BSOD: ntoskrnl.exe Multiple Error Codes: 0x0000003b, 0x00000024, etc

Page 1 of 2 12 LastLast

  1. Posts : 7
    Win 7 Home Premium 64-bit
       #1

    BSOD: ntoskrnl.exe Multiple Error Codes: 0x0000003b, 0x00000024, etc


    I just built a brand new system and to my dismay have have several bsod's. I believe I have all the up to date drivers, and have tried running memtest86+, but found no errors. I've run a disc check, and also run sfc /scannow 3 times. I've run driver Verify. Still having bsod's so it's probably a driver issue right?

    System Specs:
    Microsoft Windows 7 Home Premium 64-bit
    Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
    ASRock Z68 Extreme3 Gen3
    BIOS Date: 11/22/11 11:12:52 Ver: 04.06.04
    Seagate 1TB HDD
    NVIDIA GeForce GTX 560 Ti
    CORSAIR Vengeance 8gb DDR3

    I've had some windows updates that fail to install. One of which is sp1. I've tried using the system update readiness tool provided by MS Download: System Update Readiness Tool for Windows 7 for x64-based Systems (KB947821) [August 2011] - Microsoft Download Center - Confirmation, which sucessfully installed the hotfix, but sp1 still wouldn't install. I followed MS's instructions to insert my win7 disk and install win7 as an upgrade with updates installed from the internet, but still have some bsod's

    I'm also not sure if it's worth noting that my libraries are no longer working, see attached jpg.

    I've attached my dmp files from before the win7 upgrade, and after. I would be grateful for any help.
      My Computer


  2. Posts : 7
    Win 7 Home Premium 64-bit
    Thread Starter
       #2

    When I get home from work I'm going to try seating the ram in different mobo slots and try them out individually. If that doesn't work I'm going to try a clean windows install on another HDD I have. I'll post afterwords.
      My Computer


  3. Posts : 7
    Win 7 Home Premium 64-bit
    Thread Starter
       #3

    Well I've tossed in a new HDD and put windows on it. Installed all drivers. During the process of installing windows updates i got a 0x0000003b again. dmp files are attached.

    Going to try taking out ram sticks now.
      My Computer


  4. Posts : 7
    Win 7 Home Premium 64-bit
    Thread Starter
       #4

    Well, it seems like the past couple of posts are gone so i'll do a quick recap of what was deleted, and then my most recent response:

    me said:
    Took out 1 of the sticks of ram and havent blue screened for 24 hours
    writh said:
    Good to hear. Keep us updated and let us know if you need any analyses done.

    Sorry your thread was missed.
    me said:
    darn i just bsod, another 0x0000003b, analysis pls
    writh said:
    Code:
    Code: --------- 
    [list=1][*] Microsoft ® Windows Debugger Version  6.12.0002.633 AMD64 Copyright © Microsoft Corporation. All rights  reserved.
     Loading Dump File  [D:\Kingston\BSODDmpFiles\TheJGits\Windows_NT6_BSOD_jcgriff2\022912-27409-01.dmp]  Mini Kernel Dump File: Only registers and stack trace are available
     Symbol search path is:  SRV*c:\symbols*http://msdl.microsoft.com/download/symbols Executable  search path is: Windows 7 Kernel Version 7601 (Service Pack 1) MP (4  procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS  Personal Built by: 7601.17640.amd64fre.win7sp1_gdr.110622-1506 Machine  Name: Kernel base = 0xfffff800`03203000 PsLoadedModuleList =  0xfffff800`03448670 Debug session time: Wed Feb 29 20:08:46.691 2012  (UTC – 7:00) System Uptime: 0 days 15:42:42.111 Loading Kernel Symbols  ..............................................................  ...............................................................  .................. Loading User Symbols Loading unloaded module list  ......... *****************************************************************************
     
    
    • *
    • Bugcheck Analysis *
    • *
    ***************************************************************************** Use !analyze -v to get detailed debugging information. BugCheck 3B, {c0000005, fffff96000158971, fffff88008bfb070, 0} Probably caused by : win32k.sys ( win32k!FindTimer+59 ) Followup: MachineOwner 2: kd> !analyze -v *****************************************************************************
    • *
    • Bugcheck Analysis *
    • *
    ***************************************************************************** SYSTEM_SERVICE_EXCEPTION (3b) An exception happened while executing a system service routine. Arguments: Arg1: 00000000c0000005, Exception code that caused the bugcheck Arg2: fffff96000158971, Address of the instruction which caused the bugcheck Arg3: fffff88008bfb070, Address of the context record for the exception that caused the bugcheck Arg4: 0000000000000000, zero. Debugging Details: EXCEPTION_CODE: (NTSTATUS) 0xc0000005 – The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s. FAULTING_IP: win32k!FindTimer+59 fffff960`00158971 4c396b28 cmp qword ptr [rbx+28h],r13 CONTEXT: fffff88008bfb070 — (.cxr 0xfffff88008bfb070) rax=0000000000000001 rbx=ff90f96000384410 rcx=fffff960003840e0 rdx=0000000000000001 rsi=0000000000000000 rdi=0000000000000000 rip=fffff96000158971 rsp=fffff88008bfba50 rbp=ff90f96000384480 r8=0000000000000000 r9=0000000000000001 r10=fffff960001254d0 r11=fffff900c25d3010 r12=fffff96000384480 r13=fffff900c063b940 r14=0000000000000000 r15=0000000000000001 iopl=0 nv up ei ng nz na po cy cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010287 win32k!FindTimer+0x59: fffff960`00158971 4c396b28 cmp qword ptr [rbx+28h],r13 ds:002b:ff90f960`00384438=???????????????? Resetting default scope CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT BUGCHECK_STR: 0x3B PROCESS_NAME: WerFault.exe CURRENT_IRQL: 0 LAST_CONTROL_TRANSFER: from fffff96000125532 to fffff96000158971 STACK_TEXT: fffff880`08bfba50 fffff960`00125532 : 00000000`00000000 00000000`00000001 fffff880`08bfbb60 00000000`00000001 : win32k!FindTimer+0x59 fffff880`08bfbaa0 fffff800`0327eed3 : fffffa80`075919c0 00000000`00278cb0 00000000`00000101 00000000`002a70d8 : win32k!NtUserKillTimer+0x62 fffff880`08bfbae0 00000000`744e2e09 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 00000000`027eeb78 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x744e2e09 FOLLOWUP_IP: win32k!FindTimer+59 fffff960`00158971 4c396b28 cmp qword ptr [rbx+28h],r13 SYMBOL_STACK_INDEX: 0 SYMBOL_NAME: win32k!FindTimer+59 FOLLOWUP_NAME: MachineOwner MODULE_NAME: win32k IMAGE_NAME: win32k.sys DEBUG_FLR_IMAGE_TIMESTAMP: 4f10ff24 STACK_COMMAND: .cxr 0xfffff88008bfb070 ; kb FAILURE_BUCKET_ID: X64_0x3B_win32k!FindTimer+59 BUCKET_ID: X64_0x3B_win32k!FindTimer+59 Followup: MachineOwner ---------[*] Loading Dump File [D:\Kingston\BSODDmpFiles\TheJGits\Windows_NT6_BSOD_jcgriff2\022612-21091-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols Executable search path is: Windows 7 Kernel Version 7600 MP (4 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Personal Built by: 7600.16385.amd64fre.win7_rtm.090713-1255 Machine Name: Kernel base = 0xfffff800`02e56000 PsLoadedModuleList = 0xfffff800`03093e50 Debug session time: Sun Feb 26 20:20:05.989 2012 (UTC – 7:00) System Uptime: 0 days 0:02:59.004 Loading Kernel Symbols .............................................................. ............................................................... ................ Loading User Symbols Loading unloaded module list … *****************************************************************************
    • *
    • Bugcheck Analysis *
    • *
    ***************************************************************************** Use !analyze -v to get detailed debugging information. BugCheck 24, {1904fb, fffff88009745238, fffff88009744a90, fffff80002ebc399} Probably caused by : Ntfs.sys ( Ntfs!NtfsCommonWrite+da0 ) Followup: MachineOwner 2: kd> !analyze -v *****************************************************************************
