Solved While my pc was in sleep mode, my electricity went down, since then BSOD

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  • Hello everyone We want to personally apologize to everyone for the downtime that we've experienced. We are working to get everything back up as quickly as possible. Due to the issues we've had, your password will need to be reset. Please click the button that says "Forgot Your Password" and change it. We are working to have things back to normal. Emails are fixed and should now send properly. Thank you all for your patience. Thanks, PCHF Management
Status
Not open for further replies.
George Smoke

George Smoke

PCHF Member
Jun 12, 2022
14
2
23
Hi guys, my problem is basically described in the headline. I think I am already aware pretty much what bug causes this, its some bug called ntkrnlmp.exe, probably linked to some problematic driver or something. I can copy you text from WinDbg diagnostics if someone will be able to tell me what exact driver probably causes that and what should I do. thanks for help

Microsoft (R) Windows Debugger Version 10.0.25111.1000 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Code: 
Loading Dump File [C:\Windows\Minidump\061222-6343-02.dmp]
Mini Kernel Dump File: Only registers and stack trace are available


************* Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       srv*
Symbol search path is: srv*
Executable search path is:
Windows 10 Kernel Version 19041 MP (12 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Edition build lab: 19041.1.amd64fre.vb_release.191206-1406
Machine Name:
Kernel base = 0xfffff805`26a00000 PsLoadedModuleList = 0xfffff805`2762a2b0
Debug session time: Sun Jun 12 03:05:04.463 2022 (UTC + 2:00)
System Uptime: 0 days 1:25:55.098
Loading Kernel Symbols
...............................................................
................................................................
.............................................................
Loading User Symbols
Loading unloaded module list
.............
For analysis of this file, run !analyze -v
nt!KeBugCheckEx:
fffff805`26df7d60 48894c2408      mov     qword ptr [rsp+8],rcx ss:0018:ffffb70c`632a7060=000000000000001e
1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common BugCheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff80527071dad, The address that the exception occurred at
Arg3: 0000000000000000, Parameter 0 of the exception
Arg4: 0000000000000000, Parameter 1 of the exception

Debugging Details:
------------------

*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that     ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ExceptionRecord                               ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that     ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ContextRecord                                 ***
***                                                                   ***
*************************************************************************
*** WARNING: Unable to verify checksum for win32k.sys

KEY_VALUES_STRING: 1

    Key  : Analysis.CPU.mSec
    Value: 3983

    Key  : Analysis.DebugAnalysisManager
    Value: Create

    Key  : Analysis.Elapsed.mSec
    Value: 34849

    Key  : Analysis.Init.CPU.mSec
    Value: 342

    Key  : Analysis.Init.Elapsed.mSec
    Value: 2747

    Key  : Analysis.Memory.CommitPeak.Mb
    Value: 96

    Key  : WER.OS.Branch
    Value: vb_release

    Key  : WER.OS.Timestamp
    Value: 2019-12-06T14:06:00Z

    Key  : WER.OS.Version
    Value: 10.0.19041.1


FILE_IN_CAB:  061222-6343-02.dmp

BUGCHECK_CODE:  1e

BUGCHECK_P1: ffffffffc0000005

BUGCHECK_P2: fffff80527071dad

BUGCHECK_P3: 0

BUGCHECK_P4: 0

EXCEPTION_PARAMETER1:  0000000000000000

EXCEPTION_PARAMETER2:  0000000000000000

READ_ADDRESS: fffff805276fb390: Unable to get MiVisibleState
Unable to get NonPagedPoolStart
Unable to get NonPagedPoolEnd
Unable to get PagedPoolStart
Unable to get PagedPoolEnd
unable to get nt!MmSpecialPagesInUse
 0000000000000000

BLACKBOXBSD: 1 (!blackboxbsd)


BLACKBOXNTFS: 1 (!blackboxntfs)


BLACKBOXPNP: 1 (!blackboxpnp)


BLACKBOXWINLOGON: 1

CUSTOMER_CRASH_COUNT:  2

PROCESS_NAME:  System

TRAP_FRAME:  ffff800000000000 -- (.trap 0xffff800000000000)
Unable to read trap frame at ffff8000`00000000

STACK_TEXT: 
ffffb70c`632a7058 fffff805`26e58647     : 00000000`0000001e ffffffff`c0000005 fffff805`27071dad 00000000`00000000 : nt!KeBugCheckEx
ffffb70c`632a7060 fffff805`26e09dac     : 00000000`00001000 ffffb70c`632a7900 ffff8000`00000000 00000000`00000000 : nt!KiDispatchException+0x17c417
ffffb70c`632a7720 fffff805`26e05f43     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiExceptionDispatch+0x12c
ffffb70c`632a7900 fffff805`27071dad     : ffff9289`66652040 00000000`00000000 00000000`00000000 ffffa30b`7b500128 : nt!KiPageFault+0x443
ffffb70c`632a7a90 fffff805`26fe2f52     : ffff9289`66652040 00000000`00000000 ffff9289`66652040 fffff805`26cbfed7 : nt!PspClearProcessThreadCidRefs+0x35
ffffb70c`632a7ad0 fffff805`26fe0b83     : ffffba81`00000000 ffffb70c`633b48c0 00000000`000016c8 ffff9289`53746a60 : nt!PspExitThread+0x6a
ffffb70c`632a7bd0 fffff805`26ceea8f     : ffff9289`66652040 00000000`00000080 fffff805`26cbf9e0 000f8067`b4bbbdff : nt!PspTerminateThreadByPointer+0x53
ffffb70c`632a7c10 fffff805`26dff3b8     : ffffba81`ff940180 ffff9289`66652040 fffff805`26ceea20 00000000`00000000 : nt!PspSystemThreadStartup+0x6f
ffffb70c`632a7c60 00000000`00000000     : ffffb70c`632a8000 ffffb70c`632a2000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x28


SYMBOL_NAME:  nt!PspClearProcessThreadCidRefs+35

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

IMAGE_VERSION:  10.0.19041.1706

STACK_COMMAND:  .cxr; .ecxr ; kb

BUCKET_ID_FUNC_OFFSET:  35

FAILURE_BUCKET_ID:  AV_R_nt!PspClearProcessThreadCidRefs

OS_VERSION:  10.0.19041.1

BUILDLAB_STR:  vb_release

OSPLATFORM_TYPE:  x64

OSNAME:  Windows 10

FAILURE_ID_HASH:  {d534b912-1607-e98a-2541-5d26c353249c}

Followup:     MachineOwner
 
Last edited by a moderator:
Welcome to PCHF lets get some information from your machine. :)

Speccy Scan.
  • Please go here and download Speccy.
  • Install and run the program.
  • Upon Completion:
  • Hit File
  • Publish Snap Shot
  • A link will appear, post that link.
Upload last 4 minidump files here. Instructions on how to upload minidump.

If the file is too large, then use catbox.moe or Ufile.io and send the link in your next reply.
  1. Download MinitoolBox.
  2. Unzip to your desktop.
  3. Right click run as admin.
  4. Check mark the select all box.
  5. Hit Go.
  6. Attach log created.
 
This is the snapshot
Malnutrition said:
Welcome to PCHF lets get some information from your machine. :)

Speccy Scan.
  • Please go here and download Speccy.
  • Install and run the program.
  • Upon Completion:
  • Hit File
  • Publish Snap Shot
  • A link will appear, post that link.
Upload last 4 minidump files here. Instructions on how to upload minidump.

If the file is too large, then use catbox.moe or Ufile.io and send the link in your next reply.
  1. Download MinitoolBox.
  2. Unzip to your desktop.
  3. Right click run as admin.
  4. Check mark the select all box.
  5. Hit Go.
  6. Attach log created.
Click to expand...
 
All good, just start typing in the reply box no need to click the reply button at bottom right.

I still need the Minitoolbox log and the latest 4 dump files.
 
Ok, good that is the minidump files, now onto the MiniToolbox log. :)
 
I can't understand it, but I can open the text with my browser and translate it with google. So, attach the log please. :)
 
Just a quick look at the log, and i noticed this.

DNS request timed out.
timeout was 2 seconds.
Name: google.com
Address: 2a00:1450:4014:80e::200e

Not that this has anything to do with your issues, but you can get the correct DNS server for your machine, while I look over everything.

How to find the best DNS server for my computer.

In this tutorial we will find and apply the best DNS server for your computer. First thing is to download DNS benchmark from here. Once you have downloaded the program, save it to your desktop. Right click and run as admin. Click Name Servers...
pchelpforum.net pchelpforum.net
 
Thanks, if you will find anything related to my problem in the MTB, let me know, thank you for your time
 
Uninstall the programs below with Geek Uninstaller.

DriverPack (HKLM-x32\...\DriverPack) (Version: 17.11 - DriverPack)
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD)
Disable XMP and remove any over clocking by setting your Bios to default.

Dump: 061122-5812-01.dmp (11.06.2022 08:48:02)
Code: 0xBE - ATTEMPTED_WRITE_TO_READONLY_MEMORY
Process: System, probably caused by: memory_corruption
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE

Dump: 061122-5875-01.dmp (11.06.2022 08:56:07)
Code: 0x50 - PAGE_FAULT_IN_NONPAGED_AREA
Process: WMIADAP.exe, probably caused by: hardware
FAILURE_BUCKET_ID: IP_MISALIGNED

Dump: 061122-6421-01.dmp (11.06.2022 09:15:33)
Code: 0x1000007E - SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M
Process: System, probably caused by: memory_corruption
FAILURE_BUCKET_ID: AV_STACKPTR_ERROR_nt!MiMapPageInHyperSpaceWorker


Dump: 061122-6593-01.dmp (11.06.2022 09:39:02)
Code: 0x50 - PAGE_FAULT_IN_NONPAGED_AREA
Process: System, probably caused by: memory_corruption
Third-party modules in the stack: rtwlanu.sys
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE


Dump: 061222-6343-01.dmp (11.06.2022 19:38:39)
Code: 0x1E - KMODE_EXCEPTION_NOT_HANDLED
Process: System, probably caused by: memory_corruption
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE

Clean install your Nvidia Driver with DDU
Grab a fresh copy of it here.

There are multiple errors with Nvidia web Helper. Seems like you just need to stop this from connecting to the internet.

See my guide below on how to stop it from connecting to the internet, as one of the BSOD was related to Wireless USB driver, it could be overwhelming it...

How to block a program from accessing the internet.

Sometimes you may want to block a program from accessing the internet. That is exactly what this guide aims to help you with. First start out by downloading Firewall App Blocker, save it to your desktop. Once you have installed right click on...
pchelpforum.net pchelpforum.net

Error: (06/12/2022 03:05:50 AM) (Source: Application Error) (User:) Description: Faulting Application Name: NVIDIA Web Helper.exe, version: 11.13.0.0, timestamp: 0x5ef97398 Faulting module name: NvCameraAPINode.node, version: 3.23.0.74, timestamp: 0x60c0ca75 Exception code: 0xc0000005 Error offset: 0x000029c4 Faulting process ID: 0x2248 Faulting Application Start Time: 0xNVIDIA Web Helper.exe0 Faulting Application Path: NVIDIA Web Helper.exe1 Faulting module path: NVIDIA Web Helper.exe2 Message ID: NVIDIA Web Helper.exe3 The full name of the missing package: NVIDIA Web Helper.exe4 Application ID related to missing package: NVIDIA Web Helper.exe5

Disable windows 10 spyware with O&O software, this can chew up bandwidth while you game as microsoft is constantly uploading various data from your machine.

Use the recommended and somewhat recommended setting, for O&O shutup 10.

Disable windows update, and only enable it once a week to update on your terms not whenever microsoft feels you need an update.

Uninstall Useless to you windows apps with O&O App buster.


Open a notepad and copy the content of the code box below, paste into open notepad and save it to your desktop as clean.bat then right click on clean.bat and run as admin.


Note: This batch will reboot your machine so close anything you are working on and save it. Do not copy the word code!!

Code: 
@echo off
WMIC /Namespace:\\root\default Path SystemRestore Call CreateRestorePoint "BatchRestorePoint", 100, 10
fsutil resource setautoreset true c:\&fsutil usn deletejournal /d /n c:
powercfg.exe /setactive 381b4222-f694-41f0-9685-ff5bb260df2e
powercfg -hibernate off
%WINDIR%\SYSTEM32\lodctr.exe /R
%WINDIR%\SysWOW64\lodctr.exe /R
C:\Windows\SYSTEM32\lodctr.exe /R
C:\Windows\SysWOW64\lodctr.exe /R
Dism.exe /online /Cleanup-Image /StartComponentCleanup
pause
DISM.exe /Online /Cleanup-image /Restorehealth
pause
Dism.exe /online /Cleanup-Image /StartComponentCleanup /ResetBase
pause
del /s /q C:\Windows\SoftwareDistribution\download\*.*
del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
del /s /q "%userprofile%\AppData\Local\Opera Software\Opera Stable\Cache\Cache_Data\*.*"
del /s /q "%userprofile%\AppData\Local\temp\*.*"
del /f /s /q %systemdrive%\*.tmp
del /f /s /q %systemdrive%\*.log
del /f /s /q %systemdrive%\*.chk
del /f /s /q %systemdrive%\recycled\*.*
del /f /s /q %windir%\*.bak
del /f /s /q %windir%\prefetch\*.*
del /s /q C:\Windows\Temp\*.*
del /q C:\WINDOWS\system32\*.tmp
del /q C:\WINDOWS\syswow64\*.tmp
ipconfig /flushdns
sc stop sysmain
sc config sysmain start= disabled
sc stop DiagTrack
sc config DiagTrack start= disabled
sc stop dmwappushservice
sc config dmwappushservice start= disabled
sc stop WSearch
sc config WSearch start= disabled
sc stop lfsvc
sc config lfsvc start= disabled
del /s /q %ProgramData%\Microsoft\Diagnosis\ETLLogs\AutoLogger\AutoLogger-Diagtrack-Listener.etl
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SQMClient\parameters /v DisabledComponents /t REG_DWORD /d 0xFFFFFFFF
reg add hklm\system\currentcontrolset\services\tcpip6\parameters /v DisabledComponents /t REG_DWORD /d 0xFFFFFFFF
sfc /scannow
pause
shutdown -r
Exit /B
 
Last edited:
Sure, I will do this all, except I have just removed old nvidia drivers and installed new via geforce experience, do i have to do this again? And what exactly is going wrong with XMP? It worked for 2 years just fine. Wont I lose any advantage in fps?
 
If you did not do it with DDU in safe mode, then yes I suggest you take the proper steps.
 
Status
Not open for further replies.
Top Bottom