A5BC0FF) fffff880`01400000 fffff880`0144a000 fwpkclnt fwpkclnt.sys Wed Aug 22 17: 10: 49 2012 (5034F679) fffff880`0144a000 fffff880`0145a000 vmstorfl vmstorfl.sys Sat Nov 20 10: 57: 30 2010 (4CE79B8A) fffff880`01461000 fffff880`01553000 ndis ndis.sys Wed Aug 22 17: 11: 46 2012 (5034F6B2) fffff880`01553000 fffff880`015b3000 NETIO NETIO.SYS Wed Aug 22 17: 11: 28 2012 (5034F6A0) fffff880`015b3000 fffff880`015de000 ksecpkg ksecpkg.sys Fri Aug 24 17: 48: 29 2012 (5037A24D) fffff880`01600000 fffff880`01800000 tcpip tcpip.sys Wed Aug 22 17: 13: 43 2012 (5034F727) fffff880`01839000 fffff880`01885000 volsnap volsnap.sys Sat Nov 20 10: 20: 08 2010 (4CE792C8) fffff880`01885000 fffff880`0188d000 spldr spldr.sys Mon May 11 18: 56: 27 2009 (4A0858BB) fffff880`0188d000 fffff880`018c7000 rdyboost rdyboost.sys Sat Nov 20 10: 43: 10 2010 (4CE7982E) fffff880`018c7000 fffff880`018d9000 mup mup.sys Tue Jul 14 01: 23: 45 2009 (4A5BC201) fffff880`018d9000 fffff880`018e2000 hwpolicy hwpolicy.sys Sat Nov 20 10: 18: 54 2010 (4CE7927E) fffff880`018e2000 fffff880`0191c000 fvevol fvevol.sys Sat Nov 20 10: 24: 06 2010 (4CE793B6) fffff880`0191c000 fffff880`01932000 disk disk.sys Tue Jul 14 01: 19: 57 2009 (4A5BC11D) fffff880`01932000 fffff880`01962000 CLASSPNP CLASSPNP.SYS Sat Nov 20 10: 19: 23 2010 (4CE7929B) fffff880`01998000 fffff880`019c2000 cdrom cdrom.sys Sat Nov 20 10: 19: 20 2010 (4CE79298) fffff880`019c2000 fffff880`019e3000 NisDrvWFP NisDrvWFP.sys Fri Aug 24 01: 03: 36 2012 (5036B6C8) fffff880`03a00000 fffff880`03a24000 mrxsmb20 mrxsmb20.sys Wed Apr 27 04: 39: 37 2011 (4DB781E9) fffff880`03a24000 fffff880`03a30000 hcmon hcmon.sys Tue Aug 30 08: 05: 35 2011 (4E5C7DAF) fffff880`03a30000 fffff880`03a3b000 VMparport VMparport.sys Wed Jan 18 22: 11: 47 2012 (4F173593) fffff880`03a48000 fffff880`03ad4000 bthport bthport.sys Fri Jul 06 22: 07: 41 2012 (4FF7458D) fffff880`03ad4000 fffff880`03af1000 usbccgp usbccgp.sys Fri Mar 25 04: 29: 14 2011 (4D8C0C0A) fffff880`03af1000 fffff880`03aff000 hidusb hidusb.sys Sat Nov 20 11: 43: 49 2010 (4CE7A665) fffff880`03aff000 fffff880`03b18000 HIDCLASS HIDCLASS.SYS Sat Nov 20 11: 43: 49 2010 (4CE7A665) fffff880`03b18000 fffff880`03b20080 HIDPARSE HIDPARSE.SYS Tue Jul 14 02: 06: 17 2009 (4A5BCBF9) fffff880`03b21000 fffff880`03b2f000 kbdhid kbdhid.sys Sat Nov 20 11: 33: 25 2010 (4CE7A3F5) fffff880`03b2f000 fffff880`03b3a000 VMkbd VMkbd.sys Wed Jan 18 23: 30: 36 2012 (4F17480C) fffff880`03b3a000 fffff880`03b47000 mouhid mouhid.sys Tue Jul 14 02: 00: 20 2009 (4A5BCA94) fffff880`03b47000 fffff880`03b73000 rfcomm rfcomm.sys Tue Jul 14 02: 06: 56 2009 (4A5BCC20) fffff880`03b73000 fffff880`03b83000 BthEnum BthEnum.sys Tue Jul 14 02: 06: 52 2009 (4A5BCC1C) fffff880`03b83000 fffff880`03ba3000 bthpan bthpan.sys Tue Jul 14 02: 07: 00 2009 (4A5BCC24) fffff880`03ba3000 fffff880`03bba000 bthmodem bthmodem.sys Tue Jul 14 02: 06: 52 2009 (4A5BCC1C) fffff880`03bba000 fffff880`03bc9000 modem modem.sys Tue Jul 14 02: 10: 48 2009 (4A5BCD08) fffff880`03bc9000 fffff880`03bda000 vmnetbridge vmnetbridge.sys Fri Jul 08 09: 44: 44 2011 (4E16B56C) fffff880`03bda000 fffff880`03be4000 VMNET VMNET.SYS Fri Jul 08 09: 43: 55 2011 (4E16B53B) fffff880`03be4000 fffff880`03bf9000 lltdio lltdio.sys Tue Jul 14 02: 08: 50 2009 (4A5BCC92) fffff880`03e00000 fffff880`03e51000 rdbss rdbss.sys Sat Nov 20 10: 27: 51 2010 (4CE79497) fffff880`03e5c000 fffff880`03eed000 cmdguard cmdguard.sys Sun Mar 11 21: 47: 16 2012 (4F5D0F54) fffff880`03eed000 fffff880`03ef6000 Null Null.SYS Tue Jul 14 01: 19: 37 2009 (4A5BC109) fffff880`03ef6000 fffff880`03efd000 Beep Beep.SYS Tue Jul 14 02: 00: 13 2009 (4A5BCA8D) fffff880`03efd000 fffff880`03f0b000 vga vga.sys Tue Jul 14 01: 38: 47 2009 (4A5BC587) fffff880`03f0b000 fffff880`03f30000 VIDEOPRT VIDEOPRT.SYS Tue Jul 14 01: 38: 51 2009 (4A5BC58B) fffff880`03f30000 fffff880`03f40000 watchdog watchdog.sys Tue Jul 14 01: 37: 35 2009 (4A5BC53F) fffff880`03f40000 fffff880`03f49000 RDPCDD RDPCDD.sys Tue Jul 14 02: 16: 34 2009 (4A5BCE62) fffff880`03f49000 fffff880`03f52000 rdpencdd rdpencdd.sys Tue Jul 14 02: 16: 34 2009 (4A5BCE62) fffff880`03f52000 fffff880`03f5b000 rdprefmp rdprefmp.sys Tue Jul 14 02: 16: 35 2009 (4A5BCE63) fffff880`03f5b000 fffff880`03f66000 Msfs Msfs.SYS Tue Jul 14 01: 19: 47 2009 (4A5BC113) fffff880`03f66000 fffff880`03f77000 Npfs Npfs.SYS Tue Jul 14 01: 19: 48 2009 (4A5BC114) fffff880`03f77000 fffff880`03f99000 tdx tdx.sys Sat Nov 20 10: 21: 54 2010 (4CE79332) fffff880`03f99000 fffff880`03fa6000 TDI TDI.SYS Sat Nov 20 10: 22: 06 2010 (4CE7933E) fffff880`03fa6000 fffff880`03fb2000 cmdhlp cmdhlp.sys Sun Mar 11 21: 46: 18 2012 (4F5D0F1A) fffff880`03fb2000 fffff880`03fd5000 luafv luafv.sys Tue Jul 14 01: 26: 13 2009 (4A5BC295) fffff880`03fd5000 fffff880`03fe7000 vmx86 vmx86.sys Thu Jan 19 00: 33: 10 2012 (4F1756B6) fffff880`04000000 fffff880`0405a000 usbhub usbhub.sys Fri Mar 25 04: 29: 25 2011 (4D8C0C15) fffff880`0405a000 fffff880`0406f000 NDProxy NDProxy.SYS Sat Nov 20 11: 52: 20 2010 (4CE7A864) fffff880`0406f000 fffff880`04091000 drmk drmk.sys Tue Jul 14 03: 01: 25 2009 (4A5BD8E5) fffff880`04091000 fffff880`0409f000 crashdmp crashdmp.sys Tue Jul 14 02: 01: 01 2009 (4A5BCABD) fffff880`0409f000 fffff880`040b2000 dump_dumpfve dump_dumpfve.sys Tue Jul 14 01: 21: 51 2009 (4A5BC18F) fffff880`040bc000 fffff880`0413f000 csc csc.sys Sat Nov 20 10: 27: 12 2010 (4CE79470) fffff880`0413f000 fffff880`0415d000 dfsc dfsc.sys Sat Nov 20 10: 26: 31 2010 (4CE79447) fffff880`0415d000 fffff880`0416e000 blbdrive blbdrive.sys Tue Jul 14 01: 35: 59 2009 (4A5BC4DF) fffff880`0416e000 fffff880`04194000 tunnel tunnel.sys Sat Nov 20 11: 51: 50 2010 (4CE7A846) fffff880`04194000 fffff880`041aa000 intelppm intelppm.sys Tue Jul 14 01: 19: 25 2009 (4A5BC0FD) fffff880`041aa000 fffff880`041b9000 kbdclass kbdclass.sys Tue Jul 14 01: 19: 50 2009 (4A5BC116) fffff880`041b9000 fffff880`041c8000 mouclass mouclass.sys Tue Jul 14 01: 19: 50 2009 (4A5BC116) fffff880`041c8000 fffff880`041da000 umbus umbus.sys Sat Nov 20 11: 44: 37 2010 (4CE7A695) fffff880`041da000 fffff880`041e8000 monitor monitor.sys Tue Jul 14 01: 38: 52 2009 (4A5BC58C) fffff880`041e8000 fffff880`04200000 BTHUSB BTHUSB.sys Thu Apr 28 05: 54: 56 2011 (4DB8E510) fffff880`04200000 fffff880`04226000 pacer pacer.sys Sat Nov 20 11: 52: 18 2010 (4CE7A862) fffff880`04226000 fffff880`0423e000 inspect inspect.sys Mon Dec 19 19: 48: 52 2011 (4EEF8714) fffff880`0423e000 fffff880`04254000 vwififlt vwififlt.sys Tue Jul 14 02: 07: 22 2009 (4A5BCC3A) fffff880`04254000 fffff880`04263000 netbios netbios.sys Tue Jul 14 02: 09: 26 2009 (4A5BCCB6) fffff880`04263000 