Windows 10: exfat.sys BSOD Caused by SysmonDRV

Discus and support exfat.sys BSOD Caused by SysmonDRV in Windows 10 Drivers and Hardware to solve the problem; Hi there, I Have been getting a BSOD without too much details, whenever deleting a file on a USB Device. I have sysmon installed on my computer, for... Discussion in 'Windows 10 Drivers and Hardware' started by SamuelFreeman, Sep 17, 2020.

  1. SAMUELFREEMAN
    SamuelFreeman Win User

    exfat.sys BSOD Caused by SysmonDRV


    Hi there,


    I Have been getting a BSOD without too much details, whenever deleting a file on a USB Device. I have sysmon installed on my computer, for the extra event logging. After looking at the BSOD, I have found the suspected culprit as below. This is for a private computer that is not domain joined. It is running Windows 10 20.04 Build 19041.508


    Microsoft R Windows Debugger Version 10.0.20153.1000 AMD64Copyright c Microsoft Corporation. All rights reserved.Loading Dump File [C:\091720-7250-01.dmp]Mini Kernel Dump File: Only registers and stack trace are availableSymbol search path is: srv*Executable search path is: Windows 10 Kernel Version 19041 MP 8 procs Free x64Product: WinNt, suite: TerminalServer SingleUserTSEdition build lab: 19041.1.amd64fre.vb_release.191206-1406Machine Name:Kernel base = 0xfffff801`39200000 PsLoadedModuleList = 0xfffff801`39e2a310Debug session time: Thu Sep 17 19:55:18.093 2020 UTC + 9:30System Uptime: 0 days 0:00:43.730Loading Kernel Symbols............................................................................................................................................................................................................................Loading User SymbolsLoading unloaded module list.........For analysis of this file, run !analyze -vnt!KeBugCheckEx:fffff801`395f3ea0 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:ffffc58a`df990870=000000000000003b4: kd> !analyze -v******************************************************************************** ** Bugcheck Analysis ** ********************************************************************************SYSTEM_SERVICE_EXCEPTION 3bAn exception happened while executing a system service routine.Arguments:Arg1: 00000000c0000005, Exception code that caused the bugcheckArg2: fffff80151d9a7f2, Address of the instruction which caused the bugcheckArg3: ffffc58adf991170, Address of the context record for the exception that caused the bugcheckArg4: 0000000000000000, zero.Debugging Details:------------------*** WARNING: Unable to verify timestamp for SysmonDrv.sysKEY_VALUES_STRING: 1 Key : Analysis.CPU.mSec Value: 3311 Key : Analysis.DebugAnalysisProvider.CPP Value: Create: 8007007e on WOLFPACK-4 Key : Analysis.DebugData Value: CreateObject Key : Analysis.DebugModel Value: CreateObject Key : Analysis.Elapsed.mSec Value: 33150 Key : Analysis.Memory.CommitPeak.Mb Value: 84 Key : Analysis.System Value: CreateObject Key : WER.OS.Branch Value: vb_release Key : WER.OS.Timestamp Value: 2019-12-06T14:06:00Z Key : WER.OS.Version Value: 10.0.19041.1ADDITIONAL_XML: 1OS_BUILD_LAYERS: 1BUGCHECK_CODE: 3bBUGCHECK_P1: c0000005BUGCHECK_P2: fffff80151d9a7f2BUGCHECK_P3: ffffc58adf991170BUGCHECK_P4: 0CONTEXT: ffffc58adf991170 -- .cxr 0xffffc58adf991170rax=0000000000000d02 rbx=ffff9c82c9a19010 rcx=ffff9c82c972ee08rdx=ffff9c82c972ea20 rsi=0000000000000000 rdi=ffff9c82c972ea20rip=fffff80151d9a7f2 rsp=ffffc58adf991b70 rbp=0000000000000008 r8=0000000000000003 r9=ffff9c82c2f6d6f0 r10=fffff801394ddad0r11=0000000000000000 r12=0000000000010000 r13=0000000000000000r14=ffff9c82c972ee50 r15=0000000000000000iopl=0 nv up ei pl nz na pe nccs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00050202exfat!FppFsdRead+0x52:fffff801`51d9a7f2 663906 cmp word ptr [rsi],ax ds:002b:00000000`00000000=????Resetting default scopeBLACKBOXBSD: 1 !blackboxbsdBLACKBOXNTFS: 1 !blackboxntfsBLACKBOXPNP: 1 !blackboxpnpBLACKBOXWINLOGON: 1CUSTOMER_CRASH_COUNT: 1PROCESS_NAME: explorer.exeSTACK_TEXT: ffffc58a`df991b70 fffff801`394d1f35 : ffff9c82`c972ea20 ffff9c82`c972ea20 ffff9c82`c2f8c8a8 00000000`00000000 : exfat!FppFsdRead+0x52ffffc58a`df991c00 fffff801`37516ccf : 00000000`00000000 ffffc58a`df991cd0 ffff9c82`c2f8c8a8 fffff801`37515b37 : nt!IofCallDriver+0x55ffffc58a`df991c40 fffff801`37518266 : ffffc58a`df991cd0 00000000`00000000 ffff9c82`c9a190f8 ffff9c82`c9a190f8 : FLTMGR!FltpLegacyProcessingAfterPreCallbacksCompleted+0x28fffffc58a`df991cb0 fffff801`3751ef0e : ffff9c82`c9a19010 00000000`00000000 ffffc58a`df991e01 00000000`00000000 : FLTMGR!FltPerformSynchronousIo+0x2e6ffffc58a`df991d50 fffff801`375110d1 : 00000000`00000001 00000000`00000000 00000000`00000006 fffff801`39bb2094 : FLTMGR!FltReadFileEx+0xde2effffc58a`df991e50 fffff801`3e1726f2 : 00000000`00000000 ffffc58a`df9920e8 ffffc58a`df9920e8 ffffc58a`00000000 : FLTMGR!FltReadFile+0x51ffffc58a`df991ec0 00000000`00000000 : ffffc58a`df9920e8 ffffc58a`df9920e8 ffffc58a`00000000 ffffc58a`df991f14 : SysmonDrv+0x26f2SYMBOL_NAME: exfat!FppFsdRead+52MODULE_NAME: exfatIMAGE_NAME: exfat.SYSIMAGE_VERSION: 10.0.19041.208STACK_COMMAND: .cxr 0xffffc58adf991170 ; kbBUCKET_ID_FUNC_OFFSET: 52FAILURE_BUCKET_ID: 0x3B_c0000005_exfat!FppFsdReadOS_VERSION: 10.0.19041.1BUILDLAB_STR: vb_releaseOSPLATFORM_TYPE: x64OSNAME: Windows 10FAILURE_ID_HASH: {6e388312-ee39-c121-1684-51183ec317b2}Followup: MachineOwner---------

    :)
     
    SamuelFreeman, Sep 17, 2020
    #1
  2. HORUS-3-ECHO
    Horus-3-Echo Win User

    QCAMAIN1.SYS CAUSING BSOD

    This was probably caused by the following module:
    qcamain1.sys (Qcamain10x64+0x108678)

    Bugcheck code: 0x1D3 (0x333, 0x0, 0x0, 0x0)

    Error: CUSTOM_ERROR

    A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: qcamain1.sys .

    Google query: qcamain1.sys CUSTOM_ERROR

    Using WhoCrashed I found this thread: QCAMAIN1.SYS CAUSING BSOD (Code 37 Error) however without
    solution, locked.

    I did get BSOD almost everytime I moved the laptop.

    This worked for me:

    unscrew wifi module, push a little into the socket. Screw in. DONE
     
    Horus-3-Echo, Sep 17, 2020
    #2
  3. INTERESTINGKID005140
    interestingkid005140 Win User
    wdf01000.sys and ntoskrnl.exe BSOD

    I'm on Windows 10, 64bit

    Basically, whenever I try to update my LPC controller through Device Manager, BSOD with WDF_VIOLATION occurs (culprit being wdf01000.sys)

    So I try to use the driver verifier to see which driver is causing the BSOD, but then it causes BSOD (cultprit being ntoskrnl.exe)

    Have no idea which driver is causing them

    Please help!

    Here are my list of drivers and system info: Microsoft OneDrive - Access files anywhere. Create docs with free Office Online.
     
    interestingkid005140, Sep 17, 2020
    #3
  4. MARQUE LOR
    Marque Lor Win User

    exfat.sys BSOD Caused by SysmonDRV

    Formating to exFAT

    Hi Taylor,

    If you want to format an external hard drive or USB flash drive in exFAT, you can follow these steps:



    • Press and hold Windows key + x on your keyboard. This open the context menu.
    • Select Command Prompt (Admin).
    • Type format g: /FS:exFAT and then Enter to begin formatting the G drive as exFAT
    For any query, feel free to reach us.
     
    Marque Lor, Sep 17, 2020
    #4
Thema:

exfat.sys BSOD Caused by SysmonDRV

Loading...

  1. exfat.sys BSOD Caused by SysmonDRV - Similar Threads - exfat sys BSOD

  2. BSOD caused by rtwlane601.sys?

    in Windows 10 Gaming
    BSOD caused by rtwlane601.sys?: Hi everyone,I seem to have been experiencing frequent Kernel Mode Heap Corruption BSODs and have already tried a few things but to no avail. Was hoping someone can help. System is relatively new, about 5 months old and wishing it isn't a hardware issue. Started experiencing...

  3. BSOD caused by rtwlane601.sys?

    in Windows 10 Software and Apps
    BSOD caused by rtwlane601.sys?: Hi everyone,I seem to have been experiencing frequent Kernel Mode Heap Corruption BSODs and have already tried a few things but to no avail. Was hoping someone can help. System is relatively new, about 5 months old and wishing it isn't a hardware issue. Started experiencing...

  4. BSOD caused by watchdog.sys and dxgmms2.sys

    in Windows 10 Software and Apps
    BSOD caused by watchdog.sys and dxgmms2.sys: Greetings, fellow Windows users!Yesterday, my computer had its BSOD while I'm using Adobe Premiere which was apparently caused by watchdog.sys and dxgmms2.sys.Here is a link to the dmp file: https://1drv.ms/u/s!AmT-xQXftxFWgiKU88vH7tRulzda?e=33kqdQThanks for any further help...

  5. BSOD caused by dxgmms2.sys and watchdog.sys

    in Windows 10 Software and Apps
    BSOD caused by dxgmms2.sys and watchdog.sys: I've tried reverting graphics drivers, windows updates, updating BIOS, resetting windows and other recommended methods such as chkdsk and DISM. I would like some confirmation on my issue being potentially video card related. Another pair of eyes/insight is the goal of this...

  6. BSOD caused by netwtw10.sys

    in Windows 10 Drivers and Hardware
    BSOD caused by netwtw10.sys: From a couple of days ago my machine has been frequently BSOD and showing the error to be caused by netwtw10.sys. I have attempted to reinstall network drivers, reset machine with content, reset to factory and the issue has persisted through all the changes I made. In...

  7. QCAMAIN1.SYS CAUSING BSOD

    in Windows 10 BSOD Crashes and Debugging
    QCAMAIN1.SYS CAUSING BSOD: This was probably caused by the following module: qcamain1.sys Qcamain10x64+0x108678 Bugcheck code: 0x1D3 0x333, 0x0, 0x0, 0x0 Error: CUSTOM_ERROR A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for...

  8. BSOD caused by Dot4.sys

    in Windows 10 BSOD Crashes and Debugging
    BSOD caused by Dot4.sys: I have a BSOD problem caused by Dot4.sys very often but I have no idea what is causing it. SYSTEM_SERVICE_EXCEPTION Dot4.sys+e23f IEEE-1284.4-1999 Driver Windows (R) Win 7 DDK driver Windows (R) Win 7 DDK provider 6.1.7600.16385 built by: WinDDK x64 ntoskrnl.exe+1aab90

  9. BSOD caused by QCamain10x64.sys and IntelHaxm.sys

    in Windows 10 BSOD Crashes and Debugging
    BSOD caused by QCamain10x64.sys and IntelHaxm.sys: My laptop crashed with STOP code DEVICE_IRQL_NOT_LESS_OR_EQUAL, stating that QCamain10x64.sys had failed, which according to Google, is the driver of my laptop's wireless adapter. Just to make sure before attempting to reinstall the driver via device manager, I saw this wiki...

  10. Random BSODs caused by cm11264.sys.

    in Windows 10 BSOD Crashes and Debugging
    Random BSODs caused by cm11264.sys.: Hi, i recently started having issues with my computer crashing. I will provide the dump files. I've looked up what cm11264.sys was connected to and it was my pair of Sennheiser 363d. I have since then tried multiple driver versions, and now have switched to a different port....