    • *
    • Bugcheck Analysis *
    • *
    ***************************************************************************** NTFS_FILE_SYSTEM (24) If you see NtfsExceptionFilter on the stack then the 2nd and 3rd parameters are the exception record and context record. Do a .cxr on the 3rd parameter and then kb to obtain a more informative stack trace. Arguments: Arg1: 00000000001904fb Arg2: fffff88009745238 Arg3: fffff88009744a90 Arg4: fffff80002ebc399 Debugging Details: EXCEPTION_RECORD: fffff88009745238 — (.exr 0xfffff88009745238) ExceptionAddress: fffff80002ebc399 (nt!CcGetVacbLargeOffset+0x0000000000000069) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 0000000000000000 Parameter[1]: ffffffffffffffff Attempt to read from address ffffffffffffffff CONTEXT: fffff88009744a90 — (.cxr 0xfffff88009744a90) rax=a2fdc3399a1a8882 rbx=0000000000000000 rcx=0000000000000019 rdx=0000000000000000 rsi=0000000000000001 rdi=00000000000000f0 rip=fffff80002ebc399 rsp=fffff88009745478 rbp=fffffa8006fc6010 r8=0000000000000019 r9=0000000000000001 r10=00000000fffffff9 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000 r14=0000000000000001 r15=0000000000000000 iopl=0 nv up ei pl zr na po nc cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010246 nt!CcGetVacbLargeOffset+0x69: fffff800`02ebc399 488b04d0 mov rax,qword ptr [rax+rdx*8] ds:002b:a2fdc339`9a1a8882=???????????????? Resetting default scope CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT PROCESS_NAME: SearchIndexer. CURRENT_IRQL: 0 ERROR_CODE: (NTSTATUS) 0xc0000005 – The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s. EXCEPTION_CODE: (NTSTATUS) 0xc0000005 – The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s. EXCEPTION_PARAMETER1: 0000000000000000 EXCEPTION_PARAMETER2: ffffffffffffffff READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800030fe0e0 ffffffffffffffff FOLLOWUP_IP: Ntfs!NtfsCommonWrite+da0 fffff880`01258f40 84c0 test al,al FAULTING_IP: nt!CcGetVacbLargeOffset+69 fffff800`02ebc399 488b04d0 mov rax,qword ptr [rax+rdx*8] BUGCHECK_STR: 0×24 LAST_CONTROL_TRANSFER: from fffff80002ee6a07 to fffff80002ebc399 STACK_TEXT: fffff880`09745478 fffff800`02ee6a07 : fffff680`00000002 00000000`00000000 fffffa80`04be8110 fffffa80`04c49040 : nt!CcGetVacbLargeOffset+0x69 fffff880`09745480 fffff800`02ef3dc6 : 00000000`00000000 00000000`00000000 fffff880`09745568 fffff880`09745548 : nt!CcGetVirtualAddress+0x147 fffff880`09745510 fffff800`02ef3bf4 : fffffa80`06fc6010 00000000`00df7720 fffff880`09745650 00000000`000000f0 : nt!CcMapAndCopyInToCache+0x146 fffff880`09745600 fffff880`01258f40 : 00000000`00000000 fffff880`09745880 fffffa80`09b38e40 fffff880`09745800 : nt!CcCopyWrite+0x194 fffff880`09745690 fffff880`0125d413 : fffffa80`09b38e40 fffffa80`070b7c10 fffff880`09745800 fffff880`09745800 : Ntfs!NtfsCommonWrite+0xda0 fffff880`09745850 fffff880`0104f23f : fffffa80`070b7fb0 fffffa80`070b7c10 fffffa80`0700c010 00000000`00000001 : Ntfs!NtfsFsdWrite+0x1c3 fffff880`09745910 fffff880`0104d6df : fffffa80`07c96de0 00000000`00000001 fffffa80`07c96d00 fffffa80`070b7c10 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f fffff880`097459a0 fffff800`031db929 : 00000000`00000001 fffffa80`06f628e0 00000000`00000001 fffffa80`070b7c10 : fltmgr!FltpDispatch+0xcf fffff880`09745a00 fffff800`031dc6c3 : fffffa80`070b7ff8 fffffa80`06fcf6a0 fffffa80`06f628e0 fffffa80`06f62954 : nt!IopSynchronousServiceTail+0xf9 fffff880`09745a70 fffff800`02ec7153 : fffffa80`06f6c001 00000000`00000420 00000000`00000000 00000000`00f4b718 : nt!NtWriteFile+0x7e2 fffff880`09745b70 00000000`76fdff3a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 00000000`00f4b608 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x76fdff3a SYMBOL_STACK_INDEX: 4 SYMBOL_NAME: Ntfs!NtfsCommonWrite+da0 FOLLOWUP_NAME: MachineOwner MODULE_NAME: Ntfs IMAGE_NAME: Ntfs.sys DEBUG_FLR_IMAGE_TIMESTAMP: 4a5bc14f STACK_COMMAND: .cxr 0xfffff88009744a90 ; kb FAILURE_BUCKET_ID: X64_0x24_Ntfs!NtfsCommonWrite+da0 BUCKET_ID: X64_0x24_Ntfs!NtfsCommonWrite+da0
    Followup: MachineOwner ---------


    1. Possible causes are Memory problems… Corrupted hard disk file system… Corrupted System Files… Graphics Driver… Drivers…
    2. Possible causes are Memory problems… Corrupted hard disk file system… Drivers… corrupted SCSI or IDE Drivers…

    Thanks to Dave76 for help understanding possible causes.
    We will start with the common problems first (see bold possible causes). Do the following steps and test by doing your normal routine after each step to see if stability increases. Post back your results after each step, and if you get a blue screen crash, upload the files again and await further instructions after we are able to analyze the crash.
    If you can do your normal routine for a few weeks without a crash, and your crashes are usually more frequent than that, then the problem is likely solved.

    • If you are overclocking any hardware, please stop.
    • Run Disk Check (Disk Check) with both boxes checked for all HDDs and with Automatically fix file system errors checked for all SSDs. Post back your logs for the checks after finding them using Check Disk (chkdsk) - Read Event Viewer Log
    • Run SFC /SCANNOW Command - System File Checker up to three times to fix all errors. Post back if it continues to show errors after a fourth run or if the first run comes back with no integrity violations.

    .
    Ok so i've run sfc scannow 3 times and everything popped up clean. I also ran a chkdsk and here is the resulting log file:
    Code:
    Checking file system on C:
    The type of the file system is NTFS.
    
    A disk check has been scheduled.
    Windows will now check the disk.                         
    
    CHKDSK is verifying files (stage 1 of 5)...
      301312 file records processed.                                          File verification completed.
      348 large file records processed.                                      0 bad file records processed.                                        0 EA records processed.                                              60 reparse records processed.                                       CHKDSK is verifying indexes (stage 2 of 5)...
      372890 index entries processed.                                         Index verification completed.
      0 unindexed files scanned.                                           0 unindexed files recovered.                                       CHKDSK is verifying security descriptors (stage 3 of 5)...
      301312 file SDs/SIDs processed.                                         Cleaning up 649 unused index entries from index $SII of file 0x9.
    Cleaning up 649 unused index entries from index $SDH of file 0x9.
    Cleaning up 649 unused security descriptors.
    Security descriptor verification completed.
      35790 data files processed.                                            CHKDSK is verifying Usn Journal...
      37120656 USN bytes processed.                                             Usn Journal verification completed.
    CHKDSK is verifying file data (stage 4 of 5)...
      301296 files processed.                                                 File data verification completed.
    CHKDSK is verifying free space (stage 5 of 5)...
      87689856 free clusters processed.                                         Free space verification is complete.
    CHKDSK discovered free space marked as allocated in the
    master file table (MFT) bitmap.
    Windows has made corrections to the file system.
    
     512786431 KB total disk space.
     161455172 KB in 241929 files.
        151240 KB in 35791 indexes.
             0 KB in bad sectors.
        420595 KB in use by the system.
         65536 KB occupied by the log file.
     350759424 KB available on disk.
    
          4096 bytes in each allocation unit.
     128196607 total allocation units on disk.
      87689856 allocation units available on disk.
    
    Internal Info:
    00 99 04 00 e4 3c 04 00 78 03 08 00 00 00 00 00  .....<..x.......
    12 01 00 00 3c 00 00 00 00 00 00 00 00 00 00 00  ....<...........
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    
    Windows has finished checking your disk.
    Please wait while your computer restarts.
    I've also reattached my most recent dmp file since that was deleted. Thanks for any help.
    Last edited by TheJGits; 01 Mar 2012 at 07:33.
      My Computer


  5. Posts : 11,269
    Windows 7 Home Premium 64 Bit
       #5

    Recommend running the disk check again since Windows has made corrections to the file system. Run disk check until you get the message: "Windows has checked the file system and found no problems"

    Also, thank you for resurrecting the old posts.
      My Computer


  6. Posts : 7
    Win 7 Home Premium 64-bit
    Thread Starter
       #6

    so I ran another chkdks and it appears to have come up clean this time. I'll keep you posted if I bsod again. Event logs below:

    Code:
    Checking file system on C:
    The type of the file system is NTFS.
    
    A disk check has been scheduled.
    Windows will now check the disk.                         
    
    CHKDSK is verifying files (stage 1 of 5)...
      301312 file records processed.                                          File verification completed.
      316 large file records processed.                                      0 bad file records processed.                                        0 EA records processed.                                              60 reparse records processed.                                       CHKDSK is verifying indexes (stage 2 of 5)...
      372342 index entries processed.                                         Index verification completed.
      0 unindexed files scanned.                                           0 unindexed files recovered.                                       CHKDSK is verifying security descriptors (stage 3 of 5)...
      301312 file SDs/SIDs processed.                                         Cleaning up 18 unused index entries from index $SII of file 0x9.
    Cleaning up 18 unused index entries from index $SDH of file 0x9.
    Cleaning up 18 unused security descriptors.
    Security descriptor verification completed.
      35516 data files processed.                                            CHKDSK is verifying Usn Journal...
      36267368 USN bytes processed.                                             Usn Journal verification completed.
    CHKDSK is verifying file data (stage 4 of 5)...
      301296 files processed.                                                 File data verification completed.
    CHKDSK is verifying free space (stage 5 of 5)...
      82405159 free clusters processed.                                         Free space verification is complete.
    Windows has checked the file system and found no problems.
    
     512786431 KB total disk space.
     182595236 KB in 240704 files.
        150860 KB in 35517 indexes.
             0 KB in bad sectors.
        419699 KB in use by the system.
         65536 KB occupied by the log file.
     329620636 KB available on disk.
    
          4096 bytes in each allocation unit.
     128196607 total allocation units on disk.
      82405159 allocation units available on disk.
    
    Internal Info:
    00 99 04 00 09 37 04 00 3d fc 07 00 00 00 00 00  .....7..=.......
    0d 01 00 00 3c 00 00 00 00 00 00 00 00 00 00 00  ....<...........
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
      My Computer


  7. Posts : 11,269
    Windows 7 Home Premium 64 Bit
       #7

    Best wishes it was just the hard disk data corruption causing the problems. :)
      My Computer


  8. Posts : 7
    Win 7 Home Premium 64-bit
    Thread Starter
       #8

    writhziden said:
    Best wishes it was just the hard disk data corruption causing the problems. :)
    I'm hoping that was the case. I actually got new ram in the mail yesterday and tossed it in. It ran fine so i decided to throw in the ram I took out earlier and the system seemed to be stable. I'm going to run memtest86+ tonight for a few passes (3-5) just to be sure.
      My Computer


  9. Posts : 11,269
    Windows 7 Home Premium 64 Bit
       #9

    Alright, keep us updated on how the test goes. Good luck!
      My Computer


  10. Posts : 7
    Win 7 Home Premium 64-bit
    Thread Starter
       #10

    Going to mark this as solved. Haven't had a crash for a while now. I appreciate the help! Thank you =)
      My Computer


 
Page 1 of 2 12 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 21:45.
Find Us