Ask a new question

Critical Structure Corruption

Dear all,

I recently suffered a BSOD error. The code was a Critical Structure Corruption.

The problem report shows:

Problem Event Name:    LiveKernelEvent
Code:    1a1
Parameter 1:    ffffa40fc8788080
Parameter 2:    0
Parameter 3:    0
Parameter 4:    0
OS version:    10_0_18362
Service Pack:    0_0
Product:    256_1
OS Version:    10.0.18362.2.0.0.256.48
Locale ID:    1033

The event viewer errors and criticals:

In order:

1. The server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX6jbm6fjqte5wzzrf5807m7eq0z44q5gf.mca did not register with DCOM within the required timeout.

2. The server {D63B10C5-BB46-4990-A94F-E40B9D520160} did not register with DCOM within the required timeout.

3. The RasMan service depends on the SstpSvc service which failed to start because of the following error:
The operation completed successfully.

4. The SysMain service terminated with the following error:
The handle is invalid.

5. A problem has occurred with one or more user-mode drivers and the hosting process has been terminated.  This may temporarily interrupt your ability to access the devices.

6. The device HID-compliant headset (location (unknown)) is offline due to a user-mode driver crash.  Windows will attempt to restart the device 4 more times.  Please contact the device manufacturer for more information about this problem.

7. The Network Connection Broker service terminated with the following error:
A device attached to the system is not functioning.

8. The Connected Devices Platform Service service depends on the Network Connection Broker service which failed to start because of the following error: A device attached to the system is not functioning.

I have attached the DMP here: https://drive.google.com/file/d/1jKC29eOqHBF0nTuGRSMWZAa-NaZwGivh/view?usp=sharing

Error 6 suggests to me that it is my headset. However, the headset was not in use at the time; it was plugged in, but I was using my speakers to access sound.

I also regularly get a LiveKernelEvent Code:    144 error - which I have read is a graphics driver issue.

sfc /scannow

Verification was 100% completed. It found corrupt files and successfully repaired them.
The report is contained here: https://drive.google.com/file/d/1AQHehGbkeKaTrPTxP4mpdO_MifGnMnwH/view?usp=sharing

I should note that I have done this before so something is probably causing the file corruption.

Any advice would be most appreciated.

EDIT: I am not sure if relevant, but I have received five 'warnings' today in event viewer:


The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user DESKTOP-3UDDAUO\grant SID (S-1-5-21-3216817342-4221280751-3601860933-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.

The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user DESKTOP-3UDDAUO\grant SID (S-1-5-21-3216817342-4221280751-3601860933-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.

The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
 and APPID
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.SecurityAppBroker
 and APPID
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscDataProtection
 and APPID
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

* Please try a lower page number.

* Please enter only numbers.

* Please try a lower page number.

* Please enter only numbers.

Hello my name is Adam and I am a Microsoft user like you and an Independent Advisor. I am very happy to help you with your problem.

Grantmitch,

Can you please attach the DMP file to the post using the forums attachment feature, instead of google drive? Or change your google drive sharing permissions on that file. To all with link can view.

Also, you can try these. As soon as I get your dmp file I will analyze it.

First we are going to run System File Checker.

https://support.microsoft.com/en-us/help/929833...

Then we will make sure all your device drivers are up to date.

https://support.microsoft.com/en-us/help/402844...

And then we will want to be sure Windows is up to date.

https://support.microsoft.com/en-us/help/402766...

After these going through these. Please let me know if your problem persist.

Adam

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Adam,

Thank you for your quick response.

So I have changed the file access on Google drive: https://drive.google.com/file/d/1jKC29eOqHBF0nTuGRSMWZAa-NaZwGivh/view?usp=sharing

Apologies for the oversight here.

I have run system file checker, but as above I forgot to set anyone with a link, this has now been fixed. : https://drive.google.com/file/d/1AQHehGbkeKaTrPTxP4mpdO_MifGnMnwH/view?usp=sharing

I am going to check the updates for drivers and windows 10.

Thank you.

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Ok after looking at those. It appears that sfc did repair a file and ntoskrnl is the cause of the bsod. Once your drivers are updated please run memory diagnostics too.

start
type: "memory"
choose on "Windows Memory Diagnostic"
choose "restart now and check for problems"

Also, remove any overclocking you have currently.

If we solved your problem please mark the answer that solved your issue. This will help other users who may have the same issue find the answer.

If this did not solve your issue please post again and I will be very happy to help solve this.

-Adam

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Updated drivers for:

Razer Naga Hex 2
AMD GPIO Controller
AMD SMBus
NVIDIA USB Type-C Port Policy Controller

Windows update is in progress; restarting now.

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Adam,

So I have run a disk check and a memory check.

The memory check found no errors at all.  The disk check, which I have attached below, also found no errors.

For confirmation, then, the following actions have thus far been taken.

1. Drivers have been updated for the following:

Razer Naga Hex 2

AMD GPIO Controller
AMD SMBus
NVIDIA USB Type-C Port Policy Controller

2. Windows update completed.

3. Memory Diagnostic Tool found no errors

4. Disk check found no errors.

5. System file checker corrected a file error - although I have run this before and it previously corrected a file issue which suggests some underlying problem.

Disk Checker results:



Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.                        

Stage 1: Examining basic file system structure ...
  498944 file records processed.                                                        
File verification completed.
  10319 large file records processed.                                   
  0 bad file records processed.                                     

Stage 2: Examining file name linkage ...
  406 reparse records processed.                                      
  692786 index entries processed.                                                       
Index verification completed.
  0 unindexed files scanned.                                        
  0 unindexed files recovered to lost and found.                    
  406 reparse records processed.                                      

Stage 3: Examining security descriptors ...
Cleaning up 1717 unused index entries from index $SII of file 0x9.
Cleaning up 1717 unused index entries from index $SDH of file 0x9.
Cleaning up 1717 unused security descriptors.
Security descriptor verification completed.
  96922 data files processed.                                           
CHKDSK is verifying Usn Journal...
  41680304 USN bytes processed.                                                           
Usn Journal verification completed.

Stage 4: Looking for bad clusters in user file data ...
  498928 files processed.                                                               
File data verification completed.

Stage 5: Looking for bad, free clusters ...
  85889856 free clusters processed.                                                       
Free space verification is complete.

Windows has scanned the file system and found no problems.
No further action is required.

 976100351 KB total disk space.
 631648436 KB in 388461 files.
    252912 KB in 96923 indexes.
         0 KB in bad sectors.
    639575 KB in use by the system.
     65536 KB occupied by the log file.
 343559428 KB available on disk.

      4096 bytes in each allocation unit.
 244025087 total allocation units on disk.
  85889857 allocation units available on disk.

Internal Info:
00 9d 07 00 12 68 07 00 46 5a 0d 00 00 00 00 00  .....h..FZ......
47 01 00 00 4f 00 00 00 00 00 00 00 00 00 00 00  G...O...........

Windows has finished checking your disk.
Please wait while your computer restarts.

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Ok. More than likely the original error was a driver issue. However, the sfc 'repairing' but not repairing is another issue.

Did you run:
DISM.exe /Online /Cleanup-image /Restorehealth

prior to running sfc /scannow?

if not. Please do.

and run sfc /scannow again.

I believe we have you up and running with the drivers and windows update.

I would recommend running for a bit and seeing if the error occurs again.

If it does occur again. Please post here again.

-Adam

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Adam,

Yes, I did run it.

I'll use my computer as normal and post here if an error occurs. This doesn't always happen right away, and can sometimes take days or even a week or two.

Thank you for all your help thus far. All the very best,

Grant

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

You're very welcome.

Adam

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Afternoon Adam,

So far I haven't experienced any major errors, problem reports, BSODs, etc, so all good so far. I have noticed something in event viewer though:

The driver \Driver\WudfRd failed to load for the device HID\VID_0951&PID_16A4&MI_03&Col02\8&2dfa5f00&0&0001.

I had a little Google around, and one of the fixes has to do with Windows Driver Foundation – User-mode Driver Framework. Now, this is something that has caused me an error before (turning up on the problem reports a few times). The page I visited suggests that services.msc and turn the start-up type to automatic. I had a look and the WDF-UmDF is not there.

Any thoughts on the seriousness of this?

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Grantmitch,

Good morning! I'm glad to hear it! As for the next error let's try removing and reinstalling your usb controllers...

Start
Type "device manager"
Scroll down to and expand "Universal Serial Bus controllers"
Right click on each of them and click Uninstall Device
Once they are all removed click on scan for hardware changes and reinstall them.

Let me know if that error persists

1 person found this reply helpful

·

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

* Please try a lower page number.

* Please enter only numbers.

* Please try a lower page number.

* Please enter only numbers.

 
 

Question Info

Last updated December 30, 2023 Views 1,299 Applies to: