Question
64 views

Help With BSOD Windows 8.1

Finekid asked on
1 person had this question

Abuse history


The answered status icon Answer
Patrick Barker replied on

Hi,

We have various bug checks:

UNEXPECTED_KERNEL_MODE_TRAP (1000007f) bug check.

This bug check indicates that the Intel CPU generated a trap and the kernel failed to catch this trap.

BugCheck 7F, {8, 80050033, 406f8, fffff88005edd88b}

The 1st parameter of the bug check is 0x00000008, or Double Fault, indicates that an exception occurs during a call to the handler for a prior exception. Typically, the two exceptions are handled serially. However, there are several exceptions that cannot be handled serially, and in this situation the processor signals a double fault. There are two common causes of a double fault:

  • A kernel stack overflow. This overflow occurs when a guard page is hit, and the kernel tries to push a trap frame. Because there is no stack left, a stack overflow results, causing the double fault.
  • A hardware problem.

PROCESS_HAS_LOCKED_PAGES (76)

This bug check indicates that a driver failed to release locked pages after an I/O operation, or that it attempted to unlock pages that were already unlocked.

The driver either failed to unlock pages that it locked (parameter 1 value is 0x0), or the driver is attempting to unlock pages that have not been locked or that have already been unlocked (parameter 1 value is 0x1).

BugCheck 76, {0, ffffe00004dc9080, 2000000, 0}

^^ In your case, 1st parameter = 0, therefore a driver failed to unlock pages that it locked.

-- PROCESS_NAME:  openvpn.exe

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)

This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.

A driver tried to access an address that is pageable (or that is completely invalid) while the IRQL was too high. This bug check is usually caused by drivers that have used improper addresses.

By default, the fault of the crash is tcpip.sys which is NOT the true cause, and something is very likely causing NETBIOS conflicts after seeing openvpn be a process crash, and tcpip.sys faulted.

-----------------------

Remove and replace Kaspersky with Windows 8's built-in Windows Defender for temporary troubleshooting purposes as it's likely causing conflicts:

Kaspersky removal - http://support.kaspersky.com/common/service.aspx?el=1464

Windows Defender (how to turn on after removal) - http://www.eightforums.com/tutorials/21962-windows-defender-turn-off-windows-8-a.html

Regards,

Patrick

Debugger/Reverse Engineer.
Be the first person to mark this helpful

Abuse history


progress