Alright to start
Code:
Microsoft (R) Windows Debugger Version 6.2.9200.16384 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\Skyler\AppData\Local\Temp\Rar$DIa0.366\021513-21606-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.18044.amd64fre.win7sp1_gdr.130104-1431
Machine Name:
Kernel base = 0xfffff800`0340b000 PsLoadedModuleList = 0xfffff800`0364f670
Debug session time: Fri Feb 15 11:21:45.684 2013 (UTC - 6:00)
System Uptime: 1 days 5:08:50.042
Loading Kernel Symbols
...............................................................
................................................................
..........................
Loading User Symbols
Loading unloaded module list
...............
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 19, {20, fffff8a0055d3c40, fffff8a0055d3cb0, d070107}
GetPointerFromAddress: unable to read from fffff800036b9100
GetUlongFromAddress: unable to read from fffff800036b91c0
Probably caused by : TeamViewer.exe
Followup: MachineOwner
---------
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 0000000000000020, a pool block header size is corrupt.
Arg2: fffff8a0055d3c40, The pool entry we were looking for within the page.
Arg3: fffff8a0055d3cb0, The next pool entry.
Arg4: 000000000d070107, (reserved)
Debugging Details:
------------------
BUGCHECK_STR: 0x19_20
POOL_ADDRESS: fffff8a0055d3c40 Paged pool
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT
PROCESS_NAME: TeamViewer.exe
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from fffff800035b4cae to fffff80003480c40
STACK_TEXT:
fffff880`07708528 fffff800`035b4cae : 00000000`00000019 00000000`00000020 fffff8a0`055d3c40 fffff8a0`055d3cb0 : nt!KeBugCheckEx
fffff880`07708530 fffff800`0373f976 : fffffa80`07fcb060 fffffa80`05fa0010 fffff8a0`626e4d43 fffffa80`07887590 : nt!ExDeferredFreePool+0x12da
fffff880`077085e0 fffff800`03754336 : fffff8a0`055cbfa0 fffff8a0`05465700 00000000`00000000 fffff8a0`00000019 : nt!CmpFlushNotify+0xca
fffff880`07708640 fffff800`0348a174 : 00000000`00000000 fffff8a0`05465710 fffffa80`05212240 fffff8a0`055cbf70 : nt!CmpDeleteKeyObject+0x6a6
fffff880`07708710 fffff800`0377b184 : fffff8a0`05465710 00000000`00000000 fffffa80`07fcb060 00000000`00000000 : nt!ObfDereferenceObject+0xd4
fffff880`07708770 fffff800`0373d3f0 : 00000000`0000014c fffff8a0`05465710 fffff8a0`054bb530 00000000`0000014c : nt!ObpCloseHandleTableEntry+0xc4
fffff880`07708800 fffff800`0373d2e8 : 00000000`00000004 00000000`00000000 fffffa80`07e87920 fffff800`0372a7d1 : nt!ObpCloseHandleProcedure+0x30
fffff880`07708840 fffff800`0373d976 : fffff8a0`054af001 fffff880`07708c20 fffffa80`07e87920 00000000`00000001 : nt!ExSweepHandleTable+0x74
fffff880`07708880 fffff800`03759012 : fffff8a0`054af060 00000000`00000000 00000000`00000000 00000000`00000000 : nt!ObKillProcess+0x62
fffff880`077088c0 fffff800`0373f15d : 00000000`c0000005 00000000`00000201 00000000`7efd8000 00000000`00000000 : nt!PspExitThread+0x522
fffff880`077089c0 fffff800`0347375a : 00000000`00000308 00000000`00000310 00000000`00000324 00000000`0000031c : nt!PsExitSpecialApc+0x1d
fffff880`077089f0 fffff800`03473aa0 : 00000000`00000246 fffff880`07708a70 fffff800`0373f0d0 00000000`00000001 : nt!KiDeliverApc+0x2ca
fffff880`07708a70 fffff800`0347ff77 : 00000000`00000001 fffffa80`07fcb5d0 00000000`00000000 fffff880`07708c00 : nt!KiInitiateUserApc+0x70
fffff880`07708bb0 00000000`75562e09 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExit+0x9c
00000000`02d3ee98 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x75562e09
STACK_COMMAND: kb
PROCESS_OBJECT: fffffa8007e87920
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: TeamViewer
IMAGE_NAME: TeamViewer.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 0
FAILURE_BUCKET_ID: X64_0x19_20_IMAGE_TeamViewer.exe
BUCKET_ID: X64_0x19_20_IMAGE_TeamViewer.exe
Followup: MachineOwner
---------
This one is pointing towards teamviewer, So for now uninstall teamviewer.
The next
Code:
Microsoft (R) Windows Debugger Version 6.2.9200.16384 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\Skyler\AppData\Local\Temp\Rar$DIa0.522\021813-25474-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.18044.amd64fre.win7sp1_gdr.130104-1431
Machine Name:
Kernel base = 0xfffff800`03453000 PsLoadedModuleList = 0xfffff800`03697670
Debug session time: Mon Feb 18 19:04:19.658 2013 (UTC - 6:00)
System Uptime: 0 days 1:14:43.000
Loading Kernel Symbols
...............................................................
................................................................
...........................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck D1, {fffffa80fffffa80, 2, 1, fffff880042119c3}
*** WARNING: Unable to verify timestamp for sptd.sys
*** ERROR: Module load completed but symbols could not be loaded for sptd.sys
Probably caused by : sptd.sys ( sptd+424ce )
Followup: MachineOwner
---------
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: fffffa80fffffa80, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880042119c3, address which referenced memory
Debugging Details:
------------------
WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff80003701100
GetUlongFromAddress: unable to read from fffff800037011c0
fffffa80fffffa80 Nonpaged pool
CURRENT_IRQL: 2
FAULTING_IP:
USBPORT!USBPORT_Core_UsbDoneDpc_Worker+2a3
fffff880`042119c3 488908 mov qword ptr [rax],rcx
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT
BUGCHECK_STR: 0xD1
PROCESS_NAME: System
TAG_NOT_DEFINED_c000000f: FFFFF88003122FB0
TRAP_FRAME: fffff8800311ba10 -- (.trap 0xfffff8800311ba10)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffffa80fffffa80 rbx=0000000000000000 rcx=0590386807354e30
rdx=fffffa8007c80d08 rsi=0000000000000000 rdi=0000000000000000
rip=fffff880042119c3 rsp=fffff8800311bba0 rbp=fffffa80070b41a0
r8=fffffa80070b41a0 r9=0000000000000000 r10=fffffa80070b41a0
r11=fffffa8007354d20 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na pe nc
USBPORT!USBPORT_Core_UsbDoneDpc_Worker+0x2a3:
fffff880`042119c3 488908 mov qword ptr [rax],rcx ds:fffffa80`fffffa80=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff800034c81e9 to fffff800034c8c40
STACK_TEXT:
fffff880`0311b8c8 fffff800`034c81e9 : 00000000`0000000a fffffa80`fffffa80 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
fffff880`0311b8d0 fffff800`034c6e60 : 00000000`ffffff01 fffffa80`07354f68 fffff880`051a3000 fffffa80`07c80c20 : nt!KiBugCheckDispatch+0x69
fffff880`0311ba10 fffff880`042119c3 : fffffa80`070b4050 fffffa80`070b41a0 fffffa80`070b4ba0 fffffa80`070b41a0 : nt!KiPageFault+0x260
fffff880`0311bba0 fffff880`04202f89 : fffffa80`070b4050 00000000`00000000 fffffa80`0708a702 fffffa80`070b4ba0 : USBPORT!USBPORT_Core_UsbDoneDpc_Worker+0x2a3
fffff880`0311bc00 fffff880`011004ce : fffffa80`0708a000 fffffa80`070b4ba0 fffffa80`0708a750 fffffa80`070b4bb8 : USBPORT!USBPORT_Xdpc_Worker+0x1d9
fffff880`0311bc30 fffffa80`0708a000 : fffffa80`070b4ba0 fffffa80`0708a750 fffffa80`070b4bb8 fffff880`009e7180 : sptd+0x424ce
fffff880`0311bc38 fffffa80`070b4ba0 : fffffa80`0708a750 fffffa80`070b4bb8 fffff880`009e7180 00000000`00000000 : 0xfffffa80`0708a000
fffff880`0311bc40 fffffa80`0708a750 : fffffa80`070b4bb8 fffff880`009e7180 00000000`00000000 fffff880`009ebec0 : 0xfffffa80`070b4ba0
fffff880`0311bc48 fffffa80`070b4bb8 : fffff880`009e7180 00000000`00000000 fffff880`009ebec0 00000000`00000022 : 0xfffffa80`0708a750
fffff880`0311bc50 fffff880`009e7180 : 00000000`00000000 fffff880`009ebec0 00000000`00000022 00000000`00000000 : 0xfffffa80`070b4bb8
fffff880`0311bc58 00000000`00000000 : fffff880`009ebec0 00000000`00000022 00000000`00000000 00000000`00000000 : 0xfffff880`009e7180
STACK_COMMAND: kb
FOLLOWUP_IP:
sptd+424ce
fffff880`011004ce ?? ???
SYMBOL_STACK_INDEX: 5
SYMBOL_NAME: sptd+424ce
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: sptd
IMAGE_NAME: sptd.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4ad24632
FAILURE_BUCKET_ID: X64_0xD1_sptd+424ce
BUCKET_ID: X64_0xD1_sptd+424ce
Followup: MachineOwner
---------
This one is pointing at sptd.sys = SCSI Pass Through Direct Host - Daemon Tools (known BSOD issues with Win7)
So i suggest uninstalling Dameon tools for now.
For teamviewer if it is a must, you can try using the portable version in which no installation is needed. You just run an executable in a zip but no installing to the pc. http://www.teamviewer.com/download/T...erPortable.zip
This can be "directed" (installed essentially) to a flash drive if u wish.
To replace Dameon tools if it is a need, try out Freeware MagicISO Virtual CD/DVD-ROM(MagicDisc) Overview
I am warning you though, that most of these disc mounting tools do like to cause BSOD's. So magicdisc may came with similar issues to Dameon tools.
Report back with news, i will be glad to help. thanks for your cooperation:)