Windows 10 BSOD issue WIN10

[OlivierM]

Hello, i have a BSOD issue on my HP Pavilion. Current OS WINDOWS 10. but this issue already exist on Windows 8. As seen on the forum, I have done a cmpressed file with all the information 'W7F_08-09-2015.zip". but i don't know where to upload this file. thanks for your help.

 

[OlivierM]

Find attached file.

 

[kemical]

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck F7, {2a802253abb0, 421cab057785, ffffbde354fa887a, 0}

Probably caused by : ntkrnlmp.exe ( nt!_report_gsfailure+25 )

Followup: MachineOwner
---------

2: kd> !analyze -v;r;kv;lmtsmn;.bugcheck;!peb;!sysinfo cpuinfo;!sysinfo machineid; !sysinfo cpuspeed; !sysinfo smbios
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

DRIVER_OVERRAN_STACK_BUFFER (f7)
A driver has overrun a stack-based buffer.  This overrun could potentially
allow a malicious user to gain control of this machine.
DESCRIPTION
A driver overran a stack-based buffer (or local variable) in a way that would
have overwritten the function's return address and jumped back to an arbitrary
address when the function returned.  This is the classic "buffer overrun"
hacking attack and the system has been brought down to prevent a malicious user
from gaining complete control of it.
Do a kb to get a stack backtrace -- the last routine on the stack before the
buffer overrun handlers and bugcheck call is the one that overran its local
variable(s)

Hi,
it seems your system was shut down or had the bsod to basically stop an hacking attack or you have a compatibility issue.

I see you have Bitdefender installed did you disable the Windows firewall at any point?

When upgrading to Windows 10 did you turn off the security apps you have running as this can also affect the upgrade?

Also I couldn't find the machines support page at HP. My French is not so good and so could only find the product page. HP does have a general support page for Windows 10 but that's all i could find really:
Link Removed

Please run Malwarebytes and check you have no nasties still lurking around:
Free Anti-Malware & Internet Security Software

Also can you post a little more detail about the bsod. Did it occur only once or is it regular?

 

[OlivierM]

Hi,

First thanks a lot for spending time on my issue.

Yes, i have bitdefender, after your answer i have notice that some elements were activated in Bitdefender and desactivated in Windows defender (for example firewall) and the opposite for Antivirus.
I have then desactivated Windows defender. (is there a solution to stop Windows defender in one step, or do i have to desactivate firewall, and after antivirus, ...)
The BSOD was already here frequently on Windows 8, upgrade has not modified this issue. (some time subject of BSOD was WATCHDOG_VIOLATION, or PFN_LIST_CORRUPT, or DRIVER_OVERRAN_STACK_BUFFER)

You can find below the link to HP support for my laptop. (in french i will try to find English one)
Ordinateur portable HP Pavilion 17-e050sf Informations sur le produit | Assistance clientèle HP®

I have run Malwarebytes, an nothing detected.

I will see if the antivirus modification has changed something. i will keep you informed.
Thanks a lot.

Olivier

 

[kemical]

Hi Oliver,
thank you for the update. Usually if one installs a new Anti Virus application then Defender will be turned off by default. If the bsod occurred under windows 8 then the same issue has followed through the upgrade. Did you use Bitdefender with windows 8?
Also those Bugchecks you mention can often be caused by an SSD with old firmware or an out of date driver so do check with your support site for anything like that.

 

[OlivierM]

Hi,
In fact, i don't know why, but there was a mix between Windows Defender and Bitdefender functions. (one for antivirus, the other for firewall)
Yes Bitdefender was already installed and used on Windows 8.

About the firmeware, i will check it.
Thanks

Olivier

 

[kemical]

Your welcome

 

[OlivierM]

Hello,

I have disabled Windows defender, and only bitdefender is working.
I have installed last HP assistant, and then update all drivers and soft with it.

And just now a new BSOD: DRIVER_OVERRAN_STACK_BUFFER

Have you another idea.

Thanks

 

[kemical]

What version of bitdefender are you running? In any case I'd also remove that too. See the windows 10 compatibility page:

 

[OlivierM]

I am running Bitdefender Internet Security 2015. (at the moment no info on compatibility with win10)
But this issue was already here in win 8, and this version was compatible.

 

[kemical]

Ok try this, create a system rescue usb or disk for Windows 10. The reason I want you to do this is because you need to run the driver verifier. This can sometimes cause a bsod on start up meaning you cannot get back into the system unless you have a rescue disk/usb so you can go into safe mode and turn the verifier off. The verifier will stress each driver to try and get a bsod. If a bsod occurs then hopefully the bad driver will be caught in the dump file.
Creating a USB recovery drive - Windows Help

This guide will show you how to turn the verifier on:
How do I fix a Blue Screen in Windows using Driver Verifier?

Please post any new dump files.

If this fails to show anything then there is a chance it could a RAM issue but let's test first and see how we go.

 

[OlivierM]

Hi Kemical,

I have run the verifier driver, and i had a BSOD very quickly. you can find enclosed the dump file.
I have also notice on the blue screen this file: gzflt.sys. (VIOLATION)
What do you think of that?

Thanks.

Olivier

 

[kemical]

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck F7, {2a813df389b0, c7eb51d18f58, ffff3814ae2e70a7, 0}

Probably caused by : ntkrnlmp.exe ( nt!_report_gsfailure+25 )

Followup: MachineOwner

Hi,
The above bugcheck as well as gzflt.sys means that it is Bitdefender that's probably at fault here. gzflt.sys is part of Bitdefender and I strongly suggest you remove all instances of the app using this tool:
Uninstall Bitdefender

 

[OlivierM]

I have desinstalled Bitdefender with the specific tool. and i have had a new BSOD soon after restarting.
I have then re-run driver verifier, and now i have a blue screen with amdkmpfd.sys.
Find enclosed new dump file

 

[kemical]

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck F7, {2a8022189150, 6a1c76d07f1c, ffff95e3892f80e3, 0}

Probably caused by : ntkrnlmp.exe ( nt!_report_gsfailure+25 )

Followup: MachineOwner

Hi,
that is a PCI driver and normally associated with the chipset. You need to update your Intel drivers particularly storage. I checked the website you posted and you do indeed have drivers for Windows 10 and Intel too:
Téléchargements de logiciels et de pilotes HP pour les imprimantes HP, ordinateurs portables, ordinateurs de bureau, etc. | Assistance clientèle HP®

Just to mention that sometimes the driver verifier will give 'false positives'. What I mean by this is that it will make a driver bsod where normally it wouldn't which may be why Bitdefender flagged up. In any case we will track the culprit down eventually it's just a matter of time..

 

[OlivierM]

I have installed all the driver proposed in the link you send me, and re launched driver verifier.
Still blue screen with amdkmpfd.sys.
Is there any solution to uninstall it safely?

 

[kemical]

Hi,
Please download the Display driver uninstaller found here:
Link Removed
This will remove any old bits of AMD driver left hanging around including amdkmpfd.sys. I should mention that you'll need to use it in safe mode.

Then navigate to your support page for your laptop and download the gpu driver for AMD. You won't find one under Windows 10 but you can of course use the driver found under the Windows 8.1 section.
Téléchargements de logiciels et de pilotes HP pour les imprimantes HP, ordinateurs portables, ordinateurs de bureau, etc. | Assistance clientèle HP®

I know it's possible to use drivers directly from AMD but in this instance it's perhaps better to use HP's versions first. If things work out you can always experiment with other versions later.

 

[OlivierM]

THere is something i don't understand. i have used the tool "display driver uninstaller" in safe mode, and i have relaunch driver verifier. and i have still amdkmpfd.sys BSOD. then this file is still on the computer. is there an explanation?

 

[kemical]

I would now wait and see if the machine actually bsod's on it's own. As I said above sometimes the verifier can induce drivers to bsod when normally they wouldn't.
Also debugging can often be a long process so don't give up heart as we will eventually find the culprit.

I also need to see any new dump files so please post them.
(that includes any created by using the verifier)

 

[OlivierM]

OK i'll keep you informed. thanks a lot again.