Pc is unusable because of crashes.

zbook · Jan 24, 2024

Scannerman said:
There are a number of things you could try if you can't keep the OS up and running long enough to do those other things.

1) Try booting your PC with one stick of RAM at a time. Make certain you have the memory in the right slot for only one stick of RAM.

2) If you have a spare SSD disconnect the other hard drives with system turned off and connect spare. Install the desired OS on the spare and see if your system stabilizes. Keep all your hardware at a bare minimum when you do this and then gradually start adding it back each time you turn off your PC. Make a note of what you did last the minute you encounter an issue, if and when you encounter one.

3) Try a system reset. Remove CMOS battery with PC turned off and unplugged. Wait at least ten minutes. Replace battery, plug in the PC and turn it on. (See: #2)

4) Try running your computer without the graphics card if you have onboard graphics or, try a different graphics card if you have one. Sometimes you can inadvertently acquire the wrong driver for your graphics card. Best to rule this out if at all possible.

5) Try disconnecting all other drives except the one with the OS and rebooting the system.

You have enough errors to warrant trying out a fresh operating system. Using this approach might be of some help in locating any problematic hardware. If your system won't stay up long enough to run any analytics then it might well be worth a try. Make certain that your BIOS is in order (secure boot, AHCI, boot order etc.) and that you have the latest BIOS.

Even if there is nothing wrong with your memory sometimes re-seating the RAM will help. Might as well do a check on each stick of RAM before re-seating it all. These are only a few of the things I do when my system won't stay up long enough to run any data checks.

I'm running HyperX Fury on three PCs here without issue. I'm thinking your RAM is fine, but stuff happens. I hope this helps.

Please see post #18.

x BlueRobot · Jan 25, 2024

zbook said:
The computer is extremely unlikely to have a driver problem.

Any evidence to support this?

Here's my own analysis:

Stop 0x139 (012424-6265-01.dmp):

Rich (BB code):

0: kd> .trap ffffb20ff756b480; knL
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=ffffb30059d60180 rbx=0000000000000000 rcx=0000000000000003
rdx=ffffe6019dc24680 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80109c4ae3f rsp=ffffb20ff756b610 rbp=fffff80105d64180
 r8=ffffe601905ec158  r9=0000000000000000 r10=ffffe601a06b4738
r11=ffffe60198b33080 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz na po nc
nt!KiWakeQueueWaiter+0x164fcf:
fffff801`09c4ae3f cd29            int     29h
  *** Stack trace for last set context - .thread/.cxr resets it
 # Child-SP          RetAddr               Call Site
00 ffffb20f`f756b610 fffff801`09acae90     nt!KiWakeQueueWaiter+0x164fcf << Crash here!
01 ffffb20f`f756b670 fffff801`09a7e681     nt!KeInsertQueueEx+0x1a0 << NULL Queue Entry
02 ffffb20f`f756b6e0 fffff801`09f401e6     nt!IopCompleteRequest+0x601
03 ffffb20f`f756b7b0 fffff801`09f27137     nt!IopSynchronousServiceTail+0x356
04 ffffb20f`f756b860 fffff801`09f26d83     nt!IopWriteFile+0x267
05 ffffb20f`f756b980 fffff801`09c2bbe8     nt!NtWriteFile+0x263
06 ffffb20f`f756ba70 00007ff9`8e56f474     nt!KiSystemServiceCopyEnd+0x28
07 000000da`65dfdcf8 00000000`00000000     0x00007ff9`8e56f474

Opera initiates a write request (IRP_MJ_WRITE) which is then completed, this I/O request is synchronous, so the calling thread (Opera) is placed in a wait state and waits to be told that the file write has completed. This is what the KiWakeQueueWaiter is doing. However, when it attempts to read the next queue entry, to check which thread should be woken, it can't because it can't due to the corrupt list entry.

