Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

0xd1 bsod while idle


  • Please log in to reply
4 replies to this topic

#1 osuka_

osuka_

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 17 July 2017 - 08:31 PM

Hi

 

I've been randomly getting bsods for three days now - a couple were when the system was idle, some were out of the blue (ha) and the rest were right after rebooting because of a previous bsod, immediately after getting to desktop (and opening a browser). The timing of the last two is also very intriguing; here's a screenshot of bluescreenview:

Attached File  ss+(2017-07-17+at+10.27.47).png   164.49KB   0 downloads

 

Here's my Speccy snapshot. Have fun with it.

Attached Files



BC AdBot (Login to Remove)

 


#2 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:09:55 PM

Posted 18 July 2017 - 05:32 AM

Please run Driver Verifier according to these instructions:  http://www.carrona.org/verifier.html

 

Your UEFI/BIOS (version 2601) dates from 2015.  Please check at the manufacturer's website to see if there are any UEFI/BIOS updates available for your system.  If you are able to install the update through Windows (without booting from an external drive), then go ahead and update it.  WARNING - if the computer might shut down during this procedure, please don't do it, as this may physically damage the computer and prevent it from booting.
FYI - W8 and W10 communicate more with the UEFI/BIOS than previous versions of Windows, so it's important to ensure that the UEFI/BIOS is kept up to date (and the outdated UEFI/BIOS' may be the cause of some compatibility issues).

Only 10 Windows Update hotfixes installed.  Most build 14393 (1607) systems have more than this.  Please visit Windows Update and get ALL available Windows Updates.
The actual number is not important.  Rather it's important that you checked manually, installed any available updates, and didn't experience any errors when checking or updating.

All of these devices are disabled in Device Manager.  Disabled devices still load drivers when Windows starts.  I suggest either enabling them and then updating the drivers - or uninstalling them and physically removing any hardware that might be related to them.  If the hardware isn't removable, try disabling it in the BIOS/UEFI, that'll prevent the drivers from loading at boot.

 

Npcap Loopback Adapter    ROOT\NET\0000    This device is disabled.
LogMeIn Hamachi Virtual Ethernet Adapter    ROOT\NET\0001    This device is disabled.
TAP-Windows Adapter V9    ROOT\NET\0002    This device is disabled.
Kaspersky Security Data Escort Adapter    ROOT\NET\0003    This device is disabled.
VirtualBox Host-Only Ethernet Adapter #3    ROOT\NET\0004    This device is disabled.
Qualcomm Atheros AR9287 Wireless Network Adapter    PCI\VEN_168C&DEV_002E&SUBSYS_30A4168C&REV_01\6&6C519EF&0&002800E3    This device is disabled.
Intel® Ethernet Connection (2) I218-V    PCI\VEN_8086&DEV_15A1&SUBSYS_85C41043&REV_00\3&11583659&0&C8    This device is disabled.

 

MSI Afterburner (along with EVGA Precision and Riva Tuner) are known to cause BSOD's in some Windows systems (it's driver is usually RTCore64.sys).  Please un-install them immediately!

If you're overclocking, please stop the overclock while we're troubleshooting.  Feel free to resume the overclock once the system has been stabilized.

I have seen problems with Corsair Link in the past.  Please uninstall it while we're testing.

 

The memory dumps seem to revolve around networking drivers - as such, it's very important to update all of your networking drivers (wired, wireless, and bluetooth).

 

lease update these older drivers.  Links are provided in order to assist you with looking up the source of the drivers.  
If unable to find an update, please uninstall the program that is responsible for that driver.  

DO NOT manually delete/rename the driver as it may make the system unbootable!!!:

synusb64.sys                Fri Jun 26 09:30:11 2009 (4A44CD63)
Suyin USB 2.0 Webcam driver[br]Also found in Steinberg eLicenser software Suyin Webcam:  OEM - none at http://www.suyin.com/ r http://www.sonix.com.tw/sonix/downloads.do/[br]eLicenser here:  https://www.steinberg.net/en/support/productactivation/soft_elicenser.html and at http://www.elicenser.net/en/latest_downloads.html
http://www.carrona.org/drivers/driver.php?id=synusb64.sys
 
SiLib.sys                   Thu Jul 15 18:08:26 2010 (4C3F86DA)
USBXpress Development Kit http://www.silabs.com/SUPPORT/Pages/default.aspx
http://www.carrona.org/drivers/driver.php?id=SiLib.sys
 
