BSODs from ntoskrnl.exe, nvlddmkm.sys and volmgr.sys

Boowah

New member
Local time
1:53 PM
Messages
8
Hi all, long time lurker...

I have had at least 12 BSODs since March (only ten recorded that I can see) and I think its time to see if there is something fixable or if I need to upgrade (I was hoping to hold off until next year)...

Attached is the .rar file as per guidelines, let me know if there is anything else needed.

and thanks so much for taking the time and pity to have a look for me! :D
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64bitQ66006gb8800gt
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 Home Premium 64bit
CPU
Q6600
Memory
6gb
Graphics Card(s)
8800gt
Hi,

Please uninstall Avast as it seems to be causing issues:

:ar: http://www.avast.com/uninstall-utility

As an alternative, please install:

:ar: Microsoft Security Essentials.

Recommended from a strict BSOD perspective, compatibility & stability
compared to other antiviruses/internet security software.

   Note
Once downloaded, update and run a full system scan


See how the system performs now?

Cheers

Dave
 

My Computer My Computer

At a glance

Windows 7 Professional 64bitAMD Athlon (tm) X2 5200+ Dual Core 2712 Mhz4GBNividia GeForce 8600 GTS- DIED 25/7/2013 R.I.P
Computer type
PC/Desktop
OS
Windows 7 Professional 64bit
CPU
AMD Athlon (tm) X2 5200+ Dual Core 2712 Mhz
Motherboard
Asus
Memory
4GB
Graphics Card(s)
Nividia GeForce 8600 GTS- DIED 25/7/2013 R.I.P
Sound Card
None
Monitor(s) Displays
22" Yuraku LCD (Dont ask)
Screen Resolution
1280x960
Hard Drives
2TB WD Caviar green
PSU
Windy up type
Case
Scout cm Storm
Cooling
Hair dryer on full cool power ;-)
Keyboard
QWERTY
Mouse
Microsoft Special
Internet Speed
BT Infinity 9.38Mb/s Wheeeeeeeeeeeeeeee!!
Antivirus
MSE
Browser
Internet Explore 10 and Chrome
Other Info
Don't shout...I've got a Hangover!
Thanks, I followed your instructions.

I will see how it goes, hopefully that is the last of the blue screens!

Thanks again!
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64bitQ66006gb8800gt
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 Home Premium 64bit
CPU
Q6600
Memory
6gb
Graphics Card(s)
8800gt
No problem.
Post up a new log if you experience any further issues.

cheers

Dave
 

My Computer My Computer

At a glance

Windows 7 Professional 64bitAMD Athlon (tm) X2 5200+ Dual Core 2712 Mhz4GBNividia GeForce 8600 GTS- DIED 25/7/2013 R.I.P
Computer type
PC/Desktop
OS
Windows 7 Professional 64bit
CPU
AMD Athlon (tm) X2 5200+ Dual Core 2712 Mhz
Motherboard
Asus
Memory
4GB
Graphics Card(s)
Nividia GeForce 8600 GTS- DIED 25/7/2013 R.I.P
Sound Card
None
Monitor(s) Displays
22" Yuraku LCD (Dont ask)
Screen Resolution
1280x960
Hard Drives
2TB WD Caviar green
PSU
Windy up type
Case
Scout cm Storm
Cooling
Hair dryer on full cool power ;-)
Keyboard
QWERTY
Mouse
Microsoft Special
Internet Speed
BT Infinity 9.38Mb/s Wheeeeeeeeeeeeeeee!!
Antivirus
MSE
Browser
Internet Explore 10 and Chrome
Other Info
Don't shout...I've got a Hangover!
Hi, it appears now I am running the Microsoft program reccomended that my emails are not working!

I am using thunderbird with a gmail account and I have created a rule to allow thunderbird in windows firewall to no avail...

I can send an email however it will not save in sent items and I cannot download any new emails (connection to server timed out)

I know its off topic but it only happened after following these instructions, I can't seem to find anywhere in security essentials to allow programs etc.

Thanks again!
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64bitQ66006gb8800gt
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 Home Premium 64bit
CPU
Q6600
Memory
6gb
Graphics Card(s)
8800gt

My Computer My Computer

At a glance

Windows 7 Professional 64bitAMD Athlon (tm) X2 5200+ Dual Core 2712 Mhz4GBNividia GeForce 8600 GTS- DIED 25/7/2013 R.I.P
Computer type
PC/Desktop
OS
Windows 7 Professional 64bit
CPU
AMD Athlon (tm) X2 5200+ Dual Core 2712 Mhz
Motherboard
Asus
Memory
4GB
Graphics Card(s)
Nividia GeForce 8600 GTS- DIED 25/7/2013 R.I.P
Sound Card
None
Monitor(s) Displays
22" Yuraku LCD (Dont ask)
Screen Resolution
1280x960
Hard Drives
2TB WD Caviar green
PSU
Windy up type
Case
Scout cm Storm
Cooling
Hair dryer on full cool power ;-)
Keyboard
QWERTY
Mouse
Microsoft Special
Internet Speed
BT Infinity 9.38Mb/s Wheeeeeeeeeeeeeeee!!
Antivirus
MSE
Browser
Internet Explore 10 and Chrome
Other Info
Don't shout...I've got a Hangover!
Looks like my old friend the blue screen is back...

Had just started up and was trying to get the emails sorted when it happened, restarted itself while the dump was counting (not sure if it finished) then restarted itself again while loading windows, it then recommended a system restore which I attempted and then it bluescreened again fltmgr.sys and this time it did not appear to dump the info...
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64bitQ66006gb8800gt
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 Home Premium 64bit
CPU
Q6600
Memory
6gb
Graphics Card(s)
8800gt
That is strange as Mpfilter belongs to MSE:

MpFilter.sys is a Filter System Driver designed as the AntiMalware Engine of MSE which is attached and dependent on the Filter Manager Driver (fltmgr.sys). Other AntiMalware and AntiVirus programs are now also designed to be dependent, attach or protect fltmgr.

It is most possible that there was a previous installation of an AM/AV application.
I would suggest uninstalling MSE, then running the clean-up tool for any previous security software using the link below, then re-install MSE:

:ar: Anti-malware product Removal Tools

From your latest logs, dated 15/07/2013:

STOP 0x000000BE: ATTEMPTED_WRITE_TO_READONLY_MEMORY
Usual causes: Device driver, Memory

Your logs show your Nvidia Drivers are contributing to your BSOD's:

Code:
*** WARNING: Unable to verify timestamp for nvlddmkm.sys
Driver: [COLOR=red]nvlddmkm.sys[/COLOR]
Dated:Sun May 12 20:09:45 2013

1. Download latest :ar: Nvidia Driver
2. Goto Start> Type: Device Manager
3. Expand Display Adapters
4. Right-Click Driver Name, and Uninstall
5. Reboot your computer
6. Run :ar: Driver Sweeper
7. Reboot again
8. Install Downloaded Nividia Driver

Driver Sweeper will scan for any left over files from the old driver, old driver files can cause conflicts with new driver installations. Create a System Restore point beforehand, in case any problems or issues arise.

Update or remove:

Please either update or remove all your Cyberlink programs as the drivers pre-windows 7:

:ar: http://www.cyberlink.com/index_en_GB.html?r=1

Uninstall:

Please uninstall Daemon tools as it is well known for BSOD.
Start > click on Computer > Uninstall or change a program > choose Daemon tools. Reboot.
Once uninstalled please go here and remove the SPTD driver itself with this tool:

:ar: http://www.duplexsecure.com/en/downloads

   Warning
If the uninstall button is grayed out when you run the program you dont need to do anything and can close the window, if it is not click it and allow it to run. DO NOT click the install button as it will install a driver known to cause BSODs onto your system.


Run these tests and post back any results:

Take memtest. Run for 8 passes and test each stick in a know good slot for an additional 6 passes.

:ar: http://www.sevenforums.com/tutorials/105647-ram-test-memtest86.html

   Tip
Run these tests overnight


Please download Malwarebytes:


Download



   Note
Do not start the free trial of Malware Bytes, deselect that option when prompted.


Run a full scan once downloaded, installed and updated.

