Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSOD Vista SP 1


  • Please log in to reply
No replies to this topic

#1 spidey2091

spidey2091

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 16 April 2009 - 05:20 AM

Alrighty, I have a fairly new instal of Vista (2 days old now), and although I am by no means new to Vista as a whole, I am very new to it giving me any fits.

I did as the other post told me, and did online scans for malware, but nothing was revealed as being out of the ordinary.
I used all of my installed software to search for anything that should not be there, and got the same results. All clean.

So....I got the Debugging tool, and went through all of the steps with my Minidump, and here it is:


Microsoft ® Windows Debugger Version 6.11.0001.404 X86
Copyright © Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump\Mini041509-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows Vista Kernel Version 6000 MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 6000.16754.x86fre.vista_gdr.080917-1612
Machine Name:
Kernel base = 0x81c00000 PsLoadedModuleList = 0x81d11e10
Debug session time: Wed Apr 15 11:49:05.412 2009 (GMT-4)
System Uptime: 0 days 4:48:19.243
Loading Kernel Symbols
...............................................................
................................................................
...................
Loading User Symbols
Loading unloaded module list
...............
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 19, {22, 9cc15000, 0, 0}

*** WARNING: Unable to verify timestamp for PCTAppEvent.sys
*** ERROR: Module load completed but symbols could not be loaded for PCTAppEvent.sys
Probably caused by : PCTAppEvent.sys ( PCTAppEvent+dc58 )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 00000022,
Arg2: 9cc15000
Arg3: 00000000
Arg4: 00000000

Debugging Details:
------------------


BUGCHECK_STR: 0x19_22

POOL_ADDRESS: GetPointerFromAddress: unable to read from 81d315ac
Unable to read MiSystemVaType memory at 81d117e0
9cc15000

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

PROCESS_NAME: drvinst.exe

CURRENT_IRQL: 2

LAST_CONTROL_TRANSFER: from 81c74656 to 81cd8781

STACK_TEXT:
9d7efab0 81c74656 00000019 00000022 9cc15000 nt!KeBugCheckEx+0x1e
9d7efaf0 81ce7cae 02c15000 9d7efb3c 9d7efb20 nt!ExpFindAndRemoveTagBigPages+0x180
9d7efb60 98e54c58 9cc15000 00000000 9d7efb80 nt!ExFreePoolWithTag+0x145
WARNING: Stack unwind information not available. Following frames may be wrong.
9d7efb70 98e48d03 9cc15000 9cc15000 9d7efbac PCTAppEvent+0xdc58
9d7efb80 98e49b64 00000001 8c9b2a78 9cc14628 PCTAppEvent+0x1d03
9d7efbac 98e4c194 9cd1dae0 9cc14628 00008000 PCTAppEvent+0x2b64
9d7efbe8 98e4c493 000007c0 81d091d8 00000080 PCTAppEvent+0x5194
9d7efc20 98e51244 000003b8 000007c0 00000000 PCTAppEvent+0x5493
9d7efc5c 81e1be76 000003b8 000007c0 00000000 PCTAppEvent+0xa244
9d7efc88 81e1bc91 00000001 00d1dae0 9d7e47b4 nt!PspExitProcess+0x87
9d7efcf4 81e1ade0 00000000 00000000 84792030 nt!PspExitThread+0x55f
9d7efd10 81e1b2cb 84792030 00000000 00000001 nt!PspTerminateThreadByPointer+0x5b
9d7efd40 98e50ea8 ffffffff 00000000 ffffffff nt!NtTerminateProcess+0x1e0
9d7efd54 81c8caea ffffffff 00000000 000afa6c PCTAppEvent+0x9ea8
9d7efd54 779b0f34 ffffffff 00000000 000afa6c nt!KiFastCallEntry+0x12a
000afa6c 00000000 00000000 00000000 00000000 0x779b0f34


STACK_COMMAND: kb

FOLLOWUP_IP:
PCTAppEvent+dc58
98e54c58 ?? ???

SYMBOL_STACK_INDEX: 3

SYMBOL_NAME: PCTAppEvent+dc58

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: PCTAppEvent

IMAGE_NAME: PCTAppEvent.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 4949a302

FAILURE_BUCKET_ID: 0x19_22_PCTAppEvent+dc58

BUCKET_ID: 0x19_22_PCTAppEvent+dc58

Followup: MachineOwner
---------

Anyone have any ideas what went wrong?

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users