Welcome to the forum.
Problem software
Code:
Start Menu\Programs\AVG Public:Start Menu\Programs\AVG Public
Start Menu\Programs\McAfee Public:Start Menu\Programs\McAfee Public
AVG and McAfee are both known to cause BSOD's. Moreover, the cause of your BSOD's are McAfee itself.
Code:
Microsoft (R) Windows Debugger Version 6.2.9200.20512 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\USER\Downloads\Compressed\BENGTAHLBERG-2014-11-19_164142,33\111914-59202-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7601.18409.amd64fre.win7sp1_gdr.140303-2144
Machine Name:
Kernel base = 0xfffff800`0344f000 PsLoadedModuleList = 0xfffff800`03692890
Debug session time: Wed Nov 19 21:19:45.659 2014 (UTC + 6:00)
System Uptime: 0 days 0:25:36.892
Loading Kernel Symbols
...............................................................
................................................................
.............................................................
Loading User Symbols
Loading unloaded module list
...........
*** WARNING: Unable to verify timestamp for mfencbdc.sys
*** ERROR: Module load completed but symbols could not be loaded for mfencbdc.sys
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 1000007E, {ffffffffc0000005, fffff88006327332, fffff880037fc2d8, fffff880037fbb30}
*** WARNING: Unable to verify timestamp for mfehidk.sys
*** ERROR: Module load completed but symbols could not be loaded for mfehidk.sys
Probably caused by : mfencbdc.sys ( mfencbdc+a332 )
Followup: MachineOwner
---------
2: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff88006327332, The address that the exception occurred at
Arg3: fffff880037fc2d8, Exception Record Address
Arg4: fffff880037fbb30, Context Record Address
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
FAULTING_IP:
mfencbdc+a332
fffff880`06327332 ff5008 call qword ptr [rax+8]
EXCEPTION_RECORD: fffff880037fc2d8 -- (.exr 0xfffff880037fc2d8)
ExceptionAddress: fffff88006327332 (mfencbdc+0x000000000000a332)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000000
Parameter[1]: 0000000000000008
Attempt to read from address 0000000000000008
CONTEXT: fffff880037fbb30 -- (.cxr 0xfffff880037fbb30)
rax=0000000000000000 rbx=fffffa800a032840 rcx=fffffa800a032840
rdx=0000000000000000 rsi=fffff88006376350 rdi=00000000000003e8
rip=fffff88006327332 rsp=fffff880037fc510 rbp=fffffa800a022a50
r8=0000000000000000 r9=0000000000000f44 r10=fffff8000344f000
r11=0000000000000000 r12=fffffa800a02b830 r13=0000000000000000
r14=0000000000000002 r15=fffffa800cf15950
iopl=0 nv up ei pl nz na pe nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010202
mfencbdc+0xa332:
fffff880`06327332 ff5008 call qword ptr [rax+8] ds:002b:00000000`00000008=????????????????
Resetting default scope
CUSTOMER_CRASH_COUNT: 1
PROCESS_NAME: System
CURRENT_IRQL: 0
ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
EXCEPTION_PARAMETER1: 0000000000000000
EXCEPTION_PARAMETER2: 0000000000000008
READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800036fc100
GetUlongFromAddress: unable to read from fffff800036fc1c0
0000000000000008 Nonpaged pool
FOLLOWUP_IP:
mfencbdc+a332
fffff880`06327332 ff5008 call qword ptr [rax+8]
BUGCHECK_STR: 0x7E
DEFAULT_BUCKET_ID: NULL_CLASS_PTR_DEREFERENCE
LAST_CONTROL_TRANSFER: from fffffa800a032840 to fffff88006327332
STACK_TEXT:
fffff880`037fc510 fffffa80`0a032840 : 00000000`00000e00 fffffa80`0a030e00 fffff880`000000d5 fffffa80`0a022a01 : mfencbdc+0xa332
fffff880`037fc518 00000000`00000e00 : fffffa80`0a030e00 fffff880`000000d5 fffffa80`0a022a01 fffff880`00c06b33 : 0xfffffa80`0a032840
fffff880`037fc520 fffffa80`0a030e00 : fffff880`000000d5 fffffa80`0a022a01 fffff880`00c06b33 ffffffff`ffffff9c : 0xe00
fffff880`037fc528 fffff880`000000d5 : fffffa80`0a022a01 fffff880`00c06b33 ffffffff`ffffff9c fffffa80`0a02b830 : 0xfffffa80`0a030e00
fffff880`037fc530 fffffa80`0a022a01 : fffff880`00c06b33 ffffffff`ffffff9c fffffa80`0a02b830 fffffa80`0a022a50 : 0xfffff880`000000d5
fffff880`037fc538 fffff880`00c06b33 : ffffffff`ffffff9c fffffa80`0a02b830 fffffa80`0a022a50 fffff880`00c63983 : 0xfffffa80`0a022a01
fffff880`037fc540 ffffffff`ffffff9c : fffffa80`0a02b830 fffffa80`0a022a50 fffff880`00c63983 fffffa80`0a02b830 : mfehidk+0x6b33
fffff880`037fc548 fffffa80`0a02b830 : fffffa80`0a022a50 fffff880`00c63983 fffffa80`0a02b830 fffff880`00c07c2f : 0xffffffff`ffffff9c
fffff880`037fc550 fffffa80`0a022a50 : fffff880`00c63983 fffffa80`0a02b830 fffff880`00c07c2f 00000000`00000000 : 0xfffffa80`0a02b830
fffff880`037fc558 fffff880`00c63983 : fffffa80`0a02b830 fffff880`00c07c2f 00000000`00000000 fffffa80`0a022a00 : 0xfffffa80`0a022a50
fffff880`037fc560 fffffa80`0a02b830 : fffff880`00c07c2f 00000000`00000000 fffffa80`0a022a00 fffffa80`0a022a01 : mfehidk+0x63983
fffff880`037fc568 fffff880`00c07c2f : 00000000`00000000 fffffa80`0a022a00 fffffa80`0a022a01 00000000`00000000 : 0xfffffa80`0a02b830
fffff880`037fc570 00000000`00000000 : fffffa80`0a022a00 fffffa80`0a022a01 00000000`00000000 fffffa80`0a02b910 : mfehidk+0x7c2f
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: mfencbdc+a332
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: mfencbdc
IMAGE_NAME: mfencbdc.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 53f4b836
STACK_COMMAND: .cxr 0xfffff880037fbb30 ; kb
FAILURE_BUCKET_ID: X64_0x7E_mfencbdc+a332
BUCKET_ID: X64_0x7E_mfencbdc+a332
Followup: MachineOwner
---------
Uninstall both the AV's with Revo Uninstaller Free.
Revo Uninstaller:
Use Revo Uninstaller to uninstall stubborn software.
Perform a Clean boot:
Reduce items at start-up. No software except anti-virus is required plus doing this improves the time for logging into windows:
Microsoft Security Essentials is recommended from a strict BSOD perspective, compatibility & stability compared to other internet security software. Malwarebytes is a great combo to MSE. They are free and lightweight.
Also uninstall your existing Antivirus software before you install MSE.
Good and Free system security combination.
Warning
Do not start the free trial of Malware Bytes; remember to deselect that option when prompted.
Run the System File Checker that scans the of all protected Windows 7 system files and replaces incorrect corrupted, changed/modified, or damaged versions with the correct versions if possible:
- Click on the
- Type CMD on Search
- Left click and Run as Administrator
- Type SFC /scannow
Full tutorial here: