Ask a new question

Critical Structure Corruption error - frequent BSOD crashes - Win 8.1

I installed a karaoke file manager from the Singing Machine Company (SMC Manager here:  http://www.singingmachine.com/smcmanager/ ) and shortly after, both while using it and while not using it, my Win 8.1 laptop started randomly shutting down, then when it restarts there's a BSOD message saying a problem caused the machine to shut down and restart etc.  Here's a link to my SkyDrive mini dump files:

http://sdrv.ms/1i5zYn5  

I uninstalled the SMC Manager and have rebooted several times since and it still is happening.  I have also run a registry error fixer, still no luck.  Then I installed WhoCrashed which gave the following info:

************************************************************************************************************
On Sat 2014-01-04 10:05:11 PM GMT your computer crashed
crash dump file: C:\WINDOWS\Minidump\010414-33984-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x14DCA0)
Bugcheck code: 0x109 (0xA3A01F5892348582, 0xB3B72BDEE4B3BB31, 0xFFFFE000010100D0, 0x1C)
Error: CRITICAL_STRUCTURE_CORRUPTION
file path: C:\WINDOWS\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that the kernel has detected critical kernel code or data corruption.
This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time. 

....A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:

asustp.sys (Asus TP Filter Driver, ASUS Corporation)

If no updates for these drivers are available, try searching with Google on the names of these drivers in combination the errors that have been reported for these drivers and include the brand and model name of your computer as well in the query. This often yields interesting results from discussions from users who have been experiencing similar problems.
************************************************************************************************************

Since then I have deleted and reinstalled the asustp.sys touchpad driver and still no better. The machine seems to work for a while, then it will crash while in use, sometimes, and if I walk away and it goes into hibernate it always reports a crash on wake-up.   It seems to me the ntoskrnl.exe itself may be corrupted?  I don't think it's a memory issue as this is a fairly new laptop and the problem started nearly immediately after installing SMC Manager.  

By the way, I tried restoring to the only restore point I had on the machine, which was just before installing the SMC Manager, and that restore could not complete successfully. 

Any help anyone can offer would be greatly appreciated!

Thanks,

Jim


Answer
Answer
Hi Jim,

All of the attached DMP files are of the CRITICAL_STRUCTURE_CORRUPTION (109) bug check.

This indicates that the kernel has detected critical kernel code or data corruption.

There are generally two causes for this bug check:
  1. A driver has inadvertently, or deliberately, modified critical kernel code or data. Microsoft Windows Server 2003 with Service Pack 1 (SP1) and later versions of Windows for x64-based computers do not allow the kernel to be patched except through authorized Microsoft-originated hot patches. For more information, see Patching Policy for x64-based Systems.
  2. A hardware corruption occurred. For example, the kernel code or data could have been stored in memory that failed.

We're getting very little to no information whatsoever from the dumps themselves (as with most *109's) so we'll need to do a bit of detective work:


1. Remove and replace AVG with Windows 8's built-in Windows Defender for temporary troubleshooting purposes:

AVG removal - http://www.avg.com/us-en/utilities

Windows Defender (how to turn on after removal) - http://www.eightforums.com/tutorials/21962-windows-defender-turn-off-windows-8-a.html

2. You have several problematic Asus drivers listed and loaded in your modules list, such as AI Charger. I am going to recommend removing Asus' AI Suite if you have that installed. If not, remove the AI Charger Software from Control Panel by itself if the AI Suite is not listed.


3. sptd.sys is listed and loaded in your modules list; SCSI Pass Through Direct Host - Daemon Tools (known BSOD issues with Win 7 and 8). Please remove it ASAP with the uninstaller tool - http://www.duplexsecure.com/en/downloads

4. If you're still crashing after all of the above, please enable Driver Verifier:


Driver Verifier:

What is Driver Verifier?

Driver Verifier is included in Windows 8, 7, Windows Server 2008 R2, Windows Vista, Windows Server 2008, Windows 2000, Windows XP, and Windows Server 2003 to promote stability and reliability; you can use this tool to troubleshoot driver issues. Windows kernel-mode components can cause system corruption or system failures as a result of an improperly written driver, such as an earlier version of a Windows Driver Model (WDM) driver.

Essentially, if there's a 3rd party driver believed to be at issue, enabling Driver Verifier will help flush out the rogue driver if it detects a violation.

Before enabling Driver Verifier, it is recommended to create a System Restore Point:

Vista - START | type rstrui - create a restore point
Windows 7 - START | type create | select "Create a Restore Point"
Windows 8 - http://www.eightforums.com/tutorials/4690-restore-point-create-windows-8-a.html

How to enable Driver Verifier:

Start > type "verifier" without the quotes > Select the following options -

1. Select - "Create custom settings (for code developers)"
2. Select - "Select individual settings from a full list"
3. Check the following boxes -
- Special Pool
- Pool Tracking
- Force IRQL Checking
- Deadlock Detection
- Security Checks (Windows 7 & 8)
- DDI compliance checking (Windows 8)
- Miscellaneous Checks
4. Select  - "Select driver names from a list"
5. Click on the "Provider" tab. This will sort all of the drivers by the provider.
6. Check EVERY box that is [B]NOT[/B] provided by Microsoft / Microsoft Corporation.
7. Click on Finish.
8. Restart.

Important information regarding Driver Verifier:

- If Driver Verifier finds a violation, the system will BSOD.

- After enabling Driver Verifier and restarting the system, depending on the culprit, if for example the driver is on start-up, you may not be able to get back into normal Windows because Driver Verifier will flag it, and as stated above, that will cause / force a BSOD.

If this happens, do not panic, do the following:

- Boot into Safe Mode by repeatedly tapping the F8 key during boot-up.

- Once in Safe Mode - Start > Search > type "cmd" without the quotes.

- To turn off Driver Verifier, type in cmd "verifier /reset" without the quotes.
・    Restart and boot into normal Windows.

If your OS became corrupt or you cannot boot into Windows after disabling verifier via Safe Mode:

- Boot into Safe Mode by repeatedly tapping the F8 key during boot-up.

- Once in Safe Mode - Start > type "system restore" without the quotes.

- Choose the restore point you created earlier.

How long should I keep Driver Verifier enabled for?

It varies, many experts and analysts have different recommendations. Personally, I recommend keeping it enabled for at least 24 hours. If you don't BSOD by then, disable Driver Verifier.

My system BSOD'd, where can I find the crash dumps?

They will be located in %systemroot%\Minidump

Any other questions can most likely be answered by this article:
http://support.microsoft.com/kb/244617


Regards,


Patrick

Debugger/Reverse Engineer.

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

 
 

Question Info

Last updated June 18, 2019 Views 9,983 Applies to: