Solved BSOD 1E, 0D, different everytime

[yellowstone]

Hey,

I have a laptop that i been working on for a while and after time it will randomly blue screen on us.

The error code are different most of the time.

The laptop has been reinstalled twice, but yet the blue screen come up,

Some time it is while it doing windows updates, or just sitting doing nothing at all.

I have attached the two latest dump files if someone could help that would be great.

Yellowstone

 

[yellowstone]

BSOD won't even boot into Windows

Hey,

I have another BSOD,

This one is a c0000135 error.

I have the dump file from a BSOD not sure if it is to do with that code.

Thanks in advance

Yellowstone

 

[Arc]

Welcome aboard.

► Test your RAM modules for possible errors.
How to Test and Diagnose RAM Issues with Memtest86+
Run memtest for at least 8 passes, preferably overnight, per RAM module per slot.

► Stress test the CPU.
Hardware - Stress Test With Prime95

► Get rid of intel rapid storage.

1. Right click on "my computer" icon and click "manage" on the context menu.
2. It will open the "computer management" window.
3. Select "Device Manager" in the left pane, It will list all the existing devices up.
4. Expand "Disc Drives" by clicking on the triangle in front of it.
5. Select one item under it, right click, uninstall.
6. Continue the process for all items under "Disc Drives"
7. Now restart the computer. At restart, windows will auto configure the appropriate system driver, msahci.sys.

► Update display driver.

fffff880`0311ac98  fffff880`04a6ab4bUnable to load image \SystemRoot\system32\DRIVERS\igdkmd64.sys, Win32 error 0n2
[COLOR=Red]*** WARNING: Unable to verify timestamp for igdkmd64.sys
*** ERROR: Module load completed but symbols could not be loaded for igdkmd64.sys
 igdkmd64+0x62b4b[/COLOR]

Download it from Intel Download Center.


Let us know the results.

 

[yellowstone]

Thanks will report back asap.

 

[yellowstone]

Hey,

I have another BSOD,

This one is a c0000135 error.

I have the dump file from a BSOD not sure if it is to do with that code.

Thanks in advance

Yellowstone

This is for a different laptop not the same computer.

 

[Arc]

Dont make a single thread for every single dump!

From the other dump, It is crashed by Realtek WiFi driver.

!irp fffffa8005e1f010
Irp is active with 5 stacks 3 is current (= 0xfffffa8005e1f170)
 No Mdl: No System Buffer: Thread 00000000:  Irp stack trace.  
     cmd  flg cl Device   File     Completion-Context
 [  0, 0]   0  0 00000000 00000000 00000000-00000000    

            Args: 00000000 00000000 00000000 00000000
 [  0, 0]   0  0 00000000 00000000 00000000-00000000    

            Args: 00000000 00000000 00000000 00000000
>[ 16, 2]   0  0 fffffa800889c050 00000000 00000000-00000000    
  [COLOR=Red]        Unable to load image \SystemRoot\system32\DRIVERS\rtl8192Ce.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for rtl8192Ce.sys
*** ERROR: Module load completed but symbols could not be loaded for rtl8192Ce.sys
 \Driver\RTL8192Ce[/COLOR]
            Args: 00014400 00000000 00000004 00000002
 [ 16, 2]   0 e1 fffffa8008708770 00000000 fffff800033261b0-fffffa8005a26840 Success Error Cancel pending
           \Driver\vwifibus    nt!PopSystemIrpCompletion
            Args: 00014400 00000000 00000004 00000002
 [  0, 0]   0  0 00000000 00000000 00000000-fffffa8005a26840    

            Args: 00000000 00000000 00000000 00000000

And the driver is very old.

lmvm RTL8192Ce
start             end                 module name
fffff880`05a71000 fffff880`05bdc000   rtl8192Ce T (no symbols)           
    Loaded symbol image file: rtl8192Ce.sys
    Image path: \SystemRoot\system32\DRIVERS\rtl8192Ce.sys
  [COLOR=Red]  Image name: rtl8192Ce.sys
    Timestamp:        Tue Nov 02 14:07:37 2010[/COLOR] (4CCFCDD1)
    CheckSum:         0011632C
    ImageSize:        0016B000
    Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4

Update it from Realtek

Report back in this thread only.

 

[Arc]

This is for a different laptop not the same computer.

Yes, one is HP G72 Notebook PC, and the other is TOSHIBA Satellite C660, ok?

Continue in a single thread, no problem.

 

[yellowstone]

Yes that correct,

but the TOSHIBA Satellite C660, i can't get it to boot to update the drive, tried normal, all safe modes don't know what else to do.

Any ideas?

 

[Arc]

Is not it booting in safe mode too? Try booting in WDO and perform a scan.

• Windows Defender Offline

 

[yellowstone]

Nope it not booting into any of the safe modes, as you have said it the Realtek WiFi driver, so i want to get in and change it (try to that is) will download this WDO now and run a scan with it.

And a update on the HP G72 Notebook PC BSOD, i have uninstall the intel rapid storage and updated the video driver and seems fine atm will keep you updated on this one.

 

[Arc]

Toshiba: Follow it:
Troubleshooting Windows 7 Failure to Start

Or, run Startup Repair for three separate times, with restarts after every single run.
Startup Repair: Run three separate times.

BUT, after running WDO. If there is any virus, it will never boot normally I guess.

HP: If it is fine now, Good news. Observe that one, how it works. And pay the attention to the Toshiba one.

 

[yellowstone]

Hey again guys,

The HP laptop has blue screened again, i have the dump file.

Please let me know what it is this time (sad face) been ok till shitty windows updates

 

[Arc]

Both of the network drivers are very old.

Atheros network adapter driver

 lmvm athrx
start             end                 module name
fffff880`04441000 fffff880`045ca000   athrx    T (no symbols)           
    Loaded symbol image file: athrx.sys
    Image path: \SystemRoot\system32\DRIVERS\athrx.sys
   [COLOR=Red] Image name: athrx.sys
    Timestamp:        Wed Mar 03 06:15:21 2010 [/COLOR](4B8DB121)
    CheckSum:         00186AC4
    ImageSize:        00189000
    Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4

Update it from ATHEROS drivers for Microsoft Windows (Atheros?????)

Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC

lmvm rt64win7
start             end                 module name
fffff880`05845000 fffff880`05891000   Rt64win7 T (no symbols)           
    Loaded symbol image file: Rt64win7.sys
    Image path: \SystemRoot\system32\DRIVERS\Rt64win7.sys
   [COLOR=Red] Image name: Rt64win7.sys
    Timestamp:        Fri Nov 27 15:15:07 2009[/COLOR] (4B0F9FA3)
    CheckSum:         00056663
    ImageSize:        0004C000
    Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4

Update it from Realtek

A preferred way to update the network drivers.
First, download the network card driver from manufactuer's website.
Then reinstall the driver:

1. Click the Start Button, type "devmgmt.msc" (without quotation marks) in the Start Menu Search box and press Enter.
2. Double click to expand "Network adaptors".
3. Right click your network card and click Uninstall.
4. Check "Delete driver software for this device" check box, click OK.
5. Restart the computer
6. If windows does not auto configure the appropriate drivers at startup, install the downloaded one manually.

► Scan the system for possible virus infection.

• Anti-rootkit utility TDSSKiller
• Windows Defender Offline

► Perform some Disc Check

1. Update your SSD's Firmware
2. Reseat the sata and power.
3. Run chkdsk /f/r, following the option two of the tutorial Disk Check
4. Seatool for dos: SeaTools | Seagate download
   Burn it in a blank cd. boot from the CD, click on "Accept", wait for it to finish detecting the drives, then in the upper left corner select "Basic Tests", then select "Long Test" and let it run.

► Test your RAM modules for possible errors.
How to Test and Diagnose RAM Issues with Memtest86+
Run memtest for at least 8 passes, preferably overnight, per RAM module per slot.


Let us know. If not worked, it may be that you need to change your network adapter.

 

[yellowstone]

BSOD restart at random point

Hey Guy,

I not got the error code as was on different job at the time but have the mini dump if you could help me please.

Thanks

Yellowstone

 

[yellowstone]

Would of posted it on this one but couldn't find it lol thanks for moving it look forward to having your help

 

[Arc]

Within the last month, you haven't let me know if you worked with my last suggestions or not. OK, good.

But I am seeing that you may not have followed it, coz it is still crashing on the same Atheros network adapter driver.

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck D1, {fffff3000b7e0dcd, 2, 0, fffff88002d989f2}

Unable to load image \SystemRoot\system32\DRIVERS\athrx.sys, Win32 error 0n2
[COLOR=Red]*** WARNING: Unable to verify timestamp for athrx.sys[/COLOR]
*** ERROR: Module load completed but symbols could not be loaded for athrx.sys
Unable to load image \SystemRoot\system32\drivers\ndis.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ndis.sys
*** ERROR: Module load completed but symbols could not be loaded for ndis.sys
[COLOR=Red]Probably caused by : athrx.sys [/COLOR]( athrx+12d9f2 )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: fffff3000b7e0dcd, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff88002d989f2, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002ccc100
 fffff3000b7e0dcd 

CURRENT_IRQL:  2

FAULTING_IP: 
athrx+12d9f2
fffff880`02d989f2 3a040a          cmp     al,byte ptr [rdx+rcx]

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0xD1

PROCESS_NAME:  System

TRAP_FRAME:  fffff88002f1b630 -- (.trap 0xfffff88002f1b630)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffffa80078d3700 rbx=0000000000000000 rcx=fffffa80078d3dc3
rdx=fffff88003f0d00a rsi=0000000000000000 rdi=0000000000000000
rip=fffff88002d989f2 rsp=fffff88002f1b7c8 rbp=0000000000000000
 r8=0000000000000006  r9=0000000000000000 r10=fffffa8005368c90
r11=fffff88003f0d000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz na po nc
athrx+0x12d9f2:
fffff880`02d989f2 3a040a          cmp     al,byte ptr [rdx+rcx] ds:fffff300`0b7e0dcd=??
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff80002a9c569 to fffff80002a9cfc0

STACK_TEXT:  
fffff880`02f1b4e8 fffff800`02a9c569 : 00000000`0000000a fffff300`0b7e0dcd 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
fffff880`02f1b4f0 fffff800`02a9b1e0 : fffffa80`04bf55e0 fffff880`033fd000 00000000`00000000 fffffa80`05572010 : nt!KiBugCheckDispatch+0x69
fffff880`02f1b630 fffff880`02d989f2 : fffff880`02cb9cc0 fffff880`02f1b848 fffff880`014a9207 00000000`00000002 : nt!KiPageFault+0x260
fffff880`02f1b7c8 fffff880`02cb9cc0 : fffff880`02f1b848 fffff880`014a9207 00000000`00000002 00000011`ad13f638 : athrx+0x12d9f2
fffff880`02f1b7d0 fffff880`02f1b848 : fffff880`014a9207 00000000`00000002 00000011`ad13f638 fffffa80`00000010 : athrx+0x4ecc0
fffff880`02f1b7d8 fffff880`014a9207 : 00000000`00000002 00000011`ad13f638 fffffa80`00000010 fffffa80`078d3770 : 0xfffff880`02f1b848
fffff880`02f1b7e0 00000000`00000002 : 00000011`ad13f638 fffffa80`00000010 fffffa80`078d3770 00000000`00000000 : ndis+0x43207
fffff880`02f1b7e8 00000011`ad13f638 : fffffa80`00000010 fffffa80`078d3770 00000000`00000000 fffff880`02c6c9c0 : 0x2
fffff880`02f1b7f0 fffffa80`00000010 : fffffa80`078d3770 00000000`00000000 fffff880`02c6c9c0 00000000`00000000 : 0x11`ad13f638
fffff880`02f1b7f8 fffffa80`078d3770 : 00000000`00000000 fffff880`02c6c9c0 00000000`00000000 fffff880`02cb9ec3 : 0xfffffa80`00000010
fffff880`02f1b800 00000000`00000000 : fffff880`02c6c9c0 00000000`00000000 fffff880`02cb9ec3 fffffa80`04bf4778 : 0xfffffa80`078d3770


STACK_COMMAND:  kb

FOLLOWUP_IP: 
athrx+12d9f2
fffff880`02d989f2 3a040a          cmp     al,byte ptr [rdx+rcx]

SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  athrx+12d9f2

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: athrx

IMAGE_NAME:  athrx.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4b8db121

FAILURE_BUCKET_ID:  X64_0xD1_athrx+12d9f2

BUCKET_ID:  X64_0xD1_athrx+12d9f2

Followup: MachineOwner
---------

1: kd> lmvm athrx
start             end                 module name
fffff880`02c6b000 fffff880`02df4000   athrx    T (no symbols)           
    Loaded symbol image file: athrx.sys
    Image path: \SystemRoot\system32\DRIVERS\athrx.sys
  [COLOR=Red]  Image name: athrx.sys
    Timestamp:        Wed Mar 03 06:15:21 2010[/COLOR] (4B8DB121)
    CheckSum:         00186AC4
    ImageSize:        00189000
    Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4

Link to update it is given in my earlier post, see it there.

 

[yellowstone]

Hi,

we have now updated the Wireless driver to a newer version and in copying data back to the laptop it has continued to bluescreen

find attached the latest minidump

 

[Arc]

lmvm athrx
start             end                 module name
fffff880`02c6b000 fffff880`02df4000   athrx    T (no symbols)           
    Loaded symbol image file: athrx.sys
    Image path: \SystemRoot\system32\DRIVERS\athrx.sys
  [COLOR=Red]  Image name: athrx.sys
    Timestamp:        Wed Mar 03 06:15:21 2010[/COLOR] (4B8DB121)
    CheckSum:         00186AC4
    ImageSize:        00189000
    Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4

According to it, the driver is not updated. Follow it: http://www.sevenforums.com/tutorials/97061-driver-install-device-manager.html

 

[yellowstone]

I will go an see if there is a newer one, but i went on the website you told me to and download the latest one from there.

From the website you gave it say this for the date of the driver:

Release: 2012-08-01 [August '12]​

 

[Arc]

Let us know what is the situation after replacing the driver.