New system having assorted BSOD's?

NormAtHome

New Member
Messages
28
A couple months ago I put together a new computer with these specs:
  1. Asus M5A99FX Motherboard
  2. AMD FX-4300 3.8Ghz Quad Core CPU
  3. 8GB Corsair Dominator RAM
  4. Thermaltake TR2-600 PSU
  5. Asus Silent 210 Video Card
  6. Windows 8 Professional
  7. Western Digital 1TB Black Hard Drive

It seemed to work fine for the first month and then suddenly every day or two it would throw a BSOD and not always the same one. The various BSOD stop codes have been 0x00000139, 0x0000001a, 0x00000019, 0x00000001, 0x0000000a and as far as I can tell no one happens more than any other. Also not only BSOD's but I've seen a number of disk related errors as well:
A corruption was discovered in the file system structure on volume C:.
A corruption was discovered in the file system structure on volume Boot
The driver detected a controller error on \Device\Harddisk1\DR1​

I believe that the BSOD's preceded the start of the disk related errors. Various things that I've tried to identify a hardware problem:
  1. Ran Seagate Seatools both short and long test and the hard drives passes both
  2. Ran Memtest86+ for a full day with no errors
  3. Updated the Catalyst chipset drivers from the version on the driver cd to the latest available from the AMD website
  4. Swapped the Thermaltake PSU for a Corsair PSU

I've put together four AMD based machines in the last four months with various Asus motherboards and mostly similar specs, the first three have Windows 7 Pro installed and work perfectly but this fourth one nothing I've done has made any difference and I can't find a hardware based problem although I suppose there's always a chance it's a bad CPU or motherboard. If that's the case how would I know that and which part it is?

As per the sticky I've attached the diagnostic information from the SF diagnostic tool, any idea's would be appreciated.

Thanks!

- Norm
 

My Computer

System One

  • OS
    Windows 8
Lot's of Live Kernel Events in the WER section of MSINFO32. Please provide this report so we can see if we can associate these with hardware issues:
Please do the following:
- open Event Viewer (eventvwr.msc)
- expand the Custom Views category (left click on the > next to the words "Custom Views")
- right click on Administrative Events
- select "Save all Events in Custom View as..."
- save the file as Admin.evtx
- zip up the file (right click on it, select "Send to", select "Compressed (zipped) folder")
- upload it with your next post (if it's too big, then upload it to a free file-hosting service and post a link here).

Please start on these free diagnostics also: Hardware Diagnostics (feel free to skip the tests that you've already run - just let us know the results).

Please update these older drivers. Links are included to assist in looking up the source of the drivers. If unable to find an update, please remove (un-install) the program responsible for that driver. DO NOT manually delete/rename the driver as it may make the system unbootable! :

lmimirr.sys Tue Apr 10 18:32:45 2007 (461C108D)
RemotelyAnywhere Mirror Miniport Driver or LogMeIn Mirror Miniport Driver
http://www.carrona.org/drivers/driver.php?id=lmimirr.sys

lmimirr2.dll Tue Apr 10 18:32:46 2007 (461C108E)
LogMeIn Remote Access driver
http://www.carrona.org/drivers/driver.php?id=lmimirr2.dll

LMIRfsDriver.sys Mon Jul 14 12:26:56 2008 (487B7E50)
RemotelyAnywhere Mirror Miniport Driver or LogMeIn Mirror Miniport Driver
http://www.carrona.org/drivers/driver.php?id=LMIRfsDriver.sys

AsUpIO.sys Mon Aug 2 22:47:59 2010 (4C57835F)
ASUS hardware monitoring software related
http://www.carrona.org/drivers/driver.php?id=AsUpIO.sys

ASUSFILTER.sys Tue Sep 20 11:46:33 2011 (4E78B559)
ASUS USB Hub filter driver
http://www.carrona.org/drivers/driver.php?id=ASUSFILTER.sys

AiChargerPlus.sys Wed Apr 18 21:17:35 2012 (4F8F67AF)
Asus Charger Driver [br] Likely BSOD cause - haven't seen recently (15Jan2013)
http://www.carrona.org/drivers/driver.php?id=AiChargerPlus.sys



