Windows 8.1 BSOD system_service_exception
Hi there,
I've recently had a new machine built for me. I've run in to a few BSOD issues, however most have been solved by updating my graphics drivers.
Blue screen seems to happen intermittently, but anecdotal evidence seems to suggest that this could occur when I am watching youtube or a movie and playing a game in windowed mode.
My system spec is as follows
AMD FX-6300 4.1ghz 6 core
2x8gb DDR3 1600mhz ram
Radeon 290 4GB graphics
700W PSU
I've uploaded my crash dumps to dropbox for examination at https://www.dropbox.com/s/ukzzrv3a3pi9btm/Minidump.zip?dl=0.
Please could I have some advice on how to solve the issue?
Kind Regards,
Jamie
For videos I've been using VLC 2.1.5
For Youtube I've been using Opera build
23.0.1522.77. Both are the up to date versions.
edit: Just for reference also, my device drivers for my graphics device is the 14.200.1004.0 driver, which is the release candidate 3 version for the catalyst 14.7 driver. I *had* the 14.4 driver (release date 2014-04-25) which I "up"graded from
to reduce the BSOD issues
Similar Messages
-
Windows 8.1 BSOD please help Minidump file attached
Windows 8.1 BSOD please help Minidump file and dxdiag info file link is below,
This BSOD frequency is about once every 1 hour to 4 hours,
Memtest passed with one pass on the one chip of 4GB
Brand new 8.1 install
https://drive.google.com/file/d/0B39S6eNyRvOHRnZHRG1Jd1lwT2M/view?usp=sharing
https://docs.google.com/document/d/1XueM-ov7wjfePJh45Pp3fg1QSSzFBqMuO1tfr9GZm8k/edit?usp=sharingThis is a crash related to some type of hardware failure. Please refer to the Wiki link below, for some troubleshooting tips.
BugCheck Code 124 Co-Authored by ZigZag3143& JMH3143
http://answers.microsoft.com/en-us/windows/wiki/windows_other-system/bugcheck-code-124/98c998d2-447a-40ce-ae1f-8211e355f14d
WARNING: Whitespace at end of path element
Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 9600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 9600.16422.amd64fre.winblue_gdr.131006-1505
Machine Name:
Kernel base = 0xfffff800`c0e7b000 PsLoadedModuleList = 0xfffff800`c113f990
Debug session time: Tue Mar 3 23:19:34.178 2015 (UTC - 5:00)
System Uptime: 0 days 0:00:04.947
Loading Kernel Symbols
Loading User Symbols
Mini Kernel Dump does not contain unloaded driver list
* Bugcheck Analysis *
Use !analyze -v to get detailed debugging information.
BugCheck 124, {0, ffffe000016f88f8, 0, 0}
Probably caused by : hardware
Followup: MachineOwner
1: kd> !analyze -v
* Bugcheck Analysis *
WHEA_UNCORRECTABLE_ERROR (124)
A fatal hardware error has occurred. Parameter 1 identifies the type of error
source that reported the error. Parameter 2 holds the address of the
WHEA_ERROR_RECORD structure that describes the error conditon.
Arguments:
Arg1: 0000000000000000, Machine Check Exception
Arg2: ffffe000016f88f8, Address of the WHEA_ERROR_RECORD structure.
Arg3: 0000000000000000, High order 32-bits of the MCi_STATUS value.
Arg4: 0000000000000000, Low order 32-bits of the MCi_STATUS value.
Debugging Details:
BUGCHECK_STR: 0x124_AuthenticAMD
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: System
CURRENT_IRQL: 0
STACK_TEXT:
ffffd000`2087f6c0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!WheapCreateLiveTriageDump+0x81
STACK_COMMAND: kb
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: hardware
IMAGE_NAME: hardware
DEBUG_FLR_IMAGE_TIMESTAMP: 0
FAILURE_BUCKET_ID: X64_0x124_AuthenticAMD_PROCESSOR_BUS_PRV
BUCKET_ID: X64_0x124_AuthenticAMD_PROCESSOR_BUS_PRV
Followup: MachineOwner
1: kd> !errrec ffffe000016f88f8
===============================================================================
Common Platform Error Record @ ffffe000016f88f8
Record Id : 01d0563268a81312
Severity : Fatal (1)
Length : 928
Creator : Microsoft
Notify Type : Machine Check Exception
Timestamp : 3/4/2015 4:19:34
Flags : 0x00000002 PreviousError
===============================================================================
Section 0 : Processor Generic
Descriptor @ ffffe000016f8978
Section @ ffffe000016f8a50
Offset : 344
Length : 192
Flags : 0x00000001 Primary
Severity : Fatal
Proc. Type : x86/x64
Instr. Set : x64
Error Type : BUS error
Operation : Generic
Flags : 0x00
Level : 3
CPU Version : 0x0000000000100f42
Processor ID : 0x0000000000000000
===============================================================================
Section 1 : x86/x64 Processor Specific
Descriptor @ ffffe000016f89c0
Section @ ffffe000016f8b10
Offset : 536
Length : 128
Flags : 0x00000000
Severity : Fatal
Local APIC Id : 0x0000000000000000
CPU Id : 42 0f 10 00 00 08 02 00 - 09 20 80 00 ff fb 8b 17
00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
Proc. Info 0 @ ffffe000016f8b10
===============================================================================
Section 2 : x86/x64 MCA
Descriptor @ ffffe000016f8a08
Section @ ffffe000016f8b90
Offset : 664
Length : 264
Flags : 0x00000000
Severity : Fatal
Error : BUSLG_OBS_ERR_*_NOTIMEOUT_ERR (Proc 0 Bank 4)
Status : 0xba00001000020c0f -
BSOD System_Service_Exception and Driver_Verifier_Detection on HP m9520f PC
Hello,
I recently re-formatted and reinstalled Windows 7 Ultimate 64x on my HP Pavilion Elite m9520f PC.
I encountered the BSOD crashes several times a day of having the "System_Service_Exception 0x0000003B" and DRIVER_VERIFIER_DETECTED_VIOLATION 0x000000c4 error. The system automatically restarts when the BSOD takes place.
I have installed the most recent NVIDIA GeForce 9600 GS driver update to see if it solves the problem but nothing was solved. I also went to the Advanced Boot Options and did the last known good configuration option but did not work. More information on how to solve this problem would be sincerely appreciated.
Here's both of the problem signatures:
Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.256.1
Locale ID: 1033
Additional information about the problem:
BCCode: 3b
BCP1: 00000000C0000005
BCP2: FFFFF880016537E7
BCP3: FFFFF88006810E70
BCP4: 0000000000000000
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1
AND
Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.256.1
Locale ID: 1033
Additional information about the problem:
BCCode: c4
BCP1: 0000000000000091
BCP2: 0000000000000002
BCP3: FFFFFA800A8D9710
BCP4: 0000000000000000
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1
This question was solved.
View Solution.Unplug the PC from household power.
Remove the memory modules.
Put a single stick of memory into the slot nearest the CPU.
Once that is done you can plug the PC back in to see if it boots up.
If it does not boot up then unplug the PC. Remove that memory module and put the other module in its place, plug in the PC and try booting up again.
****Please click on Accept As Solution if a suggestion solves your problem. It helps others facing the same problem to find a solution easily****
2015 Microsoft MVP - Windows Experience Consumer -
Windows update causing BSOD in my new B50-30 with DRIVER-IRQL error
Hi folks - I'm really hoping someone else has found a way to deal with a similar issue.
I bought a b50-30 about three weeks ago, and everything has been fine until the latest rounds of Windows updates. During the normal update blue screen, It got stuck (I gave it 24 hours just in case!) on "update 5 of 31", so I eventually had to force restart. That led to a blue screen with the annoying smiley emoticon for a frown, and it claimed to be "collecting some error I fo and then we'll restart for you" but it showed a 0% progress reading, which didn't change during the 12 hours I (patiently) let it run. The specific error message was DRIVER-IRQL-NOT-LESS-OR-EQUAL. Eventually I force-restarted a second time and went into Safe Mode, and the updates appeared to restart and make progress. Eventually the computer started normally again. Victory?
All was fine for a week, and then the bloody thing got stuck on the next round of infernal Windows updates, this time not getting past "28 of 61 updates". When I force restart, I get the BSOD with the same DRIVER-IRQL error message and the same 0% progress reading that won't make progress no matter how long I leave it. Unfortunately, this time, opening in safe mode won't work for me, as it merely brings me back to the identical BSOD screen. Now I have no way to restart the bloody thing at all (other than going for a full recovery, which I'm hoping to be able to avoid). I also tried the "refresh" function, which went through the percentage progress fully, but resulted in the same BSOD. Interestingly, it won't allow me to "restore".
Does anyone have any brilliant advice, other than throwing it out a window and never buying either Lenovo or Windows again?
Thanks all
EJShi Arie,
Welcome to the Forums.
If you;re able to see the SSD in the BIOS and/or see it under Disk Management while using the stock HDD then you may want to consider the following:
1. Boot from the stock HDD and update the BIOS
BIOS Update Utility - Ideapad 305-15IBY, Lenovo B40-30, B50-30, B50-30 touch, E40-30 Laptops
2. Update the SSD's firmware to MU02 (latest as of this writing).
http://www.crucial.com/usa/en/support-ssd-firmware
3. Using the stock HDD, connect the Crucial SSD and convert the volume to MBR first to see if there's a compatibility using the drive as GPT.
If none of the above methods works then there's likely a compatibility issue with the SSD's controller and/or the BIOS (similar to this thread). In this case, consider using a different brand (e.g., Samsung) and observe.
Regards -
Windows 8.1 BSoD & driver issue
Hello,
I was hoping someone could help me out here. Let me describe the issue. For quite a while I was using Windows 8.1 fine and did not have any problems, however I recently burned my PSU somehow and then the problems started. Which I somewhy find odd, cause the
BSoD's are related to a driver issue(?). The driver which seems to cause the problem, is
Intel(R) Engine Management Interface.
"This device cannot start. (Code 10)
A device which does not exist was specified"
Event Viewer displays the following error:
"Intel(R) Engine Management Interface driver has failed to perform a handshake with the Firmware."
Since it says "A device which does not exist was specified.", I assume I don't need this driver at all, so I tried disabling it and uninstalling, but it keeps coming back every time I restart my PC. I even tried looking for a newer driver, but couldn't
find anything. The newest driver is for Windows 7 x64/x86. I found out you could possibly disable it in bios, but I couldn't find the option to do so in my bios. I went thru every option 1 by 1, just to make sure, I wouldn't miss it.
Here's my PC:
Motherboard: Gigabyte GA-H55M-S2 (F4 BIOS)
CPU: Intel i3 540 @ 3.07GHz (Overclocked to 4,03GHz)
Cooler: Cooler Master Hyper 212 EVO
GPU: NVIDIA GeForce GTX 660 (GV-N660OC-2GD)
RAM: 2 x Kingston 4GB 1333MHz DDR3
HDD: Western Digital 500GB
At the very moment, I have installed a fresh copy of Windows 8.1 Professional x64 and the problem still seems to exist. I have tried and googled for everything I can think off, now I'm just stuck at this problem.
I hope someone can help me out here, or at the very least, guide me in the right direction.
Link to minidump: http://1drv.ms/1H6E4uhUse !analyze -v to get detailed debugging information.
BugCheck D1, {fffff8012d4359f0, 2, 8, fffff8012d4359f0}
Probably caused by : ntkrnlmp.exe ( nt!KiPageFault+23a )
Followup: MachineOwner
2: kd> !analyze -v
* Bugcheck Analysis *
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: fffff8012d4359f0, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000008, value 0 = read operation, 1 = write operation
Arg4: fffff8012d4359f0, address which referenced memory
Debugging Details:
READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80108f64138
unable to get nt!MmNonPagedPoolStart
unable to get nt!MmSizeOfNonPagedPoolInBytes
fffff8012d4359f0
CURRENT_IRQL: 2
FAULTING_IP:
+8c228a89b114
fffff801`2d4359f0 ?? ???
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: AV
PROCESS_NAME: svchost.exe
ANALYSIS_VERSION: 6.3.9600.16384 (debuggers(dbg).130821-1623) amd64fre
TRAP_FRAME: ffffd00027a58120 -- (.trap 0xffffd00027a58120)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0a00000000000020 rbx=0000000000000000 rcx=0000000000000002
rdx=fffff8012d4359f0 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8012d4359f0 rsp=ffffd00027a582b0 rbp=0001da10001da171
r8=00000000001da130 r9=02200000001da347 r10=7100a1ef05420000
r11=0000000000000042 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na po nc
fffff801`2d4359f0 ?? ???
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff80108d5d4e9 to fffff80108d519a0
FAILED_INSTRUCTION_ADDRESS:
+8c228a89b114
fffff801`2d4359f0 ?? ???
STACK_TEXT:
ffffd000`27a57fd8 fffff801`08d5d4e9 : 00000000`0000000a fffff801`2d4359f0 00000000`00000002 00000000`00000008 : nt!KeBugCheckEx
ffffd000`27a57fe0 fffff801`08d5bd3a : 00000000`00000008 ffffe000`8f89b0f8 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
ffffd000`27a58120 fffff801`2d4359f0 : 00000000`00000000 00000000`00000000 00000000`000e293f 00000000`00000000 : nt!KiPageFault+0x23a
ffffd000`27a582b0 00000000`00000000 : 00000000`00000000 00000000`000e293f 00000000`00000000 00000000`0001358b : 0xfffff801`2d4359f0
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!KiPageFault+23a
fffff801`08d5bd3a 440f20c0 mov rax,cr8
SYMBOL_STACK_INDEX: 2
SYMBOL_NAME: nt!KiPageFault+23a
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 54c832b2
IMAGE_VERSION: 6.3.9600.17668
BUCKET_ID_FUNC_OFFSET: 23a
FAILURE_BUCKET_ID: AV_CODE_AV_BAD_IP_nt!KiPageFault
BUCKET_ID: AV_CODE_AV_BAD_IP_nt!KiPageFault
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:av_code_av_bad_ip_nt!kipagefault
FAILURE_ID_HASH: {73cd60cc-83fa-6b76-df08-1961c31d7403}
Followup: MachineOwner
It points to incorrect memory page access obviously. It generally caused by some driver like you found. update all drivers should be resolved. Have you tried ever? -
Hi All.
8.1 has been released today and I was keen to get updated.
I must stress this is not the Preview Release
Clean install of Windows 8 Pro a couple of days ago, setting up with my Microsoft Account.
Successfully downloaded from store and set's off installing.
It gets to "getting devices ready" and then blue screens, giving the message of IRQL_NOT_LESS_OR_EQUAL
Then Goes through the process of restoring etc...
I get this message upon logging in "Couldn't update to Windows 8.1" with this code "0xC1900101 - 0x30018"
I looked in C:\Windows\WindowsUpdate.log for that code and this is what I found
2013-10-17 15:54:28:241
824 b70
Agent *************
2013-10-17 15:54:28:241
824 b70
Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates]
2013-10-17 15:54:28:241
824 b70
Agent *********
2013-10-17 15:54:28:241
824 b70
Agent * Online = No; Ignore download priority = No
2013-10-17 15:54:28:241
824 b70
Agent * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0
and DeploymentAction='Uninstallation' and RebootRequired=1"
2013-10-17 15:54:28:241
824 b70
Agent * ServiceID = {7971F918-A847-4430-9279-4A52D1EFE18D} Third party service
2013-10-17 15:54:28:241
824 b70
Agent * Search Scope = {Machine & All Users}
2013-10-17 15:54:28:241
824 b70
Agent * Caller SID for Applicability: S-1-5-18
2013-10-17 15:54:28:772
824 b6c
Report REPORT EVENT: {B1A7C55D-9F94-4493-95FB-EB88F0FDBC6B}
2013-10-17 15:54:28:038+0100 1
202 [AU_REBOOT_COMPLETED] 102
{00000000-0000-0000-0000-000000000000}
0 0 AutomaticUpdates
Success Content Install
Reboot completed.
2013-10-17 15:54:28:772
824 b6c
Report REPORT EVENT: {9D7B97A0-D309-48D2-8E12-0D89A5FCB4DE}
2013-10-17 15:54:28:163+0100 1
204 [AGENT_INSTALLING_FAILED_POST_REBOOT]
101 {807050CF-9EC6-4235-8E96-019018A64F93}
1 c1900101
WSAcquisition Failure
Content Install Installation Failure Post Reboot.
2013-10-17 15:54:28:772
824 b6c
Report CWERReporter::HandleEvents - WER report upload completed with status 0x8
2013-10-17 15:54:28:772
824 b6c
Report WER Report sent: 7.8.9200.16715 0xc1900101(0x30018) 807050CF-9EC6-4235-8E96-019018A64F93 Install 101 Unmanaged
2013-10-17 15:54:28:772
824 b6c
Report CWERReporter finishing event handling. (00000000)
2013-10-17 15:54:28:788
824 b6c
Misc Validating signature for C:\Windows\SoftwareDistribution\WuRedir\117CAB2D-82B1-4B5A-A08C-4D62DBEE7782\wuredir.cab:
2013-10-17 15:54:28:819
824 b6c
Misc Microsoft signed: Yes
2013-10-17 15:54:28:819
824 b6c
Misc Infrastructure signed: Yes
2013-10-17 15:54:28:819
824 b6c
EP Got 117CAB2D-82B1-4B5A-A08C-4D62DBEE7782 redir Client/Server URL: "https://fe2.ws.microsoft.com/v6/ClientWebService/client.asmx"
2013-10-17 15:54:28:991
824 b6c
PT WARNING: Cached cookie has expired or new PID is available
2013-10-17 15:54:29:225
824 b28
Service UpdateNetworkState Ipv6, cNetworkInterfaces = 2.
2013-10-17 15:54:29:303
824 b28
Service UpdateNetworkState Ipv6, cNetworkInterfaces = 3.
2013-10-17 15:54:29:663
824 b6c
EP Got 117CAB2D-82B1-4B5A-A08C-4D62DBEE7782 redir Reporting URL: "http://statsfe2.ws.microsoft.com/ReportingWebService/ReportingWebService.asmx"
2013-10-17 15:54:29:663
824 b6c
Report WARNING: Reporter failed to upload events with hr = 8024000c.
2013-10-17 15:54:30:241
824 b70
Driver Matched driver to device PCI\VEN_8086&DEV_0116&SUBSYS_167C103C&REV_09
2013-10-17 15:54:30:241
824 b70
Driver Status: 0x180200a, ProblemNumber: 00000000
2013-10-17 15:54:32:819
824 b70
Agent Update {037A60AA-425B-497C-9FF0-EF85547911E5}.203 is pruned out due to potential supersedence
2013-10-17 15:54:32:819
824 b70
Agent Update {D528D50B-791A-4567-A497-ADEB35EA645B}.200 is pruned out due to potential supersedence
2013-10-17 15:54:32:819
824 b70
Agent * Added update {3C8EBF2A-9544-4C58-8415-270C3DB7394A}.201 to search result
2013-10-17 15:54:32:819
824 b70
Agent * Added update {30F20830-9BBE-47CE-A980-C8188A1D9033}.200 to search result
2013-10-17 15:54:32:819
824 b70
Agent * Found 2 updates and 70 categories in search; evaluated appl. rules of 984 out of 1978 deployed entities
2013-10-17 15:54:32:819
824 b70
Agent *********
2013-10-17 15:54:32:819
824 b70
Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
2013-10-17 15:54:32:835
824 b70
Agent *************
2013-10-17 15:54:32:835
824 b70
Agent *************
2013-10-17 15:54:32:835
824 b70
Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates]
2013-10-17 15:54:32:835
824 b70
Agent *********
2013-10-17 15:54:32:835
824 b70
Agent * Online = No; Ignore download priority = No
2013-10-17 15:54:32:835
824 b70
Agent * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0
and DeploymentAction='Uninstallation' and RebootRequired=1"
2013-10-17 15:54:32:835
824 b70
Agent * ServiceID = {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782} Third party service
2013-10-17 15:54:32:835
824 b70
Agent * Search Scope = {Machine & All Users}
2013-10-17 15:54:32:835
824 b70
Agent * Caller SID for Applicability: S-1-5-18
2013-10-17 15:54:32:835
824 a0c
AU >>## RESUMED ## AU: Search for updates [CallId = {0D4D6C8A-80FB-4D24-B173-E6E00F0B5100} ServiceId = {7971F918-A847-4430-9279-4A52D1EFE18D}]
2013-10-17 15:54:32:835
824 a0c
AU # 2 updates detected
2013-10-17 15:54:32:835
824 a0c
AU #########
2013-10-17 15:54:32:835
824 a0c
AU ## END ## AU: Search for updates [CallId = {0D4D6C8A-80FB-4D24-B173-E6E00F0B5100} ServiceId = {7971F918-A847-4430-9279-4A52D1EFE18D}]
2013-10-17 15:54:32:835
824 a0c
AU #############
2013-10-17 15:54:33:069
824 b70
Agent * Added update {EDAD6B81-D57D-4853-B35F-92C06FB50522}.2 to search result
2013-10-17 15:54:33:069
824 b70
Agent * Added update {4326AA48-2830-4DD1-AD2B-19436B42D2A9}.3 to search result
2013-10-17 15:54:33:069
824 b70
Agent * Added update {9524B405-AB2E-419F-A60D-0BD1AD7A3668}.2 to search result
2013-10-17 15:54:33:069
824 b70
Agent * Added update {E7FF661C-6A03-4387-A1EE-1D723B52EF60}.3 to search result
2013-10-17 15:54:33:069
824 b70
Agent * Added update {E8B477DF-479E-4BCA-B8F8-2D987A509009}.2 to search result
2013-10-17 15:54:33:069
824 b70
Agent * Added update {BB85CCA0-88DC-4DA7-8E81-B7F7E5E73B81}.100 to search result
2013-10-17 15:54:33:069
824 b70
Agent * Added update {18DEF1D9-4513-467E-9D7E-E1772855BB9E}.100 to search result
2013-10-17 15:54:33:069
824 b70
Agent * Added update {971D9BE4-5145-4DB5-962C-CEE2EE3A2842}.3 to search result
2013-10-17 15:54:33:069
824 b70
Agent * Added update {CCB380C9-29F5-4305-96DD-86DE2D00438B}.2 to search result
2013-10-17 15:54:33:069
824 b70
Agent * Added update {455BDD67-9ED0-4DE7-94F1-3480EA942414}.12 to search result
2013-10-17 15:54:33:069
824 b70
Agent * Added update {ADFBFCE0-FFD4-4826-B9CF-50AE8182E3C5}.2 to search result
2013-10-17 15:54:33:069
824 b70
Agent * Added update {BFA8C8B8-EEF7-4A82-A36C-8F760F792430}.3 to search result
2013-10-17 15:54:33:069
824 b70
Agent * Added update {EDDCA784-F6C4-4BBE-9B7F-F3B7BD887468}.1 to search result
2013-10-17 15:54:33:069
824 b70
Agent * Added update {450513E6-6E83-4B5F-800D-5E12695066EB}.1 to search result
2013-10-17 15:54:33:069
824 b70
Agent * Added update {3F05DE38-92BC-44B6-B06B-5217E5CF12CA}.1 to search result
2013-10-17 15:54:33:069
824 b70
Agent * Found 15 updates and 32 categories in search; evaluated appl. rules of 62 out of 229 deployed entities
2013-10-17 15:54:33:069
824 b70
Agent *********
2013-10-17 15:54:33:069
824 b70
Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
2013-10-17 15:54:33:069
824 b70
Agent *************
2013-10-17 15:54:33:100
824 b70
Agent *************
2013-10-17 15:54:33:100
824 b70
Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates]
2013-10-17 15:54:33:100
824 b70
Agent *********
2013-10-17 15:54:33:100
824 b70
Agent * Online = No; Ignore download priority = No
2013-10-17 15:54:33:100
824 b70
Agent * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0
and DeploymentAction='Uninstallation' and RebootRequired=1"
2013-10-17 15:54:33:100
824 b70
Agent * ServiceID = {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782} Third party service
2013-10-17 15:54:33:100
824 b70
Agent * Search Scope = {Current User}
2013-10-17 15:54:33:100
824 b70
Agent * Caller SID for Applicability: S-1-5-21-2764995463-2437662695-3070335040-1001
2013-10-17 15:54:33:163
824 b70
Agent * Found 0 updates and 32 categories in search; evaluated appl. rules of 58 out of 229 deployed entities
2013-10-17 15:54:33:163
824 b70
Agent *********
2013-10-17 15:54:33:163
824 b70
Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
2013-10-17 15:54:33:163
824 b70
Agent *************
2013-10-17 15:54:33:163
824 b70
Agent *************
2013-10-17 15:54:33:163
824 b70
Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates]
2013-10-17 15:54:33:163
824 b70
Agent *********
2013-10-17 15:54:33:163
824 b70
Agent * Online = No; Ignore download priority = No
2013-10-17 15:54:33:163
824 b70
Agent * Criteria = "IsInstalled=0 and DeploymentAction='Installation' or IsPresent=1 and DeploymentAction='Uninstallation' or IsInstalled=1 and DeploymentAction='Installation' and RebootRequired=1 or IsInstalled=0
and DeploymentAction='Uninstallation' and RebootRequired=1"
2013-10-17 15:54:33:163
824 b70
Agent * ServiceID = {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782} Third party service
2013-10-17 15:54:33:163
824 b70
Agent * Search Scope = {Current User}
2013-10-17 15:54:33:163
824 b70
Agent * Caller SID for Applicability: S-1-5-21-2764995463-2437662695-3070335040-1004
2013-10-17 15:54:33:257
824 b70
Agent * Added update {EDAD6B81-D57D-4853-B35F-92C06FB50522}.2 to search result
2013-10-17 15:54:33:257
824 b70
Agent * Added update {4326AA48-2830-4DD1-AD2B-19436B42D2A9}.3 to search result
2013-10-17 15:54:33:257
824 b70
Agent * Added update {9524B405-AB2E-419F-A60D-0BD1AD7A3668}.2 to search result
2013-10-17 15:54:33:257
824 b70
Agent * Added update {E7FF661C-6A03-4387-A1EE-1D723B52EF60}.3 to search result
2013-10-17 15:54:33:257
824 b70
Agent * Added update {E8B477DF-479E-4BCA-B8F8-2D987A509009}.2 to search result
2013-10-17 15:54:33:257
824 b70
Agent * Added update {BB85CCA0-88DC-4DA7-8E81-B7F7E5E73B81}.100 to search result
2013-10-17 15:54:33:257
824 b70
Agent * Added update {18DEF1D9-4513-467E-9D7E-E1772855BB9E}.100 to search result
2013-10-17 15:54:33:257
824 b70
Agent * Added update {971D9BE4-5145-4DB5-962C-CEE2EE3A2842}.3 to search result
2013-10-17 15:54:33:257
824 b70
Agent * Added update {CCB380C9-29F5-4305-96DD-86DE2D00438B}.2 to search result
2013-10-17 15:54:33:257
824 b70
Agent * Added update {455BDD67-9ED0-4DE7-94F1-3480EA942414}.12 to search result
2013-10-17 15:54:33:257
824 b70
Agent * Added update {ADFBFCE0-FFD4-4826-B9CF-50AE8182E3C5}.2 to search result
2013-10-17 15:54:33:257
824 b70
Agent * Added update {BFA8C8B8-EEF7-4A82-A36C-8F760F792430}.3 to search result
2013-10-17 15:54:33:257
824 b70
Agent * Added update {EDDCA784-F6C4-4BBE-9B7F-F3B7BD887468}.1 to search result
2013-10-17 15:54:33:257
824 b70
Agent * Added update {450513E6-6E83-4B5F-800D-5E12695066EB}.1 to search result
2013-10-17 15:54:33:257
824 b70
Agent * Added update {3F05DE38-92BC-44B6-B06B-5217E5CF12CA}.1 to search result
2013-10-17 15:54:33:257
824 b70
Agent * Found 15 updates and 32 categories in search; evaluated appl. rules of 62 out of 229 deployed entities
2013-10-17 15:54:33:257
824 b70
Agent *********
2013-10-17 15:54:33:257
824 b70
Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]
2013-10-17 15:54:33:257
824 b70
Agent *************
2013-10-17 15:54:33:257
824 a0c
AU >>## RESUMED ## AU: Search for updates [CallId = {80A0C3B8-5211-463A-9F6A-2C423A38DC33} ServiceId = {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782}]
2013-10-17 15:54:33:257
824 a0c
AU # 15 updates detected
2013-10-17 15:54:33:257
824 a0c
AU #########
2013-10-17 15:54:33:257
824 a0c
AU ## END ## AU: Search for updates [CallId = {80A0C3B8-5211-463A-9F6A-2C423A38DC33} ServiceId = {117CAB2D-82B1-4B5A-A08C-4D62DBEE7782}]
2013-10-17 15:54:33:257
824 a0c
AU #############
2013-10-17 15:54:33:257
824 a0c
AU All AU searches complete.
2013-10-17 16:03:27:805
824 b6c
EP Got 117CAB2D-82B1-4B5A-A08C-4D62DBEE7782 redir Client/Server URL: "https://fe2.ws.microsoft.com/v6/ClientWebService/client.asmx"
2013-10-17 16:03:27:816
824 b6c
PT WARNING: Cached cookie has expired or new PID is available
2013-10-17 16:03:28:587
824 b6c
EP Got 117CAB2D-82B1-4B5A-A08C-4D62DBEE7782 redir Reporting URL: "http://statsfe2.ws.microsoft.com/ReportingWebService/ReportingWebService.asmx"
2013-10-17 16:03:28:591
824 b6c
Report Uploading 1 events using cached cookie, reporting URL = http://statsfe2.ws.microsoft.com/ReportingWebService/ReportingWebService.asmx
2013-10-17 16:03:29:002
824 b6c
Report Reporter successfully uploaded 1 events.
2013-10-17 16:04:18:304
824 b6c
Report WARNING: CSerializationHelper:: InitSerialize failed : 0x80070002
2013-10-17 16:06:19:309
824 b28
AU ########### AU: Uninitializing Automatic Updates ###########
2013-10-17 16:06:19:440
824 b28
WuTask Uninit WU Task Manager
2013-10-17 16:06:19:483
824 b28
Service *********
2013-10-17 16:06:19:483
824 b28
Service ** END ** Service: Service exit [Exit code = 0x240001]
2013-10-17 16:06:19:483
824 b28
Service *************
I've tried WSReset.exe and deleting the downloaded files for 8.1
My machine is a HP ProBook 4530s, Windows 8 Pro, Core i3, 8GB RAM, 256GB SSD - all drivers installedFresh install and it's still the same!
Running out of ideas now IRQL_NOT_LESS_OR_EQUAL refers to a driver error so I'm a bit stumped
BlueScreenViewer cannot find any dumps to check either
Hi,
Before upgrade to Windows 8.1, please first install all available updates including system and app.
Then, make sure that the 3rd part security application is removed, since it will sometimes cause the updates issue.
If there is any external device plugged in your computer, please unplug it.
In order to help you better, please enable dump on computer and once the BSOD happen again, we can collect the minidump file for research.
To enable dump feature, refer to these steps:
1. Open Control Panel.
2. Double-click System, and then click Advanced system settings.
3. Click the Advanced tab, and then click Settings under Startup and Recovery.
4. In the Write debugging information list, click Small memory dump (64k).
5. You can get the dump file under C:\Windows\minidump
In addition, if we still fail to install Windows 8.1, please collect following logs and upload here for further research:
setuperr.log and setupact.log under C:\Windows\Logs\PBR\PreRollbackLogs\
C:\WINDOWS\PANTHER\setupact.log
C:\WINDOWS\PANTHER\setuperr.log
Keep post.
Regards,
Kate Li
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
Windows crashing - random BSOD on Windows 7 64-bit
Hello
I tried reading this forum and tried IMO everything but computer still gets BSOD. I'm including Dump File. I don't know how to read it. Any advice?
http://sdrv.ms/1gwJEKq
What I did:
memtest86 - passed
ccleaner
regcleaner
antivirus scan
reinstalled drivers
chkdsk
I have mirrored drives on windows. It shows 'resynching'. Could it be failing and causing the problem?Mindau
This one crash was Related to the
nvvad64v.sys NVIDIA Virtual Audio Driver from NVIDIA Corporation I would install the newest driver available.
Microsoft (R) Windows Debugger Version 6.3.9600.16384 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\Ken\Desktop\013114-22495-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred SRV*H:\symbols*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*H:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7600 MP (12 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.17273.amd64fre.win7_gdr.130318-1532
Machine Name:
Kernel base = 0xfffff800`03467000 PsLoadedModuleList = 0xfffff800`036a3e70
Debug session time: Fri Jan 31 05:39:43.583 2014 (UTC - 5:00)
System Uptime: 0 days 0:00:28.095
Loading Kernel Symbols
Loading User Symbols
Loading unloaded module list
* Bugcheck Analysis *
Use !analyze -v to get detailed debugging information.
BugCheck D1, {10, 2, 0, fffff880044f8689}
*** WARNING: Unable to verify timestamp for nvvad64v.sys
*** ERROR: Module load completed but symbols could not be loaded for nvvad64v.sys
Probably caused by : nvvad64v.sys ( nvvad64v+1689 )
Followup: MachineOwner
8: kd> !analyze -v
* Bugcheck Analysis *
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff880044f8689, address which referenced memory
Debugging Details:
READ_ADDRESS: GetPointerFromAddress: unable to read from fffff8000370e0e0
GetUlongFromAddress: unable to read from fffff8000370e198
0000000000000010 Nonpaged pool
CURRENT_IRQL: 2
FAULTING_IP:
nvvad64v+1689
fffff880`044f8689 488b4810 mov rcx,qword ptr [rax+10h]
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT
BUGCHECK_STR: 0xD1
PROCESS_NAME: audiodg.exe
ANALYSIS_VERSION: 6.3.9600.16384 (debuggers(dbg).130821-1623) amd64fre
TRAP_FRAME: fffff8800eb894c0 -- (.trap 0xfffff8800eb894c0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffffa80179a6fd0
rdx=0000000000003fdc rsi=0000000000000000 rdi=0000000000000000
rip=fffff880044f8689 rsp=fffff8800eb89650 rbp=0000000000000000
r8=0000000000000000 r9=0000000000000000 r10=0000000000000000
r11=fffffa80179a6fd0 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
nvvad64v+0x1689:
fffff880`044f8689 488b4810 mov rcx,qword ptr [rax+10h] ds:00000000`00000010=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff800034d5de9 to fffff800034d6880
STACK_TEXT:
fffff880`0eb89378 fffff800`034d5de9 : 00000000`0000000a 00000000`00000010 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
fffff880`0eb89380 fffff800`034d4a60 : 00000000`00000000 00000000`0000100c fffffa80`1611a260 fffff880`035e61c0 : nt!KiBugCheckDispatch+0x69
fffff880`0eb894c0 fffff880`044f8689 : 00000000`0031c8d3 fffffa80`179a4000 00000000`00000000 fffff800`03665888 : nt!KiPageFault+0x260
fffff880`0eb89650 00000000`0031c8d3 : fffffa80`179a4000 00000000`00000000 fffff800`03665888 00000000`00000028 : nvvad64v+0x1689
fffff880`0eb89658 fffffa80`179a4000 : 00000000`00000000 fffff800`03665888 00000000`00000028 00000000`00524fbc : 0x31c8d3
fffff880`0eb89660 00000000`00000000 : fffff800`03665888 00000000`00000028 00000000`00524fbc 00000000`00002fbc : 0xfffffa80`179a4000
STACK_COMMAND: kb
FOLLOWUP_IP:
nvvad64v+1689
fffff880`044f8689 488b4810 mov rcx,qword ptr [rax+10h]
SYMBOL_STACK_INDEX: 3
SYMBOL_NAME: nvvad64v+1689
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nvvad64v
IMAGE_NAME: nvvad64v.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 529fb649
FAILURE_BUCKET_ID: X64_0xD1_nvvad64v+1689
BUCKET_ID: X64_0xD1_nvvad64v+1689
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:x64_0xd1_nvvad64v+1689
FAILURE_ID_HASH: {58ea0214-7b27-7dc6-5a00-c215a7e166cc}
Followup: MachineOwner
Wanikiya and Dyami--Team Zigzag -
Windows 8.1 BSOD and regular switching off
Hello,
I have been regularly experiencing problems with my PC like BSOD
the follwing link gives my system specs:
http://speccy.piriform.com/results/6DthFxm1AtsldGbZ86lRfKI
The following are my minidump files:
https://onedrive.live.com/redir?resid=C6FF39352974EF9D%21300
The following is the minitool box report:
MiniToolBox by Farbar Version: 23-01-2014
Ran by Eshwar (administrator) on 24-04-2014 at 22:51:49
Running from "C:\Users\Eshwar\Downloads"
Microsoft Windows 8.1 Pro (X86)
Boot Mode: Normal
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= FF Proxy Settings: ==============================
========================= IP Configuration: ================================
Realtek PCIe GBE Family Controller = Ethernet (Connected)
# IPv4 Configuration
pushd interface ipv4
reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Ethernet" nexthop=192.168.1.1 publish=Yes
set interface interface="ethernet_4" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
add address name="Ethernet" address=192.168.1.10 mask=255.255.255.0
popd
# End of IPv4 configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : Eshwar-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
PPP adapter BSNL:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : BSNL
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 117.197.196.82(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
DNS Servers . . . . . . . . . . . : 218.248.255.162
218.248.255.164
NetBIOS over Tcpip. . . . . . . . : Disabled
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 70-71-BC-51-C9-0F
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d5ce:e3f7:c0bb:2aa1%3(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 259027388
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-5A-23-90-70-71-BC-51-C9-0F
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{CE05CE46-B546-47F6-A27A-8E541EF61DBC}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{CA156E87-B5E9-4F07-8C89-5BF288E42348}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter 6TO4 Adapter:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:75c5:c452::75c5:c452(Preferred)
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 117440512
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-5A-23-90-70-71-BC-51-C9-0F
DNS Servers . . . . . . . . . . . : 218.248.255.162
218.248.255.164
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:4b6:20df:8a3a:3bad(Preferred)
Link-local IPv6 Address . . . . . : fe80::4b6:20df:8a3a:3bad%16(Preferred)
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 436207616
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-5A-23-90-70-71-BC-51-C9-0F
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 218.248.255.162
Name: google.com
Addresses: 2404:6800:4003:c00::8b
74.125.200.100
74.125.200.101
74.125.200.102
74.125.200.113
74.125.200.138
74.125.200.139
Pinging google.com [74.125.200.100] with 32 bytes of data:
Reply from 74.125.200.100: bytes=32 time=67ms TTL=49
Reply from 74.125.200.100: bytes=32 time=68ms TTL=49
Ping statistics for 74.125.200.100:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 67ms, Maximum = 68ms, Average = 67ms
Server: UnKnown
Address: 218.248.255.162
Name: yahoo.com
Addresses: 98.139.183.24
206.190.36.45
98.138.253.109
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=321ms TTL=52
Reply from 98.138.253.109: bytes=32 time=329ms TTL=52
Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 321ms, Maximum = 329ms, Average = 325ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
26...........................BSNL
3...70 71 bc 51 c9 0f ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
4...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
5...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
6...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.10 4501
0.0.0.0 0.0.0.0 On-link 117.197.196.82 21
117.197.196.82 255.255.255.255 On-link 117.197.196.82 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 4531
127.0.0.1 255.255.255.255 On-link 127.0.0.1 4531
127.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
192.168.1.0 255.255.255.0 On-link 192.168.1.10 4501
192.168.1.10 255.255.255.255 On-link 192.168.1.10 4501
192.168.1.255 255.255.255.255 On-link 192.168.1.10 4501
224.0.0.0 240.0.0.0 On-link 127.0.0.1 4531
224.0.0.0 240.0.0.0 On-link 192.168.1.10 4501
224.0.0.0 240.0.0.0 On-link 117.197.196.82 21
255.255.255.255 255.255.255.255 On-link 127.0.0.1 4531
255.255.255.255 255.255.255.255 On-link 192.168.1.10 4501
255.255.255.255 255.255.255.255 On-link 117.197.196.82 276
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.1.1 Default
===========================================================================
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
16 306 2001::/32 On-link
16 306 2001:0:5ef5:79fd:4b6:20df:8a3a:3bad/128
On-link
6 1025 2002::/16 On-link
6 281 2002:75c5:c452::75c5:c452/128
On-link
3 276 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::4b6:20df:8a3a:3bad/128
On-link
3 276 fe80::d5ce:e3f7:c0bb:2aa1/128
On-link
1 306 ff00::/8 On-link
3 276 ff00::/8 On-link
16 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Event log errors: ===============================
Application errors:
==================
Error: (04/24/2014 10:28:24 PM) (Source: RasClient) (User: )
Description: CoId={BFB70586-D8FB-4A92-9D8E-37E6E20B203B}: The user Eshwar-PC\Eshwar dialed a connection named BSNL which has failed. The error code returned on failure is 0.
Error: (04/24/2014 10:28:09 PM) (Source: RasClient) (User: )
Description: CoId={17389003-D26C-4AC1-9E4E-84723926C56C}: The user Eshwar-PC\Eshwar dialed a connection named BSNL which has failed. The error code returned on failure is 0.
Error: (04/24/2014 10:27:19 PM) (Source: RasClient) (User: )
Description: CoId={4E4C16D3-FF0B-43D9-A14E-7B011685DE09}: The user Eshwar-PC\Eshwar dialed a connection named BSNL which has failed. The error code returned on failure is 651.
