Not saying it has to be, but I had the same problem and solved it by replacing a faulty memory module.

 

Thanks. I have some questions to this possible solution:

1. How did you know which module is faulty?
2. Did a MemCheck show the problem?

 

Open a command prompt in elevated mode as Administrator and run "sfc /scannow" without the parenthesis.
This should find any file system errors and fix them, some errors it can't automatically correct and will need further assistance.

 

Thank you. Just did it. According to 'scannow' there aren't any system errors.

 

Bug Check 0x1E: KMODE_EXCEPTION_NOT_HANDLED https://msdn.microsoft.com/en-us/li...-us/library/windows/hardware/ff557408(v=vs.85).aspx?f=255&MSPPError=-2147217396
Test your ram Memtest86+ - Advanced Memory Diagnostic Tool
RAM - Test with Memtest86+ - Windows 7 Help Forums

 

Hi

@joeten _ thanks. memtest ran for 11 hours straight (3 full passes) and didn't find any errors. I guess it's something else.

@NenjiAvero _ thank you too. the thing is, that I don't get blue screens while working; it happens either on startup or not at all... memtest doesn't get any errors.

but here some other possible direction: After setting up the pc, at first there weren't such problems with blue screen at start up. This issues began to appear after I f*cked up updating BIOS. I had installed all the MSI firmware and the Update Manager suggested updating BIOS while in Windows. I agreed and it was a big mistake. The installation failed and the pc wasn't bootable anymore. Luckily, my mainboard has a bios switch for such cases. Using this, I switched to BIOS2 and was able to start the pc normally. After some failed tries, I finally managed to flash a BIOS update over the corrupt BIOS1 and it worked again. I didnt't reset CMOS.
Now I run BIOS1 in Version 1.8 and BIOS2 - in the default Version 1.7. It doesn't matter however, which BIOS I switch to - the boot problems occur by both.

 

Not all Ram is compatible with X99 systems, it may pay to try another brand of Ram listed on the QVL.
Also are you using wireless or Ethernet connection for your Internet?

 

I'm using Ethernet.

But here's something interesting: In the morning, I tried going through the other points, that may cause such random blue screens (RAM / NTFS problems / Antivirus software) and I decided to test my drives. At first I tested with CrystalDiscInfo and everything was ok. After that I tried chkdsk. The first time it ran, there was a blue screen at about 70%. I had to manually restart. This time chkdsk fulfilled the 100% with no problem, but the PC didn't want to start Windows after that. The same two steps repeated once again. It was not until the fifth time, that chkdsk ran to 100%, the pc did a reset and went smoothly to loading the Win Desktop.
What does it mean?

 

A drive error would be reported as such and as you have tested the file system that shouldn't be at fault either.
To me it indicates a fault in the BIOS, or boot manager on the drive.
Does this occur in SAFE mode also?

 

After all that I tested, searched and discussed online, the range of possible wrongdoer is reduced to:

A/ BIOS problems
B/ faulty Power Adapter

Regarding A/ I could possibly reset CMOS flash both BIOS1 & BIOS2 with the latest update. Am I right?
Regarding B/ I should purchase a new power adapter and replace the old one, as I don't have a powerful-enough second power adapter to test with.

Or are there any other tests I could run?

 

I would try flashing the BIOS with the latest update, but be wary of MSI's tool, Live Update. It has in the past bricked Motherboards, I'm not sure if it has improved.
Your Power Supply Unit should be ample for your needs and would cut out under load if inadequate, not during boot.

 

I would try flashing the BIOS with the latest update, but be wary of MSI's tool, Live Update. It has in the past bricked Motherboards, I'm not sure if it has improved.

Thanks you.

I would never ever flash BIOS under Windows again. This time, I'd make it the right way - using the 'M-Flash' button in BIOS. The question is - should I reset both BIOS1 & BIOS2 before flashing? And how do I reset them - through a CMOS reset or in some other way? And should I backup everything - does all the stuff go away by reseting?

ps_ I have Click BIOS 4.

 

Here's what Windows Event Viewer has to offer fot the last two days:

18.08 10:00:57 [Fehler : WMI] Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
18.08 10:00:50 [Kritisch : Kernel-Power] Das System wurde neu gestartet, ohne dass es zuvor ordnungsgemäß heruntergefahren wurde. Dieser Fehler kann auftreten, wenn das System nicht mehr reagiert hat oder abgestürzt ist oder die Stromzufuhr unerwartet unterbrochen wurde.
18.08 07:58:02 [Fehler : WMI] Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
18.08 07:57:51 [Warnung : Winlogon] Windows befindet sich im Benachrichtigungszeitraum.
17.08 20:40:30 [Fehler : WMI] Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
17.08 20:37:16 [Fehler : Disk] Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
17.08 20:37:15 [Fehler : Disk] Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
17.08 20:34:25 [Warnung : User Profile Service] Es wurde festgestellt, dass Ihre Registrierungsdatei noch von anderen Anwendungen oder Diensten verwendet wird. Die Datei wird nun entladen. Die Anwendungen oder Dienste, die Ihre Registrierungsdatei anhalten, funktionieren anschließend u. U. nicht mehr ordnungsgemäß.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-162162713-1376149134-3982196315-1000_Classes:
Process 9144 (\Device\HarddiskVolume2\Windows\System32\WUDFHost.exe) has opened key \REGISTRY\USER\S-1-5-21-162162713-1376149134-3982196315-1000_CLASSES

17.08 20:34:25 [Warnung : User Profile Service] Es wurde festgestellt, dass Ihre Registrierungsdatei noch von anderen Anwendungen oder Diensten verwendet wird. Die Datei wird nun entladen. Die Anwendungen oder Dienste, die Ihre Registrierungsdatei anhalten, funktionieren anschließend u. U. nicht mehr ordnungsgemäß.

DETAIL -
5 user registry handles leaked from \Registry\User\S-1-5-21-162162713-1376149134-3982196315-1000:
Process 1692 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-162162713-1376149134-3982196315-1000
Process 1692 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-162162713-1376149134-3982196315-1000\Software\Policies\Microsoft\SystemCertificates
Process 1692 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-162162713-1376149134-3982196315-1000\Software\Microsoft\SystemCertificates\Root
Process 1692 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-162162713-1376149134-3982196315-1000\Software\Microsoft\SystemCertificates\trust
Process 1692 (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-162162713-1376149134-3982196315-1000\Software\Microsoft\SystemCertificates\SmartCardRoot

A problem with AVAST?

 

Only way to find out is use the avast removal tool and use Microsoft Security Essentials for testing purposes https://avast-removal-tool.com/

 

Done, thanks. Now let's hope it gets better.

 

Hi. . ..

ntoskrnl.exe is the Windows NT Kernel and is absolutely not the cause of your system crashes; it is merely listed as a default in the BSODs.

The bugchecks you listed in post #1 -
0x50 - invalid memory referenced
0xc2 - thread is making a bad pool request
0x1e - thread threw an exception; the likely exception = 0xc5 = memory access violation
0x19 - corrupt pool header

"pool" refers to memory.

What they share in common is an issue with RAM or other hardware failure affecting RAM's ability to properly hold kernel code.

Be sure to run memtest86+ one stick at a time and alternate the slots - Test RAM With Memtest86+ - Sysnative Forums

The underlying unknown hardware failure could be anything - mobo, PSU; over-clocking

SSDs can also cause RAM-like bugchecks to appear. Be sure that your SSD's firmware is updated - Crucial SSD Firmware Updates

Regards. . .

jcgriff2

`

 

Hi jcgriff2,

thank you for the detailed response.

I used Memtest86+. It ran for 11 hours straight and managed 3,5 passes without finding any errors...
I used chkdsk for my two harddisks and also no error was found. However I will now Update the Crucial Firmware.

I'm also not overclocking, as I don't really understand it. The only thing is, I use the default xmp profile for my MSI Click Bios 4 for my RAM. But the problems occur also when the xmp profile is switched off.

I will copy here the reading of the Win Event Viewer (sorry, they're in german, I tried translating the important parts):

19.08 _ In the morning [no problems/blue screen during start]

19.08 08:06:50 [Warning : Whea-Logger] Behobener Hardwarefehler. [fixed hardware-error]
Komponente: Stammanschluss für PCI-Express [master connection for PCI-Express]
Fehlerquelle: Erweiterte Fehlerberichterstattung (PCI-Express) [extended error report]
Bus/Gerät/Funktion: 0x0:0x3:0x0
Lieferanten-ID/Geräte-ID: 0x8086:0x2f08
Klassencode: 0x30400
Die Details dieses Eintrags beinhalten weitere Informationen.

19.08 08:00:41 [Error : WMI] Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist. [Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA" Win32_Processor "AND TargetInstance.LoadPercentage> 99" could not be reactivated because of the error 0x80041003 in the namespace "//./root/CIMV2". Events can not be delivered through this filter until the problem is solved.]

19.08 08:00:31 [Warning : Search] Windows Search wird gestartet, und der alte Suchindex wird entfernt {Ursache: Angeforderte Anwendung}. [Windows Search starts and the old search index is being deleted]

18.08 (Evening) _ Many problem-free restarts after installing Win/Sys-Updates

18.08 21:13:00 [Warning : WMI] Ein InvProv-Anbieter wurde im WMI-Namespace (Windows-Verwaltungsinstrumentation) Root\cimv2 zur Verwendung des Kontos "LocalSystem" registriert. Dieses Konto ist ein privilegiertes Konto, d. h. der Anbieter kann Sicherheitsverletzungen verursachen, wenn der Identitätswechsel für Benutzeranforderungen nicht korrekt ausgeführt wird. [A InvProv provider was registered (Windows Management Instrumentation) root \ cimv2 to use the account "LocalSystem" in the WMI namespace. This account is a privileged account, ie the provider may cause security breaches, if the impersonate user requests may not work properly.]

18.08 21:13:00 [Error : WMI] Ereignisfilter ...

18.08 21:12:59 [Warning : Winlogon] Der Anmeldebenachrichtigungsabonnent <TrustedInstaller> hat 301 Sekunden benötigt, um dieses Benachrichtigungsereignis (CreateSession) zu bearbeiten.[needed 301 seconds to process this notification event]

18.08 21:09:59 [Error : DistributedCOM] Der Server "{752073A1-23F2-4396-85F0-8FDB879ED0ED}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.[couldn't register DCOM in the declared period of time]

18.08 20:58:02 [Warning : ASP.NET 4.030319.0] Die Aktualisierungen an der IIS-Metabase wurden abgebrochen, weil IIS auf diesem Computer entweder nicht installiert oder deaktiviert ist. Wenn ASP.NET zur Ausführung in IIS konfiguriert werden soll, installieren bzw. aktivieren Sie IIS und registrieren ASP.NET erneut mit aspnet_regiis.exe /i.[the metabase upadate failed because IIS is not installed or deactivated on this pc; if you want to use ASP.NET, activate IIS and register ASP.net once againg, using aspnet_regiis.exe]

18.08 20:57:47 [Warning : RestarManager] Die Anwendung "C:\Windows\System32\SearchFilterHost.exe'"(PID 2992) kann nicht neu gestartet werden - Die Anwendungs-SID stimmt nicht mit der Dirigenten-SID überein..[the application-SID doesn't correspond to the conductor/director-SID]

18.08 20:57:34 [Warning : RestarManager] Die Anwendung "C:\Windows\System32\mmc.exe'"(PID 2748) kann nicht neu gestartet werden - Die Anwendungs-SID stimmt nicht mit der Dirigenten-SID überein..[the application-SID doesn't correspond to the conductor/director-SID]

18.08 20:57:34 [Warning : RestarManager] Die Anwendung "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe'"(PID 2476) kann nicht neu gestartet werden - Die Anwendungs-SID stimmt nicht mit der Dirigenten-SID überein..[couldn't start GFExperience.exe; the application-SID doesn't correspond to the conductor/director-SID]

18.08 20:25:39 [Error : Service Control Manager] Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der Abhängigkeitsdienst oder die Abhängigkeitsgruppe konnte nicht gestartet werden.[dependency service won't start]

18.08 20:25:38 [Error : DistributedCOM] Bei DCOM ist der Fehler "1084" aufgetreten, als der Dienst "WSearch" mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden[error 1084 occured as WSearch started]:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

18.08 20:25:30 [Error : Service Control Manager] Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen [the loading of these failed]:
AFD / aswRdr / aswRvrt / aswSnx / aswSP / aswVmm / CSC / DfsC / discache / NetBIOS / NetBT / nsiproxy / Psched / rdbss / snapman / spldr / tdx / Wanarpv6 / WfpLwf

 

The test should be run for at least 7 passes.

 

Oh, I didn't know that. I've read, that it's very good if you let the programm run for a whole night. And in my case, it was 11 hours in that night, but for only 3,5 passes...

 

It can take a long time to run the test, but 7 passes is best.

 

I honestly don't know what most of the event viewer entries are referring to, but my system too is filled with them. There are hundreds of event logs recoding just about everything these days.

I don't see any that would result in BSODs.

The one that has the super long message is definitely benign and has been around since Vista -

Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA" Win32_Processor "AND TargetInstance.LoadPercentage> 99" could not be reactivated because of the error 0x80041003 in the namespace "//./root/CIMV2". Events can not be delivered through this filter until the problem is solved.

https://support.microsoft.com/en-us/kb/2545227

The important things are memtest + firmware upgrade right now.

Regards. . .

jcgriff2

`

 

The important things are memtest + firmware upgrade right now.

The chipset and gpu firmware are uptodate. There is a firmware update for the crucial ssd, however this won't get installed, because of some problems with the Crucial Storage Executive.

As for memtest should have at least 7 passes, it will also have run duration of approx. 24 hours or more. That's why, I'll do it on the weekend, as for I need the pc during workdays.

I'll let you know, in case memtest shows some errors. If that's not the case, I'll order a new power adapter, as some of my researches on the net showed, that a faulty PA would also cause similar problems.