# SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)



## Dynex09 (Aug 28, 2009)

Hello, here's my problem, occasionally, while doing something on my computer I will hit a STOP ERROR, and I cannot even begin to determine the cause of what is going on.

I will post the dump file momentarily, but I want to get my computer spec as well as my service pack noted as well.

I'm running:
DELL XPS730x H2C
Windows Vista™ Home Premium
Intel(R) Core™ i7 CPU 965 @ 3.20 GHz
Memory/RAM: 6.00 GB
OS: 64 Bit Operating System
Graphics Card: Dual Radeon 4800 Series
Sound Card: SoundBlaster X-FI Titanium
Running on Service Pack 2

Also, I've updated everything including drivers/fixes from DELL's website and updated every possible fix that has been noted on here to put an end to these stop errors but still no avail, all my drivers are up-to-date.

So here is the mini dump.

BugCheck 1000007E, {ffffffffc0000005, fffff80002797422, fffffa600a5ef878, fffffa600a5ef250}

Probably caused by : ntkrnlmp.exe ( nt!PfTGetLogEntryInfo+75 )

Followup: MachineOwner
---------

```
5: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003.  This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG.  This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG.  This will let us see why this breakpoint is
happening.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff80002797422, The address that the exception occurred at
Arg3: fffffa600a5ef878, Exception Record Address
Arg4: fffffa600a5ef250, Context Record Address

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
nt!PfTGetLogEntryInfo+75
fffff800`02797422 488b4e10        mov     rcx,qword ptr [rsi+10h]

EXCEPTION_RECORD:  fffffa600a5ef878 -- (.exr 0xfffffa600a5ef878)
ExceptionAddress: fffff80002797422 (nt!PfTGetLogEntryInfo+0x0000000000000075)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: ffffffffffffffff
Attempt to read from address ffffffffffffffff

CONTEXT:  fffffa600a5ef250 -- (.cxr 0xfffffa600a5ef250)
rax=fffff8800bd5eeb8 rbx=fffffa600a5efb80 rcx=0000000000000bd1
rdx=0000000000006000 rsi=fffffa600a5efb00 rdi=0000000000000002
rip=fffff80002797422 rsp=fffffa600a5efab0 rbp=0000000000000002
 r8=0000000000006800  r9=fffff8800bd59000 r10=000000000000625d
r11=fffffa600a5efb00 r12=0000000000000121 r13=fffff8800bd0c000
r14=fffff88014847010 r15=0000000000000122
iopl=0         nv up ei ng nz na po nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010286
nt!PfTGetLogEntryInfo+0x75:
fffff800`02797422 488b4e10        mov     rcx,qword ptr [rsi+10h] ds:002b:fffffa60`0a5efb10=fffff8800bd59000
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  System

CURRENT_IRQL:  0

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1:  0000000000000000

EXCEPTION_PARAMETER2:  ffffffffffffffff

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002671080
 ffffffffffffffff 

FOLLOWUP_IP: 
nt!PfTGetLogEntryInfo+75
fffff800`02797422 488b4e10        mov     rcx,qword ptr [rsi+10h]

BUGCHECK_STR:  0x7E

LAST_CONTROL_TRANSFER:  from fffff80002819aca to fffff80002797422

STACK_TEXT:  
fffffa60`0a5efab0 fffff800`02819aca : 00000000`00000000 fffff880`14848238 fffff880`14848218 fffff800`00000000 : nt!PfTGetLogEntryInfo+0x75
fffffa60`0a5efae0 fffff800`02863080 : fffffa60`0a5efc20 fffff880`0bd0c018 00000000`0002a000 fffff880`14847000 : nt!PfTCreateTraceDump+0x33c
fffffa60`0a5efbf0 fffff800`028631c3 : fffffa80`05d11001 00000000`00000080 fffff800`025c6cc8 fffff800`00000000 : nt!PfTGenerateTrace+0x10
fffffa60`0a5efc20 fffff800`026aef37 : ffffffff`ff676980 fffffa80`05d11060 fffffa60`07568340 00000000`036d6b01 : nt!PfTLoggingWorker+0x113
fffffa60`0a5efd50 fffff800`024e1616 : fffffa60`01ab5180 fffffa80`05d11060 fffffa60`01abed40 fffffa60`01ab57f0 : nt!PspSystemThreadStartup+0x57
fffffa60`0a5efd80 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiStartSystemThread+0x16


SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!PfTGetLogEntryInfo+75

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  49e0237f

STACK_COMMAND:  .cxr 0xfffffa600a5ef250 ; kb

FAILURE_BUCKET_ID:  X64_0x7E_nt!PfTGetLogEntryInfo+75

BUCKET_ID:  X64_0x7E_nt!PfTGetLogEntryInfo+75

Followup: MachineOwner
---------
```
If there is anyone who may know anything about this at all, or has purchased the same system it would be much easier than going through the customer service representatives of DELL.


----------



## DT Roberts (Jun 22, 2009)

Please follow the instructions here: http://www.techsupportforum.com/1871981-post2.html. This will help to better determine the problem.


----------



## htucker (Aug 27, 2009)

Possibly you are looking for this?

http://www.techsupportforum.com/f217/bsods-in-64-bit-vista-408946.html#post2315837

There is a link around here somewhere for a guide.

Good luck!


----------



## DT Roberts (Jun 22, 2009)

Can't be sure that's his problem until it's verified that he downloaded that update. The link in my post will help determine that.


----------



## Dynex09 (Aug 28, 2009)

As requested, here is the system information.


