BSOD On Startup After Installing KB3070102


  1. dave1977nj
    Posts : 8
    Microsoft Windows 7 Ultimate 64-bit
       New #1

    BSOD On Startup After Installing KB3070102


    I just installed all of the new windows updates today 7/14/2015. After a reboot I got a BSOD. I narrowed it down by removing one by one of 14 updates and the one that is causing the BSOD on startup is KB3070102.


    *******************************************************************************
    * *
    * Bugcheck Analysis *
    * *
    *******************************************************************************

    SYSTEM_SERVICE_EXCEPTION (3b)
    An exception happened while executing a system service routine.
    Arguments:
    Arg1: 00000000c0000005, Exception code that caused the bugcheck
    Arg2: fffff960000f29ec, Address of the instruction which caused the bugcheck
    Arg3: fffff88002f79020, Address of the context record for the exception that caused the bugcheck
    Arg4: 0000000000000000, zero.

    Debugging Details:
    ------------------

    TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\modclass.ini, error 2

    EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".

    FAULTING_IP:
    win32k!AllocateW32Process+44
    fffff960`000f29ec ff1526161f00 call qword ptr [win32k!_imp_ExAllocatePoolWithQuotaTag (fffff960`002e4018)]

    CONTEXT: fffff88002f79020 -- (.cxr 0xfffff88002f79020)
    rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000029
    rdx=0000000000000328 rsi=fffffa800a655b30 rdi=0000000000000328
    rip=fffff960000f29ec rsp=fffff88002f79a00 rbp=00000000000002f0
    r8=0000000069707355 r9=0000000000000010 r10=fffffa800a655b00
    r11=000007fffffd8000 r12=0000000000000000 r13=0000000000000000
    r14=0000000000000000 r15=0000000000000064
    iopl=0 nv up ei pl zr na po nc
    cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010246
    win32k!AllocateW32Process+0x44:
    fffff960`000f29ec ff1526161f00 call qword ptr [win32k!_imp_ExAllocatePoolWithQuotaTag (fffff960`002e4018)] ds:002b:fffff960`002e4018=00000000003113b2
    Resetting default scope

    DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT

    BUGCHECK_STR: 0x3B

    PROCESS_NAME: csrss.exe

    CURRENT_IRQL: 0

    LAST_CONTROL_TRANSFER: from fffff960000e7a7e to fffff960000f29ec

    STACK_TEXT:
    fffff880`02f79a00 fffff960`000e7a7e : 00000000`00000000 fffffa80`0a655b30 00000000`00000000 00000000`00000000 : win32k!AllocateW32Process+0x44
    fffff880`02f79a30 fffff960`000eb03c : 00000000`00000001 00000000`00000003 00000000`00000003 fffff800`030cd7fb : win32k!xxxSetProcessInitState+0x2a
    fffff880`02f79a60 fffff960`000eaf56 : 00000000`00000003 00000000`00000a7c 00000000`000002f0 00000000`00000000 : win32k!xxxUserNotifyProcessCreate+0xbc
    fffff880`02f79ab0 fffff800`030c2f13 : fffffa80`0a739730 fffff880`02f79b60 00000000`00000000 00000000`000001a8 : win32k!NtUserNotifyProcessCreate+0x5e
    fffff880`02f79ae0 000007fe`fd35148a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
    00000000`0172f688 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7fe`fd35148a


    FOLLOWUP_IP:
    win32k!AllocateW32Process+44
    fffff960`000f29ec ff1526161f00 call qword ptr [win32k!_imp_ExAllocatePoolWithQuotaTag (fffff960`002e4018)]

    SYMBOL_STACK_INDEX: 0

    SYMBOL_NAME: win32k!AllocateW32Process+44

    FOLLOWUP_NAME: MachineOwner

    MODULE_NAME: win32k

    IMAGE_NAME: win32k.sys

    DEBUG_FLR_IMAGE_TIMESTAMP: 558bc095

    STACK_COMMAND: .cxr 0xfffff88002f79020 ; kb

    FAILURE_BUCKET_ID: X64_0x3B_win32k!AllocateW32Process+44

    BUCKET_ID: X64_0x3B_win32k!AllocateW32Process+44

    Followup: MachineOwner
    Last edited by dave1977nj; 15 Jul 2015 at 18:00.
      My Computer
    Quote Quote

  3. DavidE
    Posts : 6,330
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64 +Linux_VMs +Chromium_VM
       New #2

    Hello dave1977nj,

    I have the same problem, BSOD caused by installing update KB3070102.
    This is on my Test box, not the PC in my SF specs.
    For me, it BSOD's when I click on my Username icon to log into Windows normally (Win 7 x64).

    I can boot in Safe Mode and Safe Mode with Networking with KB3070102 installed, and login to Windows.

    Just letting you know you are not the only one with this problem.

    This update is for a Windows kernel-mode driver
    https://support.microsoft.com/en-us/kb/3070102

    I've been playing around with BIOS settings to see if i could find a change to fix it.
    No luck so far.
      My Computer
    Quote Quote

  4. gdfsgdfg
    Posts : 9
    Windows 7 Ultimate x64
       New #3

    I haven't got a bsod with all the new updates even kb3070102 and I have played gta v for a bit.

    But I have uninstalled it and will hide it immediately.
      My Computer
    Quote Quote

  6. dave1977nj
    Posts : 8
    Microsoft Windows 7 Ultimate 64-bit
    Thread Starter
       New #4

    If anyone figures this problem out it would be greatly appreciated. I am also trying to work on it.
      My Computer
    Quote Quote

  7. chiko
    Posts : 2
    Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
       New #5

    Fixed for me but disabling a driver AnitLog64.sys


    I had same problem and traced it back to KB3070102 MS15-073.

    Would BSOD shortly after providing password but Safe Mode worked find.

    Through other search found the thread about using Verifier utility to check all non-Microsoft drivers and traced it back to this one. I used Device Manager / Show Hidden non-plug and play drivers to set AntiLog32 to startup disabled. Despite what shows in Device manager the binaries are signed.
    Its supposed to be anti-keylogger from Zemana Ltd. I dont particularly recognize this piece of anti-malware. I am using Norton Security Suite 21.7 which I like OK. Norton was installed as part of a security suite from Comcast Constant Guard. I hate the other elements from Comcast and only use the Norton element but I am guessing this is where the anti-logger came from in the suite.

    Make sure you read the full instructions about how to turn the driver verifier off.
    Driver Verifier-- tracking down a mis-behaving driver. - Microsoft Community

    For now I have decided that I am more paranoid about Elevation of privilege vulnerability than I am about keylogger protection. Verifier might find something else on a different setup.
      My Computer
    Quote Quote

  8. DavidE
    Posts : 6,330
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64 +Linux_VMs +Chromium_VM
       New #6

    I use Zemana Antilogger.
    I disabled the AntiLog32 driver, disabled Zemana in msconfig startup, re-installed KB3070102, and re-booted.
    I don't get a BSOD after disabling Zemana

    Thanks chiko for the great help and welcome to Seven Forums !
    Last edited by DavidE; 18 Jul 2015 at 09:22. Reason: fix typo
      My Computer
    Quote Quote

  10. Thenin
    Posts : 95
    Windows 7 Professional 64-bit
       New #7

    I had the same BSOD on two different computers, and by trying to install 18 pending Windows Updates one by one, I've absolutely confirmed that KB3070102 IS the problem. And I do not have any of those drivers installed, so it is wrong to blame anything other than a buggy implementation of KB3070102.

    Microsoft, of course, denies everything!

    See, for example, BSOD on startup KB3070102 - Microsoft Community
      My Computer
    Quote Quote

  11. chiko
    Posts : 2
    Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
       New #8

    Try the verifier steps that I linked to and that your link also shows. That is how I found it.
    You may just have some other driver that is causing the issue.
    Then you can decide which you care about more.
    FYI - I ran Verifier after doing the patch and no more problems were found. Ran like crap but no BSOD.
      My Computer
    Quote Quote

 

  Related Discussions
Today, I decided to download SP1, since there was this application that required it. Anyways, it got downloaded without any problems, but while it was installing, it got stuck for over half an hour, but then completed the installation, which made me restart my PC. However, after that, It booted...
Thanks for the help guys!
Hey guys! Long story short, went from 7850, to 7970, to gtx680 that is now RMA back to the old 7850, and getting a new 7970 on sunday. Now, I uninstalled everything I can find that has to do with either nVidia or AMD, and it still BSOD right on startup:...
This is my first time using this forum and am in desperate need of fixing my computer. It was working fine for a few months, then I don't know if I got a virus, worm, or whatever. It will say that updates need to be installed and count down time to restart my computer. When it restarts, the...
Every time I boot up my system, I have a program start to install itself. (The Missing Sync from MarkSpace) The first time through, I followed the instructions and it worked and I had the program. The next time I booted, it wanted to run through the install steps again before booting up; as it has...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 16:44.
Find Us