BSOD when playing games, ntoskrnl.exe

[kobra51]

I have BSODs but more often the computer just freezes and sound loops. This only happens when i play games using the nVidia graphics card. At first I tought the issue was graphics card but dumps indicate it was ntoskrnl.exe.

 

[Dsprague]

Please follow the Blue Screen of Death (BSOD) Posting Instructions

 

[Dsprague]

Okay took a look at your dump files, and your msinfo and have a few suggestions that you might try.

First please update your your video card driver from Here:

http://www.nvidia.com/Download/index.aspx?lang=en-us

Second please remove Daemon tools from your PC it uses a driver that is known to cause BSODs. Once it is removed please download and run this tool:

Duplex secure

When you run the tool if the uninstall button is grayed out close the tool your done. if its still clickable click it and let the tool run. DO NOT click the install button it will reinstall the harmful driver.

 

[kobra51]

I already have latest video card driver. I unistalled Daemon tools, will test if it makes any diference.

 

[Arc]

Hello kobra51. Yes it is sure that you have the latest version of the display driver installed. And, apparently that is the main reason here. This driver has an indigenous fault. Let us explain.

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

[COLOR=Red][B]BugCheck C4[/B][/COLOR], {91, 2, fffffa8006719310, 0}

*** WARNING: Unable to verify timestamp for nvlddmkm.sys
*** ERROR: Module load completed but symbols could not be loaded for nvlddmkm.sys
Probably caused by : nvlddmkm.sys ( nvlddmkm+347b25 )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

[COLOR=Red][B]DRIVER_VERIFIER_DETECTED_VIOLATION (c4)[/B][/COLOR]
A device driver attempting to corrupt the system has been caught.  This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 0000000000000091, A driver switched stacks using a method that is not supported by
    the operating system. The only supported way to extend a kernel
    mode stack is by using KeExpandKernelStackAndCallout.
Arg2: 0000000000000002
Arg3: fffffa8006719310
Arg4: 0000000000000000

Debugging Details:
------------------


BUGCHECK_STR:  0xc4_91

CUSTOMER_CRASH_COUNT:  1

[COLOR=Red][B]DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT[/B][/COLOR]

PROCESS_NAME:  aces.exe

CURRENT_IRQL:  2

TAG_NOT_DEFINED_c000000f:  FFFFF800049BCFB0

EXCEPTION_RECORD:  fffff800049af558 -- (.exr 0xfffff800049af558)
ExceptionAddress: fffff88008591b25 (nvlddmkm+0x0000000000347b25)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: ffffffffffffffff
Attempt to read from address ffffffffffffffff

TRAP_FRAME:  fffff800049af600 -- (.trap 0xfffff800049af600)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffffa8008259a00 rbx=0000000000000000 rcx=fffffa8009795c60
rdx=fffffa8004659d20 rsi=0000000000000000 rdi=0000000000000000
rip=fffff88008591b25 rsp=fffff800049af790 rbp=fffff800049af7b0
 r8=0000000000000801  r9=fffff8000346e770 r10=fffff8000346e588
r11=fffff8800877d310 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz na po nc
nvlddmkm+0x347b25:
fffff880`08591b25 ??              ???
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff8000333d80a to fffff800032e6fc0

STACK_TEXT:  
fffff800`049ae658 fffff800`0333d80a : 00000000`000000c4 00000000`00000091 00000000`00000002 fffffa80`06719310 : nt!KeBugCheckEx
fffff800`049ae660 fffff800`033104e3 : 3d204449`454c4241 4f50454b`414c2220 444c410a`00000003 4241545f`44575245 : nt! ?? ::FNODOBFM::`string'+0x4874
fffff800`049ae6a0 fffff800`03321851 : fffff800`049af558 fffff800`049af2b0 fffff800`049af600 fffffa80`0858b010 : nt!RtlDispatchException+0x33
fffff800`049aed80 fffff800`032e6642 : fffff800`049af558 00000000`00000034 fffff800`049af600 fffffa80`08c605b0 : nt!KiDispatchException+0x135
fffff800`049af420 fffff800`032e4f4a : fffff800`049af650 fffff880`0844fd21 fffff800`049af650 fffff880`0843849f : nt!KiExceptionDispatch+0xc2
fffff800`049af600 fffff880`08591b25 : fffff800`049af7c0 fffffa80`00000018 fffff800`049afb30 00000000`00504610 : nt!KiGeneralProtectionFault+0x10a
fffff800`049af790 fffff800`049af7c0 : fffffa80`00000018 fffff800`049afb30 00000000`00504610 fffff800`049afa50 : nvlddmkm+0x347b25
fffff800`049af798 fffffa80`00000018 : fffff800`049afb30 00000000`00504610 fffff800`049afa50 fffff880`085913ce : 0xfffff800`049af7c0
fffff800`049af7a0 fffff800`049afb30 : 00000000`00504610 fffff800`049afa50 fffff880`085913ce fffffa80`0a420790 : 0xfffffa80`00000018
fffff800`049af7a8 00000000`00504610 : fffff800`049afa50 fffff880`085913ce fffffa80`0a420790 00000000`00000001 : 0xfffff800`049afb30
fffff800`049af7b0 fffff800`049afa50 : fffff880`085913ce fffffa80`0a420790 00000000`00000001 fffffa80`04659d20 : 0x504610
fffff800`049af7b8 fffff880`085913ce : fffffa80`0a420790 00000000`00000001 fffffa80`04659d20 fffffa80`08c44000 : 0xfffff800`049afa50
fffff800`049af7c0 fffffa80`0a420790 : 00000000`00000001 fffffa80`04659d20 fffffa80`08c44000 fffff800`049af8b0 : nvlddmkm+0x3473ce
fffff800`049af7c8 00000000`00000001 : fffffa80`04659d20 fffffa80`08c44000 fffff800`049af8b0 00000000`00000000 : 0xfffffa80`0a420790
fffff800`049af7d0 fffffa80`04659d20 : fffffa80`08c44000 fffff800`049af8b0 00000000`00000000 fffff800`00000000 : 0x1
fffff800`049af7d8 fffffa80`08c44000 : fffff800`049af8b0 00000000`00000000 fffff800`00000000 fffff880`085913e2 : 0xfffffa80`04659d20
fffff800`049af7e0 fffff800`049af8b0 : 00000000`00000000 fffff800`00000000 fffff880`085913e2 fffffa80`04933b70 : 0xfffffa80`08c44000
fffff800`049af7e8 00000000`00000000 : fffff800`00000000 fffff880`085913e2 fffffa80`04933b70 00000000`00000001 : 0xfffff800`049af8b0


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nvlddmkm+347b25
fffff880`08591b25 ??              ???

SYMBOL_STACK_INDEX:  6

SYMBOL_NAME:  nvlddmkm+347b25

FOLLOWUP_NAME:  MachineOwner

[COLOR=Red][B]MODULE_NAME: nvlddmkm

IMAGE_NAME:  nvlddmkm.sys[/B][/COLOR]

DEBUG_FLR_IMAGE_TIMESTAMP:  50de9218

FAILURE_BUCKET_ID:  X64_0xc4_91_nvlddmkm+347b25

BUCKET_ID:  X64_0xc4_91_nvlddmkm+347b25

Followup: MachineOwner
---------

The bugcheck code is C4, that means Driver Verifier is enabled. But, at the same time, the default bucket ID says that the Driver Verifier is not running at all. That's a great contradiction in the windbg output; and it is most common for the latest version of the display driver. We have faced this issue many a times.

So what you should do? Roll it back to a known stable earlier version.

• Download and install Driver Fusion.
• Reboot the computer in Advanced Boot Options, safe mode. Search Driver Fusion in your start menu, and remove all components of your nVidia display driver.
• Boot normally now. Go to Drivers - Download NVIDIA Drivers, Drivers > Beta and Legacy; search there with your cards particulars for GeForce 306.23 Driver, dated 13.9.2012 and install it.

I am suggesting this particular one, coz I have experienced that this one never fails itself.

At the same time, what Dsprague suggested is another very important point. Daemon Tools, Alcohol 120% and Power Archiver Pro uses SCSI Pass Through Direct (SPTD), which is a well known BSOD causer. Uninstall the program at first. Then download SPTD standalone installer from Disk-Tools.com, (or from the link Dsprague provided) and execute the downloaded file as guided below :

• Double click to open it.
• Click this button only:
• 
• If it is grayed out, as in the picture, there is no more SPTD in your system, and you just close the window.

 

[kobra51]

I going to try it out. Main porblem for me isn't actually BSOD becouse that is quite rare. Main problem is computer just freezing so I can't do anything but restart it or computer restarts by itself. It only happens when I am using the nVidia graphics card.

 

[Dsprague]

The bugcheck code is C4, that means Driver Verifier is enabled. But, at the same time, the default bucket ID says that the Driver Verifier is not running at all. That's a great contradiction in the windbg output; and it is most common for the latest version of the display driver. We have faced this issue many a times.

Arc This happens Because Windows, by default implements certain Driver Verifier functions by default so even when disabled driver verifier is always at least to some extent on you just don't know about it until you get a crash like this one.

 

[Arc]

Arc This happens Because Windows, by default implements certain Driver Verifier functions by default so even when disabled driver verifier is always at least to some extent on you just don't know about it until you get a crash like this one.

Actually we got a notification alert that if the latest version of nvidia display driver shows a C4 error with the first argument as 91, it is a buggy driver, causing a buffer outflow. And, it should not be kept there. So I suggested the same thing in many a threads, and it usually worked

 

[Dsprague]

Arc This happens Because Windows, by default implements certain Driver Verifier functions by default so even when disabled driver verifier is always at least to some extent on you just don't know about it until you get a crash like this one.

Actually we got a notification alert that if the latest version of nvidia display driver shows a C4 error with the first argument as 91, it is a buggy driver, causing a buffer outflow. And, it should not be kept there. So I suggested the same thing in many a threads, and it usually worked

Well in that case thank you for informing me.

 

[kobra51]

Okay I did everything that Arc said and it didn't help. I was playing War Thunder and the game froze. But this time I was abel to Alt+Tab to the desktop and saw an error message. When i tried to close the game in the taskmanager it closed but it still stayed in the taskmanager and was using memory and graphics card. Is there somekind of program that could record the data in the event freeze or restart?

 

[Arc]

Stress test the Graphics Card using Furmark.
Video Card - Stress Test with Furmark

 

[kobra51]

I ran it for 20min, nothing happened.

 

[kobra51]

There hasn't been a BSOD so far but those didn't happen very often. But i have been getting a lot more crashes and freezes since I used the old drivers. I would like to find the root cause of the prolem. Are there any kind of programs that could record the data during the freezes since it won't produce any dump files?

 

[Arc]

It is recorded there, in event log. And, if you ececute the SF Diag tool, we can get your event log.