GSOD at login

[Don Ivie]

Every time I try to login to my machine I get a GSOD. It happened while editing some photos. I have not made any changes to my hardware or software. I've tried the usual stuff like sfc and chkdsk, even dism but no luck.

Can someone please take a look at my minidump file and see if you can point me in the right direction? THANKS!!

Crash Dump Analysis provided by OSR Open Systems Resources, Inc. (http://www.osr.com)
Online Crash Dump Analysis Service
See http://www.osronline.com for more information
Windows 8 Kernel Version 17074 MP (6 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 17074.1002.amd64fre.rs_prerelease_flt.180116-1539
Machine Name:
Kernel base = 0xfffff802`3de90000 PsLoadedModuleList = 0xfffff802`3e223170
Debug session time: Tue Mar 6 09:25:24.403 2018 (UTC - 5:00)
System Uptime: 0 days 0:05:12.136
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff8023e386e8b, Address of the instruction which caused the bugcheck
Arg3: fffff007ff339250, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.

Debugging Details:
------------------

TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\modclass.ini, error 2

OVERLAPPED_MODULE: Address regions for 'srv2' and 'dump_storpor' overlap

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".

FAULTING_IP:
nt!HvpRemapAndEnlistHiveBins+73
fffff802`3e386e8b 4c8b7008 mov r14,qword ptr [rax+8]

CONTEXT: fffff007ff339250 -- (.cxr 0xfffff007ff339250)
rax=0000000000000000 rbx=00000000008d0000 rcx=ffffad002ac53000
rdx=00000000008d0000 rsi=ffffad002ac53000 rdi=00000000008d0000
rip=fffff8023e386e8b rsp=fffff007ff339c50 rbp=00000000008fb000
r8=00000000008d0000 r9=00000000008d0000 r10=00000000008cf0c0
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000008100000 r15=0000000000011000
iopl=0 nv up ei pl zr na po nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010246
nt!HvpRemapAndEnlistHiveBins+0x73:
fffff802`3e386e8b 4c8b7008 mov r14,qword ptr [rax+8] ds:002b:00000000`00000008=????????????????
Resetting default scope

DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT

BUGCHECK_STR: 0x3B

PROCESS_NAME: Registry

CURRENT_IRQL: 0

LAST_CONTROL_TRANSFER: from fffff8023e3daf07 to fffff8023e386e8b

STACK_TEXT:
fffff007`ff339c50 fffff802`3e3daf07 : 00000000`008d0000 00000000`00000000 00000000`08100000 00000000`00000000 : nt!HvpRemapAndEnlistHiveBins+0x73
fffff007`ff339cd0 fffff802`3e2fe0f4 : ffffad00`28579b08 01d3b556`f7262a72 ffffad00`2ac53000 ffffad00`2ac53000 : nt!HvLoadHive+0x4ef
fffff007`ff339e10 fffff802`3e2fd558 : 00000000`00000000 fffff007`ff339f80 ffffad00`2ac53000 00000000`00000001 : nt!HvHiveStartFileBacked+0x2cc
fffff007`ff339e80 fffff802`3e3ae867 : 00000000`00000000 fffff802`0000006c fffff007`ff33a1a0 00000000`00000000 : nt!CmpCreateHive+0x5e8
fffff007`ff33a0a0 fffff802`3e33bdb0 : fffff007`ff33a59c 00000000`00000000 fffff007`00000008 00000000`00000000 : nt!CmpInitHiveFromFile+0x4db
fffff007`ff33a2d0 fffff802`3e436482 : fffff007`ff33a788 fffff007`ff33a460 fffff007`ff33a800 00000000`00000000 : nt!CmpCmdHiveOpen+0xbc
fffff007`ff33a360 fffff802`3e3ac2f7 : 00000000`00000000 fffff007`00000800 00000000`00000000 00000000`00000001 : nt!CmLoadKey+0x23a
fffff007`ff33a6c0 fffff802`3e3ab91d : 00000002`00000000 00000003`00000000 ffffd986`dcaaf000 00000000`00000000 : nt!CmLoadDifferencingKey+0x9cf
fffff007`ff33aa20 fffff802`3e04e883 : 00000000`000003ec fffff802`3e35ed0b 00000272`58069900 00000272`58106d20 : nt!NtLoadKeyEx+0x4d
fffff007`ff33aa90 00007ffd`2ad7f544 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000092`4ccfe408 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7ffd`2ad7f544


FOLLOWUP_IP:
nt!HvpRemapAndEnlistHiveBins+73
fffff802`3e386e8b 4c8b7008 mov r14,qword ptr [rax+8]

SYMBOL_STACK_INDEX: 0

SYMBOL_NAME: nt!HvpRemapAndEnlistHiveBins+73

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: nt

IMAGE_NAME: ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP: 5a5eb3c1

STACK_COMMAND: .cxr 0xfffff007ff339250 ; kb

FAILURE_BUCKET_ID: X64_0x3B_nt!HvpRemapAndEnlistHiveBins+73

BUCKET_ID: X64_0x3B_nt!HvpRemapAndEnlistHiveBins+73

Followup: MachineOwner
---------

 

[Colif]

GSOD? Its Green? I didn't know they changed its colour from blue as of the Creators edition...

can you upload the minidump to a file sharing site and show link here?

ntkrnlmp.exe = NT Kernel Multi Processor, its part of the Windows Kernel.

you on the insider preview build as well, so that could be part of it too.

 

[Don Ivie]

GSOD? Its Green? I didn't know they changed its colour from blue as of the Creators edition...

can you upload the minidump to a file sharing site and show link here?

ntkrnlmp.exe = NT Kernel Multi Processor, its part of the Windows Kernel.

you on the insider preview build as well, so that could be part of it too.

Yes, preview version is green 🙂 I'll upload the actual .dmp file when I get home tonight. I've been running the insider preview version since it's inception nearly 4 years ago but I am in the slow ring so not much different than a regular user. Remember, everything was fine until my computer froze and I had no choice but to power cycle. This can only mean something has been corrupted. What I'm trying to do is narrow down the possibilities hoping that the dump file might lead us to an answer.

One bit of progress last night, I was able to activate the Administrator acct so I can finally get into a fully workable Windows environment. However, having left my computer on at the desktop last night - I woke up to the same GSOD and System-Service-Exception this morning not to mention I still cannot access my original profile.

Thanks!

 

[Colif]

I looked up

FAULTING_IP:
nt!HvpRemapAndEnlistHiveBins+73

in google and found this which is same error code in a previous insider build - https://answers.microsoft.com/en-us/insider/forum/insider_wintp-insider_repair-insiderplat_pc/windows-boots-up-but-gsods-on-user-login/3766dba7-b422-4134-831b-afee259baeba and the answer in that one was a reset using the ISO

Green screens show a fault in the OS, Red is for graphics card problems, and BLUE which can be drivers/software. Seem MS color coding them to make it easier to figure out in the long term