I have not downloaded anything onto my computer in the last few days. The most recent was Norton Antivirus which was about 5 days ago. I left my computer alone for a few hours and when i came back it was off. When i turned it back on i got this crash several times. Please help.
Bsod Bad Pool Header?!
- Thread starter ushawar
- Start date
- Joined
- Sep 22, 2010
- Messages
- 613
- Reaction score
- 102
1. Uninstall Symantec Norton.
http://us.norton.com/support/kb/web_view.jsp?wv_type=public_web&docurl=20080710133834EN&ln=en_US
2. Uninstall AVG.
http://www.avg.com/ww-en/download-tools
3. Install MSE.
http://www.microsoft.com/security_essentials/
4. Update drivers:
USB 3.0 Controller
nusb3xhc.sys Fri Sep 25 09:58:31 2009
Realtek LAN
Rt64win7.sys Thu Feb 26 04:04:13 2009
VIA Audio
viahduaa.sys Tue Oct 20 23:30:30 2009
CRASH DUMPS
Code:
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [F:\DMP\032611-24616-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0xfffff800`02e1c000 PsLoadedModuleList = 0xfffff800`03059e50
Debug session time: Sat Mar 26 19:45:32.904 2011 (UTC - 4:00)
System Uptime: 0 days 0:00:28.231
Loading Kernel Symbols
...............................................................
................................................................
..........................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 50, {fffff888031b6233, 0, fffff88000c4ef8f, 5}
Unable to load image \SystemRoot\system32\drivers\peauth.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for peauth.sys
*** ERROR: Module load completed but symbols could not be loaded for peauth.sys
Could not read faulting driver name
*** WARNING: Unable to verify timestamp for win32k.sys
*** ERROR: Module load completed but symbols could not be loaded for win32k.sys
Probably caused by : memory_corruption
Followup: memory_corruption
---------
3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except,
it must be protected by a Probe. Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: fffff888031b6233, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffff88000c4ef8f, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000005, (reserved)
Debugging Details:
------------------
Could not read faulting driver name
READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800030c40e0
fffff888031b6233
FAULTING_IP:
CI!MFKeyIsTrustedRootKey+369d3
fffff880`00c4ef8f 420fb66cc103 movzx ebp,byte ptr [rcx+r8*8+3]
MM_INTERNAL_CODE: 5
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: CODE_CORRUPTION
BUGCHECK_STR: 0x50
PROCESS_NAME: System
CURRENT_IRQL: 0
TRAP_FRAME: fffff880031b6180 -- (.trap 0xfffff880031b6180)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=00000000000000df rbx=0000000000000000 rcx=fffff880031b64b0
rdx=00000000008d356a rsi=0000000000000000 rdi=0000000000000000
rip=fffff88000c4ef8f rsp=fffff880031b6318 rbp=fffff880031b64a0
r8=00000000ffffffb0 r9=000000008dea08ca r10=0000000008974fed
r11=00000000d7ac3d2c r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na pe cy
CI!MFKeyIsTrustedRootKey+0x369d3:
fffff880`00c4ef8f 420fb66cc103 movzx ebp,byte ptr [rcx+r8*8+3] ds:4542:fffff888`031b6233=??
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff80002f0b8c1 to fffff80002e8c740
STACK_TEXT:
fffff880`031b6018 fffff800`02f0b8c1 : 00000000`00000050 fffff888`031b6233 00000000`00000000 fffff880`031b6180 : nt!KeBugCheckEx
fffff880`031b6020 fffff800`02e8a82e : 00000000`00000000 00000000`20c515b5 00000000`00000000 fffff880`031b6350 : nt! ?? ::FNODOBFM::`string'+0x40e8b
fffff880`031b6180 fffff880`00c4ef8f : fffff8a0`00009eb0 fffff8a0`02bb1034 fffff880`00c56418 fffff880`031b6350 : nt!KiPageFault+0x16e
fffff880`031b6318 fffff880`00c56418 : fffff880`031b6350 fffff880`031b64a0 00000000`00000711 3c43bab7`089713aa : CI!MFKeyIsTrustedRootKey+0x369d3
fffff880`031b6330 fffff880`00c5663c : 00000000`00000711 fffff8a0`02bb1000 fffff8a0`02bb1034 00000000`000015f7 : CI!MFKeyIsTrustedRootKey+0x3de5c
fffff880`031b66a0 fffff880`00c03616 : 83a89215`4132ef92 00000000`00000711 00000000`00000001 fffff8a0`02bb1000 : CI!peauthvbn_SetDebugCredentialsData+0x40
fffff880`031b66f0 fffff880`00c15d0a : 00000000`00000000 00000000`00000000 fffff880`0688b000 00000000`000007ff : CI!PEAuthSetDebugCredentialsData+0x52
fffff880`031b6720 fffff880`00c0ab08 : ffffffff`80000d98 00000000`00000000 00000000`000015f7 fffff880`06890250 : CI!PEPerformInitializationChecks+0xca
fffff880`031b67a0 fffff880`0689c391 : fffff880`06890500 fffff8a0`02bb1000 00000000`00000000 00000000`00000002 : CI!CiGetPEInformation+0xc0
fffff880`031b67e0 fffff880`06890500 : fffff8a0`02bb1000 00000000`00000000 00000000`00000002 fffffa80`0a1e9a70 : peauth+0x19391
fffff880`031b67e8 fffff8a0`02bb1000 : 00000000`00000000 00000000`00000002 fffffa80`0a1e9a70 fffff880`06923119 : peauth+0xd500
fffff880`031b67f0 00000000`00000000 : 00000000`00000002 fffffa80`0a1e9a70 fffff880`06923119 fffff8a0`02bb1000 : 0xfffff8a0`02bb1000
STACK_COMMAND: kb
CHKIMG_EXTENSION: !chkimg -lo 50 -d !CI
fffff88000c4ef50 - CI!MFKeyIsTrustedRootKey+36994
[ 20:30 ]
1 error : !CI (fffff88000c4ef50)
MODULE_NAME: memory_corruption
IMAGE_NAME: memory_corruption
FOLLOWUP_NAME: memory_corruption
DEBUG_FLR_IMAGE_TIMESTAMP: 0
MEMORY_CORRUPTOR: ONE_BIT
FAILURE_BUCKET_ID: X64_MEMORY_CORRUPTION_ONE_BIT
BUCKET_ID: X64_MEMORY_CORRUPTION_ONE_BIT
Followup: memory_corruption
---------
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [F:\DMP\032611-28563-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7600 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7600.16695.amd64fre.win7_gdr.101026-1503
Machine Name:
Kernel base = 0xfffff800`02e49000 PsLoadedModuleList = 0xfffff800`03086e50
Debug session time: Sat Mar 26 20:05:40.924 2011 (UTC - 4:00)
System Uptime: 0 days 0:09:07.625
Loading Kernel Symbols
...............................................................
................................................................
.......................................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 19, {20, fffff8a00cd267d0, fffff8a00cd26810, 5040201}
GetPointerFromAddress: unable to read from fffff800030f10e0
Probably caused by : ntkrnlmp.exe ( nt!RtlDeleteElementGenericTableAvl+4e )
Followup: MachineOwner
---------
2: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
BAD_POOL_HEADER (19)
The pool is already corrupt at the time of the current request.
This may or may not be due to the caller.
The internal pool links must be walked to figure out a possible cause of
the problem, and then special pool applied to the suspect tags or the driver
verifier to a suspect driver.
Arguments:
Arg1: 0000000000000020, a pool block header size is corrupt.
Arg2: fffff8a00cd267d0, The pool entry we were looking for within the page.
Arg3: fffff8a00cd26810, The next pool entry.
Arg4: 0000000005040201, (reserved)
Debugging Details:
------------------
BUGCHECK_STR: 0x19_20
POOL_ADDRESS: fffff8a00cd267d0
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: System
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from fffff80002fec6d3 to fffff80002eb9740
STACK_TEXT:
fffff880`0318c878 fffff800`02fec6d3 : 00000000`00000019 00000000`00000020 fffff8a0`0cd267d0 fffff8a0`0cd26810 : nt!KeBugCheckEx
fffff880`0318c880 fffff800`02e8a9ee : fffff8a0`0cd50b40 fffff800`0305e5a0 fffffa80`7346744e fffffa80`07b52180 : nt!ExDeferredFreePool+0x12c4
fffff880`0318c930 fffff880`012cbf69 : fffff880`0318c9f0 00000000`00000745 fffff8a0`0cd267e0 fffffa80`0701ec20 : nt!RtlDeleteElementGenericTableAvl+0x4e
fffff880`0318c960 fffff880`0123ef6a : fffff800`0305e5a0 fffff880`0318cb01 fffff880`0318c9e1 fffff8a0`0cd50b40 : Ntfs!NtfsDeleteFcb+0x179
fffff880`0318c9c0 fffff880`012c92cc : fffffa80`0701ec20 fffffa80`07b52180 fffff8a0`0cd50b40 fffff8a0`0cd50ed8 : Ntfs!NtfsTeardownFromLcb+0x1ea
fffff880`0318ca50 fffff880`01247882 : fffffa80`0701ec20 fffffa80`0701ec20 fffff8a0`0cd50b40 00000000`00000000 : Ntfs!NtfsTeardownStructures+0xcc
fffff880`0318cad0 fffff880`012e0813 : fffffa80`0701ec20 fffff800`0305e5a0 fffff8a0`0cd50b40 00000000`00000009 : Ntfs!NtfsDecrementCloseCounts+0xa2
fffff880`0318cb10 fffff880`012ba38f : fffffa80`0701ec20 fffff8a0`0cd50c70 fffff8a0`0cd50b40 fffffa80`07b52180 : Ntfs!NtfsCommonClose+0x353
fffff880`0318cbe0 fffff800`02ec6961 : 00000000`00000000 fffff880`01239200 fffffa80`06a3f101 00000500`00000002 : Ntfs!NtfsFspClose+0x15f
fffff880`0318ccb0 fffff800`0315c7c6 : 00000500`00000000 fffffa80`06a3f1a0 00000000`00000080 fffffa80`06a27040 : nt!ExpWorkerThread+0x111
fffff880`0318cd40 fffff800`02e97c26 : fffff880`02f64180 fffffa80`06a3f1a0 fffff880`02f6efc0 00000500`00000000 : nt!PspSystemThreadStartup+0x5a
fffff880`0318cd80 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxStartSystemThread+0x16
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!RtlDeleteElementGenericTableAvl+4e
fffff800`02e8a9ee b001 mov al,1
SYMBOL_STACK_INDEX: 2
SYMBOL_NAME: nt!RtlDeleteElementGenericTableAvl+4e
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 4cc791bd
FAILURE_BUCKET_ID: X64_0x19_20_nt!RtlDeleteElementGenericTableAvl+4e
BUCKET_ID: X64_0x19_20_nt!RtlDeleteElementGenericTableAvl+4e
Followup: MachineOwner
---------DRIVERS
Code:
start end module name
fffff880`00e3c000 fffff880`00e93000 ACPI ACPI.sys Mon Jul 13 19:19:34 2009 (4A5BC106)
fffff880`02c00000 fffff880`02c8a000 afd afd.sys Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`045d3000 fffff880`045e9000 AgileVpn AgileVpn.sys Mon Jul 13 20:10:24 2009 (4A5BCCF0)
fffff880`045a2000 fffff880`045b7000 amdppm amdppm.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD)
fffff880`00fd0000 fffff880`00fdb000 amdxata amdxata.sys Tue May 19 13:56:59 2009 (4A12F2EB)
fffff880`057f4000 fffff880`057fc000 ASACPI ASACPI.sys Mon Oct 30 22:09:12 2006 (4546B048)
fffff880`07a20000 fffff880`07a2b000 asyncmac asyncmac.sys Mon Jul 13 20:10:13 2009 (4A5BCCE5)
fffff880`00f9d000 fffff880`00fa6000 atapi atapi.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00fa6000 fffff880`00fd0000 ataport ataport.SYS Mon Jul 13 19:19:52 2009 (4A5BC118)
fffff880`06386000 fffff880`063ba000 AVGIDSDriver AVGIDSDriver.Sys Tue Aug 03 18:24:45 2010 (4C58972D)
fffff880`01400000 fffff880`0140a000 AVGIDSEH AVGIDSEH.Sys Mon Sep 13 18:46:38 2010 (4C8EA9CE)
fffff880`029eb000 fffff880`029f7000 AVGIDSFilter AVGIDSFilter.Sys Tue Aug 03 18:23:21 2010 (4C5896D9)
fffff880`0452c000 fffff880`0457c000 avgldx64 avgldx64.sys Tue Dec 07 21:01:55 2010 (4CFEE713)
fffff880`013ee000 fffff880`013fd000 avgmfx64 avgmfx64.sys Mon Sep 06 20:49:14 2010 (4C858C0A)
fffff880`017f1000 fffff880`017fb000 avgrkx64 avgrkx64.sys Mon Sep 06 20:49:37 2010 (4C858C21)
fffff880`02cda000 fffff880`02d3b000 avgtdia avgtdia.sys Fri Nov 12 06:08:42 2010 (4CDD203A)
fffff880`01652000 fffff880`01659000 Beep Beep.SYS Mon Jul 13 20:00:13 2009 (4A5BCA8D)
fffff880`04416000 fffff880`0452c000 BHDrvx64 BHDrvx64.sys Wed Feb 23 17:42:55 2011 (4D658D6F)
fffff880`04327000 fffff880`04338000 blbdrive blbdrive.sys Mon Jul 13 19:35:59 2009 (4A5BC4DF)
fffff880`0293a000 fffff880`02958000 bowser bowser.sys Mon Jul 13 19:23:50 2009 (4A5BC206)
fffff960`007c0000 fffff960`007e7000 cdd cdd.dll unavailable (00000000)
fffff880`059c8000 fffff880`059e5000 cdfs cdfs.sys Mon Jul 13 19:19:46 2009 (4A5BC112)
fffff880`011c9000 fffff880`011f3000 cdrom cdrom.sys Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`00c92000 fffff880`00d52000 CI CI.dll Mon Jul 13 21:32:13 2009 (4A5BE01D)
fffff880`01200000 fffff880`01230000 CLASSPNP CLASSPNP.SYS Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`00c34000 fffff880`00c92000 CLFS CLFS.SYS Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`01498000 fffff880`0150b000 cng cng.sys Mon Jul 13 19:49:40 2009 (4A5BC814)
fffff880`045c3000 fffff880`045d3000 CompositeBus CompositeBus.sys Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`059e5000 fffff880`059f3000 crashdmp crashdmp.sys Mon Jul 13 20:01:01 2009 (4A5BCABD)
fffff880`04309000 fffff880`04327000 dfsc dfsc.sys Mon Jul 13 19:23:44 2009 (4A5BC200)
fffff880`042fa000 fffff880`04309000 discache discache.sys Mon Jul 13 19:37:18 2009 (4A5BC52E)
fffff880`015e6000 fffff880`015fc000 disk disk.sys Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`05983000 fffff880`059a5000 drmk drmk.sys Mon Jul 13 21:01:25 2009 (4A5BD8E5)
fffff880`059f3000 fffff880`059fc000 dump_atapi dump_atapi.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`0643d000 fffff880`06449000 dump_dumpata dump_dumpata.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`05800000 fffff880`05813000 dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
fffff880`05813000 fffff880`0581f000 Dxapi Dxapi.sys Mon Jul 13 19:38:28 2009 (4A5BC574)
fffff880`05685000 fffff880`05779000 dxgkrnl dxgkrnl.sys Tue Jan 25 23:22:56 2011 (4D3FA1A0)
fffff880`05779000 fffff880`057bf000 dxgmms1 dxgmms1.sys Tue Jan 25 23:22:12 2011 (4D3FA174)
fffff880`0425f000 fffff880`042d5000 eeCtrl64 eeCtrl64.sys Fri May 21 17:44:45 2010 (4BF6FECD)
fffff880`07a00000 fffff880`07a20000 ENG64 ENG64.SYS Mon Dec 13 20:47:30 2010 (4D06CCB2)
fffff880`042d5000 fffff880`042fa000 EraserUtilRebootDrv EraserUtilRebootDrv.sys Fri May 21 17:44:45 2010 (4BF6FECD)
fffff880`07a33000 fffff880`07bed000 EX64 EX64.SYS Mon Dec 13 20:55:48 2010 (4D06CEA4)
fffff880`010d9000 fffff880`010ed000 fileinfo fileinfo.sys Mon Jul 13 19:34:25 2009 (4A5BC481)
fffff880`0101c000 fffff880`01068000 fltmgr fltmgr.sys Mon Jul 13 19:19:59 2009 (4A5BC11F)
fffff880`0151c000 fffff880`01526000 Fs_Rec Fs_Rec.sys Mon Jul 13 19:19:45 2009 (4A5BC111)
fffff880`015ac000 fffff880`015e6000 fvevol fvevol.sys Fri Sep 25 22:34:26 2009 (4ABD7DB2)
fffff880`01600000 fffff880`0164a000 fwpkclnt fwpkclnt.sys Mon Jul 13 19:21:08 2009 (4A5BC164)
fffff880`05664000 fffff880`05671000 GEARAspiWDM GEARAspiWDM.sys Mon May 18 08:17:04 2009 (4A1151C0)
fffff800`02e00000 fffff800`02e49000 hal hal.dll Mon Jul 13 21:27:36 2009 (4A5BDF08)
fffff880`057bf000 fffff880`057e3000 HDAudBus HDAudBus.sys Mon Jul 13 20:06:13 2009 (4A5BCBF5)
fffff880`06400000 fffff880`06419000 HIDCLASS HIDCLASS.SYS Mon Jul 13 20:06:21 2009 (4A5BCBFD)
fffff880`06419000 fffff880`06421080 HIDPARSE HIDPARSE.SYS Mon Jul 13 20:06:17 2009 (4A5BCBF9)
fffff880`065f1000 fffff880`065ff000 hidusb hidusb.sys Mon Jul 13 20:06:22 2009 (4A5BCBFE)
fffff880`02872000 fffff880`0293a000 HTTP HTTP.sys Mon Jul 13 19:22:16 2009 (4A5BC1A8)
fffff880`017e8000 fffff880`017f1000 hwpolicy hwpolicy.sys Mon Jul 13 19:19:22 2009 (4A5BC0FA)
fffff880`04000000 fffff880`0407b000 IDSvia64 IDSvia64.sys Fri Nov 05 17:13:11 2010 (4CD47367)
fffff880`04150000 fffff880`0417d000 Ironx64 Ironx64.SYS Fri Nov 12 18:06:50 2010 (4CDDC88A)
fffff880`04400000 fffff880`0440f000 kbdclass kbdclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`06422000 fffff880`06430000 kbdhid kbdhid.sys Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff800`00bc4000 fffff800`00bce000 kdcom kdcom.dll Mon Jul 13 21:31:07 2009 (4A5BDFDB)
fffff880`05843000 fffff880`05886000 ks ks.sys Wed Mar 03 23:32:25 2010 (4B8F37D9)
fffff880`0147e000 fffff880`01498000 ksecdd ksecdd.sys Mon Jul 13 19:20:54 2009 (4A5BC156)
fffff880`017ab000 fffff880`017d6000 ksecpkg ksecpkg.sys Fri Dec 11 01:03:32 2009 (4B21E0B4)
fffff880`059a5000 fffff880`059aa200 ksthunk ksthunk.sys Mon Jul 13 20:00:19 2009 (4A5BCA93)
fffff880`02845000 fffff880`0285a000 lltdio lltdio.sys Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`0407b000 fffff880`0409e000 luafv luafv.sys Mon Jul 13 19:26:13 2009 (4A5BC295)
fffff880`00c13000 fffff880`00c20000 mcupdate_AuthenticAMD mcupdate_AuthenticAMD.dll Mon Jul 13 21:29:09 2009 (4A5BDF65)
fffff880`0581f000 fffff880`0582d000 monitor monitor.sys Mon Jul 13 19:38:52 2009 (4A5BC58C)
fffff880`0423b000 fffff880`0424a000 mouclass mouclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`06430000 fffff880`0643d000 mouhid mouhid.sys Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff880`00f83000 fffff880`00f9d000 mountmgr mountmgr.sys Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`02958000 fffff880`02970000 mpsdrv mpsdrv.sys Mon Jul 13 20:08:25 2009 (4A5BCC79)
