DPC_WATCHDOG_VIOLATION everyday - 0x133

Friday, February 28, 2020

MBAM Forums - https://forums.malwarebytes.com/topic/256485-dpc_watchdog_violation-everyday/?do=findComment&comment=1364908



Test RAM and HDD.

Update NVIDIA driver




BSOD- Unexpected_Store_Exception

Friday, December 20, 2019





Hi. . .

It is likely that your hard drive is failing.

Your dumps -
BugCheck EF, {ffffbd8bef699140, 0, 0, 0}
Probably caused by : ntkrnlmp.exe ( nt!PspCatchCriticalBreak+115 )
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
BugCheck EF, {ffffd98a3a8ce140, 0, 0, 0}
Probably caused by : ntkrnlmp.exe ( nt!PspCatchCriticalBreak+115 )
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
BugCheck 154, {ffff8e0b93ae8000, ffffc1884e8b9000, 2, 0}
Probably caused by : hardware_disk
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
BugCheck 154, {ffffc90f417c6000, fffffa0b18a20000, 2, 0}
Probably caused by : hardware_disk
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
BugCheck 154, {ffff8b8dc4e03000, ffff83094988a420, 2, 0}
Probably caused by : hardware_disk
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``


Regards. . .

jcgriff2
244x90_BC_04-04-2019.png

BSODs since adding internal HD & RAM

Tuesday, December 17, 2019







Posted Today, 11:19 AM
Hi. . .

Your hard drives according to your msinfo32.nfo file found in the Sysnative folder in Documents, under StorageDisks area -

You have a Western Digital 1 TB drive - not sure if SSD or HDD - 
Model WDC WD10EZEX-75M2NA0

You have a 4 TB drive - again - unsure of its type -
Model ST4000DM005-2DP166

Another 4 TB Seagate drive - unsure of its type - 
Model Seagate BUP BK SCSI Disk Device

Regards. . .

jcgriff2

Critical Process Died At Start Up Nothing Thus Far Seems To Fix

Saturday, December 14, 2019

WMI Virtual Memory Usage



Posted Today, 12:19 PM
Gordefving, on 14 Dec 2019 - 08:29 AM, said:
For the past few days all of the browsers have been crashing (allegedly low memory which makes no sense considering the number of free gigs that I did have available),...

The "low memory" message could be referring to virtual memory and not to physical memory (RAM).

Virtual memory is the usage of the page file for memory instead of using physical RAM. Some apps (like Notepad, for example) writes directly to the page file (virtual memory) instead of writing to physical RAM. Sysinternals Process Monitor from Microsoft does the same thing.

With virtual memory, the system writes to and reads from the page file (c:\pagefile.sys) instead of RAM, making the system very, very slow.

You can run this Windows Management Instrumentation (WMI) app to check on your peak and current virtual memory usage - (I wrote the app, so it is safe) - 


Download and save to Desktop or Documents. RIGHT-click on the EXE, select "Run as Administrator". Upon completion, a Notepad will open (it may be located in the Taskbar). Scroll to the end of the file and you'll see this - 
AllocatedBaseSize=8704
Caption=C:\pagefile.sys
CurrentUsage=1311
Description=C:\pagefile.sys
InstallDate=20131220133842.488186-300
Name=C:\pagefile.sys
PeakUsage=1331
Status=
TempPageFile=FALSE

The two important numbers - 
1. CurrentUsage=1311 = I am currently using 1,311 MB (1.3 GB) of virtual memory (I have about 2 dozen Notepads open due to my BSOD Dump Processing App
2. PeakUsage=1331 = My peak virtual memory usage since the last system re-boot (~1.33 GB virtual memory) - again, likely due to the BSOD Dump Processing App

Anyway, you can use the WMI app to check your virtual memory usage at any time, but specifically when you get the "low memory" messages.

Regards. . .

jcgriff2

FocusRite USB Audio BSODs

Thursday, December 12, 2019





Hi. . .



From your post -



[code]STACK_TEXT: 

00000000`00000000 : nt!KeBugCheckEx

00000000`00000000 : nt!VerifierBugCheckIfAppropriate+0xdf

00000000`00000002 : nt!VerifierFreeTrackedPool+0x41

01000000`00100000 : nt!ExFreeHeapPool+0x1b5247

ffffa005`d76f71c0 : nt!ExFreePool+0x9

ffffa004`d4ca03d0 : FocusriteUSBAudio+0x6d3f[/code]



FocusriteUSBAudio.sys (Focusrite USB Audio driver) is on the last line of the stack. Given that it is the

only 3rd party driver on the stack, there is no doubt whatsoever that it is

at fault/ the cause of the BSOD.



Also. . .



[code]MODULE_NAME: FocusriteUSBAudio

IMAGE_NAME:  FocusriteUSBAudio.sys



DEBUG_FLR_IMAGE_TIMESTAMP:  5d14e2e4[/code]



Driver timestamp = [b]0x5d14e2e4[/b] converts to [b]Thu, 27 Jun 2019 15:38:12 GMT[/b]



So, the driver is nearly 6 months old.



Regards. . .



jcgriff2






Driver Identification Help





Posted Today, 08:58 AM
Hi - 

ntoskrnl.exe is the Windows kernel and can never be the actual cause of a BSOD. It is merely listed as a default because the real culprit cannot be identified.

hall.dll = Windows Hardware Abstract Layer and again, is not the actual cause.

Your BSODs are being caused by unknown hardware failure, although the failure of Prime95 points us in the direction of the CPU.

Multiple bugchecks (stop codes) verifies the fact that hardware is at fault.

Unfortunately, the dumps are incapable of telling us which piece of hardware has failed. Dumps are only good for figuring out software problems for software and driver developers. No dump will ever say "replace your CPU".

Regards. . .

jcgriff2

Bugcheck 0x119 - new pc, frequent BSoD

Wednesday, December 11, 2019

Bleeping Computer



https://www.bleepingcomputer.com/forums/t/709482/new-pc-frequent-bsod/



Hi. . .

Your system parts link returns an HTTP 404 error (page not found) - https://pcpartpicker.com/list/YCLntp)

I know you said this is a new system and I see the words "custom build" listed. Exactly how old is it? i.e., a week. a moth, 6 months, etc...??

The reason that I ask is because depending in which state that you live in, you MAY be entitled to a brand new system versus the manufacturer/builder attempting to fix your current system.

I would demand a brand new system -- do not allow them to talk you into fixing this system otherwise I fear that you will be stuck with a system that you will have problems with for as long as you own it.

For info, I generally see 1 (one) NVIDIA BSOD for every 1,000 ATI video BSODs. NVIDIA writes some of the finest drivers in the world; ATI for whatever reason, does not.

The Sysnative zip file attachment contained just 3 dump files, yet a Windows app, executed by the Sysnative app -  msinfo32 - WERCON (Windows Error Reporting) section lists a total of 8 (eight) BSODs starting on 5 December 2019 through 9 December 2019. Any idea what happened to the missing 5 dumps?

The date of the BSOD is contained in the file name -
C:\Windows\Minidump\120919-6718-01.dmp
C:\Windows\Minidump\120919-6718-01.dmp
C:\Windows\Minidump\120819-6515-01.dmp
C:\Windows\Minidump\120819-6515-01.dmp
C:\Windows\Minidump\120619-6593-01.dmp
C:\Windows\Minidump\120619-6593-01.dmp
C:\Windows\Minidump\120519-6015-01.dmp
C:\Windows\Minidump\120519-6015-01.dmp

Per the Windows app systemunfo.exe, again, executed by the Sysnative app, shows your initial Windows boot date (the date when Windows was installed and/or first booted) to be:
Original Install Date:     02/12/2019, 01:32:42

That would equate to 2 December 2019, just 3 days prior to the first BSOD per the files that I have examined thus far.

Do you recall the exact date that you took delivery of the system? i.e., did you take delivery of the system between 2 December and 9 December 2019? I'm trying to figure out if the system builder had the system during the BSODs and therefore would have known that they were delivering a defective system to you or not. This would not be the first time where I have seen a systm builder deliver a new system to a client that they knew was BSOD'ing. Shameful if true!

Here are the bugchecks and "probably caused by" for the 3 dumps submitted - 
BugCheck 119, {1, 57d90, 57d92, ffffa604ae98d000}
Probably caused by : dxgmms2.sys ( dxgmms2!VidSchiProcessIsrCompletedPacket+1249f )
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
BugCheck 119, {1, 45900, 45902, ffff9283125eb000}
Probably caused by : dxgmms2.sys ( dxgmms2!VidSchiProcessIsrCompletedPacket+1249f )
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
BugCheck 119, {1, 3eb2, 3eb4, ffffac85e7c54000}
Probably caused by : dxgmms2.sys ( dxgmms2!VidSchiProcessIsrCompletedPacket+1249f )
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Bugcheck 0x119 = The VIDEO_SCHEDULER_INTERNAL_ERROR bug check has a value of 0x00000119. This indicates that the video scheduler has detected a fatal violation. This is most likely a hardware failure problem.

"Probably caused by : dxgmms2.sys" =  dxgmms2.sys is a Microsoft DirectX component (driver) and is not the rel culprit here --- it just caught the blame because the real culprit could not be identified.

As I said earlier - contact the system builder immediately and report the fact that you are experiencing BSODs likely caused by something related to video or other unknown hardware failure.

Also mentioned in each of the 3 dumps - your ATI video driver.

I checked the timestamps (dates) on the ATI drivers as found in the BSOD dumps and the drivers are very new, so I doubt that the video drivers are the problem. Here are the two ATI video drivers currently loaded in your system:
atikmdag.sys Tue Nov 26 16:59:33 2019 (5DDDCA75)
atikmpag.sys Tue Nov 26 16:49:59 2019 (5DDDC837)
As you can see - they are just 15 days old.

Again - contact the system builder immediately.

Regards. . .

jcgriff2

Edited by jcgriff2, Today, 04:48 PM.



p.s. I checked the SYSTEM Event Viewer log and found evidence of 5 (five) BSODs starting on 5 December 2019.

Again - the date of system delivery to you is very important here.

Do you recall the date that you took delivery of the system?

To be honest, my curiosity is peaked right now as well! :)

Regards. . .

jcgriff2

WHEA Uncorrectable Error - Bugcheck 0x124

Bleeping Computer



WHEA Uncorrectable Error - Bugcheck 0x124





Posted Today, 12:36 PM
Hi. . .

First off, for info, I am NOT a hardware expert and sit on the software side of the fence. Hopefully, a true hardware expert will see this thread and be able to help. I have never built a system and purchase only OEM laptops (HP, Fujitsu, Toshiba, etc...

The bugcheck on both dumps that you submitted was in fact was 0x124 = WHEA = Windows Hardware Error Architecture, a/k/a "Machine Check Exception".


0x124 BSODs are notoriously difficult to solve because the cause is simply "unknown hardware failure". 

Unfortunately, the dumps are incapable of telling us which piece of hardware has failed (except sometimes for hard drives as the dumps can record I/O errors,  which usually pertain to internal hard drives. Dumps are really only good for figuring out software problems as they can identify the exact line of code that failed, which would aid a software/ driver developer.

All I can really do here is to give you some hardware diagnostic programs to run.

Since it does look like the CPU is involved here and you have an Intel CPU, please run the Intel CPU Diagnostic Test.


Before running the Intel diagnostic test, close ALL windows. In fact, it is best to download the CPU test to your Desktop so that you will not have any Windows open at all while running the diagnostic test.

Have you told the shop where you purchased the motherboard from that all is well until you activate (turn on) the turbo mode? Maybe they have some ideas.

You also mentioned having "Clock Watchdog Timeout" errors. In Windows, "WATCHDOG" usually refers to video, but not always.

I therefore would recommend running a video diagnostic test as well - Furmark.

 
Just out of curiosity, please check the "watchdog directory" (the place where 0x117 WATCHDOG dumps are stored) and obtain an estimate of how many dumps there are in this directory (folder). A WATCHDOG error is also referred to as a "Live Kernel Event" with bugcheck 0x117. A 0x117 is just short of a full-fledged 0x116 BSOD.
 
The location for 0x117 Live Kernel Report dumps = C:\Windows\LiveKernelReports

The easiest way to obtain a quick count - bring up an elevated Admin CMD Prompt screen - https://www.sysnative.com/forums/threads/open-an-elevated-administrative-command-prompt-cmd-windows-10.11712/

Then type/paste - 
dir "C:\Windows\LiveKernelReports\watchdog"  /a >c:\0 & start notepad c:\0

A Notepad will open. Look at the second-to-last line - (this is from my system) -

 Volume in drive C is Windows 8.1 x64
 Volume Serial Number is C8D9-F1EF
 
 Directory of C:\Windows\LiveKernelReports\watchdog
 
01/02/2019  07:33 PM    <DIR>          .
01/02/2019  07:33 PM    <DIR>          ..
06/23/2014  04:41 PM           422,484 WD-20140623-1741.dmp
07/05/2014  11:03 AM           454,679 WD-20140705-1203.dmp
07/10/2014  05:00 PM           425,921 WD-20140710-1800.dmp
07/15/2014  12:39 PM           454,814 WD-20140715-1339.dmp
01/06/2015  06:36 PM           422,603 WD-20150106-1836.dmp
01/16/2015  07:20 AM           423,392 WD-20150116-0720.dmp
01/21/2015  10:07 AM           422,597 WD-20150121-1007.dmp
01/24/2015  04:23 PM           423,664 WD-20150124-1623.dmp
01/25/2015  04:11 PM           420,584 WD-20150125-1611.dmp
05/28/2015  09:39 AM           420,422 WD-20150528-1039.dmp
06/04/2015  11:12 PM           416,696 WD-20150605-0012.dmp
06/16/2015  06:53 PM           422,479 WD-20150616-1953.dmp
08/31/2015  04:02 PM           420,325 WD-20150831-1702.dmp
09/17/2015  06:04 AM           420,298 WD-20150917-0704.dmp
10/19/2015  07:49 PM           420,441 WD-20151019-2049.dmp
10/27/2015  08:14 PM           420,441 WD-20151027-2114.dmp
04/15/2016  01:29 PM           422,613 WD-20160415-1429.dmp
07/16/2016  12:11 PM           422,627 WD-20160716-1311.dmp
08/02/2016  03:48 AM           422,573 WD-20160802-0447.dmp
08/16/2016  10:30 PM           422,543 WD-20160816-2330.dmp
11/29/2016  01:36 PM           422,622 WD-20161129-1336.dmp
07/09/2017  11:52 AM           422,589 WD-20170709-1252.dmp
12/25/2017  01:37 AM           422,580 WD-20171225-0137.dmp
05/14/2018  07:31 PM           422,415 WD-20180514-2031.dmp
05/29/2018  07:13 PM           422,527 WD-20180529-2013.dmp
06/11/2018  07:55 AM           423,323 WD-20180611-0855.dmp
07/26/2018  06:18 PM           423,437 WD-20180726-1918.dmp
08/28/2018  12:11 PM           423,430 WD-20180828-1311.dmp
10/09/2018  05:32 PM           422,575 WD-20181009-1832.dmp
01/02/2019  07:33 PM           423,603 WD-20190102-1933.dmp
              30 File(s)     12,731,297 bytes
               2 Dir(s)  59,301,023,744 bytes free

Second to the last line tells you the number of files (dumps) currently in the directory (folder), so in my case, it is 30.

If you have any problems obtaining the dump count, please let me know. 

Thank you.

Regards. . .

jcgriff2




`

KERNEL_DATA_INPAGE_ERROR ntoskrnl.exe 0x0000007a

Monday, December 2, 2019





Bleeping Computer



Hi. . .

No work for me here as you know the problem already.

From the dumps -
[code]DISK_HARDWARE_ERROR: There was error with disk hardware[/code]

Run SeaTools for DOS, LONG test -

Regards. . .

jcgriff2

Always getting BSOD when hibernate

Always getting BSOD when hibernate


https://www.sysnative.com/forums/threads/always-getting-bsod-when-hibernate.29995/

Sysnative Forums






Hi. . .

Also for now, remove FrontEnd security from Fortinet, Inc - uninstall it.

Rich (BB code):
0: kd> !irp fffffa80`1ee14160
Irp is active with 3 stacks 2 is current (= 0xfffffa801ee14278)
 No Mdl: No System Buffer: Thread 00000000:  Irp stack trace.  
     cmd  flg cl Device   File     Completion-Context
 [N/A(0), N/A(0)]
            0  0 00000000 00000000 00000000-00000000    

            Args: 00000000 00000000 00000000 00000000
>[IRP_MJ_POWER(16), IRP_MN_SET_POWER(2)]
            0 e1 fffffa801f02f050 00000000 00000000-00000000    pending
           \Driver\ftsvnic
            Args: 00015500 00000001 00000004 00000003
 [N/A(0), N/A(0)]
Code:
ftsvnic.sys  Wed Feb 20 09:21:32 2019 (5C6D8C9C)
Regards. . .

jcgriff2

Stopcode system Service Exception

Sunday, December 1, 2019

Stopcode system Service Exception


Marvell Yukon SATA driver

Posted Today, 04:13 PM
Eddavid, on 01 Dec 2019 - 2:04 PM, said:
it crashes to a blue  screen with the information that the exception is mvs91**.sys 

That is likely your Marvell SATA controller driver begging to be updated.


Please provide the info that MrPepka requested as we do need it.

I just know this Marvell driver from years of dealing with it.

Regards. . .

jcgriff2


Stop (System Service Exception) Exception Error BSOD

Saturday, November 30, 2019


Stop (System Service Exception) Exception Error BSOD



https://www.bleepingcomputer.com/forums/t/708825/stop-exception-error-bsod/



Bleeping Computer



Hi. . .

When you place a system into hibernation, the contents of RAM (physical memory at the time) is written to the file c:\hiberfil.sys, which on a Windows 10 system is about 75% of the size of physical installed RAM (maximum file size).

RAM as reported by the Windows app systeminfo also found in the Sysnative zip file -
Total Physical Memory:     8,107 MB (8 GB rounded)


So, I would expect the hiberfil.sys to be about 6.8 GB in size. (Not really important here; just noting this as we get towards the point that I'm trying to make).

BSOD mini kernel memory dump files (found in \windows\minidump) contain the date of the BSOD in the filename.

Inside of your Sysnative zip file that you attached to your post (THANK YOU!), I found a tiny (in size) corrupted BSOD dump file named [b]082419-37468-01.dmp[/b] - which means that a BSOD occurred on 24 August 2019. Based on other system data in the Sysnative file, you may not have even known that a BSOD occurred that day.

The only information that the dump gave me (because of its corruption and 2 byte total size) was an NT STATUS/Exception error code of:
[CODE]0xC000011E
STATUS_MAPPED_FILE_SIZE_ZERO    An attempt was made to map a file of size zero with the maximum size specified as zero.[/CODE]

... which as you can probably guess means - An file was mapped with a total file size = 0 bytes and the maximum size  was specified as zero, which does not make much sense to me. Why map a file then write to the file if you are not going to write any data/info to it? The exception error code written in hex is where the 2 byte file size comes from.

I only bring all of this up because of your current complaint/issue/problem involving the hard drive. The 0xc000011e exception error code could have been a precursor of things to come involving the hard drive; not sure as I am only making a guess here based on the logical information at hand.

You reported a "Stop Exception Error BSOD", which could actually be a "System Service Exception Error BSOD, Bugceck 0x3b with the exception error code = 0xc000011e; not 100% sure on this, but it is the closest BSOD title that I could find. It basically means that a system service threw an exception, the exception being the 0xc11e error code.


It is a hard drive diagnostic test that runs under the DOS operating system, so Windows does not load, so no BSODs will occur.

Regards. . .

jcgriff2




Text

Powered by Blogger.

Follow by Email

Search This Blog

Popular Posts