Solved BSOD can't point to specific cause (Dump inside)

kurgelis

New Member
Messages
2
Hello,
I'm sorry to bother you helpful people, but it seems that my Laptop (Asus X550L, Win 8.1) has been having random BSODs regardless of what I am doing. Hopefully I'll manage to upload the dump correctly :p

Thank you in advance!
 

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    Laptop
    System Manufacturer/Model
    Asus X550L
    Antivirus
    Kaspersky
Hi Kurgelis & Welcome to the forums ^_^,

I have analyzed your dump files and below has been provided an analysis of the same for informative purposes :-
Code:
********************************************************************************                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************


KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure.  The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
Arg2: ffffd00023eecc30, Address of the trap frame for the exception that caused the bugcheck
Arg3: ffffd00023eecb88, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved


Debugging Details:
------------------




TRAP_FRAME:  ffffd00023eecc30 -- (.trap 0xffffd00023eecc30)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=ffffe001a29c55a0 rbx=0000000000000000 rcx=0000000000000003
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff801bf901bc9 rsp=ffffd00023eecdc0 rbp=ffffe0019d2fd100
 r8=ffffd00023eecde0  r9=000000000000148f r10=ffffe0019d6abd00
r11=00000000000048c5 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz na pe cy
[COLOR=#ff0000][B][U]gwdrv+0x2bc9[/U][/B][/COLOR]:
fffff801`bf901bc9 ??              ???
Resetting default scope


EXCEPTION_RECORD:  ffffd00023eecb88 -- (.exr 0xffffd00023eecb88)
ExceptionAddress: fffff801bf901bc9 (gwdrv+0x0000000000002bc9)
   ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
  ExceptionFlags: 00000001
NumberParameters: 1
   Parameter[0]: 0000000000000003


CUSTOMER_CRASH_COUNT:  1


DEFAULT_BUCKET_ID:  LIST_ENTRY_CORRUPT


BUGCHECK_STR:  0x139


PROCESS_NAME:  System


CURRENT_IRQL:  2


ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.


EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.


EXCEPTION_PARAMETER1:  0000000000000003


ANALYSIS_VERSION: 6.3.9600.17237 (debuggers(dbg).140716-0327) amd64fre


LAST_CONTROL_TRANSFER:  from fffff800fa1d1ae9 to fffff800fa1c5fa0


STACK_TEXT:  
ffffd000`23eec908 fffff800`fa1d1ae9 : 00000000`00000139 00000000`00000003 ffffd000`23eecc30 ffffd000`23eecb88 : nt!KeBugCheckEx
ffffd000`23eec910 fffff800`fa1d1e10 : ffffd000`23eecca3 ffffe001`a1f69738 00000000`00000000 ffffd000`23eecb80 : nt!KiBugCheckDispatch+0x69
ffffd000`23eeca50 fffff800`fa1d1034 : 00000000`00000004 00000000`00015d9c ffffe001`9d574f50 00000000`00000000 : nt!KiFastFailDispatch+0xd0
ffffd000`23eecc30 fffff801`bf901bc9 : ffffe001`9d201c20 ffffd000`00000000 ffffe001`9dc1c960 ffffe001`9cec37a0 : nt!KiRaiseSecurityCheckFailure+0xf4
ffffd000`23eecdc0 ffffe001`9d201c20 : ffffd000`00000000 ffffe001`9dc1c960 ffffe001`9cec37a0 00000000`00000000 : gwdrv+0x2bc9
ffffd000`23eecdc8 ffffd000`00000000 : ffffe001`9dc1c960 ffffe001`9cec37a0 00000000`00000000 ffffe001`9dc1c978 : 0xffffe001`9d201c20
ffffd000`23eecdd0 ffffe001`9dc1c960 : ffffe001`9cec37a0 00000000`00000000 ffffe001`9dc1c978 00000000`00000002 : 0xffffd000`00000000
ffffd000`23eecdd8 ffffe001`9cec37a0 : 00000000`00000000 ffffe001`9dc1c978 00000000`00000002 ffffe001`a2963200 : 0xffffe001`9dc1c960
ffffd000`23eecde0 00000000`00000000 : ffffe001`9dc1c978 00000000`00000002 ffffe001`a2963200 00000000`00000000 : 0xffffe001`9cec37a0




STACK_COMMAND:  kb


FOLLOWUP_IP: 
gwdrv+2bc9
fffff801`bf901bc9 ??              ???


SYMBOL_STACK_INDEX:  4


SYMBOL_NAME:  gwdrv+2bc9


FOLLOWUP_NAME:  MachineOwner


MODULE_NAME: gwdrv


IMAGE_NAME:  gwdrv.sys


DEBUG_FLR_IMAGE_TIMESTAMP:  53f5af9f


FAILURE_BUCKET_ID:  0x139_3_gwdrv+2bc9


BUCKET_ID:  0x139_3_gwdrv+2bc9


ANALYSIS_SOURCE:  KM


FAILURE_ID_HASH_STRING:  km:0x139_3_gwdrv+2bc9


FAILURE_ID_HASH:  {02eabad7-6b06-703c-84f0-43b530fb44df}


Followup: MachineOwner
---------
According to the Dump file, the "gwdrv.sys" was blamed which is the GlassWire Driver. I would suggest you to uninstall this Program.

Below is a list of the 3rd party drivers present on your system :-
Code:
**************************Wed Sep 10 23:23:24.514 2014 (UTC + 5:30)**************************
ASMMAP64.sys                Thu Jul  2 14:43:26 2009 (4A4C7A36)
atkwmiacpi64.sys            Wed Sep  7 07:14:52 2011 (4E66CC94)
BtAudioBus.sys              Fri Jun 15 08:47:09 2012 (4FDAA935)
BtL2caScoIf.sys             Thu Jul 19 15:17:36 2012 (5007D7B8)
kbfiltr.sys                 Thu Aug  2 08:52:22 2012 (5019F26E)
IntcDAud.sys                Fri Jan 11 19:25:16 2013 (50F019C4)
rtbth.sys                   Wed Mar  6 13:44:39 2013 (5136FAEF)
RtsPer.sys                  Fri Mar  8 14:37:42 2013 (5139AA5E)
IvtUrbBtFlt.sys             Mon Mar 25 08:30:36 2013 (514FBDD4)
DptfDevDram.sys             Tue Apr  9 04:55:01 2013 (516351CD)
DptfDevPch.sys              Tue Apr  9 04:55:04 2013 (516351D0)
DptfDevProc.sys             Tue Apr  9 04:55:10 2013 (516351D6)
DptfManager.sys             Tue Apr  9 04:55:21 2013 (516351E1)
klpd.sys                    Fri Apr 12 17:04:45 2013 (5167F155)
iaStorA.sys                 Tue Apr 23 01:08:05 2013 (5175919D)
dump_iaStorA.sys            Tue Apr 23 01:08:05 2013 (5175919D)
AsusTP.sys                  Thu May  9 14:53:42 2013 (518B6B1E)
RTKVHD64.sys                Tue Jun  4 19:03:09 2013 (51ADEC95)
klim6.sys                   Thu Jul 11 13:23:56 2013 (51DE6494)
netr28x.sys                 Thu Jul 11 14:57:41 2013 (51DE7A8D)
iwdbus.sys                  Thu Jul 25 06:36:12 2013 (51F07A04)
klmouflt.sys                Thu Aug  8 18:39:08 2013 (52039874)
intelppm.sys                Thu Aug 22 14:16:35 2013 (5215CFEB)
TeeDriverx64.sys            Thu Sep  5 23:32:18 2013 (5228C72A)
igdkmd64.sys                Tue Sep 17 05:38:54 2013 (52379D96)
AsHIDSwitch64.sys           Tue Oct  8 07:15:17 2013 (525363AD)
kl1.sys                     Fri Oct 18 14:48:22 2013 (5260FCDE)
kneps.sys                   Thu Oct 31 19:15:52 2013 (52725F10)
Rt630x64.sys                Tue Nov 26 13:02:54 2013 (52944EA6)
klkbdflt.sys                Fri Dec 27 19:05:56 2013 (52BD823C)
klwfp.sys                   Wed Feb  5 19:03:44 2014 (52F23DB8)
[B][U]dtsoftbus01.sys             Fri Feb 21 15:19:36 2014 (53072130)[/U][/B]
klflt.sys                   Sun Mar  2 04:32:12 2014 (531266F4)
klif.sys                    Thu Mar  6 22:08:02 2014 (5318A46A)
nvvad64v.sys                Fri Mar 28 19:02:06 2014 (533579D6)
nvpciflt.sys                Wed Jul  2 23:04:06 2014 (53B4428E)
nvlddmkm.sys                Wed Jul  2 23:12:02 2014 (53B4446A)
NvStreamKms.sys             Fri Jul 25 17:05:56 2014 (53D2411C)
[COLOR=#ff0000][B][U]gwdrv.sys                   Thu Aug 21 14:06:47 2014 (53F5AF9F)[/U][/B][/COLOR]
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Thu May 29 17:51:32.962 2014 (UTC + 5:30)**************************
nvlddmkm.sys                Wed Oct 23 11:51:50 2013 (52676AFE)
nvpciflt.sys                Wed Oct 23 11:52:31 2013 (52676B27)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Apr 27 21:10:23.968 2014 (UTC + 5:30)**************************
GEARAspiWDM.sys             Fri May  4 01:26:17 2012 (4FA2E2E1)
http://www.carrona.org/drivers/driver.php?id=ASMMAP64.sys
http://www.carrona.org/drivers/driver.php?id=atkwmiacpi64.sys
http://www.carrona.org/drivers/driver.php?id=BtAudioBus.sys
http://www.carrona.org/drivers/driver.php?id=BtL2caScoIf.sys
http://www.carrona.org/drivers/driver.php?id=kbfiltr.sys
http://www.carrona.org/drivers/driver.php?id=IntcDAud.sys
http://www.carrona.org/drivers/driver.php?id=rtbth.sys
http://www.carrona.org/drivers/driver.php?id=RtsPer.sys
http://www.carrona.org/drivers/driver.php?id=IvtUrbBtFlt.sys
http://www.carrona.org/drivers/driver.php?id=DptfDevDram.sys
http://www.carrona.org/drivers/driver.php?id=DptfDevPch.sys
http://www.carrona.org/drivers/driver.php?id=DptfDevProc.sys
http://www.carrona.org/drivers/driver.php?id=DptfManager.sys
http://www.carrona.org/drivers/driver.php?id=klpd.sys
http://www.carrona.org/drivers/driver.php?id=iaStorA.sys
http://www.carrona.org/drivers/driver.php?id=dump_iaStorA.sys
http://www.carrona.org/drivers/driver.php?id=AsusTP.sys
http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
http://www.carrona.org/drivers/driver.php?id=klim6.sys
http://www.carrona.org/drivers/driver.php?id=netr28x.sys
http://www.carrona.org/drivers/driver.php?id=iwdbus.sys
http://www.carrona.org/drivers/driver.php?id=klmouflt.sys
http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=TeeDriverx64.sys
http://www.carrona.org/drivers/driver.php?id=igdkmd64.sys
http://www.carrona.org/drivers/driver.php?id=AsHIDSwitch64.sys
http://www.carrona.org/drivers/driver.php?id=kl1.sys
http://www.carrona.org/drivers/driver.php?id=kneps.sys
http://www.carrona.org/drivers/driver.php?id=Rt630x64.sys
http://www.carrona.org/drivers/driver.php?id=klkbdflt.sys
http://www.carrona.org/drivers/driver.php?id=klwfp.sys
http://www.carrona.org/drivers/driver.php?id=dtsoftbus01.sys
http://www.carrona.org/drivers/driver.php?id=klflt.sys
http://www.carrona.org/drivers/driver.php?id=klif.sys
http://www.carrona.org/drivers/driver.php?id=nvvad64v.sys
http://www.carrona.org/drivers/driver.php?id=nvpciflt.sys
http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
http://www.carrona.org/drivers/driver.php?id=NvStreamKms.sys
gwdrv.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
http://www.carrona.org/drivers/driver.php?id=nvpciflt.sys
http://www.carrona.org/drivers/driver.php?id=GEARAspiWDM.sys



Please remove the GlassWire Software. Please remove Daemon Tools till the time we are troubleshooting as well.

Let me know how it goes ^_^.
 

My Computer

System One

  • OS
    Windows 8.1 Industry Pro B-)
    Computer type
    Laptop
    System Manufacturer/Model
    Toshiba
    CPU
    Core I5 2430M @ 2.4GHz
    Memory
    8 GB DDR3 @ 1600MHz Dual Channel ^_^
    Graphics Card(s)
    Intel HD 3000 B-)
    Screen Resolution
    1366x768
    Hard Drives
    Toshiba 500 GB
    Browser
    Google Chrome
    Antivirus
    Windows Defender & Common Sense!
Thank you very much, kind blueelvis! It has been a few days and I haven't experienced a crash! It seems that it really was glasswire, shame, it was an interesting program.

Thanks again!:thumb:
 

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    Laptop
    System Manufacturer/Model
    Asus X550L
    Antivirus
    Kaspersky
Thank you very much, kind blueelvis! It has been a few days and I haven't experienced a crash! It seems that it really was glasswire, shame, it was an interesting program.

Thanks again!:thumb:

Hi Kurgelis ^_^,

I am glad to hear that the issue has been resolved ^_^.


Regards,
Pranav
 

My Computer

System One

  • OS
    Windows 8.1 Industry Pro B-)
    Computer type
    Laptop
    System Manufacturer/Model
    Toshiba
    CPU
    Core I5 2430M @ 2.4GHz
    Memory
    8 GB DDR3 @ 1600MHz Dual Channel ^_^
    Graphics Card(s)
    Intel HD 3000 B-)
    Screen Resolution
    1366x768
    Hard Drives
    Toshiba 500 GB
    Browser
    Google Chrome
    Antivirus
    Windows Defender & Common Sense!
Back
Top