BSOD: IRQL_... caused by ntkrnlpa.exe

Well you and your son's experience sound almost the same as my son's and I experience from a few years ago. At the time I built a brand new system and was getting Blue Screens almost from the get-go. Strange thing was so was my son's computer and his computer was my old one that never Blue Screened before. Long story short it was the Sunbelt Firewall and a specific driver that was causing the issue and that was the only thing the systems had in common. Once it was removed stability returned to both systems.

I strongly suspect that the upgraded Norton and WAS are conflicting. Uninstall WAS from one or both systems and tell me what you get.

Also, Webroot may be an anti-spyware but Norton 360 also carries an anti-spyware. The rule still applies: If run in real security security software drivers will most often conflict causing Blue Screens. A WAS upgrade may correct the issue.

Hi Route44,

Thanks again. I really would like to know what the minidumps are pointing to before I start uninstalling on at least one of the systems (mine).
I did upgrade the video driver and I haven't seen it BSOD today... yet. All software is up-to-date. Also uninstalling either of these products is slightly more complicated than most, because of the cloud features like back-up and sync that are designed to be installed once.

My son's on the other hand is simply getting worse, sometimes not even starting in safe mode and displaying blue screens titled "Bad pool header" and "Memory management". It is also giving blue screens identical to the title of this thread. I have already completely uninstalled Prevx and Webroot but the errors continue. I'll be running diags on it tonite. I'll also post 2 or 3 of its last minidumps.

Are the minidumps not the key to the solution?
Unfortunately I haven't figured out how to read them. I look forward to knowing what they reveal.

David,
minidumps provide clues to problems. Because of this, it takes practice and patients to analyze them accurately. It looks like you do have program conflicts. "Bad pool header and memory management" are related to memory issues but driver issues and program conflicts can falsely reflect these. Remove Norton and install free Microsoft Security Essentials. Do not re-install Webroot, but go ahead and re-install Previx... Install and run this temp file cleaner:
http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/
Run it often

Route44 and TMagic
Thanks for the advice. I guess analyzing a minidump is time-consuming and difficult, as I'm not getting any answers on what the Error Code and the Probable Cause were from the two I uploaded as davidb.zip in post #18.
To not confuse the two computers I've mentioned, my own system provided the uploaded minidumps in post #18. It has not crashed since I upgraded the video driver Thursday, as I mentioned in post #22. Did the minidumps point to video?.
My son's system has been blue-screening badly. I just finished running multiple diagnostics, Memtest+, HP Diagnostics (came with HP computer) and WDC DOS-harddisk diagnostic. All hardware reports 100%. So it must be software.
I do want to upload some minidumps from his, but I won't bother if you're all too busy to analyze them. I'm not keen on just changing out my main security product (Norton360) unless it's proved to be contributing to the problem. Let me know please.

Windows 7 and even Windows 8 have a decent firewall and Windows Defender built-in. I won't mention Windows Vista! Norton, and McAfee interfere with the Windows firewall in some cases. I learned a long time ago to remove and stay away from these, like the Plague, in my repair business. Mind you, these computers all have serious software/hardware issues like yours. Windows Security Essentials is free. It doesn't interfere with Windows as you can imagine. Feel free to post any new minidumps. I have had a lot of practice reading and interpreting them. Once a Norton "protected" computer has troubles, the first thing you should do is REMOVE Norton for troubleshooting purposes

Thanks again. Ok, I buy your experience and logic about Norton. I know it's a resource hog, and I know the recent update to ver 6 is not as stable as I might have thought. Webroot analyzer says it has a possible handle leak. The report shows almost twice as many handles for Norton's engine as the next highest - a Windows svchost file which is tied to about 20 services. Plus Norton had an extreme amount of page faults listed as well. Perhaps these are ongoingNorton360 issues; perhaps it's just my installation(s) - I don't know. Ok I'm considering temporarily at least, uninstalling Norton360 on at least the one computer that is still blue-screening - my son's. A zip file is uploaded here with the last 3 crashes' minidumps. If you would be so kind as to take a look inside and see what the problem is likely to be? Referring to the the first post #1, if it simply shows the kernal is at fault - that's what the basic summary showed but obviously that's too broad a target to identify what's not working.

SYMEFA.sys is being flagged as a problem... No surprise it is part of Norton. All the others flagged just show general Windows instability. Things like ntkrnlpa.exe, KERNEL_MODE_EXCEPTION_NOT_HANDLED, HAL.dll, UNEXPECTED_KERNEL_MODE_TRAP, DRIVER_NOT_LESS_OR_EQUAL AND TCPIP.SYS are all signs of NORTON caused instability. If SYMEFA.sys or any other Symantec driver was not present here, we could look at memory or hard drive issues more closely. You have already ruled these out haven't you, and we're pointing to software. Norton is software. Are we making more sense now?

Yes thank you for reading the minidumps for me. The strange thing is, the file Properties page for SYMEFA.SYS shows it has not been accessed since June 2012. I searched the entire computer - including hidden files and non-indexed locations. Just the one instance of that file. Oh well, I'll uninstall Norton and see what happens. The blue screens are random, sometimes even booting into safe mode is a challenge; other times it runs in normal mode for an hour or so. I may have to wait awhile for a BSOD. In the meantime, I'll post the minidump from the last crash today - perhaps you could say if it is consistent, or different?

Uninstall Norton and run the temp file cleaner I suggested. This minidump references Memory Management. OS instability can show up anything at any time...old or new

Tmagic and Route44,
Well, my son's computer is no better off after uninstalling Norton and installing MSE. I have a little more info, and have attached a recent minidump. It appears it likes to blue screen after awakening from sleep. I have again run a slew of hardware tests using Windows Memory Diagnostics Tool, Memtest+, WD hard drive tests, Spinrite, HP diagnostics, and everything passes 100%.
I have seen it restart instead of the BSOD halt. When it last blue-screened after awakening, it blue-screened in safe mode as well, and a couple of times when trying to start Windows normally. Then on another try, here I am typing away. I have seen drivers mentioned on the blue screens. acpi.sys ecache.sys CLFS.sys . I've seen IRQ not lesss or equal and DRIVER_IRQ not less or equal. I have seen the machine stop when booting the BIOS before it detects boot devices (just after memory testing OK).
Yes this is Vista. Yes it seems like software issues, although the BIOS halts could be valid or it could be a video adapter problem (nVidia video on the motherboard). I'm at the end of the rope on this now, about to reformat C: and load Windows 7. Appreciate any last ideas, and perhaps a last read of the minidump attached. Thanks

Ecash.sys... is this a payment system driver? Seems like you could both benefit from a fresh OS re-install

You're joking right? ecache.sys is a Windows driver located here: C:\Windows\System32\drivers
Sorry I'm not in the mood for humour. This is taking way too much time to solve.
I can still read your recommendation between the lines. Out with Vista, in with 7 or 8.
The process of rebuilding is always daunting ... never easy enough.

Route44,
Besides the last minidump from my son's computer attached in post #30, I have attached one minidump from my machine here. It occurred when I accidentally unplugged my HP Officejet printer. Is that to be expected? Otherwise this main machine hasn't blue-screened since I upgraded the video drivers. Thanks

"The process of rebuilding is always daunting ... never easy enough"... Unless you are prepared to do it. With today's external hard drives, flash drives and blue-ray disks there is really no excuse to have everything important to you backed up and always at your fingertips. The Windows updates are a pain to re-install, but that's about it. Windows 8 can be modified to use on a desktop without a touch screen. I like it, but I'm not ready to use it full time yet... Vista should go the way of the Dinosaurs!

never easy enough ...
I would rather perform 3 hours of Windows Updates. They're easy. No forethought or planning required. Almost automatic. You can click Update and walk away. But, name me a perfect back-up and restore solution and I'll buy it. Yes I have back-ups, but nothing I have researched or used is easy or perfect enough. "Windows Easy Transfer" is not perfect. User data is spread in various directories - sometimes so deep the average user cannot remember where. iTunes has it's location, photo programs tend to keep their photos everywhere except in the Pictures folder. Moving from one OS to another results in different folder names, libraries, etc. Unless you are restoring a drive image, or transferring from and to identical set-ups, it takes time and patience and exactitude to ensure the system you rebuilt has everything in the same and proper place as it was. I've seen pro tech support shops screw up people's back-ups to the point where there's no recognizing the files. If the pros haven't perfected the process, neither will average Joe. Further, on my son's "mis-diagnosed" computer, I still have no idea what is causing the faults, although software "seems" to be the culprit. Therefore I need to first install a basic OS and test it, step by step to ensure hardware, such as a video adapter, or NIC, or mobo, or power supply is not truly at fault. Time, patience, more time, more patience, and more time... not to mention reloading all of the programs. I know, it's necessary to clean house and start from scratch, usually when upgrading the OS. But I wouldn't trust anyone to do it right but myself. And that takes ... well ... time.

The last minidump points to DRIVER_VERIFIER_DETECTED_VIOLATION
DOT4.SYS, NTKRNLPA, and HAL.DLL
You've had so many varied minidumps where do we go from here? if I saw this for the first time, I would say hard drive. The title of this thread "BSOD: IRQL_... caused by ntkrnlpa.exe" is not correct. The BSOD is NOT caused by ntkrnlpa.exe, ntkrnlpa.exe is a symptom not a cause

True, and thank you for looking at that minidump. BlueScreenView was the program I initially used in this OLD thread, and it always comes up with ntkrnlpa. Even the Windows Debugger focuses first on that file, which is of course misleading.
Part of the confusion here is I have referred to two computers, both having had recent blue screens, some the same, some different. The DOT4 cause I now understand. I would like to focus on the minidump in post #30 if you could assist. That computer is blue-screening every time it comes out of sleep, then multiple times as it reboots, finally it starts in normal mode again, only to rinse and repeat. Post #28 contained the previous minidump posted from that machine. The HDD physically tests perfect, including sfc and chkdsk results. Norton was uninstalled. The only AV is MSE as you recommended. Thanks

The minidump contents of post #30 are:
DRIVER_IRQL_NOT_LESS_OR_EQUAL, CLASSPNP.SYS, ECASH.SYS, NTKRNLPA.EXE AND STORPORT.SYS
The minidump contents in post #28 are:
MEMORY_MANAGEMENT, HAL.DLL, and NTKRNLPA.EXE