Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 163
  • Last Modified:

Can someone read a dump file from a blue screen?

See attached memory dump on a bsod.  Can you tell me the shut down issue?

Bob
092716-37065-01.dmp
0
oneononecomp
Asked:
oneononecomp
1 Solution
 
☠ MASQ ☠Commented:
Points at chrome as the primary culprit
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.23539.amd64fre.win7sp1_ldr.160902-0600
Machine Name:
Kernel base = 0xfffff800`0385e000 PsLoadedModuleList = 0xfffff800`03aa0730
Debug session time: Tue Sep 27 14:59:53.906 2016 (UTC - 4:00)
System Uptime: 0 days 1:18:01.217
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

MEMORY_MANAGEMENT (1a)
    # Any other values for parameter 1 must be individually examined.
Arguments:
Arg1: 0000000000041284, A PTE or the working set list is corrupt.
Arg2: 000000001570c001
Arg3: 0000000000017a76
Arg4: fffff70001080000

Debugging Details:
------------------

TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\modclass.ini, error 2

BUGCHECK_STR:  0x1a_41284

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT

PROCESS_NAME:  chrome.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from fffff800039278b3 to fffff800038ce180

STACK_TEXT:  
fffff880`09c844d8 fffff800`039278b3 : 00000000`0000001a 00000000`00041284 00000000`1570c001 00000000`00017a76 : nt!KeBugCheckEx
fffff880`09c844e0 fffff800`0391640c : 02000000`78090043 00000000`00000000 00000000`00000001 fffff800`039043cf : nt! ?? ::FNODOBFM::`string'+0x4abf
fffff880`09c84520 fffff800`039550da : 00000000`1570c000 fffff680`000ab860 00000000`00000000 ffffffff`ffffffff : nt!MiCopyOnWrite+0x15c
fffff880`09c84690 fffff800`03bed3e8 : fffffa80`0b7da1a0 fffff6fb`7da00000 00000000`00078090 00000000`00000006 : nt! ?? ::FNODOBFM::`string'+0x49017
fffff880`09c84800 fffff800`03bcb588 : fffffa80`05415440 fffff880`09c849b8 fffff880`09c849a8 00000000`00000040 : nt!MiProtectVirtualMemory+0x368
fffff880`09c848d0 fffff800`038cd413 : ffffffff`ffffffff fffffa80`054e5b50 00000000`00000000 00000000`0026e278 : nt!NtAllocateVirtualMemory+0x1458
fffff880`09c84a70 00000000`7786bcba : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0026e258 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7786bcba


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt! ?? ::FNODOBFM::`string'+4abf
fffff800`039278b3 cc              int     3

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  nt! ?? ::FNODOBFM::`string'+4abf

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  57c9932e

FAILURE_BUCKET_ID:  X64_0x1a_41284_nt!_??_::FNODOBFM::_string_+4abf

BUCKET_ID:  X64_0x1a_41284_nt!_??_::FNODOBFM::_string_+4abf

Open in new window


Try http://www.nirsoft.net/utils/blue_screen_view.html or
http://www.resplendence.com/whocrashed for your own analysis

Or if you are happy sharing the contents upload to an online site like
http://www.osronline.com/page.cfm?name=Analyze

Disclaimer(!) - Often a single snapshot can be misleading and you might be better if there is a regular problem looking for a trend in a few dmp files
0
 
jcimarronCommented:
oneononecomp--
Open the .dmp file with Blue Screen View
http://www.nirsoft.net/utils/blue_screen_view.html

Interpret the .dmp using MS Debugging Tools
https://developer.microsoft.com/en-us/windows/hardware/windows-driver-kit
0
 
nobusCommented:
do you have only one dmp file, or several - and if so - are they the same?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
oneononecompAuthor Commented:
Will send new dumps from the office tomorrow.


Bob
0
 
oneononecompAuthor Commented:
Here is the latest.  Please analyze.
100416-44195-01.dmp
0
 
nobusCommented:
it can still be due to ram, since it is not the same dmp
run a ram test - memtest86+ find it on the UBCD:
Hardware diagnostic CD    UBCD
---------------------------------------------------
go to the download page, scroll down to the mirror section, and  click on a mirror to start the download
Download the UBCD and make the cd   <<==on a WORKING PC, and boot the problem PC from it
Here 2 links, one to the general site, and a direct link to the download

since the downloaded file is an ISO file, eg ubcd527.iso - so you need to use an ISO burning tool
if you don't have that software, install cdburnerXP : http://cdburnerxp.se/

If you want also the Ram tested - run memtest86+ at least 1 full pass,  - you should have NO errors!
 
For disk Diagnostics run the disk diag for your disk brand (eg seagate diag for seagate drive)  from the HDD section -  long or advanced diag !  (runs at least for30 minutes)

http://www.ultimatebootcd.com/      

**  you can make a bootable cd - or bootable usb stick
*** note *** for SSD drives  use the tool from the manufacturer, like intel 's toolbox :
https://downloadcenter.intel.com/download/18455/Intel-Solid-State-Drive-Toolbox

for completeness -here's how i handle disk problems : http://www.experts-exchange.com/Storage/Hard_Drives/A_3000-The-bad-hard-disk-problem.html
0
 
oneononecompAuthor Commented:
BSOD was tied to Chrome.  Uninstall and reinstall of Chrome resolved the issue.

Bob
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now