BSOD in Win 7 x64, Debugger indicates NETIO.sys

I just recently installed Windows 7 Ultimate x64 on my system (upgrade from XP x86), and since then I have been getting random BSOD errors. I got the Windows Dubugger program, but when I try to read the .DMP file it says that it does not have the correct symbols. This brings me to my two questions

First, can anyone tell me where to point Debugger to get the correct symbol set, and second can anyone tell me what is causing the BSOD errors?

I have the latest updates for Win 7, all drivers are up to date, and correct for the device. All devices in the machine are confirmed Win 7 compatible.

Below is what I get from the Debugger program, if needed I can upload the original dump file (or at least the most recent one).

This is a tricky one, I have been unable to find a clear answer on the intertubes, so I am bringing this to you guys.   :)


Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available

Symbol search path is: srv*
Executable search path is:
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16539.amd64fre.win7_gdr.100226-1909
Machine Name:
Kernel base = 0xfffff800`02a4e000 PsLoadedModuleList = 0xfffff800`02c8be50
Debug session time: Thu Apr 22 07:20:51.785 2010 (UTC - 6:00)
System Uptime: 0 days 0:02:36.813
Loading Kernel Symbols
...............................................................
................................................................
......................................
Loading User Symbols

Loading unloaded module list
.....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 7F, {8, 80050031, 6f8, fffff80002ac3f5f}

*** ERROR: Module load completed but symbols could not be loaded for SYMTDIV.SYS
*** ERROR: Module load completed but symbols could not be loaded for yk62x64.sys
Probably caused by : NETIO.SYS ( NETIO!CompareSecurityContexts+6a )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

UNEXPECTED_KERNEL_MODE_TRAP (7f)
This means a trap occurred in kernel mode, and it's a trap of a kind
that the kernel isn't allowed to have/catch (bound trap) or that
is always instant death (double fault).  The first number in the
bugcheck params is the number of the trap (8 = double fault, etc)
Consult an Intel x86 family manual to learn more about what these
traps are. Here is a *portion* of those codes:
If kv shows a taskGate
        use .tss on the part before the colon, then kv.
Else if kv shows a trapframe
        use .trap on that value
Else
        .trap on the appropriate frame will show where the trap was taken
        (on x86, this will be the ebp that goes with the procedure KiTrap)
Endif
kb will then show the corrected stack.
Arguments:
Arg1: 0000000000000008, EXCEPTION_DOUBLE_FAULT
Arg2: 0000000080050031
Arg3: 00000000000006f8
Arg4: fffff80002ac3f5f

Debugging Details:
------------------


BUGCHECK_STR:  0x7f_8

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  System

CURRENT_IRQL:  2

LAST_CONTROL_TRANSFER:  from fffff80002abdb69 to fffff80002abe600

STACK_TEXT:  
fffff880`009eece8 fffff800`02abdb69 : 00000000`0000007f 00000000`00000008 00000000`80050031 00000000`000006f8 : nt!KeBugCheckEx
fffff880`009eecf0 fffff800`02abc032 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
fffff880`009eee30 fffff800`02ac3f5f : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDoubleFaultAbort+0xb2
fffff880`03115f70 fffff800`02ac3b10 : fffff880`031161e0 00000000`00000000 fffff880`031161e0 fffff880`03116200 : nt!SepAccessCheck+0x4f
fffff880`031160a0 fffff800`02a86f02 : fffffa80`06b88080 00000000`00000001 00000000`00000000 fffffa80`04a7d7c8 : nt!SeAccessCheckWithHint+0x180
fffff880`03116180 fffff880`0177bc5a : 00000598`00000000 00000598`00000000 00000598`00000000 00000598`00000000 : nt!SeAccessCheckFromState+0x102
fffff880`03116870 fffff880`0177994f : 00000598`00000000 00000598`00000000 00000598`00000000 00000598`00000000 : NETIO!CompareSecurityContexts+0x6a
fffff880`031168e0 fffff880`0177b9b5 : 00000598`00000000 00000598`00000000 00000598`00000000 00000598`00000000 : NETIO!MatchValues+0xef
fffff880`03116930 fffff880`0177b845 : fffffa80`06abb950 fffffa80`07b1ea30 fffff880`03116b58 fffff880`03117290 : NETIO!FilterMatch+0x95
fffff880`03116980 fffff880`0177cccb : 00000000`00000000 00000000`00000000 fffff880`03117290 fffff880`03116b40 : NETIO!IndexListClassify+0x69
fffff880`03116a00 fffff880`0183f4d0 : fffff880`03117290 fffff880`03116ed8 fffff880`03117c10 fffffa80`084269a0 : NETIO!KfdClassify+0xa4e
fffff880`03116d70 fffff880`0183877e : fffff880`01947690 00000000`00000000 fffffa80`076e4460 00000000`00000000 : tcpip!WfpAleClassify+0x50
fffff880`03116db0 fffff880`01837c15 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : tcpip!WfpAlepAuthorizeSend+0x94e
fffff880`031174c0 fffff880`0183b956 : 00000000`00000000 00000000`00000000 00000000`00000011 00000000`00000000 : tcpip!WfpAleAuthorizeSend+0x325
fffff880`03117790 fffff880`0183e6a4 : 00000000`00000000 fffff880`03117bc8 fffff880`03117bd0 00000000`00000000 : tcpip!WfpAleConnectAcceptIndicate+0x106
fffff880`03117880 fffff880`01836f59 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000008 : tcpip!ProcessALEForTransportPacket+0x664
fffff880`03117af0 fffff880`01863bf6 : 00000000`00000000 00000000`00000002 fffffa80`07838900 fffffa80`04a88900 : tcpip!WfpProcessOutTransportStackIndication+0x329
fffff880`03117cc0 fffff880`01868a7e : fffffa80`07833190 fffff880`01777804 fffff880`0196d9a0 fffffa80`076e4460 : tcpip!IppSendDatagramsCommon+0x526
fffff880`03117f90 fffff880`01835cf8 : fffffa80`076e4460 fffffa80`084269a0 fffffa80`084269a0 fffffa80`07833190 : tcpip!IpNlpSendDatagrams+0x3e
fffff880`03117fd0 fffff880`0183626d : fffffa80`07798780 fffffa80`07706140 fffff880`03118920 00000000`00000000 : tcpip!UdpSendMessagesOnPathCreation+0x688
fffff880`03118350 fffff880`01835ef5 : fffff880`03118880 00000008`00008900 00000000`00000001 00000000`00000000 : tcpip!UdpSendMessages+0x35d
fffff880`03118740 fffff800`02acdd4a : 00000000`00000001 00000000`00000000 00000000`00000000 00000000`00000000 : tcpip!UdpTlProviderSendMessagesCalloutRoutine+0x15
fffff880`03118770 fffff880`018364b8 : fffff880`01835ee0 fffff880`03118880 00000000`00000002 00000000`00000000 : nt!KeExpandKernelStackAndCalloutEx+0xda
fffff880`03118850 fffff880`01ac9f45 : fffffa80`04911b40 fffffa80`079b8490 fffffa80`077088b0 fffffa80`0508cfde : tcpip!UdpTlProviderSendMessages+0x78
