1. What is the make and model of the computer?
2. What are the hardware specifications of the computer?
3. Have you installed any third party security software on the computer?
4. Are all the drivers updated?
5. Have you made any recent changes on the computer?
6. Have you connected any external devices to the computer?
1. HP Pavilion dv6
2. Intel Core i7-2630QM CPU @ 2.00GHz
4. Not sure
5. Installed win 8.1 pro
All of the attached DMP files are of the DRIVER_OVERRAN_STACK_BUFFER (f7) bug check.
This indicates that a driver has overrun a stack-based buffer.
A driver overran a stack-based buffer (or local variable) in a way that would have overwritten the function's return address and jumped back to an arbitrary address when the function returned.
If we take a look at the call stack:
6: kd> kb
RetAddr : Args to Child : Call Site
fffff800`01891f6e : 00000000`000000f7 0000f800`01894410 0000f800`01894412 ffff07ff`fe76bbed : nt!KeBugCheckEx
00000000`000000f7 : 0000f800`01894410 0000f800`01894412 ffff07ff`fe76bbed 00000000`00000000 : WinFLAdrv+0x3f6e
0000f800`01894410 : 0000f800`01894412 ffff07ff`fe76bbed 00000000`00000000 ffffe000`0405668c : 0xf7
0000f800`01894412 : ffff07ff`fe76bbed 00000000`00000000 ffffe000`0405668c ffffd000`25b08250 : 0xf800`01894410
ffff07ff`fe76bbed : 00000000`00000000 ffffe000`0405668c ffffd000`25b08250 fffff800`018911c5 : 0xf800`01894412
00000000`00000000 : ffffe000`0405668c ffffd000`25b08250 fffff800`018911c5 00000000`00000000 : 0xffff07ff`fe76bbed
Unable to load image \SystemRoot\SysWOW64\WinFLAdrv.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for WinFLAdrv.sys
*** ERROR: Module load completed but symbols could not be loaded for WinFLAdrv.sys
^^ WinFLAdrv.sys is related to WinFLAdrv.sys Service Application from NewSoftwares.net. Remove whatever is in relation to this. If you are not sure, navigate to C:\Windows\System32\Drivers find WinFLAdrv.sys, right click, properties, Details tab and see what the description is.
If you're still crashing after the above, please remove and replace AVG with Windows 8's built-in Windows Defender for temporary troubleshooting purposes:
AVG removal tool - http://www.avg.com/us-en/utilities
If you're still crashing after both recommendations, please enable Driver Verifier to look for further device driver corruption:
What is Driver Verifier?
Driver Verifier is included in Windows 8, 7, Windows Server 2008 R2, Windows Vista, Windows Server 2008, Windows 2000, Windows XP, and Windows Server 2003 to promote stability and reliability; you can use this tool to troubleshoot driver issues. Windows kernel-mode components can cause system corruption or system failures as a result of an improperly written driver, such as an earlier version of a Windows Driver Model (WDM) driver.
Essentially, if there's a 3rd party driver believed to be at issue, enabling Driver Verifier will help flush out the rogue driver if it detects a violation.
Before enabling Driver Verifier, it is recommended to create a System Restore Point:
Vista - START | type rstrui - create a restore point
Windows 7 - START | type create | select "Create a Restore Point"
Windows 8 - http://www.eightforums.com/tutorials/4690-restore-point-create-windows-8-a.html
How to enable Driver Verifier:
Start > type "verifier" without the quotes > Select the following options -
1. Select - "Create custom settings (for code developers)"
2. Select - "Select individual settings from a full list"
3. Check the following boxes -
- Special Pool
- Pool Tracking
- Force IRQL Checking
- Deadlock Detection
- Security Checks (Windows 7 & 8)
- DDI compliance checking (Windows 8)
- Miscellaneous Checks
4. Select - "Select driver names from a list"
5. Click on the "Provider" tab. This will sort all of the drivers by the provider.
6. Check EVERY box that is [B]NOT[/B] provided by Microsoft / Microsoft Corporation.
7. Click on Finish.
Important information regarding Driver Verifier:
- If Driver Verifier finds a violation, the system will BSOD.
- After enabling Driver Verifier and restarting the system, depending on the culprit, if for example the driver is on start-up, you may not be able to get back into normal Windows because Driver Verifier will flag it, and as stated above, that will cause / force a BSOD.
If this happens, do not panic, do the following:
- Boot into Safe Mode by repeatedly tapping the F8 key during boot-up.
- Once in Safe Mode - Start > type "system restore" without the quotes.
- Choose the restore point you created earlier.
If you did not set up a restore point, do not worry, you can still disable Driver Verifier to get back into normal Windows:
- Start > Search > type "cmd" without the quotes.
- To turn off Driver Verifier, type in cmd "verifier /reset" without the quotes.
・ Restart and boot into normal Windows.
How long should I keep Driver Verifier enabled for?
It varies, many experts and analysts have different recommendations. Personally, I recommend keeping it enabled for at least 24 hours. If you don't BSOD by then, disable Driver Verifier.
My system BSOD'd, where can I find the crash dumps?
They will be located in %systemroot%\Minidump
Any other questions can most likely be answered by this article: