Jump to content
CommonCurt

Identical BSOD's on my two Win7 Machines (2nd system Main Desktop PC)

Recommended Posts

Hi, 

this is the second system (my main Desktop PC) with what seems to be an identical issue, at least from what I can gather from "Who Crashed".

It has Malwarebytes 3.2.2.2018 and Microsoft Security Essentials running at the same time, and I've attempted to add the exclusions after I started getting the BSOD's. 

It seems to have started around the time that I upgraded to Malwarebytes 3.0, but I was never really sure because it was around that time that I did a Security Only windows update.

Who Crashed is telling me it's the IRST driver iastora.sys (iaStorA+0x877B8).  I have upgraded to all the available IRST drivers for my chipset, and still the BSOD's continued. So I eventually went back to the original IRST drivers that had been fine for years.  I have the most current MoBo BIOS installed.  SFC scans come up clean. Every few days I get some Event ID 2001 "Microsoft  Antimalware has encountered an error trying to update signatures".  The system restarts randomly every few days.  It almost always happens in the morning between 7:00am - 8:00am, which is around when Malwarebytes is doing it's automatic scan.

Please, any help will be much appreciated.  I built, and have maintained this systems since the end of 2013 with no BOSD's or issues whatsoever.

until this past July.

perfmon report Main Desktop PC.zip

SysnativeFileCollectionApp.zip

Edited by CommonCurt

Share this post


Link to post
Share on other sites

Clean forgot about this topic!  Sorry!

I noticed in this topic that there was a roll-back of the iaStorA.sys driver from Oct 2013 to Aug 2013.
Could you describe what you did for that?  This lessens the possibility that iaStorA.sys is to blame (which increases the other possibilities I discussed).

 

Your UEFI/BIOS (version F16h) dates from 2016.  Please check at the manufacturer's website to see if there are any UEFI/BIOS updates available for your system.  If you are able to install the update through Windows (without booting from an external drive), then go ahead and update it.  WARNING - if the computer might shut down during this procedure, please don't do it, as this may physically damage the computer and prevent it from booting.
FYI - W8 and W10 communicate more with the UEFI/BIOS than previous versions of Windows, so it's important to ensure that the UEFI/BIOS is kept up to date (and the outdated UEFI/BIOS' may be the cause of some compatibility issues).  Again, it's not as critical w/W7, but I'd still suggest checking to see about any fixes available.

No systeminfo.txt report, so I'm uncertain of the number of Windows Updates that you have.  Most systems with SP1 have 350-400 or more.  Please visit Windows Update and get ALL available updates (it may take several trips to get them all).
The actual number is not important.  Rather it's important that you checked manually, installed any available updates, and didn't experience any errors when checking or updating.

Please update these older drivers.  Links are provided in order to assist you with looking up the source of the drivers.  
If unable to find an update, please uninstall the program that is responsible for that driver.  

DO NOT manually delete/rename the driver as it may make the system unbootable!!!:
 
WinRing0x64.sys              Sat Jul 26 09:29:37 2008 (488B26C1)
many different programs that center around the using of the WinRing libraries (RealTemp, Corsair Link2 (known BSOD issues w/Win8), Razer GameBooster, Intel Processor Diagnostic Tool, Fusiontweaker (Google Code), etc) OEM - none at http://www.python.org/emacs/winring/
http://www.carrona.org/drivers/driver.php?id=WinRing0x64.sys

As stated earlier, the dump files all blame iaStor.sys (actually iaStorA.sys).  This is a driver for the storage controller that controls your drives on the system.
The possibilities are (in no particular order):
- hardware problems
- iaStorA.sys problems
- other driver problems
Driver Verifier will help to see if there are other driver problems and the hardware diagnostics will help to see if there's a hardware issue.
For the iaStorA.sys problems, have a look at this procedure:  https://answers.microsoft.com/en-us/windows/wiki/windows_7-hardware/uninstalling-the-intelr-rapid-storage-technology/e3c4b6d6-56ba-4ac5-be50-89843c9d9b22?auth=1


Analysis:
The following is for information purposes only.
The following information contains the relevant information from the blue screen analysis:
**************************Wed Nov  1 06:40:04.497 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\110117-8377-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23915.amd64fre.win7sp1_ldr.170913-0600
System Uptime:3 days 5:23:27.309
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+877b8 )
BugCheck D1, {10, 2, 1, fffff8800170b7b8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff8800170b7b8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+877b8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sat Oct 28 06:30:33.445 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\102817-8673-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23889.amd64fre.win7sp1_ldr.170810-1615
System Uptime:4 days 23:53:26.257
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+877b8 )
BugCheck D1, {10, 2, 1, fffff880017117b8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880017117b8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+877b8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Mon Oct 23 06:36:11.311 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\102317-8736-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23889.amd64fre.win7sp1_ldr.170810-1615
System Uptime:5 days 0:00:54.302
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+877b8 )
BugCheck D1, {10, 2, 1, fffff8800176e7b8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff8800176e7b8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+877b8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
The rest of the memory dump summaries are hidden in the Spoiler tag below.  Click on "Show" to reveal them.


**************************Wed Oct 18 06:34:10.930 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\101817-8455-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23889.amd64fre.win7sp1_ldr.170810-1615
System Uptime:4 days 23:47:36.606
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+877b8 )
BugCheck D1, {10, 2, 1, fffff880017037b8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880017037b8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+877b8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Fri Oct 13 06:45:16.293 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\101317-8533-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23889.amd64fre.win7sp1_ldr.170810-1615
System Uptime:5 days 0:15:53.105
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+877b8 )
BugCheck D1, {10, 2, 1, fffff880016ff7b8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880016ff7b8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+877b8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Oct  8 06:28:28.500 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\100817-8580-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23889.amd64fre.win7sp1_ldr.170810-1615
System Uptime:4 days 6:46:24.312
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+877b8 )
BugCheck D1, {10, 2, 1, fffff880016d87b8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880016d87b8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+877b8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Tue Oct  3 06:43:48.822 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\100317-7800-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23864.amd64fre.win7sp1_ldr.170707-0600
System Uptime:4 days 23:38:34.766
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+877b8 )
BugCheck D1, {10, 2, 1, fffff880017347b8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880017347b8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+877b8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Thu Sep 28 07:04:07.094 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\092817-9048-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23864.amd64fre.win7sp1_ldr.170707-0600
System Uptime:5 days 0:37:56.100
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+877b8 )
BugCheck D1, {10, 2, 1, fffff880016e67b8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880016e67b8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+877b8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sat Sep 23 06:25:03.399 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\092317-8782-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23864.amd64fre.win7sp1_ldr.170707-0600
System Uptime:5 days 23:54:20.100
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+877b8 )
BugCheck D1, {10, 2, 1, fffff880017317b8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880017317b8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+877b8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Sep 17 06:29:47.574 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\091717-7566-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23864.amd64fre.win7sp1_ldr.170707-0600
System Uptime:3 days 8:03:03.000
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+877b8 )
BugCheck D1, {10, 2, 1, fffff880017017b8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880017017b8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+877b8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Sep 10 06:28:16.017 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\091017-7644-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23864.amd64fre.win7sp1_ldr.170707-0600
System Uptime:4 days 7:58:02.754
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+877b8 )
BugCheck D1, {10, 2, 1, fffff880016a37b8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880016a37b8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+877b8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Thu Aug 31 06:30:38.429 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\083117-7987-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23807.amd64fre.win7sp1_ldr.170512-0600
System Uptime:6 days 15:28:43.808
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+877b8 )
BugCheck D1, {10, 2, 1, fffff8800174b7b8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff8800174b7b8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+877b8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Thu Aug 24 10:15:21.091 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\082417-5647-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23807.amd64fre.win7sp1_ldr.170512-0600
System Uptime:4 days 3:38:17.903
*** WARNING: Unable to verify timestamp for e1c62x64.sys
*** ERROR: Module load completed but symbols could not be loaded for e1c62x64.sys
Probably caused by :e1c62x64.sys ( e1c62x64+1fb23 )
BugCheck 19, {20, fffffa80212fd220, fffffa80212fd340, 4120022}
BugCheck Info: BAD_POOL_HEADER (19)
Arguments:
Arg1: 0000000000000020, a pool block header size is corrupt.
Arg2: fffffa80212fd220, The pool entry we were looking for within the page.
Arg3: fffffa80212fd340, The next pool entry.
Arg4: 0000000004120022, (reserved)
BUGCHECK_STR:  0x19_20
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0x19_20_e1c62x64+1fb23
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Aug 20 06:36:08.703 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\082017-7893-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23807.amd64fre.win7sp1_ldr.170512-0600
System Uptime:6 days 6:29:20.515
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+870a8 )
BugCheck D1, {10, 2, 1, fffff880016b30a8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880016b30a8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  MsMpEng.exe
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+870a8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Aug 13 22:50:48.814 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\081317-10530-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23807.amd64fre.win7sp1_ldr.170512-0600
System Uptime:0 days 16:12:08.515
*** WARNING: Unable to verify timestamp for e1c62x64.sys
*** ERROR: Module load completed but symbols could not be loaded for e1c62x64.sys
*** WARNING: Unable to verify timestamp for mbae64.sys
*** ERROR: Module load completed but symbols could not be loaded for mbae64.sys
Probably caused by :e1c62x64.sys ( e1c62x64+1fb23 )
BugCheck 19, {20, fffffa802130dd90, fffffa802130deb0, 4120008}
BugCheck Info: BAD_POOL_HEADER (19)
Arguments:
Arg1: 0000000000000020, a pool block header size is corrupt.
Arg2: fffffa802130dd90, The pool entry we were looking for within the page.
Arg3: fffffa802130deb0, The next pool entry.
Arg4: 0000000004120008, (reserved)
BUGCHECK_STR:  0x19_20
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0x19_20_e1c62x64+1fb23
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Aug 13 06:37:46.788 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\081317-7675-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23807.amd64fre.win7sp1_ldr.170512-0600
System Uptime:7 days 0:33:13.600
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+870a8 )
BugCheck D1, {10, 2, 1, fffff880016970a8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880016970a8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+870a8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Fri Aug  4 06:27:07.608 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\080417-8002-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23807.amd64fre.win7sp1_ldr.170512-0600
System Uptime:8 days 4:07:26.751
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+870a8 )
BugCheck D1, {10, 2, 1, fffff880017670a8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880017670a8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+870a8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Jul 23 06:33:24.264 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\072317-8829-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23807.amd64fre.win7sp1_ldr.170512-0600
System Uptime:8 days 0:57:18.307
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+877b8 )
BugCheck D1, {10, 2, 1, fffff880017067b8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880017067b8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+877b8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Thu Jul 13 04:07:55.669 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\071317-7956-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23807.amd64fre.win7sp1_ldr.170512-0600
System Uptime:0 days 0:00:11.481
Probably caused by :Pool_Corruption ( nt!ExDeferredFreePool+192 )
BugCheck C5, {fffff810038086b0, 2, 0, fffff800037ada5e}
BugCheck Info: DRIVER_CORRUPTED_EXPOOL (c5)
Arguments:
Arg1: fffff810038086b0, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff800037ada5e, address which referenced memory
BUGCHECK_STR:  0xC5_2
PROCESS_NAME:  svchost.exe
FAILURE_BUCKET_ID: X64_0xC5_2_nt!ExDeferredFreePool+192
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Thu Jul 13 01:28:35.855 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\071317-8782-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23807.amd64fre.win7sp1_ldr.170512-0600
System Uptime:9 days 21:09:03.260
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+877b8 )
BugCheck D1, {10, 2, 1, fffff880017787b8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880017787b8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+877b8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``


3rd Party Drivers:
The following is for information purposes only.
My recommendations were given above. The drivers that follow belong to software or devices that were not developed by Microsoft.  You can find links to the driver information and where to update the drivers in the section after the code box:

**************************Wed Nov  1 06:40:04.497 2017 (UTC - 5:00)**************************
MpKslccbdd823.sys            Mon Feb 27 20:54:41 1989 (2409FBE1)
WinRing0x64.sys              Sat Jul 26 09:29:37 2008 (488B26C1)
intelppm.sys                 Mon Jul 13 19:19:25 2009 (4A5BC0FD)
MBfilt64.sys                 Thu Jul 30 23:40:32 2009 (4A7267B0)
amdxata.sys                  Fri Mar 19 12:18:18 2010 (4BA3A3CA)
VClone.sys                   Sat Jan 15 11:21:04 2011 (4D31C970)
ArcSec.sys                   Wed Nov  9 22:05:33 2011 (4EBB3F7D)
mvxxmm.sys                   Thu Jan 19 01:50:44 2012 (4F17BD44)
mvs91xx.sys                  Thu Jan 19 01:51:00 2012 (4F17BD54)
iaStor.sys                   Wed Feb  1 19:15:24 2012 (4F29D59C)
e1c62x64.sys                 Thu Mar 15 23:57:28 2012 (4F62BA28)
iusb3hub.sys                 Mon May 21 03:21:36 2012 (4FB9ED00)
iusb3xhc.sys                 Mon May 21 03:21:40 2012 (4FB9ED04)
iusb3hcs.sys                 Mon May 21 03:23:42 2012 (4FB9ED7E)
L1C62x64.sys                 Wed Jul 18 22:55:34 2012 (50077726)
cpuz136_x64.sys              Fri May 10 08:42:51 2013 (518CEB4B)
iaStorA.sys                  Thu Aug  1 21:39:52 2013 (51FB0DE8)
iaStorF.sys                  Thu Aug  1 21:39:54 2013 (51FB0DEA)
TeeDriverx64.sys             Thu Sep  5 14:02:18 2013 (5228C72A)
RTKVHD64.sys                 Wed Dec 10 02:53:17 2014 (5487FBED)
ElbyCDIO.sys                 Wed Dec 17 18:30:51 2014 (5492122B)
AnyDVD.sys                   Mon Dec 28 07:52:15 2015 (5681307F)
MpFilter.sys                 Mon Aug  8 19:01:17 2016 (57A90F3D)
mbae64.sys                   Wed Jan 11 12:08:00 2017 (58766670)
nvhda64v.sys                 Tue May 16 09:02:27 2017 (591AF863)
nvlddmkm.sys                 Tue Jun 27 16:00:30 2017 (5952B95E)
farflt.sys                   Tue Sep  5 19:44:07 2017 (59AF36C7)
mbam.sys                     Wed Sep  6 08:40:25 2017 (59AFECB9)
mwac.sys                     Thu Sep  7 12:04:06 2017 (59B16DF6)
mbamswissarmy.sys            Fri Sep 22 09:27:25 2017 (59C50FBD)
MbamChameleon.sys            Mon Sep 25 17:29:08 2017 (59C97524)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sat Oct 28 06:30:33.445 2017 (UTC - 5:00)**************************
MpKsl94289c63.sys            Mon Feb 27 20:54:41 1989 (2409FBE1)
MpKslce91fbeb.sys            Mon Feb 27 20:54:41 1989 (2409FBE1)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Wed Oct 18 06:34:10.930 2017 (UTC - 5:00)**************************
MpKsle828f913.sys            Mon Feb 27 20:54:41 1989 (2409FBE1)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Fri Oct 13 06:45:16.293 2017 (UTC - 5:00)**************************
MpKslb697f7d5.sys            Mon Feb 27 20:54:41 1989 (2409FBE1)
MpKsldc1ab9ca.sys            Mon Feb 27 20:54:41 1989 (2409FBE1)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Tue Oct  3 06:43:48.822 2017 (UTC - 5:00)**************************
MpKslf37054af.sys            Mon Feb 27 20:54:41 1989 (2409FBE1)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Thu Sep 28 07:04:07.094 2017 (UTC - 5:00)**************************
MpKsl4d665315.sys            Mon Feb 27 20:54:41 1989 (2409FBE1)
mbam.sys                     Wed Jun  7 10:26:58 2017 (59380D32)
farflt.sys                   Thu Jun 29 15:47:33 2017 (59555955)
MBAMSwissArmy.sys            Mon Jul 17 17:14:48 2017 (596D28C8)
mwac.sys                     Thu Aug  3 10:43:39 2017 (5983369B)
MBAMChameleon.sys            Mon Aug  7 17:35:52 2017 (5988DD38)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sat Sep 23 06:25:03.399 2017 (UTC - 5:00)**************************
MpKsl18c15682.sys            Tue May 19 21:50:37 2015 (555BE86D)
MpKsl1d759330.sys            Tue May 19 21:50:37 2015 (555BE86D)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Sep 10 06:28:16.017 2017 (UTC - 5:00)**************************
MpKslf436efa0.sys            Tue May 19 21:50:37 2015 (555BE86D)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Thu Aug 31 06:30:38.429 2017 (UTC - 5:00)**************************
MpKsl02a0e1fc.sys            Tue May 19 21:50:37 2015 (555BE86D)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Thu Aug 24 10:15:21.091 2017 (UTC - 5:00)**************************
iaStorA.sys                  Mon Oct 28 17:15:26 2013 (526ED3EE)
iaStorF.sys                  Mon Oct 28 17:15:28 2013 (526ED3F0)
MpKsl75900b7f.sys            Tue May 19 21:50:37 2015 (555BE86D)
MpKsle8ad8161.sys            Tue May 19 21:50:37 2015 (555BE86D)
mbae64.sys                   Fri Apr 29 06:10:09 2016 (57233301)
MBAMSwissArmy.sys            Fri Jun  2 16:46:01 2017 (5931CE89)
farflt.sys                   Wed Jun 14 09:21:34 2017 (5941385E)
mwac.sys                     Tue Jun 20 13:52:56 2017 (594960F8)
MBAMChameleon.sys            Tue Jun 27 14:22:06 2017 (5952A24E)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Aug 13 22:50:48.814 2017 (UTC - 5:00)**************************
vstor2-mntapi10-shared.sys   Tue Jul 12 12:35:21 2011 (4E1C77C9)
vmci.sys                     Mon Apr 30 21:14:27 2012 (4F9F38F3)
vsock.sys                    Mon Apr 30 21:15:24 2012 (4F9F392C)
HECIx64.sys                  Mon Jul  2 18:14:58 2012 (4FF21D62)
VMNET.SYS                    Sun Jul  8 03:58:34 2012 (4FF93DAA)
vmnetadapter.sys             Sun Jul  8 03:58:35 2012 (4FF93DAB)
vmnetbridge.sys              Sun Jul  8 03:59:19 2012 (4FF93DD7)
hcmon.sys                    Wed Aug  1 20:10:29 2012 (5019C575)
vmnetuserif.sys              Wed Aug 15 16:31:54 2012 (502C073A)
vmx86.sys                    Wed Aug 15 18:05:11 2012 (502C1D17)
MpKslbf27f141.sys            Tue May 19 21:50:37 2015 (555BE86D)
MpKslb704b597.sys            Tue May 19 21:50:37 2015 (555BE86D)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Fri Aug  4 06:27:07.608 2017 (UTC - 5:00)**************************
MpKsl8113982a.sys            Tue May 19 21:50:37 2015 (555BE86D)
nvvad64v.sys                 Mon Feb  6 04:37:01 2017 (589843BD)
nvhda64v.sys                 Wed Mar 15 08:48:41 2017 (58C93829)
nvlddmkm.sys                 Mon May  1 15:58:03 2017 (5907934B)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Jul 23 06:33:24.264 2017 (UTC - 5:00)**************************
MpKsldfcb572c.sys            Tue May 19 21:50:37 2015 (555BE86D)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Thu Jul 13 04:07:55.669 2017 (UTC - 5:00)**************************
MBAMSwissArmy.sys            Thu May 18 14:34:35 2017 (591DE93B)
MBAMChameleon.sys            Fri May 26 16:53:01 2017 (592895AD)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Thu Jul 13 01:28:35.855 2017 (UTC - 5:00)**************************
MpKslf8d96674.sys            Tue May 19 21:50:37 2015 (555BE86D)
farflt.sys                   Fri Mar 24 11:34:26 2017 (58D53C82)
mbam.sys                     Fri May 19 12:02:10 2017 (591F1702)
mwac.sys                     Thu May 25 15:13:56 2017 (59272CF4)

 


MpKslccbdd823.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=WinRing0x64.sys
http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=MBfilt64.sys
http://www.carrona.org/drivers/driver.php?id=amdxata.sys
http://www.carrona.org/drivers/driver.php?id=VClone.sys
http://www.carrona.org/drivers/driver.php?id=ArcSec.sys
http://www.carrona.org/drivers/driver.php?id=mvxxmm.sys
http://www.carrona.org/drivers/driver.php?id=mvs91xx.sys
http://www.carrona.org/drivers/driver.php?id=iaStor.sys
http://www.carrona.org/drivers/driver.php?id=e1c62x64.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hub.sys
http://www.carrona.org/drivers/driver.php?id=iusb3xhc.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hcs.sys
http://www.carrona.org/drivers/driver.php?id=L1C62x64.sys
http://www.carrona.org/drivers/driver.php?id=cpuz136_x64.sys
http://www.carrona.org/drivers/driver.php?id=iaStorA.sys
http://www.carrona.org/drivers/driver.php?id=iaStorF.sys
http://www.carrona.org/drivers/driver.php?id=TeeDriverx64.sys
http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
http://www.carrona.org/drivers/driver.php?id=ElbyCDIO.sys
http://www.carrona.org/drivers/driver.php?id=AnyDVD.sys
http://www.carrona.org/drivers/driver.php?id=MpFilter.sys
http://www.carrona.org/drivers/driver.php?id=mbae64.sys
http://www.carrona.org/drivers/driver.php?id=nvhda64v.sys
http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
http://www.carrona.org/drivers/driver.php?id=farflt.sys
http://www.carrona.org/drivers/driver.php?id=mbam.sys
http://www.carrona.org/drivers/driver.php?id=mwac.sys
http://www.carrona.org/drivers/driver.php?id=mbamswissarmy.sys
http://www.carrona.org/drivers/driver.php?id=MbamChameleon.sys
MpKsl94289c63.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
MpKslce91fbeb.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
MpKsle828f913.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
MpKslb697f7d5.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
MpKsldc1ab9ca.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
MpKslf37054af.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
MpKsl4d665315.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=mbam.sys
http://www.carrona.org/drivers/driver.php?id=farflt.sys
http://www.carrona.org/drivers/driver.php?id=MBAMSwissArmy.sys
http://www.carrona.org/drivers/driver.php?id=mwac.sys
http://www.carrona.org/drivers/driver.php?id=MBAMChameleon.sys
MpKsl18c15682.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
MpKsl1d759330.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
MpKslf436efa0.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
MpKsl02a0e1fc.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=iaStorA.sys
http://www.carrona.org/drivers/driver.php?id=iaStorF.sys
MpKsl75900b7f.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
MpKsle8ad8161.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=mbae64.sys
http://www.carrona.org/drivers/driver.php?id=MBAMSwissArmy.sys
http://www.carrona.org/drivers/driver.php?id=farflt.sys
http://www.carrona.org/drivers/driver.php?id=mwac.sys
http://www.carrona.org/drivers/driver.php?id=MBAMChameleon.sys
http://www.carrona.org/drivers/driver.php?id=vstor2-mntapi10-shared.sys
http://www.carrona.org/drivers/driver.php?id=vmci.sys
http://www.carrona.org/drivers/driver.php?id=vsock.sys
http://www.carrona.org/drivers/driver.php?id=HECIx64.sys
http://www.carrona.org/drivers/driver.php?id=VMNET.SYS
http://www.carrona.org/drivers/driver.php?id=vmnetadapter.sys
http://www.carrona.org/drivers/driver.php?id=vmnetbridge.sys
http://www.carrona.org/drivers/driver.php?id=hcmon.sys
http://www.carrona.org/drivers/driver.php?id=vmnetuserif.sys
http://www.carrona.org/drivers/driver.php?id=vmx86.sys
MpKslbf27f141.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
MpKslb704b597.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
MpKsl8113982a.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=nvvad64v.sys
http://www.carrona.org/drivers/driver.php?id=nvhda64v.sys
http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
MpKsldfcb572c.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=MBAMSwissArmy.sys
http://www.carrona.org/drivers/driver.php?id=MBAMChameleon.sys
MpKslf8d96674.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=farflt.sys
http://www.carrona.org/drivers/driver.php?id=mbam.sys
http://www.carrona.org/drivers/driver.php?id=mwac.sys

 

 

 

 

Share this post


Link to post
Share on other sites

Okay, thanks.  One of the first things I did when the BSOD's started happening was check for MoBo BIOS updates. I definitely have the most current ones.

I will look up how to deal with the drivers you mentioned.  

As for Windows updates.  I have been doing the Security Only updates manually ever since MS switched Win7 to the Monthly Rollups. (As I want no part of MS telemetry on my Win7 machines).  I know for sure I haven't missed any.

However I did notice that all of this started happening right after I installed the June 2017 Security Only update, but since I haven't been able to see anyone posting the problems I have afterwards I wasn't sure if it was the culprit.

As for why I rolled back the iaStorA.sys driver.  I was trying to see if that would fix the BSOD's since Who Crashed told me it was probably responsible.

I did see that article before about uninstalling the iaStorA.sys driver and letting Windows install it's generic version, but I also read where some people couldn't get back into Windows after doing it?

 

Thanks for the help.

Edited by CommonCurt

Share this post


Link to post
Share on other sites

Windows Updates will have performance and stability updates.  I strongly suggest that you get ALL of the updates for your system.
Without that, there's no telling exactly which driver is causing the problem - and we have no way of updating Windows drivers except by Windows Update.

If you're concerned about getting back into Windows afterwards, the easiest way is to create a System Restore point.
And, the most reliable way is to make an image of your hard drive prior to trying it.  That way, should it not boot you can just reimage the hard drive with the image that you made.
I don't know how necessary this is as you've tried 2 different versions of iaStorA.sys already.

OK, let's go at this another way.  Try a clean boot:  http://www.thewindowsclub.com/what-is-clean-boot-state-in-windows
If that stops the problem, then re-enable things a few at a time until you figure out what's causing it.
Then uninstall the problem program (from Start...Settings...Apps...Apps & Features - if you don't find it there, check the right sidebar for Programs and Features and see if you can remove it from there).

FWIW - what I suspect is that one of the programs on the system is conflicting with Windows - most likely because the Windows drivers haven't been updated.
It may be that you find which program is causing this, and you can update it to work around it.  Driver Verifier may help us to identify it.
 

Share this post


Link to post
Share on other sites

Hey, Sorry I should't have said that I only get the Security Only Updates.  I do upload most of the recommended ones as well.  I just don't install the Monthly Rollups.

Share this post


Link to post
Share on other sites
16 hours ago, usasma said:

Windows Updates will have performance and stability updates.  I strongly suggest that you get ALL of the updates for your system.
Without that, there's no telling exactly which driver is causing the problem - and we have no way of updating Windows drivers except by Windows Update.

If you're concerned about getting back into Windows afterwards, the easiest way is to create a System Restore point.
And, the most reliable way is to make an image of your hard drive prior to trying it.  That way, should it not boot you can just reimage the hard drive with the image that you made.
I don't know how necessary this is as you've tried 2 different versions of iaStorA.sys already.

OK, let's go at this another way.  Try a clean boot:  http://www.thewindowsclub.com/what-is-clean-boot-state-in-windows
If that stops the problem, then re-enable things a few at a time until you figure out what's causing it.
Then uninstall the problem program (from Start...Settings...Apps...Apps & Features - if you don't find it there, check the right sidebar for Programs and Features and see if you can remove it from there).

FWIW - what I suspect is that one of the programs on the system is conflicting with Windows - most likely because the Windows drivers haven't been updated.
It may be that you find which program is causing this, and you can update it to work around it.  Driver Verifier may help us to identify it.
 

The hardest part about trying the clean boot method might be that after a BSOD happens it is almost always about 3 - 5 days later until the next one happens again.

 

Edited by CommonCurt

Share this post


Link to post
Share on other sites

The problem is that the documentation for Windows Updates doesn't contain everything.
As such, there may be very minor changes that also impact compatibility issues as a part of the entire package.
That being said, then any missing update becomes suspect - and may actually contain a fix for the situation that you're having.
Unfortunately, the only way to tell is to install them.

Yes, the clean boot is cumbersome if you can't call the BSOD on-demand.
But, the alternative is a Clean Install of Windows - which is just as cumbersome (as you don't install 3rd party stuff)
Have you run Driver Verifier?  If not, that may be the way to get the BSOD on-demand.  And, it may even tell us what's causing it!

 

 

Share this post


Link to post
Share on other sites
1 hour ago, usasma said:

The problem is that the documentation for Windows Updates doesn't contain everything.
As such, there may be very minor changes that also impact compatibility issues as a part of the entire package.
That being said, then any missing update becomes suspect - and may actually contain a fix for the situation that you're having.
Unfortunately, the only way to tell is to install them.

Yes, the clean boot is cumbersome if you can't call the BSOD on-demand.
But, the alternative is a Clean Install of Windows - which is just as cumbersome (as you don't install 3rd party stuff)
Have you run Driver Verifier?  If not, that may be the way to get the BSOD on-demand.  And, it may even tell us what's causing it!

 

 

Yeah, I've been running Diver Verifier for about 2 or 3 days now.  I want to give it another day or two, because like I said, It usually takes about 3 - 5 days between BSOD's.

I have considered just installing the RollUps starting from June 2017 (or maybe just the June Rollup), but that will be an absolute last resort.

 

 

Edited by CommonCurt

Share this post


Link to post
Share on other sites

Was Driver Verifier running when this crash happened?
Did you run it according to my instructions or just with the standard settings?
This memory dump is essentially the same as the others - blaming iaStorA.sys

Most likely iaStorA.sys is not to blame - as you've changed it but the crashing continues.
As such, it's most likely another program interfering with the driver, or a hardware issue that affects this driver.
The strangest thing is that it affects both systems that you have
 

I suspect the WinRing0x64.sys driver - as it has been known to cause BSOD's in the past.
Can you uninstall the program that it's associated with?
Worst case, if you cannot locate that program, is that we'll have to manually remove the driver.
Please let me know if you can't and I'll provide detailed instructions on how to safely remove it.



Analysis:
The following is for information purposes only. 
The following information contains the relevant information from the blue screen analysis: 
**************************Sat Nov 11 08:11:38.489 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\111117-19453-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23915.amd64fre.win7sp1_ldr.170913-0600
System Uptime:4 days 21:01:58.301
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+877b8 )
BugCheck D1, {10, 2, 1, fffff880016ad7b8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments: 
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880016ad7b8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+877b8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``


3rd Party Drivers:
The following is for information purposes only. 
My recommendations were given above. The drivers that follow belong to software or devices that were not developed by Microsoft.  You can find links to the driver information and where to update the drivers in the section after the code box: 
**************************Sat Nov 11 08:11:38.489 2017 (UTC - 5:00)**************************
MpKsl2a7d466e.sys   Mon Feb 27 20:54:41 1989 (2409FBE1)
WinRing0x64.sys     Sat Jul 26 09:29:37 2008 (488B26C1)
intelppm.sys        Mon Jul 13 19:19:25 2009 (4A5BC0FD)
MBfilt64.sys        Thu Jul 30 23:40:32 2009 (4A7267B0)
amdxata.sys         Fri Mar 19 12:18:18 2010 (4BA3A3CA)
VClone.sys          Sat Jan 15 11:21:04 2011 (4D31C970)
ArcSec.sys          Wed Nov  9 22:05:33 2011 (4EBB3F7D)
mvxxmm.sys          Thu Jan 19 01:50:44 2012 (4F17BD44)
mvs91xx.sys         Thu Jan 19 01:51:00 2012 (4F17BD54)
iaStor.sys          Wed Feb  1 19:15:24 2012 (4F29D59C)
e1c62x64.sys        Thu Mar 15 23:57:28 2012 (4F62BA28)
iusb3hub.sys        Mon May 21 03:21:36 2012 (4FB9ED00)
iusb3xhc.sys        Mon May 21 03:21:40 2012 (4FB9ED04)
iusb3hcs.sys        Mon May 21 03:23:42 2012 (4FB9ED7E)
L1C62x64.sys        Wed Jul 18 22:55:34 2012 (50077726)
cpuz136_x64.sys     Fri May 10 08:42:51 2013 (518CEB4B)
iaStorA.sys         Thu Aug  1 21:39:52 2013 (51FB0DE8)
iaStorF.sys         Thu Aug  1 21:39:54 2013 (51FB0DEA)
TeeDriverx64.sys    Thu Sep  5 14:02:18 2013 (5228C72A)
RTKVHD64.sys        Wed Dec 10 02:53:17 2014 (5487FBED)
ElbyCDIO.sys        Wed Dec 17 18:30:51 2014 (5492122B)
AnyDVD.sys          Mon Dec 28 07:52:15 2015 (5681307F)
MpFilter.sys        Mon Aug  8 19:01:17 2016 (57A90F3D)
mbae64.sys          Wed Jan 11 12:08:00 2017 (58766670)
nvhda64v.sys        Tue May 16 09:02:27 2017 (591AF863)
nvlddmkm.sys        Tue Jun 27 16:00:30 2017 (5952B95E)
farflt.sys          Tue Sep  5 19:44:07 2017 (59AF36C7)
mwac.sys            Thu Sep  7 12:04:06 2017 (59B16DF6)
mbam.sys            Thu Oct 12 11:23:13 2017 (59DF88E1)
mbamswissarmy.sys   Fri Oct 13 14:58:51 2017 (59E10CEB)
MbamChameleon.sys   Mon Oct 30 12:34:36 2017 (59F7549C)
 


MpKsl2a7d466e.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=WinRing0x64.sys
http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=MBfilt64.sys
http://www.carrona.org/drivers/driver.php?id=amdxata.sys
http://www.carrona.org/drivers/driver.php?id=VClone.sys
http://www.carrona.org/drivers/driver.php?id=ArcSec.sys
http://www.carrona.org/drivers/driver.php?id=mvxxmm.sys
http://www.carrona.org/drivers/driver.php?id=mvs91xx.sys
http://www.carrona.org/drivers/driver.php?id=iaStor.sys
http://www.carrona.org/drivers/driver.php?id=e1c62x64.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hub.sys
http://www.carrona.org/drivers/driver.php?id=iusb3xhc.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hcs.sys
http://www.carrona.org/drivers/driver.php?id=L1C62x64.sys
http://www.carrona.org/drivers/driver.php?id=cpuz136_x64.sys
http://www.carrona.org/drivers/driver.php?id=iaStorA.sys
http://www.carrona.org/drivers/driver.php?id=iaStorF.sys
http://www.carrona.org/drivers/driver.php?id=TeeDriverx64.sys
http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
http://www.carrona.org/drivers/driver.php?id=ElbyCDIO.sys
http://www.carrona.org/drivers/driver.php?id=AnyDVD.sys
http://www.carrona.org/drivers/driver.php?id=MpFilter.sys
http://www.carrona.org/drivers/driver.php?id=mbae64.sys
http://www.carrona.org/drivers/driver.php?id=nvhda64v.sys
http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
http://www.carrona.org/drivers/driver.php?id=farflt.sys
http://www.carrona.org/drivers/driver.php?id=mwac.sys
http://www.carrona.org/drivers/driver.php?id=mbam.sys
http://www.carrona.org/drivers/driver.php?id=mbamswissarmy.sys
http://www.carrona.org/drivers/driver.php?id=MbamChameleon.sys
 

 

Edited by usasma

Share this post


Link to post
Share on other sites

Yeah, I was running Driver Verifier with the step by step instructions from the page you linked.

After reading what I can find about WinRing0x64.sys.  The only program I've found that I have installed that uses it is RealTemp.

When I went to look at how to uninstall it, I came across this on the RealTemp forum:

"RealTemp is in whatever folder you put it in. There's no installer so no need to uninstall either. Just delete the RealTemp folder and everything should be gone without anything left over, hiding in the registry."

I do see WinRing0x64.sys in the folder, along with a lot of other stuff.  Is this the correct coarse of action, just delete the RealTemp folder, and all traces of it will be gone?

 

Thanks

Share this post


Link to post
Share on other sites

I would hope that deleting the folder would delete the appropriate WinRing0x64.sys driver -
BUT - the dump file shows it somewhere in the path that your computer uses to look for files (I don't know exactly where).
BUT - the MSINFO32 report shows it at d:\downloads\program downloads\realtemp_370\winring0x64.sys - DELETE that one if you're confident that it wasn't installed anyplace else.
To be sure, make a System Restore point "just-in-case"

FWIW - no need to delete, just rename the RealTemp folder and the system shouldn't be able to find it (but still make the System Restore point in case it doesn't boot correctly)

 

Share this post


Link to post
Share on other sites

Please turn off Driver Verifier.  I only use it if you are having BSOD's when it's not running (and if it looks like a driver issue)>

To disable Driver Verifier:

Quote

1.  Open verifier.exe (use the Run dialog)
2.  Click on "Delete existing settings"
3.  Click on "Finish" in the lower right corner of the verifier window
4.  Reboot for the changes to take effect.

 


 

 

Edited by usasma

Share this post


Link to post
Share on other sites

Okay, I turned Driver Verifier off, and when the system tried to restart I got a BSOD (attached). This time WhoCrashed says it was ntoskrnl.exe (nt+0x70E00)

I didn't have a problem booting back into windows afterwards tho.

111417-8923-01.zip

Edited by CommonCurt

Share this post


Link to post
Share on other sites

Aha!  This one blames farflt.sys - the anti-ransomware compent of MalwareBytes.
Either disable the MBAM ransomware component - or disable MBAM from loading and test to see if that helps stop the BSOD.

Analysis:
The following is for information purposes only. 
The following information contains the relevant information from the blue screen analysis: 

**************************Tue Nov 14 08:56:50.205 2017 (UTC - 5:00)**************************


Loading Dump File [C:\Users\john\SysnativeBSODApps\111417-8923-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23915.amd64fre.win7sp1_ldr.170913-0600
System Uptime:3 days 0:44:04.844
*** WARNING: Unable to verify timestamp for farflt.sys
*** ERROR: Module load completed but symbols could not be loaded for farflt.sys
Probably caused by :farflt.sys ( farflt+6497 )
BugCheck 50, {fffff88000961450, 0, fffff8000366452c, 0}
BugCheck Info: PAGE_FAULT_IN_NONPAGED_AREA (50)
Arguments: 
Arg1: fffff88000961450, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffff8000366452c, If non-zero, the instruction address which referenced the bad memory
    address.
Arg4: 0000000000000000, (reserved)
BUGCHECK_STR:  0x50
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  MBAMService.ex
FAILURE_BUCKET_ID: X64_0x50_farflt+6497
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``


3rd Party Drivers:
The following is for information purposes only. 
My recommendations were given above. The drivers that follow belong to software or devices that were not developed by Microsoft.  You can find links to the driver information and where to update the drivers in the section after the code box: 
**************************Tue Nov 14 08:56:50.205 2017 (UTC - 5:00)**************************
MpKsl59aa237e.sys   Mon Feb 27 20:54:41 1989 (2409FBE1)
intelppm.sys        Mon Jul 13 19:19:25 2009 (4A5BC0FD)
MBfilt64.sys        Thu Jul 30 23:40:32 2009 (4A7267B0)
amdxata.sys         Fri Mar 19 12:18:18 2010 (4BA3A3CA)
VClone.sys          Sat Jan 15 11:21:04 2011 (4D31C970)
ArcSec.sys          Wed Nov  9 22:05:33 2011 (4EBB3F7D)
mvxxmm.sys          Thu Jan 19 01:50:44 2012 (4F17BD44)
mvs91xx.sys         Thu Jan 19 01:51:00 2012 (4F17BD54)
iaStor.sys          Wed Feb  1 19:15:24 2012 (4F29D59C)
e1c62x64.sys        Thu Mar 15 23:57:28 2012 (4F62BA28)
iusb3hub.sys        Mon May 21 03:21:36 2012 (4FB9ED00)
iusb3xhc.sys        Mon May 21 03:21:40 2012 (4FB9ED04)
iusb3hcs.sys        Mon May 21 03:23:42 2012 (4FB9ED7E)
L1C62x64.sys        Wed Jul 18 22:55:34 2012 (50077726)
iaStorA.sys         Thu Aug  1 21:39:52 2013 (51FB0DE8)
iaStorF.sys         Thu Aug  1 21:39:54 2013 (51FB0DEA)
TeeDriverx64.sys    Thu Sep  5 14:02:18 2013 (5228C72A)
RTKVHD64.sys        Wed Dec 10 02:53:17 2014 (5487FBED)
ElbyCDIO.sys        Wed Dec 17 18:30:51 2014 (5492122B)
AnyDVD.sys          Mon Dec 28 07:52:15 2015 (5681307F)
MpFilter.sys        Mon Aug  8 19:01:17 2016 (57A90F3D)
mbae64.sys          Wed Jan 11 12:08:00 2017 (58766670)
nvhda64v.sys        Tue May 16 09:02:27 2017 (591AF863)
nvlddmkm.sys        Tue Jun 27 16:00:30 2017 (5952B95E)
farflt.sys          Tue Sep  5 19:44:07 2017 (59AF36C7)
mwac.sys            Thu Sep  7 12:04:06 2017 (59B16DF6)
mbam.sys            Thu Oct 12 11:23:13 2017 (59DF88E1)
mbamswissarmy.sys   Fri Oct 13 14:58:51 2017 (59E10CEB)
MbamChameleon.sys   Mon Oct 30 12:34:36 2017 (59F7549C)


MpKsl59aa237e.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=MBfilt64.sys
http://www.carrona.org/drivers/driver.php?id=amdxata.sys
http://www.carrona.org/drivers/driver.php?id=VClone.sys
http://www.carrona.org/drivers/driver.php?id=ArcSec.sys
http://www.carrona.org/drivers/driver.php?id=mvxxmm.sys
http://www.carrona.org/drivers/driver.php?id=mvs91xx.sys
http://www.carrona.org/drivers/driver.php?id=iaStor.sys
http://www.carrona.org/drivers/driver.php?id=e1c62x64.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hub.sys
http://www.carrona.org/drivers/driver.php?id=iusb3xhc.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hcs.sys
http://www.carrona.org/drivers/driver.php?id=L1C62x64.sys
http://www.carrona.org/drivers/driver.php?id=iaStorA.sys
http://www.carrona.org/drivers/driver.php?id=iaStorF.sys
http://www.carrona.org/drivers/driver.php?id=TeeDriverx64.sys
http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
http://www.carrona.org/drivers/driver.php?id=ElbyCDIO.sys
http://www.carrona.org/drivers/driver.php?id=AnyDVD.sys
http://www.carrona.org/drivers/driver.php?id=MpFilter.sys
http://www.carrona.org/drivers/driver.php?id=mbae64.sys
http://www.carrona.org/drivers/driver.php?id=nvhda64v.sys
http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
http://www.carrona.org/drivers/driver.php?id=farflt.sys
http://www.carrona.org/drivers/driver.php?id=mwac.sys
http://www.carrona.org/drivers/driver.php?id=mbam.sys
http://www.carrona.org/drivers/driver.php?id=mbamswissarmy.sys
http://www.carrona.org/drivers/driver.php?id=MbamChameleon.sys
 

 

 

Share this post


Link to post
Share on other sites

should I disable MalwareBytes RansomWare protection right away even tho I just deleted RealTemp to see if stops the iaStorA.sys BSOD's?

Could farflt.sys have been responsible for making the iaStorA.sys BSOD's also?

 

Share this post


Link to post
Share on other sites

It's possible, but we can't tell without a more in-depth debugging (maybe even live debugging) - which I can't do easily.

Disable it all.  Once we're sure the BSOD's have stopped, then you can start re-enabling the disabled/uninstalled stuff one-at-a-time in order to figure out which is/are the problem.

Share this post


Link to post
Share on other sites

I turned RansomWare protection off before I left the house.  When I get home I'll see what else I can turn off.

I really don't want to have to uninstall MalwareBytes.  I have two lifetime licenses, and I do really like the program.

The thing that sucks is that like I said before.  BSOD's usually take 3 -5 days.

I never get BSOD's when shutting down. or restarting the system.  So I'm guessing Driver Verifier is the reason the last one happened when I restarted after turning turning Driver Verifier off?

Share this post


Link to post
Share on other sites

Driver Verifier stresses the selected drivers using different methods.  The stresses most commonly generate BSOD's when the suspect drivers crash.
BUT, this isn't all that can happen.  The system can still crash and blame Windows files, or it can crash again and blame another 3rd party driver, or it can just not crash.
I only use Driver Verifier when I see a pattern that's likely to be caused by an unidentified driver.  And I don't use it after we find something with it, as I want to see if the system has been made stable.   I also don't do it because of the possibility of a driver that has a weakness causing a BSOD and skewing our test results (which'll send us off in a different direction).

So, what we do here is we troubleshoot the last BSOD and see what we can get.

Uninstalling MalwareBytes is just temporary.
We do this to see if we can pin down the cause.
If MBAM isn't to blame, then the BSOD's will continue after it's uninstalled.
If MBAM is to blame, then the BSOD's won't continue after it's uninstalled.
Then we can run some more tests (and maybe Driver Verifier) to see if we can pin down the actual offending driver.
Once we've pinned it down, then you can reinstall MBAM.
 

Share this post


Link to post
Share on other sites

Okay, had another BSOD on this machine today.  RealTemp was deleted a few days ago, and I had the Malwarebytes Ransonware turned off.

I just turned off Malwarebytes Exploit Protection to see if that is what's causing the problem. 

111817-8736-01.zip

Edited by CommonCurt

Share this post


Link to post
Share on other sites

Back to iaStorA.sys - I'd suggest turning Driver Verifier on and leaving it on until the system crashes at least 3 times.

More later, I'm at work right now and can't do much here

 

Share this post


Link to post
Share on other sites

Sorry for the delay - lot's of life problems :(

While waiting for the BSOD from Driver Verifier, the next step is to start comparing the dumps from both systems looking for the same files in each.
This is the most likely way to find the offending driver - but it's not a 100% certain solution (for example, if the offending driver has exited already, it won't show up in the dumps).=
This also presumes that the cause of the crashes is the same for each system (if it's not, we'd have to expand the driver list to include all drivers listed in each ).

I'll post this in a separate post so as to not confuse it with the analysis below.

 

Analysis:
The following is for information purposes only. 
The following information contains the relevant information from the blue screen analysis: 
**************************Sat Nov 18 07:52:14.438 2017 (UTC - 5:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\111817-8736-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Built by: 7601.23915.amd64fre.win7sp1_ldr.170913-0600
System Uptime:3 days 22:11:24.250
*** WARNING: Unable to verify timestamp for iaStorA.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStorA.sys
Probably caused by :iaStorA.sys ( iaStorA+877b8 )
BugCheck D1, {10, 2, 1, fffff880017507b8}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments: 
Arg1: 0000000000000010, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880017507b8, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: X64_0xD1_iaStorA+877b8
CPUID:        "Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3503
  BIOS Version                  F16h
  BIOS Release Date             07/11/2016
  Manufacturer                  Gigabyte Technology Co., Ltd.
  Product Name                  To be filled by O.E.M.
  Baseboard Product             Z77X-UD5H
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``


3rd Party Drivers:
The following is for information purposes only. 
My recommendations were given above. The drivers that follow belong to software or devices that were not developed by Microsoft.  You can find links to the driver information and where to update the drivers in the section after the code box: 
**************************Sat Nov 18 07:52:14.438 2017 (UTC - 5:00)**************************
MpKsl4721e23c.sys   Mon Feb 27 20:54:41 1989 (2409FBE1)
intelppm.sys        Mon Jul 13 19:19:25 2009 (4A5BC0FD)
MBfilt64.sys        Thu Jul 30 23:40:32 2009 (4A7267B0)
amdxata.sys         Fri Mar 19 12:18:18 2010 (4BA3A3CA)
VClone.sys          Sat Jan 15 11:21:04 2011 (4D31C970)
ArcSec.sys          Wed Nov  9 22:05:33 2011 (4EBB3F7D)
mvxxmm.sys          Thu Jan 19 01:50:44 2012 (4F17BD44)
mvs91xx.sys         Thu Jan 19 01:51:00 2012 (4F17BD54)
iaStor.sys          Wed Feb  1 19:15:24 2012 (4F29D59C)
e1c62x64.sys        Thu Mar 15 23:57:28 2012 (4F62BA28)
iusb3hub.sys        Mon May 21 03:21:36 2012 (4FB9ED00)
iusb3xhc.sys        Mon May 21 03:21:40 2012 (4FB9ED04)
iusb3hcs.sys        Mon May 21 03:23:42 2012 (4FB9ED7E)
L1C62x64.sys        Wed Jul 18 22:55:34 2012 (50077726)
cpuz136_x64.sys     Fri May 10 08:42:51 2013 (518CEB4B)
iaStorA.sys         Thu Aug  1 21:39:52 2013 (51FB0DE8)
iaStorF.sys         Thu Aug  1 21:39:54 2013 (51FB0DEA)
TeeDriverx64.sys    Thu Sep  5 14:02:18 2013 (5228C72A)
RTKVHD64.sys        Wed Dec 10 02:53:17 2014 (5487FBED)
ElbyCDIO.sys        Wed Dec 17 18:30:51 2014 (5492122B)
AnyDVD.sys          Mon Dec 28 07:52:15 2015 (5681307F)
MpFilter.sys        Mon Aug  8 19:01:17 2016 (57A90F3D)
mbae64.sys          Wed Jan 11 12:08:00 2017 (58766670)
nvhda64v.sys        Tue May 16 09:02:27 2017 (591AF863)
nvlddmkm.sys        Tue Jun 27 16:00:30 2017 (5952B95E)
mwac.sys            Thu Sep  7 12:04:06 2017 (59B16DF6)
mbam.sys            Thu Oct 12 11:23:13 2017 (59DF88E1)
mbamswissarmy.sys   Fri Oct 13 14:58:51 2017 (59E10CEB)
MbamChameleon.sys   Mon Oct 30 12:34:36 2017 (59F7549C)


MpKsl4721e23c.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=MBfilt64.sys
http://www.carrona.org/drivers/driver.php?id=amdxata.sys
http://www.carrona.org/drivers/driver.php?id=VClone.sys
http://www.carrona.org/drivers/driver.php?id=ArcSec.sys
http://www.carrona.org/drivers/driver.php?id=mvxxmm.sys
http://www.carrona.org/drivers/driver.php?id=mvs91xx.sys
http://www.carrona.org/drivers/driver.php?id=iaStor.sys
http://www.carrona.org/drivers/driver.php?id=e1c62x64.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hub.sys
http://www.carrona.org/drivers/driver.php?id=iusb3xhc.sys
http://www.carrona.org/drivers/driver.php?id=iusb3hcs.sys
http://www.carrona.org/drivers/driver.php?id=L1C62x64.sys
http://www.carrona.org/drivers/driver.php?id=cpuz136_x64.sys
http://www.carrona.org/drivers/driver.php?id=iaStorA.sys
http://www.carrona.org/drivers/driver.php?id=iaStorF.sys
http://www.carrona.org/drivers/driver.php?id=TeeDriverx64.sys
http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
http://www.carrona.org/drivers/driver.php?id=ElbyCDIO.sys
http://www.carrona.org/drivers/driver.php?id=AnyDVD.sys
http://www.carrona.org/drivers/driver.php?id=MpFilter.sys
http://www.carrona.org/drivers/driver.php?id=mbae64.sys
http://www.carrona.org/drivers/driver.php?id=nvhda64v.sys
http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
http://www.carrona.org/drivers/driver.php?id=mwac.sys
http://www.carrona.org/drivers/driver.php?id=mbam.sys
http://www.carrona.org/drivers/driver.php?id=mbamswissarmy.sys
http://www.carrona.org/drivers/driver.php?id=MbamChameleon.sys
 

Share this post


Link to post
Share on other sites

While waiting for the BSOD from Driver Verifier, the next step is to start comparing the dumps from both systems looking for the same files in each.
This is the most likely way to find the offending driver - but it's not a 100% certain solution (for example, if the offending driver has exited already, it won't show up in the dumps).=
This also presumes that the cause of the crashes is the same for each system (if it's not, we'd have to expand the driver list to include all drivers listed in each ).

Here's the list (those with different versions aren't as likely to be to blame as those with the same version):



2nd system                                                                                            1st system                        
amdxata.sys        Fri Mar 19 12:18:18 2010 (4BA3A3CA)               amdxata.sys  Fri Mar 19 12:18:18 2010 (4BA3A3CA)                        
cpuz136_x64.sys    Fri May 10 08:42:51 2013 (518CEB4B)           cpuz136_x64.sys  Fri May 10 08:42:51 2013 (518CEB4B)                        
ElbyCDIO.sys       Wed Dec 17 18:30:51 2014 (5492122B)              ElbyCDIO.sys  Mon Mar  4 04:21:51 2013 (513467AF)                        Different version
iaStorA.sys        Thu Aug 1 21:39:52 2013 (51FB0DE8)                    iaStorA.sys  Mon Oct 28 17:15:26 2013 (526ED3EE)                        Different version
iaStorF.sys        Thu Aug 1 21:39:54 2013 (51FB0DEA)                     iaStorF.sys  Mon Oct 28 17:15:28 2013 (526ED3F0)                        Different version
iusb3hcs.sys       Mon May 21 03:23:42 2012 (4FB9ED7E)               iusb3hcs.sys  Fri Feb 22 07:36:29 2013 (5127664D)                        Different version
iusb3hub.sys       Mon May 21 03:21:36 2012 (4FB9ED00)               iusb3hub.sys  Fri Feb 22 07:33:42 2013 (512765A6)                        Different version
iusb3xhc.sys       Mon May 21 03:21:40 2012 (4FB9ED04)               iusb3xhc.sys  Fri Feb 22 07:33:45 2013 (512765A9)                        Different version
mbae64.sys         Wed Jan 11 12:08:00 2017 (58766670)                 mbae64.sys  Wed Jan 11 12:08:00 2017 (58766670)                        
mbam.sys           Thu Oct 12 11:23:13 2017 (59DF88E1)                    mbam.sys  Thu Oct 12 11:23:13 2017 (59DF88E1)                        
MbamChameleon.sys  Mon Oct 30 12:34:36 2017 (59F7549C)        MbamChameleon.sys  Mon Oct 30 12:34:36 2017 (59F7549C)                        
mbamswissarmy.sys  Fri Oct 13 14:58:51 2017 (59E10CEB)             mbamswissarmy.sys  Fri Oct 13 14:58:51 2017 (59E10CEB)                        
MBfilt64.sys       Thu Jul 30 23:40:32 2009 (4A7267B0)                      MBfilt64.sys  Thu Jul 30 23:40:32 2009 (4A7267B0)                        
MpFilter.sys       Mon Aug 8 19:01:17 2016 (57A90F3D)                      MpFilter.sys  Mon Aug  8 19:01:17 2016 (57A90F3D)                        
mwac.sys           Thu Sep 7 12:04:06 2017 (59B16DF6)                        mwac.sys  Thu Sep  7 12:04:06 2017 (59B16DF6)                        
nvhda64v.sys       Tue May 16 09:02:27 2017 (591AF863)                   nvhda64v.sys  Tue May 16 09:02:27 2017 (591AF863)                        
nvlddmkm.sys       Tue Jun 27 16:00:30 2017 (5952B95E)                   nvlddmkm.sys  Wed Aug  9 17:54:13 2017 (598B8485)                        Different version
RTKVHD64.sys       Wed Dec 10 02:53:17 2014 (5487FBED)                RTKVHD64.sys  Tue Sep 25 08:06:24 2012 (50619E40)                        Different version
VClone.sys         Sat Jan 15 11:21:04 2011 (4D31C970)                        VClone.sys  Sun Mar 10 20:49:12 2013 (513D2A08)                        Different version
 

Share this post


Link to post
Share on other sites

Sorry it has taken me so long to reply.  Been dealing with Holiday stuff.

Should I keep Malwarebytes Ransomware & Exploit Protection turned off after I turn Driver Verifier back on, or is it okay to turn those back on?

Also, I notice in the Event Viewer almost every time right before a BSOD there is an Event ID: 3 "Session "Microsoft Security Client OOBE" stopped due to the following error: 0xC000000D""

Not sure if that helps anything, but I thought i'd mention it.

Lastly,  in that list you posted above.  The second driver "cpuz136_x64.sys".  If it belongs to a program called CPUID CPU-Z I can uninstall the program.  I don't use it that often.

Edited by CommonCurt

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.