fffff880`031188d0 fffff880`01ac9ff2 : fffffa80`086ed402 00000000`00000000 fffffa80`03b376a8 fffffa80`03b376f0 : tdx!TdxSendDatagramTransportAddress+0x2f5
fffff880`031189b0 fffff880`02e50a48 : fffffa80`06536a90 00000000`000000c8 fffffa80`07a91c10 fffffa80`03b37590 : tdx!TdxTdiDispatchInternalDeviceControl+0x52
fffff880`031189e0 fffff880`02e6dc33 : fffffa80`076f4074 fffffa80`086ed4f0 fffff880`03118b78 fffffa80`086ed4f0 : SYMTDIV+0x7a48
fffff880`03118a40 fffff880`02e50f87 : 00000000`00000000 fffffa80`06536a90 fffff880`03118b78 fffffa80`03b37590 : SYMTDIV+0x24c33
fffff880`03118a80 fffff880`02e66bba : fffffa80`06536a90 fffffa80`03b376f0 fffffa80`03b37590 00000000`c000009a : SYMTDIV+0x7f87
fffff880`03118b20 fffff880`02f81542 : 00000000`00000000 fffffa80`00000001 fffffa80`03b37590 fffffa80`03b37590 : SYMTDIV+0x1dbba
fffff880`03118b70 fffff880`02f81f61 : fffffa80`0508cfa8 fffffa80`0508cfa8 fffffa80`06bbb0d0 fffff880`03118c70 : netbt!TdiSendDatagram+0x187
fffff880`03118be0 fffff880`02f8e329 : fffffa80`076c1de0 fffffa80`0508cdf0 00000000`00000021 00000000`00000044 : netbt!UdpSendDatagram+0x1b1
fffff880`03118c70 fffff880`02f8e0e6 : 00000000`00000000 00000000`00000000 00000000`00000032 fffff880`02fa0089 : netbt!UdpSendResponse+0x4e0
fffff880`03118cf0 fffff880`02f82be7 : fffffa80`07a91c80 00000000`00000001 00000000`00000000 00000000`00000004 : netbt!QueryFromNet+0xb11
fffff880`03118e20 fffff880`02f80b47 : 00000000`00000032 fffffa80`07e0e7da 00000000`00000032 fffffa80`076f4002 : netbt!NameSrvHndlrNotOs+0xca
fffff880`03118e60 fffff880`02e50139 : fffffa80`076f4074 fffffa80`086ed4f0 fffffa80`07e0e7da 00000000`00000032 : netbt!TdiRcvNameSrvHandler+0x367
fffff880`03118f00 fffff880`01ac8325 : fffffa80`077ae290 fffffa80`06330002 fffff880`03119278 fffffa80`0633c6c0 : SYMTDIV+0x7139
fffff880`03119010 fffff880`018413c5 : fffffa80`0633c6c0 00000000`00000000 fffffa80`0633c6c0 fffffa80`0633c6c0 : tdx!TdxEventReceiveMessagesTransportAddress+0x315
fffff880`03119200 fffff880`018418d4 : fffffa80`00000000 fffffa80`0633c6c0 00000000`00000000 fffffa80`07e0e7d2 : tcpip!UdpDeliverDatagrams+0x155
fffff880`03119390 fffff880`0185d427 : fffffa80`04a72e30 00000000`00000000 00000000`00000000 00000000`00000000 : tcpip!UdpReceiveDatagrams+0x324
fffff880`03119480 fffff880`0185d499 : fffff880`03119600 fffff880`0196d9a0 fffff880`03119610 fffffa80`04881710 : tcpip!IppDeliverListToProtocol+0xf7
fffff880`03119540 fffff880`0185d990 : fffff880`0196d9a0 fffffa80`08b06800 00000000`00000011 fffff880`03119600 : tcpip!IppProcessDeliverList+0x59
fffff880`031195b0 fffff880`0185c821 : fffffa80`ff01a8c0 fffffa80`04a69138 fffff880`0196d9a0 00000000`08709001 : tcpip!IppReceiveHeaderBatch+0x231
fffff880`03119690 fffff880`01936592 : fffffa80`069c27c0 00000000`00000000 fffffa80`08709001 fffffa80`00000001 : tcpip!IpFlcReceivePackets+0x651
fffff880`03119890 fffff880`01609afa : fffffa80`064ab002 fffffa80`064ab010 00000000`00000002 00000000`00000000 : tcpip!IppInspectInjectReceive+0xf2
fffff880`031198d0 fffff880`02e90568 : fffffa80`0505afa0 00000000`00000002 fffff880`ffffff00 fffffa80`0856b480 : fwpkclnt!FwpsInjectTransportReceiveAsync0+0x256
fffff880`03119980 fffff880`02e8e140 : fffffa80`086ed4f0 00000000`00000000 fffff880`03119df0 fffffa80`086ed4f0 : SYMTDIV+0x47568
fffff880`03119a10 fffff880`02e8ac2f : fffffa80`086ed4f0 00000000`00000000 fffff880`03119df0 fffffa80`086ed4f0 : SYMTDIV+0x45140
fffff880`03119a70 fffff880`02e8a0f5 : fffffa80`08709010 00000000`000000c8 00000000`00000000 fffff880`03119df0 : SYMTDIV+0x41c2f
fffff880`03119aa0 fffff880`02e7c0f0 : fffff880`03119df0 fffffa80`05088470 00000000`00000171 000009c2`00000000 : SYMTDIV+0x410f5
fffff880`03119af0 fffff880`02e8ddd1 : fffffa80`0856b480 fffff880`02e927c3 00000000`00000002 00000000`00000000 : SYMTDIV+0x330f0
fffff880`03119c00 fffff880`02e92b7b : 00000000`00000000 fffff880`03119db0 fffff880`03119df0 00000000`00000002 : SYMTDIV+0x44dd1
fffff880`03119c60 fffff880`02e8e818 : fffff880`0311a110 fffff880`0311a630 fffff880`0311a630 fffff880`02ea6130 : SYMTDIV+0x49b7b
fffff880`03119d00 fffff880`0179257f : 00000000`00000126 fffff880`0168428a fffffa80`0490ea10 00000000`00000000 : SYMTDIV+0x45818
fffff880`03119fa0 fffff880`0177b619 : fffff880`0311000c fffff880`0311a630 fffffa80`039715a0 fffffa80`06802030 : NETIO! ?? ::FNODOBFM::`string'+0x7267
fffff880`0311a0c0 fffff880`0177cbb1 : fffff880`0311000c fffff880`0311a630 fffffa80`0490ea10 00000000`00000000 : NETIO!ArbitrateAndEnforce+0x2a9
fffff880`0311a190 fffff880`0182582e : 00000000`0000000c fffff880`0311a630 00000000`00000001 fffffa80`06802030 : NETIO!KfdClassify+0x934
fffff880`0311a500 fffff880`0183fd8d : fffffa80`06802030 fffffa80`0490ea10 fffff880`0311a850 00000000`00008900 : tcpip!ProcessInboundTransportLayerClassify+0x21e
fffff880`0311a720 fffff880`0186e861 : fffffa80`00000011 fffffa80`07740002 fffffa80`04a68900 00000000`00008900 : tcpip!WfpProcessInTransportStackIndication+0x81d
fffff880`0311aa90 fffff880`01840f93 : fffffa80`07744910 fffffa80`04a7d370 00000000`00000000 fffffa80`04a69000 : tcpip!InetInspectReceiveDatagram+0x121
fffff880`0311ab30 fffff880`01841345 : fffffa80`07744910 00000000`00000000 00000000`00000001 00000000`00000000 : tcpip!UdpBeginMessageIndication+0x83
fffff880`0311ac80 fffff880`018418d4 : fffffa80`00000000 fffffa80`07744910 00000000`00000000 fffffa80`067ba022 : tcpip!UdpDeliverDatagrams+0xd5
fffff880`0311ae10 fffff880`0185d427 : fffffa80`04a72e30 00000000`00000000 00000000`00000000 00000000`00000000 : tcpip!UdpReceiveDatagrams+0x324
fffff880`0311af00 fffff880`0185d499 : fffff880`0311b080 fffff880`0196d9a0 fffff880`0311b090 fffffa80`04881710 : tcpip!IppDeliverListToProtocol+0xf7
fffff880`0311afc0 fffff880`0185d990 : fffff880`0196d9a0 fffffa80`06802160 00000000`00000011 fffff880`0311b080 : tcpip!IppProcessDeliverList+0x59
fffff880`0311b030 fffff880`0185c821 : 00000000`ff01a8c0 fffffa80`04a69000 fffff880`0196d9a0 00000000`066d2b01 : tcpip!IppReceiveHeaderBatch+0x231
fffff880`0311b110 fffff880`0185b272 : fffffa80`06843f70 00000000`00000000 fffffa80`066d2b01 00000000`00000001 : tcpip!IpFlcReceivePackets+0x651
fffff880`0311b310 fffff880`018746ba : fffffa80`066d2b10 fffff880`0311b440 fffffa80`066d2b10 00000000`00000000 : tcpip!FlpReceiveNonPreValidatedNetBufferListChain+0x2b2
fffff880`0311b3f0 fffff800`02acdd4a : fffffa80`06802030 fffff880`03116000 00000000`00004800 00000000`00000000 : tcpip!FlReceiveNetBufferListChainCalloutRoutine+0xda
fffff880`0311b440 fffff880`018740e2 : fffff880`018745e0 fffff880`0311b550 00000000`00000002 fffff880`101d10ba : nt!KeExpandKernelStackAndCalloutEx+0xda
fffff880`0311b520 fffff880`017410eb : fffffa80`066d38d0 00000000`00000000 fffffa80`062fe1a0 ffffe104`01000111 : tcpip!FlReceiveNetBufferListChain+0xb2
fffff880`0311b590 fffff880`0170afc6 : fffffa80`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ndis!ndisMIndicateNetBufferListsToOpen+0xdb
fffff880`0311b600 fffff880`01684ef1 : fffffa80`062fe1a0 00000000`00000002 00000000`00000001 fffff880`0168537a : ndis!ndisMDispatchReceiveNetBufferLists+0x1d6
fffff880`0311ba80 fffff880`10018cbe : fffffa80`066c3000 fffffa80`06802030 fffffa80`06802030 fffffa80`066c3e40 : ndis!NdisMIndicateReceiveNetBufferLists+0xc1
fffff880`0311bad0 fffff880`10006a6f : fffffa80`066c3000 00000000`000000ff 00000000`00000060 fffff880`0311bc70 : yk62x64+0x18cbe


STACK_COMMAND:  kb

FOLLOWUP_IP:
NETIO!CompareSecurityContexts+6a
fffff880`0177bc5a 448b442470      mov     r8d,dword ptr [rsp+70h]

SYMBOL_STACK_INDEX:  6

SYMBOL_NAME:  NETIO!CompareSecurityContexts+6a

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: NETIO

IMAGE_NAME:  NETIO.SYS

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc18a

FAILURE_BUCKET_ID:  X64_0x7f_8_NETIO!CompareSecurityContexts+6a

BUCKET_ID:  X64_0x7f_8_NETIO!CompareSecurityContexts+6a

Followup: MachineOwner
---------

Mdamon808Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rory de LeurConsultant End-User ComputingCommented:
Question 1:
Using the Microsoft Symbol Server with WinDbg
To use the Symbol Server Web site from within WinDbg, follow these steps:

   1. Start the Windows Debugger (WinDbg.exe).
   2. On the File menu, click Symbol File Path.
   3. In the Symbol path box, type the following command:
      SRV*C:\Symbols*http://msdl.microsoft.com/download/symbols
      where your local folder for symbols is the folder in which you copy your local symbol cache. The debug symbols are downloaded to this location.
0
Rory de LeurConsultant End-User ComputingCommented:
Question 2:
Uninstall your NAV 2010 (or other Symantec antivirus), there are more problems reported with that combination, most users switched to other AV products.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bennovwCommented:
Hello,
The bug-check analysis you posted lists NetIO.sys as being the culprit of your crash. NetIO.sys is a network driver.
Some things to try:
1.
Other users have reported that overclocking has caused this same BSOD, disable any overclocking.
2.
Reinstall all your network adapter's drivers. Perhaps an bad update has wreaked havoc to your system.
3.
Try disabling your network adapters to see if the problem stops, and perhaps identify which adapter is giving you the problems. Disabling the network adapter in the BIOS is the preferred method.
4.
Check if you have multiple security programs running in the background. Windows defender is by default always using it's resident shield, this can cause problems with other software. If you have security software installed, try uninstalling it to see if the problems stop.

Some helpful info that you may give is: How frequently do these crashes happen, and how soon after installing win 7 did they start?

The previous poster has the link to the symbol path you need.

Regards,
Benno
0
IT Pros Agree: AI and Machine Learning Key

We’d all like to think our company’s data is well protected, but when you ask IT professionals they admit the data probably is not as safe as it could be.

Mdamon808Author Commented:
Thanks for the tips guys, I will give them a try and let you know how it turns out.  :)
0
John GriffithConsultantCommented:
Debugging Tutorial info --> http://www.techsupportforum.com/2637132-post12.html
STACK_TEXT:  
 00000000`000006f8 : nt!KeBugCheckEx
 00000000`00000000 : nt!KiBugCheckDispatch+0x69
 00000000`00000000 : nt!KiDoubleFaultAbort+0xb2
 < snip >
 fffffa80`03b37590 : tdx!TdxTdiDispatchInternalDeviceControl+0x52
 fffffa80`086ed4f0 : SYMTDIV+0x7a48            <--  NIS/ N360/ Symantec
fffffa80`03b37590 : SYMTDIV+0x24c33         <--  NIS/ N360/ Symantec
 
00000000`c000009a : SYMTDIV+0x7f87     <--  NIS/ N360/ Symantec
 fffffa80`03b37590 : SYMTDIV+0x1dbba         <--  NIS/ N360/ Symantec
< snip >
 00000000`00000000 : tcpip!FlReceiveNetBufferListChainCalloutRoutine+0xda
 fffff880`101d10ba : nt!KeExpandKernelStackAndCalloutEx+0xda
 ffffe104`01000111 : tcpip!FlReceiveNetBufferListChain+0xb2
 00000000`00000000 : ndis!ndisMIndicateNetBufferListsToOpen+0xdb
 < snip >
 fffff880`0311bc70 : yk62x64+0x18cbe          <--  Marvell Yukon
Marvell Yukon Ethernet driver as well as Norton drivers are clearly visible on the stack in your dump log.  Remove NIS/ N360 using Norton Removal Tool & update your Marvell Yukon Ethernet driver -
http://www.techsupportforum.com/2590413-post8.html
Regards. . .
jcgriff2
0
Mdamon808Author Commented:
Uninstalled Norton and BSODs dropped off significantly. Reinstalled Norton and removed with the Norton Removal Tool, BSODs ceased entirely.

Thanks for the help guys.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 7

From novice to tech pro — start learning today.