1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

random BSOD stop screens on my new laptop

Discussion in 'Windows Vista' started by bencutmore, Oct 1, 2008.

Thread Status:
Not open for further replies.
Advertisement
  1. bencutmore

    bencutmore Thread Starter

    Joined:
    Jul 26, 2004
    Messages:
    46
    Hi there, I bought a new Dell XPS M1530 laptop about a month ago and I've been getting random BSOD errors, usually once per day at least, sometimes more. It doesn't seem to happen when th emachine is under particular strain. It has happened 2-3 times when I tried to shut down the laptop, all the others are pretty much random.

    I've ran MS memory diagnostics tool for a few hours aswell as the Dell diagnostics tool, which appears to do pretty much the same thing, but checks other areas such as GPU etc too. I haven't tried a fresh install of Vista yet, becuase I use this laptop to work on, I was sort of hoping someone here could have a look at my crashdumps and hopefully it would be somethin simple before I go through the backup/restore process. Perhaps wishful thinking though.

    Below is my last 2 crash dumps, though I've seen at least 1 crashdump which looks different to these, so I don't know how helpful they'll be. As well as a HJT log.

    Microsoft (R) Windows Debugger Version 6.9.0003.113 X86
    Copyright (c) Microsoft Corporation. All rights reserved.


    Loading Dump File [C:\Windows\Minidump\Mini100108-02.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available

    Symbol search path is: SRV*c:\local cache*http://msdl.microsoft.com/download/symbols
    Executable search path is:
    Windows Server 2008 Kernel Version 6001 (Service Pack 1) MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS Personal
    Built by: 6001.18063.x86fre.vistasp1_gdr.080425-1930
    Kernel base = 0x81a12000 PsLoadedModuleList = 0x81b29c70
    Debug session time: Wed Oct 1 06:48:42.912 2008 (GMT+1)
    System Uptime: 0 days 0:36:09.344
    Loading Kernel Symbols
    ..............................................................................................................................................
    Loading User Symbols
    Loading unloaded module list
    ....
    *******************************************************************************
    * *
    * Bugcheck Analysis *
    * *
    *******************************************************************************

    Use !analyze -v to get detailed debugging information.

    BugCheck 1A, {5003, 94630000, 2239, 2bcf072}

    Probably caused by : win32k.sys ( win32k!vSolidFillRect1+107 )

    Followup: MachineOwner
    ---------

    0: kd> !analyze -v
    *******************************************************************************
    * *
    * Bugcheck Analysis *
    * *
    *******************************************************************************

    MEMORY_MANAGEMENT (1a)
    # Any other values for parameter 1 must be individually examined.
    Arguments:
    Arg1: 00005003, The subtype of the bugcheck.
    Arg2: 94630000
    Arg3: 00002239
    Arg4: 02bcf072

    Debugging Details:
    ------------------


    BUGCHECK_STR: 0x1a_5003

    CUSTOMER_CRASH_COUNT: 2

    DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

    PROCESS_NAME: firefox.exe

    CURRENT_IRQL: 0

    TRAP_FRAME: a6ea38b4 -- (.trap 0xffffffffa6ea38b4)
    ErrCode = 00000002
    eax=00000000 ebx=0000017d ecx=000000d3 edx=000003a3 esi=fc400008 edi=fc4e4000
    eip=81a65d60 esp=a6ea3928 ebp=a6ea395c iopl=0 nv up ei pl nz na pe nc
    cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206
    nt!RtlFillMemoryUlong+0x10:
    81a65d60 f3ab rep stos dword ptr es:[edi]
    Resetting default scope

    LAST_CONTROL_TRANSFER: from 81a7e926 to 81adf163

    STACK_TEXT:
    a6ea364c 81a7e926 0000001a 00005003 94630000 nt!KeBugCheckEx+0x1e
    a6ea3684 81a99789 c07e2720 82c8bf50 00000000 nt!MiAllocateWsle+0x7d
    a6ea36bc 81a9754b 00000001 8b105d70 fc4e4000 nt!MiCompleteProtoPteFault+0x211
    a6ea3714 81a99424 00000001 fc4e4000 b48e1758 nt!MiResolveDemandZeroFault+0x5d2
    a6ea3758 81a9699f 00000001 fc4e4000 c07e2720 nt!MiResolveProtoPteFault+0x3c3
    a6ea3820 81ab80f3 fc4e4000 b48e1758 00000000 nt!MiDispatchFault+0x9a6
    a6ea389c 81a6cbb4 00000001 fc4e4000 00000000 nt!MmAccessFault+0x10ac
    a6ea389c 81a65d60 00000001 fc4e4000 00000000 nt!KiTrap0E+0xdc
    a6ea3928 94f206f7 fc4e34c0 00000e8c 00000000 nt!RtlFillMemoryUlong+0x10
    a6ea395c 94f1bcc7 a6ea3c1c 00000001 fc400008 win32k!vSolidFillRect1+0x107
    a6ea3afc 94f1b8b7 94f205f0 a6ea3c1c 00000000 win32k!vDIBSolidBlt+0x102
    a6ea3b68 94f1b4f2 ffa77590 00000000 00000000 win32k!EngBitBlt+0x18e
    a6ea3bc8 94f1b677 fc904de8 a6ea3c2c a6ea3c1c win32k!GrePatBltLockedDC+0x212
    a6ea3c70 94ef058e a6ea3d04 0000f0f0 0037ec9c win32k!GrePolyPatBltInternal+0x173
    a6ea3d28 81a69a7a 01011ac6 00f00021 0037ec9c win32k!NtGdiPolyPatBlt+0x16d
    a6ea3d28 774b9a94 01011ac6 00f00021 0037ec9c nt!KiFastCallEntry+0x12a
    WARNING: Frame IP not in any known module. Following frames may be wrong.
    0037ec78 00000000 00000000 00000000 00000000 0x774b9a94


    STACK_COMMAND: kb

    FOLLOWUP_IP:
    win32k!vSolidFillRect1+107
    94f206f7 8b55f4 mov edx,dword ptr [ebp-0Ch]

    SYMBOL_STACK_INDEX: 9

    SYMBOL_NAME: win32k!vSolidFillRect1+107

    FOLLOWUP_NAME: MachineOwner

    MODULE_NAME: win32k

    IMAGE_NAME: win32k.sys

    DEBUG_FLR_IMAGE_TIMESTAMP: 47c78851

    FAILURE_BUCKET_ID: 0x1a_5003_win32k!vSolidFillRect1+107

    BUCKET_ID: 0x1a_5003_win32k!vSolidFillRect1+107

    Followup: MachineOwner
    ---------

    and number 2:


    Microsoft (R) Windows Debugger Version 6.9.0003.113 X86
    Copyright (c) Microsoft Corporation. All rights reserved.


    Loading Dump File [C:\Windows\Minidump\Mini100108-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available

    Symbol search path is: SRV*c:\local cache*http://msdl.microsoft.com/download/symbols
    Executable search path is:
    Windows Server 2008 Kernel Version 6001 (Service Pack 1) MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS Personal
    Built by: 6001.18063.x86fre.vistasp1_gdr.080425-1930
    Kernel base = 0x81a00000 PsLoadedModuleList = 0x81b17c70
    Debug session time: Wed Oct 1 06:12:09.442 2008 (GMT+1)
    System Uptime: 0 days 1:26:00.582
    Loading Kernel Symbols
    ..............................................................................................................................................
    Loading User Symbols
    Loading unloaded module list
    ....
    *******************************************************************************
    * *
    * Bugcheck Analysis *
    * *
    *******************************************************************************

    Use !analyze -v to get detailed debugging information.

