Dump 1 was inconclusive. Dump 2:
*******************************************************************************
*
*
* Bugcheck Analysis *
*
*
*******************************************************************************
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure. The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000002, Stack cookie instrumentation code detected a stack-based
buffer overrun.
Arg2: fffff8800b8f5560, Address of the trap frame for the exception that caused the bugcheck
Arg3: fffff8800b8f54b8, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved
Debugging Details:
------------------
TRAP_FRAME: fffff8800b8f5560 -- (.trap 0xfffff8800b8f5560)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=000000000000001e rbx=0000000000000000 rcx=0000000000000002
rdx=000000000000ffff rsi=0000000000000000 rdi=0000000000000000
rip=fffff88001641e85 rsp=fffff8800b8f56f8 rbp=fffff8800b8f58a1
r8=0000000000000000 r9=0000000000000080 r10=0000000000000001
r11=fffff8800b8f56e0 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na po nc
Ntfs!_report_gsfailure+0x5:
fffff880`01641e85 cd29 int 29h
Resetting default scope
EXCEPTION_RECORD: fffff8800b8f54b8 -- (.exr 0xfffff8800b8f54b8)
ExceptionAddress: fffff88001641e85 (Ntfs!_report_gsfailure+0x0000000000000005)
ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
ExceptionFlags: 00000001
NumberParameters: 1
Parameter[0]: 0000000000000002
CUSTOMER_CRASH_COUNT: 1
BUGCHECK_STR: 0x139
PROCESS_NAME: csrss.exe
CURRENT_IRQL: 0
ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
EXCEPTION_PARAMETER1: 0000000000000002
DEFAULT_BUCKET_ID:
CODE_CORRUPTION
LAST_CONTROL_TRANSFER: from fffff803fd87c669 to fffff803fd87d340
STACK_TEXT:
fffff880`0b8f5238 fffff803`fd87c669 : 00000000`00000139 00000000`00000002 fffff880`0b8f5560 fffff880`0b8f54b8 : nt!KeBugCheckEx
fffff880`0b8f5240 fffff803`fd87c990 : fffffa80`059c5b00 fffff803`fdb51f40 00000000`c0033333 fffff880`0185d180 : nt!KiBugCheckDispatch+0x69
fffff880`0b8f5380 fffff803`fd87bbf4 : 00000000`0000000e 00000000`00000001 00000000`00000001 fffffa80`0765a400 : nt!KiFastFailDispatch+0xd0
fffff880`0b8f5560 fffff880`01641e85 : fffff880`0170b1b3 fffffa80`07cf1e10 fffff880`0b8f58a1 fffffa80`05dfb180 : nt!KiRaiseSecurityCheckFailure+0xf4
fffff880`0b8f56f8 fffff880`0170b1b3 : fffffa80`07cf1e10 fffff880`0b8f58a1 fffffa80`05dfb180 00000000`0df84800 : Ntfs!_report_gsfailure+0x5
fffff880`0b8f5700 fffff880`0170b254 : fffff980`0552d3c8 fffff980`0552d438 fffff980`0552d4b0 fffff980`0552d520 : Ntfs!NtfsReadMftRecord+0x3be
fffff880`0b8f5800 fffff880`0170a448 : 00000000`00000200 00000000`00000000 fffff8a0`0022e178 fffffa80`030efe20 : Ntfs!NtfsReadFileRecord+0x74
