BSOD when shutting the pc down..

[IonicBlade]

Whenever I press shutdown in windows 10.. I get a BSOD which says "Driver_Verifier_Detected_Violation"

This is the error in the minidump, it is pretty much identical to the other 5 in there.. I can't seem to understand most of it. I would appreciate some help:



A device driver attempting to corrupt the system has been caught. This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 00000000000000f5, ObReferenceObjectByHandle is being called with a NULL handle.
Arg2: 0000000000000000, Handle value specified by the caller.
Arg3: ffffb805038702d0, Object type specified by the caller.
Arg4: 0000000000000000

Debugging Details:
------------------


DUMP_CLASS: 1

DUMP_QUALIFIER: 400

BUILD_VERSION_STRING: 10.0.14393.1358 (rs1_release.170602-2252)

DUMP_TYPE: 2

BUGCHECK_P1: f5

BUGCHECK_P2: 0

BUGCHECK_P3: ffffb805038702d0

BUGCHECK_P4: 0

BUGCHECK_STR: 0xc4_f5

CPU_COUNT: 8

CPU_MHZ: e28

CPU_VENDOR: AuthenticAMD

CPU_FAMILY: 15

CPU_MODEL: 1

CPU_STEPPING: 2

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP

PROCESS_NAME: csrss.exe

CURRENT_IRQL: 0

ANALYSIS_SESSION_HOST: IONIC

ANALYSIS_SESSION_TIME: 07-11-2017 19:20:02.0039

ANALYSIS_VERSION: 10.0.15063.468 amd64fre

LAST_CONTROL_TRANSFER: from fffff80053d13330 to fffff8005375dce0

STACK_TEXT:
ffff8e80`8fb96748 fffff800`53d13330 : 00000000`000000c4 00000000`000000f5 00000000`00000000 ffffb805`038702d0 : nt!KeBugCheckEx
ffff8e80`8fb96750 fffff800`53d23da9 : 00000000`00000000 ffff8e80`8fb96859 ffffb805`038702d0 00000000`00000000 : nt!VerifierBugCheckIfAppropriate+0x48
ffff8e80`8fb96790 ffff9f0b`ea39b714 : 00000000`00000000 ffff8e80`8fb96859 ffffb805`0516bb60 00000000`00000000 : nt!VerifierObReferenceObjectByHandle+0xb9
ffff8e80`8fb967d0 ffff9f0b`ea418974 : 00000000`00000000 ffff8e80`8fb96a29 ffff8e80`8fb96a18 ffffb805`06cdf070 : win32kbase!rimOnPnpArrived+0x254
ffff8e80`8fb968c0 ffff9f0b`ea014a52 : 00000000`00000000 00000000`00000001 00000000`00000000 00000000`00000000 : win32kbase!RIMAddNonPnpDeviceOfTypeUsingSuppliedFileHandle+0x124
ffff8e80`8fb96970 ffff9f0b`ea3dfbcc : 00000000`00000001 00000000`00360119 ffffb805`00000001 fffff800`00000002 : win32kfull!xxxDesktopThread+0x6c2
ffff8e80`8fb96a90 ffff9f0b`ea0a2bbf : 00000000`00000001 ffff9f0b`ea4b09d0 00000000`00000004 00000000`00000000 : win32kbase!xxxCreateSystemThreads+0x6c
ffff8e80`8fb96ad0 fffff800`53768993 : ffffb805`0877c800 00000000`00000004 000001ea`0f90a208 000001ea`0f9040e0 : win32kfull!NtUserCallNoParam+0x2f
ffff8e80`8fb96b00 00007ff8`b90f1144 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
000000dc`6e3ff928 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff8`b90f1144


STACK_COMMAND: kb

THREAD_SHA1_HASH_MOD_FUNC: a3fb7771e6a1795db836fabaa3d2e2570ff88095

THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 80c49bbda5d71235d87911337d4f82fb3aa2110c

THREAD_SHA1_HASH_MOD: 0745d0c298af4320efd071415d32a539ba294c1f

FOLLOWUP_IP:
win32kbase!rimOnPnpArrived+254
ffff9f0b`ea39b714 448bf0 mov r14d,eax

FAULT_INSTR_CODE: 48f08b44

SYMBOL_STACK_INDEX: 3

SYMBOL_NAME: win32kbase!rimOnPnpArrived+254

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: win32kbase

IMAGE_NAME: win32kbase.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 5932781c

IMAGE_VERSION: 10.0.14393.1358

BUCKET_ID_FUNC_OFFSET: 254

FAILURE_BUCKET_ID: 0xc4_f5_VRF_win32kbase!rimOnPnpArrived

BUCKET_ID: 0xc4_f5_VRF_win32kbase!rimOnPnpArrived

PRIMARY_PROBLEM_CLASS: 0xc4_f5_VRF_win32kbase!rimOnPnpArrived

TARGET_TIME: 2017-07-11T00:38:10.000Z

OSBUILD: 14393

OSSERVICEPACK: 1358

SERVICEPACK_NUMBER: 0

OS_REVISION: 0

SUITE_MASK: 272

PRODUCT_TYPE: 1

OSPLATFORM_TYPE: x64

OSNAME: Windows 10

OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS

OS_LOCALE:

USER_LCID: 0

OSBUILD_TIMESTAMP: 2017-06-03 10:52:01

BUILDDATESTAMP_STR: 170602-2252

BUILDLAB_STR: rs1_release

BUILDOSVER_STR: 10.0.14393.1358

ANALYSIS_SESSION_ELAPSED_TIME: 783

ANALYSIS_SOURCE: KM

FAILURE_ID_HASH_STRING: km:0xc4_f5_vrf_win32kbase!rimonpnparrived

FAILURE_ID_HASH: {ee1f2564-23a0-fe46-4311-33b049cbda1f}

Followup: MachineOwner
---------

 

[IonicBlade]

Could I get some help here?

 

[johnbl]

win32kbase!RIMAddNonPnpDeviceOfTypeUsingSuppliedFileHandle

guessing this would be some plug and play problem, in which case you would have to provide a windows kernel memory dump file that would be looked at with the windows debugger with the command
!pnptriage

after getting the kernel bugcheck file, you would then turn off verifier.exe via
verifier.exe /reset
until you can apply a fix to the problem (so you can boot and run correctly)

 

[IonicBlade]

Well what you said is rather confusing to me.. My software knowledge doesn't go that far sadly..
However, I can boot and run correctly, it is just a BSOD the moment I press shut down

 

[gardenman]

Hi IonicBlade, follow these steps.

Right click on "This PC" on your desktop.
Choose Properties.
Click on "Advanced system settings".
Click on the "Advanced" tab at the top of the "System Properties" window.
Under "Startup and Recovery" at the bottom, click the Settings button.
In the "Startup and Recovery" window at the bottom, you will see a "Write debugging information" section. From the drop down list, choose "Kernel memory dump" and choose OK on all dialogs to close them out.

Now when your Windows crashes, it will create a huge "Memory.dmp" file in your C:\Windows folder. You will need to upload this file to a public server (such as a google drive) and make it available for download. Post the link to download it in here so johnbl can review it.

He also said you can turn Verifier off after uploading the dump file so that you can use your PC as normal. Apparently you have turned it on (or had someone turn it on for you). After you've uploaded the dump file, open up a Command Prompt and type in verifier.exe /reset to turn Verifier off.

 

[IonicBlade]

Alright, will have the file uploaded by tomorrow