# App Crash, Windows Vista



## Nuclear_Bob (Apr 2, 2010)

Hello everyone, I used to play a game called navyfield and was unable to play for a couple months. When I was able to play the game again, the game automatically patched itself, and when I went to start the game it crashed. I have been in contact with the game's company for about 6 months working on the issue, but they have finally concluded "...that this sort of a problem is 
catched from the OS issues which can come from a variety of reasons. It can be memory issues between the OS and the game program, or it can be the display driver...". The game starts from a launcher (navyfield launcher.exe) which then starts navyfield.exe. There is a European version of the game which I tried and it worked fine. After trying the euro version, I swapped the navyfield.exe from the EU version to the US version, which didn't work (got the same crash.) I was still curious so I swapped the launchers which allowed the US version to start (got past the crash), but the game won't work (which i expected.) I did tell this to the game dev. , but after a fix he tried, it still didn't work and (gave me the quoted response) pointed me here.

Game's website:

Navyfield.com (which is the US page)

Problem signature:
Problem Event Name:	APPCRASH
Application Name:	NavyFIELD.exe
Application Version:	0.0.0.0
Application Timestamp:	49ee8896
Fault Module Name:	NavyFIELD.exe
Fault Module Version:	0.0.0.0
Fault Module Timestamp:	49ee8896
Exception Code:	c0000005
Exception Offset:	00001441
OS Version:	6.0.6002.2.2.0.768.3
Locale ID:	1033
Additional Information 1:	fd00
Additional Information 2:	ea6f5fe8924aaa756324d57f87834160
Additional Information 3:	fd00
Additional Information 4:	ea6f5fe8924aaa756324d57f87834160


Dxdiag:

```
_________________________________________________________________
------------------
System Information
------------------
Time of this report: 4/2/2010, 00:42:14
       Machine name: MARK-PC
   Operating System: Windows Vista™ Home Premium (6.0, Build 6002) Service Pack 2 (6002.vistasp2_gdr.091208-0542)
           Language: English (Regional Setting: English)
System Manufacturer: Gigabyte Technology Co., Ltd.
       System Model: GA-MA790X-UD4P
               BIOS: Award Modular BIOS v6.00PG
          Processor: AMD Phenom(tm) II X4 920 Processor (4 CPUs), ~2.8GHz
             Memory: 4094MB RAM
          Page File: 2059MB used, 6348MB available
        Windows Dir: C:\Windows
    DirectX Version: DirectX 11
DX Setup Parameters: Not found
     DxDiag Version: 7.00.6002.18107 32bit Unicode

------------
DxDiag Notes
------------
      Display Tab 1: No problems found.
        Sound Tab 1: No problems found.
        Sound Tab 2: No problems found.
          Input Tab: No problems found.

--------------------
DirectX Debug Levels
--------------------
Direct3D:    0/4 (retail)
DirectDraw:  0/4 (retail)
DirectInput: 0/5 (retail)
DirectMusic: 0/5 (retail)
DirectPlay:  0/9 (retail)
DirectSound: 0/5 (retail)
DirectShow:  0/6 (retail)

---------------
Display Devices
---------------
        Card name: ATI Radeon HD 4800 Series
     Manufacturer: ATI Technologies Inc.
        Chip type: ATI display adapter (0x9440)
         DAC type: Internal DAC(400MHz)
       Device Key: Enum\PCI\VEN_1002&DEV_9440&SUBSYS_05021002&REV_00
   Display Memory: 2296 MB
 Dedicated Memory: 505 MB
    Shared Memory: 1791 MB
     Current Mode: 1680 x 1050 (32 bit) (60Hz)
          Monitor: Generic PnP Monitor
      Driver Name: atiu9p64.dll,aticfx64.dll,aticfx64.dll,atiu9pag,aticfx32,aticfx32,atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64.dll
   Driver Version: 8.14.0001.6099 (English)
      DDI Version: 10.1
   BGRA Supported: Yes
Driver Attributes: Final Retail
 Driver Date/Size: 3/2/2010 23:06:34, 28160 bytes
      WHQL Logo'd: n/a
  WHQL Date Stamp: n/a
Device Identifier: {D7B71EE2-D700-11CF-6164-0325A1C2C535}
        Vendor ID: 0x1002
        Device ID: 0x9440
        SubSys ID: 0x05021002
      Revision ID: 0x0000
      Revision ID: 0x0000
      Video Accel: ModeMPEG2_A ModeMPEG2_C 
 Deinterlace Caps: {6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                   {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
                   {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                   {6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                   {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
                   {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                   {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                   {3C5323C1-6FB7-44F5-9081-056BF2EE449D}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                   {552C0DAD-CCBC-420B-83C8-74943CF9F1A6}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,2) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                   {6E8329FF-B642-418B-BCF0-BCB6591E255F}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
                   {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
                   {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY 
                   {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                   {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                   {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                   {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                   {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                   {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
     DDraw Status: Enabled
       D3D Status: Enabled
       AGP Status: Enabled

-------------
Sound Devices
-------------
            Description: Speakers (Realtek High Definition Audio)
 Default Sound Playback: Yes
 Default Voice Playback: Yes
            Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0885&SUBSYS_1458A102&REV_1001
        Manufacturer ID: 1
             Product ID: 100
                   Type: WDM
            Driver Name: RTKVHD64.sys
         Driver Version: 6.00.0001.5964 (English)
      Driver Attributes: Final Retail
            WHQL Logo'd: n/a
          Date and Size: 10/21/2009 10:27:58, 2013856 bytes
            Other Files: 
        Driver Provider: Realtek Semiconductor Corp.
         HW Accel Level: Basic
              Cap Flags: 0xF1F
    Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
 Static/Strm HW 3D Bufs: 0, 0
              HW Memory: 0
       Voice Management: No
 EAX(tm) 2.0 Listen/Src: No, No
   I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

            Description: Realtek Digital Output (Realtek High Definition Audio)
 Default Sound Playback: No
 Default Voice Playback: No
            Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0885&SUBSYS_1458A102&REV_1001
        Manufacturer ID: 1
             Product ID: 100
                   Type: WDM
            Driver Name: RTKVHD64.sys
         Driver Version: 6.00.0001.5964 (English)
      Driver Attributes: Final Retail
            WHQL Logo'd: n/a
          Date and Size: 10/21/2009 10:27:58, 2013856 bytes
            Other Files: 
        Driver Provider: Realtek Semiconductor Corp.
         HW Accel Level: Basic
              Cap Flags: 0xF1F
    Min/Max Sample Rate: 100, 200000
Static/Strm HW Mix Bufs: 1, 0
 Static/Strm HW 3D Bufs: 0, 0
              HW Memory: 0
       Voice Management: No
 EAX(tm) 2.0 Listen/Src: No, No
   I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

---------------------
Sound Capture Devices
---------------------
            Description: Microphone (Realtek High Definition Audio)
  Default Sound Capture: Yes
  Default Voice Capture: Yes
            Driver Name: RTKVHD64.sys
         Driver Version: 6.00.0001.5964 (English)
      Driver Attributes: Final Retail
          Date and Size: 10/21/2009 10:27:58, 2013856 bytes
              Cap Flags: 0x1
           Format Flags: 0xFFFFF

            Description: Realtek Digital Input (Realtek High Definition Audio)
  Default Sound Capture: No
  Default Voice Capture: No
            Driver Name: RTKVHD64.sys
         Driver Version: 6.00.0001.5964 (English)
      Driver Attributes: Final Retail
          Date and Size: 10/21/2009 10:27:58, 2013856 bytes
              Cap Flags: 0x1
           Format Flags: 0xFFFFF

-------------------
DirectInput Devices
-------------------
      Device Name: Mouse
         Attached: 1
    Controller ID: n/a
Vendor/Product ID: n/a
        FF Driver: n/a

      Device Name: Keyboard
         Attached: 1
    Controller ID: n/a
Vendor/Product ID: n/a
        FF Driver: n/a

Poll w/ Interrupt: No

-----------
USB Devices
-----------
+ USB Root Hub
| Vendor/Product ID: 0x1002, 0x4398
| Matching Device ID: usb\root_hub
| Service: usbhub
| 
+-+ USB Human Interface Device
| | Vendor/Product ID: 0x046D, 0xC01B
| | Location: Port_#0001.Hub_#0002
| | Matching Device ID: usb\class_03&subclass_01
| | Service: HidUsb
| | 
| +-+ HID-compliant mouse
| | | Vendor/Product ID: 0x046D, 0xC01B
| | | Matching Device ID: hid_device_system_mouse
| | | Service: mouhid

----------------
Gameport Devices
----------------

------------
PS/2 Devices
------------
+ HID Keyboard Device
| Vendor/Product ID: 0x047B, 0x0011
| Matching Device ID: hid_device_system_keyboard
| Service: kbdhid
| 
+ Terminal Server Keyboard Driver
| Matching Device ID: root\rdp_kbd
| Upper Filters: kbdclass
| Service: TermDD
| 
+ Terminal Server Mouse Driver
| Matching Device ID: root\rdp_mou
| Upper Filters: mouclass
| Service: TermDD

------------------------
Disk & DVD/CD-ROM Drives
------------------------
      Drive: C:
 Free Space: 87.2 GB
Total Space: 305.2 GB
File System: NTFS
      Model: WDC WD3200AAKB-00WHA0 ATA Device

      Drive: D:
      Model: LITE-ON DVDRW LH-20A1L ATA Device
     Driver: c:\windows\system32\drivers\cdrom.sys, 6.00.6002.18005 (English), , 0 bytes

--------------
System Devices
--------------
     Name: GIGABYTE GBB36X Controller
Device ID: PCI\VEN_197B&DEV_2363&SUBSYS_B0001458&REV_02\4&1C062532&0&0020
   Driver: n/a

     Name: Realtek PCIe GBE Family Controller
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_03\4&2BF02749&0&0050
   Driver: n/a

     Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1022&DEV_1204&SUBSYS_00000000&REV_00\3&2B8E0B4B&0&C4
   Driver: n/a

     Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1022&DEV_1203&SUBSYS_00000000&REV_00\3&2B8E0B4B&0&C3
   Driver: n/a

     Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1022&DEV_1202&SUBSYS_00000000&REV_00\3&2B8E0B4B&0&C2
   Driver: n/a

     Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1022&DEV_1201&SUBSYS_00000000&REV_00\3&2B8E0B4B&0&C1
   Driver: n/a

     Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1022&DEV_1200&SUBSYS_00000000&REV_00\3&2B8E0B4B&0&C0
   Driver: n/a

     Name: High Definition Audio Controller
Device ID: PCI\VEN_1002&DEV_AA30&SUBSYS_AA301002&REV_00\4&39CF9AFE&0&0110
   Driver: n/a

     Name: ATI Radeon HD 4800 Series
Device ID: PCI\VEN_1002&DEV_9440&SUBSYS_05021002&REV_00\4&39CF9AFE&0&0010
   Driver: n/a

     Name: PCI standard PCI-to-PCI bridge
Device ID: PCI\VEN_1002&DEV_597F&SUBSYS_59581002&REV_00\3&2B8E0B4B&0&50
   Driver: n/a

     Name: PCI standard PCI-to-PCI bridge
Device ID: PCI\VEN_1002&DEV_597A&SUBSYS_59581002&REV_00\3&2B8E0B4B&0&20
   Driver: n/a

     Name: PCI standard PCI-to-PCI bridge
Device ID: PCI\VEN_1002&DEV_5978&SUBSYS_59581002&REV_00\3&2B8E0B4B&0&10
   Driver: n/a

     Name: PCI standard host CPU bridge
Device ID: PCI\VEN_1002&DEV_5958&SUBSYS_59581002&REV_00\3&2B8E0B4B&0&00
   Driver: n/a

     Name: PCI standard ISA bridge
Device ID: PCI\VEN_1002&DEV_439D&SUBSYS_439D1002&REV_00\3&2B8E0B4B&0&A3
   Driver: n/a

     Name: Standard Dual Channel PCI IDE Controller
Device ID: PCI\VEN_1002&DEV_439C&SUBSYS_50021458&REV_00\3&2B8E0B4B&0&A1
   Driver: n/a

     Name: Standard OpenHCD USB Host Controller
Device ID: PCI\VEN_1002&DEV_4399&SUBSYS_50041458&REV_00\3&2B8E0B4B&0&A5
   Driver: n/a

     Name: Standard OpenHCD USB Host Controller
Device ID: PCI\VEN_1002&DEV_4398&SUBSYS_50041458&REV_00\3&2B8E0B4B&0&99
   Driver: n/a

     Name: Standard OpenHCD USB Host Controller
Device ID: PCI\VEN_1002&DEV_4398&SUBSYS_50041458&REV_00\3&2B8E0B4B&0&91
   Driver: n/a

     Name: Standard OpenHCD USB Host Controller
Device ID: PCI\VEN_1002&DEV_4397&SUBSYS_50041458&REV_00\3&2B8E0B4B&0&98
   Driver: n/a

     Name: Standard OpenHCD USB Host Controller
Device ID: PCI\VEN_1002&DEV_4397&SUBSYS_50041458&REV_00\3&2B8E0B4B&0&90
   Driver: n/a

     Name: Standard Enhanced PCI to USB Host Controller
Device ID: PCI\VEN_1002&DEV_4396&SUBSYS_50041458&REV_00\3&2B8E0B4B&0&9A
   Driver: n/a

     Name: Standard Enhanced PCI to USB Host Controller
Device ID: PCI\VEN_1002&DEV_4396&SUBSYS_50041458&REV_00\3&2B8E0B4B&0&92
   Driver: n/a

     Name: Standard Dual Channel PCI IDE Controller
Device ID: PCI\VEN_1002&DEV_4390&SUBSYS_B0021458&REV_00\3&2B8E0B4B&0&88
   Driver: n/a

     Name: ATI I/O Communications Processor SMBus Controller
Device ID: PCI\VEN_1002&DEV_4385&SUBSYS_43851458&REV_3A\3&2B8E0B4B&0&A0
   Driver: n/a

     Name: ATI I/O Communications Processor PCI Bus Controller
Device ID: PCI\VEN_1002&DEV_4384&SUBSYS_00000000&REV_00\3&2B8E0B4B&0&A4
   Driver: n/a

     Name: High Definition Audio Controller
Device ID: PCI\VEN_1002&DEV_4383&SUBSYS_A1021458&REV_00\3&2B8E0B4B&0&A2
   Driver: n/a

------------------
DirectShow Filters
------------------

DirectShow Filters:
QuickTime Audio Decoder Filter,0x00600800,1,1,,
WMAudio Decoder DMO,0x00800800,1,1,,
WMAPro over S/PDIF DMO,0x00600800,1,1,,
WMSpeech Decoder DMO,0x00600800,1,1,,
MP3 Decoder DMO,0x00600800,1,1,,
Mpeg4s Decoder DMO,0x00800001,1,1,,
WMV Screen decoder DMO,0x00600800,1,1,,
WMVideo Decoder DMO,0x00800001,1,1,,
QuickTime Video Decoder Filter,0x00600800,1,1,,
Mpeg43 Decoder DMO,0x00800001,1,1,,
Mpeg4 Decoder DMO,0x00800001,1,1,,
Full Screen Renderer,0x00200000,1,0,,6.06.6002.18158
ATI Ticker,0x00200000,0,1,Ticker.ax,
DV Muxer,0x00400000,0,0,,6.06.6001.18000
Color Space Converter,0x00400001,1,1,,6.06.6002.18158
WM ASF Reader,0x00400000,0,0,,11.00.6001.7000
DivX AAC Decoder,0x00800000,1,1,daac.ax,7.01.0000.0010
Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,11.00.6001.7000
AVI Splitter,0x00600000,1,1,,6.06.6002.18158
VGA 16 Color Ditherer,0x00400000,1,1,,6.06.6002.18158
Microsoft MPEG-2 Video Decoder,0x005fffff,2,4,msmpeg2vdec.dll,11.00.6001.7110
AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.06.6002.18005
StreamBufferSink,0x00200000,0,0,sbe.dll,6.06.6001.18000
MJPEG Decompressor,0x00600000,1,1,,6.06.6002.18158
DivX for Blizzard Decoder Filter,0x00800000,1,1,blizzard.ax,5.00.0002.0000
MPEG-I Stream Splitter,0x00600000,1,2,,6.06.6002.18158
SAMI (CC) Parser,0x00400000,1,1,,6.06.6002.18158
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.6001.18000
MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.06.6002.18005
Microsoft MPEG-2 Video Encoder,0x00200000,2,0,msmpeg2enc.dll,11.00.6002.18005
Internal Script Command Renderer,0x00800001,1,0,,6.06.6002.18158
MPEG Audio Decoder,0x03680001,1,1,,6.06.6002.18158
MMACE ProcAmp,0x00200000,0,2,MMACEFilters.dll,
DV Splitter,0x00600000,1,2,,6.06.6001.18000
Video Mixing Renderer 9,0x00200000,1,0,,6.06.6002.18158
Microsoft MPEG-2 Encoder,0x00200000,2,1,msmpeg2enc.dll,11.00.6002.18005
OverlayXP,0x00200000,1,1,overlayXP.ax,9.00.0000.0000
ACM Wrapper,0x00600000,1,1,,6.06.6002.18158
Video Renderer,0x00800001,1,0,,6.06.6002.18158
MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.06.6001.18000
Line 21 Decoder,0x00600000,1,1,,6.06.6002.18005
Video Port Manager,0x00600000,2,1,,6.06.6002.18158
DivX H.264 Decoder,0x00800000,1,1,DivXDecH264.ax,8.02.0000.0026
Video Renderer,0x00400000,1,0,,6.06.6002.18158
DivX Decoder Filter,0xff800000,1,1,divxdec.ax,6.03.0000.0085
WM ASF Writer,0x00400000,0,0,,11.00.6001.7000
VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,6.00.6001.18000
MMACE SoftEmu,0x00200000,0,2,MMACEFilters.dll,
File writer,0x00200000,1,0,,6.06.6001.18000
DVD Navigator,0x00200000,0,3,,6.06.6002.18005
Fraunhofer Audio Decoder,0x00601000,1,1,DVDAudio.ax,1.00.0000.0000
Fraunhofer Video Decoder,0x005ff000,2,2,DVDVideo.ax,2.00.0000.0000
MMACE DeInterlace,0x00200000,0,2,MMACEFilters.dll,
Overlay Mixer2,0x00200000,1,1,,6.06.6002.18005
DivX MKV Demux,0x00200000,0,1,DMFSource.ax,1.00.0001.0004
AVI Draw,0x00600064,9,1,,6.06.6002.18158
Microsoft MPEG-2 Audio Encoder,0x00200000,2,0,msmpeg2enc.dll,11.00.6002.18005
WST Pager,0x00800000,1,1,WSTPager.ax,6.06.6001.18000
MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.06.6002.18005
DV Video Decoder,0x00800000,1,1,,6.06.6001.18000
SampleGrabber,0x00200000,1,1,qedit.dll,6.06.6002.18005
Null Renderer,0x00200000,1,0,qedit.dll,6.06.6002.18005
MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,6.06.6001.18000
Microsoft AC3 Encoder,0x00200000,1,1,msac3enc.dll,11.00.6002.18005
StreamBufferSource,0x00200000,0,0,sbe.dll,6.06.6001.18000
Smart Tee,0x00200000,1,2,,6.06.6001.18000
Overlay Mixer,0x00200000,0,0,,6.06.6002.18005
AVI Decompressor,0x00600000,1,1,,6.06.6002.18158
AVI/WAV File Source,0x00400000,0,2,,6.06.6002.18158
Wave Parser,0x00400000,1,1,,6.06.6002.18158
MIDI Parser,0x00400000,1,1,,6.06.6002.18158
Multi-file Parser,0x00400000,1,1,,6.06.6002.18158
File stream renderer,0x00400000,1,1,,6.06.6002.18158
Microsoft MPEG-1/DD Audio Decoder,0x005fffff,1,1,msmpeg2adec.dll,11.00.6001.7000
AVI Mux,0x00200000,1,0,,6.06.6001.18000
Line 21 Decoder 2,0x00600002,1,1,,6.06.6002.18158
File Source (Async.),0x00400000,0,1,,6.06.6002.18158
File Source (URL),0x00400000,0,1,,6.06.6002.18158
Infinite Pin Tee Filter,0x00200000,1,1,,6.06.6001.18000
Enhanced Video Renderer,0x00200000,1,0,evr.dll,6.00.6002.18005
BDA MPEG2 Transport Information Filter,0x00200000,2,0,psisrndr.ax,6.06.6002.18005
MPEG Video Decoder,0x40000001,1,1,,6.06.6002.18158

WDM Streaming Tee/Splitter Devices:
Tee/Sink-to-Sink Converter,0x00200000,1,1,,6.00.6001.18000

Video Compressors:
WMVideo8 Encoder DMO,0x00600800,1,1,,
WMVideo9 Encoder DMO,0x00600800,1,1,,
MSScreen 9 encoder DMO,0x00600800,1,1,,
DV Video Encoder,0x00200000,0,0,,6.06.6001.18000
MJPEG Compressor,0x00200000,0,0,,6.06.6002.18158
Cinepak Codec by Radius,0x00200000,1,1,,6.06.6001.18000
DivX 6.8.5 Codec (4 Logical CPUs),0x00200000,1,1,,6.06.6001.18000
Fraps Video Decompressor,0x00200000,1,1,,6.06.6001.18000
Intel IYUV codec,0x00200000,1,1,,6.06.6001.18000
Intel IYUV codec,0x00200000,1,1,,6.06.6001.18000
Microsoft RLE,0x00200000,1,1,,6.06.6001.18000
Microsoft Video 1,0x00200000,1,1,,6.06.6001.18000
Xfire Video Codec,0x00200000,1,1,,6.06.6001.18000
DivX 6.8.5 YV12 Decoder,0x00200000,1,1,,6.06.6001.18000

Audio Compressors:
WM Speech Encoder DMO,0x00600800,1,1,,
WMAudio Encoder DMO,0x00600800,1,1,,
IMA ADPCM,0x00200000,1,1,,6.06.6002.18158
PCM,0x00200000,1,1,,6.06.6002.18158
Microsoft ADPCM,0x00200000,1,1,,6.06.6002.18158
GSM 6.10,0x00200000,1,1,,6.06.6002.18158
Messenger Audio Codec,0x00200000,1,1,,6.06.6002.18158
CCITT A-Law,0x00200000,1,1,,6.06.6002.18158
CCITT u-Law,0x00200000,1,1,,6.06.6002.18158
MPEG Layer-3,0x00200000,1,1,,6.06.6002.18158

Audio Capture Sources:
Microphone (Realtek High Defini,0x00200000,0,0,,6.06.6001.18000
Realtek Digital Input (Realtek ,0x00200000,0,0,,6.06.6001.18000

Midi Renderers:
Default MidiOut Device,0x00800000,1,0,,6.06.6002.18158
Microsoft GS Wavetable Synth,0x00200000,1,0,,6.06.6002.18158

WDM Streaming Capture Devices:
Realtek HD Digital input,0x00200000,1,1,,6.00.6001.18000
Realtek HD Audio CD input,0x00200000,1,1,,6.00.6001.18000
Realtek HD Audio Mic input,0x00200000,1,1,,6.00.6001.18000
Realtek HD Audio Stereo input,0x00200000,1,1,,6.00.6001.18000

WDM Streaming Rendering Devices:
Realtek HDA HDMI Out,0x00200000,1,1,,6.00.6001.18000
Realtek HD Audio output,0x00200000,1,1,,6.00.6001.18000
Realtek HDA SPDIF Out,0x00200000,1,1,,6.00.6001.18000

BDA Network Providers:
Microsoft ATSC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.6000.16386
Microsoft DVBC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.6000.16386
Microsoft DVBS Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.6000.16386
Microsoft DVBT Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.6000.16386
Microsoft Network Provider,0x00200000,0,1,MSNP.ax,6.06.6002.18005

Video Capture Sources:
IP Camera [JPEG/MJPEG],0x00200000,0,1,IPCamera.ax,4.05.0004.0002
IP Camera [RTSP],0x00200000,0,2,IPCameraRTSP.ax,

Multi-Instance Capable VBI Codecs:
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.6001.18000

BDA Transport Information Renderers:
BDA MPEG2 Transport Information Filter,0x00600000,2,0,psisrndr.ax,6.06.6002.18005
MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,6.06.6001.18000

BDA CP/CA Filters:
Decrypt/Tag,0x00600000,1,0,EncDec.dll,6.06.6002.18005
Encrypt/Tag,0x00200000,0,0,EncDec.dll,6.06.6002.18005
XDS Codec,0x00200000,0,0,EncDec.dll,6.06.6002.18005

WDM Streaming Communication Transforms:
Tee/Sink-to-Sink Converter,0x00200000,1,1,,6.00.6001.18000

Audio Renderers:
Speakers (Realtek High Definiti,0x00200000,1,0,,6.06.6002.18158
Default DirectSound Device,0x00800000,1,0,,6.06.6002.18158
Default WaveOut Device,0x00200000,1,0,,6.06.6002.18158
DirectSound: Realtek Digital Output (Realtek High Definition Audio),0x00200000,1,0,,6.06.6002.18158
DirectSound: Speakers (Realtek High Definition Audio),0x00200000,1,0,,6.06.6002.18158
Realtek Digital Output (Realtek,0x00200000,1,0,,6.06.6002.18158
```
_____________________________________________________________
(VGA: HIS HD4870 512mb with latest drivers.)



DMP Files:

Navyfield.exe -> http://rapidshare.com/files/371007081/NavyFIELD.DMP

Navyfield Launcher -> http://rapidshare.com/files/371065649/NavyFIELD_Launcher.DMP

Thanks


----------



## jcgriff2 (Sep 30, 2007)

Nuclear_Bob said:


> Hello everyone, I used to play a game called navyfield and was unable to play for a couple months. When I was able to play the game again, the game automatically patched itself, and when I went to start the game it crashed.
> Navyfield.com (which is the US page)
> 
> Problem signature:
> ...


Hi - 

The one important item to note in the crash info is the exception code - *0xc0000005* = memory access violation.

Did the game just patch itself.. or does it patch/ attempt to patch a Vista SP2 OS driver? The 0xc..5 exception tells us that the faulting module violated Vista "kernel law" by attempting to access a memory address that is off limits to it. Other reasons that I usually find a 0xc...5 exception - bad RAM (doesn't appear to be the case here) or the presence of a 3rd party firewall.

The timestamp *49ee8896* translates to *Tue Apr 21 23:01:42 2009*, which should be OK to run under Vista SP2, in which most OS drivers are timestamped April 2009 or later.

Please follow these instructions --> BSOD Posting Instructions

Regards. . .

jcgriff2

.


----------



## Nuclear_Bob (Apr 2, 2010)

Thanks for your reply, the game (to my knowledge) only patches the game files in it's install directory. I do run the program as an administrator and with XP compatibility mode because the game would be more stable during play, currently I have found any of the settings do not make a difference (make the program not crash.) DEP is also turned off for the NF programs (suggestion by the game dev and for stability.) I have also tried running the program while windows is in safe mode, to check to see if any of my anti spyware/virus programs were interfering with it, still crashed. If you have any ideas, please share them. Thanks again!


----------



## jcgriff2 (Sep 30, 2007)

Hi - 

It patches a file in \Program Files directory?

I'm wondering if the patch is being re-directed to the Virtual Store; hence not being used.

Check --> C:\Users\User_name\AppData\Local\VirtualStore

Anything related to the game in there?

http://support.microsoft.com/kb/927387

Regards. . .

jcgriff2

.


----------



## Nuclear_Bob (Apr 2, 2010)

Yes, even not run as an admin it still asks for access to your computer. The launcher and a 3rd program patch the files but they are all run as admin.


----------



## Nuclear_Bob (Apr 2, 2010)

Missed your last post sorry. No, there no stray files or folders from the program in there.


----------



## Nuclear_Bob (Apr 2, 2010)

_Bump_


----------



## jcgriff2 (Sep 30, 2007)

What files are patched/ what location?


----------



## Nuclear_Bob (Apr 2, 2010)

Any files that are patched are patched in the install directory which is C:\Program Files\SD EnterNET and C:\Program Files\SD EnterNET\NavyField.

I don't see how there would be a patch problem if the EU version patches fine.


----------



## Nuclear_Bob (Apr 2, 2010)

-Bump-


----------



## jcgriff2 (Sep 30, 2007)

jcgriff2 said:


> Hi -
> 
> It patches a file in \Program Files directory?
> 
> ...


Since running at elevated admin level, did you look at the Admin's Virtual Store?

Regards. . .

jcgriff2

.


----------



## Nuclear_Bob (Apr 2, 2010)

Not really sure what the difference is. I have hidden folders shown and the only folders in users are my account's folder, Public and default (which is hidden.) I guess you know there aren't anything in Public and default. I did double check for an SDEnternet folder or a navyfield folder and did a search in virtual store for "nav."


----------



## jcgriff2 (Sep 30, 2007)

Hi -

Do an all out search for files *nav.* - 
START | type *cmd.exe * | RIGHT-click on cmd.exe | "Run as Administrator" | type/ paste the following - 

```
[font=lucida console]
where /r c:\ /f /t *nav*.* > 0 & start notepad 0
[/font]
```
It may appear to hang - it is not. It may take ~20-30 seconds to run.

A notepad will open with the results.

Regards. . .

jcgriff2

.


----------



## Nuclear_Bob (Apr 2, 2010)

jcgriff2 said:


> Hi -
> 
> Do an all out search for files *nav.* -
> START | type *cmd.exe * | RIGHT-click on cmd.exe | "Run as Administrator" | type/ paste the following -
> ...


Why would I do that? You told me to look for things being patched in the wrong directory, there is nothing out of place. I did a search for "nav" as in navyfield, to see if anything was in virtual store to make sure. I have NEVER heard of a patching issue resulting in files being written there. Did you accidentally post in the wrong thread?


----------



## jcgriff2 (Sep 30, 2007)

`


jcgriff2 said:


> Hi -
> 
> Do an all out search for files *nav.* -
> START | type *cmd.exe * | RIGHT-click on cmd.exe | "Run as Administrator" | type/ paste the following -
> ...


Why would I do that? You told me to look for things being patched in the wrong directory, there is nothing out of place. I did a search for "nav" as in navyfield, to see if anything was in virtual store to make sure. I have NEVER heard of a patching issue resulting in files being written there. Did you accidentally post in the wrong thread?

Because of your previous reply - 


jcgriff2 said:


> Since running at elevated admin level, did you look at the Admin's Virtual Store?
> 
> 
> 
> ...


I most certainly did not post in the wrong thread.

It appeared to me that you didn't understand my question about looking in the Admin's Virtual Store, so I thought it would be best to do an all out system search for the file(s) in question.

If you have a better idea on how to find the driver(s) you are looking for - please do so.

Per the Microsoft KB noted in my prior post on the Virtual Store, whatever this patch is that you are speaking of could very well have landed in there. It definitely was not a wrong location to look for such as it is THE first place to look.

kb927387 --> http://support.microsoft.com/kb/927387

Good Luck to you.

jcgriff2

.


----------



## Nuclear_Bob (Apr 2, 2010)

Drivers are not patched, just game files. Its an auto updater for the game not the whole computer. Its also not just one patch there are more than 6 and most of them have never had an install problem so I find it very unlikely that a later patch would decide to completely change its target directory. I do know that patching programs also tend to look for certain game files, not just decide to write updates. There are a lot of people who play this game across all windows platforms (including mine) I have never heard from them having a patching issue. Why do you think this a patch is going to a different directory than it's supposed to, in the 7 months I have been in contact with the game devs they never hinted at that. Please form a detailed response this time so I can understand what you are after (eg. telling me to "Do an all out search for files nav. -
START | type cmd.exe | RIGHT-click on cmd.exe | "Run as Administrator" | type/ paste the following -Code: where /r c:\ /f /t *nav*.* > 0 & start notepad 0 It may appear to hang - it is not. It may take ~20-30 seconds to run. A notepad will open with the results.") 

Edit: btw in your link, none of those problems seem to be an issue in this case.


----------



## Nuclear_Bob (Apr 2, 2010)

bump-


----------



## Nuclear_Bob (Apr 2, 2010)

Apparently the only way to solve this will be to dual boot with windows XP.


----------



## jcgriff2 (Sep 30, 2007)

Nuclear_Bob said:


> Drivers are not patched, just game files. Its an auto updater for the game not the whole computer.


I understand that it is the files related to the game itself and not actual loaded Vista SP2 OS modules that are being patched. If Vista SP2 kernel mode drivers were being patched, you would know it rather quickly via a BSOD - probably with a bugcheck *0x109* = critical structure corruption.

However, there is a directory called \windows\winsxs that holds many different versions of Microsoft and 3rd party drivers. WinSxS came about because of "DLL HELL". 




Nuclear_Bob said:


> Its also not just one patch there are more than 6 and most of them have never had an install problem so I find it very unlikely that a later patch would decide to completely change its target directory.


There is no way to know whether there have been modifications to the existing patches or whether new patches have been modified in such a way that they do look different target directory - whether by programmer choice/ error or are re-directed by Vista SP2. Per the site's FAQ, the same EXE file is used by Windows 7, Vista, XP, 2000, Me, 98 and 95. The latest version is dated March 10, 2010. You are running Vista SP2 and we simply do not know what changes have been made to accommodate Windows 7 and if such modifications affect Vista or not. 

I have had program developers with 15+ years experience come into this forum requesting help with file output - and most were not even aware that the Virtual Store existed. To simply write it off because you never heard of it is not prudent.




Nuclear_Bob said:


> I do know that patching programs also tend to look for certain game files, not just decide to write updates. There are a lot of people who play this game across all windows platforms (including mine) I have never heard from them having a patching issue.


The fact that your crash info contains a *0xc0000005* exception = memory access violation, i.e., "access denied" in most instances, tells me that the app is possibly attempting to access an area of memory that is "out-of-bounds" as dictated by the kernel laws of Vista SP2, is conflicting with another driver, file permission settings in your system have somehow changed or are preventing the app from gaining access to a file(s) that it needs or a firewall is blocking the app from doing what it wants to do.




Nuclear_Bob said:


> Why do you think this a patch is going to a different directory than it's supposed to, in the 7 months I have been in contact with the game devs they never hinted at that.


I wouldn't expect them to acknowledge a problem; hence the reason for patches. If you have been working with the game developers for 7 months, including providing them with system information that included memory dumps, I do not understand why you will not run the BSOD/ system file collection batch script and attach the resulting output.



Nuclear_Bob said:


> Please form a detailed response this time so I can understand what you are after (eg. telling me to "Do an all out search for files nav. -
> START | type cmd.exe | RIGHT-click on cmd.exe | "Run as Administrator" | type/ paste the following -Code: where /r c:\ /f /t *nav*.* > 0 & start notepad 0 It may appear to hang - it is not. It may take ~20-30 seconds to run. A notepad will open with the results.")
> 
> Edit: btw in your link, none of those problems seem to be an issue in this case.


I have now requested file output 2x and have not received it. I cannot possibly begin to tell you what it is that I am looking for - until I find it!

So, I will ask again - please follow the instructions per my prior post - 



jcgriff2 said:


> Please follow these instructions --> BSOD Posting Instructions
> 
> .


Attach the resulting zip file(s) to your next post.

I am downloading the dump files now from Rapid Share - one is 90.3 MB; the other is 52.4 MB and will take some time.

Regards. . .

jcgriff2

.

*EDIT:* - I was writing my post when you posted - 



Nuclear_Bob said:


> Apparently the only way to solve this will be to dual boot with windows XP.


As you said in a prior post - 


Nuclear_Bob said:


> I do know that patching programs also tend to look for certain game files, not just decide to write updates. There are a lot of people who play this game across all windows platforms (including mine) I have never heard from them having a patching issue.


I honestly don't understand -- if others are running the game on all Windows platforms, including Vista & Windows 7, why the only answer would be to dual-boot with XP.

jcgriff2

.


----------



## Nuclear_Bob (Apr 2, 2010)

Here is the Cmd search, will post the BSOD program's output folder in a minute.


----------



## Nuclear_Bob (Apr 2, 2010)

> I am downloading the dump files now from Rapid Share - one is 90.3 MB; the other is 52.4 MB and will take some time.


Sounds like someone has dial up 

Anyway thanks for getting back to me, and at least expanding on some of your posts.


----------



## jcgriff2 (Sep 30, 2007)

Where did the two dumps in your first post come from? I assume they are from your system... correct?

They are "user dumps" (v. BSOD kernel dumps) and both dumps have an exception code *0x80000003*, = assert or "breakpoint". The failure bucket - 

```
[FONT=Lucida Console]
FAILURE_BUCKET_ID:  

STATUS_BREAKPOINT_80000003_wow64cpu.dll![COLOR=Red]WaitForMultipleObjects32[/COLOR][/FONT]
```
The game is obviously x86 and you are running x64, so the game is running in wow64, the subsystem of x64 that runs x86 apps.

The WaitForMultipleObjects32 indicates a resource lock exists.... an object is currently "owned" by one and another needs it.

However, the 0x80000003 assert can be caused by a self-induced crash via Live debugging or by creating a memory dump via Windows Explorer, but is usually caused by additional code placed in the app during development to force crashes for debugging purposes.

So... how was the dump created? The dump tells me - 


```
[FONT=Lucida Console]appname = NavyFIELD.exe
crash = Fri Apr  2 00:46:54.000 2010 (GMT-4)
System Uptime = 0 days 0:34:34.214
Process Uptime = 0 days 0:00:42.000
Kernel time =  0 days 0:00:00.000
User time = 0 days 0:00:00.000
App ran out of C:\Program Files\SD EnterNET directory[/FONT]
```
NavyFIELD.exe ran for just 42.0 seconds before the crash.

Seeing it running out of \Program Files is interesting because in x64 there are two \Program Files directories - 

x64 apps = \Program Files
x86 apps = \Program Files (x86)

In x64, there are two locations for drivers - 

x64 = \windows\system32
x86 = \windows\syswow64

I am seeing most drivers loading from \syswow64, meaning they are 32-bit.

Back with more later.

Regards. . .

jcgriff2

.


PART 1 - NavyFIELD.DMP 

```
[FONT=Lucida Console]
Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\PalmDesert7\_jcgriff2_\dbug\__Kernel__\NavyFIELD.DMP]
User Mini Dump File with Full Memory: Only application data is available

WARNING: Whitespace at end of path element
Symbol search path is: SRV*C:\symbols*http://msdl.microsoft.com/download/symbols


Executable search path is: 
Windows Server 2008/Windows Vista Version 6002 (Service Pack 2) MP (4 procs) Free x64
Product: WinNt, suite: SingleUserTS Personal
Machine Name:
Debug session time: Fri Apr  2 00:46:54.000 2010 (GMT-4)
System Uptime: 0 days 0:34:34.214
Process Uptime: 0 days 0:00:42.000
..................WARNING: oleacc overlaps winmm
........WARNING: powrprof overlaps dciman32
.........WARNING: AcGenral overlaps dsound
.....WARNING: version overlaps userenv
..............WARNING: atiu9pag overlaps shimeng
.........WARNING: msasn1 overlaps wintrust
.
..WARNING: AudioEng overlaps AudioSes
.WARNING: avrt overlaps AudioSes

wow64cpu!WaitForMultipleObjects32+0x3a:
00000000`74cf374f 418bbda0000000  mov     edi,dword ptr [r13+0A0h] ds:00000000`0007fdc0=00000000
0:000> !analyze -v
*******************************************************************************
*                                                                             *
*                        Exception Analysis                                   *
*                                                                             *
*******************************************************************************

*** WARNING: Unable to verify checksum for NavyFIELD.exe
*** ERROR: Module load completed but symbols could not be loaded for NavyFIELD.exe
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for atiumdag.dll - 
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for atiumdva.dll - 
*** WARNING: symbols timestamp is wrong 0x4791acbf 0x4791a66c for ddraw.dll
*** WARNING: symbols timestamp is wrong 0x49e0413d 0x4b44ae85 for AcGenral.dll
*** WARNING: symbols timestamp is wrong 0x4abc2a99 0x4abc267b for WindowsCodecs.dll
*** WARNING: symbols timestamp is wrong 0x4791ad0f 0x4791a6c1 for dwmapi.dll
*** WARNING: symbols timestamp is wrong 0x4791ad49 0x4791a704 for msacm32.dll
*** WARNING: symbols timestamp is wrong 0x4791ac8d 0x49e03701 for AudioEng.dll
*** WARNING: symbols timestamp is wrong 0x49e040c6 0x4791a655 for avrt.dll
*** WARNING: symbols timestamp is wrong 0x49e04150 0x49e0375f for MMDevAPI.dll
*** WARNING: symbols timestamp is wrong 0x49e040b0 0x49e036f3 for apphelp.dll
*** WARNING: symbols timestamp is wrong 0x4a81a5ec 0x4a81a062 for winspool.drv
*** WARNING: symbols timestamp is wrong 0x4791adcc 0x4791a783 for uxtheme.dll
*** WARNING: symbols timestamp is wrong 0x4ace54ae 0x4ace54b1 for oleacc.dll
*** WARNING: symbols timestamp is wrong 0x4ace54ae 0x49e03856 for winmm.dll
*** WARNING: symbols timestamp is wrong 0x49e041a5 0x49e037a9 for netapi32.dll
*** WARNING: symbols timestamp is wrong 0x49e041e3 0x49e037e2 for samlib.dll
*** WARNING: symbols timestamp is wrong 0x49e0422f 0x49e03833 for ntmarta.dll
*** WARNING: symbols timestamp is wrong 0x4791ae1a 0x4aa0fd15 for msasn1.dll
*** WARNING: symbols timestamp is wrong 0x49e04202 0x49e03824 for crypt32.dll
*** WARNING: symbols timestamp is wrong 0x49e04210 0x49e03812 for version.dll
*** WARNING: symbols timestamp is wrong 0x4791ada8 0x4791a759 for sfc_os.dll
*** WARNING: symbols timestamp is wrong 0x4549d28d 0x4549bcec for IconCodecService.dll
*** WARNING: symbols timestamp is wrong 0x49e04216 0x49e03812 for powrprof.dll
*** WARNING: symbols timestamp is wrong 0x49e04216 0x4a366001 for dciman32.dll
*** WARNING: symbols timestamp is wrong 0x49e04150 0x49e0375d for mpr.dll
*** WARNING: symbols timestamp is wrong 0x4791ada8 0x4b8dd232 for atiu9pag.dll
*** WARNING: symbols timestamp is wrong 0x4549d325 0x4549bdbf for shunimpl.dll
*** WARNING: symbols timestamp is wrong 0x4549d31c 0x4549bdb4 for sfc.dll
*** WARNING: symbols timestamp is wrong 0x49e0417d 0x49e03823 for imm32.dll
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: kernel32!pNlsUserInfo                         ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: kernel32!pNlsUserInfo                         ***
***                                                                   ***
*************************************************************************

FAULTING_IP: 
+0
00000000`00000000 ??              ???

EXCEPTION_RECORD:  ffffffffffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 0000000000000000
   ExceptionCode: 80000003 (Break instruction exception)
  ExceptionFlags: 00000000
NumberParameters: 0

FAULTING_THREAD:  0000000000000d84

DEFAULT_BUCKET_ID:  STATUS_BREAKPOINT

PROCESS_NAME:  NavyFIELD.exe

ERROR_CODE: (NTSTATUS) 0x80000003 - {EXCEPTION}  Breakpoint  A breakpoint has been reached.

EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) - One or more arguments are invalid

NTGLOBALFLAG:  0

APPLICATION_VERIFIER_FLAGS:  0

PRIMARY_PROBLEM_CLASS:  STATUS_BREAKPOINT

BUGCHECK_STR:  APPLICATION_FAULT_STATUS_BREAKPOINT

LAST_CONTROL_TRANSFER:  from 0000000074d0ab46 to 0000000074cf374f

STACK_TEXT:  
00000000`0007ee28 00000000`74d0ab46 : 00000000`00000000 00000000`0007fd20 00000000`74ca12e4 00000000`0007f820 : wow64cpu!WaitForMultipleObjects32+0x3a
00000000`0007eed0 00000000`74d0a14c : 00000000`00000000 00000000`00000000 00000000`74d03258 00000000`7ffe0030 : wow64!RunCpuSimulation+0xa
00000000`0007ef00 00000000`76d6bf9d : 00000000`76d30000 00000000`00000000 00000000`7efdf000 00000000`7efdf000 : wow64!Wow64LdrpInitialize+0x4b4
00