Hi
Once a week or few days i get bsod service exception and bad pool header.
I don't play games for now. And bsod have very random timming, eg. when i browse the internet.
Latest bsod i get System Service Exception.
I test my ram with memtest86 and with standard windows tool
I also check my hdd with chkdsk
Here is data from your SF program.
Code:BugCheck 3B, {c0000005, fffff800031ccc20, fffff8800afda320, 0} Probably caused by : ntkrnlmp.exe ( nt!ObpCreateHandle+300 )Code:Usual causes: System service, Device driver, graphics driver, memoryavast! seems to be causing problems, please remove the program completely with the avast! Removal Tool, and then install and run full scans with these free and proven alternatives which work best with the operating system due to their compatibility and lightweight nature on system resources.Code:2: kd> lmvm aswSnx start end module name fffff880`01800000 fffff880`01896000 aswSnx T (no symbols) Loaded symbol image file: aswSnx.SYS Image path: \SystemRoot\System32\Drivers\aswSnx.SYS Image name: aswSnx.SYS Timestamp: Mon Nov 28 17:54:05 2011 (4ED3CABD) CheckSum: 00096E09 ImageSize: 00096000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
Install and perform full scans with:
- Malwarebytes : Free anti-malware download
- Microsoft Security Essentials | Protect against viruses, spyware, and other malware
InformationRemember to install the free version of Malwarebytes not the free trail; untick the free trial box during installation. MSE is the most lightweight and compatible with the Windows 7 operating system
You can also view this thread for a complete free and lightweight security protection combination:
x BlueRobot, Thank you for your reply.
I removed avast using that tool in safe mode.
I installed Malwarebytes without trial option, and i scan my computer
There was 6 issues found, which i removed.
I installed MS Security Essentials, scaned computer without any issues.
I hope that will solve the bsod problems.
Can you tell me / teach me how you manange to find problem in logs ?
Can i post present logs ?
You need to download and install WinDbg firstly - Configuring the "Debugging Tools"
Do I have to install debugging tool from that link Download and Install Debugging Tools for Windows ?
Or just WinDbg ? or WinDbg is part of debugging tool from that url ?
I not sure which tool install, WDK or SDK ?
Can I install both of them ?
I tried to install SDK from here Download Microsoft Windows SDK for Windows 7 and .NET Framework 4 from Official Microsoft Download Center
I wanted change path, to recommended c:\debuggers
But i see two location:
folder for tools and folder for samples
Will be better to install tools in c:\debuggers and samples in original folder or in eg. c:\debuggers\samples ?
// edit
Meanwhile i got another bsod Memory Management
I had this bsod before, fogot to meantion
Last edited by hejowicz; 12 Aug 2013 at 03:37.
Have you got the debugger installed now? It chose the SDK option too :)
Associate the dump files with the debugger with this command, you may need to open a elevated (Administrator) command prompt:
Source: BSOD Analysis - Getting StartedCode:"C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\windbg.exe" -IA
BSOD Analysis:
Code:BugCheck 1A, {41287, 0, 0, 0} Probably caused by : ntkrnlmp.exe ( nt! ?? ::FNODOBFM::`string'+454f5 )It appears that a illegal page fault has occurred during working set synchronization, causing some memory management data structures to become corrupt.Code:Usual causes: Device driver, memory, kernel
Run Driver Verifier to scan for any corrupted drivers which may be causing problems, this program works by running various stress tests on drivers, in order to produce a BSOD which will locate the driver; run for least 24 hours:Code:TRAP_FRAME: fffff88009040d70 -- (.trap 0xfffff88009040d70) NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000001 rdx=0000000000000001 rsi=0000000000000000 rdi=0000000000000000 rip=fffff80002eea967 rsp=fffff88009040f08 rbp=0000000000002000 r8=0000000000000000 r9=00000000ffffffff r10=fffffa8009b16a50 r11=fffffa800a007f78 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei pl zr na po nc nt!MiInsertNode+0xa7: fffff800`02eea967 498b08 mov rcx,qword ptr [r8] ds:00000000`00000000=????????????????
InformationAdditional Help - Using Driver Verifier to identify issues with Drivers
Ok, I trun on driver verifier, it's running about 4 hours now, i let you know, after day.
Meanwhile i have question about debugging tools.
I installed Windows SDK for Windows 7 and .NET Framework 4
(with little problem, because i had to uinstall latest Visual C ++)
durring installation
In section called "redistribudable packages"
I selected "Debugging Tools"
After success installation , I can't find winDBG.exe in c:\debuggers\
I don't have such folder in
C:\Program Files (x86)\Windows Kits\
edit:
i found windbg.exe in another location
I allready associate windbg with .dmp
and i add symbol file path
I copied full memory.dmp from windows directory to desktop , for testing.
But i think , i have problem with read this.
I opened 8GiB file, and i see:
Is this full dump or just a part of it ?,Code:Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C:\Users\Piotrek\Desktop\MEMORY.DMP] Kernel Complete Dump File: Full address space is available Symbol search path is: srv*c:\symbols*http://msdl.microsoft.com/download/symbols Executable search path is: Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Built by: 7601.18113.amd64fre.win7sp1_gdr.130318-1533 Machine Name: Kernel base = 0xfffff800`02e4d000 PsLoadedModuleList = 0xfffff800`03090670 Debug session time: Mon Aug 12 09:57:28.880 2013 (UTC + 2:00) System Uptime: 2 days 6:19:19.740 Loading Kernel Symbols ............................................................... ................................................................ ............................... Loading User Symbols ..... Loading unloaded module list ..........................Unable to enumerate user-mode unloaded modules, NTSTATUS 0xC0000147 Loading Wow64 Symbols ................................................................ ................................................................ ....... ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 1A, {41287, 0, 0, 0} "kernel32.dll" was not found in the image list. Debugger will attempt to load "kernel32.dll" at given base 00000000`00000000. Please provide the full image name, including the extension (i.e. kernel32.dll) for more reliable results.Base address and size overrides can be given as .reload <image.ext>=<base>,<size>. Unable to add module at 00000000`00000000 Probably caused by : ntkrnlmp.exe ( nt! ?? ::FNODOBFM::`string'+454f5 ) Followup: MachineOwner ---------
I think maybe something went wrong, and i don't see full content of crash dump
Code:Unable to enumerate user-mode unloaded modules, NTSTATUS 0xC0000147
Last edited by hejowicz; 13 Aug 2013 at 00:45. Reason: new info
Make sure your Symbol Path is the exact same as mine:
That's a Complete Memory dump too, so it will contain User-Mode and Kernel-Mode address space, a Kernel Memory dump or a Minidump is all you will need, since a BSOD results because of an error in Kernel Mode.Code:SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Ok. I changed symbol path to your, i had slight different.
After turrning on driver verifier i finally got bsod.
Yes. i got 8gb dump because i choose full memory dump
Dump Files - Configure Windows to Create on BSOD
maybe it's not necessary to choose that big dump ?
edit:
can i now disable driver verifier ?
It's not necessary at all, I'll keep it configured at a Kernel Memory dump or a Minidump :)
There's no new dump files within that folder, please check this directory:
Code:C:\Windows\Minidump
Quote