Jump to content

BSOD - multiple with MBAM :(


Recommended Posts

Please check for Windows Updates.  Your systeminfo.txt shows 250 hotfixes, and most W7SP1 systems have 350 or more.
Don't worry about the exact number.  Just be sure to check for updates, get any available updates, and ensure that don't get any errors while checking or installing.

 

E: drive has about 8% free space.  Windows likes 15% free space on ALL drives (you can get away with 10% on larger drives).
Please free up space on this drive.

 

I have seen issues between BitDefender and MalwareBytes.  Other posts here will show suggestions about disabling certain functions in BitDefender.
Still others will suggest reverting to BitDefender 2015.  My suggestion is to stop MalwareBytes from loading with Windows - if it's not resident in memory, it won't cause a conflict with BitDefender.

 

It appears that the new forum software won't allow me to paste the results of the BSOD analysis.  I wonder what will happen as I need this function when posting?  Also, my canned speech tool won't work - I'll have to see if any posts have been made in the other forums about this.

 

 

Link to post
Share on other sites

Hi,

Thanks for answer.

I have the latest updates. Also, I can't free up more space at the third partition but I don't see reason why I should now...it's just storage with no apps installed.

You recommend that disable MBAM from start up with Windows and start it manually every time I restart system?

Reverting to BTS 2015 would be possible having licence for it...

 

Any other suggestions?

Link to post
Share on other sites

I suggest only running MalwareBytes on-demand - not loading it every time that you start Windows.
If you want to let it start with Windows, then I suggest reverting to BitDefender 2015

The point here is to keep the drivers out of memory unless you actually need them.

And yes, there are quite a few people with BItDefender/MalwareBytes problems.

Link to post
Share on other sites

Dunno what happened before, but here's the analysis:

 

Please update these older drivers. Links are included to assist in looking up the source of the drivers. If unable to find an update, please remove (un-install) the program responsible for that driver. DO NOT manually delete/rename the driver as it may make the system unbootable! :

CtClsFlt.sys                Mon Jun 15 01:06:41 2009 (4A35D6E1)
Creative Camera Class Upper Filter Driver http://support.creative.com/
http://www.carrona.org/drivers/driver.php?id=CtClsFlt.sys
 
pwdrvio.sys                 Mon Jun 15 21:43:45 2009 (4A36F8D1)
MiniTool Partition Wizard http://www.partitionwizard.com/free-partition-manager.html
http://www.carrona.org/drivers/driver.php?id=pwdrvio.sys
 

If all of this doesn't stop the BSOD's, please run Driver Verifier according to these instructions:  http://www.carrona.org/verifier.html

 


Analysis:
The following is for informational purposes only.
**************************Mon Mar 21 13:06:36.680 2016 (UTC - 4:00)**************************
Loading Dump File [C:\Users\John\SysnativeBSODApps\032116-7332-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Built by: 7601.19160.amd64fre.win7sp1_gdr.160211-0600
System Uptime: 0 days 6:02:14.882
*** WARNING: Unable to verify timestamp for mwac.sys
*** ERROR: Module load completed but symbols could not be loaded for mwac.sys
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by : NETIO.SYS ( NETIO!NetioDereferenceNetBufferList+86 )
BugCheck D1, {0, 2, 0, fffff88001e9556b}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000000, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff88001e9556b, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  mbamservice.ex
FAILURE_BUCKET_ID:  X64_0xD1_NETIO!NetioDereferenceNetBufferList+86
CPUID:        "Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz"
MaxSpeed:     2900
CurrentSpeed: 2890
  BIOS Version                  A18
  BIOS Release Date             01/18/2016
  Manufacturer                  Dell Inc.
  Product Name                  Latitude E6430
  Baseboard Product             08R94K
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Mon Mar 21 07:03:29.745 2016 (UTC - 4:00)**************************
Loading Dump File [C:\Users\John\SysnativeBSODApps\032116-7113-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Built by: 7601.19160.amd64fre.win7sp1_gdr.160211-0600
System Uptime: 0 days 3:32:16.949
*** WARNING: Unable to verify timestamp for mwac.sys
*** ERROR: Module load completed but symbols could not be loaded for mwac.sys
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by : NETIO.SYS ( NETIO!NetioDereferenceNetBufferList+86 )
BugCheck C2, {7, 109b, 4, fffffa80187349d0}
BugCheck Info: BAD_POOL_CALLER (c2)
Arguments:
Arg1: 0000000000000007, Attempt to free pool which was already freed
Arg2: 000000000000109b, (reserved)
Arg3: 0000000000000004, Memory contents of the pool block
Arg4: fffffa80187349d0, Address of the block of pool being deallocated
BUGCHECK_STR:  0xc2_7
PROCESS_NAME:  mbamservice.ex
FAILURE_BUCKET_ID:  X64_0xc2_7_NETIO!NetioDereferenceNetBufferList+86
CPUID:        "Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz"
MaxSpeed:     2900
CurrentSpeed: 2890
  BIOS Version                  A18
  BIOS Release Date             01/18/2016
  Manufacturer                  Dell Inc.
  Product Name                  Latitude E6430
  Baseboard Product             08R94K
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Mar 20 03:54:25.546 2016 (UTC - 4:00)**************************
Loading Dump File [C:\Users\John\SysnativeBSODApps\032016-7176-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Built by: 7601.19160.amd64fre.win7sp1_gdr.160211-0600
System Uptime: 0 days 21:43:46.373
*** WARNING: Unable to verify timestamp for mwac.sys
*** ERROR: Module load completed but symbols could not be loaded for mwac.sys
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by : fwpkclnt.sys ( fwpkclnt!FwpsConstructIpHeaderForTransportPacket0+20a )
BugCheck 19, {20, fffffa80139de080, fffffa80139de0a0, 4020008}
BugCheck Info: BAD_POOL_HEADER (19)
Arguments:
Arg1: 0000000000000020, a pool block header size is corrupt.
Arg2: fffffa80139de080, The pool entry we were looking for within the page.
Arg3: fffffa80139de0a0, The next pool entry.
Arg4: 0000000004020008, (reserved)
BUGCHECK_STR:  0x19_20
PROCESS_NAME:  mbamservice.ex
FAILURE_BUCKET_ID:  X64_0x19_20_fwpkclnt!FwpsConstructIpHeaderForTransportPacket0+20a
CPUID:        "Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz"
MaxSpeed:     2900
CurrentSpeed: 2890
  BIOS Version                  A18
  BIOS Release Date             01/18/2016
  Manufacturer                  Dell Inc.
  Product Name                  Latitude E6430
  Baseboard Product             08R94K
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Thu Mar 17 18:03:11.886 2016 (UTC - 4:00)**************************
Loading Dump File [C:\Users\John\SysnativeBSODApps\031716-8127-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Built by: 7601.19160.amd64fre.win7sp1_gdr.160211-0600
System Uptime: 3 days 10:22:48.088
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by : ntkrnlmp.exe ( nt!KiSystemServiceExit+245 )
BugCheck 4A, {7750d42a, 2, 0, fffff8800688ab60}
BugCheck Info: IRQL_GT_ZERO_AT_SYSTEM_SERVICE (4a)
Arguments:
Arg1: 000000007750d42a, Address of system function (system call routine)
Arg2: 0000000000000002, Current IRQL
Arg3: 0000000000000000, 0
Arg4: fffff8800688ab60, 0
PROCESS_NAME:  vsserv.exe
BUGCHECK_STR:  RAISED_IRQL_FAULT
FAILURE_BUCKET_ID:  X64_RAISED_IRQL_FAULT_vsserv.exe_nt!KiSystemServiceExit+245
CPUID:        "Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz"
MaxSpeed:     2900
CurrentSpeed: 2890
  BIOS Version                  A18
  BIOS Release Date             01/18/2016
  Manufacturer                  Dell Inc.
  Product Name                  Latitude E6430
  Baseboard Product             08R94K
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``


3rd Party Drivers:
The following is for information purposes only.
**************************Mon Mar 21 13:06:36.680 2016 (UTC - 4:00)**************************
CtClsFlt.sys                Mon Jun 15 01:06:41 2009 (4A35D6E1)
pwdrvio.sys                 Mon Jun 15 21:43:45 2009 (4A36F8D1)
intelppm.sys                Mon Jul 13 19:19:25 2009 (4A5BC0FD)
amdxata.sys                 Fri Mar 19 12:18:18 2010 (4BA3A3CA)
phmburnr.sys                Sun Jun 13 22:57:54 2010 (4C159AB2)
stdcfltn.sys                Sat Jul 16 00:31:13 2011 (4E211411)
btwl2cap.sys                Sat Aug 27 18:58:52 2011 (4E5976AC)
btwavdt.sys                 Thu Mar  1 16:45:18 2012 (4F4FEDEE)
btwrchid.sys                Thu Mar  1 16:46:08 2012 (4F4FEE20)
o2sdjw7x64.sys              Mon Apr 23 01:43:36 2012 (4F94EC08)
btwaudio.sys                Fri Apr 27 16:54:05 2012 (4F9B076D)
iaStor.sys                  Wed May 30 16:40:40 2012 (4FC685C8)
e1c62x64.sys                Fri Aug 10 18:44:15 2012 (50258EBF)
bcbtums.sys                 Fri Aug 24 17:21:36 2012 (5037F060)
btwampfl.sys                Sat Dec  1 16:50:24 2012 (50BA7BA0)
iusb3hub.sys                Fri Feb 22 07:33:42 2013 (512765A6)
iusb3xhc.sys                Fri Feb 22 07:33:45 2013 (512765A9)
iusb3hcs.sys                Fri Feb 22 07:36:29 2013 (5127664D)
ST_Accel.sys                Wed Mar 27 18:59:32 2013 (515379D4)
nbdrv.sys                   Fri Apr 19 15:13:41 2013 (51719765)
stwrt64.sys                 Fri Aug 16 06:26:26 2013 (520DFE52)
ksbus64.sys                 Fri Nov 29 03:33:30 2013 (5298515A)
KSPrt64.sys                 Tue Dec  3 21:38:47 2013 (529E95B7)
mwac.sys                    Tue Jun 17 22:06:34 2014 (53A0F42A)
VMNET.SYS                   Sun Jul 27 09:30:27 2014 (53D4FEF3)
vmnetadapter.sys            Sun Jul 27 09:30:30 2014 (53D4FEF6)
vmnetbridge.sys             Sun Jul 27 09:30:32 2014 (53D4FEF8)
swg3knmea05.sys             Tue Aug 26 15:12:54 2014 (53FCDC36)
vmci.sys                    Thu Sep  4 22:11:32 2014 (54091BD4)
vsock.sys                   Thu Sep  4 22:12:05 2014 (54091BF5)
IntcDAud.sys                Tue Sep  9 08:13:01 2014 (540EEECD)
TeeDriverx64.sys            Tue Sep 23 16:01:14 2014 (5421D18A)
swg3kser05.sys              Tue Oct 14 17:18:35 2014 (543D932B)
swg3kmbb05.sys              Thu Oct 23 17:39:48 2014 (544975A4)
tap0901.sys                 Wed Nov  5 08:16:32 2014 (545A2330)
HWiNFO64A.SYS               Tue Mar 31 05:51:32 2015 (551A6E24)
gzflt.sys                   Wed Apr 29 07:32:17 2015 (5540C141)
NETwsw01.sys                Mon May  4 09:10:57 2015 (55476FE1)
trufos.sys                  Mon May 11 04:26:27 2015 (555067B3)
MBAMSwissArmy.sys           Wed Jul 29 00:26:01 2015 (55B855D9)
mbam.sys                    Tue Aug 11 13:35:19 2015 (55CA3257)
igdkmd64.sys                Mon Aug 17 11:34:01 2015 (55D1FEE9)
BazisVirtualCDBus.sys       Sat Sep 26 22:51:28 2015 (560759B0)
Apfiltr.sys                 Mon Oct  5 02:50:33 2015 (56121DB9)
hcmon.sys                   Fri Nov  6 14:57:33 2015 (563D062D)
bdvedisk.sys                Mon Nov 23 06:38:07 2015 (5652FA9F)
vmnetuserif.sys             Wed Nov 25 20:52:45 2015 (565665ED)
vmx86.sys                   Wed Nov 25 21:05:01 2015 (565668CD)
VMparport.sys               Wed Nov 25 21:05:08 2015 (565668D4)
avc3.sys                    Tue Jan 19 08:52:34 2016 (569E3FA2)
avckf.sys                   Tue Jan 19 08:55:54 2016 (569E406A)
mbae64.sys                  Wed Jan 27 11:54:02 2016 (56A8F62A)
bdfwfpf.sys                 Tue Feb  9 07:12:25 2016 (56B9D7A9)
ignis.sys                   Fri Feb 12 08:24:54 2016 (56BDDD26)
veracrypt.sys               Sun Feb 14 02:54:15 2016 (56C032A7)
VBoxNetAdp6.sys             Fri Mar  4 11:28:57 2016 (56D9B7C9)
VBoxNetLwf.sys              Fri Mar  4 11:28:57 2016 (56D9B7C9)
VBoxUSBMon.sys              Fri Mar  4 11:28:57 2016 (56D9B7C9)
VBoxDrv.sys                 Fri Mar  4 11:29:26 2016 (56D9B7E6)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Mar 20 03:54:25.546 2016 (UTC - 4:00)**************************
VBoxEhciR0.r0               Fri Mar  4 11:28:22 2016 (56D9B7A6)
VBoxDD2R0.r0                Fri Mar  4 11:28:57 2016 (56D9B7C9)
VBoxDDR0.r0                 Fri Mar  4 11:28:59 2016 (56D9B7CB)
VMMR0.r0                    Fri Mar  4 11:29:26 2016 (56D9B7E6)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Thu Mar 17 18:03:11.886 2016 (UTC - 4:00)**************************
bdfwfpf.sys                 Mon Oct 29 08:23:28 2012 (508E7540)
ignis.sys                   Tue Oct 20 06:08:29 2015 (5626129D)
VBoxUSB.sys                 Fri Mar  4 11:28:57 2016 (56D9B7C9)

 

http://www.carrona.org/drivers/driver.php?id=CtClsFlt.sys
http://www.carrona.org/drivers/driver.php?id=pwdrvio.sys
http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=amdxata.sys
phmburnr.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=stdcfltn.sys
http://www.carrona.org/drivers/driver.php?id=btwl2cap.sys
http://www.carrona.org/drivers/driver.php?id=btwavdt.sys
http://www.carrona.org/drivers/driver.php?id=btwrchid.sys
http://www.carrona.org/drivers/driver.php?id=o2sdjw7x64.sys
http://www.carrona.org/drivers/driver.php?id=btwaudio.sys
http://www.carrona.org/drivers/driver.php?id=iaStor.sys
http://www.carrona.org/drivers/driver.php?id=e1c62x64.sys
http://www.carrona.org/drivers/driver.php?id=bcbtums.sys
http://www.carrona.org/drivers/driver.php?id=btwampfl.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hub.sys
http://www.carrona.org/drivers/driver.php?id=iusb3xhc.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hcs.sys
http://www.carrona.org/drivers/driver.php?id=ST_Accel.sys
http://www.carrona.org/drivers/driver.php?id=nbdrv.sys
http://www.carrona.org/drivers/driver.php?id=stwrt64.sys
http://www.carrona.org/drivers/driver.php?id=ksbus64.sys
http://www.carrona.org/drivers/driver.php?id=KSPrt64.sys
http://www.carrona.org/drivers/driver.php?id=mwac.sys
http://www.carrona.org/drivers/driver.php?id=VMNET.SYS
http://www.carrona.org/drivers/driver.php?id=vmnetadapter.sys
http://www.carrona.org/drivers/driver.php?id=vmnetbridge.sys
swg3knmea05.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=vmci.sys
http://www.carrona.org/drivers/driver.php?id=vsock.sys
http://www.carrona.org/drivers/driver.php?id=IntcDAud.sys
http://www.carrona.org/drivers/driver.php?id=TeeDriverx64.sys
swg3kser05.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
swg3kmbb05.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=tap0901.sys
http://www.carrona.org/drivers/driver.php?id=HWiNFO64A.SYS
http://www.carrona.org/drivers/driver.php?id=gzflt.sys
http://www.carrona.org/drivers/driver.php?id=NETwsw01.sys
http://www.carrona.org/drivers/driver.php?id=trufos.sys
http://www.carrona.org/drivers/driver.php?id=MBAMSwissArmy.sys
http://www.carrona.org/drivers/driver.php?id=mbam.sys
http://www.carrona.org/drivers/driver.php?id=igdkmd64.sys
http://www.carrona.org/drivers/driver.php?id=BazisVirtualCDBus.sys
http://www.carrona.org/drivers/driver.php?id=Apfiltr.sys
http://www.carrona.org/drivers/driver.php?id=hcmon.sys
http://www.carrona.org/drivers/driver.php?id=bdvedisk.sys
http://www.carrona.org/drivers/driver.php?id=vmnetuserif.sys
http://www.carrona.org/drivers/driver.php?id=vmx86.sys
http://www.carrona.org/drivers/driver.php?id=VMparport.sys
http://www.carrona.org/drivers/driver.php?id=avc3.sys
http://www.carrona.org/drivers/driver.php?id=avckf.sys
http://www.carrona.org/drivers/driver.php?id=mbae64.sys
http://www.carrona.org/drivers/driver.php?id=bdfwfpf.sys
http://www.carrona.org/drivers/driver.php?id=ignis.sys
http://www.carrona.org/drivers/driver.php?id=veracrypt.sys
http://www.carrona.org/drivers/driver.php?id=VBoxNetAdp6.sys
http://www.carrona.org/drivers/driver.php?id=VBoxNetLwf.sys
http://www.carrona.org/drivers/driver.php?id=VBoxUSBMon.sys
http://www.carrona.org/drivers/driver.php?id=VBoxDrv.sys
http://www.carrona.org/drivers/driver.php?id=VBoxEhciR0.r0
http://www.carrona.org/drivers/driver.php?id=VBoxDD2R0.r0
http://www.carrona.org/drivers/driver.php?id=VBoxDDR0.r0
http://www.carrona.org/drivers/driver.php?id=VMMR0.r0
http://www.carrona.org/drivers/driver.php?id=bdfwfpf.sys
http://www.carrona.org/drivers/driver.php?id=ignis.sys
http://www.carrona.org/drivers/driver.php?id=VBoxUSB.sys

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.