BSOD Interrupt_exception_not_handled

About20Pandas · Aug 12, 2012

Like every hour or two my computer tends to get BSOD.
It appears to be a pretty random occassions so i'll try to post my logs and dumps even though i don't know much about this.

Edit: .DMP is in included in the attachment now

richc46 · Aug 12, 2012

Welcome
You gave us everything but the most important file; the minidmp. Follow the insturctions for Seven and the next time you get a BSOD, send the file to us.
How to configure Windows to create MiniDump files on BSOD

About20Pandas · Aug 12, 2012

richc46 said:
Welcome
You gave us everything but the most important file; the minidmp. Follow the insturctions for Seven and the next time you get a BSOD, send the file to us.
How to configure Windows to create MiniDump files on BSOD

I i thought something was missing. I turned that MiniDump thing on just after my last BSOD. Will get back to you ASAP. Thanks for the quick response!

richc46 · Aug 12, 2012

You are very welcome.

About20Pandas · Aug 12, 2012

richc46 said:
You are very welcome.

Didnt take that long for a crash to happend.

.DMP is included now!

richc46 · Aug 12, 2012

The dumps give little clues and its hard to guess with one. Ill give you my guess and you should make a system restore point, now. Then update this driver remove the software.
If it does not work, post again after about 6 bsods. Each one gives just a small clue.
Update this driver or remove the software
Mv91xx.sys file descriptionProductname: Marvell magni Description: Marvell magni Windows Driver Company: Marvell Semiconductor, Inc

About20Pandas · Aug 12, 2012

richc46 said:
The dumps give little clues and its hard to guess with one. Ill give you my guess and you should make a system restore point, now. Then update this driver remove the software.
If it does not work, post again after about 6 bsods. Each one gives just a small clue.
Update this driver or remove the software
Mv91xx.sys file descriptionProductname: Marvell magni Description: Marvell magni Windows Driver Company: Marvell Semiconductor, Inc

Installed this now. Waiting for BSODs. I live in Denmark and it's 01:40 AM so i wont be up for incredibly much longer.

richc46 · Aug 12, 2012

Post whenever convenient. Its only 7:30PM here, but we will meet up again.

About20Pandas · Aug 12, 2012

Just had a new BSOD. "Kernel Data Inpage Error"

Dump for this one is attached to this if it has any relevance.

richc46 · Aug 12, 2012

The clues are beginning to have some direction. It looks like a driver. If you have a few more BSODs, post. If my hunch is confirmed, I will administer a test to try to find just which driver.

About20Pandas · Aug 13, 2012

New DMP file attached.

richc46 · Aug 13, 2012

Run your computer in safe mode. If the problem continues its hardware, if not most likely a driver. If you prefer not to use this method try the driver verifier, but be sure to read and uderstand the warnings.

Driver Verifier

I'd suggest that you firstbackup your data and then make sure you've got access to another computer soyou can contact us if problems arise. Then make a System Restore point (so youcan restore the system using the Vista/Windows 7 Startup Repair feature).

In Windows 7 you can make a Startup Repair disk by going to Start....AllPrograms...Maintenance...Create a System Repair Disc - with Windows Vistayou'll have to use your installation disk or the "Repair your computer"option at the top of the Safe Mode menu .

Then, here's the procedure:
- Go to Start and type in "verifier" (without the quotes) and press Enter
- Select "Create custom settings (for code developers)" and click"Next"
- Select "Select individual settings from a full list" and click"Next"
- Select everything EXCEPT FOR "Low Resource Simulation" and click"Next"
- Select "Select driver names from a list" and click "Next"
Then select all drivers NOT provided by Microsoft and click "Next"
- Select "Finish" on the next page.

Reboot the system and wait for it to crash to the Blue Screen. Continue to useyour system normally, and if you know what causes the crash, do thatrepeatedly. The objective here is to get the system to crash because Driver Verifier isstressing the drivers out. If it doesn't crash for you, then let it run for atleast 36 hours of continuous operation (an estimate on my part).

If you can't get into Windows because it crashes too soon, try it in Safe Mode.
If you can't get into Safe Mode, try using System Restore from yourinstallation DVD to set the system back to the previous restore point that youcreated.

DriverVerifier - Enable and Disable

About20Pandas · Aug 13, 2012

I did this yesterday BEFORE posting here as i saw a random post on Google recommending it. I didn't get to start up so i opened in Safemode and toggled it off.

Regards

richc46 · Aug 13, 2012

Try to use it in clean boot. Turn off the verifier.
If it works in clean boot, follow the instructions to find the cause
Troubleshoot Application Conflicts by Performing a Clean Startup - Windows 7 Forums ...for Vista, too.

About20Pandas · Aug 13, 2012

richc46 said:
Try to use it in clean boot. Turn off the verifier.
If it works in clean boot, follow the instructions to find the cause
Troubleshoot Application Conflicts by Performing a Clean Startup - Windows 7 Forums ...for Vista, too.

Sorry im not catching you here. I feel like an idiot, but.. Clean boot?

richc46 · Aug 13, 2012

I am trying to determine what is causing the conflict and BSODs. A clean boot loads only a little bit more than what is essential to run the computer.
If you can work in Clean boot with no problems, you slowly turn on the other software. In that way you find out what is causing the problem.

About20Pandas · Aug 13, 2012

I tried the driver verifier again. This time it crashed AFTER windows started up - it did not the first time. All dumps are attached.

richc46 · Aug 13, 2012

Code:

Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
 
Loading Dump File [C:\Users\Richard\AppData\Local\Temp\Temp1_All .DMP 14-08.zip\081412-42791-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17835.amd64fre.win7sp1_gdr.120503-2030
Machine Name:
Kernel base = 0xfffff800`05810000 PsLoadedModuleList = 0xfffff800`05a54670
Debug session time: Mon Aug 13 19:21:47.246 2012 (GMT-4)
System Uptime: 0 days 0:00:53.479
Loading Kernel Symbols
...............................................................
................................................................
....................................................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck C4, {e3, fffff880041273b1, 13fc94130, 0}
Unable to load image NSKernel.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for NSKernel.sys
*** ERROR: Module load completed but symbols could not be loaded for NSKernel.sys
Probably caused by : [B]NSKernel.sys[/B] ( NSKernel+f3b1 )
Followup: MachineOwner
---------
3: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************
[B]DRIVER_VERIFIER_DETECTED_VIOLATION[/B] (c4)
A device driver attempting to corrupt the system has been caught.  This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 00000000000000e3, Kernel Zw API called with user-mode address as parameter.
Arg2: fffff880041273b1, Address inside the driver making the incorrect API call.
Arg3: 000000013fc94130, User-mode address used as API parameter.
Arg4: 0000000000000000
Debugging Details:
------------------
 
BUGCHECK_STR:  0xc4_e3
FAULTING_IP: 
NSKernel+f3b1
fffff880`041273b1 85c0            test    eax,eax
FOLLOWUP_IP: 
NSKernel+f3b1
fffff880`041273b1 85c0            test    eax,eax
CUSTOMER_CRASH_COUNT:  1
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  WLIDSVC.EXE
CURRENT_IRQL:  0
LAST_CONTROL_TRANSFER:  from fffff80005d153dc to fffff8000588f1c0
STACK_TEXT:  
fffff880`0a9336f8 fffff800`05d153dc : 00000000`000000c4 00000000`000000e3 fffff880`041273b1 00000001`3fc94130 : nt!KeBugCheckEx
fffff880`0a933700 fffff800`05d15ec5 : fffffa80`07d81890 fffff800`05d1721e 00000000`0000027c fffff980`417acf80 : nt!VerifierBugCheckIfAppropriate+0x3c
fffff880`0a933740 fffff800`05d1739e : 00000000`45524441 00000000`00001380 fffff880`0a933a60 fffff800`05d26f0d : nt!ViZwCheckAddress+0x35
fffff880`0a933780 fffff800`05d19c52 : fffff880`041273b1 fffff880`0a933a20 fffff980`417acf80 fffff880`04126d31 : nt!ViZwCheckUnicodeString+0x2e
fffff880`0a9337c0 fffff880`041273b1 : fffff980`3e096fe0 00000000`0000027c fffff880`0a933a20 00000000`00000000 : nt!VfZwQueryValueKey+0x42
fffff880`0a933810 fffff980`3e096fe0 : 00000000`0000027c fffff880`0a933a20 00000000`00000000 00000000`00001000 : NSKernel+0xf3b1
fffff880`0a933818 00000000`0000027c : fffff880`0a933a20 00000000`00000000 00000000`00001000 fffff880`0a933860 : 0xfffff980`3e096fe0
fffff880`0a933820 fffff880`0a933a20 : 00000000`00000000 00000000`00001000 fffff880`0a933860 00000000`00000000 : 0x27c
fffff880`0a933828 00000000`00000000 : 00000000`00001000 fffff880`0a933860 00000000`00000000 fffff880`0a933a60 : 0xfffff880`0a933a20
 
STACK_COMMAND:  kb
SYMBOL_STACK_INDEX:  5
SYMBOL_NAME:  NSKernel+f3b1
FOLLOWUP_NAME:  MachineOwner
MODULE_NAME: NSKernel
IMAGE_NAME:  NSKernel.sys
DEBUG_FLR_IMAGE_TIMESTAMP:  4eb99f45
FAILURE_BUCKET_ID:  X64_0xc4_e3_NSKernel+f3b1

Nskernel.sys file descriptionProductname: NovaShield Kernel Module Description: NovaShield Kernel Module Company: NovaShield, Inc.
I have posted a summary of your report and bolded the two important portions, the driver and the fact that it was found by verifier.

Uninstall the software or update the driver. I think that this is the cause of the problem.
You may want tomake a system restore point first, in case we want to return to the way it is now.

About20Pandas · Aug 13, 2012

richc46 said:
Uninstall the software or update the driver. I think that this is the cause of the problem.
You may want tomake a system restore point first, in case we want to return to the way it is now.

Wow. Thanks buddy. Sadly im a bit unaware of how i actually uninstall such (Novashield is NOT something i have installed). I googled it quickly and it seemed as if i either had to download some new Untrusted program or fool around in Regedit.

richc46 · Aug 13, 2012

Run a full anti virus scan
Download and run a full scan with malwarebytes.
Be sure you update them, before the scan and make a full scan.
I will do research on the software. I assumed it was something you downloaded.

BSOD Interrupt_exception_not_handled

My Computer

My Computer

My Computer

My Computer

My Computer

My Computer

My Computer

My Computer

Attachments

My Computer

My Computer

Attachments

My Computer

My Computer

My Computer

My Computer

My Computer

My Computer

Attachments

My Computer

My Computer

My Computer

My Computer