Problem Event Name: Blue Screen

No apologies necessary, you did just fine!

The attached DMP file is of the IRQL_NOT_LESS_OR_EQUAL (a) bug check.

This indicates that Microsoft Windows or a kernel-mode driver accessed paged memory at DISPATCH_LEVEL or above.

This bug check is issued if paged memory (or invalid memory) is accessed when the IRQL is too high. The error that generates this bug check usually occurs after the installation of a faulty device driver, system service, or BIOS.

2: kd> k
Child-SP          RetAddr           Call Site
fffff880`03316728 fffff800`032dc169 nt!KeBugCheckEx
fffff880`03316730 fffff800`032dade0 nt!KiBugCheckDispatch+0x69
fffff880`03316870 fffff800`032d125b nt!KiPageFault+0x260
fffff880`03316a00 fffff800`032c6a60 nt!ExpScanGeneralLookasideList+0xa0
fffff880`03316a60 fffff800`032c6fae nt!ExAdjustLookasideDepth+0x40
fffff880`03316a90 fffff800`0357873a nt!KeBalanceSetManager+0x1be
fffff880`03316c00 fffff800`032cd8e6 nt!PspSystemThreadStartup+0x5a
fffff880`03316c40 00000000`00000000 nt!KxStartSystemThread+0x16

It looks like corrupted memory in the heap and that the GeneralLookaside list management code is the victim here. Likely a 3rd party driver causing this, so let's get to work!

-----------------------------

1. AsIO.sys is listed and loaded which is the Asus PC Probe Utility driver. I'd uninstall this software + any other installed Asus bloatware.

2. Uninstall Glary Utilities ASAP, I've seen it cause many problems.

3. If the issues persist after the above, please uninstall Malwarebytes Pro for temporary troubleshooting purposes.

4.

2: kd> lmvm sentinel64
start             end                 module name
fffff880`02bcd000 fffff880`02bf3000   Sentinel64   (deferred)             
    Image path: \SystemRoot\System32\Drivers\Sentinel64.sys
    Image name: Sentinel64.sys
    Timestamp:        Mon Jun 02 02:14:55 2008

Sentinel64.sys is the Rainbow Tech/SafeNet USB Security Device driver. I have seen this driver/software cause problem after problem. I would uninstall the software + remove the device ASAP if the above don't stop the crashes.

Regards,

Patrick

Hi,

In order to assist you, we will need the .DMP files to analyze what exactly occurred at the time of the crash, etc.

If you don't know where .DMP files are located, here's how to get to them:

1. Navigate to the %systemroot%\Minidump folder.

2. Copy any and all DMP files in the Minidump folder to your Desktop and then zip up these files.

3. Upload the zip containing the .DMP files to Onedrive or a hosting site of your choice and paste in your reply. Prefered sites: Onedrive, Mediafire, Dropbox, etc. Nothing with wait-timers.

4 (optional): The type of .DMP files located in the Minidump folder are known as Small Memory Dumps. In %systemroot% there will be what is known as a Kernel-Dump (if your system is set to generate). It is labeled MEMORY.DMP. The difference between Small Memory Dumps and Kernel-Dumps in the simplest definition is a Kernel-Dump contains much more information at the time of the crash, therefore allowing further debugging of your issue. If your upload speed permits it, and you aren't going against any strict bandwidth and/or usage caps, etc, the Kernel-Dump is the best choice. Do note that Kernel-Dumps are much larger in size due to containing much more info, which is why I mentioned upload speed, etc.

If you are going to use Onedrive but don't know how to upload to it, please visit the following:

Upload photos and files to Onedrive.

Please note that any "cleaner" programs such as TuneUp Utilities, CCleaner, etc, by default will delete .DMP files upon use.

If your computer is not generating .DMP files, please do the following:

1. Start > type %systemroot% which should show the Windows folder, click on it. Once inside that folder, ensure there is a Minidump folder created. If not, CTRL-SHIFT-N to make a New Folder and name it Minidump.

2. Windows key + Pause key. This should bring up System. Click Advanced System Settings on the left > Advanced > Performance > Settings > Advanced > Ensure there's a check-mark for 'Automatically manage paging file size for all drives'.

3. Windows key + Pause key. This should bring up System. Click Advanced System Settings on the left > Advanced > Startup and Recovery > Settings > System Failure > ensure there is a check mark next to 'Write an event to the system log'.

Ensure Small Memory Dump is selected and ensure the path is %systemroot%\Minidump.

4. Double check that the WERS is ENABLED:

Start > Search > type services.msc > Under the name tab, find Windows Error Reporting Service > If the status of the service is not Started then right click it and select Start. Also ensure that under Startup Type it is set to Automatic rather than Manual. You can do this by right clicking it, selecting properties, and under General selecting startup type to 'Automatic', and then click Apply.

If you cannot get into normal mode to do any of this, please do this via Safe Mode.

Regards,

Patrick