BSOD & Random Crashing - locale id: 1033

  1. Posts : 4
    Windows 7 Pro

    BSOD & Random Crashing - locale id: 1033

    I'm working a friend's laptop (Windows 7 Home SP1) and it's randomly crashing, sometimes displaying BSOD. If I boot into Safe Mode, it doesn't have any issues but when it's not in Safe Mode, it crashes within the first 10 minutes of booting to the desktop. Below is the error report it generated and I've attached the results of the tool.

    problem event name: bluescreen
    os version: 6.1.7601.
    locale id: 1033
    additional information about the problem:
    bccode: 3b
    bcp1: 00000000c0000005
    bcp2: fffff8000309cd6c
    bcp3: fffff880092d6c00
    bcp4: 0000000000000000
    os version: 6_1_7601
    service pack: 1_0
    product: 768_1
      My Computer

  2. Posts : 10,994
    Win 7 Pro 64-bit

    Hello vipes27 and welcome to Seven Forums.

    The latest dump file you posted shows a problem with an outdated SCSI CD-ROM driver and a Stop Error 0x01E. The driver is usually updated through Windows Update and Microsoft has a hotfix for the error code.

    "0x0000001E" Stop error occurs intermittently in Windows 7 SP1 and Windows Server 2008 R2 SP1

    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    This is a very common bugcheck.  Usually the exception address pinpoints
    the driver/function that caused the problem.  Always note this address
    as well as the link date of the driver/image that contains this address.
    Arg1: ffffffffc0000096, The exception code that was not handled
    Arg2: fffff800030bd16a, The address that the exception occurred at
    Arg3: 0000000000000000, Parameter 0 of the exception
    Arg4: 0000000000000000, Parameter 1 of the exception
    Debugging Details:
    EXCEPTION_CODE: (NTSTATUS) 0xc0000096 - {EXCEPTION}  Privileged instruction.
    fffff800`030bd16a 0f22d8          mov     cr3,rax
    EXCEPTION_PARAMETER1:  0000000000000000
    EXCEPTION_PARAMETER2:  0000000000000000
    ERROR_CODE: (NTSTATUS) 0xc0000096 - {EXCEPTION}  Privileged instruction.
    BUGCHECK_STR:  0x1E_c0000096
    LAST_CONTROL_TRANSFER:  from fffff800030d7a88 to fffff8000308cfc0
    fffff880`0667bee8 fffff800`030d7a88 : 00000000`0000001e ffffffff`c0000096 fffff800`030bd16a 00000000`00000000 : nt!KeBugCheckEx
    fffff880`0667bef0 fffff800`0308c642 : fffff880`0667c6c8 fffffa80`09190710 fffff880`0667c770 fffffa80`09230170 : nt! ?? ::FNODOBFM::`string'+0x487ad
    fffff880`0667c590 fffff800`0308af4a : fffff880`0667c7b0 fffff8a0`03378a60 00000000`00000039 00000000`00000000 : nt!KiExceptionDispatch+0xc2
    fffff880`0667c770 fffff800`030bd16a : 00000000`00000000 fffffa80`09190710 fffffa80`09190710 fffff800`0335b8e3 : nt!KiGeneralProtectionFault+0x10a
    fffff880`0667c900 fffffa80`073859c8 : fffff880`0667ca80 fffff880`04432a00 00000000`fffffa80 00000000`00000000 : nt!KeStackAttachProcess+0x1ba
    fffff880`0667c980 fffff880`0667ca80 : fffff880`04432a00 00000000`fffffa80 00000000`00000000 00000000`00000001 : 0xfffffa80`073859c8
    fffff880`0667c988 fffff880`04432a00 : 00000000`fffffa80 00000000`00000000 00000000`00000001 00000000`002d0940 : 0xfffff880`0667ca80
    fffff880`0667c990 fffff880`0442a503 : fffffa80`07b12550 00000000`00000000 0000057f`f84edaa8 00000000`00000000 : cdrom!RequestSetupMcnRequest+0x6c
    fffff880`0667ca30 fffffa80`09190710 : fffffa80`00000008 ffffffff`80001164 00000000`00000fc4 00000000`00000000 : cdrom!RequestProcessSerializedIoctl+0xcdb
    fffff880`0667cb10 fffffa80`00000008 : ffffffff`80001164 00000000`00000fc4 00000000`00000000 fffffa80`00000030 : 0xfffffa80`09190710
    fffff880`0667cb18 ffffffff`80001164 : 00000000`00000fc4 00000000`00000000 fffffa80`00000030 00000000`00000000 : 0xfffffa80`00000008
    fffff880`0667cb20 00000000`00000fc4 : 00000000`00000000 fffffa80`00000030 00000000`00000000 00000000`00000000 : 0xffffffff`80001164
    fffff880`0667cb28 00000000`00000000 : fffffa80`00000030 00000000`00000000 00000000`00000000 00000000`00000200 : 0xfc4
    fffff880`04432a00 50              push    rax
    SYMBOL_NAME:  cdrom!RequestSetupMcnRequest+6c
    FOLLOWUP_NAME:  MachineOwner
    MODULE_NAME: cdrom
    IMAGE_NAME:  cdrom.sys
    FAILURE_BUCKET_ID:  X64_0x1E_c0000096_cdrom!RequestSetupMcnRequest+6c
    BUCKET_ID:  X64_0x1E_c0000096_cdrom!RequestSetupMcnRequest+6c
    Followup: MachineOwner
    Loaded symbol image file: cdrom.sys
        Mapped memory image file: c:\symcache\cdrom.sys\4CE792982a000\cdrom.sys
        Image path: \SystemRoot\system32\DRIVERS\cdrom.sys
        Image name: cdrom.sys
        Timestamp:        Sat Nov 20 03:19:20 2010 (4CE79298)
        CheckSum:         0002B742
        ImageSize:        0002A000
        File version:     6.1.7601.17514
        Product version:  6.1.7601.17514
        File flags:       0 (Mask 3F)
        File OS:          40004 NT Win32
        File type:        3.7 Driver
        File date:        00000000.00000000
        Translations:     0000.04b0
        CompanyName:      Microsoft Corporation
        ProductName:      Microsoft® Windows® Operating System
        InternalName:     cdrom.sys
        OriginalFilename: cdrom.sys
        ProductVersion:   6.1.7601.17514
        FileVersion:      6.1.7601.17514 (win7sp1_rtm.101119-1850)
        FileDescription:  SCSI CD-ROM Driver
        LegalCopyright:   © Microsoft Corporation. All rights reserved.
    The earliest dump file shows a problem with the ntkrnlmp.exe driver (which is associated with the ntoskrnl.exe driver), and a Stop Error code 0x0A. The nt drivers are usually updated through Windows Update and the 0x0A Stop Error code indicates drivers are using improper memory addresses. This Microsoft TechNet article give some suggestions on how to handle this error.

    Troubleshooting specific Stop messages

    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    Use !analyze -v to get detailed debugging information.
    BugCheck A, {7feff302, 2, 1, fffff8000310b0c5}
    Probably caused by : ntkrnlmp.exe ( nt!KeStackAttachProcess+115 )
    Followup: MachineOwner
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high.  This is usually
    caused by drivers using improper addresses.
    If a kernel debugger is available get the stack backtrace.
    Arg1: 000000007feff302, memory referenced
    Arg2: 0000000000000002, IRQL
    Arg3: 0000000000000001, bitfield :
    	bit 0 : value 0 = read operation, 1 = write operation
    	bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
    Arg4: fffff8000310b0c5, address which referenced memory
    Debugging Details:
    WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff8000330a100
    fffff800`0310b0c5 f00fc186dc000000 lock xadd dword ptr [rsi+0DCh],eax
    PROCESS_NAME:  System
    TRAP_FRAME:  fffff880035c4770 -- (.trap 0xfffff880035c4770)
    NOTE: The trap frame does not contain all registers.
    Some register values may be zeroed or incorrect.
    rax=0000000000000008 rbx=0000000000000000 rcx=fffffa8003cd50a0
    rdx=fffff880035c4a58 rsi=0000000000000000 rdi=0000000000000000
    rip=fffff8000310b0c5 rsp=fffff880035c4900 rbp=fffff880035c4a58
     r8=fffffa8003cd5090  r9=0000000000000130 r10=fffff880033660c0
    r11=fffffa8003cd5040 r12=0000000000000000 r13=0000000000000000
    r14=0000000000000000 r15=0000000000000000
    iopl=0         nv up ei pl zr na po nc
    fffff800`0310b0c5 f00fc186dc000000 lock xadd dword ptr [rsi+0DCh],eax ds:0e80:00000000`000000dc=????????
    Resetting default scope
    LAST_CONTROL_TRANSFER:  from fffff800030da569 to fffff800030dafc0
    fffff880`035c4628 fffff800`030da569 : 00000000`0000000a 00000000`7feff302 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
    fffff880`035c4630 fffff800`030d91e0 : fffff880`035c47b0 fffff8a0`0b600e80 00000000`00000039 fffffa80`03cd5040 : nt!KiBugCheckDispatch+0x69
    fffff880`035c4770 fffff800`0310b0c5 : 00000000`00000000 fffffa80`03cd5040 fffffa80`03cd5040 fffff800`033a98e3 : nt!KiPageFault+0x260
    fffff880`035c4900 fffffa80`073319c8 : fffff880`035c4a80 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KeStackAttachProcess+0x115
    fffff880`035c4980 fffff880`035c4a80 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0xfffffa80`073319c8
    fffff880`035c4988 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0xfffff880`035c4a80
    fffff800`0310b0c5 f00fc186dc000000 lock xadd dword ptr [rsi+0DCh],eax
    SYMBOL_NAME:  nt!KeStackAttachProcess+115
    FOLLOWUP_NAME:  MachineOwner
    IMAGE_NAME:  ntkrnlmp.exe
    FAILURE_BUCKET_ID:  X64_0xA_nt!KeStackAttachProcess+115
    BUCKET_ID:  X64_0xA_nt!KeStackAttachProcess+115
    Followup: MachineOwner
    I'd also suggest running a system file checker scan from an elevated command prompt (option two.) If problems are found, run the scan 3 times and reboot the computer after each scan.

    SFC /SCANNOW Command - System File Checker
      My Computer

  3. Posts : 4
    Windows 7 Pro
    Thread Starter

    I appreciate the reply.

    I've downloaded the hotfix and I'm trying to install it but it won't allow me to install it in Safe Mode. When I try running it in normal mode, it crashes before I can get it installed. The same thing applies with running Windows Update.

    I've also ran the system file checker a couple of times but that hasn't resolved it either. Any other ideas.

    Thanks again for your help.
      My Computer

  4. Posts : 10,994
    Win 7 Pro 64-bit

    Sometimes a computer has too many things going wrong at the same time and the quickest solution is to jump right into a repair install. A repair install should fix the currently installed Windows 7 and preserve user accounts, data, programs, system drivers etc.

    Repair Install

    It does require the installation media for the version of Windows 7 installed on the machine as well as the 25-digit Product Key for reactivation with Microsoft. If you don't have the installation media, you can download an ISO from Digital River (official Microsoft download site.) Save it to desktop and then burn it to DVD. A lot of folks recommend using the free ImgBurn and burning at no more than 4x speed.

    Official Windows 7 SP1 ISO from Digital River « My Digital Life

    The Official ImgBurn Website
      My Computer

  5. Posts : 4
    Windows 7 Pro
    Thread Starter

    Can the repair install be run in Safe Mode? I don't think the laptop will stay up long enough if I'm not in Safe Mode.
      My Computer

  6. Posts : 10,994
    Win 7 Pro 64-bit

    I'm sorry, no. You cannot do a repair install at boot or in safe mode.

    Providing you're not dealing with a hardware issue (failing hard drive, RAM, etc) a clean install may be the best option. You might want to go through these troubleshooting steps prepared by one of the Forum experts. It has some suggestions on how to test for hardware issues. And a review of the clean install procedures.

    Troubleshooting Steps for Windows 7

    Clean Reinstall - Factory OEM Windows 7

    Clean Install Windows 7
      My Computer


  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 00:35.
Find Us