View Single Post
03 Jul 2012  
usasma
Microsoft MVP

 
 

One of the memory dumps in the WER section of MSINFO32 blames Kaspersky (as do 2 of the 9 memory dumps). Please do the following:
Quote:
Anti-Virus Removal:
Please do the following:
- download a free antivirus for testing purposes: Free AntiVirus
- uninstall the antivirus software from your system (you can reinstall it, if so desired, when we're done troubleshooting)
- remove any remnants of the antivirus software using one of these free tools: Antivirus Uninstallers
- IMMEDIATELY install and update the free antivirus
- check to see if this fixes the BSOD's
NOTE: NEVER run more than 1 anti-virus, firewall, Internet Security/Security Center application at the same time.
Older versions of Acronis are known to cause BSOD's on Win7 systems also. Your copy has drivers that date from 2007. As such you MUST uninstall it.

In the table below is a list of drivers. Please update or remove the programs associated with any drivers dated from 2009 or earlier. Below the table is a list of links to more information about the drivers (it'll help you find out what programs belong to the drivers in question).

If all of that doesn't fix it, then please run Driver Verifier according to these instructions: Driver Verifier Settings

The following info is just FYI, I've already addressed the issues that I saw in the above paragraphs

- Further info on BSOD error messages available at: http://www.carrona.org/bsodindx.html
- Info on how to troubleshoot BSOD's (DRAFT): http://www.carrona.org/userbsod.html
- How I do it: http://www.carrona.org/howidoit.html

3RD PARTY DRIVERS PRESENT IN THE DUMP FILES
Code:

HECIx64.sys      Tue Oct 19 19:33:43 2010 (4CBE2AD7)
LGBusEnum.sys    Mon Nov 23 20:36:48 2009 (4B0B38B0)
LGVirHid.sys     Mon Nov 23 20:36:48 2009 (4B0B38B0)
PROCEXP152.SYS   Sat Jun 16 17:21:56 2012 (4FDCF8F4)
RTKVHD64.sys     Tue Nov 02 07:25:59 2010 (4CCFF547)
WSDPrint.sys     Mon Jul 13 20:39:20 2009 (4A5BD3B8)
amdxata.sys      Fri Mar 19 12:18:18 2010 (4BA3A3CA)
dump_iaStor.sys  Tue Apr 26 14:06:18 2011 (4DB7099A)
e1c62x64.sys     Tue Sep 21 17:34:15 2010 (4C9924D7)
iaStor.sys       Tue Apr 26 14:06:18 2011 (4DB7099A)
jraid.sys        Tue Aug 10 05:28:44 2010 (4C611BCC)
kl1.sys          Fri Mar 04 04:20:03 2011 (4D70AEC3)
kl2.sys          Fri Mar 04 04:17:31 2011 (4D70AE2B)
klif.sys         Wed Apr 20 06:34:31 2011 (4DAEB6B7)
klim6.sys        Thu Mar 10 09:36:02 2011 (4D78E1D2)
klmouflt.sys     Mon Nov 02 11:26:06 2009 (4AEF081E)
ladfGSCamd64.sys Mon Apr 11 14:41:01 2011 (4DA34B3D)
ladfGSRamd64.sys Mon Apr 11 14:41:07 2011 (4DA34B43)
nusb3hub.sys     Thu Dec 09 23:50:35 2010 (4D01B19B)
nusb3xhc.sys     Thu Dec 09 23:50:35 2010 (4D01B19B)
nvBridge.kmd     Fri May 20 23:58:23 2011 (4DD7385F)
nvlddmkm.sys     Thu Feb 09 21:02:58 2012 (4F347AD2)
snapman.sys      Thu Nov 22 03:19:33 2007 (47453B95)
tdrpman.sys      Mon Nov 12 08:36:33 2007 (473856E1)
tifsfilt.sys     Wed Aug 29 08:37:29 2007 (46D56889)
timntr.sys       Wed Aug 29 08:38:23 2007 (46D568BF)
http://www.carrona.org/drivers/driver.php?id=HECIx64.sys
http://www.carrona.org/drivers/driver.php?id=LGBusEnum.sys
http://www.carrona.org/drivers/driver.php?id=LGVirHid.sys
http://www.carrona.org/drivers/driver.php?id=PROCEXP152.SYS
http://www.carrona.org/drivers/driver.php?id=RTKVHD64.sys
http://www.carrona.org/drivers/driver.php?id=WSDPrint.sys
http://www.carrona.org/drivers/driver.php?id=amdxata.sys
http://www.carrona.org/drivers/driver.php?id=dump_iaStor.sys
http://www.carrona.org/drivers/driver.php?id=e1c62x64.sys
http://www.carrona.org/drivers/driver.php?id=iaStor.sys
http://www.carrona.org/drivers/driver.php?id=jraid.sys
http://www.carrona.org/drivers/driver.php?id=kl1.sys
http://www.carrona.org/drivers/driver.php?id=kl2.sys
http://www.carrona.org/drivers/driver.php?id=klif.sys
http://www.carrona.org/drivers/driver.php?id=klim6.sys
http://www.carrona.org/drivers/driver.php?id=klmouflt.sys
http://www.carrona.org/drivers/driver.php?id=ladfGSCamd64.sys
http://www.carrona.org/drivers/driver.php?id=ladfGSRamd64.sys
http://www.carrona.org/drivers/driver.php?id=nusb3hub.sys
http://www.carrona.org/drivers/driver.php?id=nusb3xhc.sys
http://www.carrona.org/drivers/driver.php?id=nvBridge.kmd
http://www.carrona.org/drivers/driver.php?id=nvlddmkm.sys
http://www.carrona.org/drivers/driver.php?id=snapman.sys
http://www.carrona.org/drivers/driver.php?id=tdrpman.sys
http://www.carrona.org/drivers/driver.php?id=tifsfilt.sys
http://www.carrona.org/drivers/driver.php?id=timntr.sys