SiUSBXp.sys                 Thu Jul 15 18:27:13 2010 (4C3F8B41)
Silicone Labs USBXpress Development Kit http://www.silabs.com/SUPPORT/Pages/default.aspx
http://www.carrona.org/drivers/driver.php?id=SiUSBXp.sys
 
PxHlpa64.sys                Tue Apr 24 13:26:29 2012 (4F96E245)
Sonic CD/DVD driver (used by many different CD/DVD programs) http://www.carrona.org/pxhelp20.html lists some of the programs that it's used in.
http://www.carrona.org/drivers/driver.php?id=PxHlpa64.sys
 
tsvadpcm.sys                Sun Aug  5 09:24:11 2012 (501E73FB)
 Most likely this is a Telestream Virtual Audio Device
tsvadpcm.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
 
AsIO.sys                    Wed Aug 22 05:54:47 2012 (5034AC67) - don't worry if you can't find an update for this one
Asus PCProbe Utility http://support.asus.com/download/download.aspx
http://www.carrona.org/drivers/driver.php?id=AsIO.sys
 
speedfan.sys                Sat Dec 29 15:59:35 2012 (50DF59B7)
SpeedFan http://www.almico.com/sfdownload.php
http://www.carrona.org/drivers/driver.php?id=speedfan.sys
 
npf.sys                     Thu Feb 28 20:31:24 2013 (513004EC)
NetGroup Packet Filter Driver, part of the WinPcap packet capture library (list of programs that use it: http://www.winpcap.org/misc/links.htm )     [br]          [br]    Also believed to be associated with Netgear's "NETGEARGenie", related to Netgear's router firmware     [br]          [br]     If Netgear, you will likely find wpcap.dll and packet.dll in \system32 WinPcap -
http://www.carrona.org/drivers/driver.php?id=npf.sys
 
ScpVBus.sys                 Sun May  5 17:31:26 2013 (5186CFAE)
Scarlet.Crush Productions Scp Dual Shock 3 Virtual Bus Driver http://forums.pcsx2.net/Thread-XInput-Wrapper-for-DS3-and-Play-com-USB-Dual-DS2-Controller?pid=186161#pid186161
http://www.carrona.org/drivers/driver.php?id=ScpVBus.sys
 
semav6msr64.sys             Fri Jan 24 14:22:40 2014 (52E2BD80)
SEMA Software Driver Download () - http://sema-soft.com/en/start.php
http://www.carrona.org/drivers/driver.php?id=semav6msr64.sys
 
VClone.sys                  Sat May  3 12:53:40 2014 (53651F14)
VirtualCloneCD Driver by Elaborate Bytes AG http://www.elby.de/products/clone_dvd/index.html
http://www.carrona.org/drivers/driver.php?id=VClone.sys
 
ElbyCDIO.sys                Wed Dec 17 18:30:51 2014 (5492122B)
CDRTools/ElbyCDIO/DVD Region Killer/VirtualCloneDrive (elby CloneDVD™ 2)/AnyDVD http://cdrecord.berlios.de/private/cdrecord.html AnyDVD here:  http://www.slysoft.com/en/support.html
http://www.carrona.org/drivers/driver.php?id=ElbyCDIO.sys
 
cmudaxp.sys                 Tue Jun  2 05:11:20 2015 (556D7338)
C-Media Audio Interface Driver (WDM) by C-Media [br] ASUS Xonar DG Audio Interface driver [br] HTO CLARO Audio Interface Driver http://www.cmedia.com.tw/EN/DownloadCenter_Detail.aspx?pserno=0&dtype=ALL [br] http://support.asus.com/download/download.aspx [br] http://www.htomega.com/downloads.html
http://www.carrona.org/drivers/driver.php?id=cmudaxp.sys
 
klmouflt.sys                Tue Jun  2 08:36:12 2015 (556DA33C)
KLMOUFLT Mouse Device Filter [fre_wlh_x86] (Kaspersky) Support: http://usa.kaspersky.com/support [br]Downloads: http://usa.kaspersky.com/downloads [br]Unable to get links from the Global website - sorry!
http://www.carrona.org/drivers/driver.php?id=klmouflt.sys
 
TeeDriverW8x64.sys          Tue Jul  7 13:43:32 2015 (559C0FC4)
Intel Management Engine Interface (MEI) driver OEM or http://downloadcenter.intel.com[br][br]Installation instructions - http://www.sysnative.com/forums/windows-10-a/18573-windows-10-error-0x800f081f-source-file-not-found.html#post144391
http://www.carrona.org/drivers/driver.php?id=TeeDriverW8x64.sys
 
Beyond that, we'll wait for the results of the Driver Verifier testing and will move on from there.

Good luck!


Analysis:
The following is for information purposes only.
The following information contains the relevant information from the blue screen analysis:
**************************Mon Jul 17 20:14:12.404 2017 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\071717-95687-01.dmp]
Windows 10 Kernel Version 14393 MP (8 procs) Free x64
Built by: 14393.1480.amd64fre.rs1_release.170706-2004
System Uptime:0 days 23:20:28.076
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by :memory_corruption
BugCheck D1, {200000004, 2, 8, 200000004}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000200000004, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000008, value 0 = read operation, 1 = write operation
Arg4: 0000000200000004, address which referenced memory
PROCESS_NAME:  System
BUGCHECK_STR:  AV
DEFAULT_BUCKET_ID:  CODE_CORRUPTION
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
CPUID:        "Intel® Core™ i7-4770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3506
  BIOS Version                  2601
  BIOS Release Date             08/18/2015
  Manufacturer                  ASUS
  Baseboard Manufacturer        ASUSTeK COMPUTER INC.
  Product Name                  All Series
  Baseboard Product             SABERTOOTH Z97 MARK 1/USB 3.1
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Jul 16 20:14:12.216 2017 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\071617-73343-01.dmp]
Windows 10 Kernel Version 14393 MP (8 procs) Free x64
Built by: 14393.1480.amd64fre.rs1_release.170706-2004
System Uptime:0 days 2:16:09.887
Probably caused by :NETIO.SYS ( NETIO!WfpInetInspectInjectReceive+bf )
BugCheck D1, {200000004, 2, 8, 200000004}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000200000004, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000008, value 0 = read operation, 1 = write operation
Arg4: 0000000200000004, address which referenced memory
PROCESS_NAME:  System
BUGCHECK_STR:  AV
DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT
FAILURE_BUCKET_ID: AV_CODE_AV_BAD_IP_NETIO!WfpInetInspectInjectReceive
CPUID:        "Intel® Core™ i7-4770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3506
  BIOS Version                  2601
  BIOS Release Date             08/18/2015
  Manufacturer                  ASUS
  Baseboard Manufacturer        ASUSTeK COMPUTER INC.
  Product Name                  All Series
  Baseboard Product             SABERTOOTH Z97 MARK 1/USB 3.1
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sun Jul 16 17:56:03.525 2017 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\071617-89140-01.dmp]
Windows 10 Kernel Version 14393 MP (8 procs) Free x64
Built by: 14393.1480.amd64fre.rs1_release.170706-2004
System Uptime:0 days 5:01:50.197
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by :memory_corruption
BugCheck D1, {200000004, 2, 8, 200000004}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000200000004, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000008, value 0 = read operation, 1 = write operation
Arg4: 0000000200000004, address which referenced memory
PROCESS_NAME:  System
BUGCHECK_STR:  AV
DEFAULT_BUCKET_ID:  CODE_CORRUPTION
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
CPUID:        "Intel® Core™ i7-4770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3506
  BIOS Version                  2601
  BIOS Release Date             08/18/2015
  Manufacturer                  ASUS
  Baseboard Manufacturer        ASUSTeK COMPUTER INC.
  Product Name                  All Series
  Baseboard Product             SABERTOOTH Z97 MARK 1/USB 3.1
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sat Jul 15 17:53:31.170 2017 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\071517-15484-01.dmp]
Windows 10 Kernel Version 14393 MP (8 procs) Free x64
Built by: 14393.1480.amd64fre.rs1_release.170706-2004
System Uptime:0 days 0:06:04.842
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by :memory_corruption
BugCheck D1, {200000004, 2, 8, 200000004}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000200000004, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000008, value 0 = read operation, 1 = write operation
Arg4: 0000000200000004, address which referenced memory
PROCESS_NAME:  System
BUGCHECK_STR:  AV
DEFAULT_BUCKET_ID:  CODE_CORRUPTION
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
CPUID:        "Intel® Core™ i7-4770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3506
  BIOS Version                  2601
  BIOS Release Date             08/18/2015
  Manufacturer                  ASUS
  Baseboard Manufacturer        ASUSTeK COMPUTER INC.
  Product Name                  All Series
  Baseboard Product             SABERTOOTH Z97 MARK 1/USB 3.1
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sat Jul 15 17:46:33.079 2017 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\071517-19671-01.dmp]
Windows 10 Kernel Version 14393 MP (8 procs) Free x64
Built by: 14393.1480.amd64fre.rs1_release.170706-2004
System Uptime:0 days 0:00:59.751
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by :memory_corruption
BugCheck D1, {200000004, 2, 8, 200000004}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000200000004, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000008, value 0 = read operation, 1 = write operation
Arg4: 0000000200000004, address which referenced memory
PROCESS_NAME:  System
BUGCHECK_STR:  AV
DEFAULT_BUCKET_ID:  CODE_CORRUPTION
FAILURE_BUCKET_ID: MEMORY_CORRUPTION_LARGE
CPUID:        "Intel® Core™ i7-4770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3506
  BIOS Version                  2601
  BIOS Release Date             08/18/2015
  Manufacturer                  ASUS
  Baseboard Manufacturer        ASUSTeK COMPUTER INC.
  Product Name                  All Series
  Baseboard Product             SABERTOOTH Z97 MARK 1/USB 3.1
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sat Jul 15 17:44:15.540 2017 (UTC - 4:00)**************************
Loading Dump File [C:\Users\john\SysnativeBSODApps\071517-21468-01.dmp]
Windows 10 Kernel Version 14393 MP (8 procs) Free x64
Built by: 14393.1480.amd64fre.rs1_release.170706-2004
System Uptime:0 days 5:59:23.213
Probably caused by :NETIO.SYS ( NETIO!WfpInetInspectInjectReceive+bf )
BugCheck D1, {200000004, 2, 8, 200000004}
BugCheck Info: DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
Arguments:
Arg1: 0000000200000004, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000008, value 0 = read operation, 1 = write operation
Arg4: 0000000200000004, address which referenced memory
PROCESS_NAME:  System
BUGCHECK_STR:  AV
DEFAULT_BUCKET_ID:  WIN8_DRIVER_FAULT
FAILURE_BUCKET_ID: AV_CODE_AV_BAD_IP_NETIO!WfpInetInspectInjectReceive
CPUID:        "Intel® Core™ i7-4770K CPU @ 3.50GHz"
MaxSpeed:     3500
CurrentSpeed: 3506
  BIOS Version                  2601
  BIOS Release Date             08/18/2015
  Manufacturer                  ASUS
  Baseboard Manufacturer        ASUSTeK COMPUTER INC.
  Product Name                  All Series
  Baseboard Product             SABERTOOTH Z97 MARK 1/USB 3.1
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``


3rd Party Drivers:
The following is for information purposes only.
My recommendations were given above. The drivers that follow belong to software or devices that were not developed by Microsoft.  You can find links to the driver information and where to update the drivers in the section after the code box:

**************************Mon Jul 17 20:14:12.404 2017 (UTC - 4:00)**************************
synusb64.sys                Fri Jun 26 09:30:11 2009 (4A44CD63)
SiLib.sys                   Thu Jul 15 18:08:26 2010 (4C3F86DA)
SiUSBXp.sys                 Thu Jul 15 18:27:13 2010 (4C3F8B41)
PxHlpa64.sys                Tue Apr 24 13:26:29 2012 (4F96E245)
tsvadpcm.sys                Sun Aug  5 09:24:11 2012 (501E73FB)
AsIO.sys                    Wed Aug 22 05:54:47 2012 (5034AC67)
speedfan.sys                Sat Dec 29 15:59:35 2012 (50DF59B7)
npf.sys                     Thu Feb 28 20:31:24 2013 (513004EC)
ScpVBus.sys                 Sun May  5 17:31:26 2013 (5186CFAE)
semav6msr64.sys             Fri Jan 24 14:22:40 2014 (52E2BD80)
VClone.sys                  Sat May  3 12:53:40 2014 (53651F14)
ElbyCDIO.sys                Wed Dec 17 18:30:51 2014 (5492122B)
cmudaxp.sys                 Tue Jun  2 05:11:20 2015 (556D7338)
klmouflt.sys                Tue Jun  2 08:36:12 2015 (556DA33C)
TeeDriverW8x64.sys          Tue Jul  7 13:43:32 2015 (559C0FC4)
ssdevfactory.sys            Thu Sep 24 21:12:39 2015 (56049F87)
iaStorA.sys                 Wed Nov  4 05:27:49 2015 (5639DDA5)
kldisk.sys                  Fri Dec 25 02:47:51 2015 (567CF4A7)
rt640x64.sys                Thu Jan 21 03:17:40 2016 (56A09424)
cpuz139_x64.sys             Wed Jan 27 04:18:15 2016 (56A88B57)
kl1.sys                     Fri Apr  1 10:20:28 2016 (56FE83AC)
klpd.sys                    Mon Apr 11 10:25:19 2016 (570BB3CF)
klbackupdisk.sys            Fri Apr 22 09:25:48 2016 (571A265C)
klkbdflt.sys                Fri May 13 16:10:05 2016 (5736349D)
klbackupflt.sys             Thu May 19 11:15:06 2016 (573DD87A)
cm_km.sys                   Wed May 25 05:00:10 2016 (5745699A)
klwfp.sys                   Mon Jun 13 05:29:14 2016 (575E7CEA)
intelppm.sys                Fri Jul 15 22:10:43 2016 (578997A3)
lxss.sys                    Fri Jul 15 22:28:26 2016 (57899BCA)
klim6.sys                   Fri Sep 30 09:35:20 2016 (57EE6A18)
LXCORE.SYS                  Wed Oct  5 05:22:04 2016 (57F4C63C)
npcap.sys                   Thu Dec 15 11:54:52 2016 (5852CADC)
kneps.sys                   Fri Dec 16 04:16:17 2016 (5853B0E1)
klflt.sys                   Thu Dec 29 06:26:07 2016 (5864F2CF)
klwtp.sys                   Thu Jan 12 04:21:38 2017 (58774AA2)
klupd_klif_kimul.sys        Mon Feb  6 06:09:33 2017 (5898596D)
klif.sys                    Thu Mar 23 10:51:44 2017 (58D3E100)
mrcbt.sys                   Mon Mar 27 07:49:03 2017 (58D8FC2F)
klhk.sys                    Tue Mar 28 08:56:34 2017 (58DA5D82)
klupd_klif_arkmon.sys       Thu Mar 30 10:41:32 2017 (58DD191C)
klupd_klif_mark.sys         Thu Mar 30 10:46:51 2017 (58DD1A5B)
klupd_klif_klark.sys        Thu Mar 30 10:51:16 2017 (58DD1B64)
klupd_klif_klbg.sys         Thu Mar 30 10:51:17 2017 (58DD1B65)
iqvw64e.sys                 Mon Apr  3 11:14:26 2017 (58E266D2)
VBoxUSBMon.sys              Fri Apr 28 11:36:57 2017 (59036199)
VBoxDrv.sys                 Fri Apr 28 11:36:57 2017 (59036199)
VBoxNetLwf.sys              Fri Apr 28 11:36:57 2017 (59036199)
sshid.sys                   Mon May  8 12:03:55 2017 (591096EB)
nvhda64v.sys                Tue May 16 09:02:27 2017 (591AF863)
nvlddmkm.sys                Tue Jun 27 16:02:17 2017 (5952B9C9)
klids.sys                   Wed Jul  5 07:44:48 2017 (595CD130)
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
**************************Sat Jul 15 17:53:31.170 2017 (UTC - 4:00)**************************
wdcsam64.sys                Fri Oct  9 16:31:13 2015 (56182411)