Rich (BB code):

0: kd> dt _LIST_ENTRY ffffe601a06b4788
nt!_LIST_ENTRY
 [ 0x00000000`00000000 - 0x00000000`00000000 ]
   +0x000 Flink            : (null)
   +0x008 Blink            : (null)

This is why the Stop 0x139 bugcheck gets raised.
Stop 0x96 (012424-6328-01.dmp):

Rich (BB code):

0: kd> knL
 # Child-SP          RetAddr               Call Site
00 fffffd8e`121aa448 fffff800`0d8eb3c3     nt!KeBugCheckEx
01 fffffd8e`121aa450 fffff800`0d8e9d48     nt!KeRemoveQueueEx+0x1433
02 fffffd8e`121aa810 fffff800`0dda9e6e     nt!IoRemoveIoCompletion+0x98
03 fffffd8e`121aa930 fffff800`0da2bbe8     nt!NtRemoveIoCompletionEx+0xfe
04 fffffd8e`121aaa70 00007ffb`578f2304     nt!KiSystemServiceCopyEnd+0x28
05 00000001`0061f178 00000000`00000000     0x00007ffb`578f2304

This is very similar to the Stop 0x139 bugcheck, however, instead this is an asynchronous I/O request so it gets queued up to a I/O completion port (basically another queue) but instead of a specific thread, any arbitrary thread will pick up an I/O item from the queue and then process it. Now, instead of pushing to the queue, we're removing from the queue but the reason for the crash is the same: a corrupt _LIST_ENTRY.

Rich (BB code):

0: kd> dt _LIST_ENTRY ffff85891488e380
nt!_LIST_ENTRY
 [ 0x00000000`00000000 - 0xffff8589`103b2dd8 ]
   +0x000 Flink            : (null) 
   +0x008 Blink            : 0xffff8589`103b2dd8 _LIST_ENTRY [ 0xffff8589`1488e380 - 0xffff8589`1488e380 ]

Stop 0xA (012424-6203-01):

Rich (BB code):

2: kd> knL
 # Child-SP          RetAddr               Call Site
00 ffffc803`bef39ee8 fffff805`0842c4e9     nt!KeBugCheckEx
01 ffffc803`bef39ef0 fffff805`08427a34     nt!KiBugCheckDispatch+0x69
02 ffffc803`bef3a030 fffff805`0826fa39     nt!KiPageFault+0x474
03 ffffc803`bef3a1c0 fffff805`0826779f     nt!KiCommitRescheduleContextEntry+0x49
04 ffffc803`bef3a260 fffff805`08269a3d     nt!KiDeferredReadySingleThread+0x99f
05 ffffc803`bef3a630 fffff805`082691fb     nt!KiExitDispatcher+0x19d
06 ffffc803`bef3a9e0 fffff805`087a9359     nt!KeSetEvent+0xeb
07 ffffc803`bef3aa70 fffff805`0842bbe8     nt!NtSetEvent+0xb9
08 ffffc803`bef3aae0 00007fff`ccb0f534     nt!KiSystemServiceCopyEnd+0x28
09 000000d0`f21ff238 00000000`00000000     0x00007fff`ccb0f534

This bugcheck is due an illegal page fault but if you examine the call stack leading up to the crash, then it you will see it involves thread scheduling; again, we very likely crash due to a corrupt list entry. This more difficult to prove though with just a Minidump since many of the structures do not parse correctly.

Rich (BB code):

2: kd> dt _KPRCB -y Deferred
nt!_KPRCB
   +0x2d08 DeferredReadyListHead : _SINGLE_LIST_ENTRY

It is very likely that the thread was being inserted into this list.

Stop 0xF7 (012424-6187-01.dmp):

Rich (BB code):

2: kd> knL
 # Child-SP          RetAddr               Call Site
00 fffffc84`583b8858 fffff802`228fb0f5     nt!KeBugCheckEx
01 fffffc84`583b8860 fffff802`226e9ed9     nt!_report_gsfailure+0x25
02 fffffc84`583b88a0 fffff802`22b3f65e     nt!IoRemoveIoCompletion+0x229
03 fffffc84`583b89c0 fffff802`2282bbe8     nt!NtRemoveIoCompletion+0x13e
04 fffffc84`583b8a70 00007ff8`a5ccf494     nt!KiSystemServiceCopyEnd+0x28
05 00000003`7b7feea8 00007ff8`a3423f83     0x00007ff8`a5ccf494
06 00000003`7b7feeb0 00000000`00000000     0x00007ff8`a3423f83

It seems we encountered a buffer overrun while processing another queue and this was running in the context of Opera.

Rich (BB code):

2: kd> !dpx
Start memory scan  : 0xfffffc84583b8858 ($csp)
End memory scan    : 0xfffffc84583b9000 (Kernel Stack Base)

               rsp : 0xfffffc84583b8858 : 0xfffff802228fb0f5 : nt!_report_gsfailure+0x25
0xfffffc84583b8858 : 0xfffff802228fb0f5 : nt!_report_gsfailure+0x25
0xfffffc84583b8898 : 0xfffff802226e9ed9 : nt!IoRemoveIoCompletion+0x229
0xfffffc84583b88d8 : 0xfffff80222b42417 : nt!ObpReferenceObjectByHandleWithTag+0x267
0xfffffc84583b8968 : 0xfffff80222b4219e : nt!ObReferenceObjectByHandle+0x2e
0xfffffc84583b89b8 : 0xfffff80222b3f65e : nt!NtRemoveIoCompletion+0x13e
0xfffffc84583b89d8 : 0xfffff80222b278a3 : nt!NtReadFile+0xd3
0xfffffc84583b8a68 : 0xfffff8022282bbe8 : nt!KiSystemServiceCopyEnd+0x28
0xfffffc84583b8ad8 : 0xfffff8022282bbe8 : nt!KiSystemServiceCopyEnd+0x28
0xfffffc84583b8ae0 : 0xffffc102acd9f080 :  Trap @ fffffc84583b8ae0

Stop 0x139 (012424-6093-01.dmp):

Rich (BB code):

2: kd> knL
 # Child-SP          RetAddr               Call Site
00 ffffc288`9e18df78 fffff805`1dc2c4e9     nt!KeBugCheckEx
01 ffffc288`9e18df80 fffff805`1dc2cab2     nt!KiBugCheckDispatch+0x69
02 ffffc288`9e18e0c0 fffff805`1dc2a806     nt!KiFastFailDispatch+0xb2
03 ffffc288`9e18e2a0 fffff805`1da6efee     nt!KiRaiseSecurityCheckFailure+0x346
04 ffffc288`9e18e430 fffff805`1daeb0ad     nt!KiCommitThreadWait+0x56e
05 ffffc288`9e18e4e0 fffff805`1dae9d48     nt!KeRemoveQueueEx+0x111d
06 ffffc288`9e18e8a0 fffff805`1df3f65e     nt!IoRemoveIoCompletion+0x98
07 ffffc288`9e18e9c0 fffff805`1dc2bbe8     nt!NtRemoveIoCompletion+0x13e
08 ffffc288`9e18ea70 00007fff`8e54f494     nt!KiSystemServiceCopyEnd+0x28
09 00000014`731fefc8 00000000`00000000     0x00007fff`8e54f494

This Stop 0x139 is almost identical to the other Stop 0x139 which we encountered earlier. This seems to occur on the back of another read request from Opera. This is likely from the back of the queue removal and then attempting to update the WaitListEntry of the Opera thread.

Rich (BB code):

2: kd> dt _KTHREAD -y WaitListEntry
nt!_KTHREAD
   +0x0d8 WaitListEntry : _LIST_ENTRY

With the latest bugcheck (Stop 0x1), APCs are very often used with thread scheduling and I/O request completion.

@petros2 I would suggest removing Opera GX completely for now and then seeing if the system remains stable. There's a few drivers which I noticed on your system which are known to be problematic but let's focus one step at a time.

Could you also open an elevated command prompt and then enter the following command:

Rich (BB code):

fltmc filters >> %userprofile%\Desktop\filters.txt

Please attach the filters.txt file to your next post. It should be saved to your Desktop.

petros2 · Jan 25, 2024

zbook said:
Please see post #18.

man , i am sorry if i offended anyone by not having windows license , but i really cannot spend any money right now on it, i just need some honest help. be human.

petros2 · Jan 25, 2024

This is what pops up in elevated cmd :C:\Users\petst>fltmc filters >> %userprofile%\Desktop\filters.txt
The system cannot find the path specified.
Also I have uninstalled opera gx and it is still crashing

x BlueRobot · Jan 25, 2024

petros2 said:
The system cannot find the path specified.

I assume you either haven't got that environment variable set or you don't actually have a Desktop shell folder. Could you please just run the command without the append operator and then copy/paste the contents in your response?

Code:

fltmc filters

petros2 said:
Also I have uninstalled opera gx and it is still crashing

Please provide the latest dump files; it isn't at all helpful just mentioning that you've had another crash.

petros2 · Jan 25, 2024

x BlueRobot said:
I assume you either haven't got that environment variable set or you don't actually have a Desktop shell folder. Could you please just run the command without the append operator and then copy/paste the contents in your response?

Code:

fltmc filters

Please provide the latest dump files; it isn't at all helpful just mentioning that you've had another crash.

C:\Windows\System32>fltmc filters

Filter Name Num Instances Altitude Frame
------------------------------ ------------- ------------ -----
bindflt 1 409800 0
WdFilter 7 328010 0
storqosflt 0 244000 0
wcifs 0 189900 0
gameflt 4 189850 0
CldFlt 2 180451 0
bfs 9 150000 0
FileCrypt 0 141100 0
luafv 1 135000 0
npsvctrig 1 46000 0
Wof 5 40700 0
FileInfo 7 40500 0

C:\Windows\System32>
My screen is now flickering and going black at times and removing my night time filter.

Microsoft OneDrive

1drv.ms

i have added something called dumpstack , it just popped up today in my local c
also chrome tabs crash after like 5 mins with error code: status_access_violation and Error code: STATUS_STACK_BUFFER_OVERRUN
Im fine reseting my pc after fixing the main problem

x BlueRobot · Jan 25, 2024

The crashes are very similar to the ones before, we'll looking into removing gameflt.sys, however, before we do so, we need to gather some further information using FRST:

FRST Fix
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the 64-bit Version so please ensure you download that one.
2. Download the attached fixlist.txt and save it to the Desktop.
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
3. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
4. Press the Fix button just once and wait.
5. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please attach this file to your next post.

Please note that the fixlist.txt doesn't actually fix anything yet, it will just run two commands and then save the output of those to the fixlog.txt file.

petros2 · Jan 26, 2024

x BlueRobot said:
The crashes are very similar to the ones before, we'll looking into removing gameflt.sys, however, before we do so, we need to gather some further information using FRST:

FRST Fix
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the 64-bit Version so please ensure you download that one.
2. Download the attached fixlist.txt and save it to the Desktop.
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
3. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
4. Press the Fix button just once and wait.
5. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please attach this file to your next post.

Please note that the fixlist.txt doesn't actually fix anything yet, it will just run two commands and then save the output of those to the fixlog.txt file.

sorry for the delay , i had a lot of work today , here is the file , which i hope i ran correctly

petros2 · Jan 26, 2024

Another thing i think i shouldve said earlier , if i shake a bit my pc or hit my desk and send a small shock to my pc, my psu in the pc starts vibrating and doing a very strange and loud sound like some engine type thing. I know it sounds bad but i thought it was a psu fan thing and i thought i could fix it these days manually. if i shake my pc a bit the sound fades away , or if i press the switch on my psu. i dont know if this has anything to do with my main problem but still. at this point i almost want to burn my pc

Rollback_Jockey · Jan 26, 2024

petros2 said:
Hi , ever since i built my pc myself 3years ago i keep experiencing freezes and crashes to the point where it becomes unusable . Right now i am writing this on my phone because my pc just keeps crashing while im writing. So i have sent my cpu and motherboard to the manufacturer and they told me they were not having any problems , then i unplugged my seagate hdd , and it was still crashing. I ran memtest a few times and it always had no errors and all the passes. I have updated all of my drivers and windows software . Recently i rebuilt my pc and its still crashing. I have clean booted my pc 3 days ago and it was running well (only using league of legends and opera) and today it started crashing again. And its worse than ever it keeps crashing constantly and every time there is a different error : IRQL NOT LESS OR EQUAL notskrnl.exe , APC INDEX MISMATCH , DRIVER OVERRAN STACK BUFFER , KERNEL SECURITY CHECK FAILURE , and others .I have ran multiple pc scans , i have reseted my pc multiple times . I have contacted Microsoft community and a guy tried to help me and told me to sent him minidump files , and i did , and he told me to run memtest86 and i did , and then i told him it ran with no errors and he didnt respond ever since.This problem is unbearable and i need help as soon as possible

If you have proof tested everything excluding the PSU then that leaves only one thing to suspect.

petros2 · Jan 26, 2024

Rollback_Jockey said:
If you have proof tested everything excluding the PSU then that leaves only one thing to suspect.

i dont really know how to "test" my psu and im still having doubts idk

Rollback_Jockey · Jan 26, 2024

petros2 said:
i dont really know how to "test" my psu and im still having doubts idk

Realistically the only solution is replacement.

petros2 · Jan 27, 2024

OneDrive my last minidumps, some new bsod appeared , i have started to uninstall some apps and it still crashes. if this persists i will buy a new psu

petros2 · Jan 29, 2024

guys i have ordered a psu and im going to tell you if anything changed ( corsair vc550)

x BlueRobot · Jan 29, 2024

I personally doubt that this is a PSU issue, here's the FRST fix script for gameflt.sys, please follow the same instructions as before, however, FRST will request for a reboot so please make sure you allow it to do so.

petros2 · Jan 29, 2024

just ran it

x BlueRobot · Jan 29, 2024

Thanks, could you please open an elevated command prompt and then enter the following commands:

Code:

powershell Get-AppxPackage -Name *GamingServices*
fltmc filters

Please post the output in your next post; just want to double check that its been removed completely. If it has then just continue to use the system as you normally, uploading any additional dump files if it crashes again.

petros2 · Jan 29, 2024

Microsoft Windows [Version 10.0.22631.3007]
(c) Microsoft Corporation. All rights reserved.

C:\Windows\System32>powershell Get-AppxPackage -Name *GamingServices*

C:\Windows\System32>fltmc filters

Filter Name Num Instances Altitude Frame
------------------------------ ------------- ------------ -----
bindflt 1 409800 0
mbamchameleon 6 400900 0
MBAMProtection 7 328800 0
MBAMFarflt 5 268150 0
storqosflt 0 244000 0
wcifs 0 189900 0
CldFlt 2 180451 0
bfs 9 150000 0
FileCrypt 0 141100 0
luafv 1 135000 0
npsvctrig 1 46000 0
Wof 5 40700 0
FileInfo 7 40500 0

C:\Windows\System32>
thank you a lot for helping me up until now btw , my pc stil crashes imma upload the dump files soon

x BlueRobot · Jan 30, 2024

Why is MBAM now installed? We need to eliminate all possibilities of any file system filter drivers causing problems, please remove it using the official removal tool: https://support.malwarebytes.com/hc...warebytes-using-the-Malwarebytes-Support-Tool

Please do not install any additional software while we're trying to troubleshoot the issue.

petros2 · Jan 30, 2024

i

x BlueRobot said:
Why is MBAM now installed? We need to eliminate all possibilities of any file system filter drivers causing problems, please remove it using the official removal tool: https://support.malwarebytes.com/hc...warebytes-using-the-Malwarebytes-Support-Tool

Please do not install any additional software while we're trying to troubleshoot the issue.

installed it yesterday just to be sure i dont habe any malware , imma uninstalled when i come home

Pc is unusable because of crashes.

Well-known member

My Computer

Account Closed

My Computer

Member

My Computer

Member

My Computer

Account Closed

My Computer

Member

My Computer

Account Closed

Attachments

My Computer

Member

Attachments

My Computer

Member

My Computer

Well-known member

My Computer

Member

My Computer

Well-known member

My Computer

Member

My Computer

Member

My Computer

Account Closed

Attachments

My Computer

Member

Attachments

My Computer

Account Closed

My Computer

Member

My Computer

Account Closed

My Computer

Member

My Computer