Error: (04/24/2014 10:26:31 PM) (Source: RasClient) (User: )
Description: CoId={98C56724-79A0-48D0-B2CB-B9E2D1F5BA70}: The user Eshwar-PC\Eshwar dialed a connection named BSNL which has failed. The error code returned on failure is 0.
Error: (04/24/2014 10:26:17 PM) (Source: RasClient) (User: )
Description: CoId={C4056ED7-C723-4F83-98FF-01745E6548E7}: The user Eshwar-PC\Eshwar dialed a connection named BSNL which has failed. The error code returned on failure is 651.
Error: (04/24/2014 10:25:36 PM) (Source: RasClient) (User: )
Description: CoId={CD0DD307-0C5A-4397-8848-6DCB41B411F8}: The user Eshwar-PC\Eshwar dialed a connection named BSNL which has failed. The error code returned on failure is 651.
Error: (04/24/2014 10:25:12 PM) (Source: RasClient) (User: )
Description: CoId={307EA9E9-D24F-494D-95EB-1EEEE1E3971F}: The user Eshwar-PC\Eshwar dialed a connection named BSNL which has failed. The error code returned on failure is 651.
Error: (04/24/2014 10:24:48 PM) (Source: RasClient) (User: )
Description: CoId={9BA11921-6F4F-4ACF-9208-3BAA6A99C25E}: The user Eshwar-PC\Eshwar dialed a connection named BSNL which has failed. The error code returned on failure is 651.
Error: (04/24/2014 04:43:20 PM) (Source: Desktop Window Manager) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)
Error: (04/24/2014 11:00:58 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
System errors:
=============
Error: (04/24/2014 10:39:06 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Bing Desktop Update service service to connect.
Error: (04/24/2014 10:39:04 PM) (Source: BugCheck) (User: )
Description: 0x000000d1 (0x815f4134, 0x00000002, 0x00000001, 0x8d61f416)C:\WINDOWS\MEMORY.DMP042414-19343-01
Error: (04/24/2014 10:38:51 PM) (Source: Service Control Manager) (User: )
Description: The Offline Files service terminated with the following error:
%%3
Error: (04/24/2014 10:38:50 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 22:23:31 on ?24/?04/?2014 was unexpected.
Error: (04/24/2014 10:23:45 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Bing Desktop Update service service to connect.
Error: (04/24/2014 10:23:44 PM) (Source: BugCheck) (User: )
Description: 0x000000d1 (0x815ef704, 0x00000002, 0x00000001, 0x8c838416)C:\WINDOWS\MEMORY.DMP042414-18125-01
Error: (04/24/2014 10:23:31 PM) (Source: Service Control Manager) (User: )
Description: The Offline Files service terminated with the following error:
%%3
Error: (04/24/2014 10:23:31 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 22:11:41 on ?24/?04/?2014 was unexpected.
Error: (04/24/2014 10:20:10 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Bing Desktop Update service service to connect.
Error: (04/24/2014 10:20:01 AM) (Source: Service Control Manager) (User: )
Description: The Offline Files service terminated with the following error:
%%3
Microsoft Office Sessions:
=========================
Error: (04/24/2014 10:28:24 PM) (Source: RasClient)(User: )
Description: {BFB70586-D8FB-4A92-9D8E-37E6E20B203B}Eshwar-PC\EshwarBSNL0
Error: (04/24/2014 10:28:09 PM) (Source: RasClient)(User: )
Description: {17389003-D26C-4AC1-9E4E-84723926C56C}Eshwar-PC\EshwarBSNL0
Error: (04/24/2014 10:27:19 PM) (Source: RasClient)(User: )
Description: {4E4C16D3-FF0B-43D9-A14E-7B011685DE09}Eshwar-PC\EshwarBSNL651
Error: (04/24/2014 10:26:31 PM) (Source: RasClient)(User: )
Description: {98C56724-79A0-48D0-B2CB-B9E2D1F5BA70}Eshwar-PC\EshwarBSNL0
Error: (04/24/2014 10:26:17 PM) (Source: RasClient)(User: )
Description: {C4056ED7-C723-4F83-98FF-01745E6548E7}Eshwar-PC\EshwarBSNL651
Error: (04/24/2014 10:25:36 PM) (Source: RasClient)(User: )
Description: {CD0DD307-0C5A-4397-8848-6DCB41B411F8}Eshwar-PC\EshwarBSNL651
Error: (04/24/2014 10:25:12 PM) (Source: RasClient)(User: )
Description: {307EA9E9-D24F-494D-95EB-1EEEE1E3971F}Eshwar-PC\EshwarBSNL651
Error: (04/24/2014 10:24:48 PM) (Source: RasClient)(User: )
Description: {9BA11921-6F4F-4ACF-9208-3BAA6A99C25E}Eshwar-PC\EshwarBSNL651
Error: (04/24/2014 04:43:20 PM) (Source: Desktop Window Manager)(User: )
Description: 0x8898008d
Error: (04/24/2014 11:00:58 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
CodeIntegrity Errors:
===================================
Date: 2014-04-23 18:11:53.867
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom
3 / Antimalware signing level requirements.
Date: 2014-04-23 18:11:53.800
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom
3 / Antimalware signing level requirements.
Date: 2014-04-23 18:11:14.551
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom
3 / Antimalware signing level requirements.
Date: 2014-04-23 18:11:14.551
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom
3 / Antimalware signing level requirements.
Date: 2014-04-23 18:11:14.535
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom
3 / Antimalware signing level requirements.
Date: 2014-04-23 18:11:14.535
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom
3 / Antimalware signing level requirements.
Date: 2014-04-23 18:11:14.519
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom
3 / Antimalware signing level requirements.
Date: 2014-04-23 18:11:14.519
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom
3 / Antimalware signing level requirements.
Date: 2014-04-23 18:11:14.519
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom
3 / Antimalware signing level requirements.
Date: 2014-04-23 18:11:14.504
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom
3 / Antimalware signing level requirements.
**** End of log ****
Help me asap!DE
5 different error codes relating to memory please run driver verifier to find the underlying cause.
These crashes were related to memory corruption (probably caused by a driver and my guess would be USBPORT.SYS)
Please run this test to find which driver is causing the problem.
If you are overclocking (pushing the components beyond their design) you should revert to default at least until the crashing is solved. If you don't
know what it is you probably are not overclocking.
Driver verifier (for complete directions see our wiki here)
Co-Authored by JMH3143
Wanikiya and Dyami--Team Zigzag -
Windows 8.1 BSOD RDR_FILE_SYSTEM 0x27
A customer of ours is experiencing random BSODs, it seems to have something to do with avp.exe or rdbss.sys.
I analyzed the MEMORY.DMP file with the Windows Debugging Tools, see below, can anyone tell me what is causing the BSODs? I already ran sfc /scannow, but it didn't find any problems.
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred SRV*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 8 Kernel Version 9600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 9600.17085.amd64fre.winblue_gdr.140330-1035
Machine Name:
Kernel base = 0xfffff801`6847f000 PsLoadedModuleList = 0xfffff801`687492d0
Debug session time: Mon Jul 28 15:09:04.104 2014 (UTC + 2:00)
System Uptime: 13 days 3:53:35.466
Loading Kernel Symbols
....................................................Page 6a3b not present in the dump file. Type ".hh dbgerr004" for details
...Page baa75 not present in the dump file. Type ".hh dbgerr004" for details
Loading User Symbols
PEB is paged out (Peb.Ldr = 00000000`7e76f018). Type ".hh dbgerr001" for details
Loading unloaded module list
* Bugcheck Analysis
Use !analyze -v to get detailed debugging information.
BugCheck 27, {baad0073, ffffd001a9df6b18, ffffd001a9df6320, fffff801f9474ed0}
Page 6a3b not present in the dump file. Type ".hh dbgerr004" for details
Probably caused by : rdbss.sys ( rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance+60 )
Followup: MachineOwner
1: kd> !analyze -v
* Bugcheck Analysis
RDR_FILE_SYSTEM (27)
If you see RxExceptionFilter on the stack then the 2nd and 3rd parameters are the
exception record and context record. Do a .cxr on the 3rd parameter and then kb to
obtain a more informative stack trace.
The high 16 bits of the first parameter is the RDBSS bugcheck code, which is defined
as follows:
RDBSS_BUG_CHECK_CACHESUP = 0xca550000,
RDBSS_BUG_CHECK_CLEANUP = 0xc1ee0000,
RDBSS_BUG_CHECK_CLOSE = 0xc10e0000,
RDBSS_BUG_CHECK_NTEXCEPT = 0xbaad0000,
Arguments:
Arg1: 00000000baad0073
Arg2: ffffd001a9df6b18
Arg3: ffffd001a9df6320
Arg4: fffff801f9474ed0
Debugging Details:
Page 6a3b not present in the dump file. Type ".hh dbgerr004" for details
EXCEPTION_RECORD: ffffd001a9df6b18 -- (.exr 0xffffd001a9df6b18)
ExceptionAddress: fffff801f9474ed0 (rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance+0x0000000000000060)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000000
Parameter[1]: 0000000000000130
Attempt to read from address 0000000000000130
CONTEXT: ffffd001a9df6320 -- (.cxr 0xffffd001a9df6320;r)
rax=fffff801f9453010 rbx=0000000000000000 rcx=fffff801f9453800
rdx=0000000000000000 rsi=0000000000000130 rdi=0000000000000000
rip=fffff801f9474ed0 rsp=ffffd001a9df6d50 rbp=ffffc0005e647280
r8=ffffe00161e52080 r9=ffffd001a9df7630 r10=fffff780000003b0
r11=fffff78000000008 r12=ffffd001a9df7630 r13=ffffe00161e52080
r14=ffffc0004e87a010 r15=ffffe0015e9ab860
iopl=0 nv up ei pl zr na po nc
cs=0010 ss=0000 ds=002b es=002b fs=0053 gs=002b efl=00010246
rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance+0x60:
fffff801`f9474ed0 488b1e mov rbx,qword ptr [rsi] ds:002b:00000000`00000130=????????????????
Last set context:
rax=fffff801f9453010 rbx=0000000000000000 rcx=fffff801f9453800
rdx=0000000000000000 rsi=0000000000000130 rdi=0000000000000000
rip=fffff801f9474ed0 rsp=ffffd001a9df6d50 rbp=ffffc0005e647280
r8=ffffe00161e52080 r9=ffffd001a9df7630 r10=fffff780000003b0
r11=fffff78000000008 r12=ffffd001a9df7630 r13=ffffe00161e52080
r14=ffffc0004e87a010 r15=ffffe0015e9ab860
iopl=0 nv up ei pl zr na po nc
cs=0010 ss=0000 ds=002b es=002b fs=0053 gs=002b efl=00010246
rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance+0x60:
fffff801`f9474ed0 488b1e mov rbx,qword ptr [rsi] ds:002b:00000000`00000130=????????????????
Resetting default scope
PROCESS_NAME: avp.exe
CURRENT_IRQL: 0
ERROR_CODE: (NTSTATUS) 0xc0000005 - De instructie op 0x%08lx verwijst naar geheugen op 0x%08lx. Een lees- of schrijfbewerking op het geheugen is mislukt: %s.
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - De instructie op 0x%08lx verwijst naar geheugen op 0x%08lx. Een lees- of schrijfbewerking op het geheugen is mislukt: %s.
EXCEPTION_PARAMETER1: 0000000000000000
EXCEPTION_PARAMETER2: 0000000000000130
READ_ADDRESS: unable to get nt!MmNonPagedPoolStart
unable to get nt!MmSizeOfNonPagedPoolInBytes
0000000000000130
FOLLOWUP_IP:
rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance+60
fffff801`f9474ed0 488b1e mov rbx,qword ptr [rsi]
FAULTING_IP:
rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance+60
fffff801`f9474ed0 488b1e mov rbx,qword ptr [rsi]
BUGCHECK_STR: 0x27
DEFAULT_BUCKET_ID: NULL_CLASS_PTR_DEREFERENCE
ANALYSIS_VERSION: 6.3.9600.16384 (debuggers(dbg).130821-1623) amd64fre
LAST_CONTROL_TRANSFER: from fffff801f94655c2 to fffff801f9474ed0
STACK_TEXT:
ffffd001`a9df6d50 fffff801`f94655c2 : 00000000`00000000 ffffc000`5b033a90 ffffe001`5e2873f0 fffff801`f9453010 : rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance+0x60
ffffd001`a9df6dc0 fffff801`f94649f0 : ffffe001`5e287300 ffffe001`62344c00 fffff801`f9453010 ffffd001`a9df6e00 : rdbss!RxCollapseOrCreateSrvOpen+0x3f2
ffffd001`a9df6e50 fffff801`f946407d : ffffe001`5e2873f0 00000000`00000004 ffffe001`5e2873f0 ffffe001`618fa590 : rdbss!RxCreateFromNetRoot+0x1b0
ffffd001`a9df6f80 fffff801`f942ed9e : 01cfaa65`1b27c42d ffffe001`62344c00 ffffe001`62344d18 00000000`00000000 : rdbss!RxCommonCreate+0x1bd
ffffd001`a9df7030 fffff801`f945f7df : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : rdbss!RxFsdCommonDispatch+0x56e
ffffd001`a9df71a0 fffff801`fa3bf1b3 : 00000000`00000000 ffffe001`62344c01 ffffe001`62344c00 fffff801`f88bf010 : rdbss!RxFsdDispatch+0xcf
ffffd001`a9df7210 fffff801`f88c4682 : ffffe001`61e06300 ffffe001`62344c00 ffffc000`4eb0c140 00000000`00000000 : mrxsmb!MRxSmbFsdDispatch+0x83
ffffd001`a9df7250 fffff801`f88c2c07 : ffffc000`4eb0c140 00000000`00000000 fffff801`f88bf010 ffffe001`6248f630 : mup!MupiCallUncProvider+0xc2
ffffd001`a9df72c0 fffff801`f8344cf8 : ffffe001`618fa590 00000000`00000022 ffffe001`618fa590 ffffe001`6248f630 : mup!MupCreate+0x5f8
ffffd001`a9df7360 fffff801`f836d341 : ffffe001`5f571010 ffffe001`62344c00 ffffe001`5e4ccad0 00000000`00000801 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x258
ffffd001`a9df7400 fffff801`68872593 : 00000000`00000000 00000000`00000005 00000000`00000000 00000000`000007ff : fltmgr!FltpCreate+0x342
ffffd001`a9df74b0 fffff801`688784f8 : ffffc000`4dc14188 ffffc000`4dc14188 ffffc000`4eb0f8d0 ffffe001`5da4a320 : nt!IopParseDevice+0x7b3
ffffd001`a9df76b0 fffff801`68875e53 : 00000000`00000000 ffffd001`a9df78a8 00000000`00000040 ffffe001`5ce39840 : nt!ObpLookupObjectName+0x6d8
ffffd001`a9df7830 fffff801`688449a2 : 00000000`00000001 ffffe001`61e3f838 00000000`0bb5e830 00000000`00000020 : nt!ObOpenObjectByName+0x1e3
ffffd001`a9df7960 fffff801`68844628 : 00000000`0bb5e818 00000000`80100080 00000000`0bb5f0d0 fffff801`6887c1c6 : nt!IopCreateFile+0x372
ffffd001`a9df7a00 fffff801`685de7b3 : ffffe001`60341de8 ffffe001`61e52080 fffff6fb`7dbed000 fffff6fb`7da00000 : nt!NtCreateFile+0x78
ffffd001`a9df7a90 00007ffc`dfebb25a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0bb5e7a8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffc`dfebb25a
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance+60
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: rdbss
IMAGE_NAME: rdbss.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 52affb72
STACK_COMMAND: .cxr 0xffffd001a9df6320 ; kb
BUCKET_ID_FUNC_OFFSET: 60
FAILURE_BUCKET_ID: 0x27_rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance
BUCKET_ID: 0x27_rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0x27_rdbss!rdbssstatisticsentryarrayfindorcreateprimaryinstance
FAILURE_ID_HASH: {153fa92a-562a-8bd4-d56c-4e02c62b008f}
Followup: MachineOwnerVinnieL
Upon double checking it was not the correct DMP file. I am sorry about the mix up. Given that it is a full DMP file I was not able to use the tools I use to double check. Lets try this again and you can confirm this is the correct DMP but
the headers you got and in the snip below
This was Related to rdbss.sys Redirected Drive Buffering SubSystem Driver from Microsoft Corporation and this makes more sense. Given that it is an OS driver your first step should be to run a system file check to repair it. If SFC is unable
to repair it you should run DISM the instructions for which are at the end of the wiki.
Again I am sorry for the mix up. With over 100 DMPS a day sometimes an old DMP isnt deleted.
Please run a system file check (SFC)
All instructions are in our Wiki article below...
Should you have any questions please ask us.
System file check (SFC) Scan and Repair System Files
Microsoft (R) Windows Debugger Version 6.3.9600.17029 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\Ken\Desktop\MEMORY.DMP]
Kernel Bitmap Dump File: Only kernel address space is available
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred srv*C:\Symbols*http://msdl.microsoft.com/download/symbols
Symbol search path is: srv*C:\Symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 8 Kernel Version 9600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 9600.17085.amd64fre.winblue_gdr.140330-1035
Machine Name:
Kernel base = 0xfffff801`6847f000 PsLoadedModuleList = 0xfffff801`687492d0
Debug session time: Mon Jul 28 09:09:04.104 2014 (UTC - 4:00)
System Uptime: 13 days 3:53:35.466
Loading Kernel Symbols
....................................................Page 6a3b not present in the dump file. Type ".hh dbgerr004" for details
...Page baa75 not present in the dump file. Type ".hh dbgerr004" for details
Loading User Symbols
PEB is paged out (Peb.Ldr = 00000000`7e76f018). Type ".hh dbgerr001" for details
Loading unloaded module list
* Bugcheck Analysis *
Use !analyze -v to get detailed debugging information.
BugCheck 27, {baad0073, ffffd001a9df6b18, ffffd001a9df6320, fffff801f9474ed0}
Page 6a3b not present in the dump file. Type ".hh dbgerr004" for details
Probably caused by : rdbss.sys ( rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance+60 )
Followup: MachineOwner
1: kd> !analyze -v
* Bugcheck Analysis *
RDR_FILE_SYSTEM (27)
If you see RxExceptionFilter on the stack then the 2nd and 3rd parameters are the
exception record and context record. Do a .cxr on the 3rd parameter and then kb to
obtain a more informative stack trace.
The high 16 bits of the first parameter is the RDBSS bugcheck code, which is defined
as follows:
RDBSS_BUG_CHECK_CACHESUP = 0xca550000,
RDBSS_BUG_CHECK_CLEANUP = 0xc1ee0000,
RDBSS_BUG_CHECK_CLOSE = 0xc10e0000,
RDBSS_BUG_CHECK_NTEXCEPT = 0xbaad0000,
Arguments:
Arg1: 00000000baad0073
Arg2: ffffd001a9df6b18
Arg3: ffffd001a9df6320
Arg4: fffff801f9474ed0
Debugging Details:
Page 6a3b not present in the dump file. Type ".hh dbgerr004" for details
EXCEPTION_RECORD: ffffd001a9df6b18 -- (.exr 0xffffd001a9df6b18)
ExceptionAddress: fffff801f9474ed0 (rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance+0x0000000000000060)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000000
Parameter[1]: 0000000000000130
Attempt to read from address 0000000000000130
CONTEXT: ffffd001a9df6320 -- (.cxr 0xffffd001a9df6320;r)
rax=fffff801f9453010 rbx=0000000000000000 rcx=fffff801f9453800
rdx=0000000000000000 rsi=0000000000000130 rdi=0000000000000000
rip=fffff801f9474ed0 rsp=ffffd001a9df6d50 rbp=ffffc0005e647280
r8=ffffe00161e52080 r9=ffffd001a9df7630 r10=fffff780000003b0
r11=fffff78000000008 r12=ffffd001a9df7630 r13=ffffe00161e52080
r14=ffffc0004e87a010 r15=ffffe0015e9ab860
iopl=0 nv up ei pl zr na po nc
cs=0010 ss=0000 ds=002b es=002b fs=0053 gs=002b efl=00010246
rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance+0x60:
fffff801`f9474ed0 488b1e mov rbx,qword ptr [rsi] ds:002b:00000000`00000130=????????????????
Last set context:
rax=fffff801f9453010 rbx=0000000000000000 rcx=fffff801f9453800
rdx=0000000000000000 rsi=0000000000000130 rdi=0000000000000000
rip=fffff801f9474ed0 rsp=ffffd001a9df6d50 rbp=ffffc0005e647280
r8=ffffe00161e52080 r9=ffffd001a9df7630 r10=fffff780000003b0
r11=fffff78000000008 r12=ffffd001a9df7630 r13=ffffe00161e52080
r14=ffffc0004e87a010 r15=ffffe0015e9ab860
iopl=0 nv up ei pl zr na po nc
cs=0010 ss=0000 ds=002b es=002b fs=0053 gs=002b efl=00010246
rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance+0x60:
fffff801`f9474ed0 488b1e mov rbx,qword ptr [rsi] ds:002b:00000000`00000130=????????????????
Resetting default scope
PROCESS_NAME: avp.exe
CURRENT_IRQL: 0
ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
EXCEPTION_PARAMETER1: 0000000000000000
EXCEPTION_PARAMETER2: 0000000000000130
READ_ADDRESS: unable to get nt!MmNonPagedPoolStart
unable to get nt!MmSizeOfNonPagedPoolInBytes
0000000000000130
FOLLOWUP_IP:
rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance+60
fffff801`f9474ed0 488b1e mov rbx,qword ptr [rsi]
FAULTING_IP:
rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance+60
fffff801`f9474ed0 488b1e mov rbx,qword ptr [rsi]
BUGCHECK_STR: 0x27
DEFAULT_BUCKET_ID: NULL_CLASS_PTR_DEREFERENCE
ANALYSIS_VERSION: 6.3.9600.17029 (debuggers(dbg).140219-1702) amd64fre
LAST_CONTROL_TRANSFER: from fffff801f94655c2 to fffff801f9474ed0
STACK_TEXT:
ffffd001`a9df6d50 fffff801`f94655c2 : 00000000`00000000 ffffc000`5b033a90 ffffe001`5e2873f0 fffff801`f9453010 : rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance+0x60
ffffd001`a9df6dc0 fffff801`f94649f0 : ffffe001`5e287300 ffffe001`62344c00 fffff801`f9453010 ffffd001`a9df6e00 : rdbss!RxCollapseOrCreateSrvOpen+0x3f2
ffffd001`a9df6e50 fffff801`f946407d : ffffe001`5e2873f0 00000000`00000004 ffffe001`5e2873f0 ffffe001`618fa590 : rdbss!RxCreateFromNetRoot+0x1b0
ffffd001`a9df6f80 fffff801`f942ed9e : 01cfaa65`1b27c42d ffffe001`62344c00 ffffe001`62344d18 00000000`00000000 : rdbss!RxCommonCreate+0x1bd
ffffd001`a9df7030 fffff801`f945f7df : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : rdbss!RxFsdCommonDispatch+0x56e
ffffd001`a9df71a0 fffff801`fa3bf1b3 : 00000000`00000000 ffffe001`62344c01 ffffe001`62344c00 fffff801`f88bf010 : rdbss!RxFsdDispatch+0xcf
ffffd001`a9df7210 fffff801`f88c4682 : ffffe001`61e06300 ffffe001`62344c00 ffffc000`4eb0c140 00000000`00000000 : mrxsmb!MRxSmbFsdDispatch+0x83
ffffd001`a9df7250 fffff801`f88c2c07 : ffffc000`4eb0c140 00000000`00000000 fffff801`f88bf010 ffffe001`6248f630 : mup!MupiCallUncProvider+0xc2
ffffd001`a9df72c0 fffff801`f8344cf8 : ffffe001`618fa590 00000000`00000022 ffffe001`618fa590 ffffe001`6248f630 : mup!MupCreate+0x5f8
ffffd001`a9df7360 fffff801`f836d341 : ffffe001`5f571010 ffffe001`62344c00 ffffe001`5e4ccad0 00000000`00000801 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x258
ffffd001`a9df7400 fffff801`68872593 : 00000000`00000000 00000000`00000005 00000000`00000000 00000000`000007ff : fltmgr!FltpCreate+0x342
ffffd001`a9df74b0 fffff801`688784f8 : ffffc000`4dc14188 ffffc000`4dc14188 ffffc000`4eb0f8d0 ffffe001`5da4a320 : nt!IopParseDevice+0x7b3
ffffd001`a9df76b0 fffff801`68875e53 : 00000000`00000000 ffffd001`a9df78a8 00000000`00000040 ffffe001`5ce39840 : nt!ObpLookupObjectName+0x6d8
ffffd001`a9df7830 fffff801`688449a2 : 00000000`00000001 ffffe001`61e3f838 00000000`0bb5e830 00000000`00000020 : nt!ObOpenObjectByName+0x1e3
ffffd001`a9df7960 fffff801`68844628 : 00000000`0bb5e818 00000000`80100080 00000000`0bb5f0d0 fffff801`6887c1c6 : nt!IopCreateFile+0x372
ffffd001`a9df7a00 fffff801`685de7b3 : ffffe001`60341de8 ffffe001`61e52080 fffff6fb`7dbed000 fffff6fb`7da00000 : nt!NtCreateFile+0x78
ffffd001`a9df7a90 00007ffc`dfebb25a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0bb5e7a8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffc`dfebb25a
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance+60
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: rdbss
IMAGE_NAME: rdbss.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 52affb72
STACK_COMMAND: .cxr 0xffffd001a9df6320 ; kb
BUCKET_ID_FUNC_OFFSET: 60
FAILURE_BUCKET_ID: 0x27_rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance
BUCKET_ID: 0x27_rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0x27_rdbss!rdbssstatisticsentryarrayfindorcreateprimaryinstance
FAILURE_ID_HASH: {153fa92a-562a-8bd4-d56c-4e02c62b008f}
Followup: MachineOwner
1: kd> lmvm rdbss
start end module name
fffff801`f942d000 fffff801`f949d000 rdbss (pdb symbols) c:\symbols\rdbss.pdb\79F4162F81A5409285603135A1E6DB592\rdbss.pdb
Loaded symbol image file: rdbss.sys
Image path: \SystemRoot\system32\DRIVERS\rdbss.sys
Image name: rdbss.sys
Timestamp: Tue Dec 17 02:21:22 2013 (52AFFB72)
CheckSum: 0006BFA7
ImageSize: 00070000
Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
1: kd> .exr 0xffffd001a9df6b18
ExceptionAddress: fffff801f9474ed0 (rdbss!RdbssStatisticsEntryArrayFindOrCreatePrimaryInstance+0x0000000000000060)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000000
Parameter[1]: 0000000000000130
Attempt to read from address 0000000000000130
Wanikiya and Dyami--Team Zigzag -
Windows 7 bootcamp Bsod and constant glitch
I am have the most frustrating week with my Windows 7 Partition on my 2010 Macbook pro Version 10.6.8
I sucessfully installed Windows 7 Ultimate with no issues using boot camp about 3 weeks ago. However, about one week ago I recieved the BSOD with the error pointing a finger at the MacHALdriver.sys
I have no fricking idea what that is after hours of research on the web.
This only happened 1 out of 3 times I turned on the machine. The other times there were no issues.
However, to make things worse, as of yesterday the entire system is very glitchy (Windows partition) and the tool bars or any windows that I have open flash and disappear for a few seconds. The Tool bar does not even appear unless I mouse over it.
As far as I am aware I have the most recent drivers for bootcamp installed.
Should I delete and redo the partition?
Can anyone please help me out?perhaps this might go a way to giving an insight into your problem;
http://www.runscanner.net/lib/MacHALDriver.sys.html
i am not saying download anything, this is just for you to have a look at.
and this;
https://discussions.apple.com/message/7123009#7123009 -
Hello friends. I am having a major problem with my bootcamp partition. I just installed windows 8 as an upgrade from windows 7 after a successful installation. However, when i booted up the partition it gives me the BSOD error almost every time i boot up. It lets you use for 2 minutes and then immediately BSOD. I cannot install bootcamp drivers because it keeps crashing. Can someone help me? I am using a mid 2010 macbook pro 13 inch. I do know that it is not officially supported but my friend managed to install on his 13 inch mid 2010 mbp as well. Thank you!
Hi
One very important point is that your Satellite L555 is not officially Win 8 supported.
What does this means?
This means that there are no Toshiba Win 8 drivers for this series.
But this does not mean that you cannot use the Win 8.
You can install the Win 8 and can use it if you purchased the Microsoft licence
Regarding the drivers:
Well you will need to search drivers at your own hand and in some cases Win 7 drivers can be installed on Win 8 system -
Hello i have an ASUS S400 CA ultrabook and my BSOD problems have started after automated upgrade from windows 8 to windows 8.1 Here is the latest dump file. BSOD problem says "DRIVER_IRQL_NOT_LESS_OR_EQUAL(athw8x.sys)"
I have downloaded driver from the ASUS website but the problem remains unsolved. Please, give me some advice, thank you in advance
https://dl.dropboxusercontent.com/u/79149617/042314-24390-01.dmpHi,
The attached DMP file is of the DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1) bug check.
This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
A driver tried to access an address that is pageable (or that is completely invalid) while the IRQL was too high. This bug check is usually caused by drivers that have used improper addresses.
3: kd> k
Child-SP RetAddr Call Site
ffffd000`2161c3d8 fffff803`78f627e9 nt!KeBugCheckEx
ffffd000`2161c3e0 fffff803`78f6103a nt!KiBugCheckDispatch+0x69
ffffd000`2161c520 fffff800`0272571f nt!KiPageFault+0x23a
ffffd000`2161c6b0 ffffc000`00000000 athwbx+0x9671f
ffffd000`2161c6b8 fffff803`7918a223 0xffffc000`00000000
ffffd000`2161c6c0 ffffe000`6666744e nt!FsRtlTeardownPerStreamContexts+0x53
ffffd000`2161c730 ffffc000`03ba6010 0xffffe000`6666744e
ffffd000`2161c738 fffff800`00db4dd2 0xffffc000`03ba6010
ffffd000`2161c740 fffff800`00cdbe24 Ntfs!NtfsDeleteFcb+0x460
ffffd000`2161c7c0 fffff800`00000002 Ntfs!NtfsTeardownFromLcb+0x1f4
ffffd000`2161c850 fffff800`00000001 CI!_guard_check_icall_fptr <PERF> (CI+0x2)
ffffd000`2161c858 fffff800`029692f0 CI!_guard_check_icall_fptr <PERF> (CI+0x1)
ffffd000`2161c860 ffffe000`00000000 athwbx+0x2da2f0
ffffd000`2161c868 fffff800`029685d0 0xffffe000`00000000
ffffd000`2161c870 fffff800`02968550 athwbx+0x2d95d0
ffffd000`2161c878 ffffd000`2161c890 athwbx+0x2d9550
ffffd000`2161c880 ffffd000`2161c951 0xffffd000`2161c890
ffffd000`2161c888 ffffd000`2161c900 0xffffd000`2161c951
ffffd000`2161c890 ffffe000`01581098 0xffffd000`2161c900
ffffd000`2161c898 00000000`00000000 0xffffe000`01581098
^^ athwbx.sys is the Qualcomm Atheros AR9485WB-EG Wireless Network Adapter. In every case I've dealt with this driver, the manufacturer never actually had the latest version, and downloading this driver always helped -
http://www.atheros.cz/atheros-wireless-download.php?chipset=61&system=7
^^ Atheros' website can be kind of confusing to say the very least, so let me know if you need help downloading it.
Regards,
Patrick
“Be kind whenever possible. It is always possible.” - Dalai Lama -
I've been recently getting some BSOD on my pc (win7 64bit) and for the life of me I can't figure out what's causing them. I've run memtest and didn't find any issues. One thing I've noticed is that it will sometimes sit at the login screen and just repeatedly
cycle through that and there isn't anything I can do but hold the power button down. It's almost like I entering a password incorrectly and sends me back to the login screen only to blow right past that without allowing me to enter a password.
I've uploaded my minidump file to skydrive. If someone could take a look and let me know what the issue might be I would really appreciate it.
https://onedrive.live.com/redir?resid=818BC808CAF94AA7!651&authkey=!AESwFMlAq6xI8DA&ithint=file%2c.zip
Thanks,
JasonI'll answer what I can right now since I'm at work.
BSOD - I can login and use the machine at times without much issue. Occasionally the system will BSOD on me randomly. One thing for sure that happens almost every time is the looping at the login screen. I've got my system password protected so you must
login. Anyway what happens is that if I leave my PC on for any given amount of time and come back to the PC the login screen is looping. What I mean by this is that instead of allowing me to enter a password it appears one was already entered or the system
thinks one has and then quickly goes to the waiting screen, you see briefly it didn't login then back to password prompt without allowing me to enter a pwd and then right back to the waiting screen for the attemted login. It just keeps looping like that without
stopping. Only way to get out of this is to hit the reset button or hold the power button down.
I've re-installed windows multiple times hoping it was something that would be fixed by the install (clean install). This is Windows 7 64bit Ultimate edition.
Graphics - I am not using onboard graphics - I have this disabled.
Memory - The memory that I have is rated as ddr3-1600 but it's only running at 1333 (would need to overclock it to get 1600) - runs at 1333 by default.
I'm currently downloading and installing update to the bios, mb drivers, etc and then will run another test to see if this helps at all.
I'll also look at the memory to make sure it's supported for my MB and CPU.
let me know if I forgot anything.
Thanks,
Jason -
Windows 8.1 BSOD - ntoskrnl.exe
Hi, I've been experiencing BSOD's on a daily basis (only when I am away from my computer) and I'd like to know the root cause of the problems. I've attached several minidump files below. Using Windbg (x64) the only problem I can see is ntoskrnl.exe being
unable to load (either corrupted or missing). sfc/scannow has detailed several problems relating to ntoskrnl.exe as well
https://onedrive.live.com/redir?resid=6e6984aa2d967f21%212299
Thanks!
BillYou've recommended the opposite of what I was told last time: "The crashes are being caused by you
NVidia display driver. Please uninstall an "clean" reinstall the current driver version".
Last time I had BSOD problems I was using version 326.19 (at least one year old) and now I have the most recent version. As a result, I do not believe this is the cause of the BSOD's.
Also, I do not see the same thing you do when opening the minidump file, as follows:
Microsoft (R) Windows Debugger Version 6.3.9600.17029 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump\040815-36484-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: *** Invalid ***
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
Executable search path is:
* Symbols can not be loaded because symbol path is not initialized. *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows 8 Kernel Version 9600 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 9600.17668.amd64fre.winblue_r8.150127-1500
Machine Name:
Kernel base = 0xfffff802`0a282000 PsLoadedModuleList = 0xfffff802`0a55b250
Debug session time: Wed Apr 8 14:02:21.387 2015 (UTC - 6:00)
System Uptime: 0 days 20:32:22.558
* Symbols can not be loaded because symbol path is not initialized. *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
Loading User Symbols
Loading unloaded module list
************* Symbol Loading Error Summary **************
Module name Error
ntoskrnl The system cannot find the file specified
You can troubleshoot most symbol related issues by turning on symbol loading diagnostics (!sym noisy) and repeating the command that caused symbols to be loaded.
You should also verify that your symbol search path (.sympath) is correct.
* Bugcheck Analysis *
Use !analyze -v to get detailed debugging information.
BugCheck 9F, {3, ffffe0019c12a760, fffff8020c30e960, ffffe001a1f67680}
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn't have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing ".symopt- 100". Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** Type referenced: NT!_DEVICE_OBJECT ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn't have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing ".symopt- 100". Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** Type referenced: nt!_IRP ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn't have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing ".symopt- 100". Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** Type referenced: nt!_IRP ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn't have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing ".symopt- 100". Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** Type referenced: nt!TRIAGE_9F_POWER ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn't have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing ".symopt- 100". Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** Type referenced: nt!_IRP ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn't have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing ".symopt- 100". Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** Type referenced: nt!_IO_STACK_LOCATION ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn't have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing ".symopt- 100". Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** Type referenced: nt!_IRP ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn't have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing ".symopt- 100". Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** Type referenced: nt!_DEVICE_OBJECT ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn't have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing ".symopt- 100". Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** Type referenced: nt!_KPRCB ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn't have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing ".symopt- 100". Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** Type referenced: nt!KPRCB ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn't have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing ".symopt- 100". Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** Type referenced: nt!_KPRCB ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn't have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing ".symopt- 100". Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** Type referenced: nt!KPRCB ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn't have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing ".symopt- 100". Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** Type referenced: nt!_KPRCB ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn't have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing ".symopt- 100". Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** Type referenced: nt!_KPRCB ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn't have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing ".symopt- 100". Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. *** -
Windows 7 64bit BSOD 0X4A IRQL_GT_ZERO_AT_SYSTEM_SERVICE
Hi all,
I'm getting this BSOD alot and cant find the cause of it. Is there anybody who can help me find out the cause of the bluescreen?
I have all minidump files on my skydrive. Below is what i could find out but from that i cant make out where i have to look to find the problem! I already checked all of my harddrives with Seatools no errors found and i also ran memory test to see if my memory
would be failing but nothing there!
https://skydrive.live.com/?cid=3CEB2D9AE0364E67&id=3CEB2D9AE0364E67%21121
System Information (local)
windows version: Windows 7 Service Pack 1, 6.1, build: 7601
windows dir: C:\Windows
CPU: GenuineIntel Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz Intel586, level: 6
8 logical processors, active mask: 255
RAM: 17162420224 total
VM: 2147352576, free: 1948950528
Crash Dump Analysis
Crash dump directory: C:\Windows\Minidump
Crash dumps are enabled on your computer.
On Fri 7/09/2012 18:52:23 GMT your computer crashed
crash dump file: C:\Windows\Minidump\090812-18657-01.dmp
uptime: 05:58:07
This was probably caused by the following module:
ntoskrnl.exe (nt+0x7F1C0)
Bugcheck code: 0x4A (0x770C138A, 0x2, 0x0, 0xFFFFF8800C889B60)
Error: IRQL_GT_ZERO_AT_SYSTEM_SERVICE
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that a thread is returning to user mode from a system call when its IRQL is still above PASSIVE_LEVEL.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.I just found out how to open dumpfiles with windows debug tools and this what came out of it!
* Bugcheck Analysis
Use !analyze -v to get detailed debugging information.
BugCheck 4A, {770c138a, 2, 0, fffff8800c889b60}
Probably caused by : ntkrnlmp.exe ( nt!KiSystemServiceExit+245 )
Followup: MachineOwner
0: kd> !analyze -v
* Bugcheck Analysis
IRQL_GT_ZERO_AT_SYSTEM_SERVICE (4a)
Returning to usermode from a system call at an IRQL > PASSIVE_LEVEL.
Arguments:
Arg1: 00000000770c138a, Address of system function (system call routine)
Arg2: 0000000000000002, Current IRQL
Arg3: 0000000000000000, 0
Arg4: fffff8800c889b60, 0
Debugging Details:
PROCESS_NAME: vsserv.exe
BUGCHECK_STR: RAISED_IRQL_FAULT
FAULTING_IP:
+3739316361303932
00000000`770c138a ?? ???
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
CURRENT_IRQL: 2
LAST_CONTROL_TRANSFER: from fffff80002ed6769 to fffff80002ed71c0
STACK_TEXT:
fffff880`0c889928 fffff800`02ed6769 : 00000000`0000004a 00000000`770c138a 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
fffff880`0c889930 fffff800`02ed66a0 : 00000000`00000dcc fffff880`0c889b60 00000000`00000000 fffff800`031bcc83 : nt!KiBugCheckDispatch+0x69
fffff880`0c889a70 00000000`770c138a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExit+0x245
00000000`1a96fce8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x770c138a
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!KiSystemServiceExit+245
fffff800`02ed66a0 4883ec50 sub rsp,50h
SYMBOL_STACK_INDEX: 2
SYMBOL_NAME: nt!KiSystemServiceExit+245
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 4fa390f3
FAILURE_BUCKET_ID: X64_RAISED_IRQL_FAULT_vsserv.exe_nt!KiSystemServiceExit+245
BUCKET_ID: X64_RAISED_IRQL_FAULT_vsserv.exe_nt!KiSystemServiceExit+245
Followup: MachineOwner
Maybe you are looking for
-
Logout link does not appeared in exception page
When exception is thrown , the logout link is not appeared in the exception page. By default , we select error page in themes as two level tabs. Where can I get the error page for the themes. Is can i see the code for error page , if possible. Please
-
Can the Mac record digital cable TV?
My digital cable box (Scientific Atlanta - Explorer 3250HD) has two Firewire ports on the back. When I connect it to my Mac mini with a Firewire cable, the cable box shows up in the System Profiler. Is it possible to use the Mac mini to record TV sho
-
Hi all. I have a strange problem, that I hope some of you can help me with. First of all let me explain my setup: 1. I have a faces page, that in an action method does a redirect to a different server. 2. That server then redirects back to a Servlet
-
My bundled software wont install
I had OSX 10.6.6 and it was working great. I saw the opportunity to upgrade to Mavericks and did. It ruined all my hardware. Nothing for my hardware worked right with any of the programs. Then I tried to reinstall my old version clean and the bundled
-
hi! every one ... imine phone settings cant be restore its ask passcode am enter mine present mine old all passcode but they cant work . if any one know solution mine problem plz rply . thanks regards