BSOD - SYSTEM_SERVICE_EXCEPTION - caused by ntoskrnl.exe

#1
Hi folks

Had an issue this evening with Win7 64bit randomly spitting a blue screen at me. Some background to the PC, it's nearly three or so years old, has had only one blue screen before this one which was nearly a year ago and didn't reoccur. Using BlueScreenView points the finger of blame squarely on ntoskrnl.exe, hasn't occured again as of writing. Was just using MSN, listening to music and browsing the web when the blue screen popped up.

Haven't noticed anything really untoward with the PC as of late, has been pretty solid since I bought it new from Overclockers.co.uk a while ago. Any help/advice is appreciated, though i'm a total newbie to dealing with these problems, will do my best to understand any information posted!

Minidump attached as requested
 


Attachments

Captain Jack

Extraordinary Member
#2
Hi there,

Dump files aren't very helpful in this case. So we have to start with basics. Run a complete Hardware Diagnostic: Hardware Diagnostic | Captain Debugger

Go into your BIOS and reset the BIOS to default settings. Uninstall your security software it's very important since the dump files are showing signs of it.

Update the following Drivers :

Code:
RtHDMIVX.sys Thu Dec 25 15:00:47 2008


Code:
SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff800033ad55f, Address of the exception record for the exception that caused the bugcheck
Arg3: fffff880088b8770, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".

FAULTING_IP: 
nt!CmpKcbCacheLookup+46f
fffff800`033ad55f 81bf1806000000040000 cmp dword ptr [rdi+618h],400h

CONTEXT:  fffff880088b8770 -- (.cxr 0xfffff880088b8770)
rax=000000003b9aca07 rbx=0000000000000000 rcx=00000000354cb739
rdx=000000000853659f rsi=fffffa80062dcb60 rdi=fff7f8a000023010
rip=fffff800033ad55f rsp=fffff880088b9140 rbp=fffff8a010211a90
 r8=0000000000000000  r9=000000000000fffe r10=0000000000000000
r11=fffff880088b92c0 r12=fffff8a01023fcc0 r13=0000000000000001
r14=fffff8a00008c5d0 r15=fffff8a00008c5d0
iopl=0         nv up ei pl nz ac po nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010216
nt!CmpKcbCacheLookup+0x46f:
fffff800`033ad55f 81bf1806000000040000 cmp dword ptr [rdi+618h],400h ds:002b:fff7f8a0`00023628=????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x3B

PROCESS_NAME:  svchost.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from 0000000000000000 to fffff800033ad55f

STACK_TEXT:  
fffff880`088b9140 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!CmpKcbCacheLookup+0x46f


FOLLOWUP_IP: 
nt!CmpKcbCacheLookup+46f
fffff800`033ad55f 81bf1806000000040000 cmp dword ptr [rdi+618h],400h

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!CmpKcbCacheLookup+46f

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4d9fdd34

STACK_COMMAND:  .cxr 0xfffff880088b8770 ; kb

FAILURE_BUCKET_ID:  X64_0x3B_nt!CmpKcbCacheLookup+46f

BUCKET_ID:  X64_0x3B_nt!CmpKcbCacheLookup+46f

Followup: MachineOwner
---------
 


#3
update this to version 4. version 3 didn't correctly make a desktop folder

awesome tool!
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.