Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

blue screen


  • Please log in to reply
8 replies to this topic

#1 suffokate

suffokate

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 08 March 2009 - 02:35 AM

hey first time posting
hopefully this is the right place.

Microsoft ® Windows Debugger Version 6.11.0001.404 AMD64
Copyright © Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\Mini030809-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows Server 2008/Windows Vista Kernel Version 6001 (Service Pack 1) MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6001.18000.amd64fre.longhorn_rtm.080118-1840
Machine Name:
Kernel base = 0xfffff800`01e4b000 PsLoadedModuleList = 0xfffff800`02010db0
Debug session time: Sun Mar 8 03:13:54.371 2009 (GMT-7)
System Uptime: 0 days 1:57:10.559
Loading Kernel Symbols
...............................................................
................................................................
..
Loading User Symbols
Loading unloaded module list
...
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 19, {21, fffff8800a800000, 662a0, 400000662a0}

GetPointerFromAddress: unable to read from fffff80002074080
GetUlongFromAddress: unable to read from fffff80001fdf250
Probably caused by : ntkrnlmp.exe ( nt!PfpPrefetchRequest+208 )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 0000000000000021, the data following the pool block being freed is corrupt. Typically this means the consumer (call stack ) has overrun the block.
Arg2: fffff8800a800000, The pool pointer being freed.
Arg3: 00000000000662a0, The number of bytes allocated for the pool block.
Arg4: 00000400000662a0, The corrupted value found following the pool block.

Debugging Details:
------------------

GetUlongFromAddress: unable to read from fffff80001fdf250

BUGCHECK_STR: 0x19_21

POOL_ADDRESS: fffff8800a800000

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

PROCESS_NAME: svchost.exe

CURRENT_IRQL: 0

LAST_CONTROL_TRANSFER: from fffff80001f7fe2b to fffff80001ea0390

STACK_TEXT:
fffffa60`073f38a8 fffff800`01f7fe2b : 00000000`00000019 00000000`00000021 fffff880`0a800000 00000000`000662a0 : nt!KeBugCheckEx
fffffa60`073f38b0 fffff800`02279959 : 00000000`00000001 fffffa60`073f3ca0 fffffa60`00000001 fffff880`51526650 : nt!ExDeferredFreePool+0x775
fffffa60`073f3960 fffff800`02279b26 : fffffa60`073f3a08 00000000`00000001 fffffa80`04a97170 00000000`00000000 : nt!PfpPrefetchRequest+0x208
fffffa60`073f39d0 fffff800`0228c258 : 00000000`00000000 00000000`00000004 fffffa80`01630000 00000000`00000001 : nt!PfSetSuperfetchInformation+0x1a5
fffffa60`073f3ab0 fffff800`01e9fe33 : fffffa80`04a71a30 00000000`00000000 00000000`00000000 00000000`054cc890 : nt!NtSetSystemInformation+0x8fb
fffffa60`073f3c20 00000000`775670ea : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`02bdf868 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x775670ea


STACK_COMMAND: kb

FOLLOWUP_IP:
nt!PfpPrefetchRequest+208
fffff800`02279959 8bc3 mov eax,ebx

SYMBOL_STACK_INDEX: 2

SYMBOL_NAME: nt!PfpPrefetchRequest+208

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

IMAGE_NAME: ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 479192b7

FAILURE_BUCKET_ID: X64_0x19_21_nt!PfpPrefetchRequest+208

BUCKET_ID: X64_0x19_21_nt!PfpPrefetchRequest+208

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 0000000000000021, the data following the pool block being freed is corrupt. Typically this means the consumer (call stack ) has overrun the block.
Arg2: fffff8800a800000, The pool pointer being freed.
Arg3: 00000000000662a0, The number of bytes allocated for the pool block.
Arg4: 00000400000662a0, The corrupted value found following the pool block.

Debugging Details:
------------------

GetUlongFromAddress: unable to read from fffff80001fdf250

BUGCHECK_STR: 0x19_21

POOL_ADDRESS: fffff8800a800000

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

PROCESS_NAME: svchost.exe

CURRENT_IRQL: 0

LAST_CONTROL_TRANSFER: from fffff80001f7fe2b to fffff80001ea0390

STACK_TEXT:
fffffa60`073f38a8 fffff800`01f7fe2b : 00000000`00000019 00000000`00000021 fffff880`0a800000 00000000`000662a0 : nt!KeBugCheckEx
fffffa60`073f38b0 fffff800`02279959 : 00000000`00000001 fffffa60`073f3ca0 fffffa60`00000001 fffff880`51526650 : nt!ExDeferredFreePool+0x775
fffffa60`073f3960 fffff800`02279b26 : fffffa60`073f3a08 00000000`00000001 fffffa80`04a97170 00000000`00000000 : nt!PfpPrefetchRequest+0x208
fffffa60`073f39d0 fffff800`0228c258 : 00000000`00000000 00000000`00000004 fffffa80`01630000 00000000`00000001 : nt!PfSetSuperfetchInformation+0x1a5
fffffa60`073f3ab0 fffff800`01e9fe33 : fffffa80`04a71a30 00000000`00000000 00000000`00000000 00000000`054cc890 : nt!NtSetSystemInformation+0x8fb
fffffa60`073f3c20 00000000`775670ea : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`02bdf868 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x775670ea


STACK_COMMAND: kb

FOLLOWUP_IP:
nt!PfpPrefetchRequest+208
fffff800`02279959 8bc3 mov eax,ebx

SYMBOL_STACK_INDEX: 2

SYMBOL_NAME: nt!PfpPrefetchRequest+208

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

IMAGE_NAME: ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 479192b7

FAILURE_BUCKET_ID: X64_0x19_21_nt!PfpPrefetchRequest+208

BUCKET_ID: X64_0x19_21_nt!PfpPrefetchRequest+208

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 0000000000000021, the data following the pool block being freed is corrupt. Typically this means the consumer (call stack ) has overrun the block.
Arg2: fffff8800a800000, The pool pointer being freed.
Arg3: 00000000000662a0, The number of bytes allocated for the pool block.
Arg4: 00000400000662a0, The corrupted value found following the pool block.

Debugging Details:
------------------

GetUlongFromAddress: unable to read from fffff80001fdf250

BUGCHECK_STR: 0x19_21

POOL_ADDRESS: fffff8800a800000

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

PROCESS_NAME: svchost.exe

CURRENT_IRQL: 0

LAST_CONTROL_TRANSFER: from fffff80001f7fe2b to fffff80001ea0390

STACK_TEXT:
fffffa60`073f38a8 fffff800`01f7fe2b : 00000000`00000019 00000000`00000021 fffff880`0a800000 00000000`000662a0 : nt!KeBugCheckEx
fffffa60`073f38b0 fffff800`02279959 : 00000000`00000001 fffffa60`073f3ca0 fffffa60`00000001 fffff880`51526650 : nt!ExDeferredFreePool+0x775
fffffa60`073f3960 fffff800`02279b26 : fffffa60`073f3a08 00000000`00000001 fffffa80`04a97170 00000000`00000000 : nt!PfpPrefetchRequest+0x208
fffffa60`073f39d0 fffff800`0228c258 : 00000000`00000000 00000000`00000004 fffffa80`01630000 00000000`00000001 : nt!PfSetSuperfetchInformation+0x1a5
fffffa60`073f3ab0 fffff800`01e9fe33 : fffffa80`04a71a30 00000000`00000000 00000000`00000000 00000000`054cc890 : nt!NtSetSystemInformation+0x8fb
fffffa60`073f3c20 00000000`775670ea : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`02bdf868 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x775670ea


STACK_COMMAND: kb

FOLLOWUP_IP:
nt!PfpPrefetchRequest+208
fffff800`02279959 8bc3 mov eax,ebx

SYMBOL_STACK_INDEX: 2

SYMBOL_NAME: nt!PfpPrefetchRequest+208

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

IMAGE_NAME: ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 479192b7

FAILURE_BUCKET_ID: X64_0x19_21_nt!PfpPrefetchRequest+208

BUCKET_ID: X64_0x19_21_nt!PfpPrefetchRequest+208

Followup: MachineOwner
---------

BC AdBot (Login to Remove)

 


#2 suffokate

suffokate
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 09 March 2009 - 03:41 PM

Bump

#3 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,089 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:04:32 PM

Posted 09 March 2009 - 05:55 PM

This looks like a problem with your Prefetch/Superfetch modules (from the stack trace).
Have you installed anything recently?
Have you done any tweaking of the system recently?
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#4 suffokate

suffokate
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 09 March 2009 - 10:50 PM

Bump



fresh install but i did install diablo II and had the same problem before i installed

#5 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,089 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:04:32 PM

Posted 10 March 2009 - 07:28 AM

You had the same problem before you installed Diablo II or before you fresh installed Windows?
If the problem persisted despite a fresh install, most likely it's a hardware issue (although drivers can cause this also)

I'd suggest trying the built in Vista memory diagnostic because this is an error that occurred in memory. Here's instructions on how to run it: http://www.bleepingcomputer.com/tutorials/using-vista-windows-memory-diagnostics-tool/

Because of the consistent difference between parameter's 3 and 4 of the error messages I'd really suspect a driver over a physical memory problem. So, to troubleshoot the driver problem we'll have to run another tool.

Before running the tool backup all your data, find your system restore/installation disks, and have access to another system that can connect to the internet. This is because the next test that we run has the ability to prevent you from getting into Windows - if the error occurs within a driver that loads before the Windows logon becomes available.

Once that's done, go to Start and type in "verifier" (without the quotes) and press Enter
In the window that opens, click on "Next" to create the standard settings
Then, click on "Next" to automatically select unsigned drivers
Then click on "Finish" to verify the list of selected drivers.
Then reboot.

The point of this is to generate a memory dump - so expect the system to crash on you. If it doesn't crash immediately, keep using Windows until it does. Once you capture the memory dump analysis post it here for us to have a look at.

Once you've crashed, go back in and turn off the verifier (until you do this the system will continue to crash because of the verifier).
To do this go to Start and type in "verifier" (without the quotes) and press Enter
Then select the "Delete existing settings" option.
Then click on "Finish" to close the dialog and remove the settings.

If you're unable to do this in normal mode, try going into Safe Mode.
If you can't get into Safe Mode, then you'll have to access the Recovery Environment in order to manually remove the settings (and that's not fun!).
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#6 jcgriff2

jcgriff2

  • BSOD Kernel Dump Expert
  • 1,052 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey Shore
  • Local time:03:32 PM

Posted 10 March 2009 - 03:17 PM

Hi -

In addition to Driver Verifier, I would suggest that you install all Windows Updates and OEM updates.

I noticed in the dbg log that the timestamp on the NT Kernel was 479192b7, which = Sat Jan 19 01:03:35 2008, the initial release date found on the majority of Vista SP1 Vista kernel drivers. NT and many others have been updated several times since then.

Regards. . .

jcgriff2

.

Edited by jcgriff2, 10 March 2009 - 03:18 PM.

Microsoft MVP 2009-2015

#7 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,089 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:04:32 PM

Posted 10 March 2009 - 08:25 PM

Nice catch jcgriff2! Thanks! It's another one to add to my toolkit.
I tried it with this free program and got similar results: http://www.digital-detective.co.uk/freetools/decode.asp
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#8 suffokate

suffokate
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 13 March 2009 - 09:52 AM

Hi -

In addition to Driver Verifier, I would suggest that you install all Windows Updates and OEM updates.

I noticed in the dbg log that the timestamp on the NT Kernel was 479192b7, which = Sat Jan 19 01:03:35 2008, the initial release date found on the majority of Vista SP1 Vista kernel drivers. NT and many others have been updated several times since then.

Regards. . .

jcgriff2

.




i cant unstall updates.
i got errors and bleep

im emailed vista support team and bleep they cant to andything aobut it,

Edited by suffokate, 13 March 2009 - 09:53 AM.


#9 suffokate

suffokate
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 13 March 2009 - 10:07 AM

and plus. if i install the updates.

it failed at the 3rd than
than it cant boot up cuz its gotta " revert changes" which doesnt do anything cept shut down and start up say the samething than shutdown again




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users