fffff880`0b8f58f0 fffff880`016cf752 : fffffa80`07cf1e10 fffff880`054395a0 fffff880`05439420 00000000`00000000 : Ntfs!NtfsLookupInFileRecord+0x68
fffff880`0b8f5980 fffff880`016d0a1d : fffffa80`07cf1e10 fffff880`054395a0 fffff880`00000000 fffff8a0`015a1910 : Ntfs!NtfsUpdateFcbInfoFromDisk+0xc2
fffff880`0b8f5af0 fffff880`017020bf : fffff880`05439420 fffff880`054395a0 fffff8a0`08be9af0 fffffa80`07cf1e10 : Ntfs!NtfsOpenFile+0x32d
fffff880`0b8f5d30 fffff880`01705d0d : fffffa80`07cf1e10 fffffa80`05fa9c10 fffff880`05439420 fffffa80`0765a401 : Ntfs!NtfsCommonCreate+0x101f
fffff880`0b8f5f50 fffff803`fd877aa7 : fffff880`054393d8 00000000`00000000 00000000`00000000 00000000`00000000 : Ntfs!NtfsCommonCreateCallout+0x1d
fffff880`0b8f5f80 fffff803`fd877a6d : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxSwitchKernelStackCallout+0x27
fffff880`05439220 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSwitchKernelStackContinue
STACK_COMMAND: kb
CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
fffff803fd87d361 - nt!KeBugCheckEx+21
[ 00:01 ]
1 error : !nt (fffff803fd87d361)
MODULE_NAME: memory_corruption
IMAGE_NAME: memory_corruption
FOLLOWUP_NAME: memory_corruption
DEBUG_FLR_IMAGE_TIMESTAMP: 0
MEMORY_CORRUPTOR: ONE_BIT
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_ONE_BIT
BUCKET_ID: MEMORY_CORRUPTION_ONE_BIT
Followup: memory_corruption
---------
1: kd> !analyze -v
*******************************************************************************
*
*
* Bugcheck Analysis *
*
*
*******************************************************************************
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure. The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000002, Stack cookie instrumentation code detected a stack-based
buffer overrun.
Arg2: fffff8800b8f5560, Address of the trap frame for the exception that caused the bugcheck
Arg3: fffff8800b8f54b8, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved
Debugging Details:
------------------
TRAP_FRAME: fffff8800b8f5560 -- (.trap 0xfffff8800b8f5560)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=000000000000001e rbx=0000000000000000 rcx=0000000000000002
rdx=000000000000ffff rsi=0000000000000000 rdi=0000000000000000
rip=fffff88001641e85 rsp=fffff8800b8f56f8 rbp=fffff8800b8f58a1
r8=0000000000000000 r9=0000000000000080 r10=0000000000000001
r11=fffff8800b8f56e0 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na po nc
Ntfs!_report_gsfailure+0x5:
fffff880`01641e85 cd29 int 29h
Resetting default scope
EXCEPTION_RECORD: fffff8800b8f54b8 -- (.exr 0xfffff8800b8f54b8)
ExceptionAddress: fffff88001641e85 (Ntfs!_report_gsfailure+0x0000000000000005)
ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
ExceptionFlags: 00000001
NumberParameters: 1
Parameter[0]: 0000000000000002
CUSTOMER_CRASH_COUNT: 1
BUGCHECK_STR: 0x139
PROCESS_NAME: csrss.exe
CURRENT_IRQL: 0
ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
EXCEPTION_PARAMETER1: 0000000000000002
DEFAULT_BUCKET_ID: CODE_CORRUPTION
LAST_CONTROL_TRANSFER: from fffff803fd87c669 to fffff803fd87d340
STACK_TEXT:
fffff880`0b8f5238 fffff803`fd87c669 : 00000000`00000139 00000000`00000002 fffff880`0b8f5560 fffff880`0b8f54b8 : nt!KeBugCheckEx
fffff880`0b8f5240 fffff803`fd87c990 : fffffa80`059c5b00 fffff803`fdb51f40 00000000`c0033333 fffff880`0185d180 : nt!KiBugCheckDispatch+0x69
fffff880`0b8f5380 fffff803`fd87bbf4 : 00000000`0000000e 00000000`00000001 00000000`00000001 fffffa80`0765a400 : nt!KiFastFailDispatch+0xd0
fffff880`0b8f5560 fffff880`01641e85 : fffff880`0170b1b3 fffffa80`07cf1e10 fffff880`0b8f58a1 fffffa80`05dfb180 : nt!KiRaiseSecurityCheckFailure+0xf4
fffff880`0b8f56f8 fffff880`0170b1b3 : fffffa80`07cf1e10 fffff880`0b8f58a1 fffffa80`05dfb180 00000000`0df84800 : Ntfs!_report_gsfailure+0x5
fffff880`0b8f5700 fffff880`0170b254 : fffff980`0552d3c8 fffff980`0552d438 fffff980`0552d4b0 fffff980`0552d520 : Ntfs!NtfsReadMftRecord+0x3be
fffff880`0b8f5800 fffff880`0170a448 : 00000000`00000200 00000000`00000000 fffff8a0`0022e178 fffffa80`030efe20 : Ntfs!NtfsReadFileRecord+0x74
fffff880`0b8f58f0 fffff880`016cf752 : fffffa80`07cf1e10 fffff880`054395a0 fffff880`05439420 00000000`00000000 : Ntfs!NtfsLookupInFileRecord+0x68
fffff880`0b8f5980 fffff880`016d0a1d : fffffa80`07cf1e10 fffff880`054395a0 fffff880`00000000 fffff8a0`015a1910 : Ntfs!NtfsUpdateFcbInfoFromDisk+0xc2
fffff880`0b8f5af0 fffff880`017020bf : fffff880`05439420 fffff880`054395a0 fffff8a0`08be9af0 fffffa80`07cf1e10 : Ntfs!NtfsOpenFile+0x32d
fffff880`0b8f5d30 fffff880`01705d0d : fffffa80`07cf1e10 fffffa80`05fa9c10 fffff880`05439420 fffffa80`0765a401 : Ntfs!NtfsCommonCreate+0x101f
fffff880`0b8f5f50 fffff803`fd877aa7 : fffff880`054393d8 00000000`00000000 00000000`00000000 00000000`00000000 : Ntfs!NtfsCommonCreateCallout+0x1d
fffff880`0b8f5f80 fffff803`fd877a6d : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxSwitchKernelStackCallout+0x27
fffff880`05439220 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSwitchKernelStackContinue
STACK_COMMAND: kb
CHKIMG_EXTENSION: !chkimg -lo 50 -d !nt
fffff803fd87d361 - nt!KeBugCheckEx+21
[ 00:01 ]
1 error : !nt (fffff803fd87d361)
MODULE_NAME: memory_corruption
IMAGE_NAME: memory_corruption
FOLLOWUP_NAME: memory_corruption
DEBUG_FLR_IMAGE_TIMESTAMP: 0
MEMORY_CORRUPTOR: ONE_BIT
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_ONE_BIT
BUCKET_ID: MEMORY_CORRUPTION_ONE_BIT
Followup: memory_corruption
---------
Dump 3 indicates a problem with Call of Duty: Black Ops. Try googling a fix.
*******************************************************************************
*
*
* Bugcheck Analysis *
*
*
*******************************************************************************
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure. The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
Arg2: fffff880092f51e0, Address of the trap frame for the exception that caused the bugcheck
Arg3: fffff880092f5138, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved
Debugging Details:
------------------
TRAP_FRAME: fffff880092f51e0 -- (.trap 0xfffff880092f51e0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffffa8004284698 rbx=0000000000000000 rcx=0000000000000003
rdx=fffffa8000000020 rsi=0000000000000000 rdi=0000000000000000
rip=fffff801515e95ef rsp=fffff880092f5370 rbp=fffff6fcc0068400
r8=fffffa8004c7fdb0 r9=fffff880092f53b8 r10=0000000000000002
r11=fffff880092f5340 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na po nc
nt! ?? ::FNODOBFM::`string'+0x196cb:
fffff801`515e95ef cd29 int 29h
Resetting default scope
EXCEPTION_RECORD: fffff880092f5138 -- (.exr 0xfffff880092f5138)
ExceptionAddress: fffff801515e95ef (nt! ?? ::FNODOBFM::`string'+0x00000000000196cb)
ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
ExceptionFlags: 00000001
NumberParameters: 1
Parameter[0]: 0000000000000003
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: LIST_ENTRY_CORRUPT
BUGCHECK_STR: 0x139
PROCESS_NAME: t6mp.exe
CURRENT_IRQL: 0
ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
EXCEPTION_PARAMETER1: 0000000000000003
LAST_CONTROL_TRANSFER: from fffff8015148b669 to fffff8015148c340
STACK_TEXT:
fffff880`092f4eb8 fffff801`5148b669 : 00000000`00000139 00000000`00000003 fffff880`092f51e0 fffff880`092f5138 : nt!KeBugCheckEx
fffff880`092f4ec0 fffff801`5148b990 : fffff880`092f5010 fffff801`514e09ca 00000000`63416d4d fffff6fc`c00a3200 : nt!KiBugCheckDispatch+0x69
fffff880`092f5000 fffff801`5148abf4 : 00000000`00000000 fffff801`514e2d79 00000000`00000000 fffffa80`0678af20 : nt!KiFastFailDispatch+0xd0
fffff880`092f51e0 fffff801`515e95ef : fffffa80`04c7fdb0 fffff6fc`c0068200 00000000`00000000 fffffa80`041c9190 : nt!KiRaiseSecurityCheckFailure+0xf4
fffff880`092f5370 fffff801`514e280c : 00000000`00000000 fffff801`51707830 fffff880`092f54e8 00000000`00000000 : nt! ?? ::FNODOBFM::`string'+0x196cb
fffff880`092f54b0 fffff801`514cbfa4 : ffffa050`ba331000 00000000`00000001 00000000`00000001 fffffa80`00000000 : nt!CcGetVacbMiss+0x14c
fffff880`092f5560 fffff801`5180a36c : 00000000`00000000 00000000`25f50000 fffff880`092f56a0 fffff880`092f56b0 : nt!CcGetVirtualAddress+0x284
fffff880`092f5600 fffff801`5145d8ae : 00000000`00000000 00000000`25f50000 00000000`00000000 fffff880`016a6401 : nt!CcMapAndCopyFromCache+0x7c
fffff880`092f56a0 fffff880`0175174f : fffffa80`05cba200 00000000`25f58000 fffffa80`00000000 fffffa80`06e025a0 : nt!CcCopyReadEx+0xfe
fffff880`092f5710 fffff880`0125337d : 00000000`00000000 00000000`000002a0 00000000`00000000 00000000`00000000 : Ntfs!NtfsCopyReadA+0x1f0
fffff880`092f5960 fffff880`01253b53 : fffff880`092f5a50 00000000`00000000 fffffa80`06e02500 fffffa80`057e1490 : fltmgr!FltpPerformFastIoCall+0xbd
fffff880`092f59c0 fffff880`0127d839 : d4003701`2b87ec13 0000001f`00120089 fffff880`092f5b00 00000000`00000000 : fltmgr!FltpPassThroughFastIo+0xc3
fffff880`092f5a20 fffff801`517f7980 : fffffa80`06e025a0 fffffa80`06e025a0 00000000`00000000 00000000`00000000 : fltmgr!FltpFastIoRead+0x199
fffff880`092f5ad0 fffff801`5148b353 : 00000000`746c6644 00000000`00000000 00000000`00000000 00000000`00000000 : nt!NtReadFile+0x3fe
fffff880`092f5bd0 00000000`76e92ad2 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0829f128 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x76e92ad2
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!KiFastFailDispatch+d0
fffff801`5148b990 c644242000 mov byte ptr [rsp+20h],0
SYMBOL_STACK_INDEX: 2
SYMBOL_NAME: nt!KiFastFailDispatch+d0
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 50ab0e64
BUCKET_ID_FUNC_OFFSET: d0
FAILURE_BUCKET_ID: 0x139_3_nt!KiFastFailDispatch
BUCKET_ID: 0x139_3_nt!KiFastFailDispatch
Followup: MachineOwner