----------



## DT Roberts (Jun 22, 2009)

Go to a command prompt (Start>type "CMD">Right-click it and select Run as Administrator) and run *sfc /scannow*. This is the System File Checker, and it will attempt repairs on corrupted system files. Please let us know how it goes.


----------



## Dynex09 (Aug 28, 2009)

Thank you, I'm performing one right now. Also, some interesting information. I removed my RAM and cleaned them off, and I ran into another BSOD, but this time it gave me a specific file name, dealing with McAfee™, I'll code the dump information.


```
UNEXPECTED_KERNEL_MODE_TRAP (7f)
This means a trap occurred in kernel mode, and it's a trap of a kind
that the kernel isn't allowed to have/catch (bound trap) or that
is always instant death (double fault).  The first number in the
bugcheck params is the number of the trap (8 = double fault, etc)
Consult an Intel x86 family manual to learn more about what these
traps are. Here is a *portion* of those codes:
If kv shows a taskGate
        use .tss on the part before the colon, then kv.
Else if kv shows a trapframe
        use .trap on that value
Else
        .trap on the appropriate frame will show where the trap was taken
        (on x86, this will be the ebp that goes with the procedure KiTrap)
Endif
kb will then show the corrected stack.
Arguments:
Arg1: 0000000000000008, EXCEPTION_DOUBLE_FAULT
Arg2: 0000000080050033
Arg3: 00000000000006f8
Arg4: fffffa6005af0b9b

Debugging Details:
------------------


BUGCHECK_STR:  0x7f_8

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  nmctxth.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from fffff800024691ee to fffff80002469450

STACK_TEXT:  
fffffa60`01abaa68 fffff800`024691ee : 00000000`0000007f 00000000`00000008 00000000`80050033 00000000`000006f8 : nt!KeBugCheckEx
fffffa60`01abaa70 fffff800`02467a38 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x6e
fffffa60`01ababb0 fffffa60`05af0b9b : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDoubleFaultAbort+0xb8
ffffffff`fffffff8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : mfehidk+0x7b9b


STACK_COMMAND:  kb

FOLLOWUP_IP: 
mfehidk+7b9b
fffffa60`05af0b9b ??              ???

SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  mfehidk+7b9b

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: mfehidk

IMAGE_NAME:  mfehidk.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  49ba83de

FAILURE_BUCKET_ID:  X64_0x7f_8_mfehidk+7b9b

BUCKET_ID:  X64_0x7f_8_mfehidk+7b9b

Followup: MachineOwner
```
EDIT: Also, I finished my system check, it found the files but wasn't able to fix them, and for some reason access is denied for me when I try to open the log. I'm stumped.


----------



## DT Roberts (Jun 22, 2009)

According to http://msdn.microsoft.com/en-us/library/ms795478.aspx ....



> *Bug check 0x7F typically occurs after you install a faulty or mismatched hardware (especially memory) or if installed hardware fails.
> *
> A double fault can occur when the kernel stack overflows. This overflow occurs if multiple drivers are attached to the same stack. For example, if two file system filter drivers are attached to the same stack and then the file system recurses back in, the stack overflows.


How did you clean the RAM?


----------



## Dynex09 (Aug 28, 2009)

Very carefully, using a plain white cloth, just wiping away the dust, kept my fingers on boths sides of the circuit board. As Dell instructed.


----------



## DT Roberts (Jun 22, 2009)

I'm unsure of this. You may have damaged the contacts on the bottom... Not to say that you're lying or anything, but they are VERY fragile...

Try reinstalling the memory. Did you install any other hardware?


----------



## Dynex09 (Aug 28, 2009)

How would I reinstall the memory? And no, I did not. However, it is the first time I've seen this mfe.sys ever before and I've seen other people via Google with this problem. However, maybe it is because I may have messed up the memory, but the odd thing is, I don't recieve the BSOD everytime I start up, I'm not betting it's random, I'm just enlightening. Although, I was very careful. When I went on remoteassist with him, he informed me to do this, as well as try removing a RAM stick from my computer.


----------



## DT Roberts (Jun 22, 2009)

Ya see...Dell is Dell. Their tech support is neither the most knowledgeable of helpful. I'm not saying that it's completely wrong to clean the RAM, but it would be safer with compressed air.

Please download and run memtest86, available here: www.memtest86.com

In order to run it, you need to burn it to a CD or DVD with an ISO burner and boot the computer with it. If you don't have an ISO burner, you can get one here: www.imgburn.com


----------



## Dynex09 (Aug 28, 2009)

I have several cannisters of compressed air, I use them to get most of the dust out of the fans, every week or so, I'll make sure to be more careful and try to get them with the RAM, I'll make sure to keep you updated after I do my memtest, thank you very much.

EDIT: As far as Dell goes, I'll be coming to you guys with my more complicated questions, I don't have to wait in a queue and there's a much more knoweledgable database with problems similiar to my own. Not to be an annoyance, I'm just tired of waiting two hours in queue at number 9, then have him delete my dump files, and some windows updates and give me information that's insufficient.


----------



## DT Roberts (Jun 22, 2009)

Sure, glad to help. Keep me posted.


----------



## htucker (Aug 27, 2009)

I’ve had a similar issue with Symantec. BSOD, then dumps referring to a driver file associated with it. The solution was to boot into safe mode, disable all Symantec processes and startup items using msconfig, reboot into normal mode and uninstall Symantec, reboot back into normal mode and reinstall Symantec. (Symantec won’t let you uninstall it from safe mode, if McAfee will let you uninstall it in safe mode then do that and reboot then install in normal mode)

This looks very similar to that issue.

Good luck!


----------

