Windows 7 BSOD, A LOT

Michael Holcepl

New Member
When I first upgraded from Vista to 7, I was getting a lot of BSOD. It's been a long road figuring out what all was wrong, turn out I had a ASUS motherboard driver that didn't like windows 7 and had to get rid of norton. The computer was running pretty stable until I started getting the BSOD again about a month ago. Ran a checkdisk and memory test, both came back with no errors. Can't quite peg it down. Need help.
p.s. The last two BSOD came when I tried to run the MSINFO 32 on the SF Diagnostic Tool
 

Attachments

  • SPD.PNG
    SPD.PNG
    174.6 KB · Views: 453
  • memory.PNG
    memory.PNG
    139.1 KB · Views: 405
  • minidumps.zip
    370.3 KB · Views: 238
Your blue screen errors:


NTFS_FILE_SYSTEM (24)
Caused by McAfee

BugCheck 50, {fffffa9001850130, 0, fffff80002bbca5e, 5}
Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+16ab )



1. Disable Driver Verifier.




2
. Update old drivers:

Asus ATK0110 ACPI Utility
ASACPI.sys Mon Oct 30 22:09:12 2006
ASUSTeK Computer Inc. -Support- Drivers and Download

Asus PCProbe
AsIO.sys Mon Dec 17 04:11:49 2007
ASUSTeK Computer Inc. -Support- Drivers and Download

NVIDIA nForce
nvm62x64.sys Fri Oct 17 17:01:06 2008
ASUSTeK Computer Inc. -Support- Drivers and Download
Drivers - Download NVIDIA Drivers

Research in Motion Ltd
RimSerial_AMD64.sys Mon Nov 24 12:01:01 2008
Link Removed - Invalid URL



3. If blue screens re-occur, uninstall McAfee and replace it with MSE:

How to uninstall or reinstall supported McAfee consumer products using the McAfee Consumer Products Removal tool (MCPR.exe)

Link Removed due to 404 Error









CRASH DUMPS

Code:
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [F:\DMP\040311-24710-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0xfffff800`02a1f000 PsLoadedModuleList = 0xfffff800`02c5ce50
Debug session time: Sun Apr  3 23:23:58.124 2011 (UTC - 4:00)
System Uptime: 0 days 0:04:17.763
Loading Kernel Symbols
...............................................................
................................................................
.......................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 24, {1904fb, fffff880070553d8, fffff88007054c40, fffff8800130f5fa}

Unable to load image \SystemRoot\system32\drivers\mfehidk.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for mfehidk.sys
*** ERROR: Module load completed but symbols could not be loaded for mfehidk.sys
Probably caused by : Ntfs.sys ( Ntfs!NtfsLookupInFileRecord+18a )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

NTFS_FILE_SYSTEM (24)
    If you see NtfsExceptionFilter on the stack then the 2nd and 3rd
    parameters are the exception record and context record. Do a .cxr
    on the 3rd parameter and then kb to obtain a more informative stack
    trace.
Arguments:
Arg1: 00000000001904fb
Arg2: fffff880070553d8
Arg3: fffff88007054c40
Arg4: fffff8800130f5fa

Debugging Details:
------------------


EXCEPTION_RECORD:  fffff880070553d8 -- (.exr 0xfffff880070553d8)
ExceptionAddress: fffff8800130f5fa (Ntfs!NtfsLookupInFileRecord+0x000000000000018a)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: 000000000000012c
Attempt to read from address 000000000000012c

CONTEXT:  fffff88007054c40 -- (.cxr 0xfffff88007054c40)
rax=0000000000000000 rbx=0000000000000000 rcx=fffff88006c16340
rdx=fffff980020bc800 rsi=fffff88007055770 rdi=0000000006c16100
rip=fffff8800130f5fa rsp=fffff88007055610 rbp=0000000000000000
 r8=fffff980020bc898  r9=0000000000000000 r10=fffff880012b8580
r11=fffff8800705599c r12=fffff880036fdb40 r13=fffffa8003697180
r14=fffff88006c16340 r15=0000000000000000
iopl=0         nv up ei pl nz na pe nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010202
Ntfs!NtfsLookupInFileRecord+0x18a:
fffff880`0130f5fa 8b882c010000    mov     ecx,dword ptr [rax+12Ch] ds:002b:00000000`0000012c=????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  NULL_CLASS_PTR_DEREFERENCE

PROCESS_NAME:  McSvHost.exe

CURRENT_IRQL:  0

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1:  0000000000000000

EXCEPTION_PARAMETER2:  000000000000012c

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002cc70e0
 000000000000012c 

FOLLOWUP_IP: 
Ntfs!NtfsLookupInFileRecord+18a
fffff880`0130f5fa 8b882c010000    mov     ecx,dword ptr [rax+12Ch]

FAULTING_IP: 
Ntfs!NtfsLookupInFileRecord+18a
fffff880`0130f5fa 8b882c010000    mov     ecx,dword ptr [rax+12Ch]

BUGCHECK_STR:  0x24

LAST_CONTROL_TRANSFER:  from fffff880012e60ff to fffff8800130f5fa

STACK_TEXT:  
fffff880`07055610 fffff880`012e60ff : 00000000`00000000 00000000`00000000 00000000`00000002 00000000`0000ba01 : Ntfs!NtfsLookupInFileRecord+0x18a
fffff880`070556a0 fffff880`012ffc0a : fffff880`06c16340 fffff8a0`036fdb40 fffff8a0`01d6bbc0 fffff880`0705599c : Ntfs!NtfsDeleteFile+0x233
fffff880`07055920 fffff880`0126daa9 : fffffa80`02e1a990 fffffa80`02492c10 fffff880`06c162a0 fffffa80`034c0060 : Ntfs!NtfsCommonCleanup+0x15da
fffff880`07055d30 fffff800`02a875c7 : fffff880`06c162a0 a05d46fb`fe2025eb 9cea2915`9ae8537d 2b80b26d`d5ada915 : Ntfs!NtfsCommonCleanupCallout+0x19
fffff880`07055d60 fffff800`02a87581 : 00000000`00000000 fffffa80`034c0060 fffff880`07056000 fffff800`02a9f01a : nt!KxSwitchKernelStackCallout+0x27
fffff880`06c16170 fffff800`02a9f01a : fffff880`06c17000 fffffa80`034c0060 fffffa80`036a5ae0 00000000`00000000 : nt!KiSwitchKernelStackContinue
fffff880`06c16190 fffff880`0126d662 : fffff880`0126da90 fffff880`06c162a0 00000000`00000000 00000000`00000000 : nt!KeExpandKernelStackAndCalloutEx+0x29a
fffff880`06c16270 fffff880`0130f244 : fffff880`06c16340 fffff880`06c16340 fffff880`06c16340 fffff8a0`036fdc70 : Ntfs!NtfsCommonCleanupOnNewStack+0x42
fffff880`06c162e0 fffff800`02f36c16 : fffff880`06c16340 fffffa80`02c53bd0 fffffa80`02c53bd0 fffffa80`03697030 : Ntfs!NtfsFsdCleanup+0x144
fffff880`06c16550 fffff880`010ca23f : fffffa80`02c53f70 fffff880`06c16600 fffffa80`02578c30 fffffa80`04bb2740 : nt!IovCallDriver+0x566
fffff880`06c165b0 fffff880`010c86df : fffffa80`036a5ae0 fffffa80`036a5ae0 fffffa80`025f7200 fffffa80`02c53bd0 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff880`06c16640 fffff800`02f36c16 : fffffa80`02c53bd0 00000000`00000002 fffffa80`05510140 fffff880`039dea57 : fltmgr!FltpDispatch+0xcf
fffff880`06c166a0 fffff880`0116e8f4 : fffffa80`02c53bd0 fffff880`06c16870 00000000`00000000 fffffa80`0552af40 : nt!IovCallDriver+0x566
fffff880`06c16700 fffffa80`02c53bd0 : fffff880`06c16870 00000000`00000000 fffffa80`0552af40 fffffa80`04e3e970 : mfehidk+0x478f4
fffff880`06c16708 fffff880`06c16870 : 00000000`00000000 fffffa80`0552af40 fffffa80`04e3e970 fffff880`039cbae3 : 0xfffffa80`02c53bd0
fffff880`06c16710 00000000`00000000 : fffffa80`0552af40 fffffa80`04e3e970 fffff880`039cbae3 00000000`03060000 : 0xfffff880`06c16870


SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  Ntfs!NtfsLookupInFileRecord+18a

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: Ntfs

IMAGE_NAME:  Ntfs.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc14f

STACK_COMMAND:  .cxr 0xfffff88007054c40 ; kb

FAILURE_BUCKET_ID:  X64_0x24_VRF_Ntfs!NtfsLookupInFileRecord+18a

BUCKET_ID:  X64_0x24_VRF_Ntfs!NtfsLookupInFileRecord+18a

Followup: MachineOwner
---------



Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [F:\DMP\040311-21793-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0xfffff800`02a19000 PsLoadedModuleList = 0xfffff800`02c56e50
Debug session time: Sun Apr  3 23:35:13.827 2011 (UTC - 4:00)
System Uptime: 0 days 0:09:44.465
Loading Kernel Symbols
...............................................................
................................................................
......................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 50, {fffffa9001850130, 0, fffff80002bbca5e, 5}


Could not read faulting driver name
Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+16ab )

Followup: Pool_corruption
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced.  This cannot be protected by try-except,
it must be protected by a Probe.  Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: fffffa9001850130, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffff80002bbca5e, If non-zero, the instruction address which referenced the bad memory
	address.
Arg4: 0000000000000005, (reserved)

Debugging Details:
------------------


Could not read faulting driver name

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002cc10e0
 fffffa9001850130 

FAULTING_IP: 
nt!ExDeferredFreePool+16ab
fffff800`02bbca5e 488b01          mov     rax,qword ptr [rcx]

MM_INTERNAL_CODE:  5

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VERIFIER_ENABLED_VISTA_MINIDUMP

BUGCHECK_STR:  0x50

PROCESS_NAME:  WmiPrvSE.exe

CURRENT_IRQL:  0

TRAP_FRAME:  fffff880072ad700 -- (.trap 0xfffff880072ad700)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000005000000 rbx=0000000000000000 rcx=fffffa9001850130
rdx=fffff88002c5a700 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80002bbca5e rsp=fffff880072ad890 rbp=0000000000000000
 r8=0000000000000001  r9=0000000000000000 r10=fffff80002a19000
r11=00000000000004f0 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz na po nc
nt!ExDeferredFreePool+0x16ab:
fffff800`02bbca5e 488b01          mov     rax,qword ptr [rcx] ds:0003:fffffa90`01850130=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff80002b088c1 to fffff80002a89740

STACK_TEXT:  
fffff880`072ad598 fffff800`02b088c1 : 00000000`00000050 fffffa90`01850130 00000000`00000000 fffff880`072ad700 : nt!KeBugCheckEx
fffff880`072ad5a0 fffff800`02a8782e : 00000000`00000000 fffff880`02c5a6f0 00000000`00000000 fffff800`02ab6668 : nt! ?? ::FNODOBFM::`string'+0x40e8b
fffff880`072ad700 fffff800`02bbca5e : fffff880`02c5a6f0 00000000`00000000 00000000`00000003 00000000`00000001 : nt!KiPageFault+0x16e
fffff880`072ad890 fffff800`02e3b666 : fffff8a0`00082cf0 fffffa80`034a2000 fffff880`69634d43 00000000`000004ef : nt!ExDeferredFreePool+0x16ab
fffff880`072ad940 fffff800`02dd2c87 : fffff8a0`00000019 fffff880`072ada80 fffffa80`0342c800 00000000`00000019 : nt!CmpCallCallBacks+0x4f6
fffff880`072ada10 fffff800`02a8e8b4 : 00000000`00000000 fffffa80`034a2060 fffffa80`018fd080 fffff8a0`0256eeb0 : nt! ?? ::NNGAKEGL::`string'+0x354d8
fffff880`072adae0 fffff800`02d9d354 : fffffa80`034a2060 00000000`00000000 fffffa80`0342c830 00000000`00000000 : nt!ObfDereferenceObject+0xd4
fffff880`072adb40 fffff800`02d9d254 : 00000000`00000588 fffffa80`034a2060 fffff8a0`02074340 00000000`00000588 : nt!ObpCloseHandleTableEntry+0xc4
fffff880`072adbd0 fffff800`02a88993 : fffffa80`0342c830 fffff880`072adca0 00000000`003d7fa0 00000000`003d7fa0 : nt!ObpCloseHandle+0x94
fffff880`072adc20 00000000`76f2f7aa : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0152c6b8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x76f2f7aa


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!ExDeferredFreePool+16ab
fffff800`02bbca5e 488b01          mov     rax,qword ptr [rcx]

SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  nt!ExDeferredFreePool+16ab

FOLLOWUP_NAME:  Pool_corruption

IMAGE_NAME:  Pool_Corruption

DEBUG_FLR_IMAGE_TIMESTAMP:  0

MODULE_NAME: Pool_Corruption

FAILURE_BUCKET_ID:  X64_0x50_VRF_nt!ExDeferredFreePool+16ab

BUCKET_ID:  X64_0x50_VRF_nt!ExDeferredFreePool+16ab

Followup: Pool_corruption
---------



Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [F:\DMP\040311-26192-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0xfffff800`02a1b000 PsLoadedModuleList = 0xfffff800`02c58e50
Debug session time: Sun Apr  3 23:17:07.161 2011 (UTC - 4:00)
System Uptime: 3 days 14:33:56.800
Loading Kernel Symbols
...............................................................
................................................................
..........................
Loading User Symbols
Loading unloaded module list
..........
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 24, {1904fb, fffff88002da47e8, fffff88002da4050, fffff80002a51054}

Probably caused by : Ntfs.sys ( Ntfs!NtfsCommonWrite+1835 )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

NTFS_FILE_SYSTEM (24)
    If you see NtfsExceptionFilter on the stack then the 2nd and 3rd
    parameters are the exception record and context record. Do a .cxr
    on the 3rd parameter and then kb to obtain a more informative stack
    trace.
Arguments:
Arg1: 00000000001904fb
Arg2: fffff88002da47e8
Arg3: fffff88002da4050
Arg4: fffff80002a51054

Debugging Details:
------------------


EXCEPTION_RECORD:  fffff88002da47e8 -- (.exr 0xfffff88002da47e8)
ExceptionAddress: fffff80002a51054 (nt!ExReleaseFastMutex+0x0000000000000004)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: ffffffffffffffff
Attempt to read from address ffffffffffffffff

