Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Windows7 minidump report

  • Please log in to reply
1 reply to this topic

#1 bigadatank


  • Members
  • 12 posts
  • Local time:08:29 AM

Posted 27 January 2012 - 12:38 PM

Greetings one and all,

I am getting some minidumps here recently when running Malwarebytes Full Scan but not when running the Quick Scan. I am also getting a minidump when running my Avast quick scan which is what this MiniDump Report is from. This issue only occurs when running an anti-virus program and does not effect my day-to-day use (Internet Explorer/iTunes). I am worried that this issue could balloon into a much larger issue of not dealt with now. Any help would be greatly appreciated. Running 32-bit Windows 7 Ultimate, Service Pack 1 (upgrade from Vista). I have also ran sfc/scannow with no integrity issues. 4 GB matching sticks of RAM was replaced about 2 years ago.

Thank you in advance,


Microsoft Windows Debugger Version 6.12.0002.633 X86
Copyright Microsoft Corporation. All rights reserved.

Loading Dump File [C:\Windows\Minidump\012612-28376-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17713.x86fre.win7sp1_gdr.111025-1505
Machine Name:
Kernel base = 0x82a37000 PsLoadedModuleList = 0x82b804d0
Debug session time: Thu Jan 26 19:21:54.807 2012 (UTC - 6:00)
System Uptime: 0 days 20:47:10.789
Loading Kernel Symbols
Loading User Symbols
Loading unloaded module list
1: kd> !analyze -v
* *
* Bugcheck Analysis *
* *

The requested page of kernel data could not be read in. Typically caused by
a bad block in the paging file or disk controller error. Also see
If the error status is 0xC000000E, 0xC000009C, 0xC000009D or 0xC0000185,
it means the disk subsystem has experienced a failure.
If the error status is 0xC000009A, then it means the request failed because
a filesystem failed to make forward progress.
Arg1: 8cec5878, lock type that was held (value 1,2,3, or PTE address)
Arg2: c0000185, error status (normally i/o status code)
Arg3: b1646864, current process (virtual address for lock type 3, or PTE)
Arg4: 9a7d95a3, virtual address that could not be in-paged (or PTE contents if arg1 is a PTE address)

Debugging Details:

Unable to load image \SystemRoot\System32\win32k.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys

ERROR_CODE: (NTSTATUS) 0xc0000185 - The I/O device reported an I/O error.

DISK_HARDWARE_ERROR: There was error with disk hardware

BUGCHECK_STR: 0x7a_c0000185



PROCESS_NAME: csrss.exe


TRAP_FRAME: 81f47be0 -- (.trap 0xffffffff81f47be0)
ErrCode = 00000010
eax=00000001 ebx=0000000f ecx=00010004 edx=00010003 esi=00000000 edi=00000000
eip=9a7d95a3 esp=81f47c54 ebp=81f47c60 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246
9a7d95a3 ?? ???
Resetting default scope

LAST_CONTROL_TRANSFER: from 82adae28 to 82b15ef4

81f47a44 82adae28 0000007a 8cec5878 c0000185 nt!KeBugCheckEx+0x1e
81f47ab4 82ade709 81f47b08 8fcb3d70 81f47b28 nt!MiWaitForInPageComplete+0x302
81f47b44 82ac796b 8fcb3d70 9a7d95a3 85594e00 nt!MiIssueHardFault+0x3b3
81f47bc8 82a78408 00000008 9a7d95a3 00000000 nt!MmAccessFault+0x2656
81f47bc8 9a7d95a3 00000008 9a7d95a3 00000000 nt!KiTrap0E+0xdc
WARNING: Stack unwind information not available. Following frames may be wrong.
81f47c50 9a7db667 fe80d568 fe80d568 81f47c6c win32k+0x1095a3
81f47c60 9a84fe70 fe80d568 81f47c94 9a79b255 win32k+0x10b667
81f47c6c 9a79b255 fe80d568 00000001 ffb53190 win32k+0x17fe70
81f47c94 9a792df8 00000000 00000118 00007ffe win32k+0xcb255
81f47cc8 9a6dd3fb 00000004 016efe30 9a7a3c2a win32k+0xc2df8
81f47d04 9a6ed7b7 00000004 00000002 81f6b400 win32k+0xd3fb
81f47d18 9a7a3c45 00000004 016efe30 81f47d34 win32k+0x1d7b7
81f47d28 82a7521a 00000004 016efe70 776c70b4 win32k+0xd3c45
81f47d28 776c70b4 00000004 016efe70 776c70b4 nt!KiFastCallEntry+0x12a
016efe70 00000000 00000000 00000000 00000000 0x776c70b4


9a7d95a3 ?? ???


SYMBOL_NAME: win32k+1095a3



IMAGE_NAME: win32k.sys


FAILURE_BUCKET_ID: 0x7a_c0000185_win32k+1095a3

BUCKET_ID: 0x7a_c0000185_win32k+1095a3

Followup: MachineOwner

1: kd> .trap 0xffffffff81f47be0
ErrCode = 00000010
eax=00000001 ebx=0000000f ecx=00010004 edx=00010003 esi=00000000 edi=00000000
eip=9a7d95a3 esp=81f47c54 ebp=81f47c60 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246
9a7d95a3 ?? ???

Thank you in advance!


BC AdBot (Login to Remove)


#2 Broni


    The Coolest BC Computer

  • BC Advisor
  • 42,738 posts
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:29 AM

Posted 27 January 2012 - 04:42 PM

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go and post the result.


Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt


Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users