L LukeFZ New member Joined Mar 6, 2018 Posts 4 Mar 6, 2018 #1 Hello! Im experiencing a BSOD when plugging in my Seagate Expansion Drive 2TB. The bluescreen reads "UNEXPECTED_KERNEL_MODE_TRAP", and with BlueScreenView I found out the Bug Check Code is 0x0000007f. I can connect the drive in safe mode just fine. My Specs: http://speccy.piriform.com/results/ZbBviffsojO1FIKohWjBKsp and running Windows 10 Pro x64 Retail Upgraded. I built this desktop system myself so the original OS was Windows 8 Pro now upgraded to Windows 10 when it came out on the 29th July 2015. The system is 4 years old, but I replaced the graphics card in 2017. I also cloned the hard drive to another hard drive because the other one was failing. For Anti-Virus Software, I had installed Malwarebytes but I uninstalled it and used the cleanup tool for it. I cant run the Sysnative BSOD Collection App because it gives me an error that `[ยด isnt found and that it isnt supported on versions of Windows prior to Vista, but I am running Windows 10 Pro. I have attached the latest Minidump file though. Attachments 030618-9640-01.zip 163.5 KB · Views: 5
Hello! Im experiencing a BSOD when plugging in my Seagate Expansion Drive 2TB. The bluescreen reads "UNEXPECTED_KERNEL_MODE_TRAP", and with BlueScreenView I found out the Bug Check Code is 0x0000007f. I can connect the drive in safe mode just fine. My Specs: http://speccy.piriform.com/results/ZbBviffsojO1FIKohWjBKsp and running Windows 10 Pro x64 Retail Upgraded. I built this desktop system myself so the original OS was Windows 8 Pro now upgraded to Windows 10 when it came out on the 29th July 2015. The system is 4 years old, but I replaced the graphics card in 2017. I also cloned the hard drive to another hard drive because the other one was failing. For Anti-Virus Software, I had installed Malwarebytes but I uninstalled it and used the cleanup tool for it. I cant run the Sysnative BSOD Collection App because it gives me an error that `[ยด isnt found and that it isnt supported on versions of Windows prior to Vista, but I am running Windows 10 Pro. I have attached the latest Minidump file though.
L LukeFZ New member Joined Mar 6, 2018 Posts 4 Mar 6, 2018 #2 I forgot to mention I have already tried: dism.exe /online /cleanup-image /restorehealth and sfc /scannow: sfc always finds corrupted files and fixes them. Removing the hard drive in device manager: just crashes when connecting it again.
I forgot to mention I have already tried: dism.exe /online /cleanup-image /restorehealth and sfc /scannow: sfc always finds corrupted files and fixes them. Removing the hard drive in device manager: just crashes when connecting it again.
HyperHenry Active member Joined Feb 12, 2018 Posts 40 Location Currently Texas Mar 6, 2018 #3 I had to use a German translator for the SMART values but your HDD is definately failing.
L LukeFZ New member Joined Mar 6, 2018 Posts 4 Mar 7, 2018 #4 My AData? Thats why i cloned that hard drive to the Samsung one, but that probably cloned the bad sectors aswell so it didnt do anything
My AData? Thats why i cloned that hard drive to the Samsung one, but that probably cloned the bad sectors aswell so it didnt do anything
HyperHenry Active member Joined Feb 12, 2018 Posts 40 Location Currently Texas Mar 7, 2018 #5 That is likely the case. If you have access to another computer you can download a bootable repair disk for the same version of Windows you have. You can choose a CD or flash drive. Here is the link. https://support.microsoft.com/en-us/help/4026852/windows-create-a-recovery-drive
That is likely the case. If you have access to another computer you can download a bootable repair disk for the same version of Windows you have. You can choose a CD or flash drive. Here is the link. https://support.microsoft.com/en-us/help/4026852/windows-create-a-recovery-drive
L LukeFZ New member Joined Mar 6, 2018 Posts 4 Mar 7, 2018 #6 I have another PC with Windows 10, but it has an insider build on it. Could I use that too, or does it need to be Windows 10 with the Anniversary Update?
I have another PC with Windows 10, but it has an insider build on it. Could I use that too, or does it need to be Windows 10 with the Anniversary Update?
x BlueRobot Administrator Staff member Joined May 7, 2013 Posts 10,185 Location %systemroot% Mar 10, 2018 #7 HyperHenry said: I had to use a German translator for the SMART values but your HDD is definately failing. Click to expand... All the SMART values seem to say "Good"?
HyperHenry said: I had to use a German translator for the SMART values but your HDD is definately failing. Click to expand... All the SMART values seem to say "Good"?
