Windows 7 BSOD on every boot

Discussion in 'Windows 7 Blue Screen of Death (BSOD)' started by Weedy23, May 13, 2011.

  1. Weedy23

    Weedy23 New Member

    Joined:
    May 13, 2011
    Messages:
    4
    Likes Received:
    0
    Hi all,

    First post so excuse any mistakes I may make. I am also a complete techno-phobe so will need a dummies guide for any information you may need/anything I can do to fix it! Sorry!

    I'm using a Toshiba Satellite laptop with Windows 7 and have recently been getting BSOD errors every time I boot the laptop up. The errors seem to vary with their codes, but the most recent one was as follows:

    STOP: 0x0000007B (0xF78D2524, 0xC0000034, 0x00000000, 0x00000000)

    I have attempted to install Microsoft Security Essentials twice now, and despite saying that it has been successfully installed when I then choose to scan the laptop another BSOD will appear and restart the laptop. When it's logged back on, MSE has magically disappeared.

    I've tried to boot from the only disc I have (which is an XP Pro disc) and it crashed mid-way through that with the above error. I'm lucky enough to have kept my old laptop, which is how I'm able to get onto the internet as the 'new' one is a bit of a vegetable. I'm starting to lose patience with it now, can anybody help me??

    Thanks in advance :)

    Weedy
     
  2. cybercore

    cybercore New Member

    Joined:
    Jul 7, 2009
    Messages:
    15,823
    Likes Received:
    321
    Can you boot to safe mode and attach the mini-dumps, they are in C:\Windows\Minidump.
     
  3. Weedy23

    Weedy23 New Member

    Joined:
    May 13, 2011
    Messages:
    4
    Likes Received:
    0
    #3 Weedy23, May 13, 2011
    Last edited: May 13, 2011
  4. cybercore

    cybercore New Member

    Joined:
    Jul 7, 2009
    Messages:
    15,823
    Likes Received:
    321
    Faulty hard drive:



    1. Uninstall McAfee (replace with MSE)

    2. Update notebook drivers:

    Toshiba drivers, utilities, services, any toshiba related updates at Toshiba support site
    tos_sps64.sys Wed Jun 24 01:31:09 2009
    TVALZ_O.SYS Mon Jul 13 22:19:26 2009

    COMPAL ELECTRONIC INC. LPCFilter.sys Tue Jun 30 19:57:52 2009

    Touchpad - SynTP.sys Mon Jul 20 20:07:29 2009

    Realtek LAN - Rt64win7.sys Fri May 22 10:52:30 2009

    Realtek Audio - RtHDMIVX.sys Wed May 20 06:04:50 2009

    Realtek RTL81892SE Wireless LAN PCI-E NIC - rtl8192se.sys Wed Aug 26 06:11:12 2009

    ATI - atikmdag.sys Thu Jul 30 00:23:28 2009


    ~~~~~~~~~

    3. Command Prompt >> chkdsk /f

    4. HDD S.M.A.R.T. and bootable diagnostics:

    HDDScan

    HD Diagnostic









    CRASH DUMPS

    Code:
    
    Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
    Copyright (c) Microsoft Corporation. All rights reserved.
    
    
    Loading Dump File [F:\DMP\040310-36863-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available
    
    Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
    Executable search path is: 
    Windows 7 Kernel Version 7600 UP Free x64
    Product: WinNt, suite: TerminalServer SingleUserTS Personal
    Built by: 7600.16385.amd64fre.win7_rtm.090713-1255
    Machine Name:
    Kernel base = 0xfffff800`02e4c000 PsLoadedModuleList = 0xfffff800`03089e50
    Debug session time: Sat Apr  3 08:05:43.442 2010 (UTC - 4:00)
    System Uptime: 0 days 3:06:10.674
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    ...............................
    Loading User Symbols
    Loading unloaded module list
    ......
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck 7A, {fffff6fc40009bb8, ffffffffc0000185, 60b6b860, fffff88001377ef0}
    
    Unable to load image \SystemRoot\system32\drivers\mfehidk.sys, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for mfehidk.sys
    *** ERROR: Module load completed but symbols could not be loaded for mfehidk.sys
    *** WARNING: Unable to verify timestamp for win32k.sys
    *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
    GetPointerFromAddress: unable to read from fffff800030f4220
    Probably caused by : memory_corruption
    
    Followup: memory_corruption
    ---------
    
    kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    KERNEL_DATA_INPAGE_ERROR (7a)
    The requested page of kernel data could not be read in.  Typically caused by
    a bad block in the paging file or disk controller error. Also see
    KERNEL_STACK_INPAGE_ERROR.
    If the error status is 0xC000000E, 0xC000009C, 0xC000009D or 0xC0000185,
    it means the disk subsystem has experienced a failure.
    If the error status is 0xC000009A, then it means the request failed because
    a filesystem failed to make forward progress.
    Arguments:
    Arg1: fffff6fc40009bb8, lock type that was held (value 1,2,3, or PTE address)
    Arg2: ffffffffc0000185, error status (normally i/o status code)
    Arg3: 0000000060b6b860, current process (virtual address for lock type 3, or PTE)
    Arg4: fffff88001377ef0, virtual address that could not be in-paged (or PTE contents if arg1 is a PTE address)
    
    Debugging Details:
    ------------------
    
    
    ERROR_CODE: (NTSTATUS) 0xc0000185 - The I/O device reported an I/O error.
    
    DISK_HARDWARE_ERROR: There was error with disk hardware
    
    BUGCHECK_STR:  0x7a_c0000185
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  CODE_CORRUPTION
    
    PROCESS_NAME:  WerFault.exe
    
    CURRENT_IRQL:  0
    
    TRAP_FRAME:  fffff880084ee430 -- (.trap 0xfffff880084ee430)
    NOTE: The trap frame does not contain all registers.
    Some register values may be zeroed or incorrect.
    rax=000000000000000b rbx=0000000000000000 rcx=fffff880084ee750
    rdx=fffffa8001febc10 rsi=0000000000000000 rdi=0000000000000000
    rip=fffff88001377ef0 rsp=fffff880084ee5c8 rbp=fffff880084ee960
     r8=fffff8a0022e7010  r9=fffff880084ee6c0 r10=0000000000000004
    r11=fffff880084ee5a0 r12=0000000000000000 r13=0000000000000000
    r14=0000000000000000 r15=0000000000000000
    iopl=0         nv up ei ng nz na pe nc
    Ntfs!NtfsQueryLinksInfo:
    fffff880`01377ef0 0000            add     byte ptr [rax],al ds:e750:00000000`0000000b=??
    Resetting default scope
    
    LAST_CONTROL_TRANSFER:  from fffff80002f31438 to fffff80002ebdf00
    
    STACK_TEXT:  
    fffff880`084ee118 fffff800`02f31438 : 00000000`0000007a fffff6fc`40009bb8 ffffffff`c0000185 00000000`60b6b860 : nt!KeBugCheckEx
    fffff880`084ee120 fffff800`02eafd8b : fffffa80`0410e9f0 fffff880`084ee290 fffff800`03049440 fffffa80`032eb2a0 : nt! ?? ::FNODOBFM::`string'+0x34cde
    fffff880`084ee200 fffff800`02ed8da4 : 00000000`00000000 00000000`00000008 ffffffff`ffffffff 00000000`0000fffe : nt!MiIssueHardFault+0x28b
    fffff880`084ee2d0 fffff800`02ebbfee : 00000000`00000008 fffff8a0`022e7330 fffff880`084ee400 fffff880`084ee448 : nt!MmAccessFault+0x11c4
    fffff880`084ee430 fffff880`01377ef0 : fffff880`012d2538 fffff8a0`022e7330 fffff8a0`022e7140 fffff880`084ee750 : nt!KiPageFault+0x16e
    fffff880`084ee5c8 fffff880`012d2538 : fffff8a0`022e7330 fffff8a0`022e7140 fffff880`084ee750 fffff8a0`022e7140 : Ntfs!NtfsQueryLinksInfo
    fffff880`084ee5d0 fffff880`012d2906 : fffff880`084ee750 fffffa80`01febc10 fffff880`00000060 fffffa80`00000060 : Ntfs!NtfsCommonQueryInformation+0xd46
    fffff880`084ee6b0 fffff880`012d2ea4 : fffff880`084ee750 fffffa80`01febc10 fffffa80`01febfb0 00000000`00000000 : Ntfs!NtfsFsdDispatchSwitch+0x106
    fffff880`084ee730 fffff880`0102223f : fffff880`084ee9d0 fffff880`01021be9 fffff880`084ee900 00000000`00100005 : Ntfs!NtfsFsdDispatchWait+0x14
    fffff880`084ee920 fffff880`010206df : fffffa80`024eb5b0 00000000`00000000 fffffa80`024eb500 fffffa80`01febc10 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
    fffff880`084ee9b0 fffff880`03d885f1 : fffffa80`01febc10 fffff800`02eded6c ffffffff`ffffffff 00000000`00000000 : fltmgr!FltpDispatch+0xcf
    fffff880`084eea10 fffffa80`01febc10 : fffff800`02eded6c ffffffff`ffffffff 00000000`00000000 fffffa80`040f39b0 : mfehidk+0x255f1
    fffff880`084eea18 fffff800`02eded6c : ffffffff`ffffffff 00000000`00000000 fffffa80`040f39b0 fffffa80`024eb5b0 : 0xfffffa80`01febc10
    fffff880`084eea20 fffff800`0319ec7a : 00000000`005cd498 fffff880`084eeca0 00000000`005cd498 00000000`0000002e : nt!ExAllocatePoolWithQuotaTag+0xbc
    fffff880`084eea70 fffff800`02ebd153 : 00000000`000000d8 00000000`001ddd78 00000000`005cd498 0000007f`00000060 : nt!NtQueryInformationFile+0x535
    fffff880`084eebb0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
    
    
    STACK_COMMAND:  kb
    
    CHKIMG_EXTENSION: !chkimg -lo 50 -d !Ntfs
        fffff88001377000-fffff88001377005  6 bytes - Ntfs!NtfsGetVolumeBitmap+1e0
    	[ 74 1b 41 b8 8f 2d:00 00 00 00 00 00 ]
        fffff88001377008-fffff88001377011  10 bytes - Ntfs!NtfsGetVolumeBitmap+1e8 (+0x08)
    	[ 48 8d 15 41 2b f7 ff bb:00 00 00 00 00 00 00 00 ]
        fffff88001377013-fffff8800137701f  13 bytes - Ntfs!NtfsGetVolumeBitmap+1f3 (+0x0b)
    	[ c0 8b cb e8 35 63 ee ff:00 00 00 00 00 00 00 00 ]
        fffff88001377021-fffff88001377046  38 bytes - Ntfs!NtfsGetVolumeBitmap+201 (+0x0e)
    	[ c0 89 7c 24 20 41 b1 01:00 00 00 00 00 00 00 00 ]
        fffff88001377049-fffff8800137704b  3 bytes - Ntfs!NtfsGetVolumeBitmap+229 (+0x28)
    	[ 48 8d 15:00 00 00 ]
        fffff8800137704d-fffff8800137705b  15 bytes - Ntfs!NtfsGetVolumeBitmap+22d (+0x04)
    	[ 2b f7 ff 8b cb e8 f9 62:00 00 00 00 00 00 00 00 ]
        fffff8800137705e-fffff8800137707b  30 bytes - Ntfs!NtfsGetVolumeBitmap+23e (+0x11)
    	[ 4c 8b 7e 40 4c 89 7c 24:00 00 00 00 00 00 00 00 ]
        fffff8800137707d - Ntfs!NtfsGetVolumeBitmap+25d (+0x1f)
    	[ 07:00 ]
        fffff88001377080-fffff8800137708f  16 bytes - Ntfs!NtfsGetVolumeBitmap+260 (+0x03)
    	[ ff 15 1a dc f0 ff c6 44:00 00 00 00 00 00 00 00 ]
        fffff88001377092-fffff8800137709a  9 bytes - Ntfs!NtfsGetVolumeBitmap+272 (+0x12)
    	[ 0f ba e0 10 73 07 bb 6e:00 00 00 00 00 00 00 00 ]
        fffff8800137709c-fffff8800137709f  4 bytes - Ntfs!NtfsGetVolumeBitmap+27c (+0x0a)
    	[ c0 eb 0f 25:f4 6a 89 02 ]
        fffff880013770a3-fffff880013770aa  8 bytes - Ntfs!NtfsGetVolumeBitmap+283 (+0x07)
    	[ 01 f7 d8 1b db 81 e3 08:00 00 00 00 00 00 00 00 ]
        fffff880013770ad-fffff880013770b8  12 bytes - Ntfs!NtfsGetVolumeBitmap+28d (+0x0a)
    	[ c0 89 5c 24 48 3b df 0f:00 00 00 00 00 00 00 00 ]
        fffff880013770ba-fffff880013770c0  7 bytes - Ntfs!NtfsGetVolumeBitmap+29a (+0x0d)
    	[ 4c 3b e7 0f 8c 67 02:00 00 00 00 00 00 00 ]
        fffff880013770c3-fffff880013770c6  4 bytes - Ntfs!NtfsGetVolumeBitmap+2a3 (+0x09)
    	[ 48 8d 86 f0:00 01 00 00 ]
        fffff880013770ca-fffff880013770d5  12 bytes - Ntfs!NtfsGetVolumeBitmap+2aa (+0x07)
    	[ 48 89 44 24 68 4c 3b 20:00 00 00 00 00 00 00 00 ]
        fffff880013770d8-fffff880013770f3  28 bytes - Ntfs!NtfsGetVolumeBitmap+2b8 (+0x0e)
    	[ 41 83 c6 f0 44 89 74 24:00 00 00 00 00 00 00 00 ]
        fffff880013770f7-fffff880013770fd  7 bytes - Ntfs!NtfsGetVolumeBitmap+2d7 (+0x1f)
    	[ 48 3b 08 0f 8d 9f 01:00 ad 0a 6b 11 00 00 ]
        fffff880013770ff-fffff88001377104  6 bytes - Ntfs!NtfsGetVolumeBitmap+2df (+0x08)
    	[ 00 48 39 bc 24 f8:80 5d 02 8f 00 01 ]
        fffff88001377107-fffff8800137710e  8 bytes - Ntfs!NtfsGetVolumeBitmap+2e7 (+0x08)
    	[ 00 74 1b 48 8b 8c 24 f8:c0 00 00 00 00 28 e7 91 ]
        fffff88001377110-fffff8800137712e  31 bytes - Ntfs!NtfsGetVolumeBitmap+2f0 (+0x09)
    	[ 00 00 ff 15 78 db f0 ff:14 e7 91 00 d0 b0 8c 00 ]
        fffff88001377130 - Ntfs!NtfsGetVolumeBitmap+310 (+0x20)
    	[ 00:05 ]
        fffff88001377132-fffff8800137713b  10 bytes - Ntfs!NtfsGetVolumeBitmap+312 (+0x02)
    	[ 48 89 44 24 28 48 8d 84:00 00 00 00 00 00 e4 e6 ]
        fffff8800137713f-fffff88001377153  21 bytes - Ntfs!NtfsGetVolumeBitmap+31f (+0x0d)
    	[ 48 89 44 24 20 4c 8d 4c:00 a4 90 8d 00 14 11 c9 ]
        fffff88001377157-fffff88001377170  26 bytes - Ntfs!NtfsGetVolumeBitmap+337 (+0x18)
    	[ e8 94 33 f4 ff 3b df 75:00 d4 72 cb 04 00 00 00 ]
        fffff88001377174-fffff88001377177  4 bytes - Ntfs!NtfsGetVolumeBitmap+354 (+0x1d)
    	[ 8b b4 24 80:00 00 00 00 ]
        fffff8800137717b-fffff8800137719a  32 bytes - Ntfs!NtfsGetVolumeBitmap+35b (+0x07)
    	[ 83 c6 07 c1 ee 03 41 2b:00 00 00 00 00 00 00 00 ]
        fffff8800137719d-fffff880013771a5  9 bytes - Ntfs!NtfsGetVolumeBitmap+37d (+0x22)
    	[ 48 8d 15 ac 29 f7 ff b9:00 00 00 00 00 00 00 00 ]
        fffff880013771a8-fffff880013771b2  11 bytes - Ntfs!NtfsGetVolumeBitmap+388 (+0x0b)
    	[ 80 e8 a2 61 ee ff c7 44:00 00 00 00 00 00 00 00 ]
        fffff880013771b5-fffff880013771c4  16 bytes - Ntfs!NtfsGetVolumeBitmap+395 (+0x0d)
    	[ 80 39 7c 24 4c 74 0e 8b:00 00 00 00 00 00 00 00 ]
        fffff880013771c8-fffff880013771e3  28 bytes - Ntfs!NtfsGetVolumeBitmap+3a8 (+0x13)
    	[ eb 1d 4c 8b 7c 24 58 48:00 00 00 00 00 00 00 00 ]
        fffff880013771e7-fffff880013771f6  16 bytes - Ntfs!NtfsGetVolumeBitmap+3c7 (+0x1f)
    	[ c6 44 24 40 01 44 8b c6:00 00 00 00 00 00 00 00 ]
        fffff880013771fa-fffff88001377219  32 bytes - Ntfs!NtfsGetVolumeBitmap+3da (+0x13)
    	[ 8b c3 48 c1 e8 03 48 8b:00 00 00 00 00 00 00 00 ]
        fffff8800137721c-fffff88001377222  7 bytes - Ntfs!NtfsGetVolumeBitmap+3fc (+0x22)
    	[ 80 74 61 8b 84 24 f0:00 00 00 00 00 00 00 ]
        fffff88001377226-fffff8800137722c  7 bytes - Ntfs!NtfsGetVolumeBitmap+406 (+0x0a)
    	[ c1 e0 03 8b 8c 24 80:00 00 00 00 00 00 00 ]
        fffff88001377230-fffff8800137724f  32 bytes - Ntfs!NtfsGetVolumeBitmap+410 (+0x0a)
    	[ 2b c8 8b 5c 24 44 03 d9:00 00 00 00 00 00 00 00 ]
        fffff88001377253-fffff88001377256  4 bytes - Ntfs!NtfsGetVolumeBitmap+433 (+0x23)
    	[ 8b 84 24 80:00 00 00 00 ]
        fffff8800137725a-fffff880013772b1  88 bytes - Ntfs!NtfsGetVolumeBitmap+43a (+0x07)
    	[ 48 8b 4c 24 60 48 03 c8:00 00 00 00 00 00 00 00 ]
        fffff880013772b3-fffff880013772cc  26 bytes - Ntfs!NtfsGetVolumeBitmap+493 (+0x59)
    	[ 49 2b c4 48 89 41 08 40:00 00 00 00 00 00 00 00 ]
        fffff880013772d0-fffff880013772d9  10 bytes - Ntfs!NtfsGetVolumeBitmap+4b0 (+0x1d)
    	[ 49 89 44 24 38 4c 8b ac:00 00 00 00 00 00 00 00 ]
        fffff880013772dd-fffff880013772de  2 bytes - Ntfs!NtfsGetVolumeBitmap+4bd (+0x0d)
    	[ e9 8e:00 00 ]
        fffff880013772e2-fffff880013772f2  17 bytes - Ntfs!NtfsGetVolumeBitmap+4c2 (+0x05)
    	[ 8a 05 21 45 f2 ff 33 ff:00 00 00 00 00 00 00 00 ]
        fffff880013772f5-fffff880013772fd  9 bytes - Ntfs!NtfsGetVolumeBitmap+4d5 (+0x13)
    	[ 48 8d 15 54 28 f7 ff b9:00 00 00 00 00 00 00 00 ]
        fffff88001377300-fffff8800137730c  13 bytes - Ntfs!NtfsGetVolumeBitmap+4e0 (+0x0b)
    	[ c0 e8 4a 60 ee ff c7 44:00 00 00 00 00 00 00 00 ]
        fffff8800137730e-fffff88001377315  8 bytes - Ntfs!NtfsGetVolumeBitmap+4ee (+0x0e)
    	[ 45 33 c9 45 33 c0 ba e8:00 00 00 00 00 00 00 00 ]
        fffff88001377318-fffff8800137731d  6 bytes - Ntfs!NtfsGetVolumeBitmap+4f8 (+0x0a)
    	[ c0 48 8b 8c 24 e0:00 00 00 00 00 00 ]
        fffff88001377321-fffff88001377327  7 bytes - Ntfs!NtfsGetVolumeBitmap+501 (+0x09)
    	[ e8 2a f9 ed ff cc eb:00 00 00 00 00 00 00 ]
        fffff88001377329-fffff88001377338  16 bytes - Ntfs!NtfsGetVolumeBitmap+506 (+0x08)
    	[ 90 8a 05 d9 44 f2 ff 40:00 00 00 00 00 00 00 00 ]
        fffff8800137733b-fffff88001377343  9 bytes - Ntfs!NtfsGetVolumeBitmap+518 (+0x12)
    	[ 48 8d 15 0e 28 f7 ff b9:00 00 00 00 00 00 00 00 ]
        fffff88001377346-fffff88001377350  11 bytes - Ntfs!NtfsGetVolumeBitmap+523 (+0x0b)
    	[ c0 e8 04 60 ee ff c7 44:00 00 00 00 00 00 00 00 ]
    WARNING: !chkimg output was truncated to 50 lines. Invoke !chkimg without '-lo [num_lines]' to view  entire output.
    3654 errors : !Ntfs (fffff88001377000-fffff88001377ffd)
    
    MODULE_NAME: memory_corruption
    
    IMAGE_NAME:  memory_corruption
    
    FOLLOWUP_NAME:  memory_corruption
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  0
    
    MEMORY_CORRUPTOR:  LARGE_4096
    
    FAILURE_BUCKET_ID:  X64_MEMORY_CORRUPTION_LARGE_4096
    
    BUCKET_ID:  X64_MEMORY_CORRUPTION_LARGE_4096
    
    Followup: memory_corruption
    ---------
    
    
    
    
    Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
    Copyright (c) Microsoft Corporation. All rights reserved.
    
    
    Loading Dump File [F:\DMP\030611-34070-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available
    
    Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
    Executable search path is: 
    Windows 7 Kernel Version 7600 UP Free x64
    Product: WinNt, suite: TerminalServer SingleUserTS Personal
    Built by: 7600.16539.amd64fre.win7_gdr.100226-1909
    Machine Name:
    Kernel base = 0xfffff800`0301e000 PsLoadedModuleList = 0xfffff800`0325be50
    Debug session time: Sun Mar  6 09:37:52.624 2011 (UTC - 4:00)
    System Uptime: 0 days 0:00:50.856
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    ...
    Loading User Symbols
    Loading unloaded module list
    ....
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck A, {2000, 2, 0, fffff800030ae306}
    
    Probably caused by : ntkrnlmp.exe ( nt!KiPageFault+260 )
    
    Followup: MachineOwner
    ---------
    
    kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    IRQL_NOT_LESS_OR_EQUAL (a)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high.  This is usually
    caused by drivers using improper addresses.
    If a kernel debugger is available get the stack backtrace.
    Arguments:
    Arg1: 0000000000002000, memory referenced
    Arg2: 0000000000000002, IRQL
    Arg3: 0000000000000000, bitfield :
    	bit 0 : value 0 = read operation, 1 = write operation
    	bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
    Arg4: fffff800030ae306, address which referenced memory
    
    Debugging Details:
    ------------------
    
    
    READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800032c60e0
     0000000000002000 
    
    CURRENT_IRQL:  2
    
    FAULTING_IP: 
    nt!IopCompleteRequest+c73
    fffff800`030ae306 488b09          mov     rcx,qword ptr [rcx]
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    
    BUGCHECK_STR:  0xA
    
    PROCESS_NAME:  MpCmdRun.exe
    
    IRP_ADDRESS:  ffffffffffffff88
    
    TRAP_FRAME:  fffff8800255be20 -- (.trap 0xfffff8800255be20)
    NOTE: The trap frame does not contain all registers.
    Some register values may be zeroed or incorrect.
    rax=fffff8800255c408 rbx=0000000000000000 rcx=0000000000002000
    rdx=0000000000002000 rsi=0000000000000000 rdi=0000000000000000
    rip=fffff800030ae306 rsp=fffff8800255bfb0 rbp=fffff8800255c100
     r8=fffffa8001668ad0  r9=fffff8800255c0b0 r10=0000000000000002
    r11=fffffa8002f9c010 r12=0000000000000000 r13=0000000000000000
    r14=0000000000000000 r15=0000000000000000
    iopl=0         nv up ei pl nz ac pe cy
    nt!IopCompleteRequest+0xc73:
    fffff800`030ae306 488b09          mov     rcx,qword ptr [rcx] ds:00000000`00002000=????????????????
    Resetting default scope
    
    LAST_CONTROL_TRANSFER:  from fffff8000308db69 to fffff8000308e600
    
    STACK_TEXT:  
    fffff880`0255bcd8 fffff800`0308db69 : 00000000`0000000a 00000000`00002000 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
    fffff880`0255bce0 fffff800`0308c7e0 : 00000000`00000000 fffffa80`01664b70 00000000`00000000 fffff880`0255ca18 : nt!KiBugCheckDispatch+0x69
    fffff880`0255be20 fffff800`030ae306 : fffffa80`025db3f8 00000000`00000002 00000000`00000001 fffffa80`0306e010 : nt!KiPageFault+0x260
    fffff880`0255bfb0 fffff800`0306afcf : 00000000`00000000 000fffff`8a001fed 00000000`00000000 fffffa80`00000000 : nt!IopCompleteRequest+0xc73
    fffff880`0255c080 fffff800`0306b387 : fffff8a0`01fed000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDeliverApc+0x1d7
    fffff880`0255c100 fffff800`030a17b3 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiApcInterrupt+0xd7
    fffff880`0255c290 fffff800`030a0f7d : fffff8a0`01fed000 fffff880`20206f49 00000000`00002000 fffff800`00000000 : nt!ExpAddTagForBigPages+0x1a3
    fffff880`0255c330 00000000`00000000 : 00000000`00000000 00000000`00000000 fffff8a0`00000000 fffff880`00969000 : nt!ExpAllocateBigPool+0xcd
    
    
    STACK_COMMAND:  kb
    
    FOLLOWUP_IP: 
    nt!KiPageFault+260
    fffff800`0308c7e0 440f20c0        mov     rax,cr8
    
    SYMBOL_STACK_INDEX:  2
    
    SYMBOL_NAME:  nt!KiPageFault+260
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: nt
    
    IMAGE_NAME:  ntkrnlmp.exe
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  4b88cfeb
    
    FAILURE_BUCKET_ID:  X64_0xA_nt!KiPageFault+260
    
    BUCKET_ID:  X64_0xA_nt!KiPageFault+260
    
    Followup: MachineOwner
    ---------
    
    
    
    
    Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
    Copyright (c) Microsoft Corporation. All rights reserved.
    
    
    Loading Dump File [F:\DMP\051311-39998-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available
    
    Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
    Executable search path is: 
    Windows 7 Kernel Version 7600 UP Free x64
    Product: WinNt, suite: TerminalServer SingleUserTS Personal
    Built by: 7600.16539.amd64fre.win7_gdr.100226-1909
    Machine Name:
    Kernel base = 0xfffff800`0300f000 PsLoadedModuleList = 0xfffff800`0324ce50
    Debug session time: Fri May 13 13:42:19.249 2011 (UTC - 4:00)
    System Uptime: 0 days 0:10:25.480
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    ............................
    Loading User Symbols
    Loading unloaded module list
    .....
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck 3B, {c0000005, fffff80003083bd8, fffff88007ba39c0, 0}
    
    Probably caused by : ntkrnlmp.exe ( nt!KiTryUnwaitThread+28 )
    
    Followup: MachineOwner
    ---------
    
    kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    SYSTEM_SERVICE_EXCEPTION (3b)
    An exception happened while executing a system service routine.
    Arguments:
    Arg1: 00000000c0000005, Exception code that caused the bugcheck
    Arg2: fffff80003083bd8, Address of the instruction which caused the bugcheck
    Arg3: fffff88007ba39c0, Address of the context record for the exception that caused the bugcheck
    Arg4: 0000000000000000, zero.
    
    Debugging Details:
    ------------------
    
    
    EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
    
    FAULTING_IP: 
    nt!KiTryUnwaitThread+28
    fffff800`03083bd8 f0480fba6b4000  lock bts qword ptr [rbx+40h],0
    
    CONTEXT:  fffff88007ba39c0 -- (.cxr 0xfffff88007ba39c0)
    rax=fffff88007ba4408 rbx=4120ec8348571024 rcx=fffff800031f9e80
    rdx=fffff88000fe0000 rsi=0000000000000000 rdi=0000000000000000
    rip=fffff80003083bd8 rsp=fffff88007ba4390 rbp=fffff88007ba4540
     r8=0000000000000100  r9=0000000000000000 r10=0000000000000002
    r11=fffffa8001ad7870 r12=0000000000000000 r13=0000000000000000
    r14=fffffa8003d90960 r15=fffff800031f9e80
    iopl=0         nv up ei pl zr na po nc
    cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010246
    nt!KiTryUnwaitThread+0x28:
    fffff800`03083bd8 f0480fba6b4000  lock bts qword ptr [rbx+40h],0 ds:002b:4120ec83`48571064=????????????????
    Resetting default scope
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    
    BUGCHECK_STR:  0x3B
    
    PROCESS_NAME:  eventcreate.ex
    
    CURRENT_IRQL:  2
    
    LAST_CONTROL_TRANSFER:  from 0000000000000000 to fffff80003083bd8
    
    STACK_TEXT:  
    fffff880`07ba4390 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiTryUnwaitThread+0x28
    
    
    FOLLOWUP_IP: 
    nt!KiTryUnwaitThread+28
    fffff800`03083bd8 f0480fba6b4000  lock bts qword ptr [rbx+40h],0
    
    SYMBOL_STACK_INDEX:  0
    
    SYMBOL_NAME:  nt!KiTryUnwaitThread+28
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: nt
    
    IMAGE_NAME:  ntkrnlmp.exe
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  4b88cfeb
    
    STACK_COMMAND:  .cxr 0xfffff88007ba39c0 ; kb
    
    FAILURE_BUCKET_ID:  X64_0x3B_nt!KiTryUnwaitThread+28
    
    BUCKET_ID:  X64_0x3B_nt!KiTryUnwaitThread+28
    
    Followup: MachineOwner
    ---------
    
    
    
    
    Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
    Copyright (c) Microsoft Corporation. All rights reserved.
    
    
    Loading Dump File [F:\DMP\030611-33321-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available
    
    Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
    Executable search path is: 
    Windows 7 Kernel Version 7600 UP Free x64
    Product: WinNt, suite: TerminalServer SingleUserTS Personal
    Built by: 7600.16539.amd64fre.win7_gdr.100226-1909
    Machine Name:
    Kernel base = 0xfffff800`0241d000 PsLoadedModuleList = 0xfffff800`0265ae50
    Debug session time: Sun Mar  6 12:26:07.989 2011 (UTC - 4:00)
    System Uptime: 0 days 0:05:58.505
    Loading Kernel Symbols
    ...............................................................
    ........................................................
    Loading User Symbols
    Loading unloaded module list
    ......
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck A, {1, 2, 0, fffff800024ad183}
    
    Probably caused by : win32k.sys ( win32k!FreeView+a2 )
    
    Followup: MachineOwner
    ---------
    
    kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    IRQL_NOT_LESS_OR_EQUAL (a)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high.  This is usually
    caused by drivers using improper addresses.
    If a kernel debugger is available get the stack backtrace.
    Arguments:
    Arg1: 0000000000000001, memory referenced
    Arg2: 0000000000000002, IRQL
    Arg3: 0000000000000000, bitfield :
    	bit 0 : value 0 = read operation, 1 = write operation
    	bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
    Arg4: fffff800024ad183, address which referenced memory
    
    Debugging Details:
    ------------------
    
    
    READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800026c50e0
     0000000000000001 
    
    CURRENT_IRQL:  2
    
    FAULTING_IP: 
    nt!IopCompleteRequest+ae3
    fffff800`024ad183 488b09          mov     rcx,qword ptr [rcx]
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    
    BUGCHECK_STR:  0xA
    
    PROCESS_NAME:  eventcreate.ex
    
    IRP_ADDRESS:  ffffffffffffff89
    
    TRAP_FRAME:  fffff880045be1d0 -- (.trap 0xfffff880045be1d0)
    NOTE: The trap frame does not contain all registers.
    Some register values may be zeroed or incorrect.
    rax=fffff880045be408 rbx=0000000000000000 rcx=0000000000000001
    rdx=0000000000000001 rsi=0000000000000000 rdi=0000000000000000
    rip=fffff800024ad183 rsp=fffff880045be360 rbp=0000000000000000
     r8=fffffa8003898400  r9=fffff880045be460 r10=0000000000000002
    r11=fffffa800389b4b0 r12=0000000000000000 r13=0000000000000000
    r14=0000000000000000 r15=0000000000000000
    iopl=0         nv up ei pl nz ac po cy
    nt!IopCompleteRequest+0xae3:
    fffff800`024ad183 488b09          mov     rcx,qword ptr [rcx] ds:e3c0:00000000`00000001=????????????????
    Resetting default scope
    
    LAST_CONTROL_TRANSFER:  from fffff8000248cb69 to fffff8000248d600
    
    STACK_TEXT:  
    fffff880`045be088 fffff800`0248cb69 : 00000000`0000000a 00000000`00000001 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
    fffff880`045be090 fffff800`0248b7e0 : 00000000`00000008 fffffa80`03477cd0 fffffa80`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
    fffff880`045be1d0 fffff800`024ad183 : fffffa80`0389b400 00001f80`00000000 fffffa80`030a2350 00000000`00000000 : nt!KiPageFault+0x260
    fffff880`045be360 fffff800`02469fcf : 00000000`00000001 00000000`ffffffff fffffa80`03056200 00000000`00000000 : nt!IopCompleteRequest+0xae3
    fffff880`045be430 fffff800`02440b95 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDeliverApc+0x1d7
    fffff880`045be4b0 fffff800`027c958f : 00000000`00000000 00000000`00000000 fffffa80`039fd060 00000000`00000000 : nt!KiCheckForKernelApcDelivery+0x25
    fffff880`045be4e0 fffff960`000ebea6 : 00000000`00000000 fffff900`c1a95240 00000000`00000001 00000000`00000000 : nt! ?? ::NNGAKEGL::`string'+0x1b979
    fffff880`045be5a0 fffff960`000e9c9b : fffff880`045be6c0 fffff960`000e9c30 00000000`00000001 fffff960`000e9314 : win32k!FreeView+0xa2
    fffff880`045be610 fffff800`027354cc : 00000000`00000000 fffffa80`02fa0ef0 00000000`00000000 00000000`00010002 : win32k!UnmapDesktop+0x6b
    fffff880`045be640 fffff800`0274acff : 00000000`00000000 fffffa80`039fd060 fffffa80`02fa0ef0 fffffa80`015f49f0 : nt!ExpWin32SessionCallout+0x5c
    fffff880`045be6a0 fffff800`0278a604 : fffffa80`02f4dae0 fffff8a0`04e5f180 fffff880`045be8b0 fffff8a0`028bc030 : nt!ExpWin32CloseProcedure+0x53
    fffff880`045be6f0 fffff800`027a44a1 : fffffa80`039fd060 fffffa80`00000001 fffff8a0`03628600 00000000`00000000 : nt!ObpDecrementHandleCount+0xb4
    fffff880`045be770 fffff800`027a43b4 : 00000000`00000038 fffffa80`039fd060 fffff8a0`03628600 00000000`00000038 : nt!ObpCloseHandleTableEntry+0xb1
    fffff880`045be800 fffff960`000ed0cf : 00000000`00000038 00000000`00004000 00000000`00000000 fffff900`c1be76a0 : nt!ObpCloseHandle+0x94
    fffff880`045be850 fffff960`000e3f4b : fffff900`c1be76a0 fffff880`045bec20 00000000`ffffffff fffffa80`039fd060 : win32k!DestroyProcessInfo+0x327
    fffff880`045be880 fffff960`000e4046 : fffffa80`02f4da00 fffff900`c1be76a0 00020508`00000000 fffffa80`036bc010 : win32k!xxxUserProcessCallout+0x15f
    fffff880`045be8d0 fffff800`02773881 : fffffa80`02f4dae0 00000000`00000000 00000000`00000000 fffffa80`01632b60 : win32k!W32pProcessCallout+0x4e
    fffff880`045be900 fffff800`0274c4d1 : 00000000`00000000 fffffa80`015f5001 fffffa80`78457300 00000000`00000000 : nt!PspExitThread+0x561
    fffff880`045be9c0 fffff800`0246a0e3 : fffffa80`03998010 fffffa80`039981c8 fffff880`045bea10 00000000`00000000 : nt!PsExitSpecialApc+0x1d
    fffff880`045be9f0 fffff800`0246a520 : 00000000`00344210 fffff880`045bea70 fffff800`0274c5dc 00000000`00000001 : nt!KiDeliverApc+0x2eb
    fffff880`045bea70 fffff800`0248c8f7 : 00000000`00000390 00000000`00000000 00000000`00000001 0000007f`ffffffff : nt!KiInitiateUserApc+0x70
    fffff880`045bebb0 00000000`774301ea : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExit+0x9c
    00000000`0231ed78 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x774301ea
    
    
    STACK_COMMAND:  kb
    
    FOLLOWUP_IP: 
    win32k!FreeView+a2
    fffff960`000ebea6 488b06          mov     rax,qword ptr [rsi]
    
    SYMBOL_STACK_INDEX:  7
    
    SYMBOL_NAME:  win32k!FreeView+a2
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: win32k
    
    IMAGE_NAME:  win32k.sys
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc5e0
    
    FAILURE_BUCKET_ID:  X64_0xA_win32k!FreeView+a2
    
    BUCKET_ID:  X64_0xA_win32k!FreeView+a2
    
    Followup: MachineOwner
    ---------
    
    
    
    
    Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
    Copyright (c) Microsoft Corporation. All rights reserved.
    
    
    Loading Dump File [F:\DMP\051311-35677-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available
    
    Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
    Executable search path is: 
    Windows 7 Kernel Version 7600 UP Free x64
    Product: WinNt, suite: TerminalServer SingleUserTS Personal
    Built by: 7600.16539.amd64fre.win7_gdr.100226-1909
    Machine Name:
    Kernel base = 0xfffff800`03057000 PsLoadedModuleList = 0xfffff800`03294e50
    Debug session time: Fri May 13 13:55:34.969 2011 (UTC - 4:00)
    System Uptime: 0 days 0:02:47.201
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    ..........................
    Loading User Symbols
    Loading unloaded module list
    ....
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck 24, {1904fb, fffff88006405ff8, fffff88006405860, fffff800030e6670}
    
    Probably caused by : Ntfs.sys ( Ntfs! ?? ::FNODOBFM::`string'+2cc9 )
    
    Followup: MachineOwner
    ---------
    
    kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    NTFS_FILE_SYSTEM (24)
        If you see NtfsExceptionFilter on the stack then the 2nd and 3rd
        parameters are the exception record and context record. Do a .cxr
        on the 3rd parameter and then kb to obtain a more informative stack
        trace.
    Arguments:
    Arg1: 00000000001904fb
    Arg2: fffff88006405ff8
    Arg3: fffff88006405860
    Arg4: fffff800030e6670
    
    Debugging Details:
    ------------------
    
    
    EXCEPTION_RECORD:  fffff88006405ff8 -- (.exr 0xfffff88006405ff8)
    Cannot read Exception record @ fffff88006405ff8
    
    CONTEXT:  fffff88006405860 -- (.cxr 0xfffff88006405860)
    rax=fffffa800254f520 rbx=00000000052c0000 rcx=0000000000000000
    rdx=0000000000000001 rsi=fffff88006406420 rdi=00000000052c1000
    rip=fffff800030e6670 rsp=fffff88006406238 rbp=fffffa8001730c10
     r8=0000000000000000  r9=fffff88006406350 r10=0000000000000002
    r11=0000000000000001 r12=fffff88006406298 r13=0000000000000400
    r14=0000000000000001 r15=fffffa80023e4bf0
    iopl=0         nv up ei pl nz na po nc
    cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010206
    nt!CcFreeVirtualAddress:
    fffff800`030e6670 488b5108        mov     rdx,qword ptr [rcx+8] ds:002b:00000000`00000008=????????????????
    Resetting default scope
    
    CUSTOMER_CRASH_COUNT:  1
    
    PROCESS_NAME:  svchost.exe
    
    CURRENT_IRQL:  0
    
    ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
    
    EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
    
    EXCEPTION_PARAMETER1:  0000000000000000
    
    EXCEPTION_PARAMETER2:  0000000000000008
    
    READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800032ff0e0
     0000000000000008 
    
    FOLLOWUP_IP: 
    Ntfs! ?? ::FNODOBFM::`string'+2cc9
    fffff880`0125e3d8 cc              int     3
    
    FAULTING_IP: 
    nt!CcFreeVirtualAddress+0
    fffff800`030e6670 488b5108        mov     rdx,qword ptr [rcx+8]
    
    BUGCHECK_STR:  0x24
    
    DEFAULT_BUCKET_ID:  NULL_CLASS_PTR_DEREFERENCE
    
    LAST_CONTROL_TRANSFER:  from 0000000000000000 to fffff800030e6670
    
    STACK_TEXT:  
    fffff880`06405038 fffff880`0125e3d8 : 00000000`00000024 00000000`001904fb fffff880`06405ff8 fffff880`06405860 : nt!KeBugCheckEx
    fffff880`06405040 fffff880`01241487 : fffff880`01289d38 fffff880`06406d30 fffff880`06406d30 00000000`645606b4 : Ntfs! ?? ::FNODOBFM::`string'+0x2cc9
    fffff880`06405080 fffff800`030f5bdc : 04314090`043119fa 00000000`645606b4 00000000`00000000 80000000`2552643a : Ntfs! ?? ::FNODOBFM::`string'+0xfc8
    fffff880`064050b0 fffff800`030ed2ed : fffff880`01289d2c fffff880`06406d30 00000000`00000000 fffff880`0123d000 : nt!_C_specific_handler+0x8c
    fffff880`06405120 fffff800`030f4950 : fffff880`01289d2c fffff880`06405198 fffff880`06405ff8 fffff880`0123d000 : nt!RtlpExecuteHandlerForException+0xd
    fffff880`06405150 fffff800`031018df : fffff880`06405ff8 fffff880`06405860 fffff880`00000000 00000000`052c1000 : nt!RtlDispatchException+0x410
    fffff880`06405830 fffff800`030c6c42 : fffff880`06405ff8 00000000`052c0000 fffff880`064060a0 fffff880`06406420 : nt!KiDispatchException+0x16f
    fffff880`06405ec0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0xc2
    
    
    STACK_COMMAND:  kb
    
    SYMBOL_STACK_INDEX:  1
    
    SYMBOL_NAME:  Ntfs! ?? ::FNODOBFM::`string'+2cc9
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: Ntfs
    
    IMAGE_NAME:  Ntfs.sys
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc14f
    
    FAILURE_BUCKET_ID:  X64_0x24_Ntfs!_??_::FNODOBFM::_string_+2cc9
    
    BUCKET_ID:  X64_0x24_Ntfs!_??_::FNODOBFM::_string_+2cc9
    
    Followup: MachineOwner
    ---------
    
    
    
    




    DRIVERS

    Code:
    start             end                 module name
    fffff880`00ed1000 fffff880`00f28000   ACPI     ACPI.sys     Mon Jul 13 19:19:34 2009 (4A5BC106)
    fffff880`03800000 fffff880`0388a000   afd      afd.sys      Mon Jul 13 19:21:40 2009 (4A5BC184)
    fffff880`02bd3000 fffff880`02be9000   AgileVpn AgileVpn.sys Mon Jul 13 20:10:24 2009 (4A5BCCF0)
    fffff880`02bbe000 fffff880`02bd3000   amdppm   amdppm.sys   Mon Jul 13 19:19:25 2009 (4A5BC0FD)
    fffff880`00cc0000 fffff880`00ccb000   amdxata  amdxata.sys  Tue May 19 13:56:59 2009 (4A12F2EB)
    fffff880`00e00000 fffff880`00e09000   atapi    atapi.sys    Mon Jul 13 19:19:47 2009 (4A5BC113)
    fffff880`00dd6000 fffff880`00e00000   ataport  ataport.SYS  Mon Jul 13 19:19:52 2009 (4A5BC118)
    fffff880`03a52000 fffff880`04069000   atikmdag atikmdag.sys Thu Jul 30 00:23:28 2009 (4A712040)
    fffff880`017a1000 fffff880`017a9000   AtiPcie  AtiPcie.sys  Tue May 05 11:00:22 2009 (4A005486)
    fffff880`00fa8000 fffff880`00fb4000   BATTC    BATTC.SYS    Mon Jul 13 19:31:01 2009 (4A5BC3B5)
    fffff880`01633000 fffff880`0163a000   Beep     Beep.SYS     Mon Jul 13 20:00:13 2009 (4A5BCA8D)
    fffff880`02b87000 fffff880`02b98000   blbdrive blbdrive.sys Mon Jul 13 19:35:59 2009 (4A5BC4DF)
    fffff880`027d6000 fffff880`027f4000   bowser   bowser.sys   Mon Jul 13 19:23:50 2009 (4A5BC206)
    fffff960`00650000 fffff960`00677000   cdd      cdd.dll      unavailable (00000000)
    fffff880`046af000 fffff880`046cc000   cdfs     cdfs.sys     Mon Jul 13 19:19:46 2009 (4A5BC112)
    fffff880`01600000 fffff880`0162a000   cdrom    cdrom.sys    Mon Jul 13 19:19:54 2009 (4A5BC11A)
    fffff880`00c00000 fffff880`00cc0000   CI       CI.dll       Mon Jul 13 21:32:13 2009 (4A5BE01D)
    fffff880`01771000 fffff880`017a1000   CLASSPNP CLASSPNP.SYS Mon Jul 13 19:19:58 2009 (4A5BC11E)
    fffff880`00d1c000 fffff880`00d7a000   CLFS     CLFS.SYS     Mon Jul 13 19:19:57 2009 (4A5BC11D)
    fffff880`043f8000 fffff880`043fc500   CmBatt   CmBatt.sys   Mon Jul 13 19:31:03 2009 (4A5BC3B7)
    fffff880`01158000 fffff880`011cb000   cng      cng.sys      Mon Jul 13 19:49:40 2009 (4A5BC814)
    fffff880`00f9f000 fffff880`00fa8000   compbatt compbatt.sys Mon Jul 13 19:31:02 2009 (4A5BC3B6)
    fffff880`041e5000 fffff880`041f5000   CompositeBus CompositeBus.sys Mon Jul 13 20:00:33 2009 (4A5BCAA1)
    fffff880`047d6000 fffff880`047e4000   crashdmp crashdmp.sys Mon Jul 13 20:01:01 2009 (4A5BCABD)
    fffff880`02b69000 fffff880`02b87000   dfsc     dfsc.sys     Mon Jul 13 19:23:44 2009 (4A5BC200)
    fffff880`02b5a000 fffff880`02b69000   discache discache.sys Mon Jul 13 19:37:18 2009 (4A5BC52E)
    fffff880`0175b000 fffff880`01771000   disk     disk.sys     Mon Jul 13 19:19:57 2009 (4A5BC11D)
    fffff880`0463d000 fffff880`0465f000   drmk     drmk.sys     Mon Jul 13 21:01:25 2009 (4A5BD8E5)
    fffff880`047e4000 fffff880`047f0000   dump_dumpata dump_dumpata.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
    fffff880`02be9000 fffff880`02bfc000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
    fffff880`047f0000 fffff880`047fb000   dump_msahci dump_msahci.sys Mon Jul 13 20:01:01 2009 (4A5BCABD)
    fffff880`05800000 fffff880`0580c000   Dxapi    Dxapi.sys    Mon Jul 13 19:38:28 2009 (4A5BC574)
    fffff880`04069000 fffff880`0415d000   dxgkrnl  dxgkrnl.sys  Thu Oct 01 21:00:14 2009 (4AC5509E)
    fffff880`0415d000 fffff880`041a3000   dxgmms1  dxgmms1.sys  Mon Jul 13 19:38:32 2009 (4A5BC578)
    fffff880`017a9000 fffff880`017df000   fastfat  fastfat.SYS  Mon Jul 13 19:23:28 2009 (4A5BC1F0)
    fffff880`010e6000 fffff880`010fa000   fileinfo fileinfo.sys Mon Jul 13 19:34:25 2009 (4A5BC481)
    fffff880`0109a000 fffff880`010e6000   fltmgr   fltmgr.sys   Mon Jul 13 19:19:59 2009 (4A5BC11F)
    fffff880`01211000 fffff880`0121b000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 19:19:45 2009 (4A5BC111)
    fffff880`01721000 fffff880`0175b000   fvevol   fvevol.sys   Fri Sep 25 22:34:26 2009 (4ABD7DB2)
    fffff880`038a7000 fffff880`038f1000   fwpkclnt fwpkclnt.sys Mon Jul 13 19:21:08 2009 (4A5BC164)
    fffff880`043c0000 fffff880`043cd000   GEARAspiWDM GEARAspiWDM.sys Mon May 18 08:17:04 2009 (4A1151C0)
    fffff800`0300e000 fffff800`03057000   hal      hal.dll      Mon Jul 13 21:27:36 2009 (4A5BDF08)
    fffff880`041a3000 fffff880`041c7000   HDAudBus HDAudBus.sys Mon Jul 13 20:06:13 2009 (4A5BCBF5)
    fffff880`04665000 fffff880`0467e000   HIDCLASS HIDCLASS.SYS Mon Jul 13 20:06:21 2009 (4A5BCBFD)
    fffff880`0467e000 fffff880`04686080   HIDPARSE HIDPARSE.SYS Mon Jul 13 20:06:17 2009 (4A5BCBF9)
    fffff880`0580c000 fffff880`0581a000   hidusb   hidusb.sys   Mon Jul 13 20:06:22 2009 (4A5BCBFE)
    fffff880`0270e000 fffff880`027d6000   HTTP     HTTP.sys     Mon Jul 13 19:22:16 2009 (4A5BC1A8)
    fffff880`01718000 fffff880`01721000   hwpolicy hwpolicy.sys Mon Jul 13 19:19:22 2009 (4A5BC0FA)
    fffff880`043d8000 fffff880`043f6000   i8042prt i8042prt.sys Mon Jul 13 19:19:57 2009 (4A5BC11D)
    fffff880`03959000 fffff880`03977000   ipfltdrv ipfltdrv.sys Mon Jul 13 20:10:03 2009 (4A5BCCDB)
    fffff880`041c7000 fffff880`041d6000   kbdclass kbdclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
    fffff800`00bb7000 fffff800`00bba000   kdcom    kdcom.dll    Tue Nov 30 09:40:39 2010 (4CF50CE7)
    fffff880`046d4000 fffff880`04717000   ks       ks.sys       Wed Mar 03 23:32:25 2010 (4B8F37D9)
    fffff880`013e0000 fffff880`013fa000   ksecdd   ksecdd.sys   Mon Jul 13 19:20:54 2009 (4A5BC156)
    fffff880`01558000 fffff880`01583000   ksecpkg  ksecpkg.sys  Fri Dec 11 01:03:32 2009 (4B21E0B4)
    fffff880`0465f000 fffff880`04664200   ksthunk  ksthunk.sys  Mon Jul 13 20:00:19 2009 (4A5BCA93)
    fffff880`0107a000 fffff880`0108f000   lltdio   lltdio.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
    fffff880`00f7b000 fffff880`00f8a000   LPCFilter LPCFilter.sys Tue Jun 30 19:57:52 2009 (4A4AA680)
    fffff880`011cb000 fffff880`011ee000   luafv    luafv.sys    Mon Jul 13 19:26:13 2009 (4A5BC295)
    fffff880`00cfb000 fffff880`00d08000   mcupdate_AuthenticAMD mcupdate_AuthenticAMD.dll Mon Jul 13 21:29:09 2009 (4A5BDF65)
    fffff880`0303f000 fffff880`03056600   mfeavfk  mfeavfk.sys  Fri Jul 31 18:02:42 2009 (4A736A02)
    fffff880`02b10000 fffff880`02b59a00   mfehidk  mfehidk.sys  Fri Jul 31 17:59:58 2009 (4A73695E)
    fffff880`047c8000 fffff880`047d6000   monitor  monitor.sys  Mon Jul 13 19:38:52 2009 (4A5BC58C)
    fffff880`041d6000 fffff880`041e5000   mouclass mouclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
    fffff880`04687000 fffff880`04694000   mouhid   mouhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
    fffff880`00fe0000 fffff880`00ffa000   mountmgr mountmgr.sys Mon Jul 13 19:19:54 2009 (4A5BC11A)
    fffff880`038f1000 fffff880`0392e000   Mpfp     Mpfp.sys     Thu Apr 09 14:22:13 2009 (49DE3CD5)
    fffff880`02600000 fffff880`02618000   mpsdrv   mpsdrv.sys   Mon Jul 13 20:08:25 2009 (4A5BCC79)
    fffff880`02618000 fffff880`02645000   mrxsmb   mrxsmb.sys   Sat Feb 27 02:52:19 2010 (4B88CF33)
    fffff880`030dd000 fffff880`0312b000   mrxsmb10 mrxsmb10.sys Sat Feb 27 02:52:28 2010 (4B88CF3C)
    fffff880`0312b000 fffff880`0314e000   mrxsmb20 mrxsmb20.sys Sat Feb 27 02:52:26 2010 (4B88CF3A)
    fffff880`00e09000 fffff880`00e14000   msahci   msahci.sys   Mon Jul 13 20:01:01 2009 (4A5BCABD)
    fffff880`01698000 fffff880`016a3000   Msfs     Msfs.SYS     Mon Jul 13 19:19:47 2009 (4A5BC113)
    fffff880`00f31000 fffff880`00f3b000   msisadrv msisadrv.sys Mon Jul 13 19:19:26 2009 (4A5BC0FE)
    fffff880`010fa000 fffff880`01158000   msrpc    msrpc.sys    Mon Jul 13 19:21:32 2009 (4A5BC17C)
    fffff880`02b05000 fffff880`02b10000   mssmbios mssmbios.sys Mon Jul 13 19:31:10 2009 (4A5BC3BE)
    fffff880`01706000 fffff880`01718000   mup      mup.sys      Mon Jul 13 19:23:45 2009 (4A5BC201)
    fffff880`01406000 fffff880`014f8000   ndis     ndis.sys     Mon Jul 13 19:21:40 2009 (4A5BC184)
    fffff880`02a24000 fffff880`02a30000   ndistapi ndistapi.sys Mon Jul 13 20:10:00 2009 (4A5BCCD8)
    fffff880`026e3000 fffff880`026f6000   ndisuio  ndisuio.sys  Mon Jul 13 20:09:25 2009 (4A5BCCB5)
    fffff880`02a30000 fffff880`02a5f000   ndiswan  ndiswan.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
    fffff880`04783000 fffff880`04798000   NDProxy  NDProxy.SYS  Mon Jul 13 20:10:05 2009 (4A5BCCDD)
    fffff880`039eb000 fffff880`039fa000   netbios  netbios.sys  Mon Jul 13 20:09:26 2009 (4A5BCCB6)
    fffff880`03977000 fffff880`039bc000   netbt    netbt.sys    Mon Jul 13 19:21:28 2009 (4A5BC178)
    fffff880`014f8000 fffff880`01558000   NETIO    NETIO.SYS    Mon Jul 13 19:21:46 2009 (4A5BC18A)
    fffff880`016a3000 fffff880`016b4000   Npfs     Npfs.SYS     Mon Jul 13 19:19:48 2009 (4A5BC114)
    fffff880`02af9000 fffff880`02b05000   nsiproxy nsiproxy.sys Mon Jul 13 19:21:02 2009 (4A5BC15E)
    fffff800`03057000 fffff800`03633000   nt       ntkrnlmp.exe Sat Feb 27 02:55:23 2010 (4B88CFEB)
    fffff880`0123d000 fffff880`013e0000   Ntfs     Ntfs.sys     Mon Jul 13 19:20:47 2009 (4A5BC14F)
    fffff880`0162a000 fffff880`01633000   Null     Null.SYS     Mon Jul 13 19:19:37 2009 (4A5BC109)
    fffff880`02690000 fffff880`026e3000   nwifi    nwifi.sys    Mon Jul 13 20:07:23 2009 (4A5BCC3B)
    fffff880`039c5000 fffff880`039eb000   pacer    pacer.sys    Mon Jul 13 20:09:41 2009 (4A5BCCC5)
    fffff880`00f8a000 fffff880`00f9f000   partmgr  partmgr.sys  Mon Jul 13 19:19:58 2009 (4A5BC11E)
    fffff880`00f3b000 fffff880`00f6e000   pci      pci.sys      Mon Jul 13 19:19:51 2009 (4A5BC117)
    fffff880`00fc9000 fffff880`00fd0000   pciide   pciide.sys   Mon Jul 13 19:19:49 2009 (4A5BC115)
    fffff880`00fd0000 fffff880`00fe0000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:19:48 2009 (4A5BC114)
    fffff880`01200000 fffff880`01211000   pcw      pcw.sys      Mon Jul 13 19:19:27 2009 (4A5BC0FF)
    fffff880`0314e000 fffff880`031f4000   peauth   peauth.sys   Mon Jul 13 21:01:19 2009 (4A5BD8DF)
    fffff880`04600000 fffff880`0463d000   portcls  portcls.sys  Mon Jul 13 20:06:27 2009 (4A5BCC03)
    fffff880`00d08000 fffff880`00d1c000   PSHED    PSHED.dll    Mon Jul 13 21:32:23 2009 (4A5BE027)
    fffff880`02a00000 fffff880`02a24000   rasl2tp  rasl2tp.sys  Mon Jul 13 20:10:11 2009 (4A5BCCE3)
    fffff880`02a5f000 fffff880`02a7a000   raspppoe raspppoe.sys Mon Jul 13 20:10:17 2009 (4A5BCCE9)
    fffff880`02a7a000 fffff880`02a9b000   raspptp  raspptp.sys  Mon Jul 13 20:10:18 2009 (4A5BCCEA)
    fffff880`015dc000 fffff880`015f6000   rassstp  rassstp.sys  Mon Jul 13 20:10:25 2009 (4A5BCCF1)
    fffff880`02aa8000 fffff880`02af9000   rdbss    rdbss.sys    Mon Jul 13 19:24:09 2009 (4A5BC219)
    fffff880`0167d000 fffff880`01686000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:16:34 2009 (4A5BCE62)
    fffff880`01686000 fffff880`0168f000   rdpencdd rdpencdd.sys Mon Jul 13 20:16:34 2009 (4A5BCE62)
    fffff880`0168f000 fffff880`01698000   rdprefmp rdprefmp.sys Mon Jul 13 20:16:35 2009 (4A5BCE63)
    fffff880`016cc000 fffff880`01706000   rdyboost rdyboost.sys Mon Jul 13 19:34:34 2009 (4A5BC48A)
    fffff880`026f6000 fffff880`0270e000   rspndr   rspndr.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
    fffff880`0437d000 fffff880`043b6000   Rt64win7 Rt64win7.sys Fri May 22 10:52:30 2009 (4A16BC2E)
    fffff880`04798000 fffff880`047c7b00   RtHDMIVX RtHDMIVX.sys Wed May 20 06:04:50 2009 (4A13D5C2)
    fffff880`05820000 fffff880`059fed00   RTKVHD64 RTKVHD64.sys Tue Jul 28 09:00:05 2009 (4A6EF655)
    fffff880`04269000 fffff880`04370000   rtl8192se rtl8192se.sys Wed Aug 26 06:11:12 2009 (4A950A40)
    fffff880`031f4000 fffff880`031ff000   secdrv   secdrv.SYS   Wed Sep 13 09:18:38 2006 (4508052E)
    fffff880`015d4000 fffff880`015dc000   spldr    spldr.sys    Mon May 11 12:56:27 2009 (4A0858BB)
    fffff880`05e70000 fffff880`05f08000   srv      srv.sys      Tue Dec 08 03:32:55 2009 (4B1E0F37)
    fffff880`03057000 fffff880`030c0000   srv2     srv2.sys     Mon Jul 13 19:25:02 2009 (4A5BC24E)
    fffff880`03000000 fffff880`0302d000   srvnet   srvnet.sys   Tue Dec 08 03:32:26 2009 (4B1E0F1A)
    fffff880`043fd000 fffff880`043fe480   swenum   swenum.sys   Mon Jul 13 20:00:18 2009 (4A5BCA92)
    fffff880`03a00000 fffff880`03a49000   SynTP    SynTP.sys    Mon Jul 20 20:07:29 2009 (4A6506C1)
    fffff880`03400000 fffff880`035fd000   tcpip    tcpip.sys    Mon Jul 13 19:25:34 2009 (4A5BC26E)
    fffff880`0302d000 fffff880`0303f000   tcpipreg tcpipreg.sys Mon Jul 13 20:09:49 2009 (4A5BCCCD)
    fffff880`043b6000 fffff880`043c0000   tdcmdpst tdcmdpst.sys Thu Jul 30 04:39:35 2009 (4A715C47)
    fffff880`0392e000 fffff880`0393b000   TDI      TDI.SYS      Mon Jul 13 19:21:18 2009 (4A5BC16E)
    fffff880`0393b000 fffff880`03959000   tdx      tdx.sys      Mon Jul 13 19:21:15 2009 (4A5BC16B)
    fffff880`016b4000 fffff880`016c8000   termdd   termdd.sys   Mon Jul 13 20:16:36 2009 (4A5BCE64)
    fffff880`01000000 fffff880`0107a000   tos_sps64 tos_sps64.sys Wed Jun 24 01:31:09 2009 (4A41BA1D)
    fffff960`004c0000 fffff960`004ca000   TSDDD    TSDDD.dll    Mon Jul 13 20:16:34 2009 (4A5BCE62)
    fffff880`02b98000 fffff880`02bbe000   tunnel   tunnel.sys   Mon Jul 13 20:09:37 2009 (4A5BCCC1)
    fffff880`015cf000 fffff880`015d3e00   TVALZ_O  TVALZ_O.SYS  Mon Jul 13 22:19:26 2009 (4A5BEB2E)
    fffff880`04717000 fffff880`04729000   umbus    umbus.sys    Mon Jul 13 20:06:56 2009 (4A5BCC20)
    fffff880`043f6000 fffff880`043f7f00   USBD     USBD.SYS     Mon Jul 13 20:06:23 2009 (4A5BCBFF)
    fffff880`04256000 fffff880`04267000   usbehci  usbehci.sys  Mon Jul 13 20:06:30 2009 (4A5BCC06)
    fffff880`04729000 fffff880`04783000   usbhub   usbhub.sys   Mon Jul 13 20:07:09 2009 (4A5BCC2D)
    fffff880`043cd000 fffff880`043d8000   usbohci  usbohci.sys  Mon Jul 13 20:06:30 2009 (4A5BCC06)
    fffff880`04200000 fffff880`04256000   USBPORT  USBPORT.SYS  Mon Jul 13 20:06:31 2009 (4A5BCC07)
    fffff880`04694000 fffff880`046af000   USBSTOR  USBSTOR.SYS  Mon Jul 13 20:06:34 2009 (4A5BCC0A)
    fffff880`00f6e000 fffff880`00f7b000   vdrvroot vdrvroot.sys Mon Jul 13 20:01:31 2009 (4A5BCADB)
    fffff880`0163a000 fffff880`01648000   vga      vga.sys      Mon Jul 13 19:38:47 2009 (4A5BC587)
    fffff880`01648000 fffff880`0166d000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:38:51 2009 (4A5BC58B)
    fffff880`00fb4000 fffff880`00fc9000   volmgr   volmgr.sys   Mon Jul 13 19:19:57 2009 (4A5BC11D)
    fffff880`00d7a000 fffff880`00dd6000   volmgrx  volmgrx.sys  Mon Jul 13 19:20:33 2009 (4A5BC141)
    fffff880`01583000 fffff880`015cf000   volsnap  volsnap.sys  Mon Jul 13 19:20:08 2009 (4A5BC128)
    fffff880`04370000 fffff880`0437d000   vwifibus vwifibus.sys Mon Jul 13 20:07:21 2009 (4A5BCC39)
    fffff880`0388a000 fffff880`038a0000   vwififlt vwififlt.sys Mon Jul 13 20:07:22 2009 (4A5BCC3A)
    fffff880`017e1000 fffff880`017fc000   wanarp   wanarp.sys   Mon Jul 13 20:10:21 2009 (4A5BCCED)
    fffff880`0166d000 fffff880`0167d000   watchdog watchdog.sys Mon Jul 13 19:37:35 2009 (4A5BC53F)
    fffff880`00e1e000 fffff880`00ec2000   Wdf01000 Wdf01000.sys Mon Jul 13 19:22:07 2009 (4A5BC19F)
    fffff880`00ec2000 fffff880`00ed1000   WDFLDR   WDFLDR.SYS   Mon Jul 13 19:19:54 2009 (4A5BC11A)
    fffff880`039bc000 fffff880`039c5000   wfplwf   wfplwf.sys   Mon Jul 13 20:09:26 2009 (4A5BCCB6)
    fffff960`000a0000 fffff960`003af000   win32k   win32k.sys   Mon Jul 13 19:40:16 2009 (4A5BC5E0)
    fffff880`00f28000 fffff880`00f31000   WMILIB   WMILIB.SYS   Mon Jul 13 19:19:51 2009 (4A5BC117)
    fffff880`0121b000 fffff880`0123c000   WudfPf   WudfPf.sys   Mon Jul 13 20:05:37 2009 (4A5BCBD1)
    
    Unloaded modules:
    fffff880`017a9000 fffff880`017b7000   crashdmp.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  0000E000
    fffff880`017b7000 fffff880`017c3000   dump_pciidex
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  0000C000
    fffff880`017c3000 fffff880`017ce000   dump_msahci.
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  0000B000
    fffff880`017ce000 fffff880`017e1000   dump_dumpfve
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  00013000
    
    
     
  5. msfanboy98

    msfanboy98 New Member

    Joined:
    May 11, 2011
    Messages:
    237
    Likes Received:
    0
    STOP: 0x0000007b means Windows 7 can't access your system driver because of hard drive controller errors. contact your manufacturer they are responsible for your hardware and software.
     
  6. cybercore

    cybercore New Member

    Joined:
    Jul 7, 2009
    Messages:
    15,823
    Likes Received:
    321
    Yet, before sending pc to the repairs shop, I would insist to run HDD S.M.A.R.T. tests and chkdsk /f.
     
  7. Saltgrass

    Saltgrass Excellent Member
    Microsoft Community Contributor

    Joined:
    Oct 16, 2009
    Messages:
    15,157
    Likes Received:
    393
    I noticed something in the system information that looks a little strange. I have found some references to it on the net, but nothing that seems to make sense. I will continue to search.

    You might check your device manager to see if any devices are showing problems and you may have to view the hidden devices, not sure.

    But it seems to revolve around spldr.sys and is causing the problems indicated on the attached screen in your System Info-Problem Devices section.
     

    Attached Files:

  8. cybercore

    cybercore New Member

    Joined:
    Jul 7, 2009
    Messages:
    15,823
    Likes Received:
    321
    It's the hard drive. Might be bad memory too, but I would check the hard drive first of all since it very much points to it:

    BugCheck 7A, {fffff6fc40009bb8, ffffffffc0000185, 60b6b860, fffff88001377ef0}
    KERNEL_DATA_INPAGE_ERROR (7a)
    means the disk subsystem has experienced a failure.
    Probably caused by : memory_corruption


    Memory_corruption likely occurs here due to pagefile.sys -- which is much dependent on hard drive.
     

Share This Page

Loading...