I have been getting various BSOD since a windows update in early December. Unable to resolve.
The latest is a BSOD 'kernel security check failure'
Also see attached dm_log_collector zip file
Any help will be most appreciated!
Last edited by wacissa; 14 Jan 2017 at 16:34. Reason: remove OneDrive link
Please read and follow the instructions here: Blue Screen of Death (BSOD) Posting Instructions
I uninstalled my USB wireless adapter (Netgear WNA1100), downloaded the latest drivers from the Netgear website, and installed. Driver involved: athurx.sys
I read somewhere that wireless adapter drivers are prone to corruption, and Device manager showed an event for the adapter "Device USB\VID_0846&PID_9030\12345 requires further installation" back on 12/08/2016.
So I thought this might be worth a try.
Last edited by wacissa; 14 Jan 2017 at 17:44. Reason: corrected spelling
Waiting for help, I see this or similar often in my event viewer. Should I care, should some corrective action be taken?
Log Name: System
Source: Microsoft-Windows-DistributedCOM
Date: 1/14/2017 7:13:46 PM
Event ID: 10016
Task Category: None
Level: Error
Keywords: Classic
User: SYSTEM
Computer: Billy-T5400
Description:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
<EventID Qualifiers="0">10016</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2017-01-15T01:13:46.529164100Z" />
<EventRecordID>8017</EventRecordID>
<Correlation />
<Execution ProcessID="980" ThreadID="1008" />
<Channel>System</Channel>
<Computer>Billy-T5400</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="param1">application-specific</Data>
<Data Name="param2">Local</Data>
<Data Name="param3">Activation</Data>
<Data Name="param4">{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}</Data>
<Data Name="param5">{F72671A9-012C-4725-9D2F-2A4D32D65169}</Data>
<Data Name="param6">NT AUTHORITY</Data>
<Data Name="param7">SYSTEM</Data>
<Data Name="param8">S-1-5-18</Data>
<Data Name="param9">LocalHost (Using LRPC)</Data>
<Data Name="param10">Unavailable</Data>
<Data Name="param11">Unavailable</Data>
</EventData>
</Event>
Ran DISM /Online /Cleanup-Image /ScanHealth --- no errors identified. Anyone want to help me out here?
Last edited by wacissa; 15 Jan 2017 at 18:06. Reason: typo
Unfortunately the dumps don't help, nothing useful there.
I do see some real old drivers on your PC though:
2007/01/17 01:48:03 AM C:\WINDOWS\system32\DRIVERS\scmndisp.sys
Driver Description: Netgear Neutral Wireless Solution
Driver Update Site: Salesforce - Unlimited Edition
2007/08/03 01:27:57 PM C:\WINDOWS\system32\drivers\ADIHdAud.sys
Driver Description: SoundMAX Digital HD Audio Driver
Driver Update Site: OEM - none at Mixed-signal and digital signal processing ICs | Analog Devices
I Windows 10 was an upgrade install from Windows 7 or 8 then now might be a good time to backup your data and do a clean install to get rid of any left over drivers. The best way to backup is to do an image backup to an external hard drive using a program like Macrium Reflect (free or paid).
Then follow this tutorial: Windows 10 - Clean Install. Once the install is completed, do multiple Windows Updates until you are at this version:
Attachment 117377
Then restore you data and install software.
I know this takes time but is often the best way to proceed.
My latest DM logcollector file attached. Please take a look! Thanks.
The most recent dump, and a few of the older ones have this:
Could be a ram problem but more likely a device driver problem. I suggest running a memory test to see whatthat shows:Code:BugCheck 3B, {c0000005, fffff803db95cd02, ffff8100ceffee70, 0} Probably caused by : memory_corruption Followup: memory_corruption --------- *** Memory manager detected 19 instance(s) of page corruption, target is likely to have memory corruption.
===================================================
Follow this tutorial: MemTest86+ - Test RAM - Windows 10 Forums
MemTest86+ is a diagnostic tool designed to test Random Access Memory (RAM) for faults. MemTest86+ will verify that:
- RAM will accept and keep random patterns of data sent to it
- There are no errors when different parts of memory try to interact
- There are no conflicts between memory addresses
Memtest86+ runs from bootable media to isolate the RAM from the system, no other components are taken into account during the test.
Warning
MemTest86+ needs to run for at least 8 passes to be anywhere near conclusive, anything less will not give a complete analysis of the RAM.
If you are asked to run MemTest86+ by a Ten Forums member make sure you run the full 8 passes for conclusive results. If you run less than 8 passes you will be asked to run it again.
Note
MemTest86+ has been known to discover errors in RAM in later passes than the eighth pass. This is for information only; if you feel there is a definite problem with the RAM and 8 passes have shown no errors feel free to continue for longer.
Running 8 passes of MemTest86+ is a long and drawn out exercise and the more RAM you have the longer it will take. It's recommended to run MemTest86+ just before you go to bed and leave it overnight.
Take a picture when done and post in the forum please.
If nothing shows then it would be a good idea to enable Driver Vrifier and see if that shakes out any driver problems:
===================================================
Driver Verifier is a diagnostic tool built into Windows 10, it is designed to verify both native Microsoft drivers and third party drivers. Driver Verifier's verification process involves putting heavy stress on drivers with the intention of making bad, outdated, incompatible or misbehaving drivers fail. The required result is a BSOD (Blue Screen of Death) which will generate a crash dump for debugging purposes.
Machines exposed to Driver Verifier will run very sluggishly due to the stress being applied to the drivers.
Driver Verifier - Enable and Disable in Windows 10
Pay close attention to
PART TWO
and make sure the correct boxes are checked.
Warning:
It is not advised to run Driver Verifier for more than 48 hours at a time. Disable Driver Verifier after 48 hours or after receiving a BSOD, whichever happens soonest.
Always create a Restore Point prior to enabling Driver Verifier.
What we're looking for is a verifier generated BSOD with a mini dump that will tell us what driver caused it.
I typically use this workstation with a wireless USB adapter. I have moved the workstation so I can use an ethernet port. I want to see if the wireless adapter driver is the culprit. Since using the wired connection yesterday, I have had no crashes. Will continue to test this way.
Quote