Analysis:
The following is for informational purposes only.
Code:
[font=lucida console]**************************Thu Aug  1 02:06:54.021 2013 (UTC - 4:00)**************************
Loading Dump File [C:\Users\John\SysnativeBSODApps\080113-30498-01.dmp]
Windows 8 Kernel Version 9200 MP (4 procs) Free x64
Built by: [B]9200[/B].16628.amd64fre.win8_gdr.130531-1504
System Uptime:[B]0 days 9:40:07.707[/B]
Probably caused by :[B]ntkrnlmp.exe ( nt!ExpInterlockedPopEntrySListFault16+0 )[/B]
BugCheck [B]1E, {ffffffffc0000005, fffff8038be66df5, 0, ffffffffffffffff}[/B]
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x0000001E]KMODE_EXCEPTION_NOT_HANDLED (1e)[/url]
Arguments: 
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff8038be66df5, The address that the exception occurred at
Arg3: 0000000000000000, Parameter 0 of the exception
Arg4: ffffffffffffffff, Parameter 1 of the exception
BUGCHECK_STR:  0x1E_c0000005_R
PROCESS_NAME:  svchost.exe
FAILURE_BUCKET_ID: [B]0x1E_c0000005_R_nt!ExpInterlockedPopEntrySListFault16[/B]
  BIOS Version                  1708
  BIOS Release Date             04/10/2013
  Manufacturer                  To be filled by O.E.M.
  Product Name                  To be filled by O.E.M.
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Tue Jul 30 23:47:00.343 2013 (UTC - 4:00)**************************
Loading Dump File [C:\Users\John\SysnativeBSODApps\073013-29811-01.dmp]
Windows 8 Kernel Version 9200 MP (4 procs) Free x64
Built by: [B]9200[/B].16628.amd64fre.win8_gdr.130531-1504
System Uptime:[B]0 days 0:01:24.039[/B]
Probably caused by :[B]Unknown_Image ( ANALYSIS_INCONCLUSIVE )[/B]
BugCheck [B]19, {3, fffff8a0029f0af0, 0, fffff8a0029f0af0}[/B]
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x00000019]BAD_POOL_HEADER (19)[/url]
Arguments: 
Arg1: 0000000000000003, the pool freelist is corrupt.
Arg2: fffff8a0029f0af0, the pool entry being checked.
Arg3: 0000000000000000, the read back flink freelist value (should be the same as 2).
Arg4: fffff8a0029f0af0, the read back blink freelist value (should be the same as 2).
BUGCHECK_STR:  0x19_3
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Tue Jul 30 23:44:38.006 2013 (UTC - 4:00)**************************
Loading Dump File [C:\Users\John\SysnativeBSODApps\073013-24414-01.dmp]
Windows 8 Kernel Version 9200 MP (4 procs) Free x64
Built by: [B]9200[/B].16628.amd64fre.win8_gdr.130531-1504
System Uptime:[B]0 days 7:19:20.701[/B]
Probably caused by :[B]Pool_Corruption ( nt!ExDeferredFreePool+4da )[/B]
BugCheck [B]139, {3, fffff88005b10750, fffff88005b106a8, 0}[/B]
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x00000139]KERNEL_SECURITY_CHECK_FAILURE (139)[/url]
Arguments: 
Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
Arg2: fffff88005b10750, Address of the trap frame for the exception that caused the bugcheck
Arg3: fffff88005b106a8, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved
BUGCHECK_STR:  0x139
DEFAULT_BUCKET_ID:  LIST_ENTRY_CORRUPT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: [B]0x139_3_nt!ExDeferredFreePool[/B]
  BIOS Version                  1708
  BIOS Release Date             04/10/2013
  Manufacturer                  To be filled by O.E.M.
  Product Name                  To be filled by O.E.M.
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Fri Jul 26 08:01:21.998 2013 (UTC - 4:00)**************************
Loading Dump File [C:\Users\John\SysnativeBSODApps\072613-32058-01.dmp]
Windows 8 Kernel Version 9200 MP (4 procs) Free x64
Built by: [B]9200[/B].16628.amd64fre.win8_gdr.130531-1504
System Uptime:[B]0 days 15:40:41.698[/B]
Probably caused by :[B]ntkrnlmp.exe ( nt!KiSystemServiceExit+24b )[/B]
BugCheck [B]1, {7fbeb8d118a, 0, ffff0000, fffff8800b82fb80}[/B]
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x00000001]APC_INDEX_MISMATCH (1)[/url]
Arguments: 
Arg1: 000007fbeb8d118a, Address of system call function or worker routine
Arg2: 0000000000000000, Thread->ApcStateIndex
Arg3: 00000000ffff0000, (Thread->SpecialApcDisable << 16) | Thread->KernelApcDisable
Arg4: fffff8800b82fb80, Call type (0 - system call, 1 - worker routine)
BUGCHECK_STR:  0x1
DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT
PROCESS_NAME:  dwm.exe
FAILURE_BUCKET_ID: [B]0x1_SysCallNum_11cd_nt!KiSystemServiceExit[/B]
  BIOS Version                  1708
  BIOS Release Date             04/10/2013
  Manufacturer                  To be filled by O.E.M.
  Product Name                  To be filled by O.E.M.
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
[/font]

3rd Party Drivers:
The following is for information purposes only.
Any drivers in red should be updated or removed from your system. And should have been discussed in the body of my post.
Code:
[font=lucida console]**************************Thu Aug  1 02:06:54.021 2013 (UTC - 4:00)**************************
[COLOR=RED][B]lmimirr.sys          Tue Apr 10 18:32:45 2007 (461C108D)[/B][/COLOR]
[COLOR=RED][B]LMIRfsDriver.sys     Mon Jul 14 12:26:56 2008 (487B7E50)[/B][/COLOR]
[COLOR=RED][B]AsUpIO.sys           Mon Aug  2 22:47:59 2010 (4C57835F)[/B][/COLOR]
[COLOR=RED][B]ASUSFILTER.sys       Tue Sep 20 11:46:33 2011 (4E78B559)[/B][/COLOR]
asahci64.sys         Thu Jan  5 00:08:19 2012 (4F053043)
epfwwfpr.sys         Fri Mar 23 12:08:14 2012 (4F6C9FEE)
ehdrv.sys            Fri Mar 23 12:13:29 2012 (4F6CA129)
[COLOR=RED][B]AiChargerPlus.sys    Wed Apr 18 21:17:35 2012 (4F8F67AF)[/B][/COLOR]
GEARAspiWDM.sys      Thu May  3 15:56:17 2012 (4FA2E2E1)
ndisrd.sys           Wed May 30 23:03:33 2012 (4FC6DF85)
nvhda64v.sys         Tue Jul  3 11:25:04 2012 (4FF30ED0)
eamonm.sys           Wed Jul  4 04:07:45 2012 (4FF3F9D1)
lunparser.sys        Wed Jul 25 22:28:26 2012 (5010AB4A)
passthruparser.sys   Wed Jul 25 22:28:35 2012 (5010AB53)
vhdparser.sys        Wed Jul 25 22:28:37 2012 (5010AB55)
Rt630x64.sys         Mon Jul 30 12:03:12 2012 (5016B040)
RTKVHD64.sys         Tue Aug  7 06:49:39 2012 (5020F2C3)
asmtxhci.sys         Mon Aug 20 08:28:15 2012 (50322D5F)
asmthub3.sys         Mon Aug 20 08:28:29 2012 (50322D6D)
AsIO.sys             Wed Aug 22 05:54:47 2012 (5034AC67)
usbfilter.sys        Tue Aug 28 21:27:12 2012 (503D6FF0)
amd_sata.sys         Mon Sep 17 04:40:39 2012 (5056E207)
amd_xata.sys         Mon Sep 17 04:40:43 2012 (5056E20B)
RaInfo.sys           Fri Jan 11 07:19:28 2013 (50F00350)
nvlddmkm.sys         Fri Jan 18 08:22:15 2013 (50F94C87)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Fri Jul 26 08:01:21.998 2013 (UTC - 4:00)**************************
[COLOR=RED][B]lmimirr2.dll         Tue Apr 10 18:32:46 2007 (461C108E)[/B][/COLOR]
[/font]
http://www.carrona.org/drivers/driver.php?id=lmimirr.sys
http://www.carrona.org/drivers/driver.php?id=LMIRfsDriver.sys
http://www.carrona.org/drivers/driver.php?id=AsUpIO.sys
http://www.carrona.org/drivers/driver.php?id=ASUSFILTER.sys
http://www.carrona.org/drivers/driver.php?id=asahci64.sys
http://www.carrona.org/drivers/driver.php?id=epfwwfpr.sys
http://www.carrona.org/drivers/driver.php?id=ehdrv.sys
http://www.carrona.org/drivers/driver.php?id=AiChargerPlus.sys
http://www.carrona.org/drivers/driver.php?id=GEARAspiWDM.sys
http://www.carrona.org/drivers/driver.php?id=ndisrd.sys
http://www.carrona.org/drivers/driver.php?id=nvhda64v.sys
http://www.carrona.org/drivers/driver.php?id=eamonm.sys
lunparser.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
passthruparser.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
vhdparser.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=Rt630x64.sys
http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
http://www.carrona.org/drivers/driver.php?id=asmtxhci.sys
http://www.carrona.org/drivers/driver.php?id=asmthub3.sys
http://www.carrona.org/drivers/driver.php?id=AsIO.sys
http://www.carrona.org/drivers/driver.php?id=usbfilter.sys
http://www.carrona.org/drivers/driver.php?id=amd_sata.sys
http://www.carrona.org/drivers/driver.php?id=amd_xata.sys
http://www.carrona.org/drivers/driver.php?id=RaInfo.sys
http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
http://www.carrona.org/drivers/driver.php?id=lmimirr2.dll
 

My Computer

System One

  • OS
    Win8.1Pro - Finally!!!
    Computer type
    Laptop
    System Manufacturer/Model
    Samsung/NP780
    CPU
    Came with the laptop (i7 of some sort)
    Motherboard
    Pretty sure that it has one, but haven't checked inside the case!
    Memory
    upgraded to 12 gB from 8 gB
    Graphics Card(s)
    has switchable - Intel/ATI - Used wrong drivers, now ATI card is inop :( Will have to fix it soon!
    Sound Card
    I'm nearly deaf, so this isn't used often
    Monitor(s) Displays
    Touchscreen on laptop/32" Toshiba on HDMI (laid the Sharp TV on a mouse and cracked the screen!)
    Screen Resolution
    800x600
    Hard Drives
    One Samsung 1tB drive - 5400 rpm. Gonna switch to a 7200/10000 rpm or an SSD (if I can find $500 for a 1tB SSD!)
    - Switched to 500 gB Samsung 840 series SSD - WOW!!!
    PSU
    Why do we ask this for laptops?
    Case
    Silver with a neat Samsung logo
    Cooling
    sub-par, gotta get around to working on it soon Worked on it - still sub-par! :(
    Keyboard
    Microsoft Natural - the same one I've used since it orignally came out around 1995
    Mouse
    no Mouse - Trackball!!!!
    Internet Speed
    too slow when I'm waiting for a download to finish
    Browser
    Yes, I use this (Firefox mostly, w/IE next most)
    Antivirus
    Windows Defender and Windows Firewall
    Other Info
    I'm handsome and a snappy dresser :0)
I've attached a zipped copy of the Administrative Events that you requested.

In terms of hardware diagnostics, I've run Memtest86+, Seatools, the system has had Eset Endpoint Anti-virus on it since the system was setup, I've scanned with Eset, TDSKiller, Malwarebytes, Spybot Search and Destroy and this system is clean of any virus or malware and never had any to begin with. The system has the Asus AISuite installed which includes a temperature and voltage monitoring panel and I can't see that there's any temperature or voltage problems but then again I'm not looking at that the second that the BSOD's happen. That's pretty much everything that you outline on the hardware diagnostics page you directed me to, is there anything that I missed?

I'm looking at the list of drivers that you gave me to update:

As far as the three LogMeIn drivers go, I opened LogMeIn and went to "about" and update and it says that it's running the latest version. If I try and follow the link you supplied and follow it to your website it then links to a generic support page on the LogMeIn website https://secure.logmein.com/support/ and there's no information about any updates for these drivers?

You also mention three files that are part of the Asus software utilities for this motherboard, for example AsUpIO.sys is part of the AISuite and I currently have the latest version 2.01.01 available from the Asus web site installed on this computer so if there's a newer version I have no idea where to get it from?

Ideas?

- Norm
 

My Computer

System One

  • OS
    Windows 8
Sorry, one other thing that I wanted to mention that's really puzzling me. There is an event mentioned in the system log "The @(BrandName) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion". I can't figure out what this service is and which software installed it, I've Googled on it and there's simply no information on it. If I open services.msc and look at it it says Name: @(BrandName) Description "Helps protect against viruses, and other potentially unwanted software" and in status it's not running. None of the other computers which run Windows 7 have such a service and my own personal Windows 8 machine (which uses an Intel platform rather than an AMD) and on which I have the same version of the Eset Endpoint Anti-Virus does not have such a service.

Have you ever seen or heard of this service?
 

My Computer

System One

  • OS
    Windows 8
Sorry, one other thing: The latest available chipset drivers for this board on the Asus site were 9.01 but I double checked just now on the AMD website and the latest version available for the 990FX/SB950 is 13.4. I'm not sure but at one point while I was working on these problems I had updated to a version from the AMD site (not sure if it was this 13.4 or not) and if anything I had more problems and went back to the 9.1 version from the Asus website. So I just installed the 13.4 and we'll see what happens but I'm not counting on this fixing anything.
 

My Computer

System One

  • OS
    Windows 8
Just FYI - a lot of the issues we discover are done by looking at the dates of the drivers. While these may be the most current drivers, or they may be compatible drivers - their age makes them suspicious. For example, how would one be sure that a driver developed in 2007 is compatible with Win8 (which was released in 2012)? And, if thoroughly tested, why not update the driver while you're working with it - even if it is only to update the version/date to reflect the additional testing that was done?

The good thing here is that it's easy to remove LogMeIn. And then, if you need it later on, you can easily reinstall it.
The same thing goes for Asus utilities - easy to uninstall, then easy to reinstall if needed (DO NOT REMOVE the ASUS ATK0110 ACPI Utility driver (ASACPI.sys) - frequently Windows Update will install an older driver if you allow it)

As for the hardware diagnostics, please also run the video stress tests and a couple of the CPU stress tests.

Open services.msc and right click on the @(BrandName) and select Properties.
Copy down the "Path to executable" string and post it here
Also look at the other tabs to see if there's any hint there of what it belongs to.

Then find the file named in "Path to executable", right click on it and select "Properties"
Then select the Details tab and see if there's any identifying info there.

The Kernel Event errors are suggestive of a hardware problem, and there are some file system/disk errors also. This is (IMO) suggestive of a motherboard issue (since you've passed the hard drive diagnostics) - but this isn't a definitive diagnostic. Having issues with chipset drivers also tends to support this. We'll have to wait for more BSOD's before venturing in that direction tho'.
 

My Computer

System One

  • OS
    Win8.1Pro - Finally!!!
    Computer type
    Laptop
    System Manufacturer/Model
    Samsung/NP780
    CPU
    Came with the laptop (i7 of some sort)
    Motherboard
    Pretty sure that it has one, but haven't checked inside the case!
    Memory
    upgraded to 12 gB from 8 gB
    Graphics Card(s)
    has switchable - Intel/ATI - Used wrong drivers, now ATI card is inop :( Will have to fix it soon!
    Sound Card
    I'm nearly deaf, so this isn't used often
    Monitor(s) Displays
    Touchscreen on laptop/32" Toshiba on HDMI (laid the Sharp TV on a mouse and cracked the screen!)
    Screen Resolution
    800x600
    Hard Drives
    One Samsung 1tB drive - 5400 rpm. Gonna switch to a 7200/10000 rpm or an SSD (if I can find $500 for a 1tB SSD!)
    - Switched to 500 gB Samsung 840 series SSD - WOW!!!
    PSU
    Why do we ask this for laptops?
    Case
    Silver with a neat Samsung logo
    Cooling
    sub-par, gotta get around to working on it soon Worked on it - still sub-par! :(
    Keyboard
    Microsoft Natural - the same one I've used since it orignally came out around 1995
    Mouse
    no Mouse - Trackball!!!!
    Internet Speed
    too slow when I'm waiting for a download to finish
    Browser
    Yes, I use this (Firefox mostly, w/IE next most)
    Antivirus
    Windows Defender and Windows Firewall
    Other Info
    I'm handsome and a snappy dresser :0)
If I could find newer versions of these drivers I would certainly install them, the problem with removing logmein is that I'm not at the site every day and I've been working on it and getting the various data you've requested by remote using logmein. So if I remove it then I'm unable to work on the system without going there in person and that can be problematic. The person that this computer belongs to is like a dispatching manager and his job depends on constantly having access to his email and Quickbooks and it's very hard for me to get on there during the day. I could try using an alternate remote access program like UltraVnc or remote desktop.

In regards to the @(BrandName) service, the path to executable is C:\Windows\System32\svchost.exe -k secsvcs.

I'll keep on top of this as the week progresses, run those additional diagnostics and let you know if the updated chipset drivers made any difference.
 

My Computer

System One

  • OS
    Windows 8
If you're using LogMeIn to troubleshoot, then you do need a remote solution of some sort.
Try using TeamViewer - and once logged in w/TeamViewer then you can remove the LogMeIn
But this isn't (IMO) a very high priority, so take your time with it.

As for the @(BrandName) thing, I suspect it's a remnant of an attempt to brand Windows Defender (maybe an old virus infection that was removed?). But as it's not running, I'd just disable the service in order to stop the errors from popping up. If the errors continue after that, then there's something else enabling it.

I found this while searching the web: http://www.eightforums.com/system-security/29516-another-waaa-windows-8-wont-start-thread.html
Please note item 10 in the first post:
The registry key for Windows Defender at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend DOES have "$(BrandName)" as the "Display Name"
My system shows "@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310"
as the "Display Name"

This post seems to say that it's a remnant of an infection (review Post #1, then start with Post #10 to get to the Windows Defender issues): Lost Windows Defender service in Win8 - Am I infected? What do I do? Try messing with the WinDefend key (make a backup first) - if it has editing problems, then it's likely to be due to an incomplete malware "fix"

Just FYI - updating the drivers is the first step. This helps us to rule out problem 3rd party drivers (most BSOD's are due to this)
Then, if the BSOD's continue, we start looking at hardware problems.
Lastly, we look at Windows issues - because problems due to Windows (presuming it's fully updated) are much less likely than the other 2 (3rd party drivers or hardware).
 

My Computer

System One

  • OS
    Win8.1Pro - Finally!!!
    Computer type
    Laptop
    System Manufacturer/Model
    Samsung/NP780
    CPU
    Came with the laptop (i7 of some sort)
    Motherboard
    Pretty sure that it has one, but haven't checked inside the case!
    Memory
    upgraded to 12 gB from 8 gB
    Graphics Card(s)
    has switchable - Intel/ATI - Used wrong drivers, now ATI card is inop :( Will have to fix it soon!
    Sound Card
    I'm nearly deaf, so this isn't used often
    Monitor(s) Displays
    Touchscreen on laptop/32" Toshiba on HDMI (laid the Sharp TV on a mouse and cracked the screen!)
    Screen Resolution
    800x600
    Hard Drives
    One Samsung 1tB drive - 5400 rpm. Gonna switch to a 7200/10000 rpm or an SSD (if I can find $500 for a 1tB SSD!)
    - Switched to 500 gB Samsung 840 series SSD - WOW!!!
    PSU
    Why do we ask this for laptops?
    Case
    Silver with a neat Samsung logo
    Cooling
    sub-par, gotta get around to working on it soon Worked on it - still sub-par! :(
    Keyboard
    Microsoft Natural - the same one I've used since it orignally came out around 1995
    Mouse
    no Mouse - Trackball!!!!
    Internet Speed
    too slow when I'm waiting for a download to finish
    Browser
    Yes, I use this (Firefox mostly, w/IE next most)
    Antivirus
    Windows Defender and Windows Firewall
    Other Info
    I'm handsome and a snappy dresser :0)
I'll try TeamViewer as an alternative first chance I get but I'd like to point out that I have the same version of LogMeIn installed on my own machine running Windows 8 Pro and I'm not experiencing any BSOD's, although I am experiencing some of the same disk related errors which I posted about here:
http://www.eightforums.com/bsod-cra...sk-errors-but-disks-test-good.html#post269122

I'm still trying to figure out what is going on with the @(BrandName) service, when I open services.msc and go to properties it's listed as Stopped and the startup type is grayed out and I can't change it to disabled. I looked at the key you mentioned HKLM\System\CurrentControlSet\Services\WinDefend and none of the entries under that have any reference to BrandName. The only reference I can find to this service in the registry is in these two keys:
HKU\.default\Software\Local Settings\MuiCache\11a\52C64B7E and the key value is:
Value Name: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 Value Data: @(BrandName)
HKU\S-1-5-18\Software\Classes\Local Settings\MuiCache\11a\52C64B7E
Value Name: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 Value Data: @(BrandName)

I agree that this is suspicious but I've scanned with ESet, ComboFix, Malwarebytes, TDSKiller and Spybot search and destroy and the system is clean. Also keep in mind this is an office computer and the person using it is a responsible businessman and I sincerely doubt that he surfs questionable web sites and downloads questionable material.

As I mentioned I did update to the latest chipset drivers last night and today I did stop by for a few minutes and flashed the system to the latest bios 1903 which were just release on 8/1/13. I'm looking at the system log and I only see one disk related error "The IO operation at logical block address 0 for Disk 1 was retried." and I'm not sure judging by the timestamp if that was before or after I did the bios update but one is certainly an improvement over the dozens that I had previously and I thankfully don't see any errors about ntfs corruption.

Also there didn't appear to be any BSOD's during the course of the day so I'll need to monitor this and see if there's any improvement in this situation.

I'm also seeing one warning and one critical error in the system log for today:
Log Name: System
Source: Microsoft-Windows-Kernel-PnP
Date: 8/19/2013 1:58:25 PM
Event ID: 219
Task Category: (212)
Level: Warning
Keywords:
User: SYSTEM
Computer: Jim-PC
Description:
The driver \Driver\WudfRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_MATSHITA&PROD_DMC-FH5&REV_0100#0000000000000000001X1201190465&0#.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Kernel-PnP" Guid="{9C205A39-1250-487D-ABD7-E831C6290539}" />
<EventID>219</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>212</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2013-08-19T17:58:25.582012800Z" />
<EventRecordID>10678</EventRecordID>
<Correlation />
<Execution ProcessID="4" ThreadID="6712" />
<Channel>System</Channel>
<Computer>Jim-PC</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="DriverNameLength">131</Data>
<Data Name="DriverName">WpdBusEnumRoot\UMB\2&amp;37c186b&amp;0&amp;STORAGE#VOLUME#_??_USBSTOR#DISK&amp;VEN_MATSHITA&amp;PROD_DMC-FH5&amp;REV_0100#0000000000000000001X1201190465&amp;0#</Data>
<Data Name="Status">3221226341</Data>
<Data Name="FailureNameLength">14</Data>
<Data Name="FailureName">\Driver\WudfRd</Data>
<Data Name="Version">0</Data>
</EventData>
</Event>

Also this critical error:

Log Name: System
Source: Microsoft-Windows-DriverFrameworks-UserMode
Date: 8/19/2013 11:28:42 AM
Event ID: 10111
Task Category: User-mode Driver problems.
Level: Critical
Keywords:
User: SYSTEM
Computer: Jim-PC
Description:
The device WPD FileSystem Volume Driver (location (unknown)) is offline due to a user-mode driver crash. Windows will attempt to restart the device 5 more times. Please contact the device manufacturer for more information about this problem.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DriverFrameworks-UserMode" Guid="{2E35AAEB-857F-4BEB-A418-2E6C0E54D988}" />
<EventID>10111</EventID>
<Version>1</Version>
<Level>1</Level>
<Task>64</Task>
<Opcode>0</Opcode>
<Keywords>0x2000000000000000</Keywords>
<TimeCreated SystemTime="2013-08-19T15:28:42.392313500Z" />
<EventRecordID>10593</EventRecordID>
<Correlation />
<Execution ProcessID="1084" ThreadID="1832" />
<Channel>System</Channel>
<Computer>Jim-PC</Computer>
<Security UserID="S-1-5-18" />
</System>
<UserData>
<UmdfDeviceOffline lifetime="{BBF4FD98-7741-46E8-9BE8-5DFC2779F0C3}" xmlns:auto-ns2="http://schemas.microsoft.com/win/2004/08/events" xmlns="http://www.microsoft.com/DriverFrameworks/UserMode/Event">
<DeviceInfo>
<FriendlyName>WPD FileSystem Volume Driver</FriendlyName>
<Location>(unknown)</Location>
<InstanceId>WPDBUSENUMROOT\UMB\2&amp;37C186B&amp;0&amp;STORAGE#VOLUME#_??_USBSTOR#DISK&amp;VEN_SANDISK&amp;PROD_CRUZER_BLADE&amp;REV_1.00#20053146930EF1A13E04&amp;0#</InstanceId>
</DeviceInfo>
<RestartCount>5</RestartCount>
</UmdfDeviceOffline>
</UserData>
</Event>

I don't know what to make of the warning but this critical error concerns me, maybe it's been caused by the corruptions of the file system and the controller errors that I mentioned in my first post. Any idea's how to repair this problem?

Thanks,

- Norm
 

My Computer

System One

  • OS
    Windows 8
BSOD's are actually fairly rare items - and you'll find that many, many people are able to use the same drivers without issue. Until something (unknown) occurs. As an example, I had the infamous 2005 version of ASACPI.sys on my system for years without any issues - but during that time we fixed quite a few systems by updating that driver.

In the case of LogMeIn, I haven't found that many issues with it - but I suggest removing it simply to see if that helps stop the BSOD's. I chose it because of it being an older driver, not because of any problems were seen.

I suspect that this system was infected at one point, and the infection was cleaned.
While the cleaning appears to have removed all known traces of the virus, the damage it caused could still be present in the system (we see this often when removing malware at work). This damage can be erroneous registry entries, bad system settings, and damaged file and registry permissions (among other things). The damage isn't noticeable until you try to do something and can't.

In these cases (at work) we contact the customer (after trying to fix the error and failing) and let them make the decision. We tell them that there is some damage to the system. We describe the error and let them choose to accept the error "as is", or to wipe and reinstall Windows (at no additional cost). Obviously we caution them that this is a concern security-wise, and that they should be cautious with personal info on the system because of this.

The Warning Event from Event Viewer:

The "The IO operation at logical block address 0 for Disk 1 was retried." isn't a concern unless it repeats a lot - or if it failed. I'd be more inclined to wonder what's doing IO at block address 0 (the first block on the drive)? But I'm not a disk hardware expert, so I'll leave that to others who are more qualified.

The Warning event says this (in part): USBSTOR#DISK&VEN_MATSHITA
Does the system have a USB CD/DVD drive attached?
This is only a "Warning" event but it's good to know in case it's followed by similar "Error" or "Critical" event problems

The Critical Event from Event Viewer:

In the next event, the Critical event says "USBSTOR#DISK&amp;VEN_SANDI SK&amp;PROD_CRUZER_BLADE"
Now it's up to us to see if the Warning event relates to this device, if these are 2 separate errors, or if this is an issue with the USB ports/drivers.

First thing to note is this: "Windows will attempt to restart the device 5 more times."
Are there any more Critical errors? If not, then it probably resolved itself.
You may want to search the Event Viewer log for "Information" items just after this "Critcal" event to see if you can locate a successful load (normally I don't worry about User mode driver problems as I specialize in BSOD stuff - which occurs in kernel mode).

Again, if it's resolved itself - there's nothing that you need to do.

At the end it all boils down to - are the problems solved?
With BSOD's I figure it's probably fixed if the user doesn't see a BSOD in a week
I'll call it "fixed" if the user doesn't see a BSOD in over 2 weeks
But this also depends on the frequency that the BSOD's were occurring (if they only occurred once a month, then obviously we'll have to wait longer to see if they've stopped).

As for other errors, it's the same basic thing - waiting to be sure that they don't re-appear.

Good luck!
 

My Computer

System One

  • OS
    Win8.1Pro - Finally!!!
    Computer type
    Laptop
    System Manufacturer/Model
    Samsung/NP780
    CPU
    Came with the laptop (i7 of some sort)
    Motherboard
    Pretty sure that it has one, but haven't checked inside the case!
    Memory
    upgraded to 12 gB from 8 gB
    Graphics Card(s)
    has switchable - Intel/ATI - Used wrong drivers, now ATI card is inop :( Will have to fix it soon!
    Sound Card
    I'm nearly deaf, so this isn't used often
    Monitor(s) Displays
    Touchscreen on laptop/32" Toshiba on HDMI (laid the Sharp TV on a mouse and cracked the screen!)
    Screen Resolution
    800x600
    Hard Drives
    One Samsung 1tB drive - 5400 rpm. Gonna switch to a 7200/10000 rpm or an SSD (if I can find $500 for a 1tB SSD!)
    - Switched to 500 gB Samsung 840 series SSD - WOW!!!
    PSU
    Why do we ask this for laptops?
    Case
    Silver with a neat Samsung logo
    Cooling
    sub-par, gotta get around to working on it soon Worked on it - still sub-par! :(
    Keyboard
    Microsoft Natural - the same one I've used since it orignally came out around 1995
    Mouse
    no Mouse - Trackball!!!!
    Internet Speed
    too slow when I'm waiting for a download to finish
    Browser
    Yes, I use this (Firefox mostly, w/IE next most)
    Antivirus
    Windows Defender and Windows Firewall
    Other Info
    I'm handsome and a snappy dresser :0)
Back
Top