[SOLVED] Driver IRQL not less or equal Windows 7 - CA Antivirus

R

RibDigger870

Active member
Joined
Dec 28, 2012
Posts
39
Can someone help me. Iv been getting the BSOD error for about 2 months now. It says it's due to recent software package install, but i have no idea which one it would be. And i don't have a restore point far back enough to restore my laptop. I have attached the requested files
 

Attachments

Hi -

All 9 dumps named the Microsoft networking related driver tcpip.sys - but it is a default and not the cause.

I believe CA Antivirus and its firewall are involved -
Code: 
[font=lucida console]
KmxAMRT.sys                 Mon Apr  4 17:12:31 2011 (4D9A343F)
KmxCF.sys                   Fri May 20 08:02:50 2011 (4DD6586A)
KmxFile.sys                 Tue Mar 22 11:09:47 2011 (4D88BBBB)
KmxFilter.sys               Wed Jul 27 10:09:51 2011 (4E301C2F)
KmxSbx.sys                  Tue Feb 22 02:27:28 2011 (4D636560)
kmxagent.sys                Wed Mar 23 08:28:41 2011 (4D89E779)
kmxcfg.sys                  Thu May 12 16:58:32 2011 (4DCC49F8)
kmxfw.sys                   Wed Jul 27 09:18:34 2011 (4E30102A)
[/font]
http://www.sysnative.com/drivers/driver.php?id=KmxAMRT.sys
http://www.sysnative.com/drivers/driver.php?id=KmxFile.sys
http://www.sysnative.com/drivers/driver.php?id=KmxFilter.sys
http://www.sysnative.com/drivers/driver.php?id=KmxSbx.sys
http://www.sysnative.com/drivers/driver.php?id=kmxagent.sys
http://www.sysnative.com/drivers/driver.php?id=kmxcfg.sys
http://www.sysnative.com/drivers/driver.php?id=kmxfw.sys

Remove CA Antivirus with removal tool - http://kb.eset.com/esetkb/index?page=content&id=SOLN146

Reboot upon completion. Install Microsoft Security Essentials (MSE)

Regards. . .

jcgriff2

`

BSOD SUMMARY

Code: 
[font=lucida console]
Debug session time: Fri Dec 28 19:43:12.801 2012 (GMT-5)
Loading Dump File [C:\Users\PalmDesert\SysnativeBSODApps\122812-41901-01.dmp]
Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333
System Uptime: 0 days 23:47:41.939
Probably caused by : tcpip.sys ( tcpip!TcpBeginTcbSend+33e )
BugCheck D1, {1c, 2, 1, fffff8800186565e}
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x000000D1]DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)[/url]
Bugcheck code 000000d1
Arguments: 
Arg1: 000000000000001c, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff8800186565e, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  firefox.exe
FAILURE_BUCKET_ID:  X64_0xD1_tcpip!TcpBeginTcbSend+33e
BiosVersion = F.43
BiosReleaseDate = 12/13/2011
SystemManufacturer = Hewlett-Packard
SystemProductName = HP 2000 Notebook PC             
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Debug session time: Sun Dec 23 11:30:27.393 2012 (GMT-5)
Loading Dump File [C:\Users\PalmDesert\SysnativeBSODApps\122312-30170-01.dmp]
Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333
System Uptime: 0 days 8:05:31.562
Probably caused by : tcpip.sys ( tcpip!TcpBeginTcbSend+33e )
BugCheck D1, {1c, 2, 1, fffff8800195d65e}
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x000000D1]DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)[/url]
Bugcheck code 000000d1
Arguments: 
Arg1: 000000000000001c, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff8800195d65e, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  UmxEngine.exe
FAILURE_BUCKET_ID:  X64_0xD1_tcpip!TcpBeginTcbSend+33e
BiosVersion = F.43
BiosReleaseDate = 12/13/2011
SystemManufacturer = Hewlett-Packard
SystemProductName = HP 2000 Notebook PC             
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Debug session time: Sun Dec 23 03:24:03.627 2012 (GMT-5)
Loading Dump File [C:\Users\PalmDesert\SysnativeBSODApps\122312-36457-01.dmp]
Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333
System Uptime: 0 days 10:38:51.656
Probably caused by : tcpip.sys ( tcpip!TcpBeginTcbSend+33e )
BugCheck D1, {1c, 2, 1, fffff8800192e65e}
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x000000D1]DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)[/url]
Bugcheck code 000000d1
Arguments: 
Arg1: 000000000000001c, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff8800192e65e, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  TeaTimer.exe
FAILURE_BUCKET_ID:  X64_0xD1_tcpip!TcpBeginTcbSend+33e
BiosVersion = F.43
BiosReleaseDate = 12/13/2011
SystemManufacturer = Hewlett-Packard
SystemProductName = HP 2000 Notebook PC             
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Debug session time: Fri Dec 21 22:35:51.730 2012 (GMT-5)
Loading Dump File [C:\Users\PalmDesert\SysnativeBSODApps\122112-25428-01.dmp]
Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333
System Uptime: 0 days 0:43:44.899
Probably caused by : tcpip.sys ( tcpip!TcpBeginTcbSend+33e )
BugCheck D1, {1c, 2, 1, fffff8800189965e}
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x000000D1]DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)[/url]
Bugcheck code 000000d1
Arguments: 
Arg1: 000000000000001c, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff8800189965e, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  uTorrent.exe
FAILURE_BUCKET_ID:  X64_0xD1_tcpip!TcpBeginTcbSend+33e
BiosVersion = F.43
BiosReleaseDate = 12/13/2011
SystemManufacturer = Hewlett-Packard
SystemProductName = HP 2000 Notebook PC             
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Debug session time: Fri Dec 21 09:39:47.439 2012 (GMT-5)
Loading Dump File [C:\Users\PalmDesert\SysnativeBSODApps\122112-30466-01.dmp]
Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333
System Uptime: 0 days 5:39:14.483
Probably caused by : tcpip.sys ( tcpip!TcpBeginTcbSend+33e )
BugCheck D1, {1c, 2, 1, fffff880018cf65e}
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x000000D1]DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)[/url]
Bugcheck code 000000d1
Arguments: 
Arg1: 000000000000001c, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880018cf65e, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  TeaTimer.exe
FAILURE_BUCKET_ID:  X64_0xD1_tcpip!TcpBeginTcbSend+33e
BiosVersion = F.43
BiosReleaseDate = 12/13/2011
SystemManufacturer = Hewlett-Packard
SystemProductName = HP 2000 Notebook PC             
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Debug session time: Wed Dec 12 01:42:15.277 2012 (GMT-5)
Loading Dump File [C:\Users\PalmDesert\SysnativeBSODApps\121212-33243-01.dmp]
Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333
System Uptime: 0 days 0:37:57.446
Probably caused by : tcpip.sys ( tcpip!TcpBeginTcbSend+33e )
BugCheck D1, {1c, 2, 1, fffff880018aa65e}
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x000000D1]DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)[/url]
Bugcheck code 000000d1
Arguments: 
Arg1: 000000000000001c, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880018aa65e, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  TeaTimer.exe
FAILURE_BUCKET_ID:  X64_0xD1_tcpip!TcpBeginTcbSend+33e
BiosVersion = F.43
BiosReleaseDate = 12/13/2011
SystemManufacturer = Hewlett-Packard
SystemProductName = HP 2000 Notebook PC             
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Debug session time: Thu Dec  6 16:12:22.743 2012 (GMT-5)
Loading Dump File [C:\Users\PalmDesert\SysnativeBSODApps\120612-43305-01.dmp]
Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333
System Uptime: 0 days 1:44:40.897
Probably caused by : tcpip.sys ( tcpip!TcpBeginTcbSend+33e )
BugCheck D1, {1c, 2, 1, fffff880018ca65e}
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x000000D1]DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)[/url]
Bugcheck code 000000d1
Arguments: 
Arg1: 000000000000001c, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880018ca65e, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  VLC Media Play
FAILURE_BUCKET_ID:  X64_0xD1_tcpip!TcpBeginTcbSend+33e
BiosVersion = F.43
BiosReleaseDate = 12/13/2011
SystemManufacturer = Hewlett-Packard
SystemProductName = HP 2000 Notebook PC             
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Debug session time: Fri Nov 30 21:37:06.177 2012 (GMT-5)
Loading Dump File [C:\Users\PalmDesert\SysnativeBSODApps\113012-40310-01.dmp]
Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333
System Uptime: 0 days 0:48:40.205
Probably caused by : tcpip.sys ( tcpip!TcpBeginTcbSend+33e )
BugCheck D1, {1c, 2, 1, fffff880018cf65e}
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x000000D1]DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)[/url]
Bugcheck code 000000d1
Arguments: 
Arg1: 000000000000001c, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, value 0 = read operation, 1 = write operation
Arg4: fffff880018cf65e, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  System
FAILURE_BUCKET_ID:  X64_0xD1_tcpip!TcpBeginTcbSend+33e
BiosVersion = F.43
BiosReleaseDate = 12/13/2011
SystemManufacturer = Hewlett-Packard
SystemProductName = HP 2000 Notebook PC             
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``
Debug session time: Thu Nov 29 10:56:03.509 2012 (GMT-5)
Loading Dump File [C:\Users\PalmDesert\SysnativeBSODApps\112912-44226-01.dmp]
Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333
System Uptime: 1 days 18:17:09.663
Probably caused by : tcpip.sys ( tcpip!IppChecksumDatagram+60 )
BugCheck D1, {a, 2, 0, fffff880017414c0}
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x000000D1]DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)[/url]
Bugcheck code 000000d1
Arguments: 
Arg1: 000000000000000a, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff880017414c0, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  firefox.exe
FAILURE_BUCKET_ID:  X64_0xD1_tcpip!IppChecksumDatagram+60
BiosVersion = F.43
BiosReleaseDate = 12/13/2011
SystemManufacturer = Hewlett-Packard
SystemProductName = HP 2000 Notebook PC             
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``


         
       [color=#000033]J. C. Griffith, Microsoft MVP (jcgriff2)[/color]   
             
           [url=http://mvp.microsoft.com/profiles/Griffith][color=#000055][u][url]https://mvp.support.microsoft.com/profile/Griffith[/url][/u][/color][/url]   

           [url=https://www.sysnative.com][color=#000033][u][url]www.sysnative.com[/url][/u][/color][/url]
             


¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨
[/font]
 
Last edited:
I've had CA installed since i got the computer about a year ago. The problem didn't start until about 2 months ago. Would it really take that long to affect???
 
RibDigger870 said:
I've had CA installed since i got the computer about a year ago. The problem didn't start until about 2 months ago. Would it really take that long to affect???
Click to expand...

It could have gotten corrupted by a virus or something similar... Regardless in my opinion MSE is the better option.
 
Last edited:
RibDigger870 said:
I've had CA installed since i got the computer about a year ago. The problem didn't start until about 2 months ago. Would it really take that long to affect???
Click to expand...

The CA installation itself is aging (could be 2011 version...?)

Meanwhile, Microsoft has updated many Windows 7 OS networking related drivers like tcpip.sys, netio.sys, etc...

Uninstall CA & see - you can always reinstall it again should you wish.

You can also run Driver Verifier - see if it flags any 3rd party drivers -

https://www.sysnative.com/forums/bs...river-verifier-blue-screen-death-related.html

Regards. . .

jcgriff2

`
 
drivers are all up to date. That was one of the things i thought it might have been so i went and updated them. Worked for about a week then a crash. I will try the other security program
 
just ran the driver verifier and was not able to boot in normal mode with selected options. So apparently it's something not Microsoft related. I am getting ready to uninstall CA and go with MSE. Hopefully that is the issue.
 
RibDigger870 said:
just ran the driver verifier and was not able to boot in normal mode with selected options. So apparently it's something not Microsoft related. I am getting ready to uninstall CA and go with MSE. Hopefully that is the issue.
Click to expand...

That means Driver Verifier flagged a boot driver.

Please get the dump file - c:\windows\minidump

Regards. . .

jcgriff2

`
 
Here you go. I tried uninstalling CA and it completed it, but when i went to reboot, it wouldn't load windows in normal mode. So i had to do safe mode and do system recovery.
 

Attachments

Hi -

The last dmp was not VERIFIER_ENABLED.

Turn verifier off if not already done so. Bring up Admin CMD prompt, type - verifier /reset

Try CA removal again in normal Windows. If no-go, try in safemode.

http://homeofficekb.ca.com/CIDocume...eturn=0&GUID=DF325E0AA0AB4264AF47E4BEA49F571B

Regards. . .

jcgriff2

`


Code: 
[font=lucida console]
Debug session time: Thu Nov 29 10:56:03.509 2012 (GMT-5)
Loading Dump File [C:\Users\PalmDesert\SysnativeBSODApps\112912-44226-01.dmp]
Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333
System Uptime: 1 days 18:17:09.663
Probably caused by : tcpip.sys ( tcpip!IppChecksumDatagram+60 )
BugCheck D1, {a, 2, 0, fffff880017414c0}
BugCheck Info: [url=http://www.carrona.org/bsodindx.html#0x000000D1]DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)[/url]
Bugcheck code 000000d1
Arguments: 
Arg1: 000000000000000a, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff880017414c0, address which referenced memory
BUGCHECK_STR:  0xD1
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
PROCESS_NAME:  firefox.exe
FAILURE_BUCKET_ID:  X64_0xD1_tcpip!IppChecksumDatagram+60
BiosVersion = F.43
BiosReleaseDate = 12/13/2011
SystemManufacturer = Hewlett-Packard
SystemProductName = HP 2000 Notebook PC             
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨``

[/font]
 
did verifier reset and uninstall, reboot, and then it won't load windows. It gives me error: A driver mistakenly marked a part of it's image pagable instead of nonpagable. Tried it in safe mode with same results.
 
Boot into recovery using HDD Recovery partition or Windows DVD and run "Windows System Restore"

Regards. . .

jcgriff2

`
 
I already did system restore twice. Once when i uninstalled in normal mode, and once when i uninstalled in safe mode. Each time i would uninstall, windows wouldn't load at all. I even tried to do system repair with Windows repair disk, and it wouldn't repair it either time. So i had to do system restore after both uninstalls.
 
It seems that CA Antivirus has done quite a job on your system --- not the first time I've seen this happen.

Your only remaining option is to back up your files and reinstall Windows.

Regards. . .

jcgriff2

`
 
I don't have windows install disk. The laptop came with Windows already installed on it and no disk. All i have is a repair disk that i created
 
I was just searching through my computers recovery section and there is an option to restore computer back to factory settings. If i back up my files and perform this operation it should take care of my problem shouldn't it???
 
Yes it should - assuming the problems are all software related.

Regards. . .

jcgriff2

`
 
Ok...I got CA Security uninstalled using the uninstall option in the CA program file, rebooted, and it loaded fine. Then i ran the Driver Verifier and it rebooted with no problems. Now i am going to install MSE. Do you want me to post anything so you can check and see if problem is fixed?
 

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top