Jump to content


BSOD Kernel Dump Expert
  • Content Count

  • Joined

  • Last visited

1 Follower

About usasma

  • Rank
    BSOD Kernel Dump Expert

Contact Methods

  • Website URL

Profile Information

  • Location
    At home in front of my computer
  • Interests
    Computers - naturally! :0)

Recent Profile Visitors

6,166 profile views
  1. usasma

    BSOD with tcpip.sys

    Thanks for the kind words! I hope that you don't have any further problems with this - but if you do, we'll be here!
  2. usasma

    BSOD with tcpip.sys

    Daemon Tools drivers date from 2015 - that's very old for a known problem program I suggest uninstalling that program. If you MUST keep it, then be sure to get the latest available version. Older versions on Daemon Tools were known to spit out BSOD's quite frequently. I haven't seen many recently (but haven't been as active in BSOD analysis as I used to be). Also, as you get time, please run these free hardware diagnostics: http://www.carrona.org/hwdiag.html I don't strongly suspect a hardware issue - but it is a possibility (seen sometimes with the MEMORY_CORRUPTION_ONE_BYTE Failure Bucket ID) Analysis: The following is for information purposes only. The following information contains the relevant information from the blue screen analysis: **************************Thu Oct 11 22:36:51.096 2018 (UTC - 4:00)************************** Loading Dump File [C:\Users\john\SysnativeBSODApps\101218-10984-01.dmp] Windows 10 Kernel Version 17763 MP (12 procs) Free x64 Built by: 17763.1.amd64fre.rs5_release.180914-1434 System Uptime:0 days 7:28:03.639 *** WARNING: Unable to verify timestamp for mwac.sys *** ERROR: Module load completed but symbols could not be loaded for mwac.sys Probably caused by :memory_corruption BugCheck D1, {a8, 2, 0, fffff8016ca79790} BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1) Arguments: Arg1: 00000000000000a8, memory referenced Arg2: 0000000000000002, IRQL Arg3: 0000000000000000, value 0 = read operation, 1 = write operation Arg4: fffff8016ca79790, address which referenced memory BUGCHECK_STR: AV DEFAULT_BUCKET_ID: CODE_CORRUPTION PROCESS_NAME: MBAMService.exe FAILURE_BUCKET_ID: MEMORY_CORRUPTION_ONE_BYTE ¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨`` 3rd Party Drivers: The following is for information purposes only. My recommendations were given above. The drivers that follow belong to software or devices that were not developed by Microsoft. You can find links to the driver information and where to update the drivers in the section after the code box: **************************Thu Oct 11 22:36:51.096 2018 (UTC - 4:00)************************** intelppm.sys Wed Feb 8 18:16:35 2012 (4F330253) AsIO.sys Wed Aug 22 05:54:47 2012 (5034AC67) dtlitescsibus.sys Thu Sep 24 16:17:21 2015 (56045A51) dtliteusbbus.sys Mon Dec 28 08:05:52 2015 (568133B0) athwnx.sys Tue Mar 1 03:39:03 2016 (56D55527) fltsrv.sys Thu Feb 9 13:29:52 2017 (589CB520) snapman.sys Thu Feb 9 14:33:30 2017 (589CC40A) tib.sys Thu Feb 9 18:19:35 2017 (589CF907) virtual_file.sys Thu Feb 9 18:56:13 2017 (589D019D) file_tracker.sys Thu Feb 9 19:44:21 2017 (589D0CE5) tib_mounter.sys Fri Feb 10 12:31:42 2017 (589DF8FE) e1d65x64.sys Mon Sep 25 08:45:31 2017 (59C8FA6B) idmwfp.sys Wed Feb 28 14:33:36 2018 (5A970410) TeeDriverW8x64.sys Wed Apr 11 10:46:32 2018 (5ACE1FC8) mbae64.sys Wed May 30 07:20:29 2018 (5B0E88FD) nvhda64v.sys Tue Jun 26 04:22:26 2018 (5B31F7C2) RTKVHD64.sys Thu Aug 2 04:52:59 2018 (5B62C66B) mbamswissarmy.sys Fri Aug 24 10:44:58 2018 (5B8019EA) farflt.sys Tue Sep 4 09:45:39 2018 (5B8E8C83) mbam.sys Thu Sep 6 17:08:30 2018 (5B91974E) mwac.sys Wed Sep 12 17:28:27 2018 (5B9984FB) nvlddmkm.sys Tue Oct 2 01:26:43 2018 (5BB30193) dump_dumpstorport.sys Wed Jul 7 01:29:40 2021 (60E53BC4) SgrmAgent.sys ***** Invalid 2018 Invalid 2018 Invalid afunix.sys ***** Invalid 1975 Invalid 1975 Invalid dump_stornvme.sys ***** Invalid 2021 Invalid 2021 Invalid winquic.sys ***** Invalid 2013 Invalid 2013 Invalid http://www.carrona.org/drivers/driver.php?id=intelppm.sys http://www.carrona.org/drivers/driver.php?id=AsIO.sys http://www.carrona.org/drivers/driver.php?id=dtlitescsibus.sys http://www.carrona.org/drivers/driver.php?id=dtliteusbbus.sys http://www.carrona.org/drivers/driver.php?id=athwnx.sys http://www.carrona.org/drivers/driver.php?id=fltsrv.sys http://www.carrona.org/drivers/driver.php?id=snapman.sys http://www.carrona.org/drivers/driver.php?id=tib.sys virtual_file.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed. http://www.carrona.org/drivers/driver.php?id=file_tracker.sys http://www.carrona.org/drivers/driver.php?id=tib_mounter.sys http://www.carrona.org/drivers/driver.php?id=e1d65x64.sys http://www.carrona.org/drivers/driver.php?id=idmwfp.sys http://www.carrona.org/drivers/driver.php?id=TeeDriverW8x64.sys http://www.carrona.org/drivers/driver.php?id=mbae64.sys http://www.carrona.org/drivers/driver.php?id=nvhda64v.sys http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys http://www.carrona.org/drivers/driver.php?id=mbamswissarmy.sys http://www.carrona.org/drivers/driver.php?id=farflt.sys http://www.carrona.org/drivers/driver.php?id=mbam.sys http://www.carrona.org/drivers/driver.php?id=mwac.sys http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys dump_dumpstorport.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed. SgrmAgent.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed. afunix.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed. dump_stornvme.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed. winquic.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
  3. usasma

    BSOD with tcpip.sys

    I’m not an official MalwareBytes person, I’m just a volunteer here. IMO, the mwac.sys driver is a very delicate driver that is also very complicated in its functions. As a consequence, the slightest instability in another driver is a recipe for disaster. Finally, as technology matures, we’re finding more and more programs that install drivers and interact with the internet/network As such, the more one asks from their system, the more chance there is for instabilities with the system. When I first started doing this, BSOD’s were fairly easy to isolate a single driver as a cause. Again, as technology has matured, BSOD’s have also become more complicated and we’re now finding that interactions between drivers (causing BSOD’s) are becoming much more common.
  4. usasma

    BSOD with tcpip.sys

    This message simply means that the symbol server (at Microsoft) doesn't contain symbols for mwac.sys (a MalwareBytes driver) If the BSOD's are recurring, then try: - ensuring that you have the latest version of MalwareBytes installed and that it is fully updated. - disabling the web protection component of MalwareBytes (if updating doesn't stop the BSOD's) This can be caused by older versions of MalwareBytes, or by other 3rd party drivers that aren't able to work well with MalwareBytes If the BSOD's still continue, Please run this report collecting tool so that we can provide a complete analysis: (from the pinned topic at the top of the forum): https://forums.malwarebytes.org/topic/170037-blue-screen-of-death-bsod-posting-instructions-windows-10-81-8-7-vista/ FYI - I don't often use the Perfmon report, so if it doesn't work please just let me know. NOTE: On problem systems it can take up to 20 minutes for the log files to complete. Please be patient and let it run. If you still have problems with it running, there's an alternate tool here (direct download link): https://github.com/blueelvis/BSOD-Inspector/releases/download/1.0.5/BSODInspector-1.0.5.exe NOTE: Please zip up the (.ZIP) files - do not use .RAR, .7z or other compression utilities. .ZIP is the type file that can be uploaded to the forums.
  5. I'd suggest posting over in the MalwareBytes 3 help forum: https://forums.malwarebytes.com/forum/41-malwarebytes-3-support-forum/ OR the Malware help forums: https://forums.malwarebytes.com/forum/7-windows-malware-removal-help-support/ Good luck!
  6. Please start your own topic. I get notified of new posts in this forum - so I'll reply there. Include your system specs in the new topic - to include what OS the system originally came with. That'll give us a better idea of how to get started
  7. I would suggest that you start another topic just for your problem. It's a bit confusing after reading the entire previous posts in this topic - and while problems may seem the same, there's often differences that aren't readily visible in the beginning. Meanwhile, if you can't get the system to boot to USB - can you boot to a CD/DVD? if you set the system to boot from USB first, then it tries to boot to Windows - that means that the system is skipping the boot from USB part. This is either a problem with the system, or a problem with the USB's ability to boot. I'd suggest trying to boot from the USB on another computer - in order to verify that the USB device is setup correctly for booting. If it does boot on another system - then you have to wonder what is wrong with the hardware on your system. And, if that's the case, try troubleshooting the system this way: https://carrona.org/strpdown.html
  8. I’d think that the folks on the MawsreBytes 3 forum would be the ones to suggest Vista compatible versions try disabling web protection - that’s the most common thing that seems to workaround the problem (that I’ve seen) ive been running W10 since it first came out - and have had few problems with it. Good luck!
  9. usasma

    Pls help

    I cant move it. Don’t have the permissions to do so. I suggest you just leave this and start another post in that forum if youre dead set on deleting this post, send a medsage to a moderator or admin
  10. Driver verifier can run for 24 to 48 hours - it depends on the situation and the system. First try this: https://forums.malwarebytes.com/topic/231155-bsod-from-new-malwarebytes/?page=3&tab=comments#comment-1263800 I put it in a code box because the link directs to the first page - and this post is on the 3rd page. Here's the direct link for the beta: https://downloads.malwarebytes.com/file/mb3 Good luck!
  11. usasma

    Pls help

    I really don’t know a lot about the specific workings of MalwareBytes installation/ work routines. id suggest posting this over in the MalwareBytes 3 Support Forum Good luck!
  12. I would continue to work with the support team to see if they can fix it for you. Their BSOD fix is only a beta - and it may need further work to fix them all. I'm not real worried that this is a hardware problem - so, if you don't want to run the hardware tests, then don't. In most cases there's no problem with the tests: - most often there is no problem, as the system cools itself properly and doesn't overheat (85ºC is getting too warm - but (IMO) isn't sufficient to damage the system. In most cases you can actually reach 100ºC without any damage occurring. As I recall, some Intel processors are set to shut down at 105ºC (I haven't looked this up recently) - next most often is that the user sees a problem with the test and shuts it off. - next most often is that the system does overheat, but the automatic fail-safe features in the hardware cause the system to shutdown when it overheats - and then, least likely, is that the fail-safe's don't work - and the system melts down due to overheating. That's why we work cautiously with this - but I must say that I don't think that I've ever seen this in all my years working with computers (but I may have stopped it before it got this bad)>
  13. usasma

    BSOD when MBAM is Activated

    Do you still need help with this? See this topic for more info:
  14. DISCLAIMER: I am not a trained malware removal expert. I do this at work, but our resources are limited and we just don’t have the time to do thorough removals (like they do in the Malware Removal forums) That being said, I’d start with the rescue disks offered by the different anti-virus/anti-malware companies. I have a listing of some on my website, but the links haven’t been updated in years Heres’s the link: http://www.carrona.org/malware.html Please remember that the system may not be able to boot into Windows after attempting the removals. As such, I’d suggest backing up your data before trying this. Also, you may wish to make a disk image of the entire hard drive before starting - to preserve everything as it exists today.
  15. There's several different ways to handle this: - tap F11 at boot to enterthe HP Recovery Manager and restore the system to the state it was when it left the factory. You'll lose everything that's saved on the computer, so a backup is suggested before doing this. - use bootable media and portable antivirus/antimalware software to attempt to remove things from outside of Windows. Then, if you're able to boot back into Windows, you may be able to finish the scans then. - post over in the https://forums.malwarebytes.com/forum/7-windows-malware-removal-help-support/ forums for help with removing the infections/issues

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.