fffff880`02970000 fffff880`0299d000 mrxsmb mrxsmb.sys Sat Feb 27 02:52:19 2010 (4B88CF33)
fffff880`0299d000 fffff880`029eb000 mrxsmb10 mrxsmb10.sys Sat Feb 27 02:52:28 2010 (4B88CF3C)
fffff880`02800000 fffff880`02823000 mrxsmb20 mrxsmb20.sys Sat Feb 27 02:52:26 2010 (4B88CF3A)
fffff880`00e22000 fffff880`00e2d000 Msfs Msfs.SYS Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00e9c000 fffff880`00ea6000 msisadrv msisadrv.sys Mon Jul 13 19:19:26 2009 (4A5BC0FE)
fffff880`01420000 fffff880`0147e000 msrpc msrpc.sys Mon Jul 13 19:21:32 2009 (4A5BC17C)
fffff880`041f0000 fffff880`041fb000 mssmbios mssmbios.sys Mon Jul 13 19:31:10 2009 (4A5BC3BE)
fffff880`017d6000 fffff880`017e8000 mup mup.sys Mon Jul 13 19:23:45 2009 (4A5BC201)
fffff880`01659000 fffff880`0174b000 ndis ndis.sys Mon Jul 13 19:21:40 2009 (4A5BC184)
fffff880`045e9000 fffff880`045f5000 ndistapi ndistapi.sys Mon Jul 13 20:10:00 2009 (4A5BCCD8)
fffff880`043b2000 fffff880`043e1000 ndiswan ndiswan.sys Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`05908000 fffff880`0591d000 NDProxy NDProxy.SYS Mon Jul 13 20:10:05 2009 (4A5BCCDD)
fffff880`02da6000 fffff880`02db5000 netbios netbios.sys Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff880`02d3b000 fffff880`02d80000 netbt netbt.sys Mon Jul 13 19:21:28 2009 (4A5BC178)
fffff880`0174b000 fffff880`017ab000 NETIO NETIO.SYS Mon Jul 13 19:21:46 2009 (4A5BC18A)
fffff880`02c9e000 fffff880`02caf000 Npfs Npfs.SYS Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`041e4000 fffff880`041f0000 nsiproxy nsiproxy.sys Mon Jul 13 19:21:02 2009 (4A5BC15E)
fffff800`02e49000 fffff800`03426000 nt ntkrnlmp.exe Tue Oct 26 22:43:09 2010 (4CC791BD)
fffff880`01236000 fffff880`013d9000 Ntfs Ntfs.sys Mon Jul 13 19:20:47 2009 (4A5BC14F)
fffff880`011f3000 fffff880`011fc000 Null Null.SYS Mon Jul 13 19:19:37 2009 (4A5BC109)
fffff880`05898000 fffff880`058ae000 nusb3hub nusb3hub.sys Fri Sep 25 09:58:23 2009 (4ABCCC7F)
fffff880`05600000 fffff880`05630000 nusb3xhc nusb3xhc.sys Fri Sep 25 09:58:31 2009 (4ABCCC87)
fffff880`053fd000 fffff880`053fe180 nvBridge nvBridge.kmd Sat Oct 16 13:06:16 2010 (4CB9DB88)
fffff880`0591d000 fffff880`05946000 nvhda64v nvhda64v.sys Tue Sep 07 16:08:40 2010 (4C869BC8)
fffff880`04823000 fffff880`053fca80 nvlddmkm nvlddmkm.sys Sat Oct 16 13:12:46 2010 (4CB9DD0E)
fffff880`02d80000 fffff880`02da6000 pacer pacer.sys Mon Jul 13 20:09:41 2009 (4A5BCCC5)
fffff880`04800000 fffff880`0481d000 parport parport.sys Mon Jul 13 20:00:40 2009 (4A5BCAA8)
fffff880`00ee6000 fffff880`00efb000 partmgr partmgr.sys Mon Jul 13 19:19:58 2009 (4A5BC11E)
fffff880`00ea6000 fffff880`00ed9000 pci pci.sys Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`00f6c000 fffff880`00f73000 pciide pciide.sys Mon Jul 13 19:19:49 2009 (4A5BC115)
fffff880`00f73000 fffff880`00f83000 PCIIDEX PCIIDEX.SYS Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`0150b000 fffff880`0151c000 pcw pcw.sys Mon Jul 13 19:19:27 2009 (4A5BC0FF)
fffff880`054b1000 fffff880`05557000 peauth peauth.sys Mon Jul 13 21:01:19 2009 (4A5BD8DF)
fffff880`05946000 fffff880`05983000 portcls portcls.sys Mon Jul 13 20:06:27 2009 (4A5BCC03)
fffff880`00c20000 fffff880`00c34000 PSHED PSHED.dll Mon Jul 13 21:32:23 2009 (4A5BE027)
fffff880`0438e000 fffff880`043b2000 rasl2tp rasl2tp.sys Mon Jul 13 20:10:11 2009 (4A5BCCE3)
fffff880`043e1000 fffff880`043fc000 raspppoe raspppoe.sys Mon Jul 13 20:10:17 2009 (4A5BCCE9)
fffff880`04200000 fffff880`04221000 raspptp raspptp.sys Mon Jul 13 20:10:18 2009 (4A5BCCEA)
fffff880`04221000 fffff880`0423b000 rassstp rassstp.sys Mon Jul 13 20:10:25 2009 (4A5BCCF1)
fffff880`04193000 fffff880`041e4000 rdbss rdbss.sys Mon Jul 13 19:24:09 2009 (4A5BC219)
fffff880`0100e000 fffff880`01017000 RDPCDD RDPCDD.sys Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`00e10000 fffff880`00e19000 rdpencdd rdpencdd.sys Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`00e19000 fffff880`00e22000 rdprefmp rdprefmp.sys Mon Jul 13 20:16:35 2009 (4A5BCE63)
fffff880`01572000 fffff880`015ac000 rdyboost rdyboost.sys Mon Jul 13 19:34:34 2009 (4A5BC48A)
fffff880`0285a000 fffff880`02872000 rspndr rspndr.sys Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`05632000 fffff880`05664000 Rt64win7 Rt64win7.sys Thu Feb 26 04:04:13 2009 (49A65B0D)
fffff880`05557000 fffff880`05562000 secdrv secdrv.SYS Wed Sep 13 09:18:38 2006 (4508052E)
fffff880`045b7000 fffff880`045c3000 serenum serenum.sys Mon Jul 13 20:00:33 2009 (4A5BCAA1)
fffff880`02db5000 fffff880`02dd2000 serial serial.sys Mon Jul 13 20:00:40 2009 (4A5BCAA8)
fffff880`06243000 fffff880`062fa000 Sftfslh Sftfslh.sys Fri Apr 23 15:20:30 2010 (4BD1F2FE)
fffff880`062fa000 fffff880`06347000 Sftplaylh Sftplaylh.sys Fri Apr 23 15:20:28 2010 (4BD1F2FC)
fffff880`063ba000 fffff880`063c5000 Sftredirlh Sftredirlh.sys Fri Apr 23 15:20:39 2010 (4BD1F307)
fffff880`0582d000 fffff880`05838000 Sftvollh Sftvollh.sys Fri Apr 23 15:20:08 2010 (4BD1F2E8)
fffff880`0164a000 fffff880`01652000 spldr spldr.sys Mon May 11 12:56:27 2009 (4A0858BB)
fffff880`07894000 fffff880`07953000 SRTSP64 SRTSP64.SYS Fri Nov 19 19:17:58 2010 (4CE713B6)
fffff880`0417d000 fffff880`04193000 SRTSPX64 SRTSPX64.SYS Fri Nov 19 19:18:10 2010 (4CE713C2)
fffff880`05400000 fffff880`05496000 srv srv.sys Thu Aug 26 23:38:00 2010 (4C773318)
fffff880`05562000 fffff880`055c9000 srv2 srv2.sys Thu Aug 26 23:37:46 2010 (4C77330A)
fffff880`06347000 fffff880`06374000 srvnet srvnet.sys Thu Aug 26 23:37:24 2010 (4C7732F4)
fffff880`057fc000 fffff880`057fd480 swenum swenum.sys Mon Jul 13 20:00:18 2009 (4A5BCA92)
fffff880`01068000 fffff880`010d9000 SYMDS64 SYMDS64.SYS Fri Oct 15 13:53:54 2010 (4CB89532)
fffff880`010ed000 fffff880`011b6000 SYMEFA64 SYMEFA64.SYS Mon Nov 15 16:56:23 2010 (4CE1AC87)
fffff880`0411a000 fffff880`04150000 SYMEVENT64x86 SYMEVENT64x86.SYS Fri Jul 30 19:05:59 2010 (4C535AD7)
fffff880`040b4000 fffff880`0411a000 SYMNETS SYMNETS.SYS Tue Nov 30 18:24:40 2010 (4CF587B8)
fffff880`01800000 fffff880`019fd000 tcpip tcpip.sys Sun Jun 13 23:39:04 2010 (4C15A458)
fffff880`06374000 fffff880`06386000 tcpipreg tcpipreg.sys Mon Jul 13 20:09:49 2009 (4A5BCCCD)
fffff880`02ccd000 fffff880`02cda000 TDI TDI.SYS Mon Jul 13 19:21:18 2009 (4A5BC16E)
fffff880`02caf000 fffff880`02ccd000 tdx tdx.sys Mon Jul 13 19:21:15 2009 (4A5BC16B)
fffff880`040a0000 fffff880`040b4000 termdd termdd.sys Mon Jul 13 20:16:36 2009 (4A5BCE64)
fffff960`00510000 fffff960`0051a000 TSDDD TSDDD.dll unavailable (00000000)
fffff880`0457c000 fffff880`045a2000 tunnel tunnel.sys Mon Jul 13 20:09:37 2009 (4A5BCCC1)
fffff880`05886000 fffff880`05898000 umbus umbus.sys Mon Jul 13 20:06:56 2009 (4A5BCC20)
fffff880`059ab000 fffff880`059c8000 usbccgp usbccgp.sys Mon Jul 13 20:06:45 2009 (4A5BCC15)
fffff880`05630000 fffff880`05631f00 USBD USBD.SYS Mon Jul 13 20:06:23 2009 (4A5BCBFF)
fffff880`057e3000 fffff880`057f4000 usbehci usbehci.sys Mon Jul 13 20:06:30 2009 (4A5BCC06)
fffff880`058ae000 fffff880`05908000 usbhub usbhub.sys Mon Jul 13 20:07:09 2009 (4A5BCC2D)
fffff880`05671000 fffff880`0567c000 usbohci usbohci.sys Mon Jul 13 20:06:30 2009 (4A5BCC06)
fffff880`04338000 fffff880`0438e000 USBPORT USBPORT.SYS Mon Jul 13 20:06:31 2009 (4A5BCC07)
fffff880`00ed9000 fffff880`00ee6000 vdrvroot vdrvroot.sys Mon Jul 13 20:01:31 2009 (4A5BCADB)
fffff880`01000000 fffff880`0100e000 vga vga.sys Mon Jul 13 19:38:47 2009 (4A5BC587)
fffff880`06449000 fffff880`065f1000 viahduaa viahduaa.sys Tue Oct 20 23:30:30 2009 (4ADE8056)
fffff880`00fdb000 fffff880`01000000 VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:38:51 2009 (4A5BC58B)
fffff880`00efb000 fffff880`00f10000 volmgr volmgr.sys Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`00f10000 fffff880`00f6c000 volmgrx volmgrx.sys Mon Jul 13 19:20:33 2009 (4A5BC141)
fffff880`01526000 fffff880`01572000 volsnap volsnap.sys Mon Jul 13 19:20:08 2009 (4A5BC128)
fffff880`02dd2000 fffff880`02ded000 wanarp wanarp.sys Mon Jul 13 20:10:21 2009 (4A5BCCED)
fffff880`00e00000 fffff880`00e10000 watchdog watchdog.sys Mon Jul 13 19:37:35 2009 (4A5BC53F)
fffff880`00d52000 fffff880`00df6000 Wdf01000 Wdf01000.sys Mon Jul 13 19:22:07 2009 (4A5BC19F)
fffff880`00c00000 fffff880`00c0f000 WDFLDR WDFLDR.SYS Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`02c8a000 fffff880`02c93000 wfplwf wfplwf.sys Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff960`00000000 fffff960`00310000 win32k win32k.sys unavailable (00000000)
fffff880`0567c000 fffff880`05685000 wmiacpi wmiacpi.sys Mon Jul 13 19:31:02 2009 (4A5BC3B6)
fffff880`00e93000 fffff880`00e9c000 WMILIB WMILIB.SYS Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`02824000 fffff880`02845000 WudfPf WudfPf.sys Mon Jul 13 20:05:37 2009 (4A5BCBD1)
Unloaded modules:
fffff880`07953000 fffff880`079c4000 spsys.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 00071000
fffff880`0140a000 fffff880`01418000 crashdmp.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 0000E000
fffff880`013d9000 fffff880`013e5000 dump_ataport
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 0000C000
fffff880`013e5000 fffff880`013ee000 dump_atapi.s
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 00009000
fffff880`011b6000 fffff880`011c9000 dump_dumpfve
Timestamp: unavailable (00000000)
Checksum: 00000000
ImageSize: 00013000