Windows 7 Blue Screen of Death minidump analysis request
Greetings wise wizards of EE:
I'm helping a friend with a Dell Inspiron laptop with an Intel Core i3 processor and 4 GB of RAM, running Windows 7 Home 64 bit. Her machine recently produced a BLACK screen of death, of which she did not write down the specifics, though based on her description, it sounded like a typical Windows Stop Error Blue Screen of Death.
It did produce a minidump file, which I attach below, and I am hopeful that one of you fine wizards can analyze it to help determine the exact cause. Her machine is also fairly sluggish, and only recently so.
Any help would be greatly appreciated. Many thanks in advance,
Zovoth 090211-14788-01.dmp
I'm helping a friend with a Dell Inspiron laptop with an Intel Core i3 processor and 4 GB of RAM, running Windows 7 Home 64 bit. Her machine recently produced a BLACK screen of death, of which she did not write down the specifics, though based on her description, it sounded like a typical Windows Stop Error Blue Screen of Death.
It did produce a minidump file, which I attach below, and I am hopeful that one of you fine wizards can analyze it to help determine the exact cause. Her machine is also fairly sluggish, and only recently so.
Any help would be greatly appreciated. Many thanks in advance,
Zovoth 090211-14788-01.dmp
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hope this will give you a clear picture...(detailed result of your DUMP File)
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\User\Downloads\0
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: C:\Symbols
Executable search path is:
Unable to load image \SystemRoot\system32\ntosk
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7601.17640.amd64fre.win7sp
Machine Name:
Kernel base = 0xfffff800`03261000 PsLoadedModuleList = 0xfffff800`034a6670
Debug session time: Sat Sep 3 02:12:22.757 2011 (UTC + 5:30)
System Uptime: 3 days 23:37:19.224
Unable to load image \SystemRoot\system32\ntosk
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
..........................
..........................
..........................
Loading User Symbols
Loading unloaded module list
..........................
**************************
* *
* Bugcheck Analysis *
* *
**************************
Use !analyze -v to get detailed debugging information.
BugCheck 7A, {fffff6fc400099b0, ffffffffc0000185, 1eff0860, fffff88001336c08}
Unable to load image \SystemRoot\System32\Drive
*** WARNING: Unable to verify timestamp for Ntfs.sys
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
Probably caused by : ntoskrnl.exe ( nt+7cc40 )
Followup: MachineOwner
---------
0: kd> !analyze -v
**************************
* *
* Bugcheck Analysis *
* *
**************************
KERNEL_DATA_INPAGE_ERROR (7a)
The requested page of kernel data could not be read in. Typically caused by
a bad block in the paging file or disk controller error. Also see
KERNEL_STACK_INPAGE_ERROR.
If the error status is 0xC000000E, 0xC000009C, 0xC000009D or 0xC0000185,
it means the disk subsystem has experienced a failure.
If the error status is 0xC000009A, then it means the request failed because
a filesystem failed to make forward progress.
Arguments:
Arg1: fffff6fc400099b0, lock type that was held (value 1,2,3, or PTE address)
Arg2: ffffffffc0000185, error status (normally i/o status code)
Arg3: 000000001eff0860, current process (virtual address for lock type 3, or PTE)
Arg4: fffff88001336c08, virtual address that could not be in-paged (or PTE contents if arg1 is a PTE address)
Debugging Details:
------------------
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
ADDITIONAL_DEBUG_TEXT:
Use '!findthebuild' command to search for the target build information.
If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols.
MODULE_NAME: nt
FAULTING_MODULE: fffff80003261000 nt
DEBUG_FLR_IMAGE_TIMESTAMP:
ERROR_CODE: (NTSTATUS) 0xc0000185 - The I/O device reported an I/O error.
DISK_HARDWARE_ERROR: There was error with disk hardware
BUGCHECK_STR: 0x7a_c0000185
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from fffff8000334eb52 to fffff800032ddc40
STACK_TEXT:
fffff880`038f1828 fffff800`0334eb52 : 00000000`0000007a fffff6fc`400099b0 ffffffff`c0000185 00000000`1eff0860 : nt+0x7cc40
fffff880`038f1830 00000000`0000007a : fffff6fc`400099b0 ffffffff`c0000185 00000000`1eff0860 fffff880`01336c08 : nt+0xedb52
fffff880`038f1838 fffff6fc`400099b0 : ffffffff`c0000185 00000000`1eff0860 fffff880`01336c08 fffffa80`040d1bc0 : 0x7a
fffff880`038f1840 ffffffff`c0000185 : 00000000`1eff0860 fffff880`01336c08 fffffa80`040d1bc0 00000000`c0000185 : 0xfffff6fc`400099b0
fffff880`038f1848 00000000`1eff0860 : fffff880`01336c08 fffffa80`040d1bc0 00000000`c0000185 fffffa80`00000000 : 0xffffffff`c0000185
fffff880`038f1850 fffff880`01336c07 : fffffa80`040d1bc0 00000000`c0000185 fffffa80`00000000 fffff880`01336c08 : 0x1eff0860
fffff880`038f1858 fffff800`03513500 : fffffa80`005cfd00 fffff6fc`400099b0 fffffa80`07ead330 fffffa80`041b6830 : Ntfs! ?? ::NNGAKEGL::`string'+0x2be
fffff880`038f18d8 fffffa80`005cfd00 : fffff6fc`400099b0 fffffa80`07ead330 fffffa80`041b6830 fffff880`038f1980 : nt+0x2b2500
fffff880`038f18e0 fffff6fc`400099b0 : fffffa80`07ead330 fffffa80`041b6830 fffff880`038f1980 fffffa80`07ead380 : 0xfffffa80`005cfd00
fffff880`038f18e8 fffffa80`07ead330 : fffffa80`041b6830 fffff880`038f1980 fffffa80`07ead380 fffff800`033056cf : 0xfffff6fc`400099b0
fffff880`038f18f0 fffffa80`041b6830 : fffff880`038f1980 fffffa80`07ead380 fffff800`033056cf fffffa80`07ead330 : 0xfffffa80`07ead330
fffff880`038f18f8 fffff880`038f1980 : fffffa80`07ead380 fffff800`033056cf fffffa80`07ead330 fffff880`038f19a0 : 0xfffffa80`041b6830
fffff880`038f1900 fffffa80`07ead380 : fffff800`033056cf fffffa80`07ead330 fffff880`038f19a0 fffff800`03513500 : 0xfffff880`038f1980
fffff880`038f1908 fffff800`033056cf : fffffa80`07ead330 fffff880`038f19a0 fffff800`03513500 fffffa80`07ead330 : 0xfffffa80`07ead380
fffff880`038f1910 fffffa80`07ead330 : fffff880`038f19a0 fffff800`03513500 fffffa80`07ead330 fffffa80`07ead380 : nt+0xa46cf
fffff880`038f1918 fffff880`038f19a0 : fffff800`03513500 fffffa80`07ead330 fffffa80`07ead380 fffffa80`041b6830 : 0xfffffa80`07ead330
fffff880`038f1920 fffff800`03513500 : fffffa80`07ead330 fffffa80`07ead380 fffffa80`041b6830 00000000`00000000 : 0xfffff880`038f19a0
fffff880`038f1928 fffffa80`07ead330 : fffffa80`07ead380 fffffa80`041b6830 00000000`00000000 000000a6`8af47ff3 : nt+0x2b2500
fffff880`038f1930 fffffa80`07ead380 : fffffa80`041b6830 00000000`00000000 000000a6`8af47ff3 00000000`0edb8000 : 0xfffffa80`07ead330
fffff880`038f1938 fffffa80`041b6830 : 00000000`00000000 000000a6`8af47ff3 00000000`0edb8000 fffff880`01336c08 : 0xfffffa80`07ead380
fffff880`038f1940 00000000`00000000 : 000000a6`8af47ff3 00000000`0edb8000 fffff880`01336c08 fffffa80`0519a4c0 : 0xfffffa80`041b6830
STACK_COMMAND: kb
FOLLOWUP_IP:
nt+7cc40
fffff800`032ddc40 48894c2408 mov qword ptr [rsp+8],rcx
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: nt+7cc40
FOLLOWUP_NAME: MachineOwner
IMAGE_NAME: ntoskrnl.exe
BUCKET_ID: WRONG_SYMBOLS
Followup: MachineOwner
---------
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\User\Downloads\0
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: C:\Symbols
Executable search path is:
Unable to load image \SystemRoot\system32\ntosk
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7601.17640.amd64fre.win7sp
Machine Name:
Kernel base = 0xfffff800`03261000 PsLoadedModuleList = 0xfffff800`034a6670
Debug session time: Sat Sep 3 02:12:22.757 2011 (UTC + 5:30)
System Uptime: 3 days 23:37:19.224
Unable to load image \SystemRoot\system32\ntosk
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
..........................
..........................
..........................
Loading User Symbols
Loading unloaded module list
..........................
**************************
* *
* Bugcheck Analysis *
* *
**************************
Use !analyze -v to get detailed debugging information.
BugCheck 7A, {fffff6fc400099b0, ffffffffc0000185, 1eff0860, fffff88001336c08}
Unable to load image \SystemRoot\System32\Drive
*** WARNING: Unable to verify timestamp for Ntfs.sys
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
Probably caused by : ntoskrnl.exe ( nt+7cc40 )
Followup: MachineOwner
---------
0: kd> !analyze -v
**************************
* *
* Bugcheck Analysis *
* *
**************************
KERNEL_DATA_INPAGE_ERROR (7a)
The requested page of kernel data could not be read in. Typically caused by
a bad block in the paging file or disk controller error. Also see
KERNEL_STACK_INPAGE_ERROR.
If the error status is 0xC000000E, 0xC000009C, 0xC000009D or 0xC0000185,
it means the disk subsystem has experienced a failure.
If the error status is 0xC000009A, then it means the request failed because
a filesystem failed to make forward progress.
Arguments:
Arg1: fffff6fc400099b0, lock type that was held (value 1,2,3, or PTE address)
Arg2: ffffffffc0000185, error status (normally i/o status code)
Arg3: 000000001eff0860, current process (virtual address for lock type 3, or PTE)
Arg4: fffff88001336c08, virtual address that could not be in-paged (or PTE contents if arg1 is a PTE address)
Debugging Details:
------------------
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
**************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
**************************
ADDITIONAL_DEBUG_TEXT:
Use '!findthebuild' command to search for the target build information.
If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols.
MODULE_NAME: nt
FAULTING_MODULE: fffff80003261000 nt
DEBUG_FLR_IMAGE_TIMESTAMP:
ERROR_CODE: (NTSTATUS) 0xc0000185 - The I/O device reported an I/O error.
DISK_HARDWARE_ERROR: There was error with disk hardware
BUGCHECK_STR: 0x7a_c0000185
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from fffff8000334eb52 to fffff800032ddc40
STACK_TEXT:
fffff880`038f1828 fffff800`0334eb52 : 00000000`0000007a fffff6fc`400099b0 ffffffff`c0000185 00000000`1eff0860 : nt+0x7cc40
fffff880`038f1830 00000000`0000007a : fffff6fc`400099b0 ffffffff`c0000185 00000000`1eff0860 fffff880`01336c08 : nt+0xedb52
fffff880`038f1838 fffff6fc`400099b0 : ffffffff`c0000185 00000000`1eff0860 fffff880`01336c08 fffffa80`040d1bc0 : 0x7a
fffff880`038f1840 ffffffff`c0000185 : 00000000`1eff0860 fffff880`01336c08 fffffa80`040d1bc0 00000000`c0000185 : 0xfffff6fc`400099b0
fffff880`038f1848 00000000`1eff0860 : fffff880`01336c08 fffffa80`040d1bc0 00000000`c0000185 fffffa80`00000000 : 0xffffffff`c0000185
fffff880`038f1850 fffff880`01336c07 : fffffa80`040d1bc0 00000000`c0000185 fffffa80`00000000 fffff880`01336c08 : 0x1eff0860
fffff880`038f1858 fffff800`03513500 : fffffa80`005cfd00 fffff6fc`400099b0 fffffa80`07ead330 fffffa80`041b6830 : Ntfs! ?? ::NNGAKEGL::`string'+0x2be
fffff880`038f18d8 fffffa80`005cfd00 : fffff6fc`400099b0 fffffa80`07ead330 fffffa80`041b6830 fffff880`038f1980 : nt+0x2b2500
fffff880`038f18e0 fffff6fc`400099b0 : fffffa80`07ead330 fffffa80`041b6830 fffff880`038f1980 fffffa80`07ead380 : 0xfffffa80`005cfd00
fffff880`038f18e8 fffffa80`07ead330 : fffffa80`041b6830 fffff880`038f1980 fffffa80`07ead380 fffff800`033056cf : 0xfffff6fc`400099b0
fffff880`038f18f0 fffffa80`041b6830 : fffff880`038f1980 fffffa80`07ead380 fffff800`033056cf fffffa80`07ead330 : 0xfffffa80`07ead330
fffff880`038f18f8 fffff880`038f1980 : fffffa80`07ead380 fffff800`033056cf fffffa80`07ead330 fffff880`038f19a0 : 0xfffffa80`041b6830
fffff880`038f1900 fffffa80`07ead380 : fffff800`033056cf fffffa80`07ead330 fffff880`038f19a0 fffff800`03513500 : 0xfffff880`038f1980
fffff880`038f1908 fffff800`033056cf : fffffa80`07ead330 fffff880`038f19a0 fffff800`03513500 fffffa80`07ead330 : 0xfffffa80`07ead380
fffff880`038f1910 fffffa80`07ead330 : fffff880`038f19a0 fffff800`03513500 fffffa80`07ead330 fffffa80`07ead380 : nt+0xa46cf
fffff880`038f1918 fffff880`038f19a0 : fffff800`03513500 fffffa80`07ead330 fffffa80`07ead380 fffffa80`041b6830 : 0xfffffa80`07ead330
fffff880`038f1920 fffff800`03513500 : fffffa80`07ead330 fffffa80`07ead380 fffffa80`041b6830 00000000`00000000 : 0xfffff880`038f19a0
fffff880`038f1928 fffffa80`07ead330 : fffffa80`07ead380 fffffa80`041b6830 00000000`00000000 000000a6`8af47ff3 : nt+0x2b2500
fffff880`038f1930 fffffa80`07ead380 : fffffa80`041b6830 00000000`00000000 000000a6`8af47ff3 00000000`0edb8000 : 0xfffffa80`07ead330
fffff880`038f1938 fffffa80`041b6830 : 00000000`00000000 000000a6`8af47ff3 00000000`0edb8000 fffff880`01336c08 : 0xfffffa80`07ead380
fffff880`038f1940 00000000`00000000 : 000000a6`8af47ff3 00000000`0edb8000 fffff880`01336c08 fffffa80`0519a4c0 : 0xfffffa80`041b6830
STACK_COMMAND: kb
FOLLOWUP_IP:
nt+7cc40
fffff800`032ddc40 48894c2408 mov qword ptr [rsp+8],rcx
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: nt+7cc40
FOLLOWUP_NAME: MachineOwner
IMAGE_NAME: ntoskrnl.exe
BUCKET_ID: WRONG_SYMBOLS
Followup: MachineOwner
---------
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
any feedback, zovoth?
ASKER
Greetings wise wizards of EE:
Forgive my delay in responding, I just visited my friend last night, and applied the solutions that you suggested, and low & behold, your aid was the proverbial white knight slaying the evil dragon!!
For reason unknown, McAfee was causing some manner of funky conflict; my friend had also picked up some pesky Intenret Explorer toolbars, which I could not uninstall until AFTER I uninstalled McAfee. Once McAfee was removed from her machine, there was an immediate, signficant increase in perfomance, and I was then able to uninstall all three unwanted Bing, Skype and Xfinitiy toolbars. I then downloaded and installed AVG Antivirus, which installed without issue, did not affect performance, and detected no threat upon completion of a full scan.
Additionally, her external hard drive kept dropping off the list of "recognized" devices, fading in and out randomly. It is a Western Digital My Book 500 GB drive, and less than a year old, which I thought odd that it would fail so soon. I then discovered the issue when I traced the USB cord... my friend was using an UBER-CRAPPY USB hub, that she must have acquired from a box of Frosted Flakes or Cracker Jacks... it resembled a figure of a man with a happy face, with each of his appendages ending in a USB port!!! CHEAPOID on a whole new dimension!!! Once I removed this UNHOLY device, suddenly her machine received ANOTHER significant increase in performance, and the external hard drive behaved normally. ISSUE SOLVED!!!
Many thanks to the several wizards who kindly contributed by analyzing the minidump file and pointing to McAfee. I awarded the "best solution" points to Nobus, as he was the first to point out BOTH the hardware and McAfee issues.
Nobus, you frickin' ROCK!!! That must be the tenth Blue Screen of Death minidump you've analyzed for me... may you live to be a thousand years old!
Thanks again to all and may the wind be at your back,
Zovoth
Forgive my delay in responding, I just visited my friend last night, and applied the solutions that you suggested, and low & behold, your aid was the proverbial white knight slaying the evil dragon!!
For reason unknown, McAfee was causing some manner of funky conflict; my friend had also picked up some pesky Intenret Explorer toolbars, which I could not uninstall until AFTER I uninstalled McAfee. Once McAfee was removed from her machine, there was an immediate, signficant increase in perfomance, and I was then able to uninstall all three unwanted Bing, Skype and Xfinitiy toolbars. I then downloaded and installed AVG Antivirus, which installed without issue, did not affect performance, and detected no threat upon completion of a full scan.
Additionally, her external hard drive kept dropping off the list of "recognized" devices, fading in and out randomly. It is a Western Digital My Book 500 GB drive, and less than a year old, which I thought odd that it would fail so soon. I then discovered the issue when I traced the USB cord... my friend was using an UBER-CRAPPY USB hub, that she must have acquired from a box of Frosted Flakes or Cracker Jacks... it resembled a figure of a man with a happy face, with each of his appendages ending in a USB port!!! CHEAPOID on a whole new dimension!!! Once I removed this UNHOLY device, suddenly her machine received ANOTHER significant increase in performance, and the external hard drive behaved normally. ISSUE SOLVED!!!
Many thanks to the several wizards who kindly contributed by analyzing the minidump file and pointing to McAfee. I awarded the "best solution" points to Nobus, as he was the first to point out BOTH the hardware and McAfee issues.
Nobus, you frickin' ROCK!!! That must be the tenth Blue Screen of Death minidump you've analyzed for me... may you live to be a thousand years old!
Thanks again to all and may the wind be at your back,
Zovoth
>> may you live to be a thousand years old! << i agree if i'm stuill healthy then, not in a chair
>> and may the wind be at your back << my wife finds it too often there...
>> and may the wind be at your back << my wife finds it too often there...
is it appears when the computer is on batarry only, or dosn't matter
try to change the power options