Random Freeze & BSOD's


  1. Posts : 5
    Windows Ultimate Home Premium 32bit
       #1

    Random Freeze & BSOD's


    Hello,

    I hope someone can help me this time. My ACER Aspire Desktop randomly freezes a few minutes after boot. When I restart it will show random Bluescreen error messages. Sometimes I just get a blackscreen with a prompt or a blackscreen with a checksum message: "file is possibly corrupt..."

    I really want to find out what causes all these. I'm desperate.

    Thanks a lot!
    drifter08
      My Computer


  2. Posts : 670
    Windows 7 x64
       #2

    WinDbg points to hardware, probably some RAM issue, and here's the summary :


    102510-25724-01.dmp
    NTFS_FILE_SYSTEM (24)
    ExceptionAddress: 87cc0f0a (Ntfs!NtfsLockHashBucket+0x00000014)
    ExceptionCode: (Access violation)
    FAILURE_BUCKET_ID: IP_MISALIGNED_Ntfs.sys

    101610-26551-01.dmp
    DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
    FAILURE_BUCKET_ID: 0xc4_0_VRF_avgtdix+52c8

    110310-26067-01.dmp
    BugCheck 1000008E, {c0000005, 82e79e0d, 8203395c, 0}
    KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
    Probably caused by : ntkrpamp.exe ( nt!CmpParseKey+8b8 )

    100510-25521-01.dmp
    PAGE_FAULT_IN_NONPAGED_AREA (50)
    Invalid system memory was referenced.
    MODULE_NAME: hardware
    FAILURE_BUCKET_ID: IP_MISALIGNED

    123110-17612-01.dmp
    BugCheck 1000007F, {8, 801e3000, 0, 0}
    UNEXPECTED_KERNEL_MODE_TRAP_M (1000007f)
    PROCESS_NAME: ekrn.exe
    Stack: nt!KiTrap0E+0x4c
    WARNING: Frame IP not in any known module.
    Probably caused by : ntkrpamp.exe ( nt!KiTrap0E+4c )


    1. Uninstall Eset and update drivers,

    nForce
    nvm62x32.sys Fri Oct 17 17:00:39 2008

    Adobe
    adfs.SYS Thu Aug 14 10:57:15 2008



    2. Check the hardware settings:

    - cpuz MEMORY tab
    - cpuz CPU tab
    - Passmark RAMMon HTML.zip



    3. Scan your hard drive for errors ,

    command prompt >> chkdsk /f

    SMART HDDScan





    CRASH DUMPS

    Code:
    Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
    Copyright (c) Microsoft Corporation. All rights reserved.
    
    
    Loading Dump File [F:\DMP\102510-25724-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available
    
    Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
    Executable search path is: 
    Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 7600.16385.x86fre.win7_rtm.090713-1255
    Machine Name:
    Kernel base = 0x83846000 PsLoadedModuleList = 0x8398e810
    Debug session time: Mon Oct 25 01:18:18.117 2010 (UTC - 4:00)
    System Uptime: 0 days 0:01:32.131
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    .......................
    Loading User Symbols
    Loading unloaded module list
    ......
    0: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    NTFS_FILE_SYSTEM (24)
        If you see NtfsExceptionFilter on the stack then the 2nd and 3rd
        parameters are the exception record and context record. Do a .cxr
        on the 3rd parameter and then kb to obtain a more informative stack
        trace.
    Arguments:
    Arg1: 001904fb
    Arg2: 9f2dfa80
    Arg3: 9f2df660
    Arg4: 87cc0f0a
    
    Debugging Details:
    ------------------
    
    
    EXCEPTION_RECORD:  9f2dfa80 -- (.exr 0xffffffff9f2dfa80)
    ExceptionAddress: 87cc0f0a (Ntfs!NtfsLockHashBucket+0x00000014)
       ExceptionCode: c0000005 (Access violation)
      ExceptionFlags: 00000000
    NumberParameters: 2
       Parameter[0]: 00000000
       Parameter[1]: 00000000
    Attempt to read from address 00000000
    
    CONTEXT:  9f2df660 -- (.cxr 0xffffffff9f2df660)
    eax=00000000 ebx=0000018c ecx=00000000 edx=85f3ab48 esi=8e7eb884 edi=9f2dfc7c
    eip=87cc0f0a esp=9f2dfb48 ebp=9f2dfb4c iopl=0         nv up ei pl zr na pe nc
    cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010246
    Ntfs!NtfsLockHashBucket+0x14:
    87cc0f0a 0300            add     eax,dword ptr [eax]  ds:0023:00000000=????????
    Resetting default scope
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  NULL_DEREFERENCE
    
    PROCESS_NAME:  svchost.exe
    
    CURRENT_IRQL:  0
    
    ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
    
    EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
    
    EXCEPTION_PARAMETER1:  00000000
    
    EXCEPTION_PARAMETER2:  00000000
    
    READ_ADDRESS: GetPointerFromAddress: unable to read from 839ae718
    Unable to read MiSystemVaType memory at 8398e160
     00000000 
    
    FOLLOWUP_IP: 
    Ntfs!NtfsLockHashBucket+14
    87cc0f0a 0300            add     eax,dword ptr [eax]
    
    FAULTING_IP: 
    Ntfs!NtfsLockHashBucket+14
    87cc0f0a 0300            add     eax,dword ptr [eax]
    
    BUGCHECK_STR:  0x24
    
    MISALIGNED_IP: 
    Ntfs!NtfsLockHashBucket+14
    87cc0f0a 0300            add     eax,dword ptr [eax]
    
    LAST_CONTROL_TRANSFER:  from 87ca7ac3 to 87cc0f0a
    
    STACK_TEXT:  
    9f2dfb4c 87ca7ac3 85f3ab48 0000018c 9f2dfb6c Ntfs!NtfsLockHashBucket+0x14
    9f2dfba4 87ca865b 870d4308 85f3ab48 89a24470 Ntfs!NtfsFindPrefixHashEntry+0x12b
    9f2dfc00 87caac5c 870d4308 87160e00 89a24470 Ntfs!NtfsFindStartingNode+0x7b6
    9f2dfcdc 87c31210 870d4308 87160e00 8e7eb884 Ntfs!NtfsCommonCreate+0x65f
    9f2dfd1c 838b610e 8e7eb81c 00000000 ffffffff Ntfs!NtfsCommonCreateCallout+0x20
    9f2dfd1c 838b6205 8e7eb81c 00000000 ffffffff nt!KiSwapKernelStackAndExit+0x15a
    8e7eb780 00000000 00000000 00000000 00000000 nt!KiSwitchKernelStackAndCallout+0x31
    
    
    SYMBOL_STACK_INDEX:  0
    
    SYMBOL_NAME:  Ntfs!NtfsLockHashBucket+14
    
    FOLLOWUP_NAME:  MachineOwner
    
    IMAGE_NAME:  hardware
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  0
    
    STACK_COMMAND:  .cxr 0xffffffff9f2df660 ; kb
    
    MODULE_NAME: hardware
    
    FAILURE_BUCKET_ID:  IP_MISALIGNED_Ntfs.sys
    
    BUCKET_ID:  IP_MISALIGNED_Ntfs.sys
    
    Followup: MachineOwner
    ---------
    
    
    
    
    Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
    Copyright (c) Microsoft Corporation. All rights reserved.
    
    
    Loading Dump File [F:\DMP\101610-26551-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available
    
    Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
    Executable search path is: 
    Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 7600.16385.x86fre.win7_rtm.090713-1255
    Machine Name:
    Kernel base = 0x83809000 PsLoadedModuleList = 0x83951810
    Debug session time: Sat Oct 16 07:57:11.169 2010 (UTC - 4:00)
    System Uptime: 0 days 0:01:33.167
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    ......................
    Loading User Symbols
    Loading unloaded module list
    ......
    0: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
    A device driver attempting to corrupt the system has been caught.  This is
    because the driver was specified in the registry as being suspect (by the
    administrator) and the kernel has enabled substantial checking of this driver.
    If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
    be among the most commonly seen crashes.
    Arguments:
    Arg1: 00000000, caller is trying to allocate zero bytes
    Arg2: 00000000, current IRQL
    Arg3: 00000000, pool type
    Arg4: 00000000, number of bytes
    
    Debugging Details:
    ------------------
    
    Unable to load image \SystemRoot\System32\Drivers\avgtdix.sys, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for avgtdix.sys
    *** ERROR: Module load completed but symbols could not be loaded for avgtdix.sys
    
    BUGCHECK_STR:  0xc4_0
    
    CURRENT_IRQL:  0
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  VERIFIER_ENABLED_VISTA_MINIDUMP
    
    PROCESS_NAME:  avgnsx.exe
    
    LAST_CONTROL_TRANSFER:  from 83b3df03 to 838e5d10
    
    STACK_TEXT:  
    a78efa1c 83b3df03 000000c4 00000000 00000000 nt!KeBugCheckEx+0x1e
    a78efa3c 83b4da31 00000000 00000000 00000001 nt!VerifierBugCheckIfAppropriate+0x30
    a78efa54 83b39b7b 00000080 00000000 a78efa98 nt!ExAllocatePoolSanityChecks+0xb2
    a78efa88 83b3974f 00000080 00000000 f24b5357 nt!VeAllocatePoolWithTagPriority+0x68
    a78efaa4 8d6ed5ca 00000000 00000000 f24b5357 nt!VerifierExAllocatePoolWithTag+0x1e
    a78efae0 8d6462c8 ab0f8f68 870baf68 00000020 afd!WskTdiEHReceive+0xb3
    WARNING: Stack unwind information not available. Following frames may be wrong.
    a78efb2c 8d64645f affd0f48 a07eaf74 a07eaf30 avgtdix+0x52c8
    a78efb48 8d646ba7 affd0fa0 00000001 80000000 avgtdix+0x545f
    a78efb80 8d6422a4 afea8f68 95b3d9a0 afea8f68 avgtdix+0x5ba7
    a78efbcc 8d64457f 8c458578 afea8f68 a78efc00 avgtdix+0x12a4
    a78efbdc 83b386c3 8c458578 afea8f68 97c431c0 avgtdix+0x357f
    a78efc00 83845473 00000000 afea8f68 8c458578 nt!IovCallDriver+0x258
    a78efc14 83a46eee 97c431c0 afea8f68 afea8fd8 nt!IofCallDriver+0x1b
    a78efc34 83a63cd1 8c458578 97c431c0 00000000 nt!IopSynchronousServiceTail+0x1f8
    a78efcd0 83a664ac 8c458578 afea8f68 00000000 nt!IopXxxControlFile+0x6aa
    a78efd04 8384c42a 000002f0 000003bc 00000000 nt!NtDeviceIoControlFile+0x2a
    a78efd04 775064f4 000002f0 000003bc 00000000 nt!KiFastCallEntry+0x12a
    0147fd1c 00000000 00000000 00000000 00000000 0x775064f4
    
    
    STACK_COMMAND:  kb
    
    FOLLOWUP_IP: 
    avgtdix+52c8
    8d6462c8 ??              ???
    
    SYMBOL_STACK_INDEX:  6
    
    SYMBOL_NAME:  avgtdix+52c8
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: avgtdix
    
    IMAGE_NAME:  avgtdix.sys
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  4c0819c9
    
    FAILURE_BUCKET_ID:  0xc4_0_VRF_avgtdix+52c8
    
    BUCKET_ID:  0xc4_0_VRF_avgtdix+52c8
    
    Followup: MachineOwner
    ---------
    
    
    
    
    Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
    Copyright (c) Microsoft Corporation. All rights reserved.
    
    
    Loading Dump File [F:\DMP\110310-26067-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available
    
    Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
    Executable search path is: 
    Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 7600.16385.x86fre.win7_rtm.090713-1255
    Machine Name:
    Kernel base = 0x82c43000 PsLoadedModuleList = 0x82d8b810
    Debug session time: Tue Nov  2 01:00:48.990 2010 (UTC - 4:00)
    System Uptime: 0 days 0:01:23.677
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    .................
    Loading User Symbols
    Loading unloaded module list
    ...........
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck 1000008E, {c0000005, 82e79e0d, 8203395c, 0}
    
    Probably caused by : ntkrpamp.exe ( nt!CmpParseKey+8b8 )
    
    Followup: MachineOwner
    ---------
    
    1: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
    This is a very common bugcheck.  Usually the exception address pinpoints
    the driver/function that caused the problem.  Always note this address
    as well as the link date of the driver/image that contains this address.
    Some common problems are exception code 0x80000003.  This means a hard
    coded breakpoint or assertion was hit, but this system was booted
    /NODEBUG.  This is not supposed to happen as developers should never have
    hardcoded breakpoints in retail code, but ...
    If this happens, make sure a debugger gets connected, and the
    system is booted /DEBUG.  This will let us see why this breakpoint is
    happening.
    Arguments:
    Arg1: c0000005, The exception code that was not handled
    Arg2: 82e79e0d, The address that the exception occurred at
    Arg3: 8203395c, Trap Frame
    Arg4: 00000000
    
    Debugging Details:
    ------------------
    
    
    EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
    
    FAULTING_IP: 
    nt!CmpParseKey+8b8
    82e79e0d ff10            call    dword ptr [eax]
    
    TRAP_FRAME:  8203395c -- (.trap 0xffffffff8203395c)
    ErrCode = 00000000
    eax=00000005 ebx=8a5fb5a8 ecx=935aa0f4 edx=6141d0f9 esi=87e1b008 edi=00000000
    eip=82e79e0d esp=820339d0 ebp=82033b48 iopl=0         nv up ei pl zr na pe nc
    cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010246
    nt!CmpParseKey+0x8b8:
    82e79e0d ff10            call    dword ptr [eax]      ds:0023:00000005=????????
    Resetting default scope
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    
    BUGCHECK_STR:  0x8E
    
    PROCESS_NAME:  svchost.exe
    
    CURRENT_IRQL:  0
    
    LAST_CONTROL_TRANSFER:  from 82e641d7 to 82e79e0d
    
    STACK_TEXT:  
    82033b48 82e641d7 87e0a9d8 84503508 8527f008 nt!CmpParseKey+0x8b8
    82033bc4 82e8a24d 00000000 82033c18 00000040 nt!ObpLookupObjectName+0x4fa
    82033c20 82e819a4 0058ecb0 84503508 00000001 nt!ObOpenObjectByName+0x159
    82033d00 82e7c6f7 01aade78 00020019 0058ecb0 nt!CmOpenKey+0x1f4
    82033d1c 82c8642a 01aade78 00020019 0058ecb0 nt!NtOpenKeyEx+0x18
    82033d1c 773064f4 01aade78 00020019 0058ecb0 nt!KiFastCallEntry+0x12a
    WARNING: Frame IP not in any known module. Following frames may be wrong.
    0058ecf0 00000000 00000000 00000000 00000000 0x773064f4
    
    
    STACK_COMMAND:  kb
    
    FOLLOWUP_IP: 
    nt!CmpParseKey+8b8
    82e79e0d ff10            call    dword ptr [eax]
    
    SYMBOL_STACK_INDEX:  0
    
    SYMBOL_NAME:  nt!CmpParseKey+8b8
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: nt
    
    IMAGE_NAME:  ntkrpamp.exe
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc007
    
    FAILURE_BUCKET_ID:  0x8E_nt!CmpParseKey+8b8
    
    BUCKET_ID:  0x8E_nt!CmpParseKey+8b8
    
    Followup: MachineOwner
    ---------
    
    
    
    Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
    Copyright (c) Microsoft Corporation. All rights reserved.
    
    
    Loading Dump File [F:\DMP\100510-25521-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available
    
    Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
    Executable search path is: 
    Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 7600.16385.x86fre.win7_rtm.090713-1255
    Machine Name:
    Kernel base = 0x82a0d000 PsLoadedModuleList = 0x82b55810
    Debug session time: Mon Oct  4 19:21:17.644 2010 (UTC - 4:00)
    System Uptime: 0 days 0:09:59.642
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    .....................
    Loading User Symbols
    Loading unloaded module list
    .......
    0: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    PAGE_FAULT_IN_NONPAGED_AREA (50)
    Invalid system memory was referenced.  This cannot be protected by try-except,
    it must be protected by a Probe.  Typically the address is just plain bad or it
    is pointing at freed memory.
    Arguments:
    Arg1: ded2e905, memory referenced.
    Arg2: 00000001, value 0 = read operation, 1 = write operation.
    Arg3: 82a3fce9, If non-zero, the instruction address which referenced the bad memory
    	address.
    Arg4: 00000002, (reserved)
    
    Debugging Details:
    ------------------
    
    
    WRITE_ADDRESS: GetPointerFromAddress: unable to read from 82b75718
    Unable to read MiSystemVaType memory at 82b55160
     ded2e905 
    
    FAULTING_IP: 
    nt!RtlFxToFnFrame+d0
    82a3fce9 108345f00a4a    adc     byte ptr [ebx+4A0AF045h],al
    
    MM_INTERNAL_CODE:  2
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    
    BUGCHECK_STR:  0x50
    
    PROCESS_NAME:  dwm.exe
    
    CURRENT_IRQL:  1
    
    TRAP_FRAME:  94c7f73c -- (.trap 0xffffffff94c7f73c)
    ErrCode = 00000002
    eax=94c7fdc0 ebx=94c7f8c0 ecx=94c7f7e8 edx=00000007 esi=94c7fdea edi=94c7f80e
    eip=82a3fce9 esp=94c7f7b0 ebp=94c7f7c4 iopl=0         nv up ei ng nz na po cy
    cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010283
    nt!RtlFxToFnFrame+0xd0:
    82a3fce9 108345f00a4a    adc     byte ptr [ebx+4A0AF045h],al ds:0023:ded2e905=??
    Resetting default scope
    
    MISALIGNED_IP: 
    nt!RtlFxToFnFrame+d0
    82a3fce9 108345f00a4a    adc     byte ptr [ebx+4A0AF045h],al
    
    LAST_CONTROL_TRANSFER:  from 82a535f8 to 82a928e3
    
    STACK_TEXT:  
    94c7f724 82a535f8 00000001 ded2e905 00000000 nt!MmAccessFault+0x106
    94c7f724 82a3fce9 00000001 ded2e905 00000000 nt!KiTrap0E+0xdc
    94c7f7c4 00000000 00a77792 94c7f864 82a3fbb7 nt!RtlFxToFnFrame+0xd0
    
    
    STACK_COMMAND:  kb
    
    FOLLOWUP_IP: 
    nt!RtlFxToFnFrame+d0
    82a3fce9 108345f00a4a    adc     byte ptr [ebx+4A0AF045h],al
    
    SYMBOL_STACK_INDEX:  2
    
    SYMBOL_NAME:  nt!RtlFxToFnFrame+d0
    
    FOLLOWUP_NAME:  MachineOwner
    
    IMAGE_NAME:  hardware
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  0
    
    MODULE_NAME: hardware
    
    FAILURE_BUCKET_ID:  IP_MISALIGNED
    
    BUCKET_ID:  IP_MISALIGNED
    
    Followup: MachineOwner
    ---------
    
    
    
    Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
    Copyright (c) Microsoft Corporation. All rights reserved.
    
    
    Loading Dump File [F:\DMP\123110-17612-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available
    
    Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
    Executable search path is: 
    Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 7600.16617.x86fre.win7_gdr.100618-1621
    Machine Name:
    Kernel base = 0x83853000 PsLoadedModuleList = 0x8399b810
    Debug session time: Fri Dec 31 08:28:56.187 2010 (UTC - 4:00)
    System Uptime: 0 days 0:00:45.201
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    ......................
    Loading User Symbols
    Loading unloaded module list
    .......
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck 1000007F, {8, 801e3000, 0, 0}
    
    Probably caused by : ntkrpamp.exe ( nt!KiTrap0E+4c )
    
    Followup: MachineOwner
    ---------
    
    0: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    UNEXPECTED_KERNEL_MODE_TRAP_M (1000007f)
    This means a trap occurred in kernel mode, and it's a trap of a kind
    that the kernel isn't allowed to have/catch (bound trap) or that
    is always instant death (double fault).  The first number in the
    bugcheck params is the number of the trap (8 = double fault, etc)
    Consult an Intel x86 family manual to learn more about what these
    traps are. Here is a *portion* of those codes:
    If kv shows a taskGate
            use .tss on the part before the colon, then kv.
    Else if kv shows a trapframe
            use .trap on that value
    Else
            .trap on the appropriate frame will show where the trap was taken
            (on x86, this will be the ebp that goes with the procedure KiTrap)
    Endif
    kb will then show the corrected stack.
    Arguments:
    Arg1: 00000008, EXCEPTION_DOUBLE_FAULT
    Arg2: 801e3000
    Arg3: 00000000
    Arg4: 00000000
    
    Debugging Details:
    ------------------
    
    
    BUGCHECK_STR:  0x7f_8
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    
    PROCESS_NAME:  ekrn.exe
    
    CURRENT_IRQL:  0
    
    TRAP_FRAME:  9da63004 -- (.trap 0xffffffff9da63004)
    ESP EDITED! New esp=00000000
    ErrCode = 00000008
    eax=9d980023 ebx=00000002 ecx=00000000 edx=00000060 esi=9da63070 edi=00000030
    eip=00010046 esp=9da63078 ebp=838995a8 iopl=0         nv up di pl nz na po nc
    cs=0000  ss=0010  ds=0023  es=0008  fs=0009  gs=0030             efl=00000000
    00010046 ??              ???
    Resetting default scope
    
    LAST_CONTROL_TRANSFER:  from 00010046 to 838995a8
    
    STACK_TEXT:  
    9da63004 00010046 00000000 00000000 00000000 nt!KiTrap0E+0x4c
    WARNING: Frame IP not in any known module. Following frames may be wrong.
    838995a8 00000000 5d8bffff 687d8b60 c70c5589 0x10046
    
    
    STACK_COMMAND:  kb
    
    FOLLOWUP_IP: 
    nt!KiTrap0E+4c
    838995a8 f64103df        test    byte ptr [ecx+3],0DFh
    
    SYMBOL_STACK_INDEX:  0
    
    SYMBOL_NAME:  nt!KiTrap0E+4c
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: nt
    
    IMAGE_NAME:  ntkrpamp.exe
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c3fac
    
    FAILURE_BUCKET_ID:  0x7f_8_nt!KiTrap0E+4c
    
    BUCKET_ID:  0x7f_8_nt!KiTrap0E+4c
    
    Followup: MachineOwner
    ---------




    DRIVERS

    Code:
    start    end        module name
    8e13c000 8e168000   1394ohci 1394ohci.sys Mon Jul 13 19:51:59 2009 (4A5BC89F)
    87aa3000 87aeb000   ACPI     ACPI.sys     Mon Jul 13 19:11:11 2009 (4A5BBF0F)
    94bb0000 94bc0e80   adfs     adfs.SYS     Thu Aug 14 10:57:15 2008 (48A447CB)
    8d4ea000 8d544000   afd      afd.sys      Mon Jul 13 19:12:34 2009 (4A5BBF62)
    8f9c4000 8f9d6000   AgileVpn AgileVpn.sys Mon Jul 13 19:55:00 2009 (4A5BC954)
    8e010000 8e12c040   AGRSM    AGRSM.sys    Tue Jan 26 12:38:03 2010 (4B5F287B)
    87a00000 87a09000   amdxata  amdxata.sys  Tue May 19 13:57:35 2009 (4A12F30F)
    87bc8000 87bd1000   atapi    atapi.sys    Mon Jul 13 19:11:15 2009 (4A5BBF13)
    87bd1000 87bf4000   ataport  ataport.SYS  Mon Jul 13 19:11:18 2009 (4A5BBF16)
    96b90000 96bdd000   ATMFD    ATMFD.DLL    unavailable (00000000)
    87fea000 87ff1000   Beep     Beep.SYS     Mon Jul 13 19:45:00 2009 (4A5BC6FC)
    8da7e000 8da8c000   blbdrive blbdrive.sys Mon Jul 13 19:23:04 2009 (4A5BC1D8)
    83ebf000 83ec7000   BOOTVID  BOOTVID.dll  Mon Jul 13 21:04:34 2009 (4A5BD9A2)
    82fa3000 82fbc000   bowser   bowser.sys   Mon Jul 13 19:14:21 2009 (4A5BBFCD)
    96b70000 96b8e000   cdd      cdd.dll      unavailable (00000000)
    87fc4000 87fe3000   cdrom    cdrom.sys    Mon Jul 13 19:11:24 2009 (4A5BBF1C)
    83f09000 83fb4000   CI       CI.dll       Mon Jul 13 21:09:28 2009 (4A5BDAC8)
    87f79000 87f9e000   CLASSPNP CLASSPNP.SYS Mon Jul 13 19:11:20 2009 (4A5BBF18)
    83ec7000 83f09000   CLFS     CLFS.SYS     Mon Jul 13 19:11:10 2009 (4A5BBF0E)
    87d71000 87dce000   cng      cng.sys      Mon Jul 13 19:32:55 2009 (4A5BC427)
    8f9b7000 8f9c4000   CompositeBus CompositeBus.sys Mon Jul 13 19:45:26 2009 (4A5BC716)
    94aba000 94ac7000   crashdmp crashdmp.sys Mon Jul 13 19:45:50 2009 (4A5BC72E)
    8da02000 8da66000   csc      csc.sys      Mon Jul 13 19:15:08 2009 (4A5BBFFC)
    8da66000 8da7e000   dfsc     dfsc.sys     Mon Jul 13 19:14:16 2009 (4A5BBFC8)
    8d40a000 8d416000   discache discache.sys Mon Jul 13 19:24:04 2009 (4A5BC214)
    88000000 88011000   disk     disk.sys     Mon Jul 13 19:11:28 2009 (4A5BBF20)
    94a97000 94ab0000   drmk     drmk.sys     Mon Jul 13 20:36:05 2009 (4A5BD2F5)
    94ac7000 94ad2000   dump_dumpata dump_dumpata.sys Mon Jul 13 19:11:16 2009 (4A5BBF14)
    94adc000 94aed000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:12:47 2009 (4A5BBF6F)
    94ad2000 94adc000   dump_msahci dump_msahci.sys Mon Jul 13 19:45:50 2009 (4A5BC72E)
    94ab0000 94aba000   Dxapi    Dxapi.sys    Mon Jul 13 19:25:25 2009 (4A5BC265)
    8f8be000 8f975000   dxgkrnl  dxgkrnl.sys  Thu Oct 01 20:48:33 2009 (4AC54DE1)
    8f975000 8f9ae000   dxgmms1  dxgmms1.sys  Mon Jul 13 19:25:25 2009 (4A5BC265)
    82e3b000 82ee1000   eamonm   eamonm.sys   Wed Jun 16 10:39:26 2010 (4C18E21E)
    83e00000 83e1f000   ehdrv    ehdrv.sys    Mon Apr 19 02:46:55 2010 (4BCBFC5F)
    94bc1000 94bda000   epfwwfpr epfwwfpr.sys Mon Apr 19 02:42:23 2010 (4BCBFB4F)
    87a09000 87a1a000   fileinfo fileinfo.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
    83fb4000 83fe8000   fltmgr   fltmgr.sys   Mon Jul 13 19:11:13 2009 (4A5BBF11)
    87ddc000 87de5000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 19:11:14 2009 (4A5BBF12)
    87f47000 87f79000   fvevol   fvevol.sys   Fri Sep 25 22:24:21 2009 (4ABD7B55)
    88167000 88198000   fwpkclnt fwpkclnt.sys Mon Jul 13 19:12:03 2009 (4A5BBF43)
    8381c000 83853000   hal      halmacpi.dll Mon Jul 13 19:11:03 2009 (4A5BBF07)
    8db52000 8db71000   HDAudBus HDAudBus.sys Mon Jul 13 19:50:55 2009 (4A5BC85F)
    94a18000 94a68000   HdAudio  HdAudio.sys  Mon Jul 13 19:51:46 2009 (4A5BC892)
    94b0f000 94b22000   HIDCLASS HIDCLASS.SYS Mon Jul 13 19:51:01 2009 (4A5BC865)
    94b22000 94b28480   HIDPARSE HIDPARSE.SYS Mon Jul 13 19:50:59 2009 (4A5BC863)
    94b04000 94b0f000   hidusb   hidusb.sys   Mon Jul 13 19:51:04 2009 (4A5BC868)
    82f1e000 82fa3000   HTTP     HTTP.sys     Mon Jul 13 19:12:53 2009 (4A5BBF75)
    881f8000 88200000   hwpolicy hwpolicy.sys Mon Jul 13 19:11:01 2009 (4A5BBF05)
    8daad000 8dabf000   intelppm intelppm.sys Mon Jul 13 19:11:03 2009 (4A5BBF07)
    8e000000 8e00d000   kbdclass kbdclass.sys Mon Jul 13 19:11:15 2009 (4A5BBF13)
    94b29000 94b35000   kbdhid   kbdhid.sys   Mon Jul 13 19:45:09 2009 (4A5BC705)
    80bb6000 80bbe000   kdcom    kdcom.dll    Mon Jul 13 21:08:58 2009 (4A5BDAAA)
    8db71000 8dba5000   ks       ks.sys       Wed Mar 03 22:57:52 2010 (4B8F2FC0)
    87d5e000 87d71000   ksecdd   ksecdd.sys   Mon Jul 13 19:11:56 2009 (4A5BBF3C)
    87ef5000 87f1a000   ksecpkg  ksecpkg.sys  Thu Dec 10 23:04:22 2009 (4B21C4C6)
    82efb000 82f0b000   lltdio   lltdio.sys   Mon Jul 13 19:53:18 2009 (4A5BC8EE)
    94b62000 94b7d000   luafv    luafv.sys    Mon Jul 13 19:15:44 2009 (4A5BC020)
    83e36000 83eae000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 21:06:41 2009 (4A5BDA21)
    8e12f000 8e13c000   modem    modem.sys    Mon Jul 13 19:55:24 2009 (4A5BC96C)
    94b35000 94b40000   monitor  monitor.sys  Mon Jul 13 19:25:58 2009 (4A5BC286)
    8dae1000 8daee000   mouclass mouclass.sys Mon Jul 13 19:11:15 2009 (4A5BBF13)
    94b40000 94b4b000   mouhid   mouhid.sys   Mon Jul 13 19:45:08 2009 (4A5BC704)
    87bb2000 87bc8000   mountmgr mountmgr.sys Mon Jul 13 19:11:27 2009 (4A5BBF1F)
    82fbc000 82fce000   mpsdrv   mpsdrv.sys   Mon Jul 13 19:52:52 2009 (4A5BC8D4)
    82fce000 82ff1000   mrxsmb   mrxsmb.sys   Sat Feb 27 02:32:02 2010 (4B88CA72)
    82e00000 82e3b000   mrxsmb10 mrxsmb10.sys Sat Feb 27 02:32:21 2010 (4B88CA85)
    94b7d000 94b98000   mrxsmb20 mrxsmb20.sys Sat Feb 27 02:32:11 2010 (4B88CA7B)
    87bf4000 87bfe000   msahci   msahci.sys   Mon Jul 13 19:45:50 2009 (4A5BC72E)
    8d47d000 8d488000   Msfs     Msfs.SYS     Mon Jul 13 19:11:26 2009 (4A5BBF1E)
    87af4000 87afc000   msisadrv msisadrv.sys Mon Jul 13 19:11:09 2009 (4A5BBF0D)
    87d33000 87d5e000   msrpc    msrpc.sys    Mon Jul 13 19:11:59 2009 (4A5BBF3F)
    8d400000 8d40a000   mssmbios mssmbios.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD)
    881e8000 881f8000   mup      mup.sys      Mon Jul 13 19:14:14 2009 (4A5BBFC6)
    87e00000 87eb7000   ndis     ndis.sys     Mon Jul 13 19:12:24 2009 (4A5BBF58)
    8f9ee000 8f9f9000   ndistapi ndistapi.sys Mon Jul 13 19:54:24 2009 (4A5BC930)
    8ee00000 8ee22000   ndiswan  ndiswan.sys  Mon Jul 13 19:54:34 2009 (4A5BC93A)
    8d416000 8d427000   NDProxy  NDProxy.SYS  Mon Jul 13 19:54:27 2009 (4A5BC933)
    8d56a000 8d578000   netbios  netbios.sys  Mon Jul 13 19:53:54 2009 (4A5BC912)
    8d4b8000 8d4ea000   netbt    netbt.sys    Mon Jul 13 19:12:18 2009 (4A5BBF52)
    87eb7000 87ef5000   NETIO    NETIO.SYS    Mon Jul 13 19:12:35 2009 (4A5BBF63)
    8d488000 8d496000   Npfs     Npfs.SYS     Mon Jul 13 19:11:31 2009 (4A5BBF23)
    8d5f6000 8d600000   nsiproxy nsiproxy.sys Mon Jul 13 19:12:08 2009 (4A5BBF48)
    83853000 83c63000   nt       ntkrpamp.exe Fri Jun 18 23:55:24 2010 (4C1C3FAC)
    87c04000 87d33000   Ntfs     Ntfs.sys     Mon Jul 13 19:12:05 2009 (4A5BBF45)
    87fe3000 87fea000   Null     Null.SYS     Mon Jul 13 19:11:12 2009 (4A5BBF10)
    8f8bc000 8f8bd040   nvBridge nvBridge.kmd Fri Jul 09 17:10:11 2010 (4C379033)
    8ee3e000 8f8bbdc0   nvlddmkm nvlddmkm.sys Fri Jul 09 17:15:14 2010 (4C379162)
    8e168000 8e1bcc80   nvm62x32 nvm62x32.sys Fri Oct 17 17:00:39 2008 (48F8FCF7)
    8d54b000 8d56a000   pacer    pacer.sys    Mon Jul 13 19:53:58 2009 (4A5BC916)
    87b31000 87b42000   partmgr  partmgr.sys  Mon Jul 13 19:11:35 2009 (4A5BBF27)
    87afc000 87b26000   pci      pci.sys      Mon Jul 13 19:11:16 2009 (4A5BBF14)
    87b9d000 87ba4000   pciide   pciide.sys   Mon Jul 13 19:11:19 2009 (4A5BBF17)
    87ba4000 87bb2000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:11:15 2009 (4A5BBF13)
    87dce000 87ddc000   pcw      pcw.sys      Mon Jul 13 19:11:10 2009 (4A5BBF0E)
    95c3a000 95cd1000   peauth   peauth.sys   Mon Jul 13 20:35:44 2009 (4A5BD2E0)
    94a68000 94a97000   portcls  portcls.sys  Mon Jul 13 19:51:00 2009 (4A5BC864)
    83eae000 83ebf000   PSHED    PSHED.dll    Mon Jul 13 21:09:36 2009 (4A5BDAD0)
    8f9d6000 8f9ee000   rasl2tp  rasl2tp.sys  Mon Jul 13 19:54:33 2009 (4A5BC939)
    8ee22000 8ee3a000   raspppoe raspppoe.sys Mon Jul 13 19:54:53 2009 (4A5BC94D)
    8e1bd000 8e1d4000   raspptp  raspptp.sys  Mon Jul 13 19:54:47 2009 (4A5BC947)
    8e1d4000 8e1eb000   rassstp  rassstp.sys  Mon Jul 13 19:54:57 2009 (4A5BC951)
    8d5b5000 8d5f6000   rdbss    rdbss.sys    Mon Jul 13 19:14:26 2009 (4A5BBFD2)
    8e1eb000 8e1f5000   rdpbus   rdpbus.sys   Mon Jul 13 20:02:40 2009 (4A5BCB20)
    8d465000 8d46d000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:01:40 2009 (4A5BCAE4)
    8d46d000 8d475000   rdpencdd rdpencdd.sys Mon Jul 13 20:01:39 2009 (4A5BCAE3)
    8d475000 8d47d000   rdprefmp rdprefmp.sys Mon Jul 13 20:01:41 2009 (4A5BCAE5)
    87f1a000 87f47000   rdyboost rdyboost.sys Mon Jul 13 19:22:02 2009 (4A5BC19A)
    82f0b000 82f1e000   rspndr   rspndr.sys   Mon Jul 13 19:53:20 2009 (4A5BC8F0)
    95cd1000 95cdb000   secdrv   secdrv.SYS   Wed Sep 13 09:18:32 2006 (45080528)
    8dabf000 8dac9000   serenum  serenum.sys  Mon Jul 13 19:45:27 2009 (4A5BC717)
    8d578000 8d592000   serial   serial.sys   Mon Jul 13 19:45:33 2009 (4A5BC71D)
    881e0000 881e8000   spldr    spldr.sys    Mon May 11 12:13:47 2009 (4A084EBB)
    95d09000 95d73000   spsys    spsys.sys    Mon May 11 12:37:10 2009 (4A085436)
    90827000 90878000   srv      srv.sys      Thu Aug 26 23:31:26 2010 (4C77318E)
    95d73000 95dc2000   srv2     srv2.sys     Thu Aug 26 23:30:45 2010 (4C773165)
    95cdb000 95cfc000   srvnet   srvnet.sys   Thu Aug 26 23:30:39 2010 (4C77315F)
    8ee3a000 8ee3b380   swenum   swenum.sys   Mon Jul 13 19:45:08 2009 (4A5BC704)
    8801e000 88167000   tcpip    tcpip.sys    Sun Jun 13 23:36:59 2010 (4C15A3DB)
    95cfc000 95d09000   tcpipreg tcpipreg.sys Mon Jul 13 19:54:14 2009 (4A5BC926)
    8d4ad000 8d4b8000   TDI      TDI.SYS      Mon Jul 13 19:12:12 2009 (4A5BBF4C)
    8d496000 8d4ad000   tdx      tdx.sys      Mon Jul 13 19:12:10 2009 (4A5BBF4A)
    8d5a5000 8d5b5000   termdd   termdd.sys   Mon Jul 13 20:01:35 2009 (4A5BCADF)
    96b40000 96b49000   TSDDD    TSDDD.dll    unavailable (00000000)
    8da8c000 8daad000   tunnel   tunnel.sys   Mon Jul 13 19:54:03 2009 (4A5BC91B)
    8dba5000 8dbb3000   umbus    umbus.sys    Mon Jul 13 19:51:38 2009 (4A5BC88A)
    94aed000 94b04000   usbccgp  usbccgp.sys  Mon Jul 13 19:51:31 2009 (4A5BC883)
    8e12d000 8e12e700   USBD     USBD.SYS     Mon Jul 13 19:51:05 2009 (4A5BC869)
    8db43000 8db52000   usbehci  usbehci.sys  Fri Oct 23 23:58:55 2009 (4AE27B7F)
    8dbb3000 8dbf7000   usbhub   usbhub.sys   Sat Oct 24 00:00:05 2009 (4AE27BC5)
    8daee000 8daf8000   usbohci  usbohci.sys  Mon Jul 13 19:51:14 2009 (4A5BC872)
    8daf8000 8db43000   USBPORT  USBPORT.SYS  Mon Jul 13 19:51:13 2009 (4A5BC871)
    94b4b000 94b62000   USBSTOR  USBSTOR.SYS  Mon Jul 13 19:51:19 2009 (4A5BC877)
    87b26000 87b31000   vdrvroot vdrvroot.sys Mon Jul 13 19:46:19 2009 (4A5BC74B)
    87ff1000 87ffd000   vga      vga.sys      Mon Jul 13 19:25:50 2009 (4A5BC27E)
    8d437000 8d458000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:25:49 2009 (4A5BC27D)
    88198000 881a0380   vmstorfl vmstorfl.sys Mon Jul 13 19:28:44 2009 (4A5BC32C)
    87b42000 87b52000   volmgr   volmgr.sys   Mon Jul 13 19:11:25 2009 (4A5BBF1D)
    87b52000 87b9d000   volmgrx  volmgrx.sys  Mon Jul 13 19:11:41 2009 (4A5BBF2D)
    881a1000 881e0000   volsnap  volsnap.sys  Mon Jul 13 19:11:34 2009 (4A5BBF26)
    8d592000 8d5a5000   wanarp   wanarp.sys   Mon Jul 13 19:55:02 2009 (4A5BC956)
    8d458000 8d465000   watchdog watchdog.sys Mon Jul 13 19:24:10 2009 (4A5BC21A)
    87a24000 87a95000   Wdf01000 Wdf01000.sys Mon Jul 13 19:11:36 2009 (4A5BBF28)
    87a95000 87aa3000   WDFLDR   WDFLDR.SYS   Mon Jul 13 19:11:25 2009 (4A5BBF1D)
    8d544000 8d54b000   wfplwf   wfplwf.sys   Mon Jul 13 19:53:51 2009 (4A5BC90F)
    968e0000 96b2b000   win32k   win32k.sys   unavailable (00000000)
    8f9ae000 8f9b7000   wmiacpi  wmiacpi.sys  Mon Jul 13 19:19:16 2009 (4A5BC0F4)
    87aeb000 87af4000   WMILIB   WMILIB.SYS   Mon Jul 13 19:11:22 2009 (4A5BBF1A)
    82ee1000 82efb000   WudfPf   WudfPf.sys   Mon Jul 13 19:50:13 2009 (4A5BC835)
    90878000 90898480   WUDFRd   WUDFRd.sys   Mon Jul 13 19:50:44 2009 (4A5BC854)
    
    Unloaded modules:
    94b98000 94bb0000   parport.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  00018000
    88011000 8801e000   crashdmp.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  0000D000
    87f9e000 87fa9000   dump_pciidex
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  0000B000
    87fa9000 87fb3000   dump_msahci.
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  0000A000
    87fb3000 87fc4000   dump_dumpfve
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  00011000
    8dac9000 8dae1000   i8042prt.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  00018000
    8d5b5000 8d5c1000   SysTool.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  0000C000
      My Computer


  3. Posts : 5
    Windows Ultimate Home Premium 32bit
    Thread Starter
       #3

    Thanks for the quick reply. Very much appreciated. I'll do all these and will let you know.
      My Computer


  4. Posts : 12,177
    Windows 7 Ult x64 - SP1/ Windows 8 Pro x64
       #4

    Also run RAM - Test with Memtest86+ with all RAM cards installed, need to run at least 7 passes, best to run overnight as it may take a long time depending on the amount of RAM you have.
    You can stop the test if you get any errors.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 01:40.
Find Us