Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Been randomly getting BSOD with different error msgs


  • Please log in to reply
15 replies to this topic

#1 forylla

forylla

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:01:41 PM

Posted 11 April 2017 - 10:28 PM

Hi my parents pc has been getting BSOD from time to time.  Ive seen 2 and was able to write down the error msgs from them  Kmode_Exception_Not_Handled  and for the other System_Service_Exception

 

The requested logs are attached.

 

OS - Windows 10.0.14393 Build 14393

 

Original OS - Windows 8.1 and was pre-installed

 

Age of System and Hardware - purchased new in 2014

 

OS was reinstalled by someone a yr or 2 ago

 

CPU - AMD FX™ - 8320 8 core 3500Mhz

 

Video Card - NVIDIA GeForce GTX 760

 

Motherboard - AsRock 970 Extreme3 R2.0

 

PSU - Corsair RM650

 

The desktop was built by NCIX

 

I will now run the other scans recommended.

 

Thanks

Attached Files



BC AdBot (Login to Remove)

 


#2 bwv848

bwv848

    Bleepin' Owl


  • BSOD Kernel Dump Expert
  • 3,028 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:92.96 million miles away from the sun
  • Local time:04:41 PM

Posted 11 April 2017 - 10:34 PM

Greetings,

Unfortunately, there are traces of pirated software on your computer. BleepingComputer's forum rules prohibit me from helping you further:

No subject matter will be allowed whose purpose is to defeat existing copyright or security measures. If a user persists and/or the activity is obviously illegal the staff reserves the right to remove such content and/or ban the user. This would also mean encouraging the use or continued use of pirated software is not permitted, and subject to the same consequences.

If you would like help, please remove all illegal software on your computer and run the Sysnative File Collection App again.

Thank you.
 
Regards,
bwv848

If I do not reply in three days, please message me.
 
BC BSOD Posting Instructions | Carrona BSOD Index | Driver Reference Table (DRT)


#3 bwv848

bwv848

    Bleepin' Owl


  • BSOD Kernel Dump Expert
  • 3,028 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:92.96 million miles away from the sun
  • Local time:04:41 PM

Posted 12 April 2017 - 09:36 AM

I've been asked via a Personal Message to explain what pirated software I've found on this computer. You have KMSpico installed, a tool used to illegally activate Microsoft products, including Office.

Regards,
bwv848


If I do not reply in three days, please message me.
 
BC BSOD Posting Instructions | Carrona BSOD Index | Driver Reference Table (DRT)


#4 forylla

forylla
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:01:41 PM

Posted 12 April 2017 - 08:09 PM

I believe all the pirated software has been removed.

Attached Files



#5 bwv848

bwv848

    Bleepin' Owl


  • BSOD Kernel Dump Expert
  • 3,028 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:92.96 million miles away from the sun
  • Local time:04:41 PM

Posted 12 April 2017 - 08:59 PM

Good job.


Will you please run MemTest86 for a minimum of eight passes? Here's a good guide if you need help. Also, please run Seagate SeaTools for Windows. Be sure to test all your drives with the S.M.A.R.T. and Long Generic tests.

 

Regards,

bwv848


If I do not reply in three days, please message me.
 
BC BSOD Posting Instructions | Carrona BSOD Index | Driver Reference Table (DRT)


#6 forylla

forylla
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:01:41 PM

Posted 13 April 2017 - 08:23 PM

Ive run the seagate tests and all drives passed.  Ran the memtest86 test overnight.  Should there be a scan log or anything from this to post?



#7 forylla

forylla
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:01:41 PM

Posted 14 April 2017 - 09:30 PM

Ok so seagate tests say all drives passed.  Memtest86 just finished running for 9 passes with no errors.



#8 bwv848

bwv848

    Bleepin' Owl


  • BSOD Kernel Dump Expert
  • 3,028 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:92.96 million miles away from the sun
  • Local time:04:41 PM

Posted 15 April 2017 - 07:06 PM

Alright, can you zip up the latest dumps from C:\Windows\Minidump and attach them in your next reply? That'll determine our next step (probably Driver Verifier).


If I do not reply in three days, please message me.
 
BC BSOD Posting Instructions | Carrona BSOD Index | Driver Reference Table (DRT)


#9 forylla

forylla
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:01:41 PM

Posted 15 April 2017 - 09:45 PM

Minidump file attached

Attached Files



#10 bwv848

bwv848

    Bleepin' Owl


  • BSOD Kernel Dump Expert
  • 3,028 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:92.96 million miles away from the sun
  • Local time:04:41 PM

Posted 15 April 2017 - 09:51 PM

Thanks; please do this:

 

:step1: Check Disk

WARNING: It is recommended that you backup ALL your files. If CHKDSK finds and repairs a corrupted sector, you may lose your data.

  • Click Start, enter cmd.exe in the Search box, right-click on cmd.exe, and then click Run as administrator.
  • Type the following command and hit ENTER:
chkdsk /R
  • You should see this message:
The type of the file system is NTFS.
Cannot lock current drive.

Chkdsk cannot run because the volume is in use by another
process.  Would you like to schedule this volume to be
checked the next time the system restarts? (Y/N)
  • Type Y and hit Enter on your keyboard.
  • Restart your computer and CHKDSK will run.

Once CHKDSK is complete, we need the log:

  • Click Start, enter powershell.exe in the Search box, right-click on powershell.exe, and then click Run as administrator.
  • Copy this command:
Get-WinEvent -FilterHashTable @{logname="Application"; id="1001"}| ?{$_.providername –match "wininit"} | fl timecreated, message | out-file $Env:UserProfile\Desktop\CHKDSKResults.txt
  • Right-click in Powershell to paste the command.
  • You will find CHKDSKResults.txt on your Desktop. Copy/paste that log in your next reply.

Edited by bwv848, 15 April 2017 - 09:52 PM.

If I do not reply in three days, please message me.
 
BC BSOD Posting Instructions | Carrona BSOD Index | Driver Reference Table (DRT)


#11 forylla

forylla
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:01:41 PM

Posted 15 April 2017 - 10:08 PM

TimeCreated : 4/15/2017 8:04:48 PM
Message     :
             
              Checking file system on C:
              The type of the file system is NTFS.
             
              A disk check has been scheduled.
              Windows will now check the disk.                        
             
              Stage 1: Examining basic file system structure ...
                344064 file records processed.                                                       
              File verification completed.
                17269 large file records processed.                                  
                0 bad file records processed.                                    
             
              Stage 2: Examining file name linkage ...
                424614 index entries processed.                                                      
              Index verification completed.
                0 unindexed files scanned.                                       
                0 unindexed files recovered to lost and found.                   
             
              Stage 3: Examining security descriptors ...
              Cleaning up 8570 unused index entries from index $SII of file 0x9.
              Cleaning up 8570 unused index entries from index $SDH of file 0x9.
              Cleaning up 8570 unused security descriptors.
              CHKDSK is compacting the security descriptor stream
              Security descriptor verification completed.
                40276 data files processed.                                          
              CHKDSK is verifying Usn Journal...
                35270392 USN bytes processed.                                                          
              Usn Journal verification completed.
             
              Stage 4: Looking for bad clusters in user file data ...
                344048 files processed.                                                              
              File data verification completed.
             
              Stage 5: Looking for bad, free clusters ...
                10316182 free clusters processed.                                                      
              Free space verification is complete.
              Correcting errors in the Volume Bitmap.
             
              Windows has made corrections to the file system.
              No further action is required.
             
               116706303 KB total disk space.
                74836428 KB in 193855 files.



#12 bwv848

bwv848

    Bleepin' Owl


  • BSOD Kernel Dump Expert
  • 3,028 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:92.96 million miles away from the sun
  • Local time:04:41 PM

Posted 16 April 2017 - 08:23 AM

Time to run Driver Verifier...
https://www.bleepingcomputer.com/forums/t/576333/driver-verifier-bsod-related-windows-10-81-8-7-vista/


If I do not reply in three days, please message me.
 
BC BSOD Posting Instructions | Carrona BSOD Index | Driver Reference Table (DRT)


#13 forylla

forylla
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:01:41 PM

Posted 16 April 2017 - 06:06 PM

I started this the other night when you said that might be the next step.  If Ive done it incorrectly let me know and Ill redo it.

 

 

 

C:\WINDOWS\system32>verifier /query

Time Stamp: 04/16/2017 16:00:47.095

Verifier Flags: 0x0002892b

  Standard Flags:

    [X] 0x00000001 Special pool.
    [X] 0x00000002 Force IRQL checking.
    [X] 0x00000008 Pool tracking.
    [ ] 0x00000010 I/O verification.
    [X] 0x00000020 Deadlock detection.
    [ ] 0x00000080 DMA checking.
    [X] 0x00000100 Security checks.
    [X] 0x00000800 Miscellaneous checks.
    [X] 0x00020000 DDI compliance checking.

  Additional Flags:

    [ ] 0x00000004 Randomized low resources simulation.
    [ ] 0x00000200 Force pending I/O requests.
    [ ] 0x00000400 IRP logging.
    [ ] 0x00002000 Invariant MDL checking for stack.
    [ ] 0x00004000 Invariant MDL checking for driver.
    [X] 0x00008000 Power framework delay fuzzing.
    [ ] 0x00010000 Port/miniport interface checking.
    [ ] 0x00040000 Systematic low resources simulation.
    [ ] 0x00080000 DDI compliance checking (additional).
    [ ] 0x00200000 NDIS/WIFI verification.
    [ ] 0x00800000 Kernel synchronization delay fuzzing.
    [ ] 0x01000000 VM switch verification.
    [ ] 0x02000000 Code integrity checks.

    [X] Indicates flag is enabled.

  Verifier Statistics Summary

    Raise IRQLs:                               6597847
    Acquire Spin Locks:                        2944248
    Synchronize Executions:                      46513
    Trims:                                      359366

    Pool Allocations Attempted:                 968151
    Pool Allocations Succeeded:                 968151
    Pool Allocations Succeeded SpecialPool:     968151
    Pool Allocations With No Tag:                   34
    Pool Allocations Not Tracked:                    1
    Pool Allocations Failed:                         0
    Pool Allocations Failed Deliberately:            0

  Driver Verification List

    MODULE: amdide64.sys (load: 1 / unload: 0)

      Pool Allocation Statistics: ( NonPaged / Paged )

        Current Pool Allocations:  (        0 /        0 )
        Current Pool Bytes:        (        0 /        0 )
        Peak Pool Allocations:     (        0 /        0 )
        Peak Pool Bytes:           (        0 /        0 )
        Contiguous Memory Bytes:              0
        Peak Contiguous Memory Bytes:         0

    MODULE: edevmon.sys (load: 1 / unload: 0)

      Pool Allocation Statistics: ( NonPaged / Paged )

        Current Pool Allocations:  (        0 /        0 )
        Current Pool Bytes:        (        0 /        0 )
        Peak Pool Allocations:     (        0 /        0 )
        Peak Pool Bytes:           (        0 /        0 )
        Contiguous Memory Bytes:              0
        Peak Contiguous Memory Bytes:         0

    MODULE: dnelwf64.sys (load: 1 / unload: 0)

      Pool Allocation Statistics: ( NonPaged / Paged )

        Current Pool Allocations:  (     3868 /        0 )
        Current Pool Bytes:        ( 22296543 /        0 )
        Peak Pool Allocations:     (     3870 /        0 )
        Peak Pool Bytes:           ( 22296783 /        0 )
        Contiguous Memory Bytes:              0
        Peak Contiguous Memory Bytes:         0

    MODULE: ndis.sys (load: 1 / unload: 0)

      Pool Allocation Statistics: ( NonPaged / Paged )

        Current Pool Allocations:  (     8944 /       94 )
        Current Pool Bytes:        (  2940921 /    15306 )
        Peak Pool Allocations:     (     9047 /       96 )
        Peak Pool Bytes:           (  3013129 /    15970 )
        Contiguous Memory Bytes:              0
        Peak Contiguous Memory Bytes:         0

    MODULE: hwinfo64a.sys (load: 1 / unload: 0)

      Pool Allocation Statistics: ( NonPaged / Paged )

        Current Pool Allocations:  (        0 /        0 )
        Current Pool Bytes:        (        0 /        0 )
        Peak Pool Allocations:     (        0 /        0 )
        Peak Pool Bytes:           (        0 /        0 )
        Contiguous Memory Bytes:              0
        Peak Contiguous Memory Bytes:         0

    MODULE: ctxva51.sys (load: 1 / unload: 0)

      Pool Allocation Statistics: ( NonPaged / Paged )

        Current Pool Allocations:  (        2 /        0 )
        Current Pool Bytes:        (    32496 /        0 )
        Peak Pool Allocations:     (        2 /        0 )
        Peak Pool Bytes:           (    32496 /        0 )
        Contiguous Memory Bytes:              0
        Peak Contiguous Memory Bytes:         0

    MODULE: nvlddmkm.sys (load: 1 / unload: 0)

      Pool Allocation Statistics: ( NonPaged / Paged )

        Current Pool Allocations:  (    23324 /      379 )
        Current Pool Bytes:        (  9040391 /  2310805 )
        Peak Pool Allocations:     (    24266 /      394 )
        Peak Pool Bytes:           (  9291650 /  2679488 )
        Contiguous Memory Bytes:         282624
        Peak Contiguous Memory Bytes:    282624

    MODULE: rt640x64.sys (load: 1 / unload: 0)

      Pool Allocation Statistics: ( NonPaged / Paged )

        Current Pool Allocations:  (        9 /        0 )
        Current Pool Bytes:        (   120890 /        0 )
        Peak Pool Allocations:     (        9 /        1 )
        Peak Pool Bytes:           (   120890 /      124 )
        Contiguous Memory Bytes:              0
        Peak Contiguous Memory Bytes:         0

    MODULE: nvhda64v.sys (load: 1 / unload: 0)

      Pool Allocation Statistics: ( NonPaged / Paged )

        Current Pool Allocations:  (       43 /       16 )
        Current Pool Bytes:        (    34160 /    10048 )
        Peak Pool Allocations:     (       44 /       17 )
        Peak Pool Bytes:           (    35184 /    10576 )
        Contiguous Memory Bytes:              0
        Peak Contiguous Memory Bytes:         0

    MODULE: rtkvhd64.sys (load: 1 / unload: 0)

      Pool Allocation Statistics: ( NonPaged / Paged )

        Current Pool Allocations:  (      660 /        0 )
        Current Pool Bytes:        (   291318 /        0 )
        Peak Pool Allocations:     (      661 /        2 )
        Peak Pool Bytes:           (   291338 /  7740608 )
        Contiguous Memory Bytes:              0
        Peak Contiguous Memory Bytes:         0

    MODULE: dump_diskdump.sys (load: 0 / unload: 0)

    MODULE: dump_storahci.sys (load: 2 / unload: 1)

      Pool Allocation Statistics: ( NonPaged / Paged )

        Current Pool Allocations:  (        0 /        0 )
        Current Pool Bytes:        (        0 /        0 )
        Peak Pool Allocations:     (        0 /        0 )
        Peak Pool Bytes:           (        0 /        0 )
        Contiguous Memory Bytes:              0
        Peak Contiguous Memory Bytes:         0

    MODULE: dump_dumpfve.sys (load: 2 / unload: 1)

      Pool Allocation Statistics: ( NonPaged / Paged )

        Current Pool Allocations:  (        1 /        0 )
        Current Pool Bytes:        (    16400 /        0 )
        Peak Pool Allocations:     (        1 /        0 )
        Peak Pool Bytes:           (    16400 /        0 )
        Contiguous Memory Bytes:          65536
        Peak Contiguous Memory Bytes:     65536

    MODULE: cag.sys (load: 1 / unload: 0)

      Pool Allocation Statistics: ( NonPaged / Paged )

        Current Pool Allocations:  (        6 /        0 )
        Current Pool Bytes:        (      642 /        0 )
        Peak Pool Allocations:     (        6 /        0 )
        Peak Pool Bytes:           (      642 /        0 )
        Contiguous Memory Bytes:              0
        Peak Contiguous Memory Bytes:         0

    MODULE: psi_mf_amd64.sys (load: 1 / unload: 0)

      Pool Allocation Statistics: ( NonPaged / Paged )

        Current Pool Allocations:  (        0 /        0 )
        Current Pool Bytes:        (        0 /        0 )
        Peak Pool Allocations:     (        2 /        0 )
        Peak Pool Bytes:           (     1280 /        0 )
        Contiguous Memory Bytes:              0
        Peak Contiguous Memory Bytes:         0

 

 

C:\WINDOWS\system32>verifier /querysettings

Verifier Flags: 0x0002892b

  Standard Flags:

    [X] 0x00000001 Special pool.
    [X] 0x00000002 Force IRQL checking.
    [X] 0x00000008 Pool tracking.
    [ ] 0x00000010 I/O verification.
    [X] 0x00000020 Deadlock detection.
    [ ] 0x00000080 DMA checking.
    [X] 0x00000100 Security checks.
    [X] 0x00000800 Miscellaneous checks.
    [X] 0x00020000 DDI compliance checking.

  Additional Flags:

    [ ] 0x00000004 Randomized low resources simulation.
    [ ] 0x00000200 Force pending I/O requests.
    [ ] 0x00000400 IRP logging.
    [ ] 0x00002000 Invariant MDL checking for stack.
    [ ] 0x00004000 Invariant MDL checking for driver.
    [X] 0x00008000 Power framework delay fuzzing.
    [ ] 0x00010000 Port/miniport interface checking.
    [ ] 0x00040000 Systematic low resources simulation.
    [ ] 0x00080000 DDI compliance checking (additional).
    [ ] 0x00200000 NDIS/WIFI verification.
    [ ] 0x00800000 Kernel synchronization delay fuzzing.
    [ ] 0x01000000 VM switch verification.
    [ ] 0x02000000 Code integrity checks.

    [X] Indicates flag is enabled.

  Boot Mode:

    Persistent

  Rules:

    All rules are using default settings

  Extensions:

    wdm: rules.default

  Verified Drivers:

    amdide64.sys
    edevmon.sys
    dnelwf64.sys
    ndis.sys
    hwinfo64a.sys
    ctxva51.sys
    nvlddmkm.sys
    rt640x64.sys
    nvhda64v.sys
    rtkvhd64.sys
    dump_diskdump.sys
    dump_storahci.sys
    dump_dumpfve.sys
    cag.sys
    psi_mf_amd64.sys



#14 bwv848

bwv848

    Bleepin' Owl


  • BSOD Kernel Dump Expert
  • 3,028 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:92.96 million miles away from the sun
  • Local time:04:41 PM

Posted 18 April 2017 - 10:22 PM

Seems correct to me... now we wait for the next BSOD.


If I do not reply in three days, please message me.
 
BC BSOD Posting Instructions | Carrona BSOD Index | Driver Reference Table (DRT)


#15 forylla

forylla
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:01:41 PM

Posted 18 April 2017 - 10:51 PM

Ok.  Its weird because since weve begun this process it hasnt happened once.

 

Appreciate all the help youve given me.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users