Multiple BSOD's. I'm Lost.

Wildcard187 said:

Hi and thanks for the help that I know I'm going to get here. I've been reading these forums a lot lately. I've been getting several veried BSOD crashes. I have tried and tried to get my minidump files into zip form, but I am having no luck. I'll try to cut and past my dmp files here. Any help would be appreciated. I have 7 dmp files all together. I apologize ahead of time for how long this is...

Code:

 
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
 
 
Loading Dump File [C:\Windows\Minidump\012911-20108-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
 
Symbol search path is: symsrv*symsrv.dll*e:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02e55000 PsLoadedModuleList = 0xfffff800`03092e50
Debug session time: Sat Jan 29 08:37:30.964 2011 (UTC - 7:00)
System Uptime: 6 days 19:00:31.599
Loading Kernel Symbols
.
 
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.
 
..............................................................
................................................................
.....................
Loading User Symbols
Loading unloaded module list
..................................................
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
 
Use !analyze -v to get detailed debugging information.
 
BugCheck A, {10006002b, 2, 0, fffff80002ed0e13}
 
Probably caused by : ntkrnlmp.exe ( nt!KiProcessExpiredTimerList+103 )
 
Followup: MachineOwner
---------
 
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
 
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 000000010006002b, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff80002ed0e13, address which referenced memory
 
Debugging Details:
------------------
 
 
READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800030fd0e0
000000010006002b 
 
CURRENT_IRQL: 2
 
FAULTING_IP: 
nt!KiProcessExpiredTimerList+103
fffff800`02ed0e13 0fb6432b movzx eax,byte ptr [rbx+2Bh]
 
CUSTOMER_CRASH_COUNT: 1
 
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
 
BUGCHECK_STR: 0xA
 
PROCESS_NAME: System
 
TRAP_FRAME: fffff8000439a450 -- (.trap 0xfffff8000439a450)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000005 rbx=0000000000000000 rcx=fffffa8004f48068
rdx=fffff80003044420 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80002ed0e13 rsp=fffff8000439a5e0 rbp=fffffa8005997210
r8=fffffa8003af6100 r9=000000000000000a r10=fffff80002e55000
r11=fffff8000439a5b0 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na po cy
nt!KiProcessExpiredTimerList+0x103:
fffff800`02ed0e13 0fb6432b movzx eax,byte ptr [rbx+2Bh] ds:00000000`0000002b=??
Resetting default scope
 
LAST_CONTROL_TRANSFER: from fffff80002ec4ca9 to fffff80002ec5740
 
STACK_TEXT: 
fffff800`0439a308 fffff800`02ec4ca9 : 00000000`0000000a 00000001`0006002b 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
fffff800`0439a310 fffff800`02ec3920 : fffff880`40110088 00000001`00060000 fffffa80`056c94b0 fffff880`05ee953d : nt!KiBugCheckDispatch+0x69
fffff800`0439a450 fffff800`02ed0e13 : fffffa80`0504ea60 fffffa80`03af6168 fffffa80`03af6168 fffffa80`063c6c00 : nt!KiPageFault+0x260
fffff800`0439a5e0 fffff800`02ed14be : 00000556`52e3f7e0 fffff800`0439ac58 00000000`023dfe11 fffff800`030424a8 : nt!KiProcessExpiredTimerList+0x103
fffff800`0439ac30 fffff800`02ed0cb7 : 000001ac`da30f6c7 000001ac`023dfe11 000001ac`da30f6f8 00000000`00000011 : nt!KiTimerExpiration+0x1be
fffff800`0439acd0 fffff800`02ecdeea : fffff800`0303fe80 fffff800`0304dc40 00000000`00000000 fffff880`0409edb0 : nt!KiRetireDpcList+0x277
fffff800`0439ad80 00000000`00000000 : fffff800`0439b000 fffff800`04395000 fffff800`0439ad40 00000000`00000000 : nt!KiIdleLoop+0x5a
 
 
STACK_COMMAND: kb
 
FOLLOWUP_IP: 
nt!KiProcessExpiredTimerList+103
fffff800`02ed0e13 0fb6432b movzx eax,byte ptr [rbx+2Bh]
 
SYMBOL_STACK_INDEX: 3
 
SYMBOL_NAME: nt!KiProcessExpiredTimerList+103
 
FOLLOWUP_NAME: MachineOwner
 
MODULE_NAME: nt
 
IMAGE_NAME: ntkrnlmp.exe
 
DEBUG_FLR_IMAGE_TIMESTAMP: 4c1c44a9
 
FAILURE_BUCKET_ID: X64_0xA_nt!KiProcessExpiredTimerList+103
 
BUCKET_ID: X64_0xA_nt!KiProcessExpiredTimerList+103
 
Followup: MachineOwner
---------
 
________________________
 
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
 
 
Loading Dump File [C:\Windows\Minidump\020711-18657-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
 
Symbol search path is: symsrv*symsrv.dll*e:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02e4b000 PsLoadedModuleList = 0xfffff800`03088e50
Debug session time: Mon Feb 7 06:42:04.128 2011 (UTC - 7:00)
System Uptime: 0 days 0:08:04.845
Loading Kernel Symbols
...............................................................
................................................................
......................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
 
Use !analyze -v to get detailed debugging information.
 
BugCheck 4E, {99, b3164, 2, 4a04d}
 
Probably caused by : memory_corruption ( nt!MiBadShareCount+4c )
 
Followup: MachineOwner
---------
 
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
 
PFN_LIST_CORRUPT (4e)
Typically caused by drivers passing bad memory descriptor lists (ie: calling
MmUnlockPages twice with the same list, etc). If a kernel debugger is
available get the stack trace.
Arguments:
Arg1: 0000000000000099, A PTE or PFN is corrupt
Arg2: 00000000000b3164, page frame number
Arg3: 0000000000000002, current page state
Arg4: 000000000004a04d, 0
 
Debugging Details:
------------------
 
 
BUGCHECK_STR: 0x4E_99
 
CUSTOMER_CRASH_COUNT: 1
 
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
 
PROCESS_NAME: steamerrorrepo
 
CURRENT_IRQL: 2
 
LAST_CONTROL_TRANSFER: from fffff80002f4b38c to fffff80002ebb740
 
STACK_TEXT: 
fffff880`06c4f638 fffff800`02f4b38c : 00000000`0000004e 00000000`00000099 00000000`000b3164 00000000`00000002 : nt!KeBugCheckEx
fffff880`06c4f640 fffff800`02f2d6a9 : 00000014`00000000 fffff680`001fd000 efb00000`b2961025 00000000`00000002 : nt!MiBadShareCount+0x4c
fffff880`06c4f680 fffff800`02eec381 : 00000000`3fa2d000 fffff680`001fd168 fffffa80`04095060 ef100000`b3164025 : nt! ?? ::FNODOBFM::`string'+0x31ed3
fffff880`06c4f830 fffff800`02eeedf9 : 00000000`00000000 00000000`3fa31fff fffffa80`00000000 fffffa80`00000000 : nt!MiDeleteVirtualAddresses+0x408
fffff880`06c4f9f0 fffff800`031d41d0 : fffffa80`08324220 0007ffff`00000000 00000000`00000000 00000000`00000000 : nt!MiRemoveMappedView+0xd9
fffff880`06c4fb10 fffff800`031d45db : 00000980`00000000 00000000`3fa00000 fffffa80`00000001 fffffa80`07581a30 : nt!MiUnmapViewOfSection+0x1b0
fffff880`06c4fbd0 fffff800`02eba993 : 00000000`00000000 00000000`00000001 fffffa80`04095060 00000000`00000004 : nt!NtUnmapViewOfSection+0x5f
fffff880`06c4fc20 00000000`7791fffa : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0036e808 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7791fffa
 
 
STACK_COMMAND: kb
 
FOLLOWUP_IP: 
nt!MiBadShareCount+4c
fffff800`02f4b38c cc int 3
 
SYMBOL_STACK_INDEX: 1
 
SYMBOL_NAME: nt!MiBadShareCount+4c
 
FOLLOWUP_NAME: MachineOwner
 
MODULE_NAME: nt
 
DEBUG_FLR_IMAGE_TIMESTAMP: 4c1c44a9
 
IMAGE_NAME: memory_corruption
 
FAILURE_BUCKET_ID: X64_0x4E_99_nt!MiBadShareCount+4c
 
BUCKET_ID: X64_0x4E_99_nt!MiBadShareCount+4c
 
Followup: MachineOwner
 
 
 
__________________________
 
 
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
 
 
Loading Dump File [C:\Windows\Minidump\020711-24055-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
 
Symbol search path is: symsrv*symsrv.dll*e:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02e0f000 PsLoadedModuleList = 0xfffff800`0304ce50
Debug session time: Sun Feb 6 23:11:26.926 2011 (UTC - 7:00)
System Uptime: 3 days 3:13:07.938
Loading Kernel Symbols
..
 
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.
 
.............................................................
................................................................
.....................
Loading User Symbols
Loading unloaded module list
................................
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
 
Use !analyze -v to get detailed debugging information.
 
BugCheck 50, {fffffa9003964630, 0, fffff80002fb3070, 5}
 
 
Could not read faulting driver name
Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+1e4 )
 
Followup: Pool_corruption
---------
 
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
 
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except,
it must be protected by a Probe. Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: fffffa9003964630, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffff80002fb3070, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000005, (reserved)
 
Debugging Details:
------------------
 
 
Could not read faulting driver name
 
READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800030b70e0
fffffa9003964630 
 
FAULTING_IP: 
nt!ExDeferredFreePool+1e4
fffff800`02fb3070 488b01 mov rax,qword ptr [rcx]
 
MM_INTERNAL_CODE: 5
 
CUSTOMER_CRASH_COUNT: 1
 
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
 
BUGCHECK_STR: 0x50
 
PROCESS_NAME: lsass.exe
 
CURRENT_IRQL: 0
 
TRAP_FRAME: fffff88006e27810 -- (.trap 0xfffff88006e27810)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffffa9003964630
rdx=fffff8a008813e10 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80002fb3070 rsp=fffff88006e279a0 rbp=0000000000000000
r8=fffff8a00ea63a00 r9=fffff8a008814930 r10=fffff8a008814940
r11=0000000000000001 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na po nc
nt!ExDeferredFreePool+0x1e4:
fffff800`02fb3070 488b01 mov rax,qword ptr [rcx] ds:fffffa90`03964630=????????????????
Resetting default scope
 
LAST_CONTROL_TRANSFER: from fffff80002efe8c1 to fffff80002e7f740
 
STACK_TEXT: 
fffff880`06e276a8 fffff800`02efe8c1 : 00000000`00000050 fffffa90`03964630 00000000`00000000 fffff880`06e27810 : nt!KeBugCheckEx
fffff880`06e276b0 fffff800`02e7d82e : 00000000`00000000 00000000`00000004 00000000`00000700 fffffa80`0396d960 : nt! ?? ::FNODOBFM::`string'+0x40e8b
fffff880`06e27810 fffff800`02fb3070 : 00000000`00000005 fffff800`0315130c fffff880`06e27ca0 fffff8a0`08842a50 : nt!KiPageFault+0x16e
fffff880`06e279a0 fffff800`02fb44c1 : 00000000`00000001 fffff8a0`088429f0 fffffa80`06b00b60 fffff8a0`08842a00 : nt!ExDeferredFreePool+0x1e4
fffff880`06e27a30 fffff800`02e848bc : fffff8a0`08842a20 00000000`00000000 fffffa80`656b6f54 fffffa80`0396d960 : nt!ExFreePoolWithTag+0x411
fffff880`06e27ae0 fffff800`03195514 : fffffa80`05ea7730 00000000`00000000 fffffa80`06b00b60 00000000`00000000 : nt!ObfDereferenceObject+0xdc
fffff880`06e27b40 fffff800`03195414 : 00000000`00000c30 fffffa80`05ea7730 fffff8a0`0180f650 00000000`00000c30 : nt!ObpCloseHandleTableEntry+0xc4
fffff880`06e27bd0 fffff800`02e7e993 : fffffa80`06b00b60 fffff880`06e27ca0 00000000`00000000 00000000`00000000 : nt!ObpCloseHandle+0x94
fffff880`06e27c20 00000000`776bfe4a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`00ffea98 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x776bfe4a
 
 
STACK_COMMAND: kb
 
FOLLOWUP_IP: 
nt!ExDeferredFreePool+1e4
fffff800`02fb3070 488b01 mov rax,qword ptr [rcx]
 
SYMBOL_STACK_INDEX: 3
 
SYMBOL_NAME: nt!ExDeferredFreePool+1e4
 
FOLLOWUP_NAME: Pool_corruption
 
IMAGE_NAME: Pool_Corruption
 
DEBUG_FLR_IMAGE_TIMESTAMP: 0
 
MODULE_NAME: Pool_Corruption
 
FAILURE_BUCKET_ID: X64_0x50_nt!ExDeferredFreePool+1e4
 
BUCKET_ID: X64_0x50_nt!ExDeferredFreePool+1e4
 
Followup: Pool_corruption
 
 
_______________________________
 
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
 
 
Loading Dump File [C:\Windows\Minidump\020911-20670-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
 
Symbol search path is: symsrv*symsrv.dll*e:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0xfffff800`02e51000 PsLoadedModuleList = 0xfffff800`0308ee50
Debug session time: Wed Feb 9 21:03:56.466 2011 (UTC - 7:00)
System Uptime: 0 days 0:12:05.182
Loading Kernel Symbols
.
 
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.
 
...........................................
Loading User Symbols
Missing image name, possible paged-out or corrupt data.
Loading unloaded module list
.Missing image name, possible paged-out or corrupt data.
..Missing image name, possible paged-out or corrupt data.
.Missing image name, possible paged-out or corrupt data.
...Missing image name, possible paged-out or corrupt data.
.Missing image name, possible paged-out or corrupt data.
...Missing image name, possible paged-out or corrupt data.
.Missing image name, possible paged-out or corrupt data.
.Missing image name, possible paged-out or corrupt data.
Missing image name, possible paged-out or corrupt data.
...Missing image name, possible paged-out or corrupt data.
.Missing image name, possible paged-out or corrupt data.
...Missing image name, possible paged-out or corrupt data.
.Missing image name, possible paged-out or corrupt data.
.Missing image name, possible paged-out or corrupt data.
 
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
 
Use !analyze -v to get detailed debugging information.
 
BugCheck 1E, {0, 0, 0, 0}
 
Probably caused by : ntkrnlmp.exe ( nt!PoIdle+53a )
 
Followup: MachineOwner
---------
 
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
 
KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: 0000000000000000, The exception code that was not handled
Arg2: 0000000000000000, The address that the exception occurred at
Arg3: 0000000000000000, Parameter 0 of the exception
Arg4: 0000000000000000, Parameter 1 of the exception
 
Debugging Details:
------------------
 
 
EXCEPTION_CODE: (Win32) 0 (0) - The operation completed successfully.
 
FAULTING_IP: 
Unknown_Module_00000000`00000000>+0
00000000`00000000 ?? ???
 
EXCEPTION_PARAMETER1: 0000000000000000
 
EXCEPTION_PARAMETER2: 0000000000000000
 
ERROR_CODE: (NTSTATUS) 0 - STATUS_WAIT_0
 
BUGCHECK_STR: 0x1E_0
 
CUSTOMER_CRASH_COUNT: 1
 
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
 
PROCESS_NAME: System
 
CURRENT_IRQL: 0
 
LAST_CONTROL_TRANSFER: from fffff80002ecf24a to fffff88003dde7f2
 
STACK_TEXT: 
fffff800`00b9cc98 fffff800`02ecf24a : 00000000`002fe564 fffffa80`055e19d8 fffff800`03049c40 00000000`00000001 : 0xfffff880`03dde7f2
fffff800`00b9cca0 fffff800`02ec9ebc : fffff800`0303be80 fffff800`00000000 00000000`00000000 fffff880`03e6fdb0 : nt!PoIdle+0x53a
fffff800`00b9cd80 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x2c
 
 
STACK_COMMAND: kb
 
FOLLOWUP_IP: 
nt!PoIdle+53a
fffff800`02ecf24a 0fba25f61318000f bt dword ptr [<Unloaded_Unknown_Module_00000000`00000000>+0x1813f6 (00000000`001813f6)],0Fh
 
SYMBOL_STACK_INDEX: 1
 
SYMBOL_NAME: nt!PoIdle+53a
 
FOLLOWUP_NAME: MachineOwner
 
MODULE_NAME: nt
 
IMAGE_NAME: ntkrnlmp.exe
 
DEBUG_FLR_IMAGE_TIMESTAMP: 4cc791bd
 
FAILURE_BUCKET_ID: X64_0x1E_0_nt!PoIdle+53a
 
BUCKET_ID: X64_0x1E_0_nt!PoIdle+53a
 
Followup: MachineOwner
---------
 
________________________
 
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
 
 
Loading Dump File [C:\Windows\Minidump\021011-16270-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
 
Symbol search path is: symsrv*symsrv.dll*e:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0xfffff800`02e63000 PsLoadedModuleList = 0xfffff800`030a0e50
Debug session time: Thu Feb 10 19:40:36.129 2011 (UTC - 7:00)
System Uptime: 0 days 0:03:05.846
Loading Kernel Symbols
.
 
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.
 
