Looking for help reading .dmp files

Page 2 - Seeking answers? Join the Tom's Hardware community: where nearly two million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
Sort by date Sort by votes

After uninstalling the Overclocking driver and after a few hours of running it BSOD. I uploaded the DMP file has 111318-33171-01.dmp in the same location as the others.
 
Upvote 0 Downvote
i do not see the file:111318-33171-01.dmp
last minidump was from nov 12



 
Upvote 0 Downvote

Okay try this link

https://1drv.ms/u/s!AnNl2UEmvwOMihe2fIgWKBxlSWl_

Had a problem with it not sharing try it again not to sure if the link will work
 
Upvote 0 Downvote
stack corrupted for your video driver.
nvlddmkm.sys Fri Nov 2 15:19:13 2018

I would go to your motherboard vendors website and update
the onboard audio driver -> Realtek high definition audio driver.
looks like a new one dated 11-2-2018

https://us.msi.com/Motherboard/support/Z97S-SLI-Krait-Edition#down-driver&Win10%2064
(you should confirm this is the correct motherboard version)

you might also turn off nvidia utilities that you are not using.
you could reboot and reinstall the video driver + video sound driver from nvidia
I would skip the add on nvidia programs and just install the base driver and gpu sound driver.
(until the problem is fixed)

(repair windows files)
you should start cmd.exe as an admin and run
dism.exe /online /clean-image /restorehealth

(scan for malware running on video card)
and run a Malwarebytes scan
 
Upvote 0 Downvote


I now have the most recent Realtek audio drivers.
ran the cmd command,
currently running Malwarebytes scan and Nvidia drivers
PC also crashed just this morning and uploaded the DMP.
Crashed while working through the steps
111418-27000-01.dmp
 
Upvote 0 Downvote
the file system was cleaning up a file and called a function that was checking some security and it used a null pointer.
the build shown for your kernel is:
10.0.17134.407 (WinBuild.160101.0800)

these core windows files have had their build number,timestamp and checksums removed
win32kfull.sys, win32kbase.sys, win32k.sys you could have malware that made changes to them.

Intel Management Engine Interface (MEI) driver
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys Tue Sep 23 13:01:14 2014
this driver talks to the bios on the machine to enable vpro functions that allow admins to remotely access the machine at the bios level. (if it were me, I would turn this off in bios and remove the driver) (you should at least updated to match your bios version that is two years newer. (see below for links, but make sure it is the correct motherboard, I did not see you exact bios version, you might have a localized version)

Intel RST (Rapid Storage Technology) driver
this isthe Intel Advanced Host Controller Interface driver for SATA.
\SystemRoot\System32\drivers\iaStorA.sys Mon Apr 10 06:06:24 2017
(you could use the microsoft generic version instead of the intel driver if you wanted to, it might help if the bug is in the driver)


go here https://us.msi.com/Motherboard/support/Z97S-SLI-Krait-Edition#down-driver&Win10%2064
install the intel chipset drivers and intel management engine driver.

all of your storage goes thru teedriverx64.sys, your motherboard has a update that is two years newer.
if there was a bug, it could cause a low level problem like this.

apply any windows updates, not sure why your user window kernel files have had their info removed, it blocks the debugger from checking if they have been modified.



BIOS Version V10.7
BIOS Release Date 02/16/2016
Manufacturer MSI
Product Name MS-7922
Version 2.0
Product Z97S SLI Krait Edition (MS-7922)


 
Upvote 0 Downvote

I updated it and it crashed with in 30mins of it running then when it reset it logged me as a temporary account.
uploaded 111818-34109-01.dmp
going to remove the drive as you suggested
(Edit) I can't find the Intel Management Engine Interface Diver to disable it in the BIOS
 
Upvote 0 Downvote
sorry, in bios it would be called vpro.
https://software.intel.com/en-us/blogs/2016/02/01/intel-vpro-setup-and-configuration-integration
Intel Management Engine Interface (MEI) driver uses the CPU chip feature.





 
Upvote 0 Downvote

I don't see that either unless I'm over looking it. Or for some reason the name is different.
 
Upvote 0 Downvote
So I don't know what else to look for in this but i BSOD again with in an hour if running. only programs that were running was Chrome(youtube) and steam, Bethasda launcher and orgin when it crashed and i uploaded the new .DMP file to the One drive.
(Edit) I had my audio randomly turn off and my PC didn't see any speakers/headphones. when I went to turn off my PC it said that other people that were using this pc would lose any unsaved progress
 
Upvote 0 Downvote

So I don't know what else to look for in this but i BSOD again with in an hour if running. only programs that were running was Chrome(youtube) and steam, Bethasda launcher and orgin when it crashed and i uploaded the new .DMP file to the One drive.
(Edit) I had my audio randomly turn off and my PC didn't see any speakers/headphones. when I went to turn off my PC it said that other people that were using this pc would lose any unsaved progress
 
Upvote 0 Downvote
try running the microsoft generic storage driver rather than the intel version:
------------------


window key+x then m to bring up device manager
find ide ata/atapi controllers
click to expand, highlight the intel storage driver, right mouse click to bring up properties
select driver tab
select update driver button
select browse my computer for driver
select let me pick from available drivers

select standard sata ahci controller
select next or apply to save the setting.
it will ask to reboot your machine. do the reboot
then start control panel again and go to programs uninstall
find the intel storage driver installer and uninstall the software
this will remove the various services that try to talk to the driver and prevent a errors being put into your error log.

reboot and see if you still bugcheck. if so then go ahead and provide the memory dump.





 
Upvote 0 Downvote


When i get to the Control Panel uninstaller Intel storage driver installer is not there. I did not uninstall it.
(Edit) It BSOD after picking the standard driver and was uploaded. It BSOD twice so i uploaded them both so i the two most recent ones are new
 
Upvote 0 Downvote
last bugcheck a program called Sunset.exe (see what this file is)
the memory management called a bugcheck with a error code of 0x41201
this error code is not documented.

you should run memtest86 to confirm your memory timings are correct.
you might set up verifier.exe to check your device drivers to see if they are causing corruption.
https://answers.microsoft.com/en-us/windows/forum/windows_10-update/driver-verifier-tracking-down-a-mis-behaving/f5cb4faf-556b-4b6d-95b3-c48669e4c983


I would also download and run crystaldiskinfo.exe to read the smart data from the drive to get an idea of its health.
 
Upvote 0 Downvote

Ran the Verifier and it instantly BSOD after the splash screen. It wouldn't reach a log in screen and windows 10 couldn't repair it.
My RAM timings are right I have them set to their correct ones, I just RMA'd my RAM the other week thinking that was the problem as I ran memtest86 and got errors,
crytaldiskinfo says that both of my drive are in good health

(Edit) I uploaded another BSOD but not sure if its new as it wanted to replace an existing file
 
Upvote 0 Downvote
boot into safe mode and run
verifier.exe /reset
it will tuen off vwerifier so you can boot.

system was up for 9 seconds, most likely the driver/device below trigger the problem
-------------------
plug and play was loading some driver and verifier bugchecked indicating a problem:
Arg1: 0000000000002004, Code Integrity Issue: The image contains a section that is not page aligned.
the bad driver was:
: kd> !ustr ffffd50c9609c418
String(26,26) at ffffd50c9609c418: LGBusEnum.sys
\SystemRoot\system32\drivers\LGBusEnum.sys Mon Jun 13 11:47:08 2016
: Logitech Keyboard look for a update from https://support.logitech.com/en_us/home
(make sure it does not need a firmware update for the keyboard)

could not read the bios interface in this memory dump. (something messed up)
this driver could just be a victim of some other problem.
change the dump type to kernel and provide the c:\windows\memory.dmp file after the next bugcheck. this will save the info from the plug and play system.

you could also, try a new keyboard, or it if it is a usb keyboard, put it on a usb 2 port on the back of the machine connected directly to the motherboard,

you are using the generic usb drivers from Microsoft. these assume your motherboard bios has been updated. certain motherboard will have usb chips that have bugs and will require custom drivers from the motherboard vendor.



quotemsg=21514323,0,2683117]

Ran the Verifier and it instantly BSOD after the splash screen. It wouldn't reach a log in screen and windows 10 couldn't repair it.
My RAM timings are right I have them set to their correct ones, I just RMA'd my RAM the other week thinking that was the problem as I ran memtest86 and got errors,
crytaldiskinfo says that both of my drive are in good health

(Edit) I uploaded another BSOD but not sure if its new as it wanted to replace an existing file[/quotemsg]

 
Upvote 0 Downvote


[/quotemsg]

I dont have a logitech keyboard im using a Tesoro keyboard and it is plugged into USB 3.0 on the back but i will switch it. i only ever had a Microsoft keyboard as another one.
 
Upvote 0 Downvote
well, the driver was in memory and was flagged by verifier.
you can block it from loading with autoruns.

does your keyboard have its own drivers? sometimes oems will license other vendors software and hardware.
check for drivers from tesoro.

you can remove with autoruns, reboot and see if windows plug and play detects the hardware again and installs the same drivers.

here is the info on the driver.
Logitech GamePanel Virtual Bus Enumerator Driver
Drivers for Logitech keyboards that utilize GamePanel LCD technology.
C:\Windows\System32\drivers\LGBusEnum.sys



I dont have a logitech keyboard im using a Tesoro keyboard and it is plugged into USB 3.0 on the back but i will switch it. i only ever had a Microsoft keyboard as another one. [/quotemsg]

 
Upvote 0 Downvote


[/quotemsg]
My keyboard does have its own drivers and is up to date.
i removed the LGBusRnum.sys driver. Did not re-install or mention needing an update.
In AutoRuns what does it mean when the driver is highlighted in red and yellow?
 
Upvote 0 Downvote

Quote: "Yellow entries are references in your registry usually to files that no longer exist on the system. Under the Image path column it will probably say 'File not found'."

Quote: "Pink and 'Not Verified' does not necessarily mean the fils(s) are malicious - it just means that Autoruns can't understand the software signature on the file(s), or the authors may not have a software signature at all (more sloppiness)."

Source: https://answers.microsoft.com/en-us/windows/forum/windows_xp-performance/autorun-says-the-following/5bf4355a-b78b-40c4-bbd6-e02b5551e92f
 
Upvote 0 Downvote
well, the file was loaded in the minidump so it was found. it was a 2016 date on the file. maybe some other issue with it.



 
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom