BSOD at Windows 7 Startup IRQL_NOT_LESS_OR_EQUAL (a)

Page 1 of 2 12 LastLast

  1. floridaIT
    Posts : 6
    Windows 7 x64 Professional
       New #1

    BSOD at Windows 7 Startup IRQL_NOT_LESS_OR_EQUAL (a)


    I have many Lenovo M92 towers deployed and intermittantly have the following error. The PC starts up and reverts the system to the previous date. I have attached a windows system info file that shows the pc configuration. I am in the process of downloading manufacturer updates to the Intel HD Graphics, RealTek Audio, and NIC drivers. In the meantime, does anyone see anything that would point me to the driver that is giving me grief?


    Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
    Copyright (c) Microsoft Corporation. All rights reserved.

    Loading Dump File [C:\Users\FloridaIT\Desktop\030113-15802-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available
    Symbol search path is: C:\Symbols;SRV*f:\localsymbols*http://msdl.microsoft.com/download/symbols
    Executable search path is:
    Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 7601.17835.amd64fre.win7sp1_gdr.120503-2030
    Machine Name:
    Kernel base = 0xfffff800`0300d000 PsLoadedModuleList = 0xfffff800`03251670
    Debug session time: Fri Mar 1 08:08:31.482 2013 (UTC - 5:00)
    System Uptime: 0 days 0:00:12.278
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    .........
    Loading User Symbols
    Loading unloaded module list
    ...
    ERROR: FindPlugIns 8007007b
    *******************************************************************************
    * *
    * Bugcheck Analysis *
    * *
    *******************************************************************************
    Use !analyze -v to get detailed debugging information.
    BugCheck A, {0, 2, 0, fffff800030a1174}
    Probably caused by : ntkrnlmp.exe ( nt!KiPageFault+260 )
    Followup: MachineOwner
    ---------
    7: kd> !analyze -v
    ERROR: FindPlugIns 8007007b
    *******************************************************************************
    * *
    * Bugcheck Analysis *
    * *
    *******************************************************************************
    IRQL_NOT_LESS_OR_EQUAL (a)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high. This is usually
    caused by drivers using improper addresses.
    If a kernel debugger is available get the stack backtrace.
    Arguments:
    Arg1: 0000000000000000, memory referenced
    Arg2: 0000000000000002, IRQL
    Arg3: 0000000000000000, bitfield :
    bit 0 : value 0 = read operation, 1 = write operation
    bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
    Arg4: fffff800030a1174, address which referenced memory
    Debugging Details:
    ------------------

    READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800032bb100
    0000000000000000
    CURRENT_IRQL: 2
    FAULTING_IP:
    nt!IopCompleteRequest+c64
    fffff800`030a1174 488b09 mov rcx,qword ptr [rcx]
    CUSTOMER_CRASH_COUNT: 1
    DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
    BUGCHECK_STR: 0xA
    PROCESS_NAME: csrss.exe
    IRP_ADDRESS: ffffffffffffff88
    TRAP_FRAME: fffff88003be65a0 -- (.trap 0xfffff88003be65a0)
    NOTE: The trap frame does not contain all registers.
    Some register values may be zeroed or incorrect.
    rax=fffff88003be5818 rbx=0000000000000000 rcx=0000000000000000
    rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
    rip=fffff800030a1174 rsp=fffff88003be6730 rbp=0000000000000000
    r8=0000000000004740 r9=0000000000000080 r10=0000000000000002
    r11=00000000000001c8 r12=0000000000000000 r13=0000000000000000
    r14=0000000000000000 r15=0000000000000000
    iopl=0 nv up ei pl nz ac po cy
    nt!IopCompleteRequest+0xc64:
    fffff800`030a1174 488b09 mov rcx,qword ptr [rcx] ds:5578:00000000`00000000=????????????????
    Resetting default scope
    LAST_CONTROL_TRANSFER: from fffff8000308b769 to fffff8000308c1c0
    STACK_TEXT:
    fffff880`03be6458 fffff800`0308b769 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
    fffff880`03be6460 fffff800`0308a3e0 : 00000000`00000200 fffff880`03be6858 fffffa80`0a4c8b78 fffffa80`0afdcc60 : nt!KiBugCheckDispatch+0x69
    fffff880`03be65a0 fffff800`030a1174 : 00000000`00000001 00000000`00000000 fffff880`20206f49 fffff880`03be6a18 : nt!KiPageFault+0x260
    fffff880`03be6730 fffff800`0307ebd7 : 00000000`00000000 00000000`00000000 00000000`00000000 fffff8a0`00000000 : nt!IopCompleteRequest+0xc64
    fffff880`03be6800 fffff800`03035a85 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDeliverApc+0x1c7
    fffff880`03be6880 fffff800`032d796a : fffffa80`0a9a9df0 fffffa80`0a336330 fffff880`03be6a10 fffff880`03be6a08 : nt!KiCheckForKernelApcDelivery+0x25
    fffff880`03be68b0 fffff800`033a142e : fffffa80`00000004 fffffa80`0a336330 fffff880`03be6a10 00000000`00000000 : nt! ?? ::NNGAKEGL::`string'+0x2a53a
    fffff880`03be69a0 fffff800`0308b453 : 00000000`00000034 fffffa80`0a895060 00000000`0021e3e8 00000000`0021e401 : nt!NtMapViewOfSection+0x2bd
    fffff880`03be6a70 00000000`777d159a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
    00000000`0021e3c8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x777d159a

    STACK_COMMAND: kb
    FOLLOWUP_IP:
    nt!KiPageFault+260
    fffff800`0308a3e0 440f20c0 mov rax,cr8
    SYMBOL_STACK_INDEX: 2
    SYMBOL_NAME: nt!KiPageFault+260
    FOLLOWUP_NAME: MachineOwner
    MODULE_NAME: nt
    IMAGE_NAME: ntkrnlmp.exe
    DEBUG_FLR_IMAGE_TIMESTAMP: 4fa390f3
    FAILURE_BUCKET_ID: X64_0xA_nt!KiPageFault+260
    BUCKET_ID: X64_0xA_nt!KiPageFault+260
    Followup: MachineOwner
    ---------
      My Computer
    Quote Quote

  3. Arc
    Posts : 35,373
    Microsoft Windows 10 Pro Insider Preview 64-bit
       New #2

    Post it following the Blue Screen of Death (BSOD) Posting Instructions.
      My Computer
    Quote Quote

  4. floridaIT
    Posts : 6
    Windows 7 x64 Professional
    Thread Starter
       New #3

    SFDiagnostic Tool data


    Sorry this took so long...I've uploaded the SFDiagnostic Tool data file here. Thank you for your help!!
      My Computer
    Quote Quote

  6. Arc
    Posts : 35,373
    Microsoft Windows 10 Pro Insider Preview 64-bit
       New #4

    Listing up the elements that made your computer crash to BSOD.


    • Norton Internet Security

    Code:
    fffff880`047df3b8  fffff880`04e539f0Unable to load image \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS, Win32 error 0n2
*** WARNING: Unable to verify timestamp for SYMEVENT64x86.SYS
*** ERROR: Module load completed but symbols could not be loaded for SYMEVENT64x86.SYS
 SYMEVENT64x86+0x269f0
    Description here: Driver Reference Table - SYMEVENT64x86.SYS


    • Symantec Heuristics Driver

    Code:
    fffff880`047df358  fffff880`043ca2e0Unable to load image \??\C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\BASHDefs\20130301.011\BHDrvx64.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for BHDrvx64.sys
*** ERROR: Module load completed but symbols could not be loaded for BHDrvx64.sys
 BHDrvx64+0x1372e0
    Description here: Driver Reference Table - BHDrvx64.sys


    • Symantec /Norton

    Code:
    fffff880`047df028  fffff880`051d6ab8Unable to load image \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for EraserUtilRebootDrv.sys
*** ERROR: Module load completed but symbols could not be loaded for EraserUtilRebootDrv.sys
 EraserUtilRebootDrv+0x2ab8
    Description here: Driver Reference Table - EraserUtilRebootDrv.sys

    So you are seeing that it in Norton that is the problem for you. Uninstall Norton and all Symentec products using Norton Removal tool. Use Microsoft Security Essentials as your antivirus with windows inbuilt firewall, and free MBAM as the on demand scanner.
    Download, install and update those, and then run full system scans with both of them, one by one.

    Let us know the results.
      My Computer
    Quote Quote

  7. floridaIT
    Posts : 6
    Windows 7 x64 Professional
    Thread Starter
       New #5

    Wow...Unfortunately, we will have to contact our vendor since we've purchased symantec for all PC's enterprise wide. I'll check their blogs to see if there's an client update available for Symantec Endpoint Protection. I'll leave the thread open until I can check with the vendor and will update the thread once I have more info. Thank you for your help.
      My Computer
    Quote Quote

  8. Arc
    Posts : 35,373
    Microsoft Windows 10 Pro Insider Preview 64-bit
       New #6

    Best of luck
      My Computer
    Quote Quote

  10. floridaIT
    Posts : 6
    Windows 7 x64 Professional
    Thread Starter
       New #7

    Arc, can you tell me if you see the same from the attached file? This is a different PC, same model. It helps to have another PC for comparison. Thank you again.
      My Computer
    Quote Quote

  11. Arc
    Posts : 35,373
    Microsoft Windows 10 Pro Insider Preview 64-bit
       New #8

    Essentially identical, other than the date of the crash. Failing modules are:

    • SYMEVENT64x86.SYS
    • BHDrvx64.sys
    • EraserUtilRebootDrv.sys

    Descriptions are given in my earlier post :)
      My Computer
    Quote Quote

  12. floridaIT
    Posts : 6
    Windows 7 x64 Professional
    Thread Starter
       New #9

    Thanks again!
      My Computer
    Quote Quote

  13. Arc
    Posts : 35,373
    Microsoft Windows 10 Pro Insider Preview 64-bit
       New #10

    Waiting for the update as you mentioned earlier :)
      My Computer
    Quote Quote

 
Page 1 of 2 12 LastLast

  Related Discussions
Hello, I have been having BSOD (0x00000001 with IRQL_NOT_LESS_OR_EQUAL) everytime at the Windows 7 login screen. I am unable to login to Windows whatsoever. I am only able to start in Safe Mode. I have attached a picture of the BSOD. Please advise.
Everytime i boot my PC now since about 2 weeks ago, i always hear it start up, then reset and start up and ask what mode to start in (normally, safemode etc) selecting normal, the pc then starts up fine, says it will scan for reasons it didnt start up and find nothing. I watched what was...
Hello First, i apologize if my english is bad but it's not my native language So here is my problem : A friend of mine wanted me to install windows seven on this laptop. So i've created a USB install of Windows seven pro x64 with Rufus and a non-modified iso (with the gtp option for UEFI...
Hello. I came to this forum requesting help with a bsod that occurs randomly after the "Starting Windows" splash screen. It only happens sometimes, but it is annoying nonetheless. The bugcheck code is 0xa and the cause according to WhoCrashed and BlueScreenView is the Windows NT Kernel...
Upon start up my ASUS G53JW received a BSOD. This is a few days after I updated my video card driver to accommodate for Battlefield 3, and it also had a xbox 360 controller plugged into it, which isn't how it usually starts up. Received the error code DRIVER_IRQL_NOT_LESS_OR_EQUAL. I just want to...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 10:56.
Find Us