..............................................................
................................................................
........................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
 
Use !analyze -v to get detailed debugging information.
 
BugCheck 50, {fffffffffffffff5, 0, fffff800031ad43d, 0}
 
 
Could not read faulting driver name
Probably caused by : ntkrnlmp.exe ( nt!CmpKcbCacheLookup+1dd )
 
Followup: MachineOwner
---------
 
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
 
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except,
it must be protected by a Probe. Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: fffffffffffffff5, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffff800031ad43d, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000000, (reserved)
 
Debugging Details:
------------------
 
 
Could not read faulting driver name
 
READ_ADDRESS: GetPointerFromAddress: unable to read from fffff8000310b0e0
fffffffffffffff5 
 
FAULTING_IP: 
nt!CmpKcbCacheLookup+1dd
fffff800`031ad43d 418b45f4 mov eax,dword ptr [r13-0Ch]
 
MM_INTERNAL_CODE: 0
 
CUSTOMER_CRASH_COUNT: 1
 
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
 
BUGCHECK_STR: 0x50
 
PROCESS_NAME: essvr.exe
 
CURRENT_IRQL: 0
 
TRAP_FRAME: fffff88006347fb0 -- (.trap 0xfffff88006347fb0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=000000000000000e rbx=0000000000000000 rcx=0000000000000aaa
rdx=000000000ef62637 rsi=0000000000000000 rdi=0000000000000000
rip=fffff800031ad43d rsp=fffff88006348140 rbp=fffff8a00056d010
r8=0000000000000004 r9=0000000000000000 r10=0000000000000010
r11=fffff880063482f0 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na pe nc
nt!CmpKcbCacheLookup+0x1dd:
fffff800`031ad43d 418b45f4 mov eax,dword ptr [r13-0Ch] ds:d501:ffffffff`fffffff4=????????
Resetting default scope
 
LAST_CONTROL_TRANSFER: from fffff80002f53f14 to fffff80002ed3740
 
STACK_TEXT: 
fffff880`06347e48 fffff800`02f53f14 : 00000000`00000050 ffffffff`fffffff5 00000000`00000000 fffff880`06347fb0 : nt!KeBugCheckEx
fffff880`06347e50 fffff800`02ed182e : 00000000`00000000 00000000`00000000 00000000`00000000 fffff800`02f1cfdc : nt! ?? ::FNODOBFM::`string'+0x42837
fffff880`06347fb0 fffff800`031ad43d : fffff8a0`0000c010 00000000`28386cf4 fffff880`063486c4 fffff800`031a9566 : nt!KiPageFault+0x16e
fffff880`06348140 fffff800`031ac9f8 : fffff880`063482f0 fffff880`00000003 fffff880`063486c8 fffff880`063486e0 : nt!CmpKcbCacheLookup+0x1dd
fffff880`06348230 fffff800`031aac51 : fffff8a0`00020220 fffff880`063486e0 fffff880`06348718 fffff880`06348700 : nt!CmpBuildHashStackAndLookupCache+0x328
fffff880`06348610 fffff800`031cab84 : fffff800`031aa9b0 00000000`00000000 fffffa80`058ca010 fffff8a0`00ec3101 : nt!CmpParseKey+0x2a1
fffff880`063488e0 fffff800`031cfb4d : fffffa80`058ca010 fffff880`06348a40 00000000`00000040 fffffa80`039fca50 : nt!ObpLookupObjectName+0x585
fffff880`063489e0 fffff800`031aeabc : 00000000`00000000 00000000`00000000 fffff880`06348c01 00000000`00000000 : nt!ObOpenObjectByName+0x1cd
fffff880`06348a90 fffff800`031b0bff : 00000000`0085e778 00000000`000f003f 00000000`0085e798 00000000`00000000 : nt!CmOpenKey+0x28a
fffff880`06348be0 fffff800`02ed2993 : fffffa80`06a91660 fffff880`06348ca0 00000000`7efad000 00000000`00000004 : nt!NtOpenKeyEx+0xf
fffff880`06348c20 00000000`7737060a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0085e738 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7737060a
 
 
STACK_COMMAND: kb
 
FOLLOWUP_IP: 
nt!CmpKcbCacheLookup+1dd
fffff800`031ad43d 418b45f4 mov eax,dword ptr [r13-0Ch]
 
SYMBOL_STACK_INDEX: 3
 
SYMBOL_NAME: nt!CmpKcbCacheLookup+1dd
 
FOLLOWUP_NAME: MachineOwner
 
MODULE_NAME: nt
 
IMAGE_NAME: ntkrnlmp.exe
 
DEBUG_FLR_IMAGE_TIMESTAMP: 4cc791bd
 
FAILURE_BUCKET_ID: X64_0x50_nt!CmpKcbCacheLookup+1dd
 
BUCKET_ID: X64_0x50_nt!CmpKcbCacheLookup+1dd
 
Followup: MachineOwne
 
________________________________
 
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
 
 
Loading Dump File [C:\Windows\Minidump\101410-14726-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
 
Symbol search path is: symsrv*symsrv.dll*e:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02e07000 PsLoadedModuleList = 0xfffff800`03044e50
Debug session time: Thu Oct 14 15:32:53.284 2010 (UTC - 7:00)
System Uptime: 0 days 0:01:34.001
Loading Kernel Symbols
.
 
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.
 
..............................................................
................................................................
...................
Loading User Symbols
Loading unloaded module list
.............
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
 
Use !analyze -v to get detailed debugging information.
 
BugCheck 7F, {8, 80050031, 6f8, fffff88013f28b5a}
 
Unable to load image \SystemRoot\system32\DRIVERS\nvlddmkm.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for nvlddmkm.sys
*** ERROR: Module load completed but symbols could not be loaded for nvlddmkm.sys
Probably caused by : nvlddmkm.sys ( nvlddmkm+efb5a )
 
Followup: MachineOwner
---------
 
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
 
UNEXPECTED_KERNEL_MODE_TRAP (7f)
This means a trap occurred in kernel mode, and it's a trap of a kind
that the kernel isn't allowed to have/catch (bound trap) or that
is always instant death (double fault). The first number in the
bugcheck params is the number of the trap (8 = double fault, etc)
Consult an Intel x86 family manual to learn more about what these
traps are. Here is a *portion* of those codes:
If kv shows a taskGate
use .tss on the part before the colon, then kv.
Else if kv shows a trapframe
use .trap on that value
Else
.trap on the appropriate frame will show where the trap was taken
(on x86, this will be the ebp that goes with the procedure KiTrap)
Endif
kb will then show the corrected stack.
Arguments:
Arg1: 0000000000000008, EXCEPTION_DOUBLE_FAULT
Arg2: 0000000080050031
Arg3: 00000000000006f8
Arg4: fffff88013f28b5a
 
Debugging Details:
------------------
 
 
BUGCHECK_STR: 0x7f_8
 
CUSTOMER_CRASH_COUNT: 1
 
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
 
PROCESS_NAME: System
 
CURRENT_IRQL: 5
 
LAST_CONTROL_TRANSFER: from fffff80002e76ca9 to fffff80002e77740
 
STACK_TEXT: 
fffff880`009edce8 fffff800`02e76ca9 : 00000000`0000007f 00000000`00000008 00000000`80050031 00000000`000006f8 : nt!KeBugCheckEx
fffff880`009edcf0 fffff800`02e75172 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
fffff880`009ede30 fffff880`13f28b5a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDoubleFaultAbort+0xb2
fffff880`04dc7fe0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nvlddmkm+0xefb5a
 
 
STACK_COMMAND: kb
 
FOLLOWUP_IP: 
nvlddmkm+efb5a
fffff880`13f28b5a e89df8ffff call nvlddmkm+0xef3fc (fffff880`13f283fc)
 
SYMBOL_STACK_INDEX: 3
 
SYMBOL_NAME: nvlddmkm+efb5a
 
FOLLOWUP_NAME: MachineOwner
 
MODULE_NAME: nvlddmkm
 
IMAGE_NAME: nvlddmkm.sys
 
DEBUG_FLR_IMAGE_TIMESTAMP: 4c37918e
 
FAILURE_BUCKET_ID: X64_0x7f_8_nvlddmkm+efb5a
 
BUCKET_ID: X64_0x7f_8_nvlddmkm+efb5a
 
Followup: MachineOwner
---------
 
_____________________________
 
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
 
 
Loading Dump File [C:\Windows\Minidump\122910-18423-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
 
Symbol search path is: symsrv*symsrv.dll*e:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02e09000 PsLoadedModuleList = 0xfffff800`03046e50
Debug session time: Wed Dec 29 12:13:58.134 2010 (UTC - 7:00)
System Uptime: 4 days 6:18:08.937
Loading Kernel Symbols
.
 
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.
 
..............................................................
................................................................
......................
Loading User Symbols
Loading unloaded module list
..................................................
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
 
Use !analyze -v to get detailed debugging information.
 
BugCheck 50, {fffff8e002d639bc, 1, fffff80002fae2c2, 5}
 
 
Could not read faulting driver name
Probably caused by : ntkrnlmp.exe ( nt!ExFreePoolWithTag+212 )
 
Followup: MachineOwner
---------
 
2: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
 
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except,
it must be protected by a Probe. Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: fffff8e002d639bc, memory referenced.
Arg2: 0000000000000001, value 0 = read operation, 1 = write operation.
Arg3: fffff80002fae2c2, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000005, (reserved)
 
Debugging Details:
------------------
 
 
Could not read faulting driver name
 
WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff800030b10e0
fffff8e002d639bc 
 
FAULTING_IP: 
nt!ExFreePoolWithTag+212
fffff800`02fae2c2 ff411c inc dword ptr [rcx+1Ch]
 
MM_INTERNAL_CODE: 5
 
CUSTOMER_CRASH_COUNT: 1
 
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
 
BUGCHECK_STR: 0x50
 
PROCESS_NAME: wermgr.exe
 
CURRENT_IRQL: 0
 
TRAP_FRAME: fffff880070e22c0 -- (.trap 0xfffff880070e22c0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000005fffffffa0 rbx=0000000000000000 rcx=fffff8e002d639a0
rdx=fffff88002d63180 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80002fae2c2 rsp=fffff880070e2450 rbp=0000000000000000
r8=0000000000010680 r9=0000000000000000 r10=fffff80002e09000
r11=0000000000000690 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz ac po nc
nt!ExFreePoolWithTag+0x212:
fffff800`02fae2c2 ff411c inc dword ptr [rcx+1Ch] ds:fffff8e0`02d639bc=????????
Resetting default scope
 
LAST_CONTROL_TRANSFER: from fffff80002ef88c1 to fffff80002e79740
 
STACK_TEXT: 
fffff880`070e2158 fffff800`02ef88c1 : 00000000`00000050 fffff8e0`02d639bc 00000000`00000001 fffff880`070e22c0 : nt!KeBugCheckEx
fffff880`070e2160 fffff800`02e7782e : 00000000`00000001 fffffa80`03d0eaf0 00000000`00000000 00000000`00000000 : nt! ?? ::FNODOBFM::`string'+0x40e8b
fffff880`070e22c0 fffff800`02fae2c2 : fffffa80`03b64400 00000000`00000801 fffff8a0`00000000 fffff800`6c526d4d : nt!KiPageFault+0x16e
fffff880`070e2450 fffff800`030d93fb : fffffa80`058a3df0 fffffa80`03d0eb48 fffffa80`6c526d4d 00000000`000007ff : nt!ExFreePoolWithTag+0x212
fffff880`070e2500 fffff800`030d9a6c : 00000000`00000240 fffffa80`05785b80 00000000`0000001c 00000000`00000004 : nt! ?? ::NNGAKEGL::`string'+0x3896e
fffff880`070e25c0 fffff800`032d5c5c : 00000000`00000010 00000000`0000002c fffffa80`05785b50 00000000`0000002c : nt!MmPrefetchPages+0x6c
fffff880`070e2620 fffff800`032d5e97 : fffff880`070e2740 00000000`00000001 00000000`00000000 00000000`00000000 : nt!PfSnPrefetchSections+0x43c
fffff880`070e2710 fffff800`032d62bf : 00000357`9845dfe2 fffffa80`03b64450 fffff8a0`020c6000 00000000`00000000 : nt!PfSnPrefetchScenario+0x187
fffff880`070e2980 fffff800`030ce6df : 00000000`00000000 00000000`0f2ac88c fffffa80`03fb9810 00000000`00000000 : nt!PfSnBeginAppLaunch+0x35f
fffff880`070e2a50 fffff800`031472fc : fffffa80`065ca990 fffffa80`03fb9810 00000000`16050800 00000000`00000000 : nt! ?? ::NNGAKEGL::`string'+0x50100
fffff880`070e2a80 fffff800`02e57d55 : fffff880`02d63180 00000000`00000000 fffff800`03147200 fffffa80`065ca990 : nt!PspUserThreadStartup+0xfc
fffff880`070e2ae0 fffff800`02e57cd7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiStartUserThread+0x16
fffff880`070e2c20 00000000`772a3000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiStartUserThreadReturn
00000000`0020ff88 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x772a3000
 
 
STACK_COMMAND: kb
 
FOLLOWUP_IP: 
nt!ExFreePoolWithTag+212
fffff800`02fae2c2 ff411c inc dword ptr [rcx+1Ch]
 
SYMBOL_STACK_INDEX: 3
 
SYMBOL_NAME: nt!ExFreePoolWithTag+212
 
FOLLOWUP_NAME: MachineOwner
 
MODULE_NAME: nt
 
IMAGE_NAME: ntkrnlmp.exe
 
DEBUG_FLR_IMAGE_TIMESTAMP: 4c1c44a9
 
FAILURE_BUCKET_ID: X64_0x50_nt!ExFreePoolWithTag+212
 
BUCKET_ID: X64_0x50_nt!ExFreePoolWithTag+212
 
Followup: MachineOwner

These were caused by memory corruption and your video driver. I would run memtest
Download a copy of Memtest86 and burn the ISO to a CD using Iso Recorder or another ISO burning program. Boot from the CD, and leave it running for at least 5 or 6 passes.


Just remember, any time Memtest reports errors, it can be either bad RAM or a bad motherboard slot. Test the sticks individually, and if you find a good one, test it in all slots.


When upgrading your graphic driver you MUST remove all traces of the current driver. In order to do that we recommend using Guru3D - Driver Sweeper

When it is removed then download and install the fresh copy.


Let us know if you need help


KenJ

Thank you. I will try this out this weekend and let you know.

Sorry for the probably stupid question, but am I supposed to test my memory 1 stick at a time by pulling out the other memory sticks and running with just the one stick installed? Also, will my computer automaticlly boot from the CD with memtest on it or will I need to configure something in my bios first? It took me about a week to figure out how to run the debugger program just to read my minidump files and another 2 days to figure out how to get the right symbols into the program. The last time I tried to use memtest, I downloaded it to a usb drive but there were no executabe files on it, so I'm not sure that I'm doing anything right with it. I'll try the cd though.

Ok, I know it's been a while since I posted to this thread. I didn't know if I should just continue on with this thread or start a new one so I figured I would keep it all here.

I ran memtest several times previously. All the times, it came back with no errors. After removing my memory and moving and reseating it, the BSOD's seemed to have gone away. Well, they started popping back up again. I've run memtest again with the same results. The only difference this time is that I think I've gotten the zip files correct so that I can attach them for you.

Would someone be willing to take a look at these files and offer some suggestions?

Can U Guys Give Me A Hand

https://www.sevenforums.com/crashes-d...sod-crash.html

Ok, I think I have everything that you asked for. It took awhile as I wanted to run Memtest again and share the specifics.

I've added the motherboard specs to my system specs. I'll add them here as well. It is a Gigabyte Technology Co., Ltd. GA-770T-USB3.

My Memtest86+ results are:
Walltime=11:17:00, Cached=4095M, RSODmem=12k, memmap=e820, Cache=On, ECC=Off, Test=Std, Pass=12, Errors=0, ECC Errors=blank

I've attached the snips you requested.

I haven't been paying much attention to my temps. I downloaded core temp and the add on that is the graph. I've posted a snip of what it says. It didn't change much under load or not. I logged into Eve Online for a bit to give it something to do, but not a lot changed.

I didn't get the voltages, but I can tell you I haven't done any overclocking. I don't know enough about it to do it safely and the default speeds have always been fine for what I do. I'll look up the voltages when I'm done posting, and get them in the next post.

Also, I'm not sure if it is a symptom of what is going on or something completely different, but when I get a BSOD, when I log back in, I can't run anything on my computer for about 15 minutes with the exception of the non-internet games that come with the computer. Such as solitaire and hearts. Anything else just doesn't work. My network center just freezes for that time. After about 15 minutes, everything just starts to work.

If I don't log into safe mode first after a crash, say I just log back in, then I get a black screen with my cursor for that 15 minutes. If I log into safe mode after a crash then log out and back into standard mode, then I can play solitaire for 15 minutes, but I can't do anything else.

Alright, I couldn't find the specific names you had for the voltages but I found something. I hope this is what your looking for.

VCore=1.328V
DDR3 1.5V=1.536V
+3.3V=3.376V
+12V=11.921V

Also, the programming hang up that I described in the post above now happens whenever I log out. When I logged out to get the voltages from the bios, it happened again and I had to wait for it to do whatever it does before I could come back and post this.