fffff880`04280000 serial serial.sys Tue Jul 14 02: 00: 40 2009 (4A5BCAA8) fffff880`04280000 fffff880`0429b000 wanarp wanarp.sys Sat Nov 20 11: 52: 36 2010 (4CE7A874) fffff880`0429b000 fffff880`042af000 termdd termdd.sys Sat Nov 20 12: 03: 40 2010 (4CE7AB0C) fffff880`042af000 fffff880`042bb000 nsiproxy nsiproxy.sys Tue Jul 14 01: 21: 02 2009 (4A5BC15E) fffff880`042bb000 fffff880`042c6000 mssmbios mssmbios.sys Tue Jul 14 01: 31: 10 2009 (4A5BC3BE) fffff880`042c6000 fffff880`042d5000 discache discache.sys Tue Jul 14 01: 37: 18 2009 (4A5BC52E) fffff880`042d5000 fffff880`042f0000 USBSTOR USBSTOR.SYS Fri Mar 11 05: 37: 16 2011 (4D79A6FC) fffff880`042fc000 fffff880`04385000 afd afd.sys Wed Dec 28 04: 59: 20 2011 (4EFA9418) fffff880`04385000 fffff880`043ca000 netbt netbt.sys Sat Nov 20 10: 23: 18 2010 (4CE79386) fffff880`043ca000 fffff880`043d5000 ws2ifsl ws2ifsl.sys Tue Jul 14 02: 10: 33 2009 (4A5BCCF9) fffff880`043d5000 fffff880`043de000 wfplwf wfplwf.sys Tue Jul 14 02: 09: 26 2009 (4A5BCCB6) fffff880`043de000 fffff880`043ff000 WudfPf WudfPf.sys Sat Nov 20 11: 42: 44 2010 (4CE7A624) fffff880`04400000 fffff880`04456000 USBPORT USBPORT.SYS Fri Mar 25 04: 29: 12 2011 (4D8C0C08) fffff880`04456000 fffff880`04467000 usbehci usbehci.sys Fri Mar 25 04: 29: 04 2011 (4D8C0C00) fffff880`04467000 fffff880`0447d000 AgileVpn AgileVpn.sys Tue Jul 14 02: 10: 24 2009 (4A5BCCF0) fffff880`0447d000 fffff880`04486000 dump_atapi dump_atapi.sys Tue Jul 14 01: 19: 47 2009 (4A5BC113) fffff880`04487000 fffff880`0457b000 dxgkrnl dxgkrnl.sys Sat Nov 20 10: 50: 50 2010 (4CE799FA) fffff880`0457b000 fffff880`045c1000 dxgmms1 dxgmms1.sys Sat Nov 20 10: 49: 53 2010 (4CE799C1) fffff880`045c1000 fffff880`045ce000 usbuhci usbuhci.sys Fri Mar 25 04: 29: 03 2011 (4D8C0BFF) fffff880`045ce000 fffff880`045f2000 HDAudBus HDAudBus.sys Sat Nov 20 11: 43: 42 2010 (4CE7A65E) fffff880`045f2000 fffff880`045fe000 ndistapi ndistapi.sys Tue Jul 14 02: 10: 00 2009 (4A5BCCD8) fffff880`04800000 fffff880`0481d000 parport parport.sys Tue Jul 14 02: 00: 40 2009 (4A5BCAA8) fffff880`0481d000 fffff880`04823c00 GEARAspiWDM GEARAspiWDM.sys Thu May 03 21: 56: 17 2012 (4FA2E2E1) fffff880`04824000 fffff880`04834000 CompositeBus CompositeBus.sys Sat Nov 20 11: 33: 17 2010 (4CE7A3ED) fffff880`0483a000 fffff880`049b9000 athrx athrx.sys Fri Nov 06 21: 56: 02 2009 (4AF48D62) fffff880`049b9000 fffff880`049c6000 vwifibus vwifibus.sys Tue Jul 14 02: 07: 21 2009 (4A5BCC39) fffff880`049c6000 fffff880`049f8000 Rt64win7 Rt64win7.sys Thu Feb 26 10: 04: 13 2009 (49A65B0D) fffff880`04c00000 fffff880`04c43000 ks ks.sys Sat Nov 20 11: 33: 23 2010 (4CE7A3F3) fffff880`04c43000 fffff880`04c46e80 BdaSup BdaSup.SYS Tue Jul 14 02: 06: 40 2009 (4A5BCC10) fffff880`04c47000 fffff880`04c4c200 ksthunk ksthunk.sys Tue Jul 14 02: 00: 19 2009 (4A5BCA93) fffff880`04c4d000 fffff880`04c5a000 fdc fdc.sys Tue Jul 14 02: 00: 54 2009 (4A5BCAB6) fffff880`04c5a000 fffff880`04c62000 ASACPI ASACPI.sys Mon Mar 28 04: 30: 36 2005 (42476C4C) fffff880`04c62000 fffff880`04c6e000 serenum serenum.sys Tue Jul 14 02: 00: 33 2009 (4A5BCAA1) fffff880`04c6e000 fffff880`04c6f480 swenum swenum.sys Tue Jul 14 02: 00: 18 2009 (4A5BCA92) fffff880`04c71000 fffff880`04dfe580 Ph3xIB64 Ph3xIB64.sys Fri May 08 23: 11: 49 2009 (4A04A015) fffff880`06600000 fffff880`0663d000 portcls portcls.sys Tue Jul 14 02: 06: 27 2009 (4A5BCC03) fffff880`0663d000 fffff880`06649000 Dxapi Dxapi.sys Tue Jul 14 01: 38: 28 2009 (4A5BC574) fffff880`06649000 fffff880`0664af00 USBD USBD.SYS Fri Mar 25 04: 28: 59 2011 (4D8C0BFB) fffff880`0664c000 fffff880`067f8900 RTKVHD64 RTKVHD64.sys Fri May 22 20: 04: 20 2009 (4A16E924) fffff880`08200000 fffff880`0821e000 bowser bowser.sys Wed Feb 23 05: 55: 04 2011 (4D649328) fffff880`0821e000 fffff880`08236000 mpsdrv mpsdrv.sys Tue Jul 14 02: 08: 25 2009 (4A5BCC79) fffff880`08236000 fffff880`08263000 mrxsmb mrxsmb.sys Wed Apr 27 04: 40: 38 2011 (4DB78226) fffff880`08263000 fffff880`082b1000 mrxsmb10 mrxsmb10.sys Sat Jul 09 04: 46: 28 2011 (4E17C104) fffff880`082b9000 fffff880`0830c000 nwifi nwifi.sys Tue Jul 14 02: 07: 23 2009 (4A5BCC3B) fffff880`0830c000 fffff880`0831f000 ndisuio ndisuio.sys Sat Nov 20 11: 50: 08 2010 (4CE7A7E0) fffff880`0831f000 fffff880`08337000 rspndr rspndr.sys Tue Jul 14 02: 08: 50 2009 (4A5BCC92) fffff880`08337000 fffff880`08400000 HTTP HTTP.sys Sat Nov 20 10: 24: 30 2010 (4CE793CE) fffff880`08800000 fffff880`08869000 srv2 srv2.sys Fri Apr 29 05: 05: 46 2011 (4DBA2B0A) fffff880`088cb000 fffff880`08971000 peauth peauth.sys Tue Jul 14 03: 01: 19 2009 (4A5BD8DF) fffff880`08971000 fffff880`0897c000 secdrv secdrv.SYS Wed Sep 13 15: 18: 38 2006 (4508052E) fffff880`0897c000 fffff880`089ad000 srvnet srvnet.sys Fri Apr 29 05: 05: 35 2011 (4DBA2AFF) fffff880`089ad000 fffff880`089bf000 tcpipreg tcpipreg.sys Sat Nov 20 11: 51: 48 2010 (4CE7A844) fffff880`089bf000 fffff880`089c9000 vmnetuserif vmnetuserif.sys Wed Jan 18 22: 36: 25 2012 (4F173B59) fffff880`0902c000 fffff880`090c4000 srv srv.sys Fri Apr 29 05: 06: 06 2011 (4DBA2B1E) fffff880`090c4000 fffff880`090f5000 WUDFRd WUDFRd.sys Sat Nov 20 11: 43: 32 2010 (4CE7A654) fffff880`090f5000 fffff880`0912b000 fastfat fastfat.SYS Tue Jul 14 01: 23: 28 2009 (4A5BC1F0) fffff880`0912b000 fffff880`0919c000 spsys spsys.sys Mon May 11 19: 20: 58 2009 (4A085E7A) fffff880`0919c000 fffff880`091a7000 asyncmac asyncmac.sys Tue Jul 14 02: 10: 13 2009 (4A5BCCE5) fffff880`0f000000 fffff880`0f01a000 rassstp rassstp.sys Tue Jul 14 02: 10: 25 2009 (4A5BCCF1) fffff880`0f01a000 fffff880`0f025000 rdpbus rdpbus.sys Tue Jul 14 02: 17: 46 2009 (4A5BCEAA) fffff880`0f025000 fffff880`0f030000 flpydisk flpydisk.sys Tue Jul 14 02: 00: 54 2009 (4A5BCAB6) fffff880`0f033000 fffff880`0fd27000 nvlddmkm nvlddmkm.sys Tue Oct 02 20: 21: 13 2012 (506B3099) fffff880`0fd27000 fffff880`0fd65000 1394ohci 1394ohci.sys Sat Nov 20 11: 44: 56 2010 (4CE7A6A8) fffff880`0fd65000 fffff880`0fd89000 rasl2tp rasl2tp.sys Sat Nov 20 11: 52: 34 2010 (4CE7A872) fffff880`0fd89000 fffff880`0fdb8000 ndiswan ndiswan.sys Sat Nov 20 11: 52: 32 2010 (4CE7A870) fffff880`0fdb8000 fffff880`0fdd3000 raspppoe raspppoe.sys Tue Jul 14 02: 10: 17 2009 (4A5BCCE9) fffff880`0fdd3000 fffff880`0fdf4000 raspptp raspptp.sys Sat Nov 20 11: 52: 31 2010 (4CE7A86F) fffff880`0fdf4000 fffff880`0fe00000 dump_dumpata dump_dumpata.sys Tue Jul 14 01: 19: 47 2009 (4A5BC113) fffff960`000e0000 fffff960`003f5000 win32k win32k.sys Wed Jul 18 20: 14: 37 2012 (5006FD0D) fffff960`00410000 fffff960`0041a000 TSDDD TSDDD.dll unavailable (00000000) fffff960`00670000 fffff960`00697000 cdd cdd.dll Sat Nov 20 13: 55: 34 2010 (4CE7C546) Unloaded modules: fffff880`01962000 fffff880`01970000 crashdmp.sys Timestamp: unavailable (00000000) Checksum: 00000000 ImageSize: 0000E000 fffff880`01970000 fffff880`0197c000 dump_ataport Timestamp: unavailable (00000000) Checksum: 00000000 ImageSize: 0000C000 fffff880`0197c000 fffff880`01985000 dump_atapi.s Timestamp: unavailable (00000000) Checksum: 00000000 ImageSize: 00009000 fffff880`01985000 fffff880`01998000 dump_dumpfve Timestamp: unavailable (00000000) Checksum: 00000000 ImageSize: 00013000 Bugcheck code 0000007F Arguments 00000000`00000008 00000000`80050031 00000000`000006f8 fffff800`041087c7 [CPU Information] ~MHz = REG_DWORD 2341 Component Information = REG_BINARY 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 Configuration Data = REG_FULL_RESOURCE_DESCRIPTOR ff,ff,ff,ff,ff,ff,ff,ff,0,0,0,0,0,0,0,0 Identifier = REG_SZ Intel64 Family 6 Model 23 Stepping 7 ProcessorNameString = REG_SZ Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz Update Signature = REG_BINARY 0,0,0,0,5,7,0,0 Update Status = REG_DWORD 0 VendorIdentifier = REG_SZ GenuineIntel MSR8B = REG_QWORD 70500000000 Machine ID Information [From Smbios 2.5, DMIVersion 0, Size=2278] BiosMajorRelease = 8 BiosMinorRelease = 14 BiosVendor = American Megatrends Inc. BiosVersion = 0418 BiosReleaseDate = 12/09/2008 SystemManufacturer = PCF SystemProductName = System Product Name SystemFamily = To Be Filled By O.E.M. SystemVersion = System Version SystemSKU = To Be Filled By O.E.M. BaseBoardManufacturer = ASUSTeK Computer INC. BaseBoardProduct = P5QL-EM BaseBoardVersion = Rev X.0x CPUID: "Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz" MaxSpeed: 2330 CurrentSpeed: 2341 [SMBIOS Data Tables v2.5] [DMI Version - 0] [2.0 Calling Convention - No] [Table Size - 2278 bytes] [BIOS Information (Type 0) - Length 24 - Handle 0000h] Vendor American Megatrends Inc. BIOS Version 0418 BIOS Starting Address Segment f000 BIOS Release Date 12/09/2008 BIOS ROM Size 100000 BIOS Characteristics 04: - ISA Supported 07: - PCI Supported 09: - Plug and Play Supported 10: - APM Supported 11: - Upgradeable FLASH BIOS 12: - BIOS Shadowing Supported 14: - ESCD Supported 15: - CD-Boot Supported 16: - Selectable Boot Supported 17: - BIOS ROM Socketed 19: - EDD Supported 23: - 1.2MB Floppy Supported 24: - 720KB Floppy Supported 25: - 2.88MB Floppy Supported 26: - Print Screen Device Supported 27: - Keyboard Services Supported 28: - Serial Services Supported 29: - Printer Services Supported 30: - CGA/Mono Services Supported 32: - BIOS Vendor Reserved BIOS Characteristic Extensions 00: - ACPI Supported 01: - USB Legacy Supported 04: - LS120-Boot Supported 05: - ATAPI ZIP-Boot Supported 08: - BIOS Boot Specification Supported 10: - Specification Reserved BIOS Major Revision 8 BIOS Minor Revision 14 EC Firmware Major Revision 255 EC Firmware Minor Revision 255 [System Information (Type 1) - Length 27 - Handle 0001h] Manufacturer PCF Product Name System Product Name Version System Version Serial Number UUID 00000000-0000-0000-0000-000000000000 Wakeup Type Power Switch SKUNumber To Be Filled By O.E.M. Family To Be Filled By O.E.M. [BaseBoard Information (Type 2) - Length 15 - Handle 0002h] Manufacturer ASUSTeK Computer INC. Product P5QL-EM Version Rev X.0x Serial Number Asset Tag Feature Flags 09h 1638284660: - c 1638284620: - c Location To Be Filled By O.E.M. Chassis Handle 0003h Board Type 0ah - Processor/Memory Module Number of Child Handles 0 [System Enclosure (Type 3) - Length 21 - Handle 0003h] Manufacturer Chassis Manufacture Chassis Type Desktop Version Chassis Version Serial Number Asset Tag Number Bootup State Safe Power Supply State Safe Thermal State Safe Security Status None OEM Defined 1 Height 0U Number of Power Cords 1 Number of Contained Elements 0 Contained Element Size 0 [Processor Information (Type 4) - Length 40 - Handle 0004h] Socket Designation LGA775 Processor Type Central Processor Processor Family 01h - Other Processor Manufacturer Intel Processor ID 77060100fffbebbf Processor Version Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz Processor Voltage 8ch - 1.2V External Clock 333MHz Max Speed 3800MHz Current Speed 2333MHz Status Enabled Populated Processor Upgrade Specification Reserved L1 Cache Handle 0005h L2 Cache Handle 0006h L3 Cache Handle 0007h Serial Number Asset Tag Number Part Number To Be Filled By O.E.M. [Cache Information (Type 7) - Length 19 - Handle 0005h] Socket Designation L1-Cache Cache Configuration 0180h - WB Enabled Int NonSocketed L1 Maximum Cache Size 0080h - 128K Installed Size 0080h - 128K Supported SRAM Type 0001h - Other Current SRAM Type 0001h - Other Cache Speed 0ns Error Correction Type ParitySingle-Bit ECC System Cache Type Data Associativity 8-way Set-Associative [Cache Information (Type 7) - Length 19 - Handle 0006h] Socket Designation L2-Cache Cache Configuration 0181h - WB Enabled Int NonSocketed L2 Maximum Cache Size 1000h - 4096K Installed Size 1000h - 4096K Supported SRAM Type 0001h - Other Current SRAM Type 0001h - Other Cache Speed 0ns Error Correction Type Multi-Bit ECC System Cache Type Instruction Associativity 8-way Set-Associative [Cache Information (Type 7) - Length 19 - Handle 0007h] Socket Designation L3-Cache Cache Configuration 0302h - Unknown Disabled Int NonSocketed L3 Maximum Cache Size 0000h - 0K Installed Size 0000h - 0K Supported SRAM Type 0002h - Unknown Current SRAM Type 0002h - Unknown Cache Speed 0ns Error Correction Type Unknown System Cache Type Unknown Associativity Unknown [Onboard Devices Information (Type 10) - Length 6 - Handle 002dh] Number of Devices 1 01: Type Ethernet [enabled] 01: Description Onboard Ethernet [OEM Strings (Type 11) - Length 5 - Handle 002eh] Number of Strings 4 1 002215D6FD62 2 To Be Filled By O.E.M. 3 To Be Filled By O.E.M. 4 To Be Filled By O.E.M. [Physical Memory Array (Type 16) - Length 15 - Handle 0031h] Location 03h - SystemBoard/Motherboard Use 03h - System Memory Memory Error Correction 03h - None Maximum Capacity 8388608KB Memory Error Inf Handle [Not Provided] Number of Memory Devices 4 [Memory Array Mapped Address (Type 19) - Length 15 - Handle 0032h] Starting Address 00000000h Ending Address 003fffffh Memory Array Handle 0031h Partition Width 04 [Memory Device (Type 17) - Length 27 - Handle 0033h] Physical Memory Array Handle 0031h Memory Error Info Handle [Not Provided] Total Width 64 bits Data Width 64 bits Size 2048MB Form Factor 09h - DIMM Device Set [None] Device Locator DIMM0 Bank Locator BANK0 Memory Type 13h - Specification Reserved Type Detail 0080h - Synchronous Speed 800MHz Manufacturer Manufacturer0 Serial Number Asset Tag Number Part Number PartNum0 [Memory Device Mapped Address (Type 20) - Length 19 - Handle 0034h] Starting Address 00000000h Ending Address 001fffffh Memory Device Handle 0033h Mem Array Mapped Adr Handle 0032h Partition Row Position 01 Interleave Position [None] Interleave Data Depth 01 [Memory Device (Type 17) - Length 27 - Handle 0035h] Physical Memory Array Handle 0031h Memory Error Info Handle [Not Provided] Total Width [Unknown] Data Width 64 bits Size [Not Populated] Form Factor 01h - Other Device Set [None] Device Locator DIMM1 Bank Locator BANK1 Memory Type 02h - Unknown Type Detail 0000h - Speed 0MHz Manufacturer Manufacturer1 Serial Number Asset Tag Number Part Number PartNum1 [Memory Device (Type 17) - Length 27 - Handle 0037h] Physical Memory Array Handle 0031h Memory Error Info Handle [Not Provided] Total Width 64 bits Data Width 64 bits Size 2048MB Form Factor 09h - DIMM Device Set [None] Device Locator DIMM2 Bank Locator BANK2 Memory Type 13h - Specification Reserved Type Detail 0080h - Synchronous Speed 800MHz Manufacturer Manufacturer2 Serial Number Asset Tag Number Part Number PartNum2 [Memory Device Mapped Address (Type 20) - Length 19 - Handle 0038h] Starting Address 00200000h Ending Address 003fffffh Memory Device Handle 0037h Mem Array Mapped Adr Handle 0032h Partition Row Position 01 Interleave Position [None] Interleave Data Depth 01 [Memory Device (Type 17) - Length 27 - Handle 0039h] Physical Memory Array Handle 0031h Memory Error Info Handle [Not Provided] Total Width [Unknown] Data Width 64 bits Size [Not Populated] Form Factor 01h - Other Device Set [None] Device Locator DIMM3 Bank Locator BANK3 Memory Type 02h - Unknown Type Detail 0000h - Speed 0MHz Manufacturer Manufacturer3 Serial Number Asset Tag Number Part Number PartNum3 Kod: Microsoft (R) Windows Debugger Version 6.12.0002.633 X86 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C: \Users\user\Desktop\bsody\22\dump\Minidump\102912-23150-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: symsrvsymsrv.dllc: \symbhttp: //msdl.microsoft.com/download/symbols Executable search path is: Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333 Machine Name: Kernel base = 0xfffff800`0400f000 PsLoadedModuleList = 0xfffff800`04253670 Debug session time: Mon Oct 29 18: 43: 13.389 2012 (UTC + 1: 00) System Uptime: 0 days 0: 01: 12.168 Loading Kernel Symbols ............................................................... ................................................................ ............................................... Loading User Symbols Loading unloaded module list .... ****************************************************************************** * * * Bugcheck Analysis * * * ***************************************************************************** Use !analyze -v to get detailed debugging information. BugCheck 3B, {c0000005, fffff88001269f50, fffff8800680cd60, 0} Probably caused by : Ntfs.sys ( Ntfs!memset+80 ) Followup: MachineOwner --------- 0: kd> !analyze -v ***************************************************************************** * * * Bugcheck Analysis * * * ******************************************************************************* SYSTEM_SERVICE_EXCEPTION (3b) An exception happened while executing a system service routine. Arguments: Arg1: 00000000c0000005, Exception code that caused the bugcheck Arg2: fffff88001269f50, Address of the instruction which caused the bugcheck Arg3: fffff8800680cd60, Address of the context record for the exception that caused the bugcheck Arg4: 0000000000000000, zero. Debugging Details: ------------------ EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - Instrukcja spod 0x%08lx odwo FAULTING_IP: Ntfs!memset+80 fffff880`01269f50 488911 mov qword ptr [rcx],rdx CONTEXT: fffff8800680cd60 -- (.cxr 0xfffff8800680cd60) rax=0000000000000000 rbx=0000000000011000 rcx=0000000000000000 rdx=0000000000000000 rsi=0000000000000000 rdi=fffff8800680d7d8 rip=fffff88001269f50 rsp=fffff8800680d748 rbp=fffff8800680db1c r8=0000000000000018 r9=0000000000000005 r10=fffffa800477f030 r11=fffff880012f5de0 r12=0000000000000000 r13=0000000000000001 r14=fffff8800680d7d8 r15=000000000680d7d8 iopl=0 nv up ei ng nz na po cy cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010287 Ntfs!memset+0x80: fffff880`01269f50 488911 mov qword ptr [rcx],rdx ds: 002b: 00000000`00000000=? Resetting default scope CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT BUGCHECK_STR: 0x3B PROCESS_NAME: svchost.exe CURRENT_IRQL: 0 LAST_CONTROL_TRANSFER: from 0000000000000000 to fffff88001269f50 STACK_TEXT: fffff880`0680d748 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : Ntfs!memset+0x80 FOLLOWUP_IP: Ntfs!memset+80 fffff880`01269f50 488911 mov qword ptr [rcx],rdx SYMBOL_STACK_INDEX: 0 SYMBOL_NAME: Ntfs!memset+80 FOLLOWUP_NAME: MachineOwner MODULE_NAME: Ntfs IMAGE_NAME: Ntfs.sys DEBUG_FLR_IMAGE_TIMESTAMP: 5040d4c6 STACK_COMMAND: .cxr 0xfffff8800680cd60 ; kb FAILURE_BUCKET_ID: X64_0x3B_Ntfs!memset+80 BUCKET_ID: X64_0x3B_Ntfs!memset+80 Followup: MachineOwner --------- Kod: Microsoft (R) Windows Debugger Version 6.12.0002.633 X86 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C: \Users\user\Desktop\bsody\22\dump\Minidump\102912-22713-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: symsrvsymsrv.dllc: \symbhttp: //msdl.microsoft.com/download/symbols Executable search path is: Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333 Machine Name: Kernel base = 0xfffff800`0401b000 PsLoadedModuleList = 0xfffff800`0425f670 Debug session time: Mon Oct 29 18: 48: 38.813 2012 (UTC + 1: 00) System Uptime: 0 days 0: 01: 51.592 Loading Kernel Symbols ............................................................... ................................................................ ............................................... Loading User Symbols Loading unloaded module list .... ****************************************************************************** * * * Bugcheck Analysis * * * ***************************************************************************** Use !analyze -v to get detailed debugging information. BugCheck A, {ffffffffba0f0000, 2, 0, fffff8000419beaf} Probably caused by : hardware ( nt!EtwTraceContextSwap+6f ) Followup: MachineOwner --------- 2: kd> !analyze -v ***************************************************************************** * * * Bugcheck Analysis * * * ******************************************************************************* IRQL_NOT_LESS_OR_EQUAL (a) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If a kernel debugger is available get the stack backtrace. Arguments: Arg1: ffffffffba0f0000, memory referenced Arg2: 0000000000000002, IRQL Arg3: 0000000000000000, bitfield : bit 0 : value 0 = read operation, 1 = write operation bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status) Arg4: fffff8000419beaf, address which referenced memory Debugging Details: ------------------ READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800042c9100 ffffffffba0f0000 CURRENT_IRQL: 2 FAULTING_IP: nt!EtwTraceContextSwap+6f fffff800`0419beaf 84840000000fba test byte ptr [rax+rax-45F10000h],al CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT BUGCHECK_STR: 0xA PROCESS_NAME: System TRAP_FRAME: fffff88002f8bb50 -- (.trap 0xfffff88002f8bb50) NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. rax=0000000000000000 rbx=0000000000000000 rcx=fffffa8008e571cf rdx=fffff88002f6dfc0 rsi=0000000000000000 rdi=0000000000000000 rip=fffff8000419beaf rsp=fffff88002f8bce0 rbp=fffff88002f8bdb0 r8=fffffa80036eb0c8 r9=0000000000000000 r10=fffffffffffffffb r11=fffff88002f63180 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei ng nz na pe nc nt!EtwTraceContextSwap+0x6f: fffff800`0419beaf 84840000000fba test byte ptr [rax+rax-45F10000h],al ds: bc98: ffffffff`ba0f0000=? Resetting default scope MISALIGNED_IP: nt!EtwTraceContextSwap+6f fffff800`0419beaf 84840000000fba test byte ptr [rax+rax-45F10000h],al LAST_CONTROL_TRANSFER: from fffff80004099569 to fffff80004099fc0 STACK_TEXT: fffff880`02f8ba08 fffff800`04099569 : 00000000`0000000a ffffffff`ba0f0000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx fffff880`02f8ba10 fffff800`040981e0 : 00000000`07fcccba 00000000`00013750 fffff880`02f8bcc0 fffff880`02f63180 : nt!KiBugCheckDispatch+0x69 fffff880`02f8bb50 fffff800`0419beaf : 00000000`0f40f770 fffff880`02f6dfc0 fffffa80`041dbd40 400000c2`400000c1 : nt!KiPageFault+0x260 fffff880`02f8bce0 fffff800`0409d387 : fffff880`00000002 fffff880`02f63180 fffff880`02f8bdb0 fffff880`02f6dfc0 : nt!EtwTraceContextSwap+0x6f fffff880`02f8bd40 fffff800`04091d7d : fffff880`02f63180 fffff880`00000000 00000000`00000000 fffff880`010ccf5c : nt!SwapContext_PatchXRstor+0x103 fffff880`02f8bd80 00000000`00000000 : fffff880`02f8c000 fffff880`02f86000 fffff880`02f8bd40 00000000`00000000 : nt!KiIdleLoop+0x10d STACK_COMMAND: kb FOLLOWUP_IP: nt!EtwTraceContextSwap+6f fffff800`0419beaf 84840000000fba test byte ptr [rax+rax-45F10000h],al SYMBOL_STACK_INDEX: 3 SYMBOL_NAME: nt!EtwTraceContextSwap+6f FOLLOWUP_NAME: MachineOwner IMAGE_NAME: hardware DEBUG_FLR_IMAGE_TIMESTAMP: 0 MODULE_NAME: hardware FAILURE_BUCKET_ID: X64_IP_MISALIGNED BUCKET_ID: X64_IP_MISALIGNED Followup: MachineOwner --------- Kod: Microsoft (R) Windows Debugger Version 6.12.0002.633 X86 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C: \Users\user\Desktop\bsody\22\dump\Minidump\101912-45396-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: symsrvsymsrv.dllc: \symbhttp: //msdl.microsoft.com/download/symbols Executable search path is: Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333 Machine Name: Kernel base = 0xfffff800`03e0b000 PsLoadedModuleList = 0xfffff800`0404f670 Debug session time: Fri Oct 19 11: 09: 30.187 2012 (UTC + 1: 00) System Uptime: 0 days 0: 00: 21.576 Loading Kernel Symbols ............................................................... ......................................................... Loading User Symbols ****************************************************************************** * * * Bugcheck Analysis * * * ***************************************************************************** Use !analyze -v to get detailed debugging information. BugCheck DA, {500, fffff6fc40021b90, 20, 4372} Probably caused by : rdyboost.sys ( rdyboost!SmFpAllocate+4f ) Followup: MachineOwner --------- 2: kd> !analyze -v ***************************************************************************** * * * Bugcheck Analysis * * * ******************************************************************************* SYSTEM_PTE_MISUSE (da) The stack trace identifies the guilty driver. Arguments: Arg1: 0000000000000500, Type of error. Arg2: fffff6fc40021b90 Arg3: 0000000000000020 Arg4: 0000000000004372 Debugging Details: ------------------ CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT BUGCHECK_STR: 0xDA PROCESS_NAME: System CURRENT_IRQL: 2 LAST_CONTROL_TRANSFER: from fffff80003ee32b3 to fffff80003e89fc0 STACK_TEXT: fffff880`0379a848 fffff800`03ee32b3 : 00000000`000000da 00000000`00000500 fffff6fc`40021b90 00000000`00000020 : nt!KeBugCheckEx fffff880`0379a850 fffff800`03e8f024 : 00000000`0000007c fffff800`04036f60 00000000`00000000 00000000`00000000 : nt! ? : FNODOBFM: `string'+0xb3aa fffff880`0379a960 fffff800`03ea4cbb : fffff880`00000000 fffff800`040377a8 00004fa2`00001356 00000000`00001356 : nt!MiEmptyPteBins+0x10d fffff880`0379a9b0 fffff880`0141aebf : fffffa80`0623f700 fffff800`00004fe5 00000000`00000001 fffffa80`04729fa0 : nt!MmMapLockedPagesSpecifyCache+0x74c fffff880`0379aa80 fffff880`01405005 : fffffa80`04729118 fffff880`01412519 fffffa80`0623f700 fffff880`04fe0000 : rdyboost!SmFpAllocate+0x4f fffff880`0379aad0 fffff880`014123da : fffffa80`04729118 fffffa80`04729118 fffff880`037983e0 fffffa80`04729118 : rdyboost!ST_STORE<SMD_TRAITS>: StDmCurrentRegionSet+0xcd fffff880`0379ab30 fffff880`0141059e : fffffa80`04729118 00000000`0000000f 00000000`0000000f 00000000`00000180 : rdyboost!ST_STORE<SMD_TRAITS>: StDmpSinglePageFindSpace+0x4a fffff880`0379ab60 fffff880`0140f773 : fffffa80`05ccc0d0 fffffa80`06249040 00000000`00000000 fffffa80`04729118 : rdyboost!ST_STORE<SMD_TRAITS>: StDmpSinglePageAdd+0x2e fffff880`0379ac20 fffff880`0140f62e : fffffa80`05ccc0d0 fffff880`0000f000 00000000`00000080 00000000`0000000f : rdyboost!ST_STORE<SMD_TRAITS>: StDmPageAdd+0xe3 fffff880`0379ac80 fffff880`0140e41a : fffffa80`05ccc0d0 00000000`00000080 00000000`00000080 fffffa80`04729f88 : rdyboost!ST_STORE<SMD_TRAITS>: StWorkItemProcess+0x23a fffff880`0379ace0 fffff800`04120e5a : 00000000`00000000 fffff880`00000000 fffffa80`04719b50 fffffa80`036f5040 : rdyboost!SMKM_STORE<SMD_TRAITS>: SmStWorker+0x152 fffff880`0379ad40 fffff800`03e7ad26 : fffff880`02f63180 fffffa80`04719b50 fffff880`02f6dfc0 00000000`00000000 : nt!PspSystemThreadStartup+0x5a fffff880`0379ad80 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxStartSystemThread+0x16 STACK_COMMAND: kb FOLLOWUP_IP: rdyboost!SmFpAllocate+4f fffff880`0141aebf eb21 jmp rdyboost!SmFpAllocate+0x72 (fffff880`0141aee2) SYMBOL_STACK_INDEX: 4 SYMBOL_NAME: rdyboost!SmFpAllocate+4f FOLLOWUP_NAME: MachineOwner MODULE_NAME: rdyboost IMAGE_NAME: rdyboost.sys DEBUG_FLR_IMAGE_TIMESTAMP: 4ce7982e FAILURE_BUCKET_ID: X64_0xDA_rdyboost!SmFpAllocate+4f BUCKET_ID: X64_0xDA_rdyboost!SmFpAllocate+4f Followup: MachineOwner --------- Kod: Microsoft (R) Windows Debugger Version 6.12.0002.633 X86 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C: \Users\user\Desktop\bsody\22\dump\Minidump\102912-21855-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: symsrvsymsrv.dllc: \symbhttp: //msdl.microsoft.com/download/symbols Executable search path is: Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333 Machine Name: Kernel base = 0xfffff800`0405b000 PsLoadedModuleList = 0xfffff800`0429f670 Debug session time: Mon Oct 29 16: 41: 38.261 2012 (UTC + 1: 00) System Uptime: 0 days 0: 04: 13.635 Loading Kernel Symbols ............................................................... ................................................................ ................................................. Loading User Symbols Loading unloaded module list .... ****************************************************************************** * * * Bugcheck Analysis * * * ***************************************************************************** Use !analyze -v to get detailed debugging information. BugCheck 19, {3, fffff80004261750, fffff80004261750, fffff80004261770} Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+a53 ) Followup: Pool_corruption --------- 1: kd> !analyze -v ***************************************************************************** * * * Bugcheck Analysis * * * ******************************************************************************* BAD_POOL_HEADER (19) The pool is already corrupt at the time of the current request. This may or may not be due to the caller. The internal pool links must be walked to figure out a possible cause of the problem, and then special pool applied to the suspect tags or the driver verifier to a suspect driver. Arguments: Arg1: 0000000000000003, the pool freelist is corrupt. Arg2: fffff80004261750, the pool entry being checked. Arg3: fffff80004261750, the read back flink freelist value (should be the same as 2). Arg4: fffff80004261770, the read back blink freelist value (should be the same as 2). Debugging Details: ------------------ BUGCHECK_STR: 0x19_3 CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT PROCESS_NAME: vmware-authd.e CURRENT_IRQL: 2 LAST_CONTROL_TRANSFER: from fffff800042044b3 to fffff800040d9fc0 STACK_TEXT: fffff880`0a31bf78 fffff800`042044b3 : 00000000`00000019 00000000`00000003 fffff800`04261750 fffff800`04261750 : nt!KeBugCheckEx fffff880`0a31bf80 fffff880`016fc6be : 00000000`00000000 00000000`00000011 00000000`00000000 00000000`00000000 : nt!ExDeferredFreePool+0xa53 fffff880`0a31c070 fffff880`01677193 : fffffa80`05ce71a0 fffffa80`05ce71a0 00000000`00000000 00000000`00000000 : ndis!ndisQueueRequestWorkItem+0x5e fffff880`0a31c0d0 fffff880`017326fe : fffffa80`05fbf000 fffff880`0a31c290 00000000`00000000 00000000`fc01020a : ndis!ndisQueueRequestOnTop+0x3a3 fffff880`0a31c170 fffff880`018804cf : 00000000`00000000 fffff8a0`00000006 00000000`00000000 fffff800`040ebf00 : ndis!ndisMOidRequest+0xde fffff880`0a31c260 fffff880`018805ec : 00000000`00000000 fffff880`0a31c440 00000000`00000040 ffffe028`9627199f : tcpip!FlpNdisRequestUnderReference+0x9f fffff880`0a31c3d0 fffff880`0184f983 : 00000000`00000000 00000000`fc01020a fffffa80`05fbe670 00000000`00000000 : tcpip!FlQueryInterface+0x8c fffff880`0a31c420 fffff880`018502ad : fffffa80`05fbe670 fffff880`0a31c610 fffff880`0a31c510 fffff880`01969800 : tcpip!IppQueryInterfaceProperty+0x73 fffff880`0a31c470 fffff880`0185016e : fffff880`00000040 fffffa80`05fbe670 00000000`00000004 fffff880`0a31c590 : tcpip!IppAddInterfaceStats+0x7d fffff880`0a31c4f0 fffff880`0184fecd : 00830000`05000000 fffff880`01969800 00000000`00000004 00000000`00000003 : tcpip!IppAddGlobalOffloadStatistics+0xb6 fffff880`0a31c560 fffff880`0176cc08 : 00000000`00000000 fffff880`017b4358 fffffa80`07dfd658 fffffa80`045e4940 : tcpip!IpGetAllGlobalParameters+0x51d fffff880`0a31c6a0 fffff880`041a59d6 : fffff880`0a31c900 fffffa80`045e4940 fffffa80`07dfd5f0 fffff880`0a31c900 : NETIO!NsiGetAllParametersEx+0x258 fffff880`0a31c7b0 fffff880`041a7902 : fffffa80`066970e0 fffffa80`066970e0 00000000`00000000 fffffa80`06697048 : nsiproxy!NsippGetAllParameters+0x2b2 fffff880`0a31c9a0 fffff880`041a79db : fffffa80`05b2b550 00000000`00000000 00000000`00000001 00000000`00000003 : nsiproxy!NsippDispatchDeviceControl+0x8a fffff880`0a31c9e0 fffff800`043f0687 : fffffa80`061b4f20 fffffa80`061b4f20 fffffa80`06697128 fffffa80`06697010 : nsiproxy!NsippDispatch+0x4b fffff880`0a31ca10 fffff800`043f0ee6 : 00000000`0244e758 00000000`000005c4 00000000`00000001 00000000`00000000 : nt!IopXxxControlFile+0x607 fffff880`0a31cb40 fffff800`040d9253 : fffffa80`07951060 00000000`0244e6f8 fffff880`0a31cbc8 00000000`00000001 : nt!NtDeviceIoControlFile+0x56 fffff880`0a31cbb0 00000000`755f2e09 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 00000000`0244f008 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x755f2e09 STACK_COMMAND: kb FOLLOWUP_IP: nt!ExDeferredFreePool+a53 fffff800`042044b3 cc int 3 SYMBOL_STACK_INDEX: 1 SYMBOL_NAME: nt!ExDeferredFreePool+a53 FOLLOWUP_NAME: Pool_corruption IMAGE_NAME: Pool_Corruption DEBUG_FLR_IMAGE_TIMESTAMP: 0 MODULE_NAME: Pool_Corruption FAILURE_BUCKET_ID: X64_0x19_3_nt!ExDeferredFreePool+a53 BUCKET_ID: X64_0x19_3_nt!ExDeferredFreePool+a53 Followup: Pool_corruption --------- Kod: Microsoft (R) Windows Debugger Version 6.12.0002.633 X86 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C: \Users\user\Desktop\bsody\22\dump\Minidump\102812-29062-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: symsrvsymsrv.dllc: \symbhttp: //msdl.microsoft.com/download/symbols Executable search path is: Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333 Machine Name: Kernel base = 0xfffff800`04007000 PsLoadedModuleList = 0xfffff800`0424b670 Debug session time: Sun Oct 28 14: 04: 42.587 2012 (UTC + 1: 00) System Uptime: 0 days 0: 00: 40.366 Loading Kernel Symbols ............................................................... ................................................................ .................................................. Loading User Symbols Loading unloaded module list .... ****************************************************************************** * * * Bugcheck Analysis * * * ***************************************************************************** Use !analyze -v to get detailed debugging information. BugCheck C4, {f6, 4, fffffa8007da8060, fffff88008e01772} Unable to load image \?\C: \Program Files (x86)\CyberLink\PowerDVD\000.fcl, Win32 error 0n2 * WARNING: Unable to verify timestamp for 000.fcl * ERROR: Module load completed but symbols could not be loaded for 000.fcl Probably caused by : 000.fcl ( 000+1772 ) Followup: MachineOwner --------- 2: kd> !analyze -v ***************************************************************************** * * * Bugcheck Analysis * * * ******************************************************************************* DRIVER_VERIFIER_DETECTED_VIOLATION (c4) A device driver attempting to corrupt the system has been caught. This is because the driver was specified in the registry as being suspect (by the administrator) and the kernel has enabled substantial checking of this driver. If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will be among the most commonly seen crashes. Arguments: Arg1: 00000000000000f6, Referencing user handle as KernelMode. Arg2: 0000000000000004, Handle value being referenced. Arg3: fffffa8007da8060, Address of the current process. Arg4: fffff88008e01772, Address inside the driver that is performing the incorrect reference. Debugging Details: ------------------ BUGCHECK_STR: 0xc4_f6 CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP PROCESS_NAME: WmiPrvSE.exe CURRENT_IRQL: 0 LAST_CONTROL_TRANSFER: from fffff8000450c3dc to fffff80004085fc0 STACK_TEXT: fffff880`0949a478 fffff800`0450c3dc : 00000000`000000c4 00000000`000000f6 00000000`00000004 fffffa80`07da8060 : nt!KeBugCheckEx fffff880`0949a480 fffff800`04521ae4 : 00000000`00000004 fffffa80`07da8060 00000000`00000002 00000000`00000000 : nt!VerifierBugCheckIfAppropriate+0x3c fffff880`0949a4c0 fffff800`043bfbf5 : fffff6fb`7e200040 00000000`00000004 fffff880`0949a650 fffff800`0422cd30 : nt!VfCheckUserHandle+0x1b4 fffff880`0949a5a0 fffff800`04085253 : fffffa80`07dbe060 00000000`00000000 fffff6fb`7dbf1400 fffff880`0949a6a0 : nt! ? : NNGAKEGL: `string'+0x23055 fffff880`0949a5d0 fffff800`04081810 : fffff880`08e01772 fffffa80`07db0da0 fffff800`0422cd30 fffff800`0422cd30 : nt!KiSystemServiceCopyEnd+0x13 fffff880`0949a768 fffff880`08e01772 : fffffa80`07db0da0 fffff800`0422cd30 fffff800`0422cd30 00000000`00000000 : nt!KiServiceLinkage fffff880`0949a770 fffffa80`07db0da0 : fffff800`0422cd30 fffff800`0422cd30 00000000`00000000 00000000`00000005 : 000+0x1772 fffff880`0949a778 fffff800`0422cd30 : fffff800`0422cd30 00000000`00000000 00000000`00000005 fffff880`00000000 : 0xfffffa80`07db0da0 fffff880`0949a780 fffff800`0422cd30 : 00000000`00000000 00000000`00000005 fffff880`00000000 00000000`00000000 : nt!PspLoadImageNotifyRoutine+0x10 fffff880`0949a788 00000000`00000000 : 00000000`00000005 fffff880`00000000 00000000`00000000 00000000`00000018 : nt!PspLoadImageNotifyRoutine+0x10 STACK_COMMAND: kb FOLLOWUP_IP: 000+1772 fffff880`08e01772 85db test ebx,ebx SYMBOL_STACK_INDEX: 6 SYMBOL_NAME: 000+1772 FOLLOWUP_NAME: MachineOwner MODULE_NAME: 000 IMAGE_NAME: 000.fcl DEBUG_FLR_IMAGE_TIMESTAMP: 4705a5da FAILURE_BUCKET_ID: X64_0xc4_f6_VRF_000+1772 BUCKET_ID: X64_0xc4_f6_VRF_000+1772 Followup: MachineOwner --------- (Ten post był ostatnio modyfikowany: 01.11.2012 17:09 przez thermalfake.) 01.11.2012 15:46
Podziękowania od:

thermalfake Ostatni Mohikanin Liczba postów: 13.580	Post: #5 RE: BSOD 5 minut po uruchomieniu komputera Kod: Microsoft (R) Windows Debugger Version 6.12.0002.633 X86 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C: \Users\user\Desktop\bsody\22\dump\Minidump\102812-21106-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: symsrvsymsrv.dllc: \symbhttp: //msdl.microsoft.com/download/symbols Executable search path is: Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333 Machine Name: Kernel base = 0xfffff800`04003000 PsLoadedModuleList = 0xfffff800`04247670 Debug session time: Sun Oct 28 12: 32: 29.383 2012 (UTC + 1: 00) System Uptime: 0 days 0: 04: 57.772 Loading Kernel Symbols ............................................................... ................................................................ ...................................................... Loading User Symbols Loading unloaded module list .... ****************************************************************************** * * * Bugcheck Analysis * * * ***************************************************************************** Use !analyze -v to get detailed debugging information. BugCheck A, {2b, 2, 0, fffff80004088e20} Probably caused by : win32k.sys ( win32k!xxxRealSleepThread+257 ) Followup: MachineOwner --------- 1: kd> !analyze -v ***************************************************************************** * * * Bugcheck Analysis * * * ******************************************************************************* IRQL_NOT_LESS_OR_EQUAL (a) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If a kernel debugger is available get the stack backtrace. Arguments: Arg1: 000000000000002b, memory referenced Arg2: 0000000000000002, IRQL Arg3: 0000000000000000, bitfield : bit 0 : value 0 = read operation, 1 = write operation bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status) Arg4: fffff80004088e20, address which referenced memory Debugging Details: ------------------ READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800042b1100 000000000000002b CURRENT_IRQL: 2 FAULTING_IP: nt!KeWaitForSingleObject+230 fffff800`04088e20 498b0e mov rcx,qword ptr [r14] CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT BUGCHECK_STR: 0xA PROCESS_NAME: firefox.exe TRAP_FRAME: fffff8800aac3980 -- (.trap 0xfffff8800aac3980) NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. rax=0000000000004a8f rbx=0000000000000000 rcx=0000000000000002 rdx=000000000000000d rsi=0000000000000000 rdi=0000000000000000 rip=fffff80004088e20 rsp=fffff8800aac3b10 rbp=0000000000000000 r8=0000000000000000 r9=0000000000000000 r10=0000000000000001 r11=fffffa8007682750 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei pl nz na po nc nt!KeWaitForSingleObject+0x230: fffff800`04088e20 498b0e mov rcx,qword ptr [r14] ds: 00000000`00000000=??? Resetting default scope LAST_CONTROL_TRANSFER: from fffff80004081569 to fffff80004081fc0 STACK_TEXT: fffff880`0aac3838 fffff800`04081569 : 00000000`0000000a 00000000`0000002b 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx fffff880`0aac3840 fffff800`040801e0 : fffff900`c06cb870 00000000`00000000 00000000`76d0b500 00000000`0000002b : nt!KiBugCheckDispatch+0x69 fffff880`0aac3980 fffff800`04088e20 : fffff900`c06cb870 fffff960`0013d43d fffff900`c06cb800 fffff800`0000000d : nt!KiPageFault+0x260 fffff880`0aac3b10 fffff960`0013d417 : fffff900`c06cb800 fffff960`0000000d 00000000`00000001 00000000`00000000 : nt!KeWaitForSingleObject+0x230 fffff880`0aac3bb0 00001fa1`02010000 : 00000000`07f5cf10 00000000`74952e09 00000000`00000000 00000000`0000002b : win32k!xxxRealSleepThread+0x257 fffff880`0aac3c50 00000000`07f5cf10 : 00000000`74952e09 00000000`00000000 00000000`0000002b 00000000`7606f5be : 0x1fa1`02010000 fffff880`0aac3c58 00000000`74952e09 : 00000000`00000000 00000000`0000002b 00000000`7606f5be 00000000`00000000 : 0x7f5cf10 fffff880`0aac3c60 00000000`00000000 : 00000000`0000002b 00000000`7606f5be 00000000`00000000 00000000`00200246 : 0x74952e09 STACK_COMMAND: kb FOLLOWUP_IP: win32k!xxxRealSleepThread+257 fffff960`0013d417 448be8 mov r13d,eax SYMBOL_STACK_INDEX: 4 SYMBOL_NAME: win32k!xxxRealSleepThread+257 FOLLOWUP_NAME: MachineOwner MODULE_NAME: win32k IMAGE_NAME: win32k.sys DEBUG_FLR_IMAGE_TIMESTAMP: 5006fd0d FAILURE_BUCKET_ID: X64_0xA_win32k!xxxRealSleepThread+257 BUCKET_ID: X64_0xA_win32k!xxxRealSleepThread+257 Followup: MachineOwner --------- Kod: Microsoft (R) Windows Debugger Version 6.12.0002.633 X86 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C: \Users\user\Desktop\bsody\22\dump\Minidump\102712-21418-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: symsrvsymsrv.dllc: \symbhttp: //msdl.microsoft.com/download/symbols Executable search path is: Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333 Machine Name: Kernel base = 0xfffff800`04050000 PsLoadedModuleList = 0xfffff800`04294670 Debug session time: Sat Oct 27 12: 10: 04.208 2012 (UTC + 1: 00) System Uptime: 0 days 0: 04: 16.988 Loading Kernel Symbols ............................................................... ................................................................ ...................................................... Loading User Symbols Loading unloaded module list .... ****************************************************************************** * * * Bugcheck Analysis * * * ***************************************************************************** Use !analyze -v to get detailed debugging information. BugCheck 19, {3, fffff8a00e0060a0, fffff8a00e006080, fffff8a00e0060a0} Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+cbb ) Followup: Pool_corruption --------- 3: kd> !analyze -v ***************************************************************************** * * * Bugcheck Analysis * * * ******************************************************************************* BAD_POOL_HEADER (19) The pool is already corrupt at the time of the current request. This may or may not be due to the caller. The internal pool links must be walked to figure out a possible cause of the problem, and then special pool applied to the suspect tags or the driver verifier to a suspect driver. Arguments: Arg1: 0000000000000003, the pool freelist is corrupt. Arg2: fffff8a00e0060a0, the pool entry being checked. Arg3: fffff8a00e006080, the read back flink freelist value (should be the same as 2). Arg4: fffff8a00e0060a0, the read back blink freelist value (should be the same as 2). Debugging Details: ------------------ BUGCHECK_STR: 0x19_3 CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT PROCESS_NAME: System CURRENT_IRQL: 0 LAST_CONTROL_TRANSFER: from fffff800041f970f to fffff800040cefc0 STACK_TEXT: fffff880`031afa78 fffff800`041f970f : 00000000`00000019 00000000`00000003 fffff8a0`0e0060a0 fffff8a0`0e006080 : nt!KeBugCheckEx fffff880`031afa80 fffff800`041fb1a1 : fffff800`043c1560 fffff8a0`0dff8760 fffffa80`036e4b50 fffff880`02f63180 : nt!ExDeferredFreePool+0xcbb fffff880`031afb10 fffff800`043b012c : fffff800`042cc600 00000000`00000000 00000000`624e4d43 00000000`00000000 : nt!ExFreePoolWithTag+0x411 fffff880`031afbc0 fffff800`043b01c0 : fffff8a0`0366ccc0 00000000`d108d2f0 fffff8a0`007c5010 ffffffff`ffffffff : nt!CmpDereferenceNameControlBlockWithLock+0xdc fffff880`031afbf0 fffff800`043901ef : fffff8a0`0366ccc0 fffff800`043ae730 fffff800`624e4d43 fffff800`00000000 : nt!CmpCleanUpKcbCacheWithLock+0x34 fffff880`031afc20 fffff800`043ae921 : fffff8a0`0366ccc0 00000000`ff2221a7 fffff8a0`007c5010 00000000`00000000 : nt!CmpDereferenceKeyControlBlockWithLock+0x13f fffff880`031afc50 fffff800`040d8641 : fffff800`0426c2d8 fffffa80`036e4b50 00000000`00000000 00000000`00000000 : nt!CmpDelayDerefKCBWorker+0x1f1 fffff880`031afcb0 fffff800`04365e5a : ffffbf3f`fdfff5ff fffffa80`036e4b50 00000000`00000080 fffffa80`036ce040 : nt!ExpWorkerThread+0x111 fffff880`031afd40 fffff800`040bfd26 : fffff880`02f63180 fffffa80`036e4b50 fffff880`02f6dfc0 fdffbfff`3fffe77f : nt!PspSystemThreadStartup+0x5a fffff880`031afd80 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxStartSystemThread+0x16 STACK_COMMAND: kb FOLLOWUP_IP: nt!ExDeferredFreePool+cbb fffff800`041f970f cc int 3 SYMBOL_STACK_INDEX: 1 SYMBOL_NAME: nt!ExDeferredFreePool+cbb FOLLOWUP_NAME: Pool_corruption IMAGE_NAME: Pool_Corruption DEBUG_FLR_IMAGE_TIMESTAMP: 0 MODULE_NAME: Pool_Corruption FAILURE_BUCKET_ID: X64_0x19_3_nt!ExDeferredFreePool+cbb BUCKET_ID: X64_0x19_3_nt!ExDeferredFreePool+cbb Followup: Pool_corruption --------- W zamian za pomoc oczekuję poprawnej pisowni. Stop niechlujstwu. Jak mądrze zadawać pytania? - przejrzyj poradnik na forum. Nie udzielam porad via PW. 01.11.2012 17:10
Podziękowania od:

Wojtek.wk Nowy Liczba postów: 7	Post: #6 RE: BSOD 5 minut po uruchomieniu komputera (01.11.2012 15:46)thermalfake napisał(a): Pokręciłeś pliki c:\Windows\System32\winevt\Logs\system.evtx a nie setup.evtx Najmocniej przepraszam za pomyłkę, już wrzucam właściwy plik - ponieważ nie mieści się w załączniku, wrzucam go na Dropboxa: https://dl.dropbox.com/u/74280466/System.evtx.zip Dzięki za pomoc! 02.11.2012 13:09
Podziękowania od:

Odpowiedz

Podobne wątki
Wątek:	Autor	Odpowiedzi:	Wyświetleń:	Ostatni post
BSOD	Moloch4	0	808	05.07.2019 11:29 Ostatni post: Moloch4
BSOD Windows 7	luzbluzoner	0	1.310	17.12.2016 20:25 Ostatni post: luzbluzoner
Częsty ekrad BSOD	kubajed	0	1.236	03.10.2016 17:46 Ostatni post: kubajed
Windows Media Player nie chce się włączyć po ponownym włączeniu funkcji	mazanm	0	1.277	15.08.2016 23:27 Ostatni post: mazanm
Rozwiązany Win7 uruchamia się 7 minut pomocy	GregPl	4	2.880	15.05.2016 09:50 Ostatni post: GregPl
Nowa instalacja, 3 BSOD	avocado	0	1.328	20.11.2015 09:46 Ostatni post: avocado

« Starszy wątek | Nowszy wątek »

Autor: Wojtek.wk
Temat został oceniony na 0 w skali 1-5 gwiazdek.
Zebrano 1 głosów.

Regulamin for | Polityka Prywatności | Oznacz wszystkie działy jako przeczytane | Ekipa forum | Statystyki | Wersja mobilna | Użytkownicy | Wersja Lo-Fi | Mapa strony |

Copyright © Windows 7 Forum