Scan the system for possible virus infection:

:ar: http://www.sevenforums.com/tutorials/166445-windows-defender-offline.html
:ar: http://support.kaspersky.com/5350?vs=s88446#s88446

Cheers

Dave
 

My Computer My Computer

At a glance

Windows 7 Professional 64bitAMD Athlon (tm) X2 5200+ Dual Core 2712 Mhz4GBNividia GeForce 8600 GTS- DIED 25/7/2013 R.I.P
Computer type
PC/Desktop
OS
Windows 7 Professional 64bit
CPU
AMD Athlon (tm) X2 5200+ Dual Core 2712 Mhz
Motherboard
Asus
Memory
4GB
Graphics Card(s)
Nividia GeForce 8600 GTS- DIED 25/7/2013 R.I.P
Sound Card
None
Monitor(s) Displays
22" Yuraku LCD (Dont ask)
Screen Resolution
1280x960
Hard Drives
2TB WD Caviar green
PSU
Windy up type
Case
Scout cm Storm
Cooling
Hair dryer on full cool power ;-)
Keyboard
QWERTY
Mouse
Microsoft Special
Internet Speed
BT Infinity 9.38Mb/s Wheeeeeeeeeeeeeeee!!
Antivirus
MSE
Browser
Internet Explore 10 and Chrome
Other Info
Don't shout...I've got a Hangover!
Finally found the time to follow your instructions on Saturday... and no blue screens yet!

Thank you so much Northernsoul55 for the advice and taking the time to help me out.

Boo.
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64bitQ66006gb8800gt
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 Home Premium 64bit
CPU
Q6600
Memory
6gb
Graphics Card(s)
8800gt
No problem, glad to help. :)

Use the computer normally for a few days, then if all seems fine, please pop back
and mark the thread solved.

Cheers

Dave
 

My Computer My Computer

At a glance

Windows 7 Professional 64bitAMD Athlon (tm) X2 5200+ Dual Core 2712 Mhz4GBNividia GeForce 8600 GTS- DIED 25/7/2013 R.I.P
Computer type
PC/Desktop
OS
Windows 7 Professional 64bit
CPU
AMD Athlon (tm) X2 5200+ Dual Core 2712 Mhz
Motherboard
Asus
Memory
4GB
Graphics Card(s)
Nividia GeForce 8600 GTS- DIED 25/7/2013 R.I.P
Sound Card
None
Monitor(s) Displays
22" Yuraku LCD (Dont ask)
Screen Resolution
1280x960
Hard Drives
2TB WD Caviar green
PSU
Windy up type
Case
Scout cm Storm
Cooling
Hair dryer on full cool power ;-)
Keyboard
QWERTY
Mouse
Microsoft Special
Internet Speed
BT Infinity 9.38Mb/s Wheeeeeeeeeeeeeeee!!
Antivirus
MSE
Browser
Internet Explore 10 and Chrome
Other Info
Don't shout...I've got a Hangover!
Another one :(

Just when it was going so well, had another bluescreen...
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64bitQ66006gb8800gt
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 Home Premium 64bit
CPU
Q6600
Memory
6gb
Graphics Card(s)
8800gt
Hi,

Your latest crash was MSE related. Perhaps a conflict with LUA File Virtualization Filter Driver.

Code:
start             end                 module name
fffff880`010ab000 fffff880`010e8000   [COLOR=red]MpFilter[/COLOR]

MpFilter.sys is a Filter System Driver designed as the AntiMalware Engine
of MSE which is dependent on fltmgr.sys.

I would suggest uninstalling MSE and re-installing and see if that resolves the issue.

Once done update and run a full scan.

cheers

Dave
 

My Computer My Computer

At a glance

Windows 7 Professional 64bitAMD Athlon (tm) X2 5200+ Dual Core 2712 Mhz4GBNividia GeForce 8600 GTS- DIED 25/7/2013 R.I.P
Computer type
PC/Desktop
OS
Windows 7 Professional 64bit
CPU
AMD Athlon (tm) X2 5200+ Dual Core 2712 Mhz
Motherboard
Asus
Memory
4GB
Graphics Card(s)
Nividia GeForce 8600 GTS- DIED 25/7/2013 R.I.P
Sound Card
None
Monitor(s) Displays
22" Yuraku LCD (Dont ask)
Screen Resolution
1280x960
Hard Drives
2TB WD Caviar green
PSU
Windy up type
Case
Scout cm Storm
Cooling
Hair dryer on full cool power ;-)
Keyboard
QWERTY
Mouse
Microsoft Special
Internet Speed
BT Infinity 9.38Mb/s Wheeeeeeeeeeeeeeee!!
Antivirus
MSE
Browser
Internet Explore 10 and Chrome
Other Info
Don't shout...I've got a Hangover!
MSE gone and Blue screen back :(

Hi Again,

I uninstalled MSE and restarted, copped a bluescreen almost straight away once logged in, system reset and it ran a disk check on D: then allowed me to log in, I ran the SF Diagnostic tool and it blue screened again... hopefully the actual problem shows up on these results!

Thanks again for your time,
Boo.
 

My Computer My Computer

At a glance

Windows 7 Home Premium 64bitQ66006gb8800gt
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 Home Premium 64bit
CPU
Q6600
Memory
6gb
Graphics Card(s)
8800gt
Code:
[COLOR="Red"]BugCheck 7F[/COLOR], {[COLOR="Blue"]8[/COLOR], 80050031, 6f8, fffff80002e82e3f}

Probably caused by : ntkrnlmp.exe ( nt!KiDoubleFaultAbort+b2 )

Code:
Usual causes:  Memory corruption, Hardware (memory in particular), Overclocking failure, Installing a faulty or mismatched hardware (especially memory) or a failure after installing it, 3rd party firewall, Device drivers, SCSI/network/BIOS updates needed, Improperly seated cards, Incompatible storage devices, Overclocking, Virus scanner, Backup tool, Bad motherboard, Missing Service Pack

It seems that a Double Fault has happened, which is when a thread is processing a exception, and then a exception happens again during the processing of the original exception.

Code:
2: kd> [COLOR="SeaGreen"]!stack[/COLOR]
Call Stack : [COLOR="Red"]26 frames[/COLOR]
## Stack-Pointer    Return-Address   Call-Site       
00 fffff88002f69ce8 fffff80002e7f129 nt!KeBugCheckEx+0 
01 fffff88002f69cf0 fffff80002e7d5f2 nt!KiBugCheckDispatch+69 
02 fffff88002f69e30 fffff80002e82e3f nt!KiDoubleFaultAbort+b2 
03 0000000000000010 fffff80002e771d0 nt!SwapContext_PatchXSave+8f 
04 fffff88002f67800 fffff88002f67800 [COLOR="Red"]nt!KiCallUserMode+0[/COLOR]

Anyone know what PatchXSave is? Something related to Kernel Patch Protection since we're dealing with a x64 operating system?

Run Driver Verifier to scan for any corrupted drivers which may be causing problems, this program works by running various stress tests on drivers, in order to produce a BSOD which will locate the driver; run for least 24 hours:
 

My Computer My Computer

Computer type
Laptop
3 from 3

Hi,
I set up driver verifier as per the instructions (selecting everything that was not provided by Microsoft) and restarted to take effect, I got a blue screen 3 times in a row after entering the log in password before it even got into windows, I turned it off and did another info rar - I was hoping whatever caused the last three would at least show up but let me know if I should just keep trying to log in.

Thanks,
Boo
 
Last edited:

My Computer My Computer

At a glance

Windows 7 Home Premium 64bitQ66006gb8800gt
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Custom Build
OS
Windows 7 Home Premium 64bit
CPU
Q6600
Memory
6gb
Graphics Card(s)
8800gt
Code:
1: kd> [COLOR="SeaGreen"]lmvm nvlddmkm[/COLOR]
start             end                 module name
fffff880`04861000 fffff880`05346000   nvlddmkm T (no symbols)           
    Loaded symbol image file: nvlddmkm.sys
    Image path: \SystemRoot\system32\DRIVERS\nvlddmkm.sys
    Image name: nvlddmkm.sys
    Timestamp:       [COLOR="Red"] Fri Jun 21 10:06:16 2013[/COLOR] (51C41788)
    CheckSum:         00AB87FF
    ImageSize:        00AE5000
    Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4

Your nVidia graphics card driver seems to be causing problems, and it's quite outdated, please update to the latest WHQL version from here - NVIDIA Driver Downloads - Advanced Search

Version: 327.23
Release Date for Desktops and Notebooks : September 19th 2013
In Device Manager: 9.18.13.2723

Code:
2: kd> [COLOR="SeaGreen"]!irp fffff98012c8adc0[/COLOR]
Irp is active with 5 stacks 4 is current (= 0xfffff98012c8af68)
 No Mdl: No System Buffer: Thread 00000000:  Irp stack trace.  
     cmd  flg cl Device   File     Completion-Context
 [  0, 0]   0  2 00000000 00000000 00000000-00000000    

			Args: 00000000 00000000 00000000 ffffffffc0000010
 [  0, 0]   0  0 00000000 00000000 00000000-00000000    

			Args: 00000000 00000000 00000000 00000000
 [ 17,ff]   0  2 fffffa800766ab80 00000000 00000000-00000000    
	      fffffa800766ab80: Could not read device object or _DEVICE_OBJECT not found

			Args: fffffa8007667080 00000000 00000000 00000000
[COLOR="Red"]>[ 17,ff]   0 e0 fffffa800766ab80 00000000 fffff80003368eb0-fffff98012c8afb0 Success Error Cancel 
	      fffffa800766ab80: Could not read device object or _DEVICE_OBJECT not found
	nt!IovpInternalCompletionTrap[/COLOR]
			Args: fffffa8007667080 00000000 00000000 00000000
 [ 17,ff]   0 e0 fffffa800766a7b0 00000000 fffff80003372350-fffff880031af720 Success Error Cancel 
	      fffffa800766a7b0: Could not read device object or _DEVICE_OBJECT not found
	nt!ViIrpSynchronousCompletionRoutine
			Args: fffffa8007667080 00000000 00000000 00000000

Code:
2: kd> [COLOR="SeaGreen"]!stack[/COLOR]
Call Stack : [COLOR="Red"]27 frames[/COLOR]
## Stack-Pointer    Return-Address   Call-Site       
00 fffff880031af0e8 fffff800033664ec nt!KeBugCheckEx+0 
01 fffff880031af0f0 fffff8000337058a nt!VerifierBugCheckIfAppropriate+3c 
02 fffff880031af130 fffff80003371593 nt!ViErrorFinishReport+da 
03 fffff880031af180 fffff80003371c52 nt!VfErrorReport1+63 
04 fffff880031af220 fffff80003366181 nt!ViGenericVerifyIrpStackUpward+62 
05 fffff880031af250 fffff80003372c3d nt!VfMajorVerifyIrpStackUpward+91 
06 fffff880031af290 fffff8000338461d nt!IovpCompleteRequest2+ad 
07 fffff880031af300 fffff80002edc5d1 nt!IovpLocalCompletionRoutine+9d 
08 fffff880031af360 fffff8000337c2af nt!IopfCompleteRequest+341 (perf)
09 fffff880031af450 fffff80002ebdb16 nt!IovCompleteRequest+19f 
0a fffff880031af520 fffff88005de2a0f [COLOR="Red"]nt!IopInvalidDeviceRequest+16[/COLOR] 
0b fffff880031af550 fffff88005de27fb HIDCLASS!HidpIrpMajorDefault+8b 
0c fffff880031af590 fffff80003382d26 HIDCLASS!HidpMajorHandler+eb 
0d fffff880031af600 fffff80003381d52 [COLOR="Red"]nt!IovCallDriver+566 [/COLOR]
0e fffff880031af660 fffff80003382d26 nt!ViFilterDispatchPower+62 
0f fffff880031af690 fffff80003381e68 [COLOR="Red"]nt!IovCallDriver+566 [/COLOR]
10 fffff880031af6f0 fffff80003381f52 nt!VfIrpSendSynchronousIrp+e8 
11 fffff880031af760 fffff8000336f0bf nt!VfWmiTestStartedPdoStack+72 
12 fffff880031af800 fffff80002f8b692 nt!VfMajorTestStartedPdoStack+5f 
13 fffff880031af830 fffff800032c65ac nt!PpvUtilTestStartedPdoStack+12 
14 fffff880031af860 fffff800032c81a4 nt!PipProcessStartPhase3+55c 
15 fffff880031af950 fffff800032c8768 nt!PipProcessDevNodeTree+264 
16 fffff880031afbc0 fffff80002fdb817 nt!PiProcessReenumeration+98 
17 fffff880031afc10 fffff80002ee2261 nt!PnpDeviceActionWorker+327 
18 fffff880031afcb0 fffff80003176bae nt!ExpWorkerThread+111 
19 fffff880031afd40 fffff80002ec98c6 nt!PspSystemThreadStartup+5a 
1a fffff880031afd80 0000000000000000 nt!KxStartSystemThread+16

The Driver Verifier bugchecks indicated that the caller has changed the status field of the IRP, in which it didn't understand. The Major Function Code 17 is related to System Control, and a WMI IRP, which are usually requested by User Mode, which may explain the reasoning behind User Mode being called in the other bugcheck.
 

My Computer My Computer

Computer type
Laptop
Back
Top