Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSOD 0xD1


  • Please log in to reply
8 replies to this topic

#1 docfxit

docfxit

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Local time:12:41 AM

Posted 02 June 2016 - 11:05 PM

It would be really great if someone could help me resolve some problems on this laptop.

 

The first problem is I got a BSOD today 0xD1

 

I attached the SysnativeFileCollectionApp  output.

 

I tried running perfmon /report in a CMD prompt (Run as administrator)

and got an error saying: "An error occurred while attempting to generate the report" "The system cannot find the path specified".

 

Running Win7 Ultimate 32bit Installed on a blank HD.

full retail version

CPU Intel Core 2 DUO CPU T7300 @ 2.00GHz

RAM 4.0GB

Lenovo T61 Laptop

 

I ran Driver Verifier.  It locked up on the Welcome screen.  It did not give me a BSOD.

I ran "System Restore" from safe mode.  It still locked up on the Welcome screen.

The system restore didn't bring the system back to booting in normal mode.

I restored the registry from ERDNT backup.  It boots into normal mode now.

I turned off Driver Verifier.

 

I tried running "systeminfo.exe >%USERPROFILE%\Desktop\systeminfo.txt" (without the quotes)

I'm getting an error: Invalid namespace

 

I found some instructions for XP (I'm running Win7) to fix the problem:

net stop winmgmt
del %windir%\system32\Wbem\Repository\*.* /s
net start winmgmt
%windir%\system32\wbem\wbemtest.exe

 

Is that ok to run in Win7?

 

 

Thank you,

 

Docfxit

Attached Files


Edited by docfxit, 03 June 2016 - 01:13 PM.


BC AdBot (Login to Remove)

 


#2 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:03:41 AM

Posted 04 June 2016 - 06:49 PM

Only 271 Windows Update hotfixes installed.  Most systems with SP1 have 350-400 or more.  Please visit Windows Update and get ALL available updates (it may take several trips to get them all).
The actual number is not important.  Rather it's important that you checked manually, installed any available updates, and didn't experience any errors when checking or updating.

These devices have problems in Device Manager:

 

Intel® 82566MM Gigabit Network Connection    PCI\VEN_8086&DEV_1049&SUBSYS_20B917AA&REV_03\3&33FD14CA&0&C8    This device is disabled.
Security Processor Loader Driver    ROOT\LEGACY_SPLDR\0000    This device is not present, is not working properly, or does not have all its drivers installed.
Ricoh Memory Stick Controller    PCI\VEN_1180&DEV_0592&SUBSYS_20CA17AA&REV_11\4&1F10D8AF&0&04F0    Failure using the VxD loader.
WAN Miniport (IPv6)    ROOT\MS_NDISWANIPV6\0000    This device is disabled.
Ricoh SD/MMC Host Controller    PCI\VEN_1180&DEV_0843&SUBSYS_20C917AA&REV_11\4&1F10D8AF&0&03F0    Failure using the VxD loader.
Ricoh xD-Picture Card Controller    PCI\VEN_1180&DEV_0852&SUBSYS_20CB17AA&REV_11\4&1F10D8AF&0&05F0    Failure using the VxD loader.
TeamViewer VPN Adapter    ROOT\NET\0000    This device is disabled.

Please update all of your drivers from the Lenovo support site for your system.

In addition, please ensure that you get ALL available Windows Updates.

Finally, please uninstall TeamViewer.  Then read this article about it:  http://arstechnica.com/security/2016/06/teamviewer-users-are-being-hacked-in-bulk-and-we-still-dont-know-how/

 

It also appears that you have several different firewalls installed.  Please only use 1 firewall at a time - as they can conflict with each other and actually let malicious traffic through.

 

Please remove SpeedFan as one of it's drivers dates from 1997

 

 

Analysis:

The following is for information purposes only. The following information contains the relevant information from the blue screen analysis:

**************************Thu Jun  2 23:30:29.238 2016 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\060216-67829-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible
Built by: 7601.18247.x86fre.win7sp1_gdr.130828-1532
System Uptime:0 days 0:01:46.095
Probably caused by :netbt.sys ( netbt!RemoteHashTimeout+65 )
BugCheck D1, {72636975, 2, 0, 91a92168}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 72636975, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, value 0 = read operation, 1 = write operation
Arg4: 91a92168, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID: 0xD1_netbt!RemoteHashTimeout+65
CPUID:        "Intel® Core™2 Duo CPU     T7300  @ 2.00GHz"
MaxSpeed:     2000
CurrentSpeed: 1995
  BIOS Version                  7LETC6WW (2.26 )
  BIOS Release Date             05/11/2009
  Manufacturer                  LENOVO
  Product Name                  6465CTO
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Thu Jun  2 21:25:16.062 2016 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\060216-70387-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible
Built by: 7601.18247.x86fre.win7sp1_gdr.130828-1532
System Uptime:0 days 0:01:00.794
*** ERROR: Module load completed but symbols could not be loaded for Ntfs.sys
Probably caused by :Ntfs.sys ( Ntfs+15d57 )
BugCheck 44, {88aebd70, eae, 0, 0}
BugCheck Info: MULTIPLE_IRP_COMPLETE_REQUESTS (44)
Arguments:
Arg1: 88aebd70, Address of the IRP
Arg2: 00000eae
Arg3: 00000000
Arg4: 00000000
BUGCHECK_STR:  0x44
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  vsserv.exe
FAILURE_BUCKET_ID: 0x44_Ntfs+15d57
CPUID:        "Intel® Core™2 Duo CPU     T7300  @ 2.00GHz"
MaxSpeed:     2000
CurrentSpeed: 1995
  BIOS Version                  7LETC6WW (2.26 )
  BIOS Release Date             05/11/2009
  Manufacturer                  LENOVO
  Product Name                  6465CTO
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``




3rd Party Drivers:

The following is for information purposes only. My recommendations were given above. The drivers that follow belong to software or devices that were not developed by Microsoft. Any drivers in red should be updated/replaced/removed. You can find links to the driver information and where to update the drivers in the section after the code box:

**************************Thu Jun  2 23:30:29.238 2016 (UTC - 4:00)**************************
giveio.sys                  Wed Apr  3 22:33:25 1996 (316334F5)
psadd.sys                   Mon Feb 19 13:56:45 2007 (45D9F2ED)
lmimirr.sys                 Tue Apr 10 18:32:11 2007 (461C106B)
ibmpmdrv.sys                Thu May 31 05:52:39 2007 (465E9AE7)
SscRdCls.sys                Fri Nov 16 14:58:36 2007 (473DF66C)
VSTCNXT3.SYS                Wed Oct 15 20:29:13 2008 (48F68AD9)
VSTAZL3.SYS                 Wed Oct 15 20:30:03 2008 (48F68B0B)
VSTDPV3.SYS                 Wed Oct 15 20:32:04 2008 (48F68B84)
netw5v32.sys                Thu Mar 26 12:10:37 2009 (49CBA8FD)
SBREdrv.sys                 Wed Apr 22 22:44:08 2009 (49EFD5F8)
ADIHdAud.sys                Mon May 18 13:32:57 2009 (4A119BC9)
intelppm.sys                Mon Jul 13 19:11:03 2009 (4A5BBF07)
intelide.sys                Mon Jul 13 19:11:19 2009 (4A5BBF17)
iaStor.sys                  Fri Aug  7 08:16:56 2009 (4A7C1B38)
iaNvStor.sys                Fri Aug 21 16:47:10 2009 (4A8F07CE)
igdkmd32.sys                Wed Sep 23 15:18:09 2009 (4ABA7471)
amdxata.sys                 Fri Mar 19 12:19:01 2010 (4BA3A3F5)
smiif32.sys                 Tue Sep  7 00:38:35 2010 (4C85C1CB)
speedfan.sys                Fri Mar 18 12:08:45 2011 (4D83838D)
DozeHDD.sys                 Mon Oct 24 06:10:06 2011 (4EA5397E)
Tppwr32v.sys                Mon Nov 28 23:06:46 2011 (4ED45A56)
mv2.sys                     Fri Dec 23 10:05:24 2011 (4EF498B4)
ApsHM86.sys                 Wed Dec 28 08:02:46 2011 (4EFB1376)
Apsx86.sys                  Wed Dec 28 08:11:42 2011 (4EFB158E)
SynTP.sys                   Thu Jul  5 23:34:23 2012 (4FF65CBF)
SscRdBus.sys                Thu Oct  4 13:49:01 2012 (506DCC0D)
pssnap.sys                  Mon Oct 12 10:39:20 2015 (561BC618)
gzflt.sys                   Mon Dec 14 09:43:17 2015 (566ED585)
trufos.sys                  Fri Feb  5 13:09:55 2016 (56B4E573)
bdfwfpf.sys                 Tue Feb  9 07:11:48 2016 (56B9D784)
avc3.sys                    Fri Mar 11 10:15:21 2016 (56E2E109)
vsdatant.sys                Tue Mar 22 00:53:20 2016 (56F0CFC0)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Thu Jun  2 21:25:16.062 2016 (UTC - 4:00)**************************
avckf.sys                   Fri Mar 11 10:18:28 2016 (56E2E1C4)

 

http://www.carrona.org/drivers/driver.php?id=giveio.sys
http://www.carrona.org/drivers/driver.php?id=psadd.sys
http://www.carrona.org/drivers/driver.php?id=lmimirr.sys
http://www.carrona.org/drivers/driver.php?id=ibmpmdrv.sys
http://www.carrona.org/drivers/driver.php?id=SscRdCls.sys
http://www.carrona.org/drivers/driver.php?id=VSTCNXT3.SYS
http://www.carrona.org/drivers/driver.php?id=VSTAZL3.SYS
http://www.carrona.org/drivers/driver.php?id=VSTDPV3.SYS
http://www.carrona.org/drivers/driver.php?id=netw5v32.sys
http://www.carrona.org/drivers/driver.php?id=SBREdrv.sys
http://www.carrona.org/drivers/driver.php?id=ADIHdAud.sys
http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=intelide.sys
http://www.carrona.org/drivers/driver.php?id=iaStor.sys
http://www.carrona.org/drivers/driver.php?id=iaNvStor.sys
http://www.carrona.org/drivers/driver.php?id=igdkmd32.sys
http://www.carrona.org/drivers/driver.php?id=amdxata.sys
http://www.carrona.org/drivers/driver.php?id=smiif32.sys
http://www.carrona.org/drivers/driver.php?id=speedfan.sys
http://www.carrona.org/drivers/driver.php?id=DozeHDD.sys
http://www.carrona.org/drivers/driver.php?id=Tppwr32v.sys
http://www.carrona.org/drivers/driver.php?id=mv2.sys
http://www.carrona.org/drivers/driver.php?id=ApsHM86.sys
http://www.carrona.org/drivers/driver.php?id=Apsx86.sys
http://www.carrona.org/drivers/driver.php?id=SynTP.sys
SscRdBus.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=pssnap.sys
http://www.carrona.org/drivers/driver.php?id=gzflt.sys
http://www.carrona.org/drivers/driver.php?id=trufos.sys
http://www.carrona.org/drivers/driver.php?id=bdfwfpf.sys
http://www.carrona.org/drivers/driver.php?id=avc3.sys
http://www.carrona.org/drivers/driver.php?id=vsdatant.sys
http://www.carrona.org/drivers/driver.php?id=avckf.sys
 


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#3 docfxit

docfxit
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Local time:12:41 AM

Posted 05 June 2016 - 08:24 PM

Thank you for the feedback.

 

I have updated all drivers.

I have removed Teamviewer.

I have removed Speedfan.

I have installed all Windows updates except for 3.  When I install the last 3 they install successfully.  When I reboot I get an error saying: "Failure configuring Windows updates" "Reverting changes"

I tried running SysnativeBSODCollectionApp.  I'm getting an error during it's run saying: "Waiting for SystemInfo" "Error: Invalid namespace".  It keeps repeating the same error.  (Please let the developer know it stays in a loop with this error)

 

So far I have had only one BSOD since updating the drivers and Windows updates.

 

Thank you,

 

Docfxit


Edited by docfxit, 05 June 2016 - 08:55 PM.


#4 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:03:41 AM

Posted 06 June 2016 - 11:53 AM

Please zip up and upload the contents of the C:\Windows\Minidump folder

If you have problem doing this, copy it to your Desktop and zip it up there.


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#5 docfxit

docfxit
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Local time:12:41 AM

Posted 06 June 2016 - 12:53 PM

I have attached 9 mini dumps in the zip file.  All but the last one happened before I finished updating the drivers and the MS security updates.

 

Thanks for looking at them.

 

I forgot to address one item you mentioned.  As far as I know I have only one firewall running.  Bitdefender installed is Antivirus only.  ZoneAlarm installed is a firewall only.  Windows firewall is turned off.  If you see any other filrewalls please let me know.

 

Docfxit

 

Attached File  MinidumpDocfxit2016-06-06.zip   231.1KB   1 downloads


Edited by docfxit, 06 June 2016 - 01:07 PM.


#6 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:03:41 AM

Posted 06 June 2016 - 02:46 PM

bdfwfpf.sys (present in the memory dumps) is a part of the BitDefender firewall

SBREdrv.sys (present in the memory dumps) is a part of the Sunbelt Firewall

vsdatant.sys (present in the memory dumsp) is a part of the Zone Alarm Firewall

 

2 of the memory dumps were the one's that I analyzed earlier.  I did not repeat them.

 

These latest memory dumps blame ZoneAlarm and Bzeek

Please uninstall both of them and then see if that stops the BSOD's

 

If that works, then reinstall Bzeek to see if it works without problems.

Then (after testing Bzeek), try installing ZoneAlarm (if you've gotten rid of the other firewalls) and see if it plays nicely with Bzeek.

 

 

Analysis:

The following is for information purposes only. The following information contains the relevant information from the blue screen analysis:

 

**************************Sun Jun  5 20:20:27.036 2016 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\060516-36831-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible
Built by: 7601.23418.x86fre.win7sp1_ldr.160408-2045
System Uptime:0 days 0:00:36.894
*** WARNING: Unable to verify timestamp for vsdatant.sys
*** ERROR: Module load completed but symbols could not be loaded for vsdatant.sys
Probably caused by :vsdatant.sys ( vsdatant+3fd10 )
BugCheck 19, {3, 8357de10, 70757472, 6174535c}
BugCheck Info: BAD_POOL_HEADER (19)
Arguments:
Arg1: 00000003, the pool freelist is corrupt.
Arg2: 8357de10, the pool entry being checked.
Arg3: 70757472, the read back flink freelist value (should be the same as 2).
Arg4: 6174535c, the read back blink freelist value (should be the same as 2).
BUGCHECK_STR:  0x19_3
PROCESS_NAME:  vsmon.exe
FAILURE_BUCKET_ID: 0x19_3_vsdatant+3fd10
CPUID:        "Intel® Core™2 Duo CPU     T7300  @ 2.00GHz"
MaxSpeed:     2000
CurrentSpeed: 1995
  BIOS Version                  7LETD0WW (2.30 )
  BIOS Release Date             02/27/2012
  Manufacturer                  LENOVO
  Product Name                  6465CTO
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
The rest of the memory dump summaries are hidden in the Spoiler tag below.  Click on "Show" to reveal them.
Spoiler

 




3rd Party Drivers:

The following is for information purposes only. My recommendations were given above. The drivers that follow belong to software or devices that were not developed by Microsoft.  You can find links to the driver information and where to update the drivers in the section after the code box:

**************************Sun Jun  5 20:20:27.036 2016 (UTC - 4:00)**************************
psadd.sys                   Mon Feb 19 13:56:45 2007 (45D9F2ED)
lmimirr.sys                 Tue Apr 10 18:32:11 2007 (461C106B)
ibmpmdrv.sys                Thu May 31 05:52:39 2007 (465E9AE7)
AEAudio.sys                 Fri Jul 13 12:26:10 2007 (4697A7A2)
SscRdCls.sys                Fri Nov 16 14:58:36 2007 (473DF66C)
ADIHdAud.sys                Thu Jan 10 14:10:11 2008 (47866D93)
VSTCNXT3.SYS                Wed Oct 15 20:29:13 2008 (48F68AD9)
VSTAZL3.SYS                 Wed Oct 15 20:30:03 2008 (48F68B0B)
VSTDPV3.SYS                 Wed Oct 15 20:32:04 2008 (48F68B84)
netw5v32.sys                Thu Mar 26 12:10:37 2009 (49CBA8FD)
SBREdrv.sys                 Wed Apr 22 22:44:08 2009 (49EFD5F8)
risdptsk.sys                Fri Jun 12 01:59:12 2009 (4A31EEB0)
intelppm.sys                Mon Jul 13 19:11:03 2009 (4A5BBF07)
intelide.sys                Mon Jul 13 19:11:19 2009 (4A5BBF17)
iaStor.sys                  Fri Aug  7 08:16:56 2009 (4A7C1B38)
iaNvStor.sys                Fri Aug 21 16:47:10 2009 (4A8F07CE)
rimmptsk.sys                Mon Sep  7 05:00:27 2009 (4AA4CBAB)
rimsptsk.sys                Mon Sep 14 23:36:16 2009 (4AAF0BB0)
rixdptsk.sys                Tue Sep 15 00:30:06 2009 (4AAF184E)
amdxata.sys                 Fri Mar 19 12:19:01 2010 (4BA3A3F5)
igdkmd32.sys                Tue Jul 13 18:23:08 2010 (4C3CE74C)
smiif32.sys                 Tue Sep  7 00:38:35 2010 (4C85C1CB)
DozeHDD.sys                 Mon Oct 24 06:10:06 2011 (4EA5397E)
Tppwr32v.sys                Mon Nov 28 23:06:46 2011 (4ED45A56)
mv2.sys                     Fri Dec 23 10:05:24 2011 (4EF498B4)
ApsHM86.sys                 Wed Dec 28 08:02:46 2011 (4EFB1376)
Apsx86.sys                  Wed Dec 28 08:11:42 2011 (4EFB158E)
SynTP.sys                   Thu Jul  5 23:34:23 2012 (4FF65CBF)
SscRdBus.sys                Thu Oct  4 13:49:01 2012 (506DCC0D)
pssnap.sys                  Mon Oct 12 10:39:20 2015 (561BC618)
gzflt.sys                   Mon Dec 14 09:43:17 2015 (566ED585)
trufos.sys                  Fri Feb  5 13:09:55 2016 (56B4E573)
bdfwfpf.sys                 Tue Feb  9 07:11:48 2016 (56B9D784)
SbieDrv.sys                 Fri Feb 26 13:17:11 2016 (56D096A7)
avc3.sys                    Fri Mar 11 10:15:21 2016 (56E2E109)
avckf.sys                   Fri Mar 11 10:18:28 2016 (56E2E1C4)
vsdatant.sys                Tue Mar 22 00:53:20 2016 (56F0CFC0)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Jun  5 18:10:40.353 2016 (UTC - 4:00)**************************
giveio.sys                  Wed Apr  3 22:33:25 1996 (316334F5)
speedfan.sys                Fri Mar 18 12:08:45 2011 (4D83838D)
bzeek.sys                   Sun Jun 24 10:58:13 2012 (4FE72B05)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sat Jun  4 20:26:03.366 2016 (UTC - 4:00)**************************
ADIHdAud.sys                Mon May 18 13:32:57 2009 (4A119BC9)
igdkmd32.sys                Wed Sep 23 15:18:09 2009 (4ABA7471)

http://www.carrona.org/drivers/driver.php?id=psadd.sys
http://www.carrona.org/drivers/driver.php?id=lmimirr.sys
http://www.carrona.org/drivers/driver.php?id=ibmpmdrv.sys
http://www.carrona.org/drivers/driver.php?id=AEAudio.sys
http://www.carrona.org/drivers/driver.php?id=SscRdCls.sys
http://www.carrona.org/drivers/driver.php?id=ADIHdAud.sys
http://www.carrona.org/drivers/driver.php?id=VSTCNXT3.SYS
http://www.carrona.org/drivers/driver.php?id=VSTAZL3.SYS
http://www.carrona.org/drivers/driver.php?id=VSTDPV3.SYS
http://www.carrona.org/drivers/driver.php?id=netw5v32.sys
http://www.carrona.org/drivers/driver.php?id=SBREdrv.sys
http://www.carrona.org/drivers/driver.php?id=risdptsk.sys
http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=intelide.sys
http://www.carrona.org/drivers/driver.php?id=iaStor.sys
http://www.carrona.org/drivers/driver.php?id=iaNvStor.sys
http://www.carrona.org/drivers/driver.php?id=rimmptsk.sys
http://www.carrona.org/drivers/driver.php?id=rimsptsk.sys
http://www.carrona.org/drivers/driver.php?id=rixdptsk.sys
http://www.carrona.org/drivers/driver.php?id=amdxata.sys
http://www.carrona.org/drivers/driver.php?id=igdkmd32.sys
http://www.carrona.org/drivers/driver.php?id=smiif32.sys
http://www.carrona.org/drivers/driver.php?id=DozeHDD.sys
http://www.carrona.org/drivers/driver.php?id=Tppwr32v.sys
http://www.carrona.org/drivers/driver.php?id=mv2.sys
http://www.carrona.org/drivers/driver.php?id=ApsHM86.sys
http://www.carrona.org/drivers/driver.php?id=Apsx86.sys
http://www.carrona.org/drivers/driver.php?id=SynTP.sys
SscRdBus.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=pssnap.sys
http://www.carrona.org/drivers/driver.php?id=gzflt.sys
http://www.carrona.org/drivers/driver.php?id=trufos.sys
http://www.carrona.org/drivers/driver.php?id=bdfwfpf.sys
http://www.carrona.org/drivers/driver.php?id=SbieDrv.sys
http://www.carrona.org/drivers/driver.php?id=avc3.sys
http://www.carrona.org/drivers/driver.php?id=avckf.sys
http://www.carrona.org/drivers/driver.php?id=vsdatant.sys
http://www.carrona.org/drivers/driver.php?id=giveio.sys
http://www.carrona.org/drivers/driver.php?id=speedfan.sys
bzeek.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=ADIHdAud.sys
http://www.carrona.org/drivers/driver.php?id=igdkmd32.sys
 


Edited by usasma, 06 June 2016 - 02:48 PM.

My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#7 docfxit

docfxit
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Local time:12:41 AM

Posted 06 June 2016 - 03:22 PM

Thank you very much for your findings.

 

I had no idea Bzeek was on this computer.  I have done a search on this computer for Bzeek, Bzeek.exe, uninstallbzeek.exe.

I found C:\Windows\System32\drivers\bzeek.sys

and C:\Windows\System32\DriverStore\FileRepository\oem_no_drivermax.inf_x86_neutral_43a9cc4ed60534ab\bzeek.sys

I found 12 items in the registry relating to bzeek.sys

 

I didn't find any services called bzeek.sys

I didn't find any folders called bzeek.

 

I have removed all registry items and bzeek.sys from both locations.

 

I had no idea Sunbelt Firewall was on this computer.  I have done a search on this computer for SBREdrv.sys, SBREdrv.

I found C:\Windows\System32\drivers\sbredrv.sys

I found items in the registry relating to sbredrv.sys and sbre

 

I didn't find any services called sbredrv.sys

I didn't find any folders called sbre

 

I have removed all registry items and sbredrv.sys.

 

I will get back to you with the rest of my findings.

 

Thanks,

 

Docfxit


Edited by docfxit, 06 June 2016 - 04:16 PM.


#8 docfxit

docfxit
  • Topic Starter

  • Members
  • 115 posts
  • OFFLINE
  •  
  • Local time:12:41 AM

Posted 07 June 2016 - 11:03 AM

I found the wireless network driver was from Bzeek.  I Uninstalled it and installed the latest driver from Lenovo.  I now have a yellow exclamation on both the wireless and the local area network. I don't know how to fix that.

 

I repaired the WMI.  System Information and SysnativeFileCollectionApp is now working. 

 

I received another BSOD 0x19.  Please let me know what is in conflict now.

 

Thank you,

 

Docfxit

 

Attached File  SysnativeFileCollectionAppJeffLT2016-06-07.zip   1.63MB   1 downloads



#9 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:03:41 AM

Posted 07 June 2016 - 06:35 PM

I'm wondering if it would be to your benefit just to backup your stuff, wipe the hard drive, and start over with a fresh copy of Windows.

Depending on how Bzeek and Sunbelt store stuff in the file system and registry, we could spend weeks/months ferreting out their remnants.

 

As I noted before (and asked before), the memory dumps blame ZoneAlarm.  Please uninstall it.

Be sure that you enable the Windows firewall while testing.

 

Analysis:

The following is for information purposes only. The following information contains the relevant information from the blue screen analysis:

**************************Tue Jun  7 11:37:32.168 2016 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\060716-38126-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible
Built by: 7601.23418.x86fre.win7sp1_ldr.160408-2045
System Uptime:0 days 0:01:31.901
*** WARNING: Unable to verify timestamp for vsdatant.sys
*** ERROR: Module load completed but symbols could not be loaded for vsdatant.sys
Probably caused by :vsdatant.sys ( vsdatant+3fd10 )
BugCheck 19, {3, 83584d08, 832a7075, 74726174}
BugCheck Info: BAD_POOL_HEADER (19)
Arguments:
Arg1: 00000003, the pool freelist is corrupt.
Arg2: 83584d08, the pool entry being checked.
Arg3: 832a7075, the read back flink freelist value (should be the same as 2).
Arg4: 74726174, the read back blink freelist value (should be the same as 2).
BUGCHECK_STR:  0x19_3
PROCESS_NAME:  vsmon.exe
FAILURE_BUCKET_ID: 0x19_3_vsdatant+3fd10
CPUID:        "Intel® Core™2 Duo CPU     T7300  @ 2.00GHz"
MaxSpeed:     2000
CurrentSpeed: 1995
  BIOS Version                  7LETD0WW (2.30 )
  BIOS Release Date             02/27/2012
  Manufacturer                  LENOVO
  Product Name                  6465CTO
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Tue Jun  7 11:34:53.707 2016 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\060716-38360-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible
Built by: 7601.23418.x86fre.win7sp1_ldr.160408-2045
System Uptime:0 days 0:01:26.564
*** ERROR: Module load completed but symbols could not be loaded for volsnap.sys
*** ERROR: Module load completed but symbols could not be loaded for Ntfs.sys
Probably caused by :rdyboost.sys ( rdyboost!SmAlloc+13 )
BugCheck 19, {3, 8357e930, 8357e930, 0}
BugCheck Info: BAD_POOL_HEADER (19)
Arguments:
Arg1: 00000003, the pool freelist is corrupt.
Arg2: 8357e930, the pool entry being checked.
Arg3: 8357e930, the read back flink freelist value (should be the same as 2).
Arg4: 00000000, the read back blink freelist value (should be the same as 2).
BUGCHECK_STR:  0x19_3
PROCESS_NAME:  vsserv.exe
FAILURE_BUCKET_ID: 0x19_3_rdyboost!SmAlloc+13
CPUID:        "Intel® Core™2 Duo CPU     T7300  @ 2.00GHz"
MaxSpeed:     2000
CurrentSpeed: 1995
  BIOS Version                  7LETD0WW (2.30 )
  BIOS Release Date             02/27/2012
  Manufacturer                  LENOVO
  Product Name                  6465CTO
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Tue Jun  7 03:17:59.010 2016 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\060716-38282-01.dmp]
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible
Built by: 7601.23418.x86fre.win7sp1_ldr.160408-2045
System Uptime:0 days 0:00:43.867
*** WARNING: Unable to verify timestamp for vsdatant.sys
*** ERROR: Module load completed but symbols could not be loaded for vsdatant.sys
Probably caused by :vsdatant.sys ( vsdatant+3fd10 )
BugCheck 19, {3, 83555a10, 832a7075, 74726174}
BugCheck Info: BAD_POOL_HEADER (19)
Arguments:
Arg1: 00000003, the pool freelist is corrupt.
Arg2: 83555a10, the pool entry being checked.
Arg3: 832a7075, the read back flink freelist value (should be the same as 2).
Arg4: 74726174, the read back blink freelist value (should be the same as 2).
BUGCHECK_STR:  0x19_3
PROCESS_NAME:  vsmon.exe
FAILURE_BUCKET_ID: 0x19_3_vsdatant+3fd10
CPUID:        "Intel® Core™2 Duo CPU     T7300  @ 2.00GHz"
MaxSpeed:     2000
CurrentSpeed: 1995
  BIOS Version                  7LETD0WW (2.30 )
  BIOS Release Date             02/27/2012
  Manufacturer                  LENOVO
  Product Name                  6465CTO
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``




3rd Party Drivers:

The following is for information purposes only. My recommendations were given above. The drivers that follow belong to software or devices that were not developed by Microsoft.  You can find links to the driver information and where to update the drivers in the section after the code box:

**************************Tue Jun  7 11:37:32.168 2016 (UTC - 4:00)**************************
psadd.sys                   Mon Feb 19 13:56:45 2007 (45D9F2ED)
lmimirr.sys                 Tue Apr 10 18:32:11 2007 (461C106B)
ibmpmdrv.sys                Thu May 31 05:52:39 2007 (465E9AE7)
AEAudio.sys                 Fri Jul 13 12:26:10 2007 (4697A7A2)
SscRdCls.sys                Fri Nov 16 14:58:36 2007 (473DF66C)
ADIHdAud.sys                Thu Jan 10 14:10:11 2008 (47866D93)
VSTCNXT3.SYS                Wed Oct 15 20:29:13 2008 (48F68AD9)
VSTAZL3.SYS                 Wed Oct 15 20:30:03 2008 (48F68B0B)
VSTDPV3.SYS                 Wed Oct 15 20:32:04 2008 (48F68B84)
risdptsk.sys                Fri Jun 12 01:59:12 2009 (4A31EEB0)
intelppm.sys                Mon Jul 13 19:11:03 2009 (4A5BBF07)
intelide.sys                Mon Jul 13 19:11:19 2009 (4A5BBF17)
iaStor.sys                  Fri Aug  7 08:16:56 2009 (4A7C1B38)
iaNvStor.sys                Fri Aug 21 16:47:10 2009 (4A8F07CE)
rimmptsk.sys                Mon Sep  7 05:00:27 2009 (4AA4CBAB)
rimsptsk.sys                Mon Sep 14 23:36:16 2009 (4AAF0BB0)
rixdptsk.sys                Tue Sep 15 00:30:06 2009 (4AAF184E)
amdxata.sys                 Fri Mar 19 12:19:01 2010 (4BA3A3F5)
igdkmd32.sys                Tue Jul 13 18:23:08 2010 (4C3CE74C)
smiif32.sys                 Tue Sep  7 00:38:35 2010 (4C85C1CB)
DozeHDD.sys                 Mon Oct 24 06:10:06 2011 (4EA5397E)
Tppwr32v.sys                Mon Nov 28 23:06:46 2011 (4ED45A56)
mv2.sys                     Fri Dec 23 10:05:24 2011 (4EF498B4)
ApsHM86.sys                 Wed Dec 28 08:02:46 2011 (4EFB1376)
Apsx86.sys                  Wed Dec 28 08:11:42 2011 (4EFB158E)
SynTP.sys                   Thu Jul  5 23:34:23 2012 (4FF65CBF)
SscRdBus.sys                Thu Oct  4 13:49:01 2012 (506DCC0D)
pwdrvio.sys                 Wed Jun 18 20:57:18 2014 (53A2356E)
pssnap.sys                  Mon Oct 12 10:39:20 2015 (561BC618)
gzflt.sys                   Mon Dec 14 09:43:17 2015 (566ED585)
trufos.sys                  Fri Feb  5 13:09:55 2016 (56B4E573)
bdfwfpf.sys                 Tue Feb  9 07:11:48 2016 (56B9D784)
SbieDrv.sys                 Fri Feb 26 13:17:11 2016 (56D096A7)
avc3.sys                    Fri Mar 11 10:15:21 2016 (56E2E109)
avckf.sys                   Fri Mar 11 10:18:28 2016 (56E2E1C4)
vsdatant.sys                Tue Mar 22 00:53:20 2016 (56F0CFC0)

 

http://www.carrona.org/drivers/driver.php?id=psadd.sys
http://www.carrona.org/drivers/driver.php?id=lmimirr.sys
http://www.carrona.org/drivers/driver.php?id=ibmpmdrv.sys
http://www.carrona.org/drivers/driver.php?id=AEAudio.sys
http://www.carrona.org/drivers/driver.php?id=SscRdCls.sys
http://www.carrona.org/drivers/driver.php?id=ADIHdAud.sys
http://www.carrona.org/drivers/driver.php?id=VSTCNXT3.SYS
http://www.carrona.org/drivers/driver.php?id=VSTAZL3.SYS
http://www.carrona.org/drivers/driver.php?id=VSTDPV3.SYS
http://www.carrona.org/drivers/driver.php?id=risdptsk.sys
http://www.carrona.org/drivers/driver.php?id=intelppm.sys
http://www.carrona.org/drivers/driver.php?id=intelide.sys
http://www.carrona.org/drivers/driver.php?id=iaStor.sys
http://www.carrona.org/drivers/driver.php?id=iaNvStor.sys
http://www.carrona.org/drivers/driver.php?id=rimmptsk.sys
http://www.carrona.org/drivers/driver.php?id=rimsptsk.sys
http://www.carrona.org/drivers/driver.php?id=rixdptsk.sys
http://www.carrona.org/drivers/driver.php?id=amdxata.sys
http://www.carrona.org/drivers/driver.php?id=igdkmd32.sys
http://www.carrona.org/drivers/driver.php?id=smiif32.sys
http://www.carrona.org/drivers/driver.php?id=DozeHDD.sys
http://www.carrona.org/drivers/driver.php?id=Tppwr32v.sys
http://www.carrona.org/drivers/driver.php?id=mv2.sys
http://www.carrona.org/drivers/driver.php?id=ApsHM86.sys
http://www.carrona.org/drivers/driver.php?id=Apsx86.sys
http://www.carrona.org/drivers/driver.php?id=SynTP.sys
SscRdBus.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=pwdrvio.sys
http://www.carrona.org/drivers/driver.php?id=pssnap.sys
http://www.carrona.org/drivers/driver.php?id=gzflt.sys
http://www.carrona.org/drivers/driver.php?id=trufos.sys
http://www.carrona.org/drivers/driver.php?id=bdfwfpf.sys
http://www.carrona.org/drivers/driver.php?id=SbieDrv.sys
http://www.carrona.org/drivers/driver.php?id=avc3.sys
http://www.carrona.org/drivers/driver.php?id=avckf.sys
http://www.carrona.org/drivers/driver.php?id=vsdatant.sys
 


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users