• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Solved BSOD While Idle Before and After Fresh Install.


ferndoh315

New Member
Posts
6
#1
My system currently has a blue screen around twice a day from what seems like a driver issue. I have tried driver verifier, swapped out the GPU since I thought most things pointed to that and did a fresh install. The only thing I have left to do is update my motherboard bios. I am questioning if the GPU was even the issue since I still got a crash... Below is the guide to Driver Verifier I used so you can see what steps I took. I am at my wits end and am not to great at pointing out what driver crashed or whats left to do after the OS install.

Driver Verifier-- tracking down a mis-behaving driver. - Microsoft Community

Thank you for your time and assistance.
 

My Computer

System One

  • OS
    Windows 8

blueelvis

OMG Debugger!
VIP Member
Pro User
India

Posts
2,097
#2
Hi Ferndoh315 & Welcome to the forums ^_^,

I have analyzed your dump files and below has been provided an analysis of the same for informative purposes :-
Code:
**************************Tue Sep  2 18:09:41.993 2014 (UTC + 5:30)**************************Loading Dump File [C:\SysnativeBSODApps\090214-12140-01.dmp]
 
Windows 8 Kernel Version 9600 MP (4 procs) Free x64
 
Built by: 9600.17085.amd64fre.winblue_gdr.140330-1035
 
System Uptime: 0 days 19:32:21.661
 
Probably caused by : tcpip.sys ( tcpip!IppReceiveHeaderBatch+16b )
 
BugCheck 1E, {ffffffffc000001d, fffff8017c2ad8fb, fffff80375756a00, 2}
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x0000001E]KMODE_EXCEPTION_NOT_HANDLED (1e)[/url]
 
Arguments: 
Arg1: ffffffffc000001d, The exception code that was not handled
Arg2: fffff8017c2ad8fb, The address that the exception occurred at
Arg3: fffff80375756a00, Parameter 0 of the exception
Arg4: 0000000000000002, Parameter 1 of the exception
BUGCHECK_STR:  0x1E_c000001d
 
PROCESS_NAME:  System
 
FAILURE_BUCKET_ID:  0x1E_c000001d_BAD_IP_tcpip!IppReceiveHeaderBatch
 
CPUID:        "Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz"
 
MaxSpeed:     3400
 
CurrentSpeed: 3400
 
  BIOS Version                  V1.2
 
  BIOS Release Date             05/17/2013
 
  Manufacturer                  MSI
 
  Product Name                  MS-7821
 
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Mon Sep  1 05:08:28.833 2014 (UTC + 5:30)**************************
Loading Dump File [C:\SysnativeBSODApps\083114-24484-01.dmp]
 
Windows 8 Kernel Version 9600 MP (4 procs) Free x64
 
Built by: 9600.17085.amd64fre.winblue_gdr.140330-1035
 
System Uptime: 0 days 3:40:25.500
 
Probably caused by : tcpip.sys ( tcpip!IppMulticastDiscoveryVersionTimeout+14 )
 
BugCheck D1, {0, 2, 0, fffff801bdb85004}
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x000000D1]DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)[/url]
 
Arguments: 
Arg1: 0000000000000000, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff801bdb85004, address which referenced memory
BUGCHECK_STR:  AV
 
DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT
 
PROCESS_NAME:  System
 
FAILURE_BUCKET_ID:  AV_tcpip!IppMulticastDiscoveryVersionTimeout
 
CPUID:        "Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz"
 
MaxSpeed:     3400
 
CurrentSpeed: 3400
 
  BIOS Version                  V1.2
 
  BIOS Release Date             05/17/2013
 
  Manufacturer                  MSI
 
  Product Name                  MS-7821
 
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Aug 31 14:49:52.907 2014 (UTC + 5:30)**************************
Loading Dump File [C:\SysnativeBSODApps\083114-55546-01.dmp]
 
Windows 8 Kernel Version 9600 MP (4 procs) Free x64
 
Built by: 9600.17085.amd64fre.winblue_gdr.140330-1035
 
System Uptime: 0 days 0:11:37.610
 
*** WARNING: Unable to verify timestamp for d2695535-bc6b-49ed-8a4a-ce97bfa78fc6
 
*** ERROR: Module load completed but symbols could not be loaded for d2695535-bc6b-49ed-8a4a-ce97bfa78fc6
 
Probably caused by : d2695535-bc6b-49ed-8a4a-ce97bfa78fc6 ( d2695535_bc6b_49ed_8a4a_ce97bfa78fc6+15b9 )
 
BugCheck C4, {f6, 788, ffffe0007eabf900, fffff800b2a2e5b9}
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x000000C4]DRIVER_VERIFIER_DETECTED_VIOLATION (c4)[/url]
 
DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
 
Arguments: 
Arg1: 00000000000000f6, Referencing user handle as KernelMode.
Arg2: 0000000000000788, Handle value being referenced.
Arg3: ffffe0007eabf900, Address of the current process.
Arg4: fffff800b2a2e5b9, Address inside the driver that is performing the incorrect reference.
BUGCHECK_STR:  0xc4_f6
 
PROCESS_NAME:  Speccy64.exe
 
FAILURE_BUCKET_ID:  0xc4_f6_VRF_d2695535_bc6b_49ed_8a4a_ce97bfa78fc6+15b9
 
CPUID:        "Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz"
 
MaxSpeed:     3400
 
CurrentSpeed: 3400
 
  BIOS Version                  V1.2
 
  BIOS Release Date             05/17/2013
 
  Manufacturer                  MSI
 
  Product Name                  MS-7821
 
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Aug 31 12:46:22.141 2014 (UTC + 5:30)**************************
Loading Dump File [C:\SysnativeBSODApps\083114-42343-01.dmp]
 
Windows 8 Kernel Version 9600 MP (4 procs) Free x64
 
Built by: 9600.17085.amd64fre.winblue_gdr.140330-1035
 
System Uptime: 0 days 2:40:36.948
 
*** WARNING: Unable to verify timestamp for 4f9f42f6-94d5-40bc-8bce-733afbae749d
 
*** ERROR: Module load completed but symbols could not be loaded for 4f9f42f6-94d5-40bc-8bce-733afbae749d
 
Probably caused by : 4f9f42f6-94d5-40bc-8bce-733afbae749d ( 4f9f42f6_94d5_40bc_8bce_733afbae749d+15b9 )
 
BugCheck C4, {f6, 778, ffffcf8299c3e900, fffff8036e215a55}
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x000000C4]DRIVER_VERIFIER_DETECTED_VIOLATION (c4)[/url]
 
DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
 
Arguments: 
Arg1: 00000000000000f6, Referencing user handle as KernelMode.
Arg2: 0000000000000778, Handle value being referenced.
Arg3: ffffcf8299c3e900, Address of the current process.
Arg4: fffff8036e215a55, Address inside the driver that is performing the incorrect reference.
BUGCHECK_STR:  0xc4_f6
 
PROCESS_NAME:  Speccy64.exe
 
FAILURE_BUCKET_ID:  0xc4_f6_VRFK_4f9f42f6_94d5_40bc_8bce_733afbae749d+15b9
 
CPUID:        "Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz"
 
MaxSpeed:     3400
 
CurrentSpeed: 3400
 
  BIOS Version                  V1.2
 
  BIOS Release Date             05/17/2013
 
  Manufacturer                  MSI
 
  Product Name                  MS-7821
 
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Mon Sep  1 01:13:43.109 2014 (UTC + 5:30)**************************
Loading Dump File [C:\SysnativeBSODApps\083114-16343-01.dmp]
 
Windows 8 Kernel Version 9600 MP (4 procs) Free x64
 
Built by: 9600.17085.amd64fre.winblue_gdr.140330-1035
 
System Uptime: 0 days 0:00:12.810
 
*** WARNING: Unable to verify timestamp for MBfilt64.sys
 
*** ERROR: Module load completed but symbols could not be loaded for MBfilt64.sys
 
Probably caused by : MBfilt64.sys ( MBfilt64+1817 )
 
BugCheck A, {1, 2, 0, fffff8022d71594e}
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x0000000A]IRQL_NOT_LESS_OR_EQUAL (a)[/url]
 
Arguments: 
Arg1: 0000000000000001, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
	bit 0 : value 0 = read operation, 1 = write operation
	bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff8022d71594e, address which referenced memory
BUGCHECK_STR:  AV
 
DEFAULT_BUCKET_ID:  VERIFIER_ENABLED_VISTA_MINIDUMP
 
PROCESS_NAME:  System
 
FAILURE_BUCKET_ID:  AV_VRF_MBfilt64+1817
 
CPUID:        "Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz"
 
MaxSpeed:     3400
 
CurrentSpeed: 3400
 
  BIOS Version                  V1.2
 
  BIOS Release Date             05/17/2013
 
  Manufacturer                  MSI
 
  Product Name                  MS-7821
 
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sat Aug 30 16:07:25.770 2014 (UTC + 5:30)**************************
Loading Dump File [C:\SysnativeBSODApps\083014-15984-01.dmp]
 
Windows 8 Kernel Version 9600 MP (4 procs) Free x64
 
Built by: 9600.16404.amd64fre.winblue_gdr.130913-2141
 
System Uptime: 0 days 0:04:01.433
 
*** ERROR: Module load completed but symbols could not be loaded for atikmdag.sys
 
Probably caused by : atikmdag.sys ( atikmdag+c7dbb )
 
BugCheck 1000007E, {ffffffffc0000005, fffff800022d9dbb, ffffd000239c6128, ffffd000239c5930}
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x1000007E]SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)[/url]
 
Arguments: 
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff800022d9dbb, The address that the exception occurred at
Arg3: ffffd000239c6128, Exception Record Address
Arg4: ffffd000239c5930, Context Record Address
PROCESS_NAME:  System
 
BUGCHECK_STR:  AV
 
DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT
 
FAILURE_BUCKET_ID:  AV_atikmdag+c7dbb
 
CPUID:        "Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz"
 
MaxSpeed:     3400
 
CurrentSpeed: 3400
 
  BIOS Version                  V1.2
 
  BIOS Release Date             05/17/2013
 
  Manufacturer                  MSI
 
  Product Name                  MS-7821
 
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Below is a list of 3rd party drivers :-
Code:
**************************Tue Sep  2 18:09:41.993 2014 (UTC + 5:30)**************************
[B][U]MBfilt64.sys                Fri Jul 31 09:10:32 2009 (4A7267B0)[/U][/B]
[B][U]lvrs64.sys                  Wed Oct  7 13:57:59 2009 (4ACC510F)[/U][/B]
[B][U]lvuvc64.sys                 Wed Oct  7 13:58:44 2009 (4ACC513C)[/U][/B]
RTCore64.sys                Mon Mar 11 11:02:06 2013 (513D6C56)
intelppm.sys                Thu Aug 22 14:16:35 2013 (5215CFEB)
mbam.sys                    Wed Oct 30 21:41:45 2013 (52712FC1)
nvhda64v.sys                Thu Nov 28 19:08:09 2013 (52974741)
rtwlanu.sys                 Thu Dec 12 12:26:17 2013 (52A95E11)
ssudbus.sys                 Thu Jan  2 15:21:22 2014 (52C5369A)
ssudmdm.sys                 Thu Jan  2 15:21:26 2014 (52C5369E)
ikbevent.sys                Fri Jan 10 23:22:53 2014 (52D03375)
ISCTD.sys                   Thu Jan 23 01:07:35 2014 (52E01DFF)
mwac.sys                    Wed Mar  5 03:17:40 2014 (531649FC)
TeeDriverx64.sys            Thu Mar 13 23:51:52 2014 (5321F740)
xusb22.sys                  Tue Mar 18 13:48:41 2014 (53280161)
MBAMSwissArmy.sys           Fri Mar 21 03:42:35 2014 (532B67D3)
[B][U]e22w8x64.sys                Wed Mar 26 21:28:37 2014 (5332F92D)[/U][/B]
nvvad64v.sys                Fri Mar 28 19:02:06 2014 (533579D6)
INETMON.sys                 Thu Apr  3 22:20:43 2014 (533D9163)
bwcW8x64.sys                Thu Apr 10 21:10:24 2014 (5346BB68)
dump_iaStorA.sys            Sat May  3 04:36:56 2014 (53642510)
iaStorA.sys                 Sat May  3 04:36:56 2014 (53642510)
nvlddmkm.sys                Wed Jul  2 23:12:02 2014 (53B4446A)
RTKVHD64.sys                Tue Jul 15 16:23:15 2014 (53C5081B)
NvStreamKms.sys             Fri Jul 25 17:05:56 2014 (53D2411C)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Mon Sep  1 05:08:28.833 2014 (UTC + 5:30)**************************
imsevent.sys                Fri Jan 10 23:22:53 2014 (52D03375)
AMDACPKSL.SYS               Wed Mar 12 05:19:44 2014 (531FA118)
AtihdWB6.sys                Wed Mar 12 05:20:02 2014 (531FA12A)
atikmpag.sys                Tue Aug 12 07:03:58 2014 (53E96F06)
atikmdag.sys                Tue Aug 12 08:07:53 2014 (53E97E01)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Aug 31 14:49:52.907 2014 (UTC + 5:30)**************************
cpuz136_x64.sys             Wed Nov 27 16:03:59 2013 (5295CA97)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Aug 31 12:46:22.141 2014 (UTC + 5:30)**************************
atikmpag.sys                Fri Apr 18 06:37:07 2014 (53507ABB)
atikmdag.sys                Fri Apr 18 07:43:16 2014 (53508A3C)
http://www.carrona.org/drivers/driver.php?id=MBfilt64.sys
http://www.carrona.org/drivers/driver.php?id=lvrs64.sys
http://www.carrona.org/drivers/driver.php?id=lvuvc64.sys
http://www.carrona.org/drivers/driver.php?id=RTCore64.sys
http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=mbam.sys
http://www.carrona.org/drivers/driver.php?id=nvhda64v.sys
http://www.carrona.org/drivers/driver.php?id=rtwlanu.sys
http://www.carrona.org/drivers/driver.php?id=ssudbus.sys
http://www.carrona.org/drivers/driver.php?id=ssudmdm.sys
http://www.carrona.org/drivers/driver.php?id=ikbevent.sys
http://www.carrona.org/drivers/driver.php?id=ISCTD.sys
http://www.carrona.org/drivers/driver.php?id=mwac.sys
http://www.carrona.org/drivers/driver.php?id=TeeDriverx64.sys
http://www.carrona.org/drivers/driver.php?id=xusb22.sys
http://www.carrona.org/drivers/driver.php?id=MBAMSwissArmy.sys
http://www.carrona.org/drivers/driver.php?id=e22w8x64.sys
http://www.carrona.org/drivers/driver.php?id=nvvad64v.sys
http://www.carrona.org/drivers/driver.php?id=INETMON.sys
http://www.carrona.org/drivers/driver.php?id=bwcW8x64.sys
http://www.carrona.org/drivers/driver.php?id=dump_iaStorA.sys
http://www.carrona.org/drivers/driver.php?id=iaStorA.sys
http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
http://www.carrona.org/drivers/driver.php?id=NvStreamKms.sys
http://www.carrona.org/drivers/driver.php?id=imsevent.sys
http://www.carrona.org/drivers/driver.php?id=AMDACPKSL.SYS
http://www.carrona.org/drivers/driver.php?id=AtihdWB6.sys
http://www.carrona.org/drivers/driver.php?id=atikmpag.sys
http://www.carrona.org/drivers/driver.php?id=atikmdag.sys
http://www.carrona.org/drivers/driver.php?id=cpuz136_x64.sys
http://www.carrona.org/drivers/driver.php?id=atikmpag.sys
http://www.carrona.org/drivers/driver.php?id=atikmdag.sys

Now, the strange thing which the Driver Verifier is showing is that the crash was caused by a file which was present in the Temporary Folder of your system which I wonder if it could be a malware. Below is the extra analysis :-
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************


DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
A device driver attempting to corrupt the system has been caught. This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 00000000000000f6, Referencing user handle as KernelMode.
Arg2: 0000000000000788, Handle value being referenced.
Arg3: ffffe0007eabf900, Address of the current process.
Arg4: fffff800b2a2e5b9, Address inside the driver that is performing the incorrect reference.


Debugging Details:
------------------




BUGCHECK_STR: 0xc4_f6


CUSTOMER_CRASH_COUNT: 1


DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP


PROCESS_NAME: Speccy64.exe


CURRENT_IRQL: 0


ANALYSIS_VERSION: 6.3.9600.17237 (debuggers(dbg).140716-0327) amd64fre


TRAP_FRAME: ffffd000228a7690 -- (.trap 0xffffd000228a7690)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=000000000000000e rbx=0000000000000000 rcx=ffffe00000000030
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff800b2a32100 rsp=ffffd00000000010 rbp=ffffe00085ab2860
r8=ffffd000228a7758 r9=ffffcf8100000040 r10=0000000000000000
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na pe cy
d2695535_bc6b_49ed_8a4a_ce97bfa78fc6+0x5100:
fffff800`b2a32100 ?? ???
Resetting default scope


LAST_CONTROL_TRANSFER: from fffff80063c756b0 to fffff80063753fa0


STACK_TEXT:
ffffd000`228a7418 fffff800`63c756b0 : 00000000`000000c4 00000000`000000f6 00000000`00000788 ffffe000`7eabf900 : nt!KeBugCheckEx
ffffd000`228a7420 fffff800`63c7afa0 : ffffe000`7eabf900 00000000`00000000 00000000`00000000 ffffd000`228a7720 : nt!VerifierBugCheckIfAppropriate+0x3c
ffffd000`228a7460 fffff800`63b52d5d : 00000000`00000110 00000000`00000000 00000000`00000000 00000000`00000000 : nt!VfCheckUserHandle+0x1b8
ffffd000`228a7540 fffff800`639fba55 : 00000000`00001000 fffff800`000f001f 00000000`00000000 00000000`001bed00 : nt! ?? ::NNGAKEGL::`string'+0x286ed
ffffd000`228a75e0 fffff800`63c878e9 : 00000000`000f001f 00000000`00000000 00000000`00000000 00000000`00000082 : nt!ObReferenceObjectByHandle+0x25
ffffd000`228a7630 fffff800`b2a2e5b9 : ffffcf81`f664cea0 ffffe000`85ab2860 00000000`00000002 fffff800`6375e357 : nt!VerifierObReferenceObjectByHandle+0x49
ffffd000`228a7670 ffffcf81`f664cea0 : ffffe000`85ab2860 00000000`00000002 fffff800`6375e357 ffffd000`228a7718 : d2695535_bc6b_49ed_8a4a_ce97bfa78fc6+0x15b9
ffffd000`228a7678 ffffe000`85ab2860 : 00000000`00000002 fffff800`6375e357 ffffd000`228a7718 00000000`00000000 : 0xffffcf81`f664cea0
ffffd000`228a7680 00000000`00000002 : fffff800`6375e357 ffffd000`228a7718 00000000`00000000 ffffe000`8526a000 : 0xffffe000`85ab2860
ffffd000`228a7688 fffff800`6375e357 : ffffd000`228a7718 00000000`00000000 ffffe000`8526a000 ffffd000`228a7690 : 0x2
ffffd000`228a7690 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x257




STACK_COMMAND: kb


FOLLOWUP_IP:
d2695535_bc6b_49ed_8a4a_ce97bfa78fc6+15b9
fffff800`b2a2e5b9 898424fc000000 mov dword ptr [rsp+0FCh],eax


SYMBOL_STACK_INDEX: 6


SYMBOL_NAME: d2695535_bc6b_49ed_8a4a_ce97bfa78fc6+15b9


FOLLOWUP_NAME: MachineOwner


MODULE_NAME: d2695535_bc6b_49ed_8a4a_ce97bfa78fc6


IMAGE_NAME: d2695535-bc6b-49ed-8a4a-ce97bfa78fc6


DEBUG_FLR_IMAGE_TIMESTAMP: 49b8cff0


FAILURE_BUCKET_ID: 0xc4_f6_VRF_d2695535_bc6b_49ed_8a4a_ce97bfa78fc6+15b9


BUCKET_ID: 0xc4_f6_VRF_d2695535_bc6b_49ed_8a4a_ce97bfa78fc6+15b9


ANALYSIS_SOURCE: KM


FAILURE_ID_HASH_STRING: km:0xc4_f6_vrf_d2695535_bc6b_49ed_8a4a_ce97bfa78fc6+15b9


FAILURE_ID_HASH: {3abee6c1-b149-e8f7-e6cc-79b35ae8fea9}


Followup: MachineOwner
---------


0: kd> lmvm d2695535_bc6b_49ed_8a4a_ce97bfa78fc6
start end module name
fffff800`b2a2d000 fffff800`b2a35000 d2695535_bc6b_49ed_8a4a_ce97bfa78fc6 T (no symbols)
Loaded symbol image file: d2695535-bc6b-49ed-8a4a-ce97bfa78fc6
Image path: \??\C:\Users\Fernando\AppData\Local\Temp\d2695535-bc6b-49ed-8a4a-ce97bfa78fc6
Image name: d2695535-bc6b-49ed-8a4a-ce97bfa78fc6
Timestamp: Thu Mar 12 14:33:44 2009 (49B8CFF0)
CheckSum: 0000F7CD
ImageSize: 00008000
Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4

So, please follow the below steps, one step at a time :-

  1. Please run a rootkit scan using GMER over **HERE** and then run a complete ESET Online Scan over **HERE** and then report back. If no results are found, then please clear your Temporary Folder and see if the crashes cease to stop or not.
  2. Since most of your dump files, point to the "TCPIP.sys" which is the Networking Driver for Windows, chance of it being at fault is extremely less. Please see if you crash or not, if you disable your Network Adapter.
  3. Please remove Malware Bytes till the time we are troubleshooting using this **TOOL**.
  4. It appears that you have the Killer Network Ethernet Drivers. Please follow this **GUIDE**.
  5. Please update the drivers which are highlighted in BOLD.


Let me know how it goes ^_^.
 

My Computer

System One

  • OS
    Windows 8.1 Industry Pro B-)
    Computer type
    Laptop
    System Manufacturer/Model
    Toshiba
    CPU
    Core I5 2430M @ 2.4GHz
    Memory
    8 GB DDR3 @ 1600MHz Dual Channel ^_^
    Graphics Card(s)
    Intel HD 3000 B-)
    Screen Resolution
    1366x768
    Hard Drives
    Toshiba 500 GB
    Browser
    Google Chrome
    Antivirus
    Windows Defender & Common Sense!

ferndoh315

New Member
Posts
6
#3
Thank you for the response :)

I will go home and try the things you have listed later today.

I would just like to mention that I did swap out my graphics card and I have been blue screening much less. All my newer Blue screens point to the network adapter I think. I even tried to use a linksys WUSB6300 but that crashed and I have removed it.

Here is a more up to date list of my dmp files in case that helps.
 
Last edited:

My Computer

System One

  • OS
    Windows 8

blueelvis

OMG Debugger!
VIP Member
Pro User
India

Posts
2,097
#4
Thank you for the response :)

I will go home and try the things you have listed later today.

I would just like to mention that I did swap out my graphics card and I have been blue screening much less. All my newer Blue screens point to the network adapter I think. I even tried to use a linksys WUSB6300 but that crashed and I have removed it.

Here is a more up to date list of my dmp files in case that helps.
Let me know how it goes ^_^. If after following the steps you are still facing the problems then I would analyze further ^_^
 

My Computer

System One

  • OS
    Windows 8.1 Industry Pro B-)
    Computer type
    Laptop
    System Manufacturer/Model
    Toshiba
    CPU
    Core I5 2430M @ 2.4GHz
    Memory
    8 GB DDR3 @ 1600MHz Dual Channel ^_^
    Graphics Card(s)
    Intel HD 3000 B-)
    Screen Resolution
    1366x768
    Hard Drives
    Toshiba 500 GB
    Browser
    Google Chrome
    Antivirus
    Windows Defender & Common Sense!

ferndoh315

New Member
Posts
6
#6
I have taken all your steps as listed below.

1) I show no root kit after the scans and deleted the temp folder.

2) I removed my wireless usb card that casued some of the blue screens and I still blue screen

3) Malware bytes removed

4) Steps followed

5) Drivers updated

I still get a blue screen. Here are my updated dumps. I only use the PC when I need internet, so I have not disabled the motherboards NIC.
 

My Computer

System One

  • OS
    Windows 8

blueelvis

OMG Debugger!
VIP Member
Pro User
India

Posts
2,097
#8
I went ahead and followed this guide to get the drivers for the NIC alone. We will see how that works.

https://forum-en.msi.com/index.php?topic=178064.0
I haven't seen the Killer Networks causing the BSOD's in a while. But, try that if you have one as it was a very rampant issue when it was detected.

If the issue is still not solved, please upload your latest dump files.

Let me know how it goes ^_^
 

My Computer

System One

  • OS
    Windows 8.1 Industry Pro B-)
    Computer type
    Laptop
    System Manufacturer/Model
    Toshiba
    CPU
    Core I5 2430M @ 2.4GHz
    Memory
    8 GB DDR3 @ 1600MHz Dual Channel ^_^
    Graphics Card(s)
    Intel HD 3000 B-)
    Screen Resolution
    1366x768
    Hard Drives
    Toshiba 500 GB
    Browser
    Google Chrome
    Antivirus
    Windows Defender & Common Sense!
Posts
6
#9
I ran the NIC+Suite removal tool found on this page:



https://forum-en.msi.com/index.php?topic=178064.0



Then I updated the Bios on my MSI Z87-G45.



I never installed the NIC driver again and disabled it asap before even windows tried to do something with it. I am using a Cisco WUSB6300. I have not blue screened since 9/6.



Thanks for helping point out the Ethernet driver. I wanted to make sure anyone that had this issue could also look back and maybe use my information to help to come to a resolution.


 

My Computer

System One

  • OS
    Windows 8

blueelvis

OMG Debugger!
VIP Member
Pro User
India

Posts
2,097
#10
Hi Ferndoh ^_^,

Glad to hear that the issue has been resolved.

Regards,
Pranav
 

My Computer

System One

  • OS
    Windows 8.1 Industry Pro B-)
    Computer type
    Laptop
    System Manufacturer/Model
    Toshiba
    CPU
    Core I5 2430M @ 2.4GHz
    Memory
    8 GB DDR3 @ 1600MHz Dual Channel ^_^
    Graphics Card(s)
    Intel HD 3000 B-)
    Screen Resolution
    1366x768
    Hard Drives
    Toshiba 500 GB
    Browser
    Google Chrome
    Antivirus
    Windows Defender & Common Sense!

blueelvis

OMG Debugger!
VIP Member
Pro User
India

Posts
2,097
#11
Hi Ferndoh ^_^,

Could you help me on finding a driver on your system so that I could add information to the Driver Reference Table?

Driver Name - "kxroyfog.sys"
Could you find some more information on this driver?

Thanks!
 

My Computer

System One

  • OS
    Windows 8.1 Industry Pro B-)
    Computer type
    Laptop
    System Manufacturer/Model
    Toshiba
    CPU
    Core I5 2430M @ 2.4GHz
    Memory
    8 GB DDR3 @ 1600MHz Dual Channel ^_^
    Graphics Card(s)
    Intel HD 3000 B-)
    Screen Resolution
    1366x768
    Hard Drives
    Toshiba 500 GB
    Browser
    Google Chrome
    Antivirus
    Windows Defender & Common Sense!

Users Who Are Viewing This Thread (Users: 0, Guests: 1)