BSOD BUGCHECK SUMMARY

Code:

Loading Dump File [C:\Users\John\_jcgriff2_\dbug\__Kernel__\062512-14976-01.dmp]
Built by: 7601.17803.amd64fre.win7sp1_gdr.120330-1504
Debug session time: Mon Jun 25 07:10:15.665 2012 (UTC - 4:00)
System Uptime: 0 days 11:53:09.883
BugCheck A, {15f8d5, 2, 0, fffff80002edaca0}
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by : afd.sys ( afd!AfdReturnBuffer+1fa )
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
BUGCHECK_STR:  0xA
PROCESS_NAME:  System
FAILURE_BUCKET_ID:  X64_0xA_afd!AfdReturnBuffer+1fa
Bugcheck code 0000000A
Arguments 00000000`0015f8d5 00000000`00000002 00000000`00000000 fffff800`02edaca0
BiosVersion = 2001
BiosReleaseDate = 09/20/2011
SystemManufacturer = System manufacturer
SystemProductName = System Product Name
CPUID:        "Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz"
MaxSpeed:     3300
CurrentSpeed: 3310
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Loading Dump File [C:\Users\John\_jcgriff2_\dbug\__Kernel__\070112-17378-01.dmp]
Built by: 7601.17835.amd64fre.win7sp1_gdr.120503-2030
Debug session time: Sun Jul  1 15:14:33.478 2012 (UTC - 4:00)
System Uptime: 0 days 0:02:56.695
BugCheck 50, {fffff900c2d8db60, 0, fffff9600006c6a6, 2}
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by : win32k.sys ( win32k+5c6a6 )
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
BUGCHECK_STR:  0x50
PROCESS_NAME:  dw20.exe
FAILURE_BUCKET_ID:  X64_0x50_win32k+5c6a6
Bugcheck code 00000050
Arguments fffff900`c2d8db60 00000000`00000000 fffff960`0006c6a6 00000000`00000002
BiosVersion = 2001
BiosReleaseDate = 09/20/2011
SystemManufacturer = System manufacturer
SystemProductName = System Product Name
CPUID:        "Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz"
MaxSpeed:     3300
CurrentSpeed: 3310
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Loading Dump File [C:\Users\John\_jcgriff2_\dbug\__Kernel__\070112-17643-01.dmp]
Built by: 7601.17835.amd64fre.win7sp1_gdr.120503-2030
Debug session time: Sun Jul  1 15:10:08.644 2012 (UTC - 4:00)
System Uptime: 0 days 2:38:24.862
BugCheck 50, {fffff900c1f86000, 0, fffff80003009afd, 0}
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+241 )
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
BUGCHECK_STR:  0x50
PROCESS_NAME:  robotaskbarico
FAILURE_BUCKET_ID:  X64_0x50_nt!ExDeferredFreePool+241
Bugcheck code 00000050
Arguments fffff900`c1f86000 00000000`00000000 fffff800`03009afd 00000000`00000000
BiosVersion = 2001
BiosReleaseDate = 09/20/2011
SystemManufacturer = System manufacturer
SystemProductName = System Product Name
CPUID:        "Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz"
MaxSpeed:     3300
CurrentSpeed: 3310
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Loading Dump File [C:\Users\John\_jcgriff2_\dbug\__Kernel__\070112-18782-01.dmp]
Built by: 7601.17835.amd64fre.win7sp1_gdr.120503-2030
Debug session time: Sun Jul  1 12:25:21.664 2012 (UTC - 4:00)
System Uptime: 5 days 15:06:38.155
BugCheck 19, {21, fffff8a004c84000, 1180, 181180}
*** WARNING: Unable to verify timestamp for kl1.sys
*** ERROR: Module load completed but symbols could not be loaded for kl1.sys
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by : kl1.sys ( kl1+fd207 )
BUGCHECK_STR:  0x19_21
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  avp.exe
FAILURE_BUCKET_ID:  X64_0x19_21_kl1+fd207
Bugcheck code 00000019
Arguments 00000000`00000021 fffff8a0`04c84000 00000000`00001180 00000000`00181180
BiosVersion = 2001
BiosReleaseDate = 09/20/2011
SystemManufacturer = System manufacturer
SystemProductName = System Product Name
CPUID:        "Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz"
MaxSpeed:     3300
CurrentSpeed: 3310
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Loading Dump File [C:\Users\John\_jcgriff2_\dbug\__Kernel__\070112-19453-01.dmp]
Built by: 7601.17835.amd64fre.win7sp1_gdr.120503-2030
Debug session time: Sun Jul  1 12:30:22.874 2012 (UTC - 4:00)
System Uptime: 0 days 0:03:32.091
BugCheck 1A, {41790, fffffa80039f8ee0, ffff, 0}
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by : ntkrnlmp.exe ( nt! ?? ::FNODOBFM::`string'+355e4 )
BUGCHECK_STR:  0x1a_41790
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  avp.exe
FAILURE_BUCKET_ID:  X64_0x1a_41790_nt!_??_::FNODOBFM::_string_+355e4
Bugcheck code 0000001A
Arguments 00000000`00041790 fffffa80`039f8ee0 00000000`0000ffff 00000000`00000000
BiosVersion = 2001
BiosReleaseDate = 09/20/2011
SystemManufacturer = System manufacturer
SystemProductName = System Product Name
CPUID:        "Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz"
MaxSpeed:     3300
CurrentSpeed: 3310
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Loading Dump File [C:\Users\John\_jcgriff2_\dbug\__Kernel__\070112-22432-01.dmp]
Built by: 7601.17835.amd64fre.win7sp1_gdr.120503-2030
Debug session time: Sun Jul  1 19:44:45.596 2012 (UTC - 4:00)
System Uptime: 0 days 4:12:35.440
BugCheck 1A, {41284, 73f5001, 2177, fffff70001080000}
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by : ntkrnlmp.exe ( nt! ?? ::FNODOBFM::`string'+4ac3 )
BUGCHECK_STR:  0x1a_41284
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  Wow.exe
FAILURE_BUCKET_ID:  X64_0x1a_41284_nt!_??_::FNODOBFM::_string_+4ac3
Bugcheck code 0000001A
Arguments 00000000`00041284 00000000`073f5001 00000000`00002177 fffff700`01080000
BiosVersion = 2001
BiosReleaseDate = 09/20/2011
SystemManufacturer = System manufacturer
SystemProductName = System Product Name
CPUID:        "Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz"
MaxSpeed:     3300
CurrentSpeed: 3310
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Loading Dump File [C:\Users\John\_jcgriff2_\dbug\__Kernel__\070212-19624-01.dmp]
Built by: 7601.17835.amd64fre.win7sp1_gdr.120503-2030
Debug session time: Mon Jul  2 09:55:08.863 2012 (UTC - 4:00)
System Uptime: 0 days 14:08:57.707
BugCheck 19, {21, fffff8a00dbb9000, 1180, 531180}
*** WARNING: Unable to verify timestamp for kl1.sys
*** ERROR: Module load completed but symbols could not be loaded for kl1.sys
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by : kl1.sys ( kl1+fd207 )
BUGCHECK_STR:  0x19_21
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  avp.exe
FAILURE_BUCKET_ID:  X64_0x19_21_kl1+fd207
Bugcheck code 00000019
Arguments 00000000`00000021 fffff8a0`0dbb9000 00000000`00001180 00000000`00531180
BiosVersion = 2001
BiosReleaseDate = 09/20/2011
SystemManufacturer = System manufacturer
SystemProductName = System Product Name
CPUID:        "Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz"
MaxSpeed:     3300
CurrentSpeed: 3310
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Loading Dump File [C:\Users\John\_jcgriff2_\dbug\__Kernel__\070312-18096-01.dmp]
Built by: 7601.17835.amd64fre.win7sp1_gdr.120503-2030
Debug session time: Tue Jul  3 09:15:10.803 2012 (UTC - 4:00)
System Uptime: 0 days 1:16:25.020
BugCheck 19, {3, fffff8a01634f1f0, fffff8a016cdf1f0, fffff8a01634f1f0}
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+118b )
BUGCHECK_STR:  0x19_3
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  firefox.exe
FAILURE_BUCKET_ID:  X64_0x19_3_nt!ExDeferredFreePool+118b
Bugcheck code 00000019
Arguments 00000000`00000003 fffff8a0`1634f1f0 fffff8a0`16cdf1f0 fffff8a0`1634f1f0
BiosVersion = 2001
BiosReleaseDate = 09/20/2011
SystemManufacturer = System manufacturer
SystemProductName = System Product Name
CPUID:        "Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz"
MaxSpeed:     3300
CurrentSpeed: 3310
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Loading Dump File [C:\Users\John\_jcgriff2_\dbug\__Kernel__\070312-18720-01.dmp]
Built by: 7601.17835.amd64fre.win7sp1_gdr.120503-2030
Debug session time: Tue Jul  3 07:56:53.100 2012 (UTC - 4:00)
System Uptime: 0 days 17:05:01.317
BugCheck 1A, {41284, fffff7044019a001, 195a2a, fffff70001080000}
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by : ntkrnlmp.exe ( nt! ?? ::FNODOBFM::`string'+4ac3 )
BUGCHECK_STR:  0x1a_41284
DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT
PROCESS_NAME:  CurseClient.ex
FAILURE_BUCKET_ID:  X64_0x1a_41284_nt!_??_::FNODOBFM::_string_+4ac3
Bugcheck code 0000001A
Arguments 00000000`00041284 fffff704`4019a001 00000000`00195a2a fffff700`01080000
BiosVersion = 2001
BiosReleaseDate = 09/20/2011
SystemManufacturer = System manufacturer
SystemProductName = System Product Name
CPUID:        "Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz"
MaxSpeed:     3300
CurrentSpeed: 3310
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``

My System SpecsSystem Spec