Please install SunBelt Antivirus, if you have it installed.
Then download and install Microsoft Security Essentials.Code:BugCheck F5, {6d, fffffa8006ac82e0, fffffa8006ac8280, 0} Unable to load image \SystemRoot\system32\DRIVERS\sbapifs.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for sbapifs.sys *** ERROR: Module load completed but symbols could not be loaded for sbapifs.sys Probably caused by : sbapifs.sys ( sbapifs+1fe3 )
Forgive my ignorance but what is the code box you have posted in your previous reply?
I'm noticing that the last dump file is dated 5-30 and I've had additional shut downs on 5-31 & this morning.
Your .dmp file is pointing to sbapifs.sys as the cause of your problem ... This is a driver for Sun Belts software... If you are using any software by Sun Belt, uninstall it and test ... Also, this has also been reported as malware, so you will want to run your antivirus/antimalware software, just to be sure....
Attachment 76598
It's a piece of a Windbg analysis. Here is the whole thing. if you're interested.
Code:Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C:\Users\Jonathan\AppData\Local\Temp\Temp1_053010-25927-01(2).zip\053010-25927-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols Executable search path is: Windows 7 Kernel Version 7600 MP (4 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Personal Built by: 7600.16539.amd64fre.win7_gdr.100226-1909 Machine Name: Kernel base = 0xfffff800`02c5c000 PsLoadedModuleList = 0xfffff800`02e99e50 Debug session time: Sun May 30 08:37:19.073 2010 (GMT-4) System Uptime: 0 days 0:24:47.309 Loading Kernel Symbols ............................................................... ................................................................ ............................................ Loading User Symbols Loading unloaded module list ..... ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck F5, {6d, fffffa8006ac82e0, fffffa8006ac8280, 0} Unable to load image \SystemRoot\system32\DRIVERS\sbapifs.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for sbapifs.sys *** ERROR: Module load completed but symbols could not be loaded for sbapifs.sys Probably caused by : sbapifs.sys ( sbapifs+1fe3 ) Followup: MachineOwner --------- 3: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* FLTMGR_FILE_SYSTEM (f5) An unrecoverable failure occured inside the filter manager. Arguments: Arg1: 000000000000006d, The reason for the failure Arg2: fffffa8006ac82e0 Arg3: fffffa8006ac8280 Arg4: 0000000000000000 Debugging Details: ------------------ CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT BUGCHECK_STR: 0xF5 PROCESS_NAME: tldejpeg4.exe CURRENT_IRQL: 0 LAST_CONTROL_TRANSFER: from fffff880010fbd1d to fffff80002ccc600 STACK_TEXT: fffff880`02792798 fffff880`010fbd1d : 00000000`000000f5 00000000`0000006d fffffa80`06ac82e0 fffffa80`06ac8280 : nt!KeBugCheckEx fffff880`027927a0 fffff880`0235afe3 : fffffa80`00000000 fffffa80`05f709d0 fffff880`02792888 fffff800`00000010 : fltmgr! ?? ::FNODOBFM::`string'+0x1329 fffff880`027927e0 fffffa80`00000000 : fffffa80`05f709d0 fffff880`02792888 fffff800`00000010 fffff880`02792850 : sbapifs+0x1fe3 fffff880`027927e8 fffffa80`05f709d0 : fffff880`02792888 fffff800`00000010 fffff880`02792850 fffff880`0235b02f : 0xfffffa80`00000000 fffff880`027927f0 fffff880`02792888 : fffff800`00000010 fffff880`02792850 fffff880`0235b02f fffff880`01107a00 : 0xfffffa80`05f709d0 fffff880`027927f8 fffff800`00000010 : fffff880`02792850 fffff880`0235b02f fffff880`01107a00 fffffa80`05f70900 : 0xfffff880`02792888 fffff880`02792800 fffff880`02792850 : fffff880`0235b02f fffff880`01107a00 fffffa80`05f70900 fffffa80`01a38c10 : 0xfffff800`00000010 fffff880`02792808 fffff880`0235b02f : fffff880`01107a00 fffffa80`05f70900 fffffa80`01a38c10 fffffa80`05f70920 : 0xfffff880`02792850 fffff880`02792810 fffff880`01107a00 : fffffa80`05f70900 fffffa80`01a38c10 fffffa80`05f70920 00000000`00000000 : sbapifs+0x202f fffff880`02792818 fffffa80`05f70900 : fffffa80`01a38c10 fffffa80`05f70920 00000000`00000000 fffff880`010f8242 : fltmgr!FltpOperationFlags fffff880`02792820 fffffa80`01a38c10 : fffffa80`05f70920 00000000`00000000 fffff880`010f8242 fffffa80`05f70920 : 0xfffffa80`05f70900 fffff880`02792828 fffffa80`05f70920 : 00000000`00000000 fffff880`010f8242 fffffa80`05f70920 00000000`00000000 : 0xfffffa80`01a38c10 fffff880`02792830 00000000`00000000 : fffff880`010f8242 fffffa80`05f70920 00000000`00000000 fffffa80`00000000 : 0xfffffa80`05f70920 STACK_COMMAND: kb FOLLOWUP_IP: sbapifs+1fe3 fffff880`0235afe3 ?? ??? SYMBOL_STACK_INDEX: 2 SYMBOL_NAME: sbapifs+1fe3 FOLLOWUP_NAME: MachineOwner MODULE_NAME: sbapifs IMAGE_NAME: sbapifs.sys DEBUG_FLR_IMAGE_TIMESTAMP: 4a807d11 FAILURE_BUCKET_ID: X64_0xF5_sbapifs+1fe3 BUCKET_ID: X64_0xF5_sbapifs+1fe3 Followup: MachineOwner ---------
I have uninstalled Norton, ran the Norton Utility followed by installing Microsoft Essentials. A full scan shows nothing plus a Malwarebyte scan is also negative. My computer just shut down & rebooted. This time I ran the SF Diagnostic Tool and uploaded the results. Does it point to what my problem may be?
Many thanks!
If you have not uninstalled any Sunbelt software as Tews recommended, please do so. Two of your last three dumps point to sbapifs.sys. The process Sunbelt ActiveProtection Filter belongs to the software SBAPIFS or VIPRE Antivirus + Antispyware or CounterSpy by Sunbelt Software.
Your latest dmp is an F5 error and may be related to the above. Let's eliminate this possibility and see what you have from there.
STOP 0x000000F5: FLTMGR_FILE_SYSTEM
The FLTMGR_FILE_SYSTEM bug check has a value of 0x000000F5. This indicates that an unrecoverable failure occurred in the Filter Manager.
BSOD Index
I’m at a loss here because I have no software from Sunbelt, never did. All I had was Norton Internet Security 2010 and Ad-Aware Pro and I’ve uninstalled both and replaced it with Microsoft Essentials.
Question: I see the dump files are dated through 5-30 prior to when I removed Ad-Aware Pro and rename the sbapifs extension to .bak. My startup & recovery setting is set to Kernel memory dump & %SystemRoot%\MEMORY.DMP with check marks for ‘write an event to the system log’ & ‘Overwrite any existing file’. Is it possible these are old dump files and are not being updated following the crashes?
You can delete the dmps in the minidump folder now. Then you know any future files there are new.
I have deleted the dump files in the minidump folder. My machine crashed again but there are no files in the mindump folder. My startup & recovery setting is set to Kernel memory dump & %SystemRoot%\MEMORY.DMP with check marks for ‘write an event to the system log’ & ‘Overwrite any existing file’. When the machine boots from a crash, it goes into normal mode. What can I do to get the information needed to find the cause of these crashes?
Quote