BSOD various error codes occuring

Code:

Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [D:\Kingston\BSODDmpFiles\scarborough\Windows_NT6_BSOD_jcgriff2\031812-49904-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7601.17727.amd64fre.win7sp1_gdr.111118-2330
Machine Name:
Kernel base = 0xfffff800`03a4d000 PsLoadedModuleList = 0xfffff800`03c91650
Debug session time: Sun Mar 18 17:14:24.845 2012 (UTC - 6:00)
System Uptime: 0 days 0:10:41.938
Loading Kernel Symbols
...............................................................
................................................................
.....................................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck D1, {fffff8800151a944, 0, 8, fffff8800151a944}

Probably caused by : Ntfs.sys ( Ntfs! ?? ::NNGAKEGL::`string'+600 )

Followup: MachineOwner
---------

6: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: fffff8800151a944, memory referenced
Arg2: 0000000000000000, IRQL
Arg3: 0000000000000008, value 0 = read operation, 1 = write operation
Arg4: fffff8800151a944, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80003cfb100
 fffff8800151a944 

CURRENT_IRQL:  0

FAULTING_IP: 
Ntfs! ?? ::NNGAKEGL::`string'+600
fffff880`0151a944 55              push    rbp

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0xD1

PROCESS_NAME:  WDFME.exe

TRAP_FRAME:  fffff88008e73d20 -- (.trap 0xfffff88008e73d20)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffff8800151a944 rbx=0000000000000000 rcx=fffff88008e73ef0
rdx=fffff88008e755a0 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8800151a944 rsp=fffff88008e73eb8 rbp=fffff88008e73ff0
 r8=fffff88008e74670  r9=fffff88008e73ff0 r10=fffff88008e75650
r11=fffff88008e73f28 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz na po nc
Ntfs! ?? ::NNGAKEGL::`string'+0x600:
fffff880`0151a944 55              push    rbp
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff80003ac92e9 to fffff80003ac9d40

FAILED_INSTRUCTION_ADDRESS: 
Ntfs! ?? ::NNGAKEGL::`string'+600
fffff880`0151a944 55              push    rbp

STACK_TEXT:  
fffff880`08e73bd8 fffff800`03ac92e9 : 00000000`0000000a fffff880`0151a944 00000000`00000000 00000000`00000008 : nt!KeBugCheckEx
fffff880`08e73be0 fffff800`03ac7f60 : 00000000`00000008 fffff880`0151a944 00fcfcfc`00fcfc00 fffff880`0147dc30 : nt!KiBugCheckDispatch+0x69
fffff880`08e73d20 fffff880`0151a944 : fffff800`03af4fec 00fcfcfc`00fcfcfc 00fcfcfc`00fcfcfc 00fcfcfc`00fcfcfc : nt!KiPageFault+0x260
fffff880`08e73eb8 fffff800`03af4fec : 00fcfcfc`00fcfcfc 00fcfcfc`00fcfcfc 00fcfcfc`00fcfcfc 00fcfcfc`00fcfcfc : Ntfs! ?? ::NNGAKEGL::`string'+0x600
fffff880`08e73ec0 fffff800`03af4a6d : fffff880`0147dc24 fffff880`08e755a0 00000000`00000000 fffff880`0142d000 : nt!_C_specific_handler+0x8c
fffff880`08e73f30 fffff800`03af3845 : fffff880`0147dc24 fffff880`08e73fa8 fffff880`08e74e18 fffff880`0142d000 : nt!RtlpExecuteHandlerForException+0xd
fffff880`08e73f60 fffff800`03b047c1 : fffff880`08e74e18 fffff880`08e74670 fffff880`00000000 fffff6fc`c002db20 : nt!RtlDispatchException+0x415
fffff880`08e74640 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDispatchException+0x135


STACK_COMMAND:  kb

FOLLOWUP_IP: 
Ntfs! ?? ::NNGAKEGL::`string'+600
fffff880`0151a944 55              push    rbp

SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  Ntfs! ?? ::NNGAKEGL::`string'+600

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: Ntfs

IMAGE_NAME:  Ntfs.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4d79997b

FAILURE_BUCKET_ID:  X64_0xD1_CODE_AV_BAD_IP_Ntfs!_??_::NNGAKEGL::_string_+600

BUCKET_ID:  X64_0xD1_CODE_AV_BAD_IP_Ntfs!_??_::NNGAKEGL::_string_+600

Followup: MachineOwner
---------

Loading Dump File [D:\Kingston\BSODDmpFiles\scarborough\Windows_NT6_BSOD_jcgriff2\031812-24897-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7601.17727.amd64fre.win7sp1_gdr.111118-2330
Machine Name:
Kernel base = 0xfffff800`03a15000 PsLoadedModuleList = 0xfffff800`03c59650
Debug session time: Sun Mar 18 01:31:15.728 2012 (UTC - 6:00)
System Uptime: 0 days 1:09:22.821
Loading Kernel Symbols
...............................................................
................................................................
........................................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck D1, {fffffa82074b35b8, 2, 1, fffff88004607c84}

Probably caused by : dxgmms1.sys ( dxgmms1!VidSchiSendToExecutionQueue+790 )

Followup: MachineOwner
---------

6: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: fffffa82074b35b8, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff88004607c84, address which referenced memory

Debugging Details:
------------------


WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff80003cc3100
 fffffa82074b35b8 

CURRENT_IRQL:  2

FAULTING_IP: 
dxgmms1!VidSchiSendToExecutionQueue+790
fffff880`04607c84 f0480fb1b4dda0050000 lock cmpxchg qword ptr [rbp+rbx*8+5A0h],rsi

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0xD1

PROCESS_NAME:  System

TRAP_FRAME:  fffff88004ee7750 -- (.trap 0xfffff88004ee7750)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffffa800749da30
rdx=fffffa80074f1c10 rsi=0000000000000000 rdi=0000000000000000
rip=fffff88004607c84 rsp=fffff88004ee78e0 rbp=fffffa80074b3000
 r8=fffffa80074b3000  r9=0000000000000000 r10=fffff8800460c244
r11=fffff88004ee78b0 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl zr na po nc
dxgmms1!VidSchiSendToExecutionQueue+0x790:
fffff880`04607c84 f0480fb1b4dda0050000 lock cmpxchg qword ptr [rbp+rbx*8+5A0h],rsi ss:0018:fffffa80`074b35a0=0000000000000000
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff80003a912e9 to fffff80003a91d40

STACK_TEXT:  
fffff880`04ee7608 fffff800`03a912e9 : 00000000`0000000a fffffa82`074b35b8 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
fffff880`04ee7610 fffff800`03a8ff60 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`40000003 : nt!KiBugCheckDispatch+0x69
fffff880`04ee7750 fffff880`04607c84 : 00000000`00000003 fffffa80`074b3000 00000000`00000003 fffffa80`074b3d90 : nt!KiPageFault+0x260
fffff880`04ee78e0 fffff880`04639e65 : fffffa80`074b3001 fffffa80`00000001 00000000`00000000 fffffa80`074b3000 : dxgmms1!VidSchiSendToExecutionQueue+0x790
fffff880`04ee79e0 fffff880`04638d3c : 00000000`00000006 00000000`0005535b fffffa80`074fd960 fffffa80`0749d2a0 : dxgmms1!VidSchiSendToExecutionQueueWithWait+0x179
fffff880`04ee7ae0 fffff880`04638398 : fffff800`0529c000 fffff880`04637d00 fffffa80`00000000 fffffa80`000000ac : dxgmms1!VidSchiSubmitRenderCommand+0x920
fffff880`04ee7cd0 fffff880`04637e96 : 00000000`00000000 fffffa80`074fdd50 00000000`00000080 fffffa80`0749d2a0 : dxgmms1!VidSchiSubmitQueueCommand+0x50
fffff880`04ee7d00 fffff800`03d2bf7a : 00000000`01d28baf fffffa80`0749e060 fffffa80`024ad5f0 fffffa80`0749e060 : dxgmms1!VidSchiWorkerThread+0xd6
fffff880`04ee7d40 fffff800`03a829c6 : fffff800`03c06e80 fffffa80`0749e060 fffff800`03c14cc0 fffff880`01452384 : nt!PspSystemThreadStartup+0x5a
fffff880`04ee7d80 00000000`00000000 : fffff880`04ee8000 fffff880`04ee2000 fffff880`04ee7680 00000000`00000000 : nt!KxStartSystemThread+0x16


STACK_COMMAND:  kb

FOLLOWUP_IP: 
dxgmms1!VidSchiSendToExecutionQueue+790
fffff880`04607c84 f0480fb1b4dda0050000 lock cmpxchg qword ptr [rbp+rbx*8+5A0h],rsi

SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  dxgmms1!VidSchiSendToExecutionQueue+790

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: dxgmms1

IMAGE_NAME:  dxgmms1.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4ce799c1

