BSOD stop code 3b, unclear cause

Discussion in 'Windows 7 Blue Screen of Death (BSOD)' started by Ken Ettinger, Oct 20, 2012.

  1. Ken Ettinger

    Ken Ettinger New Member

    Joined:
    Oct 20, 2012
    Messages:
    20
    Likes Received:
    0
    I have been getting a BSOD every couple days. The error is a system_service_exception with stop code 3b. (STOP: 0x0000003b (0x00000000C0000005, 0xFFFFF9600010D010, 0XFFFFF88E011B40, 0x000000000000)

    To explain further, I have had this exact same error on TWO different computers, one of them completely new, while running the same combination of programs/drivers. They are both Stop code 3b with Parameter 1 the same, 0x00000000C0000005 (though Parameter 2 and 3 are different for each time the BSOD comes up). The two computers have different graphics drivers, so I believe graphics drivers can be ruled out as the problem (one is a AMD Radeon 6750M, the other is an Intel HD Graphics 4000). The graphics drivers are also updated. They are both running Windows 7, one is a Lenovo ThinkPad x1 Carbon, the other is a Macbook Pro running Bootcamp (I blamed bootcamp for the problem, which is why I got the new computer, but it seems that it is not the problem).

    In both cases, I am running a 30" external monitor via a DVI-D to Displayport adapter, made by Accell (with additional USB powering). I believe this may be the problem, because after several days not using the monitor I did not have the crash. This is not conclusive though, because it normally only crashes every 2-5 days, but I think it may be a good place for a knowledgeable person to start. However, I used the computer for many months without any crashes with this external monitor, and it has only been crashing in the last month.

    I am also running a Logitech external trackball mouse and have a somewhat new Brother printer and it's associated drivers. I have Nod32 ESET antivirus, updated to the most recent version. I'm also using a program that uses a PostGreSQL database, and am running several applications at a time (not graphics intensive but I believe it does use up a fair amount of resources). For the most part, the crash has only happened after a couple hours of use. I have had all of these things installed and running on both computers when they crashed.

    According to BlueScreenView, on both computers the error is caused by driver win32k.sys, caused by address win32k.sys+7d010. The crash address is ntoskrnl.exe+7efc0.

    My plan is to keep using the computer(s) without the external monitor, and see if they ever crash. If the monitor is the cause, I would hope for some solution that would allow me to use the monitor (I'd be willing to buy a new adapter if it might make a difference).

    I have uploaded the .dmp file. Thanks for the help!
     

    Attached Files:

  2. GeneralHiningII

    GeneralHiningII Honorable Member

    Joined:
    Sep 21, 2012
    Messages:
    745
    Likes Received:
    7
    Hello!
    Please follow the instructions to http://windows7forums.com/blue-screen-death-bsod/38837-how-ask-help-bsod-problem.html, not just giving us a dmp file.
    Code:
    ********************************************************************************                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    
    SYSTEM_SERVICE_EXCEPTION (3b)
    An exception happened while executing a system service routine.
    Arguments:
    Arg1: 00000000c0000005, Exception code that caused the bugcheck
    Arg2: fffff960000dd010, Address of the instruction which caused the bugcheck
    Arg3: fffff880072a8b40, Address of the context record for the exception that caused the bugcheck
    Arg4: 0000000000000000, zero.
    
    
    Debugging Details:
    ------------------
    
    
    
    
    EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
    
    
    FAULTING_IP: 
    [COLOR=#ff0000]win32k!xxxProcessEventMessage+1c0[/COLOR]
    fffff960`000dd010 017308          add     dword ptr [rbx+8],esi
    
    
    CONTEXT:  fffff880072a8b40 -- (.cxr 0xfffff880072a8b40)
    rax=fffff880072a9570 rbx=0000000000000000 rcx=fffff880072a94c8
    rdx=fffff900c08ef1a0 rsi=0000000000000001 rdi=0000000000000000
    rip=fffff960000dd010 rsp=fffff880072a9520 rbp=fffff880072a96c0
     r8=0000000000000000  r9=0000000000000000 r10=0000000000000000
    r11=fffff880072a9440 r12=fffff900c2413970 r13=fffff880072a9a98
    r14=fffff900c2413970 r15=0000000000000001
    iopl=0         nv up ei ng nz na pe nc
    cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00210282
    [COLOR=#ff0000]win32k!xxxProcessEventMessage+0x1c0:[/COLOR]
    fffff960`000dd010 017308          add     dword ptr [rbx+8],esi ds:002b:00000000`00000008=????????
    Resetting default scope
    
    
    CUSTOMER_CRASH_COUNT:  1
    
    
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    
    
    BUGCHECK_STR:  0x3B
    
    
    PROCESS_NAME:  PartyGaming.ex
    
    
    CURRENT_IRQL:  0
    
    
    LAST_CONTROL_TRANSFER:  from 0000000000000000 to fffff960000dd010
    
    
    STACK_TEXT:  
    fffff880`072a9520 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 :[COLOR=#ff0000] win32k!xxxProcessEventMessage+0x1c0[/COLOR]
    
    
    
    
    FOLLOWUP_IP: 
    win32k!xxxProcessEventMessage+1c0
    fffff960`000dd010 017308          add     dword ptr [rbx+8],esi
    
    
    SYMBOL_STACK_INDEX:  0
    
    
    SYMBOL_NAME:  win32k!xxxProcessEventMessage+1c0
    
    
    FOLLOWUP_NAME:  MachineOwner
    
    
    MODULE_NAME: win32k
    
    
    IMAGE_NAME:  win32k.sys
    
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  5006fd0d
    
    
    STACK_COMMAND:  .cxr 0xfffff880072a8b40 ; kb
    
    
    FAILURE_BUCKET_ID:  [COLOR=#ff0000]X64_0x3B_win32k!xxxProcessEventMessage+1c0[/COLOR]
    
    
    BUCKET_ID:  X64_0x3B_win32k!xxxProcessEventMessage+1c0
    
    
    Followup: MachineOwner
    ---------
    Found 3 drivers that are most likely out of date
    Code:
    [COLOR=#ff0000]IRFilter.sys[/COLOR]                 Thu Jul  3 05:53:12 2008 (486BDCA8)
    [COLOR=#ff0000]GEARAspiWDM.sys[/COLOR]              Mon May 18 22:17:04 2009 (4A1151C0)
    [COLOR=#ff0000]intelppm.sys [/COLOR]                Tue Jul 14 09:19:25 2009 (4A5BC0FD)
    
    Update them here:
    http://www.carrona.org/drivers/driver.php?id=GEARAspiWDM.sys
    http://www.carrona.org/drivers/driver.php?id=intelppm.sys
    IRFilter is a driver from apple, so try updating your iTunes/Quicktime/Apple-related software.
     
  3. Ken Ettinger

    Ken Ettinger New Member

    Joined:
    Oct 20, 2012
    Messages:
    20
    Likes Received:
    0
    Thank you for the response. I have updated my iTunes, which should take care of both the IRFilter and the GEARAspiWDM.sys; in any case, it crashed on my other computer when it had the newest iTunes installation. I could not figure out how to update intelppm.sys after following the link and searching online.

    I am uploading the W7F diagnostic results, zipped.

    Do you have any best educated guesses of what the problem could be, so that I could test it using trial and error? It is somewhat difficult to test because it only crashes every couple days, but if you have an idea of what is most likely the problem (30" monitor running 2560x1600 connected through display port/USB; printer driver; ESET antivirus; some sort of software or database problem) it might help.

    Thank you very much!
     

    Attached Files:

  4. GeneralHiningII

    GeneralHiningII Honorable Member

    Joined:
    Sep 21, 2012
    Messages:
    745
    Likes Received:
    7
    I'll get back to you as soon as I can, currently I'm on my netbook without the debugging software - however, looking at my first post, regarding win32k.sys - I'm not sure how to solve it but give me some time and I'll try find something.
     
  5. Ken Ettinger

    Ken Ettinger New Member

    Joined:
    Oct 20, 2012
    Messages:
    20
    Likes Received:
    0
    Great, thank you. Going to sleep now but will check in the morning, I appreciate it.
     
  6. GeneralHiningII

    GeneralHiningII Honorable Member

    Joined:
    Sep 21, 2012
    Messages:
    745
    Likes Received:
    7
    Possible problems:
    Memory problems
    Corrupted Hard Disk/HDD file
    Corrupted system files
    Drivers (assuming you've updated the outdated ones)

    RAM problems:
    Google memtest86+, download and install it, run it for a few passes and post back with the results.

    (NOTE: If you have any overclocked parts [graphics card, cpu, RAM etc.] revert it back to the factory standard {if the device came pre-OC'ed then nevermind)

    HDD problems:
    My Computer >Right-click "C:\" (and all other drives, if you use multiple storage devices)
    Select Properties > Tools > Check Now.
    Two things can happen. Either:
    -Your prompted to schedule a disk check
    -A box will pop up with a few options and buttons.
    Most likely you'll get the reschedule option - click the "schedule disk check" option and restart your computer.
    Once your computer restarts, it'll run the scan - DON'T INTERRUPT IT, OTHERWISE YOU COULD LOSE ALL YOUR DATA.
    When it's finished, post back with the results.

    HDD problems #2:
    Open Run (Windows Logo + R, or searching it up through the start menu)
    and type in "cmd.exe" (without quotations). Create a shortcut through it to desktop.
    Right-click the shortcut, and select "Run as Adminsistrator".
    Once the black cmd box pops up, type in the line : sfc /scannow. Once the scan has finished, record the results (for best results, repeat ~3 times) and post them back here.

