Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSOD on a Win 7 Pro Workstation


  • Please log in to reply
3 replies to this topic

#1 BStclair

BStclair

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 16 January 2015 - 03:18 PM

Hi,

 

I just joined this Forum, and hope to be able to resolve this problem. Please, read the memory dump I have posted.

Again, thank you.

 

Microsoft ® Windows Debugger Version 6.3.9600.17298 AMD64
Copyright © Microsoft Corporation. All rights reserved.

Loading Dump File [C:\Users\bsinclair.TUCSON\Downloads\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available

************* Symbol Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.18700.amd64fre.win7sp1_gdr.141211-1742
Machine Name:
Kernel base = 0xfffff800`02c1a000 PsLoadedModuleList = 0xfffff800`02e5d890
Debug session time: Wed Jan 14 14:51:22.476 2015 (UTC - 7:00)
System Uptime: 0 days 6:27:31.328
Loading Kernel Symbols
...............................................................
................................................................
.................................
Loading User Symbols
PEB is paged out (Peb.Ldr = 00000000`7efdf018).  Type ".hh dbgerr001" for details
Loading unloaded module list
..................
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 3B, {c0000005, fffff80002c99e74, fffff8800895ee90, 0}

*** ERROR: Module load completed but symbols could not be loaded for PxHlpa64.sys
Probably caused by : PxHlpa64.sys ( PxHlpa64+7129 )

Followup: MachineOwner
---------

2: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff80002c99e74, Address of the instruction which caused the bugcheck
Arg3: fffff8800895ee90, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.

Debugging Details:
------------------

OVERLAPPED_MODULE: Address regions for 'WUDFRd' and 'cdrom.sys' overlap

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP:
nt!IofCallDriver+44
fffff800`02c99e74 4c8b4108        mov     r8,qword ptr [rcx+8]

CONTEXT:  fffff8800895ee90 -- (.cxr 0xfffff8800895ee90;r)
rax=fffffa80065740e0 rbx=fffffa8005c2bf20 rcx=0000000000000000
rdx=fffffa8006574010 rsi=fffffa8005c2bf20 rdi=fffffa8006574010
rip=fffff80002c99e74 rsp=fffff8800895f870 rbp=fffff8800895fb60
 r8=0000000000000000  r9=000000000000000e r10=0000000000000000
r11=0000000000000006 r12=0000000000000000 r13=0000000000000001
r14=0000000000000000 r15=fffffa80047d8050
iopl=0         nv up ei ng nz na pe cy
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010283
nt!IofCallDriver+0x44:
fffff800`02c99e74 4c8b4108        mov     r8,qword ptr [rcx+8] ds:002b:00000000`00000008=????????????????
Last set context:
rax=fffffa80065740e0 rbx=fffffa8005c2bf20 rcx=0000000000000000
rdx=fffffa8006574010 rsi=fffffa8005c2bf20 rdi=fffffa8006574010
rip=fffff80002c99e74 rsp=fffff8800895f870 rbp=fffff8800895fb60
 r8=0000000000000000  r9=000000000000000e r10=0000000000000000
r11=0000000000000006 r12=0000000000000000 r13=0000000000000001
r14=0000000000000000 r15=fffffa80047d8050
iopl=0         nv up ei ng nz na pe cy
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010283
nt!IofCallDriver+0x44:
fffff800`02c99e74 4c8b4108        mov     r8,qword ptr [rcx+8] ds:002b:00000000`00000008=????????????????
Resetting default scope

DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT

BUGCHECK_STR:  0x3B

PROCESS_NAME:  RoxioBurnLaunc

CURRENT_IRQL:  0

ANALYSIS_VERSION: 6.3.9600.17298 (debuggers(dbg).141024-1500) amd64fre

LAST_CONTROL_TRANSFER:  from fffff8800110e129 to fffff80002c99e74

STACK_TEXT: 
fffff880`0895f870 fffff880`0110e129 : fffffa80`047d8050 00000000`00000000 00000000`00000001 00000000`00000000 : nt!IofCallDriver+0x44
fffff880`0895f8a0 fffff800`02fad0f7 : fffffa80`05c2bf20 fffff880`0895fb60 fffffa80`06574128 fffffa80`06574010 : PxHlpa64+0x7129
fffff880`0895f8d0 fffff800`02fad956 : fffff680`00012e88 00000000`00000304 00000000`00000001 00000000`025e3efc : nt!IopXxxControlFile+0x607
fffff880`0895fa00 fffff800`02c90113 : 00000000`00000001 fffff880`0895fb60 00000000`00000000 fffff800`02f7a513 : nt!NtDeviceIoControlFile+0x56
fffff880`0895fa70 00000000`74af2e09 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0218f0f8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x74af2e09

FOLLOWUP_IP:
PxHlpa64+7129
fffff880`0110e129 eb05            jmp     PxHlpa64+0x7130 (fffff880`0110e130)

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  PxHlpa64+7129

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: PxHlpa64

IMAGE_NAME:  PxHlpa64.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4addfcaa

STACK_COMMAND:  .cxr 0xfffff8800895ee90 ; kb

FAILURE_BUCKET_ID:  X64_0x3B_PxHlpa64+7129

BUCKET_ID:  X64_0x3B_PxHlpa64+7129

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  km:x64_0x3b_pxhlpa64+7129

FAILURE_ID_HASH:  {772e6304-6771-3e6e-38ae-360b203c8af3}

Followup: MachineOwner
---------

 



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:18 PM

Posted 16 January 2015 - 05:41 PM

I'd uninstall the Roxio software...run the chkdsk /r command...see if it's better.

 

Louis



#3 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:01:18 PM

Posted 16 January 2015 - 06:48 PM

and just to add....

 

If you update your Windbg symbols with

srv*c:\mss*http://msdl.microsoft.com/download/symbols

you get a better analysis.


Edited by TsVk!, 16 January 2015 - 06:50 PM.


#4 BStclair

BStclair
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 18 January 2015 - 11:44 AM

Hi,

 

Thank you, both for the reply.

I will do both recommendations, and post the output.

 

Again,

Thank you,both.

Bstclair

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users