Hi fehpeh.
Install Service pack 1 and all other windows updates. Otherwise the system will remain vulnerable to threats.
Code:
Windows 7 Kernel Version 7600 MP (6 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
Learn how to install Windows 7 Service Pack 1 (SP1)
Service Pack and Update Center - Microsoft Windows
Scan the system for possible virus infection with the following programs.
Test your RAM modules for possible errors.
How to Test and Diagnose RAM Issues with Memtest86+
Run memtest for at least 8 passes, preferably overnight.
If it start showing errors/red lines, stop testing. A single error is enough to determine that something is going bad there.
If memtest dies not show any error, enable Driver Verifier to monitor the drivers.
Driver Verifier - Enable and Disable
Run Driver Verifier for 24 hours or the occurrence of the next crash, whichever is earlier.
Information
Why Driver Verifier:
It puts a stress on the drivers, ans so it makes the unstable drivers crash. Hopefully the driver that crashes is recorded in the memory dump.
How Can we know that DV is enabled:
It will make the system bit of slow, laggy.
Warning
Before enabling DV, make it sure that you have earlier System restore points made in your computer. You can check it easily by using
CCleaner looking at Tools > System Restore.
If there is no points,
make a System Restore Point manually before enabling DV.
Let us know the results, with the subsequent crash dumps, if any.
_______________________________________________________________________________________
Code:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 3B, {c0000005, fffff80002bf68fe, fffff88005ecf720, 0}
Probably caused by : ntkrnlmp.exe ( nt!ExAllocatePoolWithTag+52e )
Followup: MachineOwner
---------
3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff80002bf68fe, Address of the instruction which caused the bugcheck
Arg3: fffff88005ecf720, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
FAULTING_IP:
nt!ExAllocatePoolWithTag+52e
fffff800`02bf68fe 483918 cmp qword ptr [rax],rbx
CONTEXT: fffff88005ecf720 -- (.cxr 0xfffff88005ecf720)
rax=ffdff8a012e1fc00 rbx=fffffa8005300900 rcx=fffff8a00f17f570
rdx=0000000000000003 rsi=0000000000001000 rdi=0000000000000001
rip=fffff80002bf68fe rsp=fffff88005ed0100 rbp=fffffa80053003c0
r8=0000000000000001 r9=fffffa8005300900 r10=fffffa80053003c8
r11=0000000000000003 r12=0000000000000041 r13=0000000000000000
r14=fffffa8005761b60 r15=000000006e664d46
iopl=0 nv up ei pl zr na po nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010246
nt!ExAllocatePoolWithTag+0x52e:
fffff800`02bf68fe 483918 cmp qword ptr [rax],rbx ds:002b:ffdff8a0`12e1fc00=????????????????
Resetting default scope
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x3B
PROCESS_NAME: TrustedInstall
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from 0000000000000000 to fffff80002bf68fe
STACK_TEXT:
fffff880`05ed0100 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!ExAllocatePoolWithTag+0x52e
FOLLOWUP_IP:
nt!ExAllocatePoolWithTag+52e
fffff800`02bf68fe 483918 cmp qword ptr [rax],rbx
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: nt!ExAllocatePoolWithTag+52e
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bc600
STACK_COMMAND: .cxr 0xfffff88005ecf720 ; kb
FAILURE_BUCKET_ID: X64_0x3B_nt!ExAllocatePoolWithTag+52e
BUCKET_ID: X64_0x3B_nt!ExAllocatePoolWithTag+52e
Followup: MachineOwner
---------