http://www.carrona.org/drivers/driver.php?id=synusb64.sys
http://www.carrona.org/drivers/driver.php?id=SiLib.sys
http://www.carrona.org/drivers/driver.php?id=SiUSBXp.sys
http://www.carrona.org/drivers/driver.php?id=PxHlpa64.sys
tsvadpcm.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=AsIO.sys
http://www.carrona.org/drivers/driver.php?id=speedfan.sys
http://www.carrona.org/drivers/driver.php?id=npf.sys
http://www.carrona.org/drivers/driver.php?id=ScpVBus.sys
http://www.carrona.org/drivers/driver.php?id=semav6msr64.sys
http://www.carrona.org/drivers/driver.php?id=VClone.sys
http://www.carrona.org/drivers/driver.php?id=ElbyCDIO.sys
http://www.carrona.org/drivers/driver.php?id=cmudaxp.sys
http://www.carrona.org/drivers/driver.php?id=klmouflt.sys
http://www.carrona.org/drivers/driver.php?id=TeeDriverW8x64.sys
http://www.carrona.org/drivers/driver.php?id=ssdevfactory.sys
http://www.carrona.org/drivers/driver.php?id=iaStorA.sys
http://www.carrona.org/drivers/driver.php?id=kldisk.sys
http://www.carrona.org/drivers/driver.php?id=rt640x64.sys
http://www.carrona.org/drivers/driver.php?id=cpuz139_x64.sys
http://www.carrona.org/drivers/driver.php?id=kl1.sys
http://www.carrona.org/drivers/driver.php?id=klpd.sys
http://www.carrona.org/drivers/driver.php?id=klbackupdisk.sys
http://www.carrona.org/drivers/driver.php?id=klkbdflt.sys
http://www.carrona.org/drivers/driver.php?id=klbackupflt.sys
http://www.carrona.org/drivers/driver.php?id=cm_km.sys
http://www.carrona.org/drivers/driver.php?id=klwfp.sys
http://www.carrona.org/drivers/driver.php?id=intelppm.sys
lxss.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=klim6.sys
LXCORE.SYS - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
npcap.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=kneps.sys
http://www.carrona.org/drivers/driver.php?id=klflt.sys
http://www.carrona.org/drivers/driver.php?id=klwtp.sys
klupd_klif_kimul.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=klif.sys
mrcbt.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=klhk.sys
klupd_klif_arkmon.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
klupd_klif_mark.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
klupd_klif_klark.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
klupd_klif_klbg.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=iqvw64e.sys
http://www.carrona.org/drivers/driver.php?id=VBoxUSBMon.sys
http://www.carrona.org/drivers/driver.php?id=VBoxDrv.sys
http://www.carrona.org/drivers/driver.php?id=VBoxNetLwf.sys
http://www.carrona.org/drivers/driver.php?id=sshid.sys
http://www.carrona.org/drivers/driver.php?id=nvhda64v.sys
http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
klids.sys - this driver hasn't been added to the DRT as of this run. Please search Google/Bing for the driver if additional information is needed.
http://www.carrona.org/drivers/driver.php?id=wdcsam64.sys

 


Edited by usasma, 18 July 2017 - 06:01 AM.

My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#3 osuka_

osuka_
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 22 July 2017 - 01:12 AM

update I think I found the problem

 

scpvbus.sys was the probable culprit. System has been stable for over 48 hours now

 

Enabling driver verifier was tricky because my system wouldn't boot with every check enabled on all third-party drivers. After disabling all secondary checks, I got a startup time bsod and decided to get rid of scpvbus.sys, then reenabled driver verifier; that's where things got a little tricky.

 

To this date, the system fails to boot if "Code integrity checks" is enabled on all installed third-party drivers. With every other check (excluding low resource simulation and random io pending requests) enabled for the aforementioned drivers, the system was stable for 36 continuous hours of uptime.

 

I'm not sure I want to put the effort in to figure out what's going on with the system, since it seems stable. Computers are weird.



#4 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:09:55 PM

Posted 22 July 2017 - 05:31 AM

Most of the recent cases that I've seen with "code integrity" issues were infected or had to be wiped and have Windows reinstalled.

FYI - I'm not able to fix the code integrity errors and resort to a wipe and reinstall as a workaround for them.

You may want to post over in the Am I Infected forum to get a second opinion:  http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/
Please read the pinned topics at the top of the forum for instructions on how to post there.

 


My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#5 osuka_

osuka_
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:55 PM

Posted 22 July 2017 - 12:52 PM

Yeah, I'm not about to do that. If it works, it works and sfc seems to be fine with the os integrity, so if it doesn't boot under a debugging tool... who cares?

 

i'm fairly confident I'm not infected - unless it's government-grade malware, in which case I can't do anything about it anyway so I'd rather not know.

 

This is a very old windows install; i've files dated march 19, 2014 - over a year before windows 10 came out. This, yes, I upgraded from Windows 7 after backing up and hoping it wouldn't catch fire. To my surprise at the time, only the AV broke and so it took me a mere 30 or so minutes of work. If I absolutely have to, I'll reinstall - but I really would rather not.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users