Hi All
I've got 4 machines which have had BSOD's recently (numbers vary between machines). I've downloaded the MS debug tools and ran some debugging on the minidump files. The result seems to point to ntkrpamp.exe, and googling that does bring up alot of BSOD related topics. Can anybody point me in the right direction of what I should do next ? Some more info:
Vista SP2
Office 2007
Symantec Endpoint Protection
Riverbed Steelhead Mobile
Irish Poetry - Karen O'Connor
Irish Poetry and Short Stories - Doghouse Books
Garten und Landschaftsbau
I've got 4 machines which have had BSOD's recently (numbers vary between machines). I've downloaded the MS debug tools and ran some debugging on the minidump files. The result seems to point to ntkrpamp.exe, and googling that does bring up alot of BSOD related topics. Can anybody point me in the right direction of what I should do next ? Some more info:
Vista SP2
Office 2007
Symantec Endpoint Protection
Riverbed Steelhead Mobile
Code:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 005c0073, memory referenced
Arg2: 0000001b, IRQL
Arg3: 00000001, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: 81a45485, address which referenced memory
Debugging Details:
------------------
WRITE_ADDRESS: GetPointerFromAddress: unable to read from 81b46868
Unable to read MiSystemVaType memory at 81b26420
005c0073
CURRENT_IRQL: 1b
FAULTING_IP:
nt!KeWaitForGate+126
81a45485 8902 mov dword ptr [edx],eax
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xA
PROCESS_NAME: explorer.exe
LAST_CONTROL_TRANSFER: from 81a503e7 to 81a45485
STACK_TEXT:
b4477bb4 81a503e7 00000000 88f8d4a8 84d83008 nt!KeWaitForGate+0x126
b4477bcc 81a29a78 1544ebf2 81a29a0f 84d83008 nt!KiAcquireGuardedMutex+0x53
b4477c20 81a29886 87785338 84d83008 81dcf382 nt!FsRtlCancelNotify+0x69
b4477c4c 81c2780e 84d83008 885cd958 8837a030 nt!IoCancelIrp+0x83
b4477c78 81c275c2 1544eb0e 8999e200 40010004 nt!IoCancelThreadIo+0x3a
b4477cdc 81c040b7 40010004 88f8d4a8 88f8d401 nt!PspExitThread+0x4bf
b4477cf4 81ac2ffa 8999e200 b4477d20 b4477d2c nt!PsExitSpecialApc+0x22
b4477d4c 81a59d26 00000001 00000000 b4477d64 nt!KiDeliverApc+0x1dc
b4477d4c 76f35e74 00000001 00000000 b4477d64 nt!KiServiceExit+0x56
WARNING: Frame IP not in any known module. Following frames may be wrong.
03a3fc3c 00000000 00000000 00000000 00000000 0x76f35e74
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!KeWaitForGate+126
81a45485 8902 mov dword ptr [edx],eax
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: nt!KeWaitForGate+126
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrpamp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 4b7d1e08
FAILURE_BUCKET_ID: 0xA_nt!KeWaitForGate+126
BUCKET_ID: 0xA_nt!KeWaitForGate+126
Followup: MachineOwner
Irish Poetry - Karen O'Connor
Irish Poetry and Short Stories - Doghouse Books
Garten und Landschaftsbau