Windows 10 Frequent BSOD Errors on Intel NUC 6i7KYK: Seeking Help with Troubleshooting

[timwtucker]

Hey,

I'm getting very constant Blue Screen of Deaths (in fact I've had 2 since trying to write this, incredibly fustrating).

I recently bought a secondhand Intel NUC 6i7KYK, put 16gb HyperX RAM and 512gb Hynix SSD. The OS is windows 10.

I get very frequent BSOD, the most recent with the STOP codeSYSTEM_THREAD_EXCEPTION_NOT_HANDLED caused by igdkmd64.sys although it seems to be a different STOP code each time.

I have updated the device with the all the recommended drivers from the Intel website, performed the windows memory diagnostic test and CPU performance tests which both don't point to any errors, and a 3rd party software seems to think my HardDrive is in perfect working order. So I'm struggling to pin point the problem.

I will upload a couple of the latest dump files, but I'm struggling to analyse them. It is also perhaps worth noting that my chrome browser frequently suddenly displays the 'snap, something went wrong' error message even after successfully having displayed the webpage. (also maybe should mention the SSD came with a big heatsinc, but I just ignored that as I wasn't sure what t do with it, it couldn't be that overheating could it?...)

I would be eternally grateful is someone could help me get to the bottom of this problem as it's already been quite a time sinc. Thanks!

 

[Josephur]

Since you purchased this second hand, I would encourage you to do a fresh Windows 10 installation as it's fairly simple to perform. But the crashes seem to be related to DirectX/Video drivers. You can find the latest driver for your NUC here: Link Removed

Also, that NUC is notorious for having issues with thermal throttling, its possible a re-application of thermal paste may help if that is indeed the issue.

Also test your RAM to make sure it's ok, as the onboard Intel Graphics will use your system's ram for video memory.

 

[timwtucker]

Thanks for the quick reply!

I already did a fresh install of Windows 10 when I got it. I will download that driver and report on if it's a success or not, thanks!

Although, a few days ago I did install all the drivers I could find off the website (may have missed this one though), but a day later windows wouldn't even boot up and I had to do a system restore, and have yet to spend the time redownloading and installing all the drivers. I will follow-up if the problem persists.

Thanks again

 

[Josephur]

Windows 10 1809 build was recently (yesterday) re-released, so if you have old Windows 10 setup, you may want to re-create your installation media.

 

[timwtucker]

Hello!

So the computer was seemingly working fine until I got another BSOD. I'm assuming it;s another driver issue, but I don't understand the DUMP file (is there a resource I can follow where it will tell me how to self-diagnose?), there were 2 so I'll upload them both.

I'll try and reinstall all the drivers I can find a little later on, although last time I did that, not much success...

Thanks again for any help!

 

[Josephur]

The easiest way to analyze dump files is to browse the Windows Store for "Windbg Preview" and install it.
Using the program correctly however can take some learning.


The new dump files you provided actually point to your system perhaps having a virus or malware on it.
Did you ever test the memory?

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 139, {3, ffff8d86d041eaf0, ffff8d86d041ea48, 0}

*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by : ntkrnlmp.exe ( nt!KiFastFailDispatch+d0 )

Followup:     MachineOwner
---------

nt!KeBugCheckEx:
fffff803`e3633330 48894c2408      mov     qword ptr [rsp+8],rcx ss:0018:ffff8d86`d041e7d0=0000000000000139
6: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure.  The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
Arg2: ffff8d86d041eaf0, Address of the trap frame for the exception that caused the bugcheck
Arg3: ffff8d86d041ea48, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved

Debugging Details:
------------------


KEY_VALUES_STRING: 1


STACKHASH_ANALYSIS: 1

TIMELINE_ANALYSIS: 1


DUMP_CLASS: 1

DUMP_QUALIFIER: 400

BUILD_VERSION_STRING:  17134.1.amd64fre.rs4_release.180410-1804

SYSTEM_MANUFACTURER:                                   

SYSTEM_PRODUCT_NAME:                                   

SYSTEM_SKU:                                   

SYSTEM_VERSION:                                   

BIOS_VENDOR:  Intel Corp.

