Link to home
Start Free TrialLog in
Avatar of jchauncey60
jchauncey60Flag for United States of America

asked on

Vista 64 SP2, Bugcode_usb_driver

I have been having a problem with Vista 64bit SP2 BSOD with heavy use on the USB bus.  If I plug my USB video driver or iPhone in...most of the time the computer will BSOD within 30 minutes.  Other times it will run for days.  This is a fresh install of Vista and I have applied all the patches.

I have attached the latest Minidump file....suggestions are welcomed.  

Thanks in advance.
SOLUTION
Avatar of John Griffith
John Griffith
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Apologies - NO WAY TO EDIT POST  -- Here is link again - http://www.techsupportforum.com/1871981-post2.html
Avatar of jchauncey60

ASKER

Thanks for your help.  I do not have access to the website in step #2, so I did what I could.  I ran Autoruns, gathered the perfmn data, and all the Minidump files.  I am not ruling out a hardware issue--this laptop has had the motherboard replaced 3x already.  The reason I think it is something to do with the USB bus and SP2...is prior to installing SP2, I did not have this problem and if I leave my heavy USB use items unplugged, it runs for days until I plug one in.

I am fairly knowledgable (a management type MCSE, CCNA, MCDBA, etc...), but this is beyond my pay grade.  Thanks again.
Hi - Apologies about the access problem.  Would you mind running a few line commands, please?   It will allow me the minimum of reports that I like to start with.
If so, please create a sub-directory in your Documents folder named  Vistax64_Support - bring up an elevated admin cmd/DOS prompt and paste the 5 lines in 1 at a time.  Thanks... jcgriff2
 


 
driverquery /v > "%userprofile%\documents\Vistax64_Support\drivers1.txt"
 
wevtutil qe Application /c:70000 /rd:true /f:text > "%userprofile%\documents\Vistax64_Support\evtx_app.txt"
 
wevtutil qe System /c:70000 /rd:true /f:text > "%userprofile%\documents\Vistax64_Support\evtx_sys.txt"
 
dxdiag /whql:off /64bit /x %userprofile%\documents\Vistax64_Support\dxdiag.txt
 
msinfo32 /nfo "%userprofile%\documents\Vistax64_Support\msinfo32.nfo"
__________________________________________
- dxdiag needs ~ 15-25 secs to run, eventhough cmd/DOS prompt return immediately; if your user name contains spaces, dxdiag will not write output properly
- the 2nd EVTX command will take ~30-60 secs
 
Add the dumps and other file you gathered to the output folder, please.  Then zip up the directory and attach to post.  You may run into problems with zipped dumps; not sure about policies here

Open in new window

No worries on the access issue...I am just thankful you are willing to give me a hand.  

I have added the files.  EE has fairly strict extenson names on what can be upload, so I had to add ".txt" to the end of many of them, so you might need to rename them before analysis.

Bytemobile driver is also a possibility of where the problem is coming from.  That driver is a WAN acceleration tool that is installed by AT&T for use within their cellular card.

Again, thanks so much.
crash.zip
Hi -
I am going thru the files -(THANK YOU for the time to gather those).  Is there any chance that BARTPE was/ is installed on your system?  There are quite a few drivers that I have not seen before or its been a year (+ 10,000s dump files).  Have you had or thought you have had any viruses or malware?  I am not saying there is any, just asking.
Also - please execute AutoRuns (admin level), go to Sidebar -- what is in the settings.ini file?  I have never seen that file in that location  before (that I recall).
Go into services.msc - look at the 4 Roxio services -- are you familiar with them (i.e., are they legit) ?
Go to Sym...  - I can paste several screens with the problems that that firewall causes (not that particular one, any 3rd party firewall).  The only time I don't mention it is if the user has properly 100% configured it.  I do see 0xc0000005 exceptions in WERCON, which tells me there is a firewall blocking some Vista system services causing problems.  0xc0000005 = memory access violation - the system (NT AUTHORITY\USER, net, local) is being blocked while operating causing apphangs-->appcrashes and can lead to BSODs.
Back later. . .
jcgriff2
 
Thanks agian...

BARTPE is not something I have installed...if it is there, it was installed one of the packages I installed.
I have considered virus/malware and anything is possible. I have the latest verions of Norton 360 with the latest edition of the definations (updated yesterday).  I do a few applications that are older in use.

I see 4 lines in the Sidebar->Settings.Ini (BTW, I have the Sidebar disabled)
1. Clock
2. Feed Headlines
3. Norton Gadget
4. Slide Show

Roxio, looks to be legit...like many software products they have bloated the software until it has become a pig.

Interesting with the FW. I use the Norton FW from the 360 package.  I did a heavy update of my iPhone yesterday (after doing the Norton 360 upgrade to 3.0) without a problem. Perhaps I need to try my USB video and iPhone a little more today and see if update helped the problem.
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Thanks so much for your assistance, I've just got home and need to digest the information tomorrow.  The USB Video is a Tritton SSE2.

Thanks again...I am thankful you like a challenge!
After working with Microsoft, it appears we have found the problem.  The Authentec Fingerprint driver has a problem with SP2.  We renamed ATSwpDrv.sys and rebooted and so far the laptop has been rock solid.

Now I get to convience HP they have a problem!
Hi -
Glad to hear the news.  The Authentec driver was named in the 0x9f BSODs as the probable cause - of all 3. Here is the driver in your system -
0: kd> lmvm ATSwpDrv
start             end                 module name
fffffa60`05d79000 fffffa60`05dac600   ATSwpDrv T (no symbols)          
    Loaded symbol image file: ATSwpDrv.sys
    Image path: \SystemRoot\system32\DRIVERS\ATSwpDrv.sys
    Image name: ATSwpDrv.sys
    Timestamp:        Tue Aug 28 12:46:42 2007 (46D47BA2)
Note the last line - 2007 driver date
On to the HP Support site for what I believe to be your system.. they have an updated ATSwpDrv.sys -
http://h10025.www1.hp.com/ewfrf/wc/softwareList?os=2100&lc=en&dlc=en&cc=us&product=3185028
   
I would suggest that you check the other drivers while there.
I came upon these manuals for your system, should you want any of them  - http://h10025.www1.hp.com/ewfrf/wc/manualCategory?lc=en&cc=us&dlc=en&product=3185028
Are you still running N360?  If so, have you checked WERCON lately?
I worked on another very interesting 0xc0000005 exception case involving IE downloading prpoblems -
http://www.techsupportforum.com/microsoft-support/windows-vista-windows-7-support/399390-download-stops-working-windows7-internet-download-manager-everywhere.html#post2264205
It has been a pleasure working with you.
JC