CONTEXT:  fffff88002da4050 -- (.cxr 0xfffff88002da4050)
rax=0020002000200020 rbx=0000000000000000 rcx=0010001000480020
rdx=0020002000200020 rsi=fffff8a001735c30 rdi=fffff88001735bc0
rip=fffff80002a51054 rsp=fffff88002da4a20 rbp=fffff88002da4e00
 r8=0000000000000000  r9=0000000000000005 r10=0000000000000000
r11=fffff88002da4c08 r12=fffff88002da4c40 r13=0000000000000044
r14=0000000000000000 r15=0000000000000012
iopl=0         nv up ei ng nz na pe nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010282
nt!ExReleaseFastMutex+0x4:
fffff800`02a51054 0fb65130        movzx   edx,byte ptr [rcx+30h] ds:002b:00100010`00480050=??
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VERIFIER_ENABLED_VISTA_MINIDUMP

PROCESS_NAME:  System

CURRENT_IRQL:  1

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1:  0000000000000000

EXCEPTION_PARAMETER2:  ffffffffffffffff

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002cc30e0
 ffffffffffffffff 

FOLLOWUP_IP: 
Ntfs!NtfsCommonWrite+1835
fffff880`012699cd f6470420        test    byte ptr [rdi+4],20h

FAULTING_IP: 
nt!ExReleaseFastMutex+4
fffff800`02a51054 0fb65130        movzx   edx,byte ptr [rcx+30h]

BUGCHECK_STR:  0x24

LAST_CONTROL_TRANSFER:  from fffff880012699cd to fffff80002a51054

STACK_TEXT:  
fffff880`02da4a20 fffff880`012699cd : 00000000`00000000 fffff880`02da6000 00000000`02da4a00 fffffa80`034e1440 : nt!ExReleaseFastMutex+0x4
fffff880`02da4a50 fffff880`0126d413 : fffff880`02da4c40 fffffa80`049ff9d0 fffff880`02da4e00 fffff880`02da5c00 : Ntfs!NtfsCommonWrite+0x1835
fffff880`02da4c10 fffff800`02f32c16 : fffffa80`049ff9d0 fffffa80`049ff9d0 fffffa80`036ad030 fffffa80`02e3c5f0 : Ntfs!NtfsFsdWrite+0x1c3
fffff880`02da4e90 fffff880`0106a23f : fffffa80`049ffdb8 fffff880`02da4f40 fffffa80`0349c970 fffffa80`02e3c5f0 : nt!IovCallDriver+0x566
fffff880`02da4ef0 fffff880`010686df : fffffa80`02f5d9d0 fffffa80`02f5d9d0 fffffa80`02f5d900 fffffa80`049ff9d0 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff880`02da4f80 fffff800`02f32c16 : fffffa80`049ff9d0 00000000`00000002 fffff880`00000000 00000000`10000000 : fltmgr!FltpDispatch+0xcf
fffff880`02da4fe0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!IovCallDriver+0x566


SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  Ntfs!NtfsCommonWrite+1835

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: Ntfs

IMAGE_NAME:  Ntfs.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc14f

STACK_COMMAND:  .cxr 0xfffff88002da4050 ; kb

FAILURE_BUCKET_ID:  X64_0x24_VRF_Ntfs!NtfsCommonWrite+1835

BUCKET_ID:  X64_0x24_VRF_Ntfs!NtfsCommonWrite+1835

Followup: MachineOwner
---------



Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [F:\DMP\040311-23181-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0xfffff800`02a0d000 PsLoadedModuleList = 0xfffff800`02c4ae50
Debug session time: Sun Apr  3 23:44:26.415 2011 (UTC - 4:00)
System Uptime: 0 days 0:07:20.054
Loading Kernel Symbols
...............................................................
................................................................
.......................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 50, {fffffa9001850130, 0, fffff80002bb0a5e, 5}


Could not read faulting driver name
Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+16ab )

Followup: Pool_corruption
---------





DRIVERS

Code:
start             end                 module name
fffff880`04088000 fffff880`040c6000   1394ohci 1394ohci.sys Mon Jul 13 20:07:12 2009 (4A5BCC30)
fffff880`00ee5000 fffff880`00f3c000   ACPI     ACPI.sys     Mon Jul 13 19:19:34 2009 (4A5BC106)
fffff880`03975000 fffff880`039ff000   afd      afd.sys      Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`03c00000 fffff880`03c16000   AgileVpn AgileVpn.sys Mon Jul 13 20:10:24 2009 (4A5BCCF0)
fffff880`03b81000 fffff880`03b98000   amdk8    amdk8.sys    Mon Jul 13 19:19:25 2009 (4A5BC0FD)
fffff880`00ff3000 fffff880`00ffe000   amdxata  amdxata.sys  Tue May 19 13:56:59 2009 (4A12F2EB)
fffff880`03dc4000 fffff880`03dcc000   ASACPI   ASACPI.sys   Mon Oct 30 22:09:12 2006 (4546B048)
fffff880`03b54000 fffff880`03b5b000   AsIO     AsIO.sys     Mon Dec 17 04:11:49 2007 (47663D55)
fffff880`00fea000 fffff880`00ff3000   atapi    atapi.sys    Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00e00000 fffff880`00e2a000   ataport  ataport.SYS  Mon Jul 13 19:19:52 2009 (4A5BC118)
fffff960`00970000 fffff960`009d1000   ATMFD    ATMFD.DLL    Fri Jan 07 00:49:20 2011 (4D26A960)
fffff880`017e0000 fffff880`017e7000   Beep     Beep.SYS     Mon Jul 13 20:00:13 2009 (4A5BCA8D)
fffff880`03b43000 fffff880`03b54000   blbdrive blbdrive.sys Mon Jul 13 19:35:59 2009 (4A5BC4DF)
fffff880`04501000 fffff880`0451f000   bowser   bowser.sys   Mon Jul 13 19:23:50 2009 (4A5BC206)
fffff960`007a0000 fffff960`007c7000   cdd      cdd.dll      unavailable (00000000)
fffff880`017ad000 fffff880`017d7000   cdrom    cdrom.sys    Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`00c00000 fffff880`00cc0000   CI       CI.dll       Mon Jul 13 21:32:13 2009 (4A5BE01D)
fffff880`01747000 fffff880`01777000   CLASSPNP CLASSPNP.SYS Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`00d17000 fffff880`00d75000   CLFS     CLFS.SYS     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`0105e000 fffff880`010d1000   cng      cng.sys      Mon Jul 13 19:49:40 2009 (4A5BC814)
fffff880`03dcc000 fffff880`03ddc000   CompositeBus CompositeBus.sys Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`046d4000 fffff880`046e2000   crashdmp crashdmp.sys Mon Jul 13 20:01:01 2009 (4A5BCABD)
fffff880`03aa2000 fffff880`03b25000   csc      csc.sys      Mon Jul 13 19:24:26 2009 (4A5BC22A)
fffff880`03b25000 fffff880`03b43000   dfsc     dfsc.sys     Mon Jul 13 19:23:44 2009 (4A5BC200)
fffff880`03a93000 fffff880`03aa2000   discache discache.sys Mon Jul 13 19:37:18 2009 (4A5BC52E)
fffff880`01731000 fffff880`01747000   disk     disk.sys     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`046ee000 fffff880`046f7000   dump_atapi dump_atapi.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`046e2000 fffff880`046ee000   dump_dumpata dump_dumpata.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`046f7000 fffff880`0470a000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
fffff880`0470a000 fffff880`04716000   Dxapi    Dxapi.sys    Mon Jul 13 19:38:28 2009 (4A5BC574)
fffff880`03c8a000 fffff880`03d7e000   dxgkrnl  dxgkrnl.sys  Tue Jan 25 23:22:56 2011 (4D3FA1A0)
fffff880`03d7e000 fffff880`03dc4000   dxgmms1  dxgmms1.sys  Tue Jan 25 23:22:12 2011 (4D3FA174)
fffff880`0114a000 fffff880`0115e000   fileinfo fileinfo.sys Mon Jul 13 19:34:25 2009 (4A5BC481)
fffff880`010fe000 fffff880`0114a000   fltmgr   fltmgr.sys   Mon Jul 13 19:19:59 2009 (4A5BC11F)
fffff880`013ce000 fffff880`013d8000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 19:19:45 2009 (4A5BC111)
fffff880`016f7000 fffff880`01731000   fvevol   fvevol.sys   Fri Sep 25 22:34:26 2009 (4ABD7DB2)
fffff880`03877000 fffff880`038c1000   fwpkclnt fwpkclnt.sys Mon Jul 13 19:21:08 2009 (4A5BC164)
fffff800`02fea000 fffff800`03033000   hal      hal.dll      Mon Jul 13 21:27:36 2009 (4A5BDF08)
fffff880`04194000 fffff880`041ad000   HIDCLASS HIDCLASS.SYS Mon Jul 13 20:06:21 2009 (4A5BCBFD)
fffff880`03df5000 fffff880`03dfd080   HIDPARSE HIDPARSE.SYS Mon Jul 13 20:06:17 2009 (4A5BCBF9)
fffff880`0fbdf000 fffff880`0fbed000   hidusb   hidusb.sys   Mon Jul 13 20:06:22 2009 (4A5BCBFE)
fffff880`04439000 fffff880`04501000   HTTP     HTTP.sys     Mon Jul 13 19:22:16 2009 (4A5BC1A8)
fffff880`016ee000 fffff880`016f7000   hwpolicy hwpolicy.sys Mon Jul 13 19:19:22 2009 (4A5BC0FA)
fffff880`0fb6c000 fffff880`0fb7b000   kbdclass kbdclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`0fbed000 fffff880`0fbfb000   kbdhid   kbdhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff800`00bc0000 fffff800`00bca000   kdcom    kdcom.dll    Mon Jul 13 21:31:07 2009 (4A5BDFDB)
fffff880`0fb8a000 fffff880`0fbcd000   ks       ks.sys       Wed Mar 03 23:32:25 2010 (4B8F37D9)
fffff880`013a3000 fffff880`013bd000   ksecdd   ksecdd.sys   Mon Jul 13 19:20:54 2009 (4A5BC156)
fffff880`01460000 fffff880`0148b000   ksecpkg  ksecpkg.sys  Fri Dec 11 01:03:32 2009 (4B21E0B4)
fffff880`041e5000 fffff880`041ea200   ksthunk  ksthunk.sys  Mon Jul 13 20:00:19 2009 (4A5BCA93)
fffff880`04768000 fffff880`0477d000   lltdio   lltdio.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`04724000 fffff880`04747000   luafv    luafv.sys    Mon Jul 13 19:26:13 2009 (4A5BC295)
fffff880`00cf6000 fffff880`00d03000   mcupdate_AuthenticAMD mcupdate_AuthenticAMD.dll Mon Jul 13 21:29:09 2009 (4A5BDF65)
fffff880`060ab000 fffff880`060c6c80   mfeapfk  mfeapfk.sys  Wed Oct 06 15:56:26 2010 (4CACD46A)
fffff880`0ee6f000 fffff880`0ee9b800   mfeavfk  mfeavfk.sys  Wed Oct 06 15:56:49 2010 (4CACD481)
fffff880`0412a000 fffff880`04193780   mfefirek mfefirek.sys Wed Oct 06 15:59:47 2010 (4CACD533)
fffff880`0115e000 fffff880`011dcc80   mfehidk  mfehidk.sys  Wed Oct 06 15:55:49 2010 (4CACD445)
fffff880`0382f000 fffff880`0383f900   mfenlfk  mfenlfk.sys  Wed Oct 06 15:56:13 2010 (4CACD45D)
fffff880`038c1000 fffff880`03904200   mfewfpk  mfewfpk.sys  Wed Oct 06 15:56:04 2010 (4CACD454)
fffff880`03de4000 fffff880`03df3000   modem    modem.sys    Mon Jul 13 20:10:48 2009 (4A5BCD08)
fffff880`04716000 fffff880`04724000   monitor  monitor.sys  Mon Jul 13 19:38:52 2009 (4A5BC58C)
fffff880`0fb7b000 fffff880`0fb8a000   mouclass mouclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`041ad000 fffff880`041ba000   mouhid   mouhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff880`00fd0000 fffff880`00fea000   mountmgr mountmgr.sys Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`0451f000 fffff880`04537000   mpsdrv   mpsdrv.sys   Mon Jul 13 20:08:25 2009 (4A5BCC79)
fffff880`04537000 fffff880`04564000   mrxsmb   mrxsmb.sys   Sat Feb 27 02:52:19 2010 (4B88CF33)
fffff880`04564000 fffff880`045b2000   mrxsmb10 mrxsmb10.sys Sat Feb 27 02:52:28 2010 (4B88CF3C)
fffff880`045b2000 fffff880`045d5000   mrxsmb20 mrxsmb20.sys Sat Feb 27 02:52:26 2010 (4B88CF3A)
fffff880`0149b000 fffff880`014a6000   Msfs     Msfs.SYS     Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00f45000 fffff880`00f4f000   msisadrv msisadrv.sys Mon Jul 13 19:19:26 2009 (4A5BC0FE)
fffff880`01000000 fffff880`0105e000   msrpc    msrpc.sys    Mon Jul 13 19:21:32 2009 (4A5BC17C)
fffff880`03a88000 fffff880`03a93000   mssmbios mssmbios.sys Mon Jul 13 19:31:10 2009 (4A5BC3BE)
fffff880`016dc000 fffff880`016ee000   mup      mup.sys      Mon Jul 13 19:23:45 2009 (4A5BC201)
fffff880`014d6000 fffff880`015c8000   ndis     ndis.sys     Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`03c3a000 fffff880`03c46000   ndistapi ndistapi.sys Mon Jul 13 20:10:00 2009 (4A5BCCD8)
fffff880`03c46000 fffff880`03c75000   ndiswan  ndiswan.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`0ee5a000 fffff880`0ee6f000   NDProxy  NDProxy.SYS  Mon Jul 13 20:10:05 2009 (4A5BCCDD)
fffff880`03840000 fffff880`0384f000   netbios  netbios.sys  Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff880`03930000 fffff880`03975000   netbt    netbt.sys    Mon Jul 13 19:21:28 2009 (4A5BC178)
fffff880`01400000 fffff880`01460000   NETIO    NETIO.SYS    Mon Jul 13 19:21:46 2009 (4A5BC18A)
fffff880`014a6000 fffff880`014b7000   Npfs     Npfs.SYS     Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`03a7c000 fffff880`03a88000   nsiproxy nsiproxy.sys Mon Jul 13 19:21:02 2009 (4A5BC15E)
fffff800`02a0d000 fffff800`02fea000   nt       ntkrnlmp.exe Tue Oct 26 22:43:09 2010 (4CC791BD)
fffff880`01200000 fffff880`013a3000   Ntfs     Ntfs.sys     Mon Jul 13 19:20:47 2009 (4A5BC14F)
fffff880`017d7000 fffff880`017e0000   Null     Null.SYS     Mon Jul 13 19:19:37 2009 (4A5BC109)
fffff880`0fb14000 fffff880`0fb15180   nvBridge nvBridge.kmd Fri Jan 07 20:57:22 2011 (4D27C482)
fffff880`0eeb9000 fffff880`0fb13d00   nvlddmkm nvlddmkm.sys Fri Jan 07 21:07:22 2011 (4D27C6DA)
fffff880`040c6000 fffff880`04129d80   nvm62x64 nvm62x64.sys Fri Oct 17 17:01:06 2008 (48F8FD12)
fffff880`03809000 fffff880`0382f000   pacer    pacer.sys    Mon Jul 13 20:09:41 2009 (4A5BCCC5)
fffff880`03bc1000 fffff880`03bde000   parport  parport.sys  Mon Jul 13 20:00:40 2009 (4A5BCAA8)
fffff880`00f8f000 fffff880`00fa4000   partmgr  partmgr.sys  Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`00f4f000 fffff880`00f82000   pci      pci.sys      Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`00fb9000 fffff880`00fc0000   pciide   pciide.sys   Mon Jul 13 19:19:49 2009 (4A5BC115)
fffff880`00fc0000 fffff880`00fd0000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`013bd000 fffff880`013ce000   pcw      pcw.sys      Mon Jul 13 19:19:27 2009 (4A5BC0FF)
fffff880`0365f000 fffff880`03705000   peauth   peauth.sys   Mon Jul 13 21:01:19 2009 (4A5BD8DF)
fffff880`041ba000 fffff880`041ca000   point64  point64.sys  Tue Jun 29 04:54:31 2010 (4C29B4C7)
fffff880`00d03000 fffff880`00d17000   PSHED    PSHED.dll    Mon Jul 13 21:32:23 2009 (4A5BE027)
fffff880`03c16000 fffff880`03c3a000   rasl2tp  rasl2tp.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`0fb16000 fffff880`0fb31000   raspppoe raspppoe.sys Mon Jul 13 20:10:17 2009 (4A5BCCE9)
fffff880`0fb31000 fffff880`0fb52000   raspptp  raspptp.sys  Mon Jul 13 20:10:18 2009 (4A5BCCEA)
fffff880`0fb52000 fffff880`0fb6c000   rassstp  rassstp.sys  Mon Jul 13 20:10:25 2009 (4A5BCCF1)
fffff880`03a2b000 fffff880`03a7c000   rdbss    rdbss.sys    Mon Jul 13 19:24:09 2009 (4A5BC219)
fffff880`03c7d000 fffff880`03c88000   rdpbus   rdpbus.sys   Mon Jul 13 20:17:46 2009 (4A5BCEAA)
fffff880`01635000 fffff880`0163e000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`0163e000 fffff880`01647000   rdpencdd rdpencdd.sys Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`017f5000 fffff880`017fe000   rdprefmp rdprefmp.sys Mon Jul 13 20:16:35 2009 (4A5BCE63)
fffff880`016a2000 fffff880`016dc000   rdyboost rdyboost.sys Mon Jul 13 19:34:34 2009 (4A5BC48A)
fffff880`03c75000 fffff880`03c7cc00   RimSerial_AMD64 RimSerial_AMD64.sys Mon Nov 24 12:01:01 2008 (492ADDCD)
fffff880`03ddc000 fffff880`03de4000   RootMdm  RootMdm.sys  Mon Jul 13 20:10:47 2009 (4A5BCD07)
fffff880`0477d000 fffff880`04795000   rspndr   rspndr.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`03705000 fffff880`03710000   secdrv   secdrv.SYS   Wed Sep 13 09:18:38 2006 (4508052E)
fffff880`03bb5000 fffff880`03bc1000   serenum  serenum.sys  Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`03b98000 fffff880`03bb5000   serial   serial.sys   Mon Jul 13 20:00:40 2009 (4A5BCAA8)
fffff880`0169a000 fffff880`016a2000   spldr    spldr.sys    Mon May 11 12:56:27 2009 (4A0858BB)
fffff880`060c7000 fffff880`06138000   spsys    spsys.sys    Mon May 11 13:20:58 2009 (4A085E7A)
fffff880`06015000 fffff880`060ab000   srv      srv.sys      Thu Aug 26 23:38:00 2010 (4C773318)
fffff880`0374f000 fffff880`037b6000   srv2     srv2.sys     Thu Aug 26 23:37:46 2010 (4C77330A)
fffff880`03710000 fffff880`0373d000   srvnet   srvnet.sys   Thu Aug 26 23:37:24 2010 (4C7732F4)
fffff880`03c88000 fffff880`03c89480   swenum   swenum.sys   Mon Jul 13 20:00:18 2009 (4A5BCA92)
fffff880`02a03000 fffff880`02c00000   tcpip    tcpip.sys    Sun Jun 13 23:39:04 2010 (4C15A458)
fffff880`0373d000 fffff880`0374f000   tcpipreg tcpipreg.sys Mon Jul 13 20:09:49 2009 (4A5BCCCD)
fffff880`03905000 fffff880`03912000   TDI      TDI.SYS      Mon Jul 13 19:21:18 2009 (4A5BC16E)
fffff880`03912000 fffff880`03930000   tdx      tdx.sys      Mon Jul 13 19:21:15 2009 (4A5BC16B)
fffff880`014b7000 fffff880`014cb000   termdd   termdd.sys   Mon Jul 13 20:16:36 2009 (4A5BCE64)
fffff960`005a0000 fffff960`005aa000   TSDDD    TSDDD.dll    Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`03b5b000 fffff880`03b81000   tunnel   tunnel.sys   Mon Jul 13 20:09:37 2009 (4A5BCCC1)
fffff880`04680000 fffff880`046d4000   udfs     udfs.sys     Mon Jul 13 19:23:37 2009 (4A5BC1F9)
fffff880`0fbcd000 fffff880`0fbdf000   umbus    umbus.sys    Mon Jul 13 20:06:56 2009 (4A5BCC20)
fffff880`041ca000 fffff880`041e4c00   usbaudio usbaudio.sys Mon Jul 13 20:06:31 2009 (4A5BCC07)
fffff880`0ee9c000 fffff880`0eeb9000   usbccgp  usbccgp.sys  Mon Jul 13 20:06:45 2009 (4A5BCC15)
fffff880`03df3000 fffff880`03df4f00   USBD     USBD.SYS     Mon Jul 13 20:06:23 2009 (4A5BCBFF)
fffff880`04077000 fffff880`04088000   usbehci  usbehci.sys  Sat Oct 24 00:27:33 2009 (4AE28235)
fffff880`0ee00000 fffff880`0ee5a000   usbhub   usbhub.sys   Sat Oct 24 00:28:24 2009 (4AE28268)
fffff880`03bde000 fffff880`03be9000   usbohci  usbohci.sys  Mon Jul 13 20:06:30 2009 (4A5BCC06)
fffff880`04021000 fffff880`04077000   USBPORT  USBPORT.SYS  Mon Jul 13 20:06:31 2009 (4A5BCC07)
fffff880`00f82000 fffff880`00f8f000   vdrvroot vdrvroot.sys Mon Jul 13 20:01:31 2009 (4A5BCADB)
fffff880`017e7000 fffff880`017f5000   vga      vga.sys      Mon Jul 13 19:38:47 2009 (4A5BC587)
fffff880`01600000 fffff880`01625000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:38:51 2009 (4A5BC58B)
fffff880`0148b000 fffff880`0149b000   vmstorfl vmstorfl.sys Mon Jul 13 19:42:54 2009 (4A5BC67E)
fffff880`00fa4000 fffff880`00fb9000   volmgr   volmgr.sys   Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`00d75000 fffff880`00dd1000   volmgrx  volmgrx.sys  Mon Jul 13 19:20:33 2009 (4A5BC141)
fffff880`0164e000 fffff880`0169a000   volsnap  volsnap.sys  Mon Jul 13 19:20:08 2009 (4A5BC128)
fffff880`0384f000 fffff880`0386a000   wanarp   wanarp.sys   Mon Jul 13 20:10:21 2009 (4A5BCCED)
fffff880`01625000 fffff880`01635000   watchdog watchdog.sys Mon Jul 13 19:37:35 2009 (4A5BC53F)
fffff880`00e32000 fffff880`00ed6000   Wdf01000 Wdf01000.sys Mon Jul 13 19:22:07 2009 (4A5BC19F)
fffff880`00ed6000 fffff880`00ee5000   WDFLDR   WDFLDR.SYS   Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`03800000 fffff880`03809000   wfplwf   wfplwf.sys   Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff960`00070000 fffff960`00380000   win32k   win32k.sys   Tue Jan 04 22:59:44 2011 (4D23ECB0)
fffff880`00f3c000 fffff880`00f45000   WMILIB   WMILIB.SYS   Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`04747000 fffff880`04768000   WudfPf   WudfPf.sys   Mon Jul 13 20:05:37 2009 (4A5BCBD1)

Unloaded modules:
fffff880`037b6000 fffff880`037e3000   mfeavfk01.sy
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0002D000
fffff880`01777000 fffff880`01785000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`01785000 fffff880`01791000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000C000
fffff880`01791000 fffff880`0179a000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00009000
fffff880`0179a000 fffff880`017ad000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00013000
 
Back
Top