Windows 10 Occasional but constant blue screen of death

[995.Unknown]

My girlfriend's PC is constantly facing blue screens. When I say constantly, I don't mean its a daily event, but once a week or so her PC crashes. I am fairly competent with computers, I built my own and her PCs myself, I can troubleshoot Windows all day, but I have absolutely zero experience with dmp files. I have the MEMORY.DMP file saved from the crash, here is the link to the file: MEMORY.DMP


And link to the EventViewer System logs: hji.evtx


Never mind the name of the second file, I just face smashed the keyboard to give the file a name quickly


EDIT: Before reading any further, I should mention the CPU is in no way overclocked and the RAM is running the built in XMP to reach 3200Mhz.


Analysing it using WinDbg, it tells me this and nothing more:



: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except.
Typically the address is just plain bad or it is pointing at freed memory.
Arguments:
Arg1: ffffcc0db27afcc8, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffff8021b4e934e, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000002, (reserved)

Debugging Details:
------------------


KEY_VALUES_STRING: 1

Key : Analysis.CPU.mSec
Value: 2406

Key : Analysis.DebugAnalysisProvider.CPP
Value: Create: 8007007e on UNKNOWN

Key : Analysis.DebugData
Value: CreateObject

Key : Analysis.DebugModel
Value: CreateObject

Key : Analysis.Elapsed.mSec
Value: 5494

Key : Analysis.Memory.CommitPeak.Mb
Value: 87

Key : Analysis.System
Value: CreateObject

Key : WER.OS.Branch
Value: vb_release

Key : WER.OS.Timestamp
Value: 2019-12-06T14:06:00Z

Key : WER.OS.Version
Value: 10.0.19041.1


ADDITIONAL_XML: 1

OS_BUILD_LAYERS: 1

BUGCHECK_CODE: 50

BUGCHECK_P1: ffffcc0db27afcc8

BUGCHECK_P2: 0

BUGCHECK_P3: fffff8021b4e934e

BUGCHECK_P4: 2

READ_ADDRESS: ffffcc0db27afcc8 Nonpaged pool

MM_INTERNAL_CODE: 2

BLACKBOXBSD: 1 (!blackboxbsd)


BLACKBOXNTFS: 1 (!blackboxntfs)


BLACKBOXPNP: 1 (!blackboxpnp)


BLACKBOXWINLOGON: 1

PROCESS_NAME: steam.exe

TRAP_FRAME: ffffbe00dc3d4150 -- (.trap 0xffffbe00dc3d4150)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=00ffffcc0db27afc rbx=0000000000000000 rcx=00000000000000fc
rdx=ffffcc0db27afce0 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8021b4e934e rsp=ffffbe00dc3d42e8 rbp=ffff8984e0485b40
r8=0000000000000000 r9=ffffcc0db27afcb0 r10=00000000000c5408
r11=ffffbe00dc3d4330 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz ac po cy
nt!ObpCaptureHandleInformation+0x8e:
fffff802`1b4e934e 410fb64118 movzx eax,byte ptr [r9+18h] ds:ffffcc0d`b27afcc8=??
Resetting default scope

STACK_TEXT:
ffffbe00`dc3d3ea8 fffff802`1b035de9 : 00000000`00000050 ffffcc0d`b27afcc8 00000000`00000000 ffffbe00`dc3d4150 : nt!KeBugCheckEx
ffffbe00`dc3d3eb0 fffff802`1ae12d00 : 00000000`00000110 00000000`00000000 ffffbe00`dc3d41d0 00000000`00000000 : nt!MiSystemFault+0x1ae0e9
ffffbe00`dc3d3fb0 fffff802`1afec01e : ffff8984`e15fff10 fffff802`1afdffa5 00000000`00000004 ffff8984`d726d4c0 : nt!MmAccessFault+0x400
ffffbe00`dc3d4150 fffff802`1b4e934e : fffff802`1b559121 00000000`00000ecc 00000000`00000000 ffffcc0d`00000000 : nt!KiPageFault+0x35e
ffffbe00`dc3d42e8 fffff802`1b559121 : 00000000`00000ecc 00000000`00000000 ffffcc0d`00000000 fffff802`1aec9dc2 : nt!ObpCaptureHandleInformation+0x8e
ffffbe00`dc3d42f0 fffff802`1b4e9245 : fffff802`1b4e92c0 ffff8984`e0485b58 00000000`0017fffc ffffbe00`dc3d4434 : nt!ExpSnapShotHandleTables+0x131
ffffbe00`dc3d4380 fffff802`1b5568b1 : ffffbe00`dc3d4434 00000000`000c5408 00000000`0017fffc 00000000`00000000 : nt!ObGetHandleInformation+0x39
ffffbe00`dc3d43c0 fffff802`1b3e460a : 00000000`09288050 00000000`00020000 ffff9a00`dfc00050 ffffcc0d`39f2f010 : nt!ExpGetHandleInformation+0x5d
ffffbe00`dc3d4400 fffff802`1b1fba47 : 00000000`00000002 00000000`00018002 00000000`00000001 00000000`00180010 : nt!ExpQuerySystemInformation+0x1e8a7a
ffffbe00`dc3d4ac0 fffff802`1afef878 : ffffcc0d`33a50000 ffffcc0d`35b9b8e0 ffffbe00`dc3d4b18 ffffbe00`dc3d4b80 : nt!NtQuerySystemInformation+0x37
ffffbe00`dc3d4b00 00007fff`c7f8c484 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28
00000000`008ddd98 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007fff`c7f8c484


SYMBOL_NAME: nt!ObpCaptureHandleInformation+8e

MODULE_NAME: nt

IMAGE_NAME: ntkrnlmp.exe

STACK_COMMAND: .thread ; .cxr ; kb

BUCKET_ID_FUNC_OFFSET: 8e

FAILURE_BUCKET_ID: AV_R_INVALID_nt!ObpCaptureHandleInformation

OS_VERSION: 10.0.19041.1

BUILDLAB_STR: vb_release

OSPLATFORM_TYPE: x64

OSNAME: Windows 10

FAILURE_ID_HASH: {ca33f0ed-ea4f-08da-9cd1-d248328d82af}

Followup: MachineOwner


If anybody could make sense of this text or if there is more info in the file (there has to be, the file is over 1gb in size) and let me know what the issue is, I'd very much appreciate that.


The full specs of her PC are:
AMD Ryzen 5 3600X

Corsair Vengeance RGB PRO 16GB 3200Mhz C16

MSI X470 GAMING PLUS MAX

Gigabyte GeForce RTX 2060 Super Windforce OC 8GB

Sabrent Rocket 1TB NVMe 2280

Seagate BarraCuda 4TB 3.5" HDD 5400RPM

Noctua NH-D15

Seasonic Focus GX 750W 80+ Gold


Plus peripherals. Thanks for any help in advance and if any additional info is needed, please ask.

Continue reading...