random BSOD stop screens on my new laptop

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

bencutmore

Thread Starter
Joined
Jul 26, 2004
Messages
46
Hi there, I bought a new Dell XPS M1530 laptop about a month ago and I've been getting random BSOD errors, usually once per day at least, sometimes more. It doesn't seem to happen when th emachine is under particular strain. It has happened 2-3 times when I tried to shut down the laptop, all the others are pretty much random.

I've ran MS memory diagnostics tool for a few hours aswell as the Dell diagnostics tool, which appears to do pretty much the same thing, but checks other areas such as GPU etc too. I haven't tried a fresh install of Vista yet, becuase I use this laptop to work on, I was sort of hoping someone here could have a look at my crashdumps and hopefully it would be somethin simple before I go through the backup/restore process. Perhaps wishful thinking though.

Below is my last 2 crash dumps, though I've seen at least 1 crashdump which looks different to these, so I don't know how helpful they'll be. As well as a HJT log.

Microsoft (R) Windows Debugger Version 6.9.0003.113 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\Mini100108-02.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\local cache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows Server 2008 Kernel Version 6001 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6001.18063.x86fre.vistasp1_gdr.080425-1930
Kernel base = 0x81a12000 PsLoadedModuleList = 0x81b29c70
Debug session time: Wed Oct 1 06:48:42.912 2008 (GMT+1)
System Uptime: 0 days 0:36:09.344
Loading Kernel Symbols
..............................................................................................................................................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1A, {5003, 94630000, 2239, 2bcf072}

Probably caused by : win32k.sys ( win32k!vSolidFillRect1+107 )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

MEMORY_MANAGEMENT (1a)
# Any other values for parameter 1 must be individually examined.
Arguments:
Arg1: 00005003, The subtype of the bugcheck.
Arg2: 94630000
Arg3: 00002239
Arg4: 02bcf072

Debugging Details:
------------------


BUGCHECK_STR: 0x1a_5003

CUSTOMER_CRASH_COUNT: 2

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

PROCESS_NAME: firefox.exe

CURRENT_IRQL: 0

TRAP_FRAME: a6ea38b4 -- (.trap 0xffffffffa6ea38b4)
ErrCode = 00000002
eax=00000000 ebx=0000017d ecx=000000d3 edx=000003a3 esi=fc400008 edi=fc4e4000
eip=81a65d60 esp=a6ea3928 ebp=a6ea395c iopl=0 nv up ei pl nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206
nt!RtlFillMemoryUlong+0x10:
81a65d60 f3ab rep stos dword ptr es:[edi]
Resetting default scope

LAST_CONTROL_TRANSFER: from 81a7e926 to 81adf163

STACK_TEXT:
a6ea364c 81a7e926 0000001a 00005003 94630000 nt!KeBugCheckEx+0x1e
a6ea3684 81a99789 c07e2720 82c8bf50 00000000 nt!MiAllocateWsle+0x7d
a6ea36bc 81a9754b 00000001 8b105d70 fc4e4000 nt!MiCompleteProtoPteFault+0x211
a6ea3714 81a99424 00000001 fc4e4000 b48e1758 nt!MiResolveDemandZeroFault+0x5d2
a6ea3758 81a9699f 00000001 fc4e4000 c07e2720 nt!MiResolveProtoPteFault+0x3c3
a6ea3820 81ab80f3 fc4e4000 b48e1758 00000000 nt!MiDispatchFault+0x9a6
a6ea389c 81a6cbb4 00000001 fc4e4000 00000000 nt!MmAccessFault+0x10ac
a6ea389c 81a65d60 00000001 fc4e4000 00000000 nt!KiTrap0E+0xdc
a6ea3928 94f206f7 fc4e34c0 00000e8c 00000000 nt!RtlFillMemoryUlong+0x10
a6ea395c 94f1bcc7 a6ea3c1c 00000001 fc400008 win32k!vSolidFillRect1+0x107
a6ea3afc 94f1b8b7 94f205f0 a6ea3c1c 00000000 win32k!vDIBSolidBlt+0x102
a6ea3b68 94f1b4f2 ffa77590 00000000 00000000 win32k!EngBitBlt+0x18e
a6ea3bc8 94f1b677 fc904de8 a6ea3c2c a6ea3c1c win32k!GrePatBltLockedDC+0x212
a6ea3c70 94ef058e a6ea3d04 0000f0f0 0037ec9c win32k!GrePolyPatBltInternal+0x173
a6ea3d28 81a69a7a 01011ac6 00f00021 0037ec9c win32k!NtGdiPolyPatBlt+0x16d
a6ea3d28 774b9a94 01011ac6 00f00021 0037ec9c nt!KiFastCallEntry+0x12a
WARNING: Frame IP not in any known module. Following frames may be wrong.
0037ec78 00000000 00000000 00000000 00000000 0x774b9a94


STACK_COMMAND: kb

FOLLOWUP_IP:
win32k!vSolidFillRect1+107
94f206f7 8b55f4 mov edx,dword ptr [ebp-0Ch]

SYMBOL_STACK_INDEX: 9

SYMBOL_NAME: win32k!vSolidFillRect1+107

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: win32k

IMAGE_NAME: win32k.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 47c78851

FAILURE_BUCKET_ID: 0x1a_5003_win32k!vSolidFillRect1+107

BUCKET_ID: 0x1a_5003_win32k!vSolidFillRect1+107

Followup: MachineOwner
---------

and number 2:


Microsoft (R) Windows Debugger Version 6.9.0003.113 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\Mini100108-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\local cache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows Server 2008 Kernel Version 6001 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6001.18063.x86fre.vistasp1_gdr.080425-1930
Kernel base = 0x81a00000 PsLoadedModuleList = 0x81b17c70
Debug session time: Wed Oct 1 06:12:09.442 2008 (GMT+1)
System Uptime: 0 days 1:26:00.582
Loading Kernel Symbols
..............................................................................................................................................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck C2, {7, 110b, 0, 880052e8}

GetPointerFromAddress: unable to read from 81b37868
Unable to read MiSystemVaType memory at 81b17420
*** WARNING: Unable to verify timestamp for yk60x86.sys
*** ERROR: Module load completed but symbols could not be loaded for yk60x86.sys
*** WARNING: Unable to verify timestamp for iastorv.sys
*** ERROR: Module load completed but symbols could not be loaded for iastorv.sys
*** WARNING: Unable to verify timestamp for iastor.sys
*** ERROR: Module load completed but symbols could not be loaded for iastor.sys
*** WARNING: Unable to verify timestamp for PxHelp20.sys
*** ERROR: Module load completed but symbols could not be loaded for PxHelp20.sys
*** WARNING: Unable to verify timestamp for spsys.sys
*** ERROR: Module load completed but symbols could not be loaded for spsys.sys
*** ERROR: Module load completed but symbols could not be loaded for spldr.sys
*** WARNING: Unable to verify timestamp for nvlddmkm.sys
*** ERROR: Module load completed but symbols could not be loaded for nvlddmkm.sys
*** WARNING: Unable to verify timestamp for bcmwl6.sys
*** ERROR: Module load completed but symbols could not be loaded for bcmwl6.sys
*** WARNING: Unable to verify timestamp for rimmptsk.sys
*** ERROR: Module load completed but symbols could not be loaded for rimmptsk.sys
*** WARNING: Unable to verify timestamp for rimsptsk.sys
*** ERROR: Module load completed but symbols could not be loaded for rimsptsk.sys
*** WARNING: Unable to verify timestamp for rixdptsk.sys
*** ERROR: Module load completed but symbols could not be loaded for rixdptsk.sys
*** WARNING: Unable to verify timestamp for Apfiltr.sys
*** ERROR: Module load completed but symbols could not be loaded for Apfiltr.sys
*** WARNING: Unable to verify timestamp for libusb0.sys
*** ERROR: Module load completed but symbols could not be loaded for libusb0.sys
*** WARNING: Unable to verify timestamp for stwrt.sys
*** ERROR: Module load completed but symbols could not be loaded for stwrt.sys
*** WARNING: Unable to verify timestamp for drmk.sys
*** ERROR: Module load completed but symbols could not be loaded for drmk.sys
*** WARNING: Unable to verify timestamp for tcusb.sys
*** ERROR: Module load completed but symbols could not be loaded for tcusb.sys
*** WARNING: Unable to verify timestamp for OEM02Dev.sys
*** ERROR: Module load completed but symbols could not be loaded for OEM02Dev.sys
*** WARNING: Unable to verify timestamp for OEM02Vfx.sys
*** ERROR: Module load completed but symbols could not be loaded for OEM02Vfx.sys
*** WARNING: Unable to verify timestamp for dump_iaStor.sys
*** ERROR: Module load completed but symbols could not be loaded for dump_iaStor.sys
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
*** WARNING: Unable to verify timestamp for TSDDD.dll
*** ERROR: Module load completed but symbols could not be loaded for TSDDD.dll
*** WARNING: Unable to verify timestamp for ATMFD.DLL
*** ERROR: Module load completed but symbols could not be loaded for ATMFD.DLL
*** WARNING: Unable to verify timestamp for cdd.dll
*** ERROR: Module load completed but symbols could not be loaded for cdd.dll
*** WARNING: Unable to verify timestamp for secdrv.SYS
*** ERROR: Module load completed but symbols could not be loaded for secdrv.SYS
GetPointerFromAddress: unable to read from 81b37868
Unable to read MiSystemVaType memory at 81b17420
Probably caused by : ntkrpamp.exe ( nt!ExFreePoolWithTag+17f )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

BAD_POOL_CALLER (c2)
The current thread is making a bad pool request. Typically this is at a bad IRQL level or double freeing the same allocation, etc.
Arguments:
Arg1: 00000007, Attempt to free pool which was already freed
Arg2: 0000110b, (reserved)
Arg3: 00000000, Memory contents of the pool block
Arg4: 880052e8, Address of the block of pool being deallocated

Debugging Details:
------------------

GetPointerFromAddress: unable to read from 81b37868
Unable to read MiSystemVaType memory at 81b17420
GetPointerFromAddress: unable to read from 81b37868
Unable to read MiSystemVaType memory at 81b17420

POOL_ADDRESS: GetPointerFromAddress: unable to read from 81b37868
Unable to read MiSystemVaType memory at 81b17420
880052e8

BUGCHECK_STR: 0xc2_7

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

PROCESS_NAME: System

CURRENT_IRQL: 0

LAST_CONTROL_TRANSFER: from 81aee00c to 81acd163

STACK_TEXT:
9ab53b8c 81aee00c 000000c2 00000007 0000110b nt!KeBugCheckEx+0x1e
9ab53c00 81be3a31 880052e8 00000000 00000000 nt!ExFreePoolWithTag+0x17f
9ab53c3c 81c445e7 88cffd90 81dc0110 88cffd78 nt!PspProcessDelete+0x97
9ab53c58 81a5189d 88cffd90 00000000 0e3bcab4 nt!ObpRemoveObjectRoutine+0x13d
9ab53c80 81a4d4f6 00000002 9ab53ce8 81c2e62e nt!ObfDereferenceObject+0xa1
9ab53c8c 81c2e62e 00000000 c000009a 81aff080 nt!MmFreeAccessPfnBuffer+0x27
9ab53ce8 81c2da9b 00000000 89230030 00000000 nt!PfpFlushBuffers+0x291
9ab53d7c 81bd5b18 81aff080 5d0b2724 00000000 nt!PfTLoggingWorker+0xaa
9ab53dc0 81a2ea3e 81c2d9eb 81aff080 00000000 nt!PspSystemThreadStartup+0x9d
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16


STACK_COMMAND: kb

FOLLOWUP_IP:
nt!ExFreePoolWithTag+17f
81aee00c cc int 3

SYMBOL_STACK_INDEX: 1

SYMBOL_NAME: nt!ExFreePoolWithTag+17f

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

IMAGE_NAME: ntkrpamp.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 4812bd71

FAILURE_BUCKET_ID: 0xc2_7_nt!ExFreePoolWithTag+17f

BUCKET_ID: 0xc2_7_nt!ExFreePoolWithTag+17f

Followup: MachineOwner
---------

and my HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:08:15, on 01/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Ben\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=0080430
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O13 - Gopher Prefix:
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\Windows\system32\libusbd-nt.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 6192 bytes


I hope it's not too much to ask, this is starting to drive me crazy. Any help would be much appreciated as looking at those BSOD dumps is out of my league. Thanks very much.
 

bencutmore

Thread Starter
Joined
Jul 26, 2004
Messages
46
Sorry to bump, but this is my latest debug from a BSOD that just happened to me a minute ago:


Microsoft (R) Windows Debugger Version 6.9.0003.113 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\Mini100108-03.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\local cache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows Server 2008 Kernel Version 6001 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6001.18063.x86fre.vistasp1_gdr.080425-1930
Kernel base = 0x81a1e000 PsLoadedModuleList = 0x81b35c70
Debug session time: Wed Oct 1 21:30:52.174 2008 (GMT+1)
System Uptime: 0 days 3:48:32.857
Loading Kernel Symbols
..............................................................................................................................................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000007E, {c000001d, 8ece98e0, 8ad67c3c, 8ad67938}

Probably caused by : hardware ( VIDEOPRT!pVideoPortExposeACPIInfo+21a )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c000001d, The exception code that was not handled
Arg2: 8ece98e0, The address that the exception occurred at
Arg3: 8ad67c3c, Exception Record Address
Arg4: 8ad67938, Context Record Address

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc000001d - {EXCEPTION} Illegal Instruction An attempt was made to execute an illegal instruction.

FAULTING_IP:
VIDEOPRT!pVideoPortExposeACPIInfo+21a
8ece98e0 8e0f mov cs,word ptr [edi]

EXCEPTION_RECORD: 8ad67c3c -- (.exr 0xffffffff8ad67c3c)
ExceptionAddress: 8ece98e0 (VIDEOPRT!pVideoPortExposeACPIInfo+0x0000021a)
ExceptionCode: c000001d (Illegal instruction)
ExceptionFlags: 00000000
NumberParameters: 0

CONTEXT: 8ad67938 -- (.cxr 0xffffffff8ad67938)
eax=00000004 ebx=8ed5ef58 ecx=86cc0ac8 edx=00000003 esi=857d28c0 edi=857d2964
eip=8ece98e0 esp=8ad67d04 ebp=8ad67d14 iopl=0 nv up ei pl nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206
VIDEOPRT!pVideoPortExposeACPIInfo+0x21a:
8ece98e0 8e0f mov cs,word ptr [edi] ds:0023:857d2964=b268
Resetting default scope

CUSTOMER_CRASH_COUNT: 3

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

BUGCHECK_STR: 0x7E

PROCESS_NAME: System

CURRENT_IRQL: 0

ERROR_CODE: (NTSTATUS) 0xc000001d - {EXCEPTION} Illegal Instruction An attempt was made to execute an illegal instruction.

MISALIGNED_IP:
VIDEOPRT!pVideoPortExposeACPIInfo+21a
8ece98e0 8e0f mov cs,word ptr [edi]

LAST_CONTROL_TRANSFER: from 8ed59c86 to 8ece98e0

FAILED_INSTRUCTION_ADDRESS:
VIDEOPRT!pVideoPortExposeACPIInfo+21a
8ece98e0 8e0f mov cs,word ptr [edi]

STACK_TEXT:
8ad67d14 8ed59c86 857d2964 81b2013c 8733c468 VIDEOPRT!pVideoPortExposeACPIInfo+0x21a
8ad67d30 81c3a31b 8733c468 00000000 83f8d828 afd!AfdDoWork+0x51
8ad67d44 81a5641d 86d02348 00000000 83f8d828 nt!IopProcessWorkItem+0x23
8ad67d7c 81bf3b18 86d02348 748052e1 00000000 nt!ExpWorkerThread+0xfd
8ad67dc0 81a4ca3e 81a56320 00000001 00000000 nt!PspSystemThreadStartup+0x9d
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16


FOLLOWUP_IP:
VIDEOPRT!pVideoPortExposeACPIInfo+21a
8ece98e0 8e0f mov cs,word ptr [edi]

SYMBOL_STACK_INDEX: 0

SYMBOL_NAME: VIDEOPRT!pVideoPortExposeACPIInfo+21a

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: hardware

IMAGE_NAME: hardware

DEBUG_FLR_IMAGE_TIMESTAMP: 0

STACK_COMMAND: .cxr 0xffffffff8ad67938 ; kb

FAILURE_BUCKET_ID: IP_MISALIGNED

BUCKET_ID: IP_MISALIGNED

Followup: MachineOwner
---------
 

bencutmore

Thread Starter
Joined
Jul 26, 2004
Messages
46
and another... As you can see, it's fairly frequent :(


Microsoft (R) Windows Debugger Version 6.9.0003.113 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\Mini100208-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\local cache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows Server 2008 Kernel Version 6001 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6001.18063.x86fre.vistasp1_gdr.080425-1930
Kernel base = 0x81a46000 PsLoadedModuleList = 0x81b5dc70
Debug session time: Thu Oct 2 01:36:58.711 2008 (GMT+1)
System Uptime: 0 days 4:05:32.435
Loading Kernel Symbols
..............................................................................................................................................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 19, {22, 2f0000, 0, 0}

GetPointerFromAddress: unable to read from 81b7d868
Unable to read MiSystemVaType memory at 81b5d420
Probably caused by : ntkrpamp.exe ( nt!ExpFindAndRemoveTagBigPages+1d5 )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 00000022,
Arg2: 002f0000
Arg3: 00000000
Arg4: 00000000

Debugging Details:
------------------

GetPointerFromAddress: unable to read from 81b7d868
Unable to read MiSystemVaType memory at 81b5d420

BUGCHECK_STR: 0x19_22

POOL_ADDRESS: GetPointerFromAddress: unable to read from 81b7d868
Unable to read MiSystemVaType memory at 81b5d420
002f0000

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

PROCESS_NAME: audiodg.exe

CURRENT_IRQL: 2

LAST_CONTROL_TRANSFER: from 81a8bcaf to 81b13163

STACK_TEXT:
99f168dc 81a8bcaf 00000019 00000022 002f0000 nt!KeBugCheckEx+0x1e
99f16918 81b33fd2 002f0000 99f16964 99f16948 nt!ExpFindAndRemoveTagBigPages+0x1d5
99f16988 81c5f030 002f0000 00000000 79611e9a nt!ExFreePoolWithTag+0x145
99f16bfc 81c5ed23 00000002 00000001 00000000 nt!ObpWaitForMultipleObjects+0x2c8
99f16c38 81c64412 00000000 00000000 84b49008 nt!NtWaitForMultipleObjects+0xcc
00000000 00000000 00000000 00000000 00000000 nt!ObOpenObjectByName+0x484


STACK_COMMAND: kb

FOLLOWUP_IP:
nt!ExpFindAndRemoveTagBigPages+1d5
81a8bcaf cc int 3

SYMBOL_STACK_INDEX: 1

SYMBOL_NAME: nt!ExpFindAndRemoveTagBigPages+1d5

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

IMAGE_NAME: ntkrpamp.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 4812bd71

FAILURE_BUCKET_ID: 0x19_22_nt!ExpFindAndRemoveTagBigPages+1d5

BUCKET_ID: 0x19_22_nt!ExpFindAndRemoveTagBigPages+1d5

Followup: MachineOwner
---------
 
Joined
Jan 9, 2004
Messages
437
For starters your HijackThis log is clean.

As for your other issue...I would try the simple route.

Pop in your Vista cd and go through the options until you hit the "Repair" option. Let is repair the system files and reboot.
A lot of the time these types of issues are memory related, but since you have already cleared the memory, we need to start looking at the system itself as part of the problem.

The good thing about the Repair option is that none of your other files (documents, pictures, music etc) will be effected.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top