Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSOD in Windows 8.1/Lenovo Y510P


  • Please log in to reply
3 replies to this topic

#1 bmsbugs

bmsbugs

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 25 March 2014 - 10:46 AM

BSOD-xperts:

I've suddenly been afflicted with BSOD's on my Lenovo Y510P running Win 8.1. Everything was fine until about 2 weeks ago and then I started experiencing multiple BSOD's to the point that I had to boot in SafeMode. After doing some research, it looked like the issues were related to video (NVIDIA GeForce GT 750M) and wireless/bluetooth drivers. I upgraded all of those and everything was fine for a week until this morning when I got another BSOD. After looking for the bug check that it reported, I stumbled on this forum and saw some excellent responses so I thought I'd give it a whirl. I downloaded BlueScreenView and ran that and I've attached the output. I have also attached output from the MiniToolBox tool. I also tried to upload the mini-dump files but I get a message saying I'm "not permitted to upload this kind of file" but I'm happy to do so if I'm allowed to.  Here is a link the output from the Speecy tool as well - http://speccy.piriform.com/results/j7BzfFXyiX3xHgrhWQqHjXV. Would someone be so kind as to give it a look and let me know your thoughts? Thanks!

 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 Kirbyofdeath

Kirbyofdeath

  • Members
  • 459 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere on Earth
  • Local time:02:27 AM

Posted 25 March 2014 - 11:53 AM

Can you please upload the whole minidump so I can examine it?

 

It is located in C:\windows\minidumps. Select the most recently created file.


Edited by Kirbyofdeath, 25 March 2014 - 11:55 AM.


#3 bmsbugs

bmsbugs
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 25 March 2014 - 12:04 PM

Kirbyofdeath - I had to change the extension to .txt from .dmp as it wouldn't let me upload it otherwise.

 

Thanks!

Attached Files



#4 Kirbyofdeath

Kirbyofdeath

  • Members
  • 459 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere on Earth
  • Local time:02:27 AM

Posted 28 March 2014 - 01:07 PM

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************
 
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure.  The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
Arg2: ffffd0002067f6d0, Address of the trap frame for the exception that caused the bugcheck
Arg3: ffffd0002067f628, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved
 
Debugging Details:
------------------
 
 
TRAP_FRAME:  ffffd0002067f6d0 -- (.trap 0xffffd0002067f6d0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=ffffe00009d0efa0 rbx=0000000000000000 rcx=0000000000000003
rdx=ffffd0002067f6e0 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8012edf995a rsp=ffffd0002067f860 rbp=0000000000000000
 r8=ffffd0002067f6f0  r9=000000000000002f r10=fffff8012ec07520
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz na pe cy
nt! ?? ::FNODOBFM::`string'+0x2b7ba:
fffff801`2edf995a cd29            int     29h
Resetting default scope
 
EXCEPTION_RECORD:  ffffd0002067f628 -- (.exr 0xffffd0002067f628)
ExceptionAddress: fffff8012edf995a (nt! ?? ::FNODOBFM::`string'+0x000000000002b7ba)
   ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
  ExceptionFlags: 00000001
NumberParameters: 1
   Parameter[0]: 0000000000000003
 
CUSTOMER_CRASH_COUNT:  1
 
DEFAULT_BUCKET_ID:  LIST_ENTRY_CORRUPT
 
BUGCHECK_STR:  0x139
 
PROCESS_NAME:  System
 
CURRENT_IRQL:  2
 
ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
 
EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.
 
EXCEPTION_PARAMETER1:  0000000000000003
 
ANALYSIS_VERSION: 6.3.9600.16384 (debuggers(dbg).130821-1623) amd64fre
 
LAST_CONTROL_TRANSFER:  from fffff8012edc97e9 to fffff8012edbdca0
 
STACK_TEXT:  
ffffd000`2067f3a8 fffff801`2edc97e9 : 00000000`00000139 00000000`00000003 ffffd000`2067f6d0 ffffd000`2067f628 : nt!KeBugCheckEx
ffffd000`2067f3b0 fffff801`2edc9b10 : ffffe000`00000002 ffffe000`00000000 ffffe000`05c86300 00000000`00000000 : nt!KiBugCheckDispatch+0x69
ffffd000`2067f4f0 fffff801`2edc8d34 : ffffd000`2067f6e8 00000000`00000000 fffffff6`00000002 00000001`ffffffff : nt!KiFastFailDispatch+0xd0
ffffd000`2067f6d0 fffff801`2edf995a : 00000000`00000000 ffffd000`2066a180 ffffd000`21de1ab0 fffff800`052c4ab8 : nt!KiRaiseSecurityCheckFailure+0xf4
ffffd000`2067f860 fffff801`2ed1dfe3 : ffffe000`3116f180 00000000`00000001 ffffd000`2067f939 00000000`00000002 : nt! ?? ::FNODOBFM::`string'+0x2b7ba
ffffd000`2067f8c0 fffff801`2ed1e478 : 00000000`00000001 ffffe000`4fa63748 ffffd000`2066a180 fffff801`2ef615a0 : nt!KiProcessExpiredTimerList+0x257
ffffd000`2067f9a0 fffff801`2ed7a478 : ffffd000`2066a180 00000000`0020b4fd 00000000`01291509 00000000`01291521 : nt!KiExpireTimerTable+0x218
ffffd000`2067fa40 fffff801`2eccaabc : ffffe000`00000000 00001f80`00000001 000004a4`542a2ebc 00000000`00000002 : nt!KiTimerExpiration+0x148
ffffd000`2067faf0 fffff801`2edc17ea : ffffd000`2066a180 ffffd000`2066a180 00000000`00000000 ffffd000`20676340 : nt!KiRetireDpcList+0x19c
ffffd000`2067fc60 00000000`00000000 : ffffd000`20680000 ffffd000`2067a000 00000000`00000000 00000000`00000000 : nt!KiIdleLoop+0x5a
 
 
STACK_COMMAND:  kb
 
FOLLOWUP_IP: 
nt!KiFastFailDispatch+d0
fffff801`2edc9b10 c644242000      mov     byte ptr [rsp+20h],0
 
SYMBOL_STACK_INDEX:  2
 
SYMBOL_NAME:  nt!KiFastFailDispatch+d0
 
FOLLOWUP_NAME:  MachineOwner
 
MODULE_NAME: nt
 
IMAGE_NAME:  ntkrnlmp.exe
 
DEBUG_FLR_IMAGE_TIMESTAMP:  52718d9c
 
IMAGE_VERSION:  6.3.9600.16452
 
BUCKET_ID_FUNC_OFFSET:  d0
 
FAILURE_BUCKET_ID:  0x139_3_nt!KiFastFailDispatch
 
BUCKET_ID:  0x139_3_nt!KiFastFailDispatch
 
ANALYSIS_SOURCE:  KM
 
FAILURE_ID_HASH_STRING:  km:0x139_3_nt!kifastfaildispatch
 
FAILURE_ID_HASH:  {36173680-6f08-995f-065a-3d368c996911}
 
Followup: MachineOwner
 
 

Download Malwarebytes' Anti-Malware Free (aka MBAM)

- Do not accept the free offer for the Pro Version at this time -
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users