Random different BSODs, ntoskrnl.exe

Page 1 of 2 12 LastLast

  1. Posts : 8
    Windows 7 Home Premium 64bit
       #1

    Random different BSODs, ntoskrnl.exe


    My friend has a Desktop PC that has some random BSODs and I decide to help him.
    Started on January and getting worse last month.
    After the forth BSOD I tried to find out the problem but it seems the problem not really exact. (Run WinDbg, got different results)
    Then I reinstalled motherboard, video card, wlan and the lan drivers. Run chkdsk and system file checker (src /scannow), found nothing. Checked the SSD firmware, up to date.
    Run stress test on the CPU and the GPU, there weren't overheating (at that time).
    Tested the RAMs using memtest86+ overnight, passed 5 times, no errors.
    Run Driver Verifier for 17 hours, no BSOD. After deleted the existing settings, restarting the windows caused BSOD (5th).
    Uninstalled Gigabyte Dynamic Energy Saver and manually disabled the gdrv.sys using Autoruns. But this seems only the last BSOD (or not).

    I was wondering if somebody could help.
    Thank you in advance.
      My Computer


  2. Posts : 181
    Windows 7
       #2

    Code:
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck C1, {fffff9807ec22ff0, fffff9807ec22ffc, 7d000c, 24}
    
    Unable to load image \??\C:\Windows\gdrv.sys, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for gdrv.sys
    *** ERROR: Module load completed but symbols could not be loaded for gdrv.sys
    Probably caused by : gdrv.sys ( gdrv+30c7 )
    
    Followup: MachineOwner
    ---------
    Code:
    Loaded symbol image file: gdrv.sys
        Image path: \??\C:\Windows\gdrv.sys
        Image name: gdrv.sys
        Timestamp:        Fri Mar 13 10:22:29 2009 (49B9D175) 2009 (49B9D175)
    the driver's very old...should update those
    GIGABYTE
    EDIT:
    if you are planniing to uninstall that anyway, just uninstall it as it's one of the cause of BSOD...

    Code:
    Start Menu\Programs\Norton Internet Security	Public:Start Menu\Programs\Norton Internet Security	Public
    also, it's recommended that you uninstall Norton and use MSE instead :)

    Antivirus Uninstaller
    Microsoft Security Essentials | Protect against viruses, spyware, and other malware

    run chkdisk /f /r to search for drive corruption, and sfc /scannow to scan for corrupted windows system file


    Cheers
      My Computer


  3. Posts : 8
    Windows 7 Home Premium 64bit
    Thread Starter
       #3

    Thank you for the help.
    I already uninstalled Gigabyte Dynamic Energy Saver (5th BSOD, gdrv.sys).
    What do you think about the first 4 BSODs?
    Also before the 5th BSOD happened I had already checked the filesystem and run the sfc/ scannow but no problem found.
      My Computer


  4. Posts : 181
    Windows 7
       #4

    check for the leftover, just in case
    Drivers - Clean Left over Files after Uninstalling

    One of the BSOD states DRIVER_POWER_STATE_FAILURE (9f), caused by usbhub.sys

    the others, while pointing to different process, are invoked when you launch some program named Poker or something...
    Code:
    BUGCHECK_STR:  0x3B
    
    PROCESS_NAME:  PokerClient.ex
    
    CURRENT_IRQL:  0
    this might be one of the cause

    also, I see that you have a quite hefty list of startup programs
    Perform a clean startup and see if BSOD occur:
    Troubleshoot Application Conflicts by Performing a Clean Startup

    don't forger to do a full scan for malware though
      My Computer


  5. Posts : 8
    Windows 7 Home Premium 64bit
    Thread Starter
       #5

    Thank you for the advise.

    I'd advise him to remove the Norton only if we were sure the problem caused by that.
    I did malware scan before the 5th BSOD using Malwarebytes Antimalware, Hitman Pro and RogueKiller, no problem found.

    As the BSOD does not happen every day (only about in 10-15 days) using the clean startup may not help.

    Does it mean the other 3 BSODs caused by the pokerclient.exe? My friend are using that program all the times.
      My Computer

  6.    #6

    BSOD Analysis -

    Code:
    BugCheck 3B, {c0000005, fffff960000955ea, fffff88016a5b210, 0}
    
    Probably caused by : win32k.sys ( win32k!NtUserQueryWindow+18a )
    Code:
    Usual causes:  System service, Device driver, graphics driver, memory
    win32k.sys is part of the Windows API, and primarily provides support for kernel-based graphics interface support, by directly communicating with the graphics driver, which makes sense since your graphics driver does seem to be causing a few issues. win32k.sys also serves other purposes, such as the Window Manager, which deals with some input devices such as the keyboard.

    -----------------------------------------------------------

    Steps -

    Update:

    Code:
    start             end                 module name
    fffff880`04a41000 fffff880`054e9000   nvlddmkm T (no symbols)           
        Loaded symbol image file: nvlddmkm.sys
        Image path: \SystemRoot\system32\DRIVERS\nvlddmkm.sys
        Image name: nvlddmkm.sys
        Timestamp:        Sat Feb 09 23:13:08 2013 (5116D804)
        CheckSum:         00A90CB0
        ImageSize:        00AA8000
        Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4
    Your nVidia graphics driver seems to be slightly outdated, best to update it to this WHQL version, which has been tested by Windows for stability and compatibility:
    Version: 314.22
    Release Date for Desktops and Notebooks : March 25th 2013
    In Device Manager: 9.18.13.1422

    1. Download Driver
    2. Start Type: Device Manager
    3. Expand Display Adapters
    4. Right-Click Driver Name, Uninstall
    5. Reboot
    6. Run Driver Sweeper
    7. Reboot
    8. Install Downloaded Driver

    Driver Sweeper will scan for any left over files from the old driver, old driver files can cause conflicts with new driver installations. Create a System Restore point beforehand, in case any problems or issues arise.

    Driver Sweeper:

    Code:
    start             end                 module name
    fffff880`01168000 fffff880`01173000   amdxata  T (no symbols)           
        Loaded symbol image file: amdxata.sys
        Image path: \SystemRoot\system32\DRIVERS\amdxata.sys
        Image name: amdxata.sys
        Timestamp:        Wed Oct 07 21:13:10 2009 (4ACCF656)
        CheckSum:         00007A58
        ImageSize:        0000B000
        Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4
    Update:

    Your AMD Storage Controller driver seems to be very outdated, please update through Windows Update:
    1. Start
    2. Type: Windows Update
    3. Check for Updates
    4. Install all available updates

    Update:

    Code:
    start             end                 module name
    fffff880`010f1000 fffff880`01105000   amdsata  T (no symbols)           
        Loaded symbol image file: amdsata.sys
        Image path: \SystemRoot\system32\DRIVERS\amdsata.sys
        Image name: amdsata.sys
        Timestamp:        Wed Oct 07 21:13:09 2009 (4ACCF655)
        CheckSum:         0001C14A
        ImageSize:        00014000
        Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4
    Your AMD ACHI driver is also very outdated, please update it from the AMD Support page - http://support.amd.com/us/Pages/AMDSupportHub.aspx

    Remove:

    Code:
    start             end                 module name
    fffff880`01000000 fffff880`01071000   SYMDS64  T (no symbols)           
        Loaded symbol image file: SYMDS64.SYS
        Image path: \SystemRoot\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS
        Image name: SYMDS64.SYS
        Timestamp:        Mon May 16 23:15:03 2011 (4DD1A1E7)
        CheckSum:         0007D541
        ImageSize:        00071000
        Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4
    Norton is causing problems here, it is a very bloated anti-virus program, and is well known to cause BSODs in Windows 7, please remove this program completely using the Norton Removal Tool, and then install and run full scans with these free and proven alternatives which work best with Windows 7:

    Install and perform full scans with:

       Information
    Remember to install the free version of Malwarebytes not the free trail; untick the free trial box during installation. MSE is the most lightweight and compatible with the Windows 7 operating system

    You can also view this thread for a complete free and lightweight security protection combination:
      My Computer


  7. Posts : 8
    Windows 7 Home Premium 64bit
    Thread Starter
       #7

    I downloaded the Nvidia driver you recommended.
    I will definitely remove the Norton.

    After the amdsata.sys related BSOD I upgraded the motherboard drivers including the AHCI drivers too.
    In the driver list I found new amd_sata.sys (12/04/2012) and amd_xata.sys (12/04/2012) just next to the amdsata.sys (08/10/2009) and amdxata.sys (08/10/2009.
    It was a bit confused so I searched for them. I found in this:

    Chipset Driver Release 1.2.001.210
    Renamed
    - amdsata.inf -> amd_sata.inf
    - amdsata.cat -> amd_sata.cat
    - amdsata.sys -> amd_sata.sys
    - amdxata.sys -> amd_xata.sys

    Is it possible the system is using both the old and the new remamed versions?
    Do you think disabling the old versions would solve the this BSOD?

    Could you please help with the 032913-13572-01.dmp and the 040313-13712-01.dmp BSODs too?

    Thank you for your help.
    Last edited by peterau; 12 May 2013 at 05:20.
      My Computer

  8.    #8

    Post the files using these steps - Blue Screen of Death (BSOD) Posting Instructions

    If you updated the drivers, then it should be only using the latest drivers installed.
      My Computer


  9. Posts : 8
    Windows 7 Home Premium 64bit
    Thread Starter
       #9

    Thank you for your answer.

    I cannot access his computer now at he is not here at the moment. I can make the modification after he comes back.
    Do you want me to attach the same report again as in my original post? I did it following the instructions.

    Any advise for the 032913-13572-01.dmp and the 040313-13712-01.dmp BSODs?
    Thank you.
      My Computer

  10.    #10

    Code:
    BugCheck 9F, {3, fffffa8015e1e440, fffff80000b9c518, fffffa801503d260}
    
    Probably caused by : usbhub.sys
    This indicates that a Device Object, which is how Windows represents Devices, has been blocking a IRP packet for too long.

    The blocked IRP packet seems to be related to your Atheros AR9271 Wireless Network Adapter, see here:

    Code:
    0: kd> !irp fffffa801503d260
    Irp is active with 9 stacks 7 is current (= 0xfffffa801503d4e0)
     No Mdl: No System Buffer: Thread 00000000:  Irp stack trace.  
         cmd  flg cl Device   File     Completion-Context
     [  0, 0]   0  0 00000000 00000000 00000000-00000000    
    
    			Args: 00000000 00000000 00000000 00000000
     [  0, 0]   0  0 00000000 00000000 00000000-00000000    
    
    			Args: 00000000 00000000 00000000 00000000
     [  0, 0]   0  0 00000000 00000000 00000000-00000000    
    
    			Args: 00000000 00000000 00000000 00000000
     [  0, 0]   0  0 00000000 00000000 00000000-00000000    
    
    			Args: 00000000 00000000 00000000 00000000
     [  0, 0]   0  0 00000000 00000000 00000000-00000000    
    
    			Args: 00000000 00000000 00000000 00000000
     [  0, 0]   0  0 00000000 00000000 00000000-00000000    
    
    			Args: 00000000 00000000 00000000 00000000
    >[ 16, 3]   0  0 fffffa800f8d9050 00000000 00000000-00000000    
    	      Unable to load image \SystemRoot\system32\DRIVERS\athurx.sys, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for athurx.sys
    *** ERROR: Module load completed but symbols could not be loaded for athurx.sys
     \Driver\athur
    			Args: 00016600 00000000 00000006 00000005
     [ 16, 3]   0 e1 fffffa80141478a0 00000000 fffff80003b1c200-fffffa800e2af220 Success Error Cancel pending
    	       \Driver\vwifibus	nt!PopSystemIrpCompletion
    			Args: 00016600 00000000 00000006 00000005
     [  0, 0]   0  0 00000000 00000000 00000000-fffffa800e2af220
    Update:

    Code:
    0: kd> lmvm athurx
    start             end                 module name
    fffff880`0560d000 fffff880`057d6000   athurx   T (no symbols)           
        Loaded symbol image file: athurx.sys
        Image path: \SystemRoot\system32\DRIVERS\athurx.sys
        Image name: athurx.sys
        Timestamp:        Wed Feb 24 11:41:07 2010 (4B851053)
        CheckSum:         001CD557
        ImageSize:        001C9000
        Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4
    Please update the driver from here - ATHEROS drivers for Microsoft Windows (Atheros?????)
      My Computer


 
Page 1 of 2 12 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 01:42.
Find Us