x BlueRobot Administrator Staff member Joined May 7, 2013 Posts 10,185 Location %systemroot% Mar 10, 2018 #8 Code: BugCheck 7F, {8, ffff940105029f50, ffffbd8628415fe0, fffff803a1e54958} Probably caused by : memory_corruption Ignore the memory corruption, it simply means that because you've experienced a stack overflow error, any adjacent memory addresses would be overwritten. The second parameter appears to be the address of our trap frame; the last saved context before the crash. The third parameter appears to be stack frame pointer and the fourth parameter appears to be the instruction address pointer. Code: 1: kd> .trap 0xffff940105029f50 NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. rax=7fffe7053f62de90 rbx=0000000000000000 rcx=ffffe70542c1d700 rdx=ffffe7053f62de90 rsi=0000000000000000 rdi=0000000000000000 rip=fffff803a1e54958 rsp=ffffbd8628415fe0 rbp=ffffbd86284160d9 r8=ffffbd8628416028 r9=0000000000000464 r10=ffffe70546c6ea60 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei pl zr na po nc nt!ExAcquireCacheAwarePushLockSharedEx+0xe8: fffff803`a1e54958 e823080000 call nt!KiAbThreadRemoveBoosts (fffff803`a1e55180) It appears that driver is making a number of I/O calls and overflowing the call stack. Code: 1: kd> !stackusage Stack Usage By Function ================================================================================= Size Count Module 0x00000C40 7 nt!IopParseDevice 0x00000C40 7 nt!ObpLookupObjectName 0x00000C30 6 nt!KiSystemServiceCopyEnd 0x000008C0 7 nt!ObOpenObjectByNameEx 0x000006C0 6 FLTMGR!FltpPerformPreCallbacks 0x00000540 6 filecrypt!StSecpGetStorageFolderStringSecurityDescriptor 0x000004D0 7 nt!IopCreateFile 0x000004D0 7 FLTMGR!FltpCreate 0x00000480 6 filecrypt!FCPreCreate 0x00000420 6 filecrypt!KappxGetSecurityDescriptorStringForPackageFullName 0x000003F0 7 nt!NtOpenFile 0x00000300 6 filecrypt!StSecpGetParameterValue 0x000001C0 7 nt!IofCallDriver 0x00000180 6 filecrypt!FCpObtainSecurityInfo 0x00000180 6 filecrypt!StSecGetSecurityDescriptor 0x00000150 7 FLTMGR!FltpPassThroughInternal 0x00000120 1 FLTMGR!FltpPerformPreCallbacks 0x00000070 1 nt!IopParseFile 0x00000040 2 nt!ExAcquireCacheAwarePushLockSharedEx 0x00000030 6 nt!KiServiceLinkage Total Size: 0x00005AB0 Stack Usage By Module ================================================================================= Size Count Module 0x000038D0 57 nt 0x000013E0 36 filecrypt 0x00000E00 21 FLTMGR Total Size: 0x00005AB0 Judging from some of the strings on the stack, it appears that it's trying to access a file on the hard disk. I would suggest running Driver Verifier - Driver Verifier - BSOD related - Windows 10, 8.1, 8, 7 & Vista
Code: BugCheck 7F, {8, ffff940105029f50, ffffbd8628415fe0, fffff803a1e54958} Probably caused by : memory_corruption Ignore the memory corruption, it simply means that because you've experienced a stack overflow error, any adjacent memory addresses would be overwritten. The second parameter appears to be the address of our trap frame; the last saved context before the crash. The third parameter appears to be stack frame pointer and the fourth parameter appears to be the instruction address pointer. Code: 1: kd> .trap 0xffff940105029f50 NOTE: The trap frame does not contain all registers. Some register values may be zeroed or incorrect. rax=7fffe7053f62de90 rbx=0000000000000000 rcx=ffffe70542c1d700 rdx=ffffe7053f62de90 rsi=0000000000000000 rdi=0000000000000000 rip=fffff803a1e54958 rsp=ffffbd8628415fe0 rbp=ffffbd86284160d9 r8=ffffbd8628416028 r9=0000000000000464 r10=ffffe70546c6ea60 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0 nv up ei pl zr na po nc nt!ExAcquireCacheAwarePushLockSharedEx+0xe8: fffff803`a1e54958 e823080000 call nt!KiAbThreadRemoveBoosts (fffff803`a1e55180) It appears that driver is making a number of I/O calls and overflowing the call stack. Code: 1: kd> !stackusage Stack Usage By Function ================================================================================= Size Count Module 0x00000C40 7 nt!IopParseDevice 0x00000C40 7 nt!ObpLookupObjectName 0x00000C30 6 nt!KiSystemServiceCopyEnd 0x000008C0 7 nt!ObOpenObjectByNameEx 0x000006C0 6 FLTMGR!FltpPerformPreCallbacks 0x00000540 6 filecrypt!StSecpGetStorageFolderStringSecurityDescriptor 0x000004D0 7 nt!IopCreateFile 0x000004D0 7 FLTMGR!FltpCreate 0x00000480 6 filecrypt!FCPreCreate 0x00000420 6 filecrypt!KappxGetSecurityDescriptorStringForPackageFullName 0x000003F0 7 nt!NtOpenFile 0x00000300 6 filecrypt!StSecpGetParameterValue 0x000001C0 7 nt!IofCallDriver 0x00000180 6 filecrypt!FCpObtainSecurityInfo 0x00000180 6 filecrypt!StSecGetSecurityDescriptor 0x00000150 7 FLTMGR!FltpPassThroughInternal 0x00000120 1 FLTMGR!FltpPerformPreCallbacks 0x00000070 1 nt!IopParseFile 0x00000040 2 nt!ExAcquireCacheAwarePushLockSharedEx 0x00000030 6 nt!KiServiceLinkage Total Size: 0x00005AB0 Stack Usage By Module ================================================================================= Size Count Module 0x000038D0 57 nt 0x000013E0 36 filecrypt 0x00000E00 21 FLTMGR Total Size: 0x00005AB0 Judging from some of the strings on the stack, it appears that it's trying to access a file on the hard disk. I would suggest running Driver Verifier - Driver Verifier - BSOD related - Windows 10, 8.1, 8, 7 & Vista