    BugCheck C2, {7, 110b, 0, 880052e8}

    GetPointerFromAddress: unable to read from 81b37868
    Unable to read MiSystemVaType memory at 81b17420
    *** WARNING: Unable to verify timestamp for yk60x86.sys
    *** ERROR: Module load completed but symbols could not be loaded for yk60x86.sys
    *** WARNING: Unable to verify timestamp for iastorv.sys
    *** ERROR: Module load completed but symbols could not be loaded for iastorv.sys
    *** WARNING: Unable to verify timestamp for iastor.sys
    *** ERROR: Module load completed but symbols could not be loaded for iastor.sys
    *** WARNING: Unable to verify timestamp for PxHelp20.sys
    *** ERROR: Module load completed but symbols could not be loaded for PxHelp20.sys
    *** WARNING: Unable to verify timestamp for spsys.sys
    *** ERROR: Module load completed but symbols could not be loaded for spsys.sys
    *** ERROR: Module load completed but symbols could not be loaded for spldr.sys
    *** WARNING: Unable to verify timestamp for nvlddmkm.sys
    *** ERROR: Module load completed but symbols could not be loaded for nvlddmkm.sys
    *** WARNING: Unable to verify timestamp for bcmwl6.sys
    *** ERROR: Module load completed but symbols could not be loaded for bcmwl6.sys
    *** WARNING: Unable to verify timestamp for rimmptsk.sys
    *** ERROR: Module load completed but symbols could not be loaded for rimmptsk.sys
    *** WARNING: Unable to verify timestamp for rimsptsk.sys
    *** ERROR: Module load completed but symbols could not be loaded for rimsptsk.sys
    *** WARNING: Unable to verify timestamp for rixdptsk.sys
    *** ERROR: Module load completed but symbols could not be loaded for rixdptsk.sys
    *** WARNING: Unable to verify timestamp for Apfiltr.sys
    *** ERROR: Module load completed but symbols could not be loaded for Apfiltr.sys
    *** WARNING: Unable to verify timestamp for libusb0.sys
    *** ERROR: Module load completed but symbols could not be loaded for libusb0.sys
    *** WARNING: Unable to verify timestamp for stwrt.sys
    *** ERROR: Module load completed but symbols could not be loaded for stwrt.sys
    *** WARNING: Unable to verify timestamp for drmk.sys
    *** ERROR: Module load completed but symbols could not be loaded for drmk.sys
    *** WARNING: Unable to verify timestamp for tcusb.sys
    *** ERROR: Module load completed but symbols could not be loaded for tcusb.sys
    *** WARNING: Unable to verify timestamp for OEM02Dev.sys
    *** ERROR: Module load completed but symbols could not be loaded for OEM02Dev.sys
    *** WARNING: Unable to verify timestamp for OEM02Vfx.sys
    *** ERROR: Module load completed but symbols could not be loaded for OEM02Vfx.sys
    *** WARNING: Unable to verify timestamp for dump_iaStor.sys
    *** ERROR: Module load completed but symbols could not be loaded for dump_iaStor.sys
    *** WARNING: Unable to verify timestamp for win32k.sys
    *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
    *** WARNING: Unable to verify timestamp for TSDDD.dll
    *** ERROR: Module load completed but symbols could not be loaded for TSDDD.dll
    *** WARNING: Unable to verify timestamp for ATMFD.DLL
    *** ERROR: Module load completed but symbols could not be loaded for ATMFD.DLL
    *** WARNING: Unable to verify timestamp for cdd.dll
    *** ERROR: Module load completed but symbols could not be loaded for cdd.dll
    *** WARNING: Unable to verify timestamp for secdrv.SYS
    *** ERROR: Module load completed but symbols could not be loaded for secdrv.SYS
    GetPointerFromAddress: unable to read from 81b37868
    Unable to read MiSystemVaType memory at 81b17420
    Probably caused by : ntkrpamp.exe ( nt!ExFreePoolWithTag+17f )

    Followup: MachineOwner
    ---------

    1: kd> !analyze -v
    *******************************************************************************
    * *
    * Bugcheck Analysis *
    * *
    *******************************************************************************

    BAD_POOL_CALLER (c2)
    The current thread is making a bad pool request. Typically this is at a bad IRQL level or double freeing the same allocation, etc.
    Arguments:
    Arg1: 00000007, Attempt to free pool which was already freed
    Arg2: 0000110b, (reserved)
    Arg3: 00000000, Memory contents of the pool block
    Arg4: 880052e8, Address of the block of pool being deallocated

    Debugging Details:
    ------------------

    GetPointerFromAddress: unable to read from 81b37868
    Unable to read MiSystemVaType memory at 81b17420
    GetPointerFromAddress: unable to read from 81b37868
    Unable to read MiSystemVaType memory at 81b17420

    POOL_ADDRESS: GetPointerFromAddress: unable to read from 81b37868
    Unable to read MiSystemVaType memory at 81b17420
    880052e8

    BUGCHECK_STR: 0xc2_7

    CUSTOMER_CRASH_COUNT: 1

    DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

    PROCESS_NAME: System

    CURRENT_IRQL: 0

    LAST_CONTROL_TRANSFER: from 81aee00c to 81acd163

    STACK_TEXT:
    9ab53b8c 81aee00c 000000c2 00000007 0000110b nt!KeBugCheckEx+0x1e
    9ab53c00 81be3a31 880052e8 00000000 00000000 nt!ExFreePoolWithTag+0x17f
    9ab53c3c 81c445e7 88cffd90 81dc0110 88cffd78 nt!PspProcessDelete+0x97
    9ab53c58 81a5189d 88cffd90 00000000 0e3bcab4 nt!ObpRemoveObjectRoutine+0x13d
    9ab53c80 81a4d4f6 00000002 9ab53ce8 81c2e62e nt!ObfDereferenceObject+0xa1
    9ab53c8c 81c2e62e 00000000 c000009a 81aff080 nt!MmFreeAccessPfnBuffer+0x27
    9ab53ce8 81c2da9b 00000000 89230030 00000000 nt!PfpFlushBuffers+0x291
    9ab53d7c 81bd5b18 81aff080 5d0b2724 00000000 nt!PfTLoggingWorker+0xaa
    9ab53dc0 81a2ea3e 81c2d9eb 81aff080 00000000 nt!PspSystemThreadStartup+0x9d
    00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16


    STACK_COMMAND: kb

    FOLLOWUP_IP:
    nt!ExFreePoolWithTag+17f
    81aee00c cc int 3

    SYMBOL_STACK_INDEX: 1

    SYMBOL_NAME: nt!ExFreePoolWithTag+17f

    FOLLOWUP_NAME: MachineOwner

    MODULE_NAME: nt

    IMAGE_NAME: ntkrpamp.exe

    DEBUG_FLR_IMAGE_TIMESTAMP: 4812bd71

    FAILURE_BUCKET_ID: 0xc2_7_nt!ExFreePoolWithTag+17f

    BUCKET_ID: 0xc2_7_nt!ExFreePoolWithTag+17f

    Followup: MachineOwner
    ---------

    and my HJT log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:08:15, on 01/10/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\DellTPad\Apoint.exe
    C:\Windows\OEM02Mon.exe
    C:\Program Files\Java\jre1.6.0\bin\jusched.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Windows\System32\WLTRAY.EXE
    C:\Program Files\Dell\MediaDirect\PCMService.exe
    C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\DellTPad\ApMsgFwd.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\DellTPad\Apntex.exe
    C:\Program Files\Protector Suite QL\psqltray.exe
    C:\Program Files\DellTPad\HidFind.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Users\Ben\Downloads\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=0080430
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
    O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
    O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O13 - Gopher Prefix:
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\Windows\system32\libusbd-nt.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

    --
    End of file - 6192 bytes


    I hope it's not too much to ask, this is starting to drive me crazy. Any help would be much appreciated as looking at those BSOD dumps is out of my league. Thanks very much.
     
  2. bencutmore

    bencutmore Thread Starter

    Joined:
    Jul 26, 2004
    Messages:
    46
    Sorry to bump, but this is my latest debug from a BSOD that just happened to me a minute ago:


    Microsoft (R) Windows Debugger Version 6.9.0003.113 X86
    Copyright (c) Microsoft Corporation. All rights reserved.


    Loading Dump File [C:\Windows\Minidump\Mini100108-03.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available

    Symbol search path is: SRV*c:\local cache*http://msdl.microsoft.com/download/symbols
    Executable search path is:
    Windows Server 2008 Kernel Version 6001 (Service Pack 1) MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS Personal
    Built by: 6001.18063.x86fre.vistasp1_gdr.080425-1930
    Kernel base = 0x81a1e000 PsLoadedModuleList = 0x81b35c70
    Debug session time: Wed Oct 1 21:30:52.174 2008 (GMT+1)
    System Uptime: 0 days 3:48:32.857
    Loading Kernel Symbols
    ..............................................................................................................................................
    Loading User Symbols
    Loading unloaded module list
    ....
    *******************************************************************************
    * *
    * Bugcheck Analysis *
    * *
    *******************************************************************************

    Use !analyze -v to get detailed debugging information.

    BugCheck 1000007E, {c000001d, 8ece98e0, 8ad67c3c, 8ad67938}

    Probably caused by : hardware ( VIDEOPRT!pVideoPortExposeACPIInfo+21a )

    Followup: MachineOwner
    ---------

    0: kd> !analyze -v
    *******************************************************************************
    * *
    * Bugcheck Analysis *
    * *
    *******************************************************************************

    SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
    This is a very common bugcheck. Usually the exception address pinpoints
    the driver/function that caused the problem. Always note this address
    as well as the link date of the driver/image that contains this address.
    Some common problems are exception code 0x80000003. This means a hard
    coded breakpoint or assertion was hit, but this system was booted
    /NODEBUG. This is not supposed to happen as developers should never have
    hardcoded breakpoints in retail code, but ...
    If this happens, make sure a debugger gets connected, and the
    system is booted /DEBUG. This will let us see why this breakpoint is
    happening.
    Arguments:
    Arg1: c000001d, The exception code that was not handled
    Arg2: 8ece98e0, The address that the exception occurred at
    Arg3: 8ad67c3c, Exception Record Address
    Arg4: 8ad67938, Context Record Address

    Debugging Details:
    ------------------


    EXCEPTION_CODE: (NTSTATUS) 0xc000001d - {EXCEPTION} Illegal Instruction An attempt was made to execute an illegal instruction.

    FAULTING_IP:
    VIDEOPRT!pVideoPortExposeACPIInfo+21a
    8ece98e0 8e0f mov cs,word ptr [edi]

    EXCEPTION_RECORD: 8ad67c3c -- (.exr 0xffffffff8ad67c3c)
    ExceptionAddress: 8ece98e0 (VIDEOPRT!pVideoPortExposeACPIInfo+0x0000021a)
    ExceptionCode: c000001d (Illegal instruction)
    ExceptionFlags: 00000000
    NumberParameters: 0

    CONTEXT: 8ad67938 -- (.cxr 0xffffffff8ad67938)
    eax=00000004 ebx=8ed5ef58 ecx=86cc0ac8 edx=00000003 esi=857d28c0 edi=857d2964
    eip=8ece98e0 esp=8ad67d04 ebp=8ad67d14 iopl=0 nv up ei pl nz na pe nc
    cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206
    VIDEOPRT!pVideoPortExposeACPIInfo+0x21a:
    8ece98e0 8e0f mov cs,word ptr [edi] ds:0023:857d2964=b268
    Resetting default scope

    CUSTOMER_CRASH_COUNT: 3

    DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

    BUGCHECK_STR: 0x7E

    PROCESS_NAME: System

    CURRENT_IRQL: 0

    ERROR_CODE: (NTSTATUS) 0xc000001d - {EXCEPTION} Illegal Instruction An attempt was made to execute an illegal instruction.

    MISALIGNED_IP:
    VIDEOPRT!pVideoPortExposeACPIInfo+21a
    8ece98e0 8e0f mov cs,word ptr [edi]

    LAST_CONTROL_TRANSFER: from 8ed59c86 to 8ece98e0

    FAILED_INSTRUCTION_ADDRESS:
    VIDEOPRT!pVideoPortExposeACPIInfo+21a
    8ece98e0 8e0f mov cs,word ptr [edi]

    STACK_TEXT:
    8ad67d14 8ed59c86 857d2964 81b2013c 8733c468 VIDEOPRT!pVideoPortExposeACPIInfo+0x21a
    8ad67d30 81c3a31b 8733c468 00000000 83f8d828 afd!AfdDoWork+0x51
    8ad67d44 81a5641d 86d02348 00000000 83f8d828 nt!IopProcessWorkItem+0x23
    8ad67d7c 81bf3b18 86d02348 748052e1 00000000 nt!ExpWorkerThread+0xfd
    8ad67dc0 81a4ca3e 81a56320 00000001 00000000 nt!PspSystemThreadStartup+0x9d
    00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16


    FOLLOWUP_IP:
    VIDEOPRT!pVideoPortExposeACPIInfo+21a
    8ece98e0 8e0f mov cs,word ptr [edi]

    SYMBOL_STACK_INDEX: 0

    SYMBOL_NAME: VIDEOPRT!pVideoPortExposeACPIInfo+21a

    FOLLOWUP_NAME: MachineOwner

    MODULE_NAME: hardware

    IMAGE_NAME: hardware

    DEBUG_FLR_IMAGE_TIMESTAMP: 0

    STACK_COMMAND: .cxr 0xffffffff8ad67938 ; kb

    FAILURE_BUCKET_ID: IP_MISALIGNED

    BUCKET_ID: IP_MISALIGNED

    Followup: MachineOwner
    ---------
     
  3. bencutmore

    bencutmore Thread Starter

    Joined:
    Jul 26, 2004
    Messages:
    46
    and another... As you can see, it's fairly frequent :(


    Microsoft (R) Windows Debugger Version 6.9.0003.113 X86
    Copyright (c) Microsoft Corporation. All rights reserved.


    Loading Dump File [C:\Windows\Minidump\Mini100208-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available

    Symbol search path is: SRV*c:\local cache*http://msdl.microsoft.com/download/symbols
    Executable search path is:
    Windows Server 2008 Kernel Version 6001 (Service Pack 1) MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS Personal
    Built by: 6001.18063.x86fre.vistasp1_gdr.080425-1930
    Kernel base = 0x81a46000 PsLoadedModuleList = 0x81b5dc70
    Debug session time: Thu Oct 2 01:36:58.711 2008 (GMT+1)
    System Uptime: 0 days 4:05:32.435
    Loading Kernel Symbols
    ..............................................................................................................................................
    Loading User Symbols
    Loading unloaded module list
    ....
    *******************************************************************************
    * *
    * Bugcheck Analysis *
    * *
    *******************************************************************************

    Use !analyze -v to get detailed debugging information.

    BugCheck 19, {22, 2f0000, 0, 0}

    GetPointerFromAddress: unable to read from 81b7d868
    Unable to read MiSystemVaType memory at 81b5d420
    Probably caused by : ntkrpamp.exe ( nt!ExpFindAndRemoveTagBigPages+1d5 )

    Followup: MachineOwner
    ---------

    0: kd> !analyze -v
    *******************************************************************************
    * *
    * Bugcheck Analysis *
    * *
    *******************************************************************************

    BAD_POOL_HEADER (19)
    The pool is already corrupt at the time of the current request.
    This may or may not be due to the caller.
    The internal pool links must be walked to figure out a possible cause of
    the problem, and then special pool applied to the suspect tags or the driver
    verifier to a suspect driver.
    Arguments:
    Arg1: 00000022,
    Arg2: 002f0000
    Arg3: 00000000
    Arg4: 00000000

    Debugging Details:
    ------------------

    GetPointerFromAddress: unable to read from 81b7d868
    Unable to read MiSystemVaType memory at 81b5d420

    BUGCHECK_STR: 0x19_22

    POOL_ADDRESS: GetPointerFromAddress: unable to read from 81b7d868
    Unable to read MiSystemVaType memory at 81b5d420
    002f0000

    CUSTOMER_CRASH_COUNT: 1

    DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

    PROCESS_NAME: audiodg.exe

    CURRENT_IRQL: 2

    LAST_CONTROL_TRANSFER: from 81a8bcaf to 81b13163

    STACK_TEXT:
    99f168dc 81a8bcaf 00000019 00000022 002f0000 nt!KeBugCheckEx+0x1e
    99f16918 81b33fd2 002f0000 99f16964 99f16948 nt!ExpFindAndRemoveTagBigPages+0x1d5
    99f16988 81c5f030 002f0000 00000000 79611e9a nt!ExFreePoolWithTag+0x145
    99f16bfc 81c5ed23 00000002 00000001 00000000 nt!ObpWaitForMultipleObjects+0x2c8
    99f16c38 81c64412 00000000 00000000 84b49008 nt!NtWaitForMultipleObjects+0xcc
    00000000 00000000 00000000 00000000 00000000 nt!ObOpenObjectByName+0x484


    STACK_COMMAND: kb

    FOLLOWUP_IP:
    nt!ExpFindAndRemoveTagBigPages+1d5
    81a8bcaf cc int 3

    SYMBOL_STACK_INDEX: 1

    SYMBOL_NAME: nt!ExpFindAndRemoveTagBigPages+1d5

    FOLLOWUP_NAME: MachineOwner

    MODULE_NAME: nt

    IMAGE_NAME: ntkrpamp.exe

    DEBUG_FLR_IMAGE_TIMESTAMP: 4812bd71

    FAILURE_BUCKET_ID: 0x19_22_nt!ExpFindAndRemoveTagBigPages+1d5

    BUCKET_ID: 0x19_22_nt!ExpFindAndRemoveTagBigPages+1d5

    Followup: MachineOwner
    ---------
     
  4. ryanjoachim

    ryanjoachim

    Joined:
    Jan 9, 2004
    Messages:
    437
    For starters your HijackThis log is clean.

    As for your other issue...I would try the simple route.

    Pop in your Vista cd and go through the options until you hit the "Repair" option. Let is repair the system files and reboot.
    A lot of the time these types of issues are memory related, but since you have already cleared the memory, we need to start looking at the system itself as part of the problem.

    The good thing about the Repair option is that none of your other files (documents, pictures, music etc) will be effected.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/755165

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice