Solved Random BSOD, Random erros, Debug says ntoskrnl.exe

Surgikill

New Member
Member
Messages
150
Hey guys, so I am in a bit of a pickle. I have an HP m6-k015dx laptop and it is giving me hell. I will get random BSOD's, usually at or a short while after login. They usually happen consecutively and then stop. I was able to enable driver verifier in order to see what was wrong. After it was enabled it did not crash so I decided to use memtest to check the RAM. 50% into the first pass it had detected 650 errors. So I tested each stick in each slot and it came back fine. I then tested both sticks again and it came back without an error. I tried to boot normally but I received multiple BSOD's. I then booted into safe mode with networking and received a BSOD. After that I booted into safe mode and was able to retrieve my minidump files. After analyzing them on another computer each one says that it is probably caused by ntoskrnl.exe What is my course of action from here on out? I really have no idea what to do.

My mindump files are zipped and attached.
 

My Computer

System One

  • OS
    Windows 8, Kali
    Computer type
    Laptop
    System Manufacturer/Model
    HP ENVY TouchSmart m6 Sleekbook
    CPU
    i5 4200 u
    Memory
    8gb DDR3 1600
    Graphics Card(s)
    Intel HD 4400
    Browser
    Firefox
    Antivirus
    Defender
Set Optimized Defaults in the bios, then save. Check that storage is set to AHCI mode, if that is how it is currently set. If not, change the setting to that. Save.

Boot to Windows.

Download/install/run CPU-Z.

Type snippingtool into the Start menu then press Enter. Use it to make a screenshot of CPU-Z Memory tab.

Then, make a screenshot of the SPD tab - one for each stick of RAM you have. So if two sticks, two screenshots for this...etc... (Change the slot # to get to others, in top left of tab.)

Please attach the saved screenshots (.jpg format is good) to a new post here.
 

My Computer

System One

  • OS
    7601.18247.x86fre.win7sp1
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Self-built Intel based
    CPU
    Pentium D 925 3.0 GHz socket 775, Presler @ ~ 3.2 GHz
    Motherboard
    Intel DQ965MT
    Memory
    Hyundai 2 GB DDR2 @ 333 MHz
    Graphics Card(s)
    ASUS DirectCU II HD7790-DC2OC-2GD5 Radeon HD 7790 2GB 128-Bit GDDR5
    Sound Card
    MOTU Traveler firewire interface
    Hard Drives
    1 Seagate Barracuda SATA II system/boot drive 80 GB, 2 Western Digital hdds - 1 is SATA II Caviar Black 1 TB attached to card (assorted media, page, temp), other is SATA I 420 GB (games, media, downloads)
    PSU
    Thermaltake 450W
    Cooling
    stock Gateway cooling, extra large fan in rear of case
    Keyboard
    Alienware/Microsoft Internet kb
    Mouse
    Logitech M510
    Internet Speed
    Optimum Online, fast for US
    Browser
    Pale Moon
    Antivirus
    Kaspersky integrated into ZoneAlarm+Antivirus
We should get rid of this:

WPRO_41_2001 WPRO_41_2001.sys Mon Nov 07 16:04:48 2011 (4EB847F0)

Uninstall WinPcap normally.

If it is not in the uninstall list, then do this instead:

Delete this file:

C:\Windows\System32\drivers\WPRO_41_2001.sys

Then open Regedit and locate its key (might take a little effort, depending on if it is named similarly, as WinPcap, or something else even) - delete the key.

Here is the location:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services

Reboot.
 

My Computer

System One

  • OS
    7601.18247.x86fre.win7sp1
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Self-built Intel based
    CPU
    Pentium D 925 3.0 GHz socket 775, Presler @ ~ 3.2 GHz
    Motherboard
    Intel DQ965MT
    Memory
    Hyundai 2 GB DDR2 @ 333 MHz
    Graphics Card(s)
    ASUS DirectCU II HD7790-DC2OC-2GD5 Radeon HD 7790 2GB 128-Bit GDDR5
    Sound Card
    MOTU Traveler firewire interface
    Hard Drives
    1 Seagate Barracuda SATA II system/boot drive 80 GB, 2 Western Digital hdds - 1 is SATA II Caviar Black 1 TB attached to card (assorted media, page, temp), other is SATA I 420 GB (games, media, downloads)
    PSU
    Thermaltake 450W
    Cooling
    stock Gateway cooling, extra large fan in rear of case
    Keyboard
    Alienware/Microsoft Internet kb
    Mouse
    Logitech M510
    Internet Speed
    Optimum Online, fast for US
    Browser
    Pale Moon
    Antivirus
    Kaspersky integrated into ZoneAlarm+Antivirus
I deleted that driver and the reg key. I am unable to get any memory info for you because cpu-z encounters error 0x43c (1084) during initialization and nothing is displayed on the memory tab or the SPD tab.
 

My Computer

System One

  • OS
    Windows 8, Kali
    Computer type
    Laptop
    System Manufacturer/Model
    HP ENVY TouchSmart m6 Sleekbook
    CPU
    i5 4200 u
    Memory
    8gb DDR3 1600
    Graphics Card(s)
    Intel HD 4400
    Browser
    Firefox
    Antivirus
    Defender
Ok, cool for now.

Just wait it out and see how it goes. If it crashes, please re-run the tool again and post the logs, as you did before.

The memory might be set unwell, but we'll see.

Maybe it won't even crash anymore.
 

My Computer

System One

  • OS
    7601.18247.x86fre.win7sp1
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Self-built Intel based
    CPU
    Pentium D 925 3.0 GHz socket 775, Presler @ ~ 3.2 GHz
    Motherboard
    Intel DQ965MT
    Memory
    Hyundai 2 GB DDR2 @ 333 MHz
    Graphics Card(s)
    ASUS DirectCU II HD7790-DC2OC-2GD5 Radeon HD 7790 2GB 128-Bit GDDR5
    Sound Card
    MOTU Traveler firewire interface
    Hard Drives
    1 Seagate Barracuda SATA II system/boot drive 80 GB, 2 Western Digital hdds - 1 is SATA II Caviar Black 1 TB attached to card (assorted media, page, temp), other is SATA I 420 GB (games, media, downloads)
    PSU
    Thermaltake 450W
    Cooling
    stock Gateway cooling, extra large fan in rear of case
    Keyboard
    Alienware/Microsoft Internet kb
    Mouse
    Logitech M510
    Internet Speed
    Optimum Online, fast for US
    Browser
    Pale Moon
    Antivirus
    Kaspersky integrated into ZoneAlarm+Antivirus
special pool detected memory corruption. So I booted, logged in, really slow and sluggish, turned off driver verifier, tried to reboot and got a BSOD with special pool detected memory corruption. So it is restarting again and I'll post the dump file.
 

My Computer

System One

  • OS
    Windows 8, Kali
    Computer type
    Laptop
    System Manufacturer/Model
    HP ENVY TouchSmart m6 Sleekbook
    CPU
    i5 4200 u
    Memory
    8gb DDR3 1600
    Graphics Card(s)
    Intel HD 4400
    Browser
    Firefox
    Antivirus
    Defender
Okay I am logged in and it has not bsod'd so far. Heres the dump file for the last BSOD.
 

My Computer

System One

  • OS
    Windows 8, Kali
    Computer type
    Laptop
    System Manufacturer/Model
    HP ENVY TouchSmart m6 Sleekbook
    CPU
    i5 4200 u
    Memory
    8gb DDR3 1600
    Graphics Card(s)
    Intel HD 4400
    Browser
    Firefox
    Antivirus
    Defender
This WinPcap driver still exists and is active, in your latest crash dump just posted.

Perhaps the software that you installed that installed it too, re-installed it.

Check about that again.

Code:
0: kd> lmvm WPRO_41_2001
start             end                 module name
fffff800`034db000 fffff800`034e7000   WPRO_41_2001   (deferred)             
    Image path: \SystemRoot\system32\drivers\WPRO_41_2001.sys
    Image name: WPRO_41_2001.sys
    Timestamp:        Mon Nov 07 16:04:48 2011 (4EB847F0)
    CheckSum:         00015ADC
    ImageSize:        0000C000
    Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4



What I would do for now too is to remove a stick of RAM. Run the machine like that until you're confident that it is stable.

If it is, replace the RAM with the other stick and try again. See how that goes.

Maybe one of them will crash a lot and the other not. Basically, experiment doing real things that you normally would use the machine for.
 

My Computer

System One

  • OS
    7601.18247.x86fre.win7sp1
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Self-built Intel based
    CPU
    Pentium D 925 3.0 GHz socket 775, Presler @ ~ 3.2 GHz
    Motherboard
    Intel DQ965MT
    Memory
    Hyundai 2 GB DDR2 @ 333 MHz
    Graphics Card(s)
    ASUS DirectCU II HD7790-DC2OC-2GD5 Radeon HD 7790 2GB 128-Bit GDDR5
    Sound Card
    MOTU Traveler firewire interface
    Hard Drives
    1 Seagate Barracuda SATA II system/boot drive 80 GB, 2 Western Digital hdds - 1 is SATA II Caviar Black 1 TB attached to card (assorted media, page, temp), other is SATA I 420 GB (games, media, downloads)
    PSU
    Thermaltake 450W
    Cooling
    stock Gateway cooling, extra large fan in rear of case
    Keyboard
    Alienware/Microsoft Internet kb
    Mouse
    Logitech M510
    Internet Speed
    Optimum Online, fast for US
    Browser
    Pale Moon
    Antivirus
    Kaspersky integrated into ZoneAlarm+Antivirus
What is it associated with? It says it was installed today, so I am unsure of what it is or where it came from.
 

My Computer

System One

  • OS
    Windows 8, Kali
    Computer type
    Laptop
    System Manufacturer/Model
    HP ENVY TouchSmart m6 Sleekbook
    CPU
    i5 4200 u
    Memory
    8gb DDR3 1600
    Graphics Card(s)
    Intel HD 4400
    Browser
    Firefox
    Antivirus
    Defender
Dunno, can't say.

Quite a few machines bsoding have it though, and I don't like the date of it, especially because of its function and type of driver it is.

If you make a screenshot or 2 of your installed software programs, I can probably guess which it is a component of.
 

My Computer

System One

  • OS
    7601.18247.x86fre.win7sp1
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Self-built Intel based
    CPU
    Pentium D 925 3.0 GHz socket 775, Presler @ ~ 3.2 GHz
    Motherboard
    Intel DQ965MT
    Memory
    Hyundai 2 GB DDR2 @ 333 MHz
    Graphics Card(s)
    ASUS DirectCU II HD7790-DC2OC-2GD5 Radeon HD 7790 2GB 128-Bit GDDR5
    Sound Card
    MOTU Traveler firewire interface
    Hard Drives
    1 Seagate Barracuda SATA II system/boot drive 80 GB, 2 Western Digital hdds - 1 is SATA II Caviar Black 1 TB attached to card (assorted media, page, temp), other is SATA I 420 GB (games, media, downloads)
    PSU
    Thermaltake 450W
    Cooling
    stock Gateway cooling, extra large fan in rear of case
    Keyboard
    Alienware/Microsoft Internet kb
    Mouse
    Logitech M510
    Internet Speed
    Optimum Online, fast for US
    Browser
    Pale Moon
    Antivirus
    Kaspersky integrated into ZoneAlarm+Antivirus
Just got another 2 BSOD. One said memory management and the other said irql driver less or not egual to and had iastora.sys in parentheses. This was after I deleted wpro. I will try to get the dump files and the screenshots.
 

My Computer

System One

  • OS
    Windows 8, Kali
    Computer type
    Laptop
    System Manufacturer/Model
    HP ENVY TouchSmart m6 Sleekbook
    CPU
    i5 4200 u
    Memory
    8gb DDR3 1600
    Graphics Card(s)
    Intel HD 4400
    Browser
    Firefox
    Antivirus
    Defender
I am running a malware scan. Just checked with two other computers similar to mine and it doesn't show up on theirs. This installs itself on boot which causes it to BSOD.
 

My Computer

System One

  • OS
    Windows 8, Kali
    Computer type
    Laptop
    System Manufacturer/Model
    HP ENVY TouchSmart m6 Sleekbook
    CPU
    i5 4200 u
    Memory
    8gb DDR3 1600
    Graphics Card(s)
    Intel HD 4400
    Browser
    Firefox
    Antivirus
    Defender
Here's the screenshots of installed programs.
 

My Computer

System One

  • OS
    Windows 8, Kali
    Computer type
    Laptop
    System Manufacturer/Model
    HP ENVY TouchSmart m6 Sleekbook
    CPU
    i5 4200 u
    Memory
    8gb DDR3 1600
    Graphics Card(s)
    Intel HD 4400
    Browser
    Firefox
    Antivirus
    Defender
Ya, it is likely that one stick of RAM is bad (especially because of what you were saying in the OP). The iastora.sys driver you have is good. The machine is almost definitely crashing because of RAM and not drivers.

So, I would do as I said, about running only one stick at a time until you can figure out if one of them crashes while the other does not.

You can visit your motherboard site to download/install latest Intel Rapid Storage driver, but like I said, what you have already is good and it might actually already be the latest.

Could be Pando Media Booster installing the WinPcap driver. It's only a guess though. On the other hand, maybe it is malware installing it on you. It is a very useful tool to any black hat hacker. It can capture all data in or out of your adapter.

Ensure you've set Optimized Defaults in the bios. That should at least try to set the memory as it needs to be, if it is already not.
 

My Computer

System One

  • OS
    7601.18247.x86fre.win7sp1
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Self-built Intel based
    CPU
    Pentium D 925 3.0 GHz socket 775, Presler @ ~ 3.2 GHz
    Motherboard
    Intel DQ965MT
    Memory
    Hyundai 2 GB DDR2 @ 333 MHz
    Graphics Card(s)
    ASUS DirectCU II HD7790-DC2OC-2GD5 Radeon HD 7790 2GB 128-Bit GDDR5
    Sound Card
    MOTU Traveler firewire interface
    Hard Drives
    1 Seagate Barracuda SATA II system/boot drive 80 GB, 2 Western Digital hdds - 1 is SATA II Caviar Black 1 TB attached to card (assorted media, page, temp), other is SATA I 420 GB (games, media, downloads)
    PSU
    Thermaltake 450W
    Cooling
    stock Gateway cooling, extra large fan in rear of case
    Keyboard
    Alienware/Microsoft Internet kb
    Mouse
    Logitech M510
    Internet Speed
    Optimum Online, fast for US
    Browser
    Pale Moon
    Antivirus
    Kaspersky integrated into ZoneAlarm+Antivirus
it's not pando media booster. That is associated with league. Two other systems are running league without that driver. The RAM may be bad, but I already tested each stick individually without any problems, and I tested both sticks without a problem. It may be malware because it will only BSOD after I delete that driver and restart. MBAM should find something.

EDIT: CPU-Z is working now, I will get you those numbers.
 

My Computer

System One

  • OS
    Windows 8, Kali
    Computer type
    Laptop
    System Manufacturer/Model
    HP ENVY TouchSmart m6 Sleekbook
    CPU
    i5 4200 u
    Memory
    8gb DDR3 1600
    Graphics Card(s)
    Intel HD 4400
    Browser
    Firefox
    Antivirus
    Defender
Here is the CPU-Z info
 

My Computer

System One

  • OS
    Windows 8, Kali
    Computer type
    Laptop
    System Manufacturer/Model
    HP ENVY TouchSmart m6 Sleekbook
    CPU
    i5 4200 u
    Memory
    8gb DDR3 1600
    Graphics Card(s)
    Intel HD 4400
    Browser
    Firefox
    Antivirus
    Defender
It may be malware because it will only BSOD after I delete that driver and restart.

EDIT: CPU-Z is working now, I will get you those numbers.

Makes a little sense, being that I didn't like that driver since the first I've ever seen it a couple of days ago when I first started debugging again. The modern WinPcap that would not crash Windows 7 or 8 is npf.sys. I have it and use it, as part of Wireshark.

I don't see the JEDEC for 800 MHz, but going by the other similar ones, I can tell the memory is set decently.

What you can do, for now, is to make a .txt file with Notepad and save it as WPRO_41_2001.txt. Change the .txt to .sys after saving. Move it to the driver folder location C:\Windows\System32\drivers, then set the Security on it to not allow write access to any account.

That should stop anything trying to install a real driver.

Reboot and see if that file is still 0 kb or not.
 

My Computer

System One

  • OS
    7601.18247.x86fre.win7sp1
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Self-built Intel based
    CPU
    Pentium D 925 3.0 GHz socket 775, Presler @ ~ 3.2 GHz
    Motherboard
    Intel DQ965MT
    Memory
    Hyundai 2 GB DDR2 @ 333 MHz
    Graphics Card(s)
    ASUS DirectCU II HD7790-DC2OC-2GD5 Radeon HD 7790 2GB 128-Bit GDDR5
    Sound Card
    MOTU Traveler firewire interface
    Hard Drives
    1 Seagate Barracuda SATA II system/boot drive 80 GB, 2 Western Digital hdds - 1 is SATA II Caviar Black 1 TB attached to card (assorted media, page, temp), other is SATA I 420 GB (games, media, downloads)
    PSU
    Thermaltake 450W
    Cooling
    stock Gateway cooling, extra large fan in rear of case
    Keyboard
    Alienware/Microsoft Internet kb
    Mouse
    Logitech M510
    Internet Speed
    Optimum Online, fast for US
    Browser
    Pale Moon
    Antivirus
    Kaspersky integrated into ZoneAlarm+Antivirus
I'm in safe mode performing a virus scan. Will do that if nothing turns up from MBAM.
 

My Computer

System One

  • OS
    Windows 8, Kali
    Computer type
    Laptop
    System Manufacturer/Model
    HP ENVY TouchSmart m6 Sleekbook
    CPU
    i5 4200 u
    Memory
    8gb DDR3 1600
    Graphics Card(s)
    Intel HD 4400
    Browser
    Firefox
    Antivirus
    Defender
Virus scan didn't detect anything on the c drive. Those other people that are having the BSOD with WPRO, could you post their program lists? I want to see if anything correlates.
 

My Computer

System One

  • OS
    Windows 8, Kali
    Computer type
    Laptop
    System Manufacturer/Model
    HP ENVY TouchSmart m6 Sleekbook
    CPU
    i5 4200 u
    Memory
    8gb DDR3 1600
    Graphics Card(s)
    Intel HD 4400
    Browser
    Firefox
    Antivirus
    Defender

My Computer

System One

  • OS
    7601.18247.x86fre.win7sp1
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Self-built Intel based
    CPU
    Pentium D 925 3.0 GHz socket 775, Presler @ ~ 3.2 GHz
    Motherboard
    Intel DQ965MT
    Memory
    Hyundai 2 GB DDR2 @ 333 MHz
    Graphics Card(s)
    ASUS DirectCU II HD7790-DC2OC-2GD5 Radeon HD 7790 2GB 128-Bit GDDR5
    Sound Card
    MOTU Traveler firewire interface
    Hard Drives
    1 Seagate Barracuda SATA II system/boot drive 80 GB, 2 Western Digital hdds - 1 is SATA II Caviar Black 1 TB attached to card (assorted media, page, temp), other is SATA I 420 GB (games, media, downloads)
    PSU
    Thermaltake 450W
    Cooling
    stock Gateway cooling, extra large fan in rear of case
    Keyboard
    Alienware/Microsoft Internet kb
    Mouse
    Logitech M510
    Internet Speed
    Optimum Online, fast for US
    Browser
    Pale Moon
    Antivirus
    Kaspersky integrated into ZoneAlarm+Antivirus
Back
Top