BSOD Windows 7 64bit

Discussion in 'Windows 7 Blue Screen of Death (BSOD)' started by larryzedragon, Nov 28, 2010.

  1. larryzedragon

    larryzedragon New Member

    Joined:
    Nov 28, 2010
    Messages:
    6
    Likes Received:
    0
    Hello there. I am new to this forum and am in need of assistance.

    I have had several BSOD's in the last few weeks that all seem to be caused by the same thing, which is unknown to me. It always just happens randomly.

    I finally decided to come for some help with the problem.

    I have attached a .rar with the dmp file in it and also a dxdiag text file.

    I have avg and zone alarm pro running.

    I have also recently installed ad aware but that was after the BSODs started occurring.

    Any help would be greatly appreciated.

    And if you require any more information that I have missed out then feel free to ask.

    Cheers :D
     

    Attached Files:

    #1 larryzedragon, Nov 28, 2010
    Last edited: Nov 28, 2010
  2. TorrentG

    TorrentG Banned

    Joined:
    May 31, 2010
    Messages:
    7,814
    Likes Received:
    372
    Hi and welcome.

    Uninstall ZoneAlarm and problems are solved.
     
  3. larryzedragon

    larryzedragon New Member

    Joined:
    Nov 28, 2010
    Messages:
    6
    Likes Received:
    0
    Is that based off any evidence? Or is that just the most likely culprit?

    Sorry for doubting you, but I just want to know the exact reason how and why zone alarm would be causing a BSOD
     
  4. TorrentG

    TorrentG Banned

    Joined:
    May 31, 2010
    Messages:
    7,814
    Likes Received:
    372
    You've had a 0x7f error involving NETIO.sys. I knew it was caused by ZoneAlarm 100%, as I always do, before I even typed the command to see if you had it:

    lmvm vsdatant

    So if you want the bsods to stop, uninstall it.

    You could doubt all you'd like, but that's not going to be very helpful to fixing the issue. ;)
     
  5. larryzedragon

    larryzedragon New Member

    Joined:
    Nov 28, 2010
    Messages:
    6
    Likes Received:
    0
    Haha sorry for the doubt. The reply just seemed to be quick off the bat :tongue:

    Uninstalling zonealarm now.

    Cheers for the help, hopefully I won't be having anymore BSODs in the near future :D
     
  6. TorrentG

    TorrentG Banned

    Joined:
    May 31, 2010
    Messages:
    7,814
    Likes Received:
    372
    No doubt, you're welcome. Yep, was going very quickly as there were a few threads waiting that I've answered. They're answered now so I have some time. The crash you posted:

    Code:
    Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
    Copyright (c) Microsoft Corporation. All rights reserved.
    
    
    Loading Dump File [E:\Temp\Rar$DI01.767\112810-25615-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available
    
    Symbol search path is: SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
    Executable search path is: 
    Windows 7 Kernel Version 7600 MP (4 procs) Free x64
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
    Machine Name:
    Kernel base = 0xfffff800`02e60000 PsLoadedModuleList = 0xfffff800`0309de50
    Debug session time: Sun Nov 28 00:26:39.204 2010 (UTC - 5:00)
    System Uptime: 0 days 5:03:09.592
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    .................................
    Loading User Symbols
    Loading unloaded module list
    .....
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck 7F, {8, 80050031, 6f8, fffff80002e98d28}
    
    Probably caused by : NETIO.SYS ( NETIO!CompareSecurityContexts+6a )
    
    Followup: MachineOwner
    ---------
    
    2: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    UNEXPECTED_KERNEL_MODE_TRAP (7f)
    This means a trap occurred in kernel mode, and it's a trap of a kind
    that the kernel isn't allowed to have/catch (bound trap) or that
    is always instant death (double fault).  The first number in the
    bugcheck params is the number of the trap (8 = double fault, etc)
    Consult an Intel x86 family manual to learn more about what these
    traps are. Here is a *portion* of those codes:
    If kv shows a taskGate
            use .tss on the part before the colon, then kv.
    Else if kv shows a trapframe
            use .trap on that value
    Else
            .trap on the appropriate frame will show where the trap was taken
            (on x86, this will be the ebp that goes with the procedure KiTrap)
    Endif
    kb will then show the corrected stack.
    Arguments:
    Arg1: 0000000000000008, EXCEPTION_DOUBLE_FAULT
    Arg2: 0000000080050031
    Arg3: 00000000000006f8
    Arg4: fffff80002e98d28
    
    Debugging Details:
    ------------------
    
    
    BUGCHECK_STR:  0x7f_8
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    
    PROCESS_NAME:  System
    
    CURRENT_IRQL:  2
    
    LAST_CONTROL_TRANSFER:  from fffff80002ecfca9 to fffff80002ed0740
    
    STACK_TEXT:  
    fffff880`02f69ce8 fffff800`02ecfca9 : 00000000`0000007f 00000000`00000008 00000000`80050031 00000000`000006f8 : nt!KeBugCheckEx
    fffff880`02f69cf0 fffff800`02ece172 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
    fffff880`02f69e30 fffff800`02e98d28 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDoubleFaultAbort+0xb2
    fffff880`0a3a8ff0 fffff800`02e98f07 : fffffa80`04cb27c8 00000000`00000001 00000000`00000000 00000000`00000000 : nt!SepTokenFromAccessInformation+0x20
    fffff880`0a3a9020 fffff880`01406c5a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!SeAccessCheckFromState+0x9f
    fffff880`0a3a9710 fffff880`0140494f : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : NETIO!CompareSecurityContexts+0x6a
    fffff880`0a3a9780 fffff880`014069b5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : NETIO!MatchValues+0xef
    fffff880`0a3a97d0 fffff880`01406845 : fffffa80`045da170 fffffa80`0758b3d0 fffff880`0a3a99f8 fffff880`0a3aa130 : NETIO!FilterMatch+0x95
    fffff880`0a3a9820 fffff880`01407ccb : 00000000`00000000 00000000`00000000 fffff880`0a3aa130 fffff880`0a3a99e0 : NETIO!IndexListClassify+0x69
    fffff880`0a3a98a0 fffff880`01640417 : fffff880`0a3a9d78 fffff880`0a3a9d78 fffff880`0a3aaab0 fffffa80`07ca2580 : NETIO!KfdClassify+0xa4e
    fffff880`0a3a9c10 fffff880`0163983e : fffff880`01748690 00000000`00000000 fffffa80`06e9a010 00000000`00000000 : tcpip!WfpAleClassify+0x57
    fffff880`0a3a9c50 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : tcpip!WfpAlepAuthorizeSend+0x94e
    
    
    STACK_COMMAND:  kb
    
    FOLLOWUP_IP: 
    NETIO!CompareSecurityContexts+6a
    fffff880`01406c5a 448b442470      mov     r8d,dword ptr [rsp+70h]
    
    SYMBOL_STACK_INDEX:  5
    
    SYMBOL_NAME:  NETIO!CompareSecurityContexts+6a
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: NETIO
    
    IMAGE_NAME:  NETIO.SYS
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  4bbe946f
    
    FAILURE_BUCKET_ID:  X64_0x7f_8_NETIO!CompareSecurityContexts+6a
    
    BUCKET_ID:  X64_0x7f_8_NETIO!CompareSecurityContexts+6a
    
    Followup: MachineOwner
    ---------
    
    2: kd> lmvm vsdatant
    start             end                 module name
    fffff880`02cd5000 fffff880`02d68000   vsdatant   (deferred)             
        Image path: \SystemRoot\system32\DRIVERS\vsdatant.sys
        Image name: vsdatant.sys
        Timestamp:        Mon May 03 13:44:42 2010 (4BDF0B8A)
        CheckSum:         0007DC77
        ImageSize:        00093000
        Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4
    
    Not related in any way at all, but update that PowerISO...

    http://www.PowerISO.com
     

Share This Page

Loading...