    Corrupt system files:
    Reinstall windows 7 -

    if you built the computer yourself, create a restore point (and to be on the safe side copy all your valuable data [data you don't mind being lost forever] on to an external Hard Disk). Then, restart your computer, and BEFORE the Windows Logo shows, access your BIOS (usually through F2). In your BIOS Main Screen, find a small tab called "Boot Order", or "Boot Configuration" or something like that. You should now see the boot order of your storage devices (usually Hard disk first, then DVD Drive). Change the order so the computer boots up the DVD Driver First. Now save and exit the BIOS.
    Insert the Windows 7 Disk into your disk drive, and reboot the computer. The Windows 7 Installer should show, so follow the steps to reinstall Windows 7. Once it's done, restore your computer (or transfer your files back) and see if it works.

    if you bought it from DELL/HP/a computer manufacturer, contact their customer support and ask for answers (I say this because some manufacturers may have done a faulty install when building your computer in the factory or screwed up the software installation).

    ^^^ That's what I can find so far on win32k.sys, I'll look up more solutions soon :)
     
  7. GeneralHiningII

    GeneralHiningII Honorable Member

    Joined:
    Sep 21, 2012
    Messages:
    745
    Likes Received:
    7
    win32k.sys is a file used by Windows, so it's a system-software related problem.
     
  8. Ken Ettinger

    Ken Ettinger New Member

    Joined:
    Oct 20, 2012
    Messages:
    20
    Likes Received:
    0
    Great, I will try those tests tomorrow. My concern is that, since the same crash happened on two computers with different RAM,graphics cards, etc., hard drives, it doesn't make sense to be a RAM or hdd issue. I did copy some files, and this SQL database, over, so if it is definitely not the monitor (is that clear?) could it be a corrupt file in the database? (the database is used by a poker software called Holdem Manager). Thanks!
     
  9. GeneralHiningII

    GeneralHiningII Honorable Member

    Joined:
    Sep 21, 2012
    Messages:
    745
    Likes Received:
    7
    If it happened on two different computers, could you follow the BSOD posting instructions and make two .zip files for each computer? It's possible they could be the same problem, but there's always a chance that they could be different.

    It is possible a monitor driver could be the problem, but I doubt it because it didn't show up on the driver list.

    From what I can see on google about Holdem Manager, there's nothing wrong with that, but I'd suggest removing it (fully uninstalling it) or updating it to the latest version.

    Other than that, try the tests that I provided and we'll see what happens! :)
     
  10. usasma

    usasma Fantastic Member
    Microsoft Community Contributor

    Joined:
    Mar 22, 2010
    Messages:
    3,048
    Likes Received:
    83
    Just my 2¢ here:

    I've seen several problems with EasyTether recently. You may try uninstalling it to see if that helps

    Back in September you had an error related to your ATI video drivers (STOP 0x7E)

    IRfilter.sys is the IR Receiver Driver for Boot Camp
    Please check the Apple update program in Boot Camp to ensure all your Apple software is updated
    The MAC guy at work said it's taken him up to 5 visits to ensure that the system is fully updated.

    Don't worry about the GearASPIWdm.sys driver for now - there is a more current version floating around in the "wild", but we haven't been able to determine where it comes from (as we don't think that Apple is the only one using that driver).

    The intelppm driver dated 2009 is normal for Win7 systems, don't worry about it either. Windows Update will list an updated version as it becomes available (just FYI - there are actually some drivers in the system that date from 2006 - but they're well-known and trouble-free, so we don't list them in the output). Just to be safe, visit Windows Update and get all available updates (to include the optional one's that apply to your system).

    It's advisable to keep both your video drivers and your antivirus updated to the latest available version. While the video drivers date from July 2012, the ESET NOD32 drivers date from 2011. Please update to the latest version of the program.

    Since there isn't much evidence of a particular problem here, please run the Apple hardware diagnostics.
    In most cases you can launch it by pressing (and holding) "D" before the gray screen shows up when booting. It can take a minute or two to load, so please be patient.

    It's possible to be hardware even if it happens on 2 computers (but it's less likely than software). As a possible scenario, please consider a power surge of some sort that damaged the RAM or the HDD (on both systems) - this can account for any of the symptoms that you've described.
     
    1 person likes this.
  11. GeneralHiningII

    GeneralHiningII Honorable Member

    Joined:
    Sep 21, 2012
    Messages:
    745
    Likes Received:
    7
    Thanks for pointing that out John, more knowledge for me :)
     
  12. Ken Ettinger

    Ken Ettinger New Member

    Joined:
    Oct 20, 2012
    Messages:
    20
    Likes Received:
    0
    Thanks for the input. I will uninstall EasyTether, although I didn't have that installed on my 2nd computer, and update ESET.

    I'm uploading (hopefully correctly) the files asked for according to BSOD posting - the W7F diagnostic, the CPU-Z results, and the html file from RAMMon. Will run the Apple hardware diagnostics as well and report back, and the HDD test, and the memtest86 if I can figure out how to do it (don't have any CDs here to burn to). I will also upload these same diagnostics for the other computer, which in fact just had BSOD, though a different one... will get to that in a few minutes.

    As an aside, I left my computer running all night, with the external monitor, and had no crash. So most likely it only happens when I am running certain programs or using up a lot of resources (?).
     

    Attached Files:

  13. GeneralHiningII

    GeneralHiningII Honorable Member

    Joined:
    Sep 21, 2012
    Messages:
    745
    Likes Received:
    7
    If you truly left it on idle (no antivirus, nothing except for core services) and there were no BSoDs, then you can probably take away the system's fault in the list of possible causes
    will
    Will check back tomorfow afternoon, going to sleep :)
    hopefully you can get the tests i listed done by then, if you could I'd appreciate it if you could screenshot them and add them to the uploaded files (upload the .zip and stuff as well as screenshots, if you can)
     
    #13 GeneralHiningII, Oct 21, 2012
    Last edited: Oct 21, 2012
  14. Ken Ettinger

    Ken Ettinger New Member

    Joined:
    Oct 20, 2012
    Messages:
    20
    Likes Received:
    0
    I left all the normally running background programs (such as antivirus) on, so it was not completely idle.

    Here is the w7f diagnostic file for my 2nd computer, however when I tried to run CPU-Z it locked up the trackpad mouse and I couldn't do anything with it. RAMMon also had an error when running. It also just had a BSOD 20 minutes ago, which hopefully should be covered in the diagnostic file, this is the first BSOD I've had while not running many programs and also not running the external monitor (and it was a different error message).

    To be honest, figuring out the problem on the 2nd computer isn't a priority, I bought the computer in the hopes that it would fix the BSOD that I was having on my 1st computer, but since it didn't I will be returning it most likely. I hope that comparing the two might give a better idea of what the problem is, though.
     

    Attached Files:

  15. usasma

    usasma Fantastic Member
    Microsoft Community Contributor

    Joined:
    Mar 22, 2010
    Messages:
    3,048
    Likes Received:
    83
    Computer 1:

    No real problems noted in the reports - the most significant thing is some risky programs that might expose you to malware.
    Try running a couple of the free scans here to see if you're infected: Free Online AntiMalware Resources

    Previously I suggested running Apple Update to get newer drivers - especially the IRFilter.sys driver.

    The Apple Hardware Diagnostics are also important to run. If there aren't any issues with 3rd party software, then the next most common problem is with hardware.


    Analysis:
    The following is for informational purposes only.
    Code:
    [FONT=lucida console]**************************Mon Oct  8 14:10:43.324 2012 (UTC - 4:00)**************************
    Loading Dump File [C:\Users\John\_jcgriff2_\dbug\__Kernel__\100812-22042-01.dmp]
    Windows 7 Kernel Version [B]7601 [/B](Service Pack 1) MP (8 procs) Free x64
    Built by: [B]7601[/B].17835.amd64fre.win7sp1_gdr.120503-2030
    System Uptime:[B]0 days 3:43:24.215[/B]
    BugCheck Code: [B]BugCheck 3B, {c0000005, fffff960000dd010, fffff880072a8b40, 0}[/B]
    Probably caused by :[B]win32k.sys ( win32k!xxxProcessEventMessage+1c0 )[/B]
    BugCheck Info: [B]SYSTEM_SERVICE_EXCEPTION (3b)[/B]
    DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
    BUGCHECK_STR:  0x3B
    PROCESS_NAME: [B]PartyGaming.ex[/B]
    FAILURE_BUCKET_ID: [B]X64_0x3B_win32k!xxxProcessEventMessage+1c0[/B]
    CPUID:        "Intel(R) Core(TM) i7-2720QM CPU @ 2.20GHz"
    MaxSpeed:     2200
    CurrentSpeed: [B]2195[/B]
      BIOS Version                     MBP81.88Z.0047.B0E.1104221557
      BIOS Release Date             04/22/11
      Manufacturer                  Apple Inc.
      Product Name                  MacBookPro8,3
    ¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
    [/FONT]
    3rd Party Drivers:
    The following is for information purposes only.
    Any drivers in red should be updated or removed from your system. And should have been discussed in the body of my post.
    Code:
    [FONT=lucida console]**************************Mon Oct  8 14:10:43.324 2012 (UTC - 4:00)**************************
    [COLOR=RED][B]IRFilter.sys                 Wed Jul  2 15:53:12 2008 (486BDCA8)[/B][/COLOR]
    GEARAspiWDM.sys              Mon May 18 08:17:04 2009 (4A1151C0)
    intelppm.sys                 Mon Jul 13 19:19:25 2009 (4A5BC0FD)
    MacHALDriver.sys             Sun Feb 21 20:51:34 2010 (4B81E326)
    amdxata.sys                  Fri Mar 19 12:18:18 2010 (4BA3A3CA)
    HECIx64.sys                  Tue Sep 21 12:59:04 2010 (4C98E458)
    trackpad_plus_plus_x64.sys   Sun Oct 10 10:14:14 2010 (4CB1CA36)
    CS420x64.sys                 Thu Nov 11 19:04:13 2010 (4CDC847D)
    b57nd60a.sys                 Thu Dec  2 02:12:04 2010 (4CF746C4)
    applemtm.sys                 Wed Dec 22 22:01:31 2010 (4D12BB8B)
    applemtp.sys                 Wed Dec 22 22:01:32 2010 (4D12BB8C)
    tap0901.sys                  Thu Mar 24 17:20:03 2011 (4D8BB583)
    KeyAgent.sys                 Sun Apr  3 19:25:04 2011 (4D9901D0)
    bcmwl664.sys                 Wed Apr  6 15:44:48 2011 (4D9CC2B0)
    LEqdUsb.Sys                  Sat Apr 30 07:51:26 2011 (4DBBF7BE)
    LHidEqd.Sys                  Sat Apr 30 07:51:29 2011 (4DBBF7C1)
    LHidFilt.Sys                 Sat Apr 30 07:51:39 2011 (4DBBF7CB)
    LMouFilt.Sys                 Sat Apr 30 07:51:45 2011 (4DBBF7D1)
    AppleBtBc.sys                Thu May  5 20:30:49 2011 (4DC34139)
    KeyMagic.sys                 Tue May 10 21:24:39 2011 (4DC9E557)
    easytthr.sys                 Sun May 22 07:44:02 2011 (4DD8F702)
    epfwwfp.sys                  Tue Jun 28 03:30:08 2011 (4E098300)
    epfw.sys                     Tue Jun 28 03:30:10 2011 (4E098302)
    ehdrv.sys                    Tue Jun 28 03:34:38 2011 (4E09840E)
    EpfwLWF.sys                  Mon Jul 11 12:19:38 2011 (4E1B229A)
    eamonm.sys                   Tue Aug  2 05:33:29 2011 (4E37C469)
    AppleMNT.sys                 Wed Aug 10 21:20:04 2011 (4E432E44)
    AppleHFS.sys                 Wed Aug 10 21:20:06 2011 (4E432E46)
    dlkmdldr.sys                 Wed Nov 23 12:57:37 2011 (4ECD3411)
    dlkmd.sys                    Wed Nov 23 13:00:30 2011 (4ECD34BE)
    AtihdW76.sys                 Fri May 11 04:25:40 2012 (4FACCD04)
    atikmpag.sys                 Fri Jul 27 21:14:47 2012 (50133D07)
    atikmdag.sys                 Fri Jul 27 21:48:09 2012 (501344D9)
    [/FONT]
    IRFilter.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
    http://www.carrona.org/drivers/driver.php?id=GEARAspiWDM.sys
    http://www.carrona.org/drivers/driver.php?id=intelppm.sys
    http://www.carrona.org/drivers/driver.php?id=MacHALDriver.sys
    http://www.carrona.org/drivers/driver.php?id=amdxata.sys
    http://www.carrona.org/drivers/driver.php?id=HECIx64.sys
    trackpad_plus_plus_x64.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
    CS420x64.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
    http://www.carrona.org/drivers/driver.php?id=b57nd60a.sys
    applemtm.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
    applemtp.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
    http://www.carrona.org/drivers/driver.php?id=tap0901.sys
    http://www.carrona.org/drivers/driver.php?id=KeyAgent.sys
    http://www.carrona.org/drivers/driver.php?id=bcmwl664.sys
    http://www.carrona.org/drivers/driver.php?id=LEqdUsb.Sys
    http://www.carrona.org/drivers/driver.php?id=LHidEqd.Sys
    http://www.carrona.org/drivers/driver.php?id=LHidFilt.Sys
    http://www.carrona.org/drivers/driver.php?id=LMouFilt.Sys
    AppleBtBc.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
    http://www.carrona.org/drivers/driver.php?id=KeyMagic.sys
    http://www.carrona.org/drivers/driver.php?id=easytthr.sys
    http://www.carrona.org/drivers/driver.php?id=epfwwfp.sys
    http://www.carrona.org/drivers/driver.php?id=epfw.sys
    http://www.carrona.org/drivers/driver.php?id=ehdrv.sys
    http://www.carrona.org/drivers/driver.php?id=EpfwLWF.sys
    http://www.carrona.org/drivers/driver.php?id=eamonm.sys
    http://www.carrona.org/drivers/driver.php?id=AppleMNT.sys
    http://www.carrona.org/drivers/driver.php?id=AppleHFS.sys
    http://www.carrona.org/drivers/driver.php?id=dlkmdldr.sys
    http://www.carrona.org/drivers/driver.php?id=dlkmd.sys
    http://www.carrona.org/drivers/driver.php?id=AtihdW76.sys
    http://www.carrona.org/drivers/driver.php?id=atikmpag.sys
    http://www.carrona.org/drivers/driver.php?id=atikmdag.sys
     
  16. Ken Ettinger

    Ken Ettinger New Member

    Joined:
    Oct 20, 2012
    Messages:
    20
    Likes Received:
    0
    Let me update with the steps I have taken:

    Ran Check disk - results attached as a .docx

    Ran Slimdriver to update several out of date drivers

    Ran sfc/scannow: results:

    1st run:
    Windows Resource Protection found corrupt files and successfully repaired them. Details are included in the CBS.Log windir\Logs\CBS\CBS.log.

    I've uploaded a redacted version of the CBS.log according to this search, findstr /c:"[SR]" %windir%\logs\cbs\cbs.log if relevant.

    2nd run: Windows Resource Protection did not find any integrity violations.

    3rd run: No integrity violations

    Note - I ran scannow on 2nd computer, and had no integrity violations (ran it 2 times, it's running again now, will update if it does find an error) - this implies to me that if the problem is the same on both computers, that this wouldn't fix it, however if there is a chance that fixing these corrupt files will have fixed the bsod, that would be great.

    I couldn't get Memtest86+ to work, because Macbook Pro does not have a BIOS so I couldn't figure out how to boot from USB. So, I used Windows Memory Diagnostics Tool. It found no errors (only ran it once)

    I also ran the Apple Hardware Diagnostic, no trouble found.

    I didn't do anything specifically to update the IRfilter.sys but I did update itunes/apple/quicktime.

    So, could fixing a few corrupt files have fixed the problem?

    Appreciate all the help!
     

    Attached Files:

  17. GeneralHiningII

    GeneralHiningII Honorable Member

    Joined:
    Sep 21, 2012
    Messages:
    745
    Likes Received:
    7
    Doesn't look like a fault from a 3rd Party Driver (look at the highlited-red text, WIN7) but rather a core driver in the Windows OS is corrupted.
    Could you try reinstalling your OS? (remembering to copy all important files)
     
  18. usasma

    usasma Fantastic Member
    Microsoft Community Contributor

    Joined:
    Mar 22, 2010
    Messages:
    3,048
    Likes Received:
    83
    Computer 1:
    The chkdsk log file shows some corruption was fixed - but as it was in free space I'd wonder if that was just coincidence.
    The CBS log doesn't show any problems, so I can't speculate on what was fixed.

    That, along with the Apple updates may have fixed it. I'm not familiar with this, but there is supposed to be an Apple Software Update utility - either in the Windows programs or in the Boot Camp Control Panel. If you got the Window that shows udpates for Safari, QuickTime, and iTunes - then that's probably the one.

    Those things could have fixed your problems. Give it a couple of days to see if that's the case.

    Computer 2:
    No systeminfo.txt file in the upload

    We've seen a number of BSOD issues with SSD's. Here's the information that I've compiled so far:
    Both systems have programs listed that are at higher risk of having infections. As such we have to wonder if there's an infection that's slipped by your ESET protection. Please try a couple of these free scans to see if you can detect anything malicious: Free Online AntiMalware Resources

    The processor on the Lenovo appears overclocked. Please remove the overclock and leave the system at stock (non-overclocked) values while we're troubleshooting. Feel free to resume the overclock once the system is stabilized (no more BSOD's).

    Please update these older drivers. Links are included to assist in looking up the source of the drivers. If unable to find an update, please remove (un-install) the program responsible for that driver. DO NOT manually delete/rename the driver as it may make the system unbootable! :

    RimSerial_AMD64.sys Mon Nov 24 12:01:01 2008 (492ADDCD)
    Virtual Serial Port driver for Blackberry
    http://www.carrona.org/drivers/driver.php?id=RimSerial_AMD64.sys



    Analysis:
    The following is for informational purposes only.
    Code:
    [font=lucida console]**************************Fri Oct 19 17:23:13.222 2012 (UTC - 4:00)**************************
    Loading Dump File [C:\Users\John\_jcgriff2_\dbug\__Kernel__\101912-8034-01.dmp]
    Windows 7 Kernel Version [B]7601 [/B](Service Pack 1) MP (4 procs) Free x64
    Built by: [B]7601[/B].17944.amd64fre.win7sp1_gdr.120830-0333
    System Uptime:[B]0 days 4:38:29.549[/B]
    BugCheck Code: [B]BugCheck 3B, {c0000005, fffff9600010d010, fffff8800e011b40, 0}[/B]
    Probably caused by :[B]win32k.sys ( win32k!xxxProcessEventMessage+1c0 )[/B]
    BugCheck Info: [B]SYSTEM_SERVICE_EXCEPTION (3b)[/B]
    DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
    BUGCHECK_STR:  0x3B
    PROCESS_NAME: [B]PartyGaming.ex[/B]
    FAILURE_BUCKET_ID: [B]X64_0x3B_win32k!xxxProcessEventMessage+1c0[/B]
    CPUID:        "Intel(R) Core(TM) i7-3667U CPU @ 2.00GHz"
    MaxSpeed:     2000
    CurrentSpeed: [B]2494[/B]
     
    Processor may be overclocked!
    Expected Frequency:   2000
    Actual Frequency:     2494
    Overclock Ratio:      [color=red]1.247[/color]
     
      BIOS Version                  G6ET23WW (1.02 )
      BIOS Release Date             08/14/2012
      Manufacturer                  LENOVO
      Product Name                  344425U
    ¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
    [/font]
    3rd Party Drivers:
    The following is for information purposes only.
    Any drivers in red should be updated or removed from your system. And should have been discussed in the body of my post.
    Code:
    [font=lucida console]**************************Fri Oct 19 17:23:13.222 2012 (UTC - 4:00)**************************
    [COLOR=RED][B]RimSerial_AMD64.sys         Mon Nov 24 12:01:01 2008 (492ADDCD)[/B][/COLOR]
    intelppm.sys                Mon Jul 13 19:19:25 2009 (4A5BC0FD)
    amdxata.sys                 Fri Mar 19 12:18:18 2010 (4BA3A3CA)
    swg3kser00.sys              Fri May 13 16:54:12 2011 (4DCD9A74)
    swiwdmbx64.sys              Mon May 16 14:44:24 2011 (4DD17088)
    risdxc64.sys                Wed May 25 04:23:28 2011 (4DDCBC80)
    swnc8ua3.sys                Sat May 28 14:45:43 2011 (4DE142D7)
    Tvti2c.sys                  Sun May 29 21:36:58 2011 (4DE2F4BA)
    smihlp.sys                  Mon May 30 12:21:37 2011 (4DE3C411)
    ISCTD64.sys                 Tue Aug 23 13:32:39 2011 (4E53E437)
    btwl2cap.sys                Sat Aug 27 18:58:52 2011 (4E5976AC)
    DzHDD64.sys                 Mon Oct 24 06:10:13 2011 (4EA53985)
    HECIx64.sys                 Wed Nov  9 19:52:25 2011 (4EBB2049)
    tap0901.sys                 Thu Nov 24 13:50:27 2011 (4ECE91F3)
    Tppwr64v.sys                Mon Nov 28 23:08:06 2011 (4ED45AA6)
    tvtvcamd.sys                Tue Nov 29 22:48:06 2011 (4ED5A776)
    IntcDAud.sys                Tue Dec  6 06:23:07 2011 (4EDDFB1B)
    WFPFilter.sys               Wed Dec 14 08:03:00 2011 (4EE89E84)
    psadd.sys                   Mon Dec 26 20:09:28 2011 (4EF91AC8)
    Netwsw00.sys                Mon Feb 20 13:26:23 2012 (4F42904F)
    iusb3hub.sys                Mon Feb 27 05:56:50 2012 (4F4B6172)
    iusb3xhc.sys                Mon Feb 27 05:56:53 2012 (4F4B6175)
    iusb3hcs.sys                Mon Feb 27 05:58:49 2012 (4F4B61E9)
    ibmpmdrv.sys                Wed Feb 29 01:01:34 2012 (4F4DBF3E)
    btwavdt.sys                 Thu Mar  1 16:45:18 2012 (4F4FEDEE)
    btwrchid.sys                Thu Mar  1 16:46:08 2012 (4F4FEE20)
    epfwwfp.sys                 Wed Mar  7 09:28:51 2012 (4F5770A3)
    EpfwLWF.sys                 Wed Mar  7 09:28:51 2012 (4F5770A3)
    epfw.sys                    Wed Mar  7 09:28:53 2012 (4F5770A5)
    eamonm.sys                  Wed Mar  7 09:32:36 2012 (4F577184)
    ehdrv.sys                   Wed Mar  7 09:33:42 2012 (4F5771C6)
    igdkmd64.sys                Mon Mar 19 19:31:54 2012 (4F67C1EA)
    PHCORE64.SYS                Mon Mar 26 02:40:22 2012 (4F700F56)
    bcbtums.sys                 Tue Mar 27 17:06:49 2012 (4F722BE9)
    btwaudio.sys                Wed Mar 28 18:34:32 2012 (4F7391F8)
    btwampfl.sys                Thu Mar 29 14:51:21 2012 (4F74AF29)
    iwdbus.sys                  Sat Apr 14 17:16:13 2012 (4F89E91D)
    SPUVCbv_x64.sys             Mon May 21 22:12:10 2012 (4FBAF5FA)
    RTKVHD64.sys                Tue May 29 06:42:48 2012 (4FC4A828)
    iaStor.sys                  Wed May 30 16:40:40 2012 (4FC685C8)
    SynTP.sys                   Thu Jul  5 23:36:02 2012 (4FF65D22)
    Smb_driver_Intel.sys        Thu Jul  5 23:37:34 2012 (4FF65D7E)
    [/font]
    http://www.carrona.org/drivers/driver.php?id=RimSerial_AMD64.sys
    http://www.carrona.org/drivers/driver.php?id=intelppm.sys
    http://www.carrona.org/drivers/driver.php?id=amdxata.sys
    swg3kser00.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
    swiwdmbx64.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
    http://www.carrona.org/drivers/driver.php?id=risdxc64.sys
    http://www.carrona.org/drivers/driver.php?id=swnc8ua3.sys
    http://www.carrona.org/drivers/driver.php?id=Tvti2c.sys
    http://www.carrona.org/drivers/driver.php?id=smihlp.sys
    http://www.carrona.org/drivers/driver.php?id=ISCTD64.sys
    http://www.carrona.org/drivers/driver.php?id=btwl2cap.sys
    http://www.carrona.org/drivers/driver.php?id=DzHDD64.sys
    http://www.carrona.org/drivers/driver.php?id=HECIx64.sys
    http://www.carrona.org/drivers/driver.php?id=tap0901.sys
    http://www.carrona.org/drivers/driver.php?id=Tppwr64v.sys
    tvtvcamd.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
    http://www.carrona.org/drivers/driver.php?id=IntcDAud.sys
    WFPFilter.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
    http://www.carrona.org/drivers/driver.php?id=psadd.sys
    http://www.carrona.org/drivers/driver.php?id=Netwsw00.sys
    http://www.carrona.org/drivers/driver.php?id=iusb3hub.sys
    http://www.carrona.org/drivers/driver.php?id=iusb3xhc.sys
    http://www.carrona.org/drivers/driver.php?id=iusb3hcs.sys
    http://www.carrona.org/drivers/driver.php?id=ibmpmdrv.sys
    http://www.carrona.org/drivers/driver.php?id=btwavdt.sys
    http://www.carrona.org/drivers/driver.php?id=btwrchid.sys
    http://www.carrona.org/drivers/driver.php?id=epfwwfp.sys
    http://www.carrona.org/drivers/driver.php?id=EpfwLWF.sys
    http://www.carrona.org/drivers/driver.php?id=epfw.sys
    http://www.carrona.org/drivers/driver.php?id=eamonm.sys
    http://www.carrona.org/drivers/driver.php?id=ehdrv.sys
    http://www.carrona.org/drivers/driver.php?id=igdkmd64.sys
    http://www.carrona.org/drivers/driver.php?id=PHCORE64.SYS
    http://www.carrona.org/drivers/driver.php?id=bcbtums.sys
    http://www.carrona.org/drivers/driver.php?id=btwaudio.sys
    http://www.carrona.org/drivers/driver.php?id=btwampfl.sys
    http://www.carrona.org/drivers/driver.php?id=iwdbus.sys
    http://www.carrona.org/drivers/driver.php?id=SPUVCbv_x64.sys
    http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
    http://www.carrona.org/drivers/driver.php?id=iaStor.sys
    http://www.carrona.org/drivers/driver.php?id=SynTP.sys
    http://www.carrona.org/drivers/driver.php?id=Smb_driver_Intel.sys

    **********************************************
    If the steps above haven't fixed the BSOD's on either of the systems, please run Driver Verifier (on the system that's BSOD'ing) using these instructions: Driver Verifier Settings
     
  19. Ken Ettinger

    Ken Ettinger New Member

    Joined:
    Oct 20, 2012
    Messages:
    20
    Likes Received:
    0
    Got another crash today, diagnostic attached.

    I ran my computer all night and tried to give it a bit of a challenge by playing several videos and having many applications open at once. It did not crash over the ~12 hours.

    The only difference between what programs it was running overnight and what it was running when it just crashed now is that it was writing to / editing / accessing this PostgreSQL database (used for playing online poker). I had the database program running as well overnight, but it was not actively adding to the database. Could the database have some sort of corruption in it? I am going to try a new install of the database program, and a new database, and see if it crashes. Any other suggestions welcome (though I'm going to put off reinstalling Windows if I can), and thanks for all the help so far.
     

    Attached Files:

  20. GeneralHiningII

    GeneralHiningII Honorable Member

    Joined:
    Sep 21, 2012
    Messages:
    745
    Likes Received:
    7
    Try uninstalling the database if the reinstall still doesn't change the results.

    However - looking at the analysis:
    Code:
    
    Analysis:
    Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333
    Debug session time: Tue Oct 23 06:39:58.371 2012 (UTC + 11:00)
    System Uptime: 0 days 3:04:15.261
    BugCheck 3B, {c0000005, fffff9600008d010, fffff8800bc24b40, 0}
    Probably caused by : win32k.sys ([COLOR=#ff0000] win32k!xxxProcessEventMessage+1c0[/COLOR] )
    BUGCHECK_STR:  0x3B
    PROCESS_NAME:  [COLOR=#ff0000]PartyGaming.exe[/COLOR]
    ¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
    Built by: 7601.17835.amd64fre.win7sp1_gdr.120503-2030
    Debug session time: Tue Oct  9 05:10:43.324 2012 (UTC + 11:00)
    System Uptime: 0 days 3:43:24.215
    BugCheck 3B, {c0000005, fffff960000dd010, fffff880072a8b40, 0}
    Probably caused by : win32k.sys ( [COLOR=#ff0000]win32k!xxxProcessEventMessage+1c0[/COLOR] )
    BUGCHECK_STR:  0x3B
    PROCESS_NAME:  [COLOR=#ff0000]PartyGaming.exe[/COLOR]
    ¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
    
    My guess is that PartyGaming.exe is causing these crashes. Looking through google search results, it seems that other people have reported this application using up heaps of memory, and sometimes crashing their system.
    And here's the thing: PartyGaming.exe is used in online poker.

    So...
    Proposed solution: Uninstall all online poker applications and databases. Reboot your computer and run a few games and videos and stuff.

    For your previous post:



    I'm glad to hear that it didn't crash over the 12 hours, but you said you changed the type of programs running - it's better if you just have a list of all the programs you want to run, and repeat them over and over to see if the solution worked. Otherwise the solution may or may not have worked, and now you crashed and it could be a multitude of reasons. (just for future reference).
     

Share This Page

Loading...