FAILURE_BUCKET_ID:  X64_0xD1_dxgmms1!VidSchiSendToExecutionQueue+790

BUCKET_ID:  X64_0xD1_dxgmms1!VidSchiSendToExecutionQueue+790

Followup: MachineOwner
---------

Loading Dump File [D:\Kingston\BSODDmpFiles\scarborough\Windows_NT6_BSOD_jcgriff2\031812-18657-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7601.17727.amd64fre.win7sp1_gdr.111118-2330
Machine Name:
Kernel base = 0xfffff800`03a5c000 PsLoadedModuleList = 0xfffff800`03ca0650
Debug session time: Sun Mar 18 00:19:14.177 2012 (UTC - 6:00)
System Uptime: 0 days 0:00:59.270
Loading Kernel Symbols
...............................................................
................................................................
..............................
Loading User Symbols
Loading unloaded module list
...
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck F7, {f8804149219e, f8800149219e, ffff077ffeb6de61, 0}

Probably caused by : Ntfs.sys ( Ntfs!_report_gsfailure+26 )

Followup: MachineOwner
---------

6: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

DRIVER_OVERRAN_STACK_BUFFER (f7)
A driver has overrun a stack-based buffer.  This overrun could potentially
allow a malicious user to gain control of this machine.
DESCRIPTION
A driver overran a stack-based buffer (or local variable) in a way that would
have overwritten the function's return address and jumped back to an arbitrary
address when the function returned.  This is the classic "buffer overrun"
hacking attack and the system has been brought down to prevent a malicious user
from gaining complete control of it.
Do a kb to get a stack backtrace -- the last routine on the stack before the
buffer overrun handlers and bugcheck call is the one that overran its local
variable(s).
Arguments:
Arg1: 0000f8804149219e, Actual security check cookie from the stack
Arg2: 0000f8800149219e, Expected security check cookie
Arg3: ffff077ffeb6de61, Complement of the expected security check cookie
Arg4: 0000000000000000, zero

Debugging Details:
------------------


DEFAULT_BUCKET_ID:  GS_FALSE_POSITIVE_MISSING_GSFRAME

SECURITY_COOKIE:  Expected 0000f8800149219e found 0000f8804149219e

BUGCHECK_STR:  0xF7_ONE_BIT

CUSTOMER_CRASH_COUNT:  1

PROCESS_NAME:  svchost.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from fffff88001458df2 to fffff80003ad8d40

STACK_TEXT:  
fffff880`0726e2e8 fffff880`01458df2 : 00000000`000000f7 0000f880`4149219e 0000f880`0149219e ffff077f`feb6de61 : nt!KeBugCheckEx
fffff880`0726e2f0 fffff880`0144ac38 : fffffa80`0538c700 00000000`00000000 fffff8a0`0376bc00 fffff880`0726e700 : Ntfs!_report_gsfailure+0x26
fffff880`0726e330 fffff880`01442fc6 : fffff880`0726e6d0 fffffa80`07b49710 fffff8a0`0376bc70 00000000`00000000 : Ntfs!NtfsNonCachedIo+0xa76
fffff880`0726e500 fffff880`01444a68 : fffff880`0726e6d0 fffffa80`07b49710 fffff880`0726e801 fffffa80`07998801 : Ntfs!NtfsCommonRead+0x7a6
fffff880`0726e6a0 fffff880`012f3bcf : fffffa80`07b49ab0 fffffa80`07b49710 fffffa80`07998830 00000000`00000000 : Ntfs!NtfsFsdRead+0x1b8
fffff880`0726e8b0 fffff880`012f26df : fffffa80`0529ea30 fffffa80`07b2c301 fffffa80`0529ea00 fffffa80`07b49710 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff880`0726e940 fffff800`03b00125 : fffffa80`07b49730 fffffa80`07a25070 fffffa80`059645d0 000007fe`f8661000 : fltmgr!FltpDispatch+0xcf
fffff880`0726e9a0 fffff800`03affbf9 : 00000000`00000001 00000000`00000001 fffffa80`05964510 fffffa80`00000020 : nt!IoPageRead+0x255
fffff880`0726ea30 fffff800`03ae649a : 00000000`00000000 00000000`00000000 ffffffff`ffffffff 00000000`00000000 : nt!MiIssueHardFault+0x255
fffff880`0726eac0 fffff800`03ad6e6e : 00000000`00000001 000007fe`f8661000 00000000`77cc2501 000007fe`ff780000 : nt!MmAccessFault+0x146a
fffff880`0726ec20 00000000`77be818d : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x16e
00000000`0139efc0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x77be818d


STACK_COMMAND:  kb

FOLLOWUP_IP: 
Ntfs!_report_gsfailure+26
fffff880`01458df2 cc              int     3

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  Ntfs!_report_gsfailure+26

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: Ntfs

IMAGE_NAME:  Ntfs.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4d79997b

FAILURE_BUCKET_ID:  X64_0xF7_ONE_BIT_MISSING_GSFRAME_Ntfs!_report_gsfailure+26

BUCKET_ID:  X64_0xF7_ONE_BIT_MISSING_GSFRAME_Ntfs!_report_gsfailure+26

Followup: MachineOwner
---------

1. Still pointing to your hard disk having errors...
2. Points to your DirectX/graphics card...
3. Points to hard disk errors...

Have you run the drive fitness tests?

Hi writhziden,

I've only recently been able to run the DFT. I burnt it on a cd and booted it up at restart. It got stuck at a 'loading dfts' part, then I found out online that that can be solved by disabling the 'Legacy USB keys' at BIOS so I did. Then now after clicking "I agree" on the licensing, it gets stuck at "Detecting Primary IDE master". I searched online and found other people with similar prob

Alright, in that case, I would recommend running the short and long tests of SeaTools. It will work on any hard disk manufacturer's drive, but it will not fix errors on non-Seagate drives. Does not really matter, though; we are just trying to determine if the hard disk is good or not.

(Hmm. Weird how my last post is incomplete.)

Alright. Will do.

Hi writhziden

Just ran the Seatools test (thanks for the suggestion) and I passed both the short and long tests. Guess we can deem the hard drive out of the problem, huh.

Alright, let's take a look at the DirectX problem:

• Try re-installing DirectX using the Download: DirectX Redist (June 2010) - Microsoft Download Center - Download Details and see how the system responds.
  
  Follow the steps for Diagnosing basic problems with DirectX. To re-install your display card drivers as outlined in the DirectX link, use the following steps.
  
  
  1. Download the latest drivers for your display card(s)
  2. Click Start Menu
  3. Right Click My Computer/Computer
  4. Click Manage
  5. Click Device Manager from the list on the left
  6. Expand Display adapters
  7. Do the following for each adapter (in case you have multiple display cards)
     
     • Right click the adapter
     • Click Uninstall (do not click OK in the dialog box that pops up after hitting Uninstall)
     • Put a tick in Delete driver software for this device (if this option is available, otherwise just hit OK) and hit OK
  8. Restart your computer after uninstalling drivers for all display cards
  9. Install the latest driver for the display cards once Windows starts
  
  
  Alternatively:
  
  1. Login as an adminstrative user
  2. Download the latest drivers for your display card(s)
  3. Click Start Menu
  4. Click Control Panel
  5. Click Hardware and Sound
  6. Click Device Manager (the last link under Devices and Printers)
  7. Expand Display adapters
  8. Do the following for each adapter (in case you have multiple display cards)
     
     • Right click the adapter
     • Click Uninstall (do not click OK in the dialog box that pops up after hitting Uninstall)
     • Put a tick in Delete driver software for this device (if this option is available, otherwise just hit OK) and hit OK
  9. Restart your computer after uninstalling drivers for all display cards
  10. Install the latest driver for the display cards once Windows starts

Hey all, I could really use some help.

I have a Toshiba Tecra R850 with Windows 7, not sure if 32/64.

A couple weeks ago I got a popup from Toshiba wanting me to update drivers, so I did.

I immediately started getting BSOD all the time. I figured out the problem was a driver called thpdrv.sys. I read through some forums and was advised to uninstall Toshiba HDD protection then delete the thpdrv.sys driver, there was a poster who did this and it worked so I did it as well.

It did not work for me. Now my laptop won't load windows and it goes straight to a repair screen, which I run, then it tells me it can't repair and it restarts, and the cycle keeps happening.

F12 doesn't work and nothing in F8 works. I can get to a command prompt but it won't access the C:

I didn't get a Toshiba boot disk with it.

I tried to create one with another laptop but it will only get so far then it reboots.

Any ideas?

Beejster, carefully follow the steps in Troubleshooting Windows 7 Failure to Boot.

Please start your own thread if you continue to have problems after doing the steps in that tutorial.

Hello, reviving this thread.

I just got my computer fixed and the repair guy changed the hard drive, which made my laptop completely smoother than before, it's almost running as if new. But I'm STILL getting a few crashes here and there (though definitely not as often as I had) so maybe it's more of a registry/driver problem, and I'm hoping to have help how to fix it myself.

Attached is the latest dump file using the SF diagnostics tool.