BIOS_VERSION:  KYSKLi70.86A.0058.2018.0911.1509

BIOS_DATE:  09/11/2018

BASEBOARD_MANUFACTURER:  Intel Corporation

BASEBOARD_PRODUCT:  NUC6i7KYB

BASEBOARD_VERSION:  H90766-404

DUMP_TYPE:  2

BUGCHECK_P1: 3

BUGCHECK_P2: ffff8d86d041eaf0

BUGCHECK_P3: ffff8d86d041ea48

BUGCHECK_P4: 0

TRAP_FRAME:  ffff8d86d041eaf0 -- (.trap 0xffff8d86d041eaf0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=ffffa40412233010 rbx=0000000000000000 rcx=0000000000000003
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff803e3790e55 rsp=ffff8d86d041ec80 rbp=ffff8d86d041ed09
 r8=0000000000000000  r9=0000000000000001 r10=0000000000000001
r11=0000000000000002 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz na po nc
nt!ExAllocatePoolWithTag+0x1a45:
fffff803`e3790e55 cd29            int     29h
Resetting default scope

EXCEPTION_RECORD:  ffff8d86d041ea48 -- (.exr 0xffff8d86d041ea48)
ExceptionAddress: fffff803e3790e55 (nt!ExAllocatePoolWithTag+0x0000000000001a45)
   ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
  ExceptionFlags: 00000001
NumberParameters: 1
   Parameter[0]: 0000000000000003
Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY

CPU_COUNT: 8

CPU_MHZ: a20

CPU_VENDOR:  GenuineIntel

CPU_FAMILY: 6

CPU_MODEL: 5e

CPU_STEPPING: 3

CPU_MICROCODE: 6,5e,3,0 (F,M,S,R)  SIG: C6'00000000 (cache) C6'00000000 (init)

BLACKBOXBSD: 1 (!blackboxbsd)


BLACKBOXPNP: 1 (!blackboxpnp)


CUSTOMER_CRASH_COUNT:  1

BUGCHECK_STR:  0x139

PROCESS_NAME:  Registry

CURRENT_IRQL:  1

DEFAULT_BUCKET_ID:  FAIL_FAST_CORRUPT_LIST_ENTRY

ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.

EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.

EXCEPTION_CODE_STR:  c0000409

EXCEPTION_PARAMETER1:  0000000000000003

ANALYSIS_SESSION_HOST:  NEMESIS

ANALYSIS_SESSION_TIME:  11-15-2018 03:17:30.0813

ANALYSIS_VERSION: 10.0.18239.1000 amd64fre

LAST_CONTROL_TRANSFER:  from fffff803e3643e69 to fffff803e3633330

STACK_TEXT: 
ffff8d86`d041e7c8 fffff803`e3643e69 : 00000000`00000139 00000000`00000003 ffff8d86`d041eaf0 ffff8d86`d041ea48 : nt!KeBugCheckEx
ffff8d86`d041e7d0 fffff803`e3644210 : 00000000`00000001 00000000`00000000 ffffa404`0f421590 ffff8d86`d041e9c9 : nt!KiBugCheckDispatch+0x69
ffff8d86`d041e910 fffff803`e364281f : 00000000`00020019 ffffb880`e424e080 ffffb880`ea759e50 fffff803`e3522b98 : nt!KiFastFailDispatch+0xd0
ffff8d86`d041eaf0 fffff803`e3790e55 : ffffc980`6351d750 ffffc980`6351d500 ffffa404`0dbb4720 00000000`00000000 : nt!KiRaiseSecurityCheckFailure+0x2df
ffff8d86`d041ec80 fffff803`e3994644 : 00000000`00000004 00000000`00001000 00000000`2079654b ffff8d86`00000000 : nt!ExAllocatePoolWithTag+0x1a45
ffff8d86`d041ed70 fffff803`e39a58c6 : 00000000`00000010 ffffb880`e9c70601 00000000`00000030 ffff8d86`d041ee48 : nt!ObpAllocateObject+0x1a4
ffff8d86`d041edf0 fffff803`e3999351 : ffff8d86`d041f0b0 00000000`00000001 ffff8d86`d041f840 00000000`00000000 : nt!CmpCreateKeyBody+0x126
ffff8d86`d041eea0 fffff803`e3990e1d : 00000000`0000001c ffff8d86`d041f330 ffff8d86`d041f2e8 00000000`00000000 : nt!CmpDoParseKey+0xa31
ffff8d86`d041f270 fffff803`e39973eb : ffffb880`ea647cd0 ffffa404`0f421501 00000000`00000000 00000000`00000001 : nt!CmpParseKey+0x26d
ffff8d86`d041f450 fffff803`e39a8e5f : ffffb880`ea647b10 ffff8d86`d041f6c8 00000165`00000040 ffffb880`e3701b30 : nt!ObpLookupObjectName+0x73b
ffff8d86`d041f630 fffff803`e39a8b08 : 00000000`00000001 ffffb880`e3701b30 00000000`00000000 00000000`00000001 : nt!ObOpenObjectByNameEx+0x1df
ffff8d86`d041f770 fffff803`e39a517a : 0000001e`032fe408 00000000`00000000 ffff4eee`2351d295 00000000`00000000 : nt!CmOpenKey+0x298
ffff8d86`d041f9c0 fffff803`e3643943 : 0000001e`032fe550 00000000`00000000 ffffb880`e424e080 00000165`134427c0 : nt!NtOpenKey+0x12
ffff8d86`d041fa00 00007ffa`351fa0f4 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
0000001e`032fed78 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffa`351fa0f4


THREAD_SHA1_HASH_MOD_FUNC:  bef96c157fdb4b2a1ce59fed61b22e46f9faca3a

THREAD_SHA1_HASH_MOD_FUNC_OFFSET:  3cd3cf6839c9f818dac85acc2ad77561d80ff290

THREAD_SHA1_HASH_MOD:  7f608ac2fbce9034a3386b1d51652e4911d30234

FOLLOWUP_IP:
nt!KiFastFailDispatch+d0
fffff803`e3644210 c644242000      mov     byte ptr [rsp+20h],0

FAULT_INSTR_CODE:  202444c6

SYMBOL_STACK_INDEX:  2

SYMBOL_NAME:  nt!KiFastFailDispatch+d0

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  5b1a4590

IMAGE_VERSION:  10.0.17134.112

STACK_COMMAND:  .thread ; .cxr ; kb

BUCKET_ID_FUNC_OFFSET:  d0

FAILURE_BUCKET_ID:  0x139_3_CORRUPT_LIST_ENTRY_nt!KiFastFailDispatch

BUCKET_ID:  0x139_3_CORRUPT_LIST_ENTRY_nt!KiFastFailDispatch

PRIMARY_PROBLEM_CLASS:  0x139_3_CORRUPT_LIST_ENTRY_nt!KiFastFailDispatch

TARGET_TIME:  2018-11-15T00:56:07.000Z

OSBUILD:  17134

OSSERVICEPACK:  112

SERVICEPACK_NUMBER: 0

OS_REVISION: 0

SUITE_MASK:  272

PRODUCT_TYPE:  1

OSPLATFORM_TYPE:  x64

OSNAME:  Windows 10

OSEDITION:  Windows 10 WinNt TerminalServer SingleUserTS

OS_LOCALE: 

USER_LCID:  0

OSBUILD_TIMESTAMP:  2018-06-08 05:00:00

BUILDDATESTAMP_STR:  180410-1804

BUILDLAB_STR:  rs4_release

BUILDOSVER_STR:  10.0.17134.1.amd64fre.rs4_release.180410-1804

ANALYSIS_SESSION_ELAPSED_TIME:  9e5

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  km:0x139_3_corrupt_list_entry_nt!kifastfaildispatch

FAILURE_ID_HASH:  {3aede96a-54dd-40d6-d4cb-2a161a843851}

Followup:     MachineOwner
---------

 

[timwtucker]

I've ran the windows memory diagnostic tool which says there are no problems, I will run another test like memtest86 over night to see if anything pops up, or do you have any other suggestions?

I did a fresh install of windows 10 on Monday so I'll be surprised if it was a virus, but possible its come from a usb I've used to bring files over I guess

 

[Josephur]

This error is usually a driver issue and display adapter (video) driver is the most suspect though it could be others. Antivirus/antispyware/security programs, hardware (heat) and major software issues can also cause the error. Memory issues are another possibility after drivers.

An overnight memory test is not a bad idea. How confident are you that you are capable of replacing the thermal compound?

 

[timwtucker]

Unconfident... Haha. No I'm sure I can find info somewhere and do it although I don't think it's a heat issue as it crashes under unstrenuous usage.

I think it's likely drivers or hardware. A week ago windows wouldn't boot and I had to system restore. I assume this is because something in the os became corrupted which would point to an hard disk or ram issue?

 

[timwtucker]

I ran a 3 hour ram test on memtest86, but no problems,I'll do a 12/24 hour one over night tonight.

I downloaded all the drivers that I could find and installed all the ones I thought were relevant on to the machine, but I've just had 2 BSOD (I thought I had solved the problem for a while....)

I can read the dumpfiles but no idea how to interpret them as to what may be the issue or which drivers cause the error. I'll post the latest 2, I hope I'm not overstaying my welcome on this issue but really keen on sorting it out! Cold it be a hard drive or CPU issue?