BSOD crashes every few days

dsp

dsp

New member
Joined
Oct 14, 2021
Posts
2
In terms of performance, my laptop works well, but the laptop often experiences BSOD randomly, approximately once every 3 days. I have updated some drivers using some auto-update applications (eg driver easy).

I can't indicate the cause of the BSOD when it occurs due to its random nature. I suspect the cause is RAM (maybe I'm wrong), unfortunately, RAM has been embedded so I can't remove it.

I included the SysnativeFileCollectionApp.zip file, maybe you guys have experienced something similar and can provide a solution. I'm quite frustrated with it

Please give me directions.

Thank you
 

Attachments

It does appear it is likely related to RAM or the hard disk, let's begin with testing the RAM using MemTest86 - Test RAM with PassMark MemTest86

dsp said:
I have updated some drivers using some auto-update applications (eg driver easy).
Click to expand...
Please don't use programs like DriverEasy, they usually either install outdated or incorrect drivers. You should only use either the OEM website or the device manufacturer website for that particular driver.
 
Rich (BB code): 
FAULTY_HARDWARE_CORRUPTED_PAGE (12b)
This bugcheck indicates that a single bit error was found in this page.  This is a hardware memory error.
Arguments:
Arg1: ffffffffc00002c4, virtual address mapping the corrupted page
Arg2: 000000000000026b, physical page number
Arg3: 00000206b46096e0, zero
Arg4: ffffa9807a299000, zero

For those interested, it would seem that the bugcheck description from WinDbg isn't current if using the SDK version (haven't tested Preview). The first parameter is the NT status code returned from the Store Manager. You'll know if the crash was raised by the Store Manager by checking the call stack.

Rich (BB code): 
0: kd> !error c00002c4
Error code: (NTSTATUS) 0xc00002c4 (3221226180) - The system file %1 has become corrupt and has been replaced.

The third parameter is the address of our buffer which has become corrupted and the fourth parameter is the target buffer. The second parameter is the size of the source buffer.

Rich (BB code): 
0: kd> !pte ffffa9807a299000
                                           VA ffffa9807a299000
PXE at FFFFC5E2F178BA98    PPE at FFFFC5E2F1753008    PDE at FFFFC5E2EA601E88    PTE at FFFFC5D4C03D14C8
contains 0A00000004BC4863  contains 0A00000004BC5863  contains 0A000003A95B3863  contains 8A000002452A3963
pfn 4bc4      ---DA--KWEV  pfn 4bc5      ---DA--KWEV  pfn 3a95b3    ---DA--KWEV  pfn 2452a3    -G-DA--KW-V

And from the bugcheck using the standard !analyze -v:

Rich (BB code): 
SM_COMPRESSION_FORMAT: 3

SM_SOURCE_PFN1: 2d1e9

SM_SOURCE_PFN2: ffffffffffffffff

SM_SOURCE_OFFSET: 96e0

SM_SOURCE_SIZE: 26b

SM_TARGET_PFN: 2452a3

SM_BUFFER_HASH: a84eb83d

Here's some further reading for those interested:

Forensic analysis of Windows 10 compressed memory using Volatility | Andrea Fortuna
Finding Evil in Windows 10 Compressed Memory, Part One: Volatility and Rekall Tools | Mandiant

Bug Check 0x12B FAULTY_HARDWARE_CORRUPTED_PAGE - Windows drivers
 
Previously I have inspected the hardware, drivers, and memory with no good results.

I think ZBook's opinion is right because as of October 14, I was looking for another alternative, I cleaned the register from trojan attacks, backdoors, or the like by using an optimization tool application. From there found many software holes. As of the last 5 days, there has been no BSOD again.

Sorry, I can't explain technically because I'm new to technical inspections, so all I can do is trial and error.

Thanks to x BlueRobot, jcgriff2, and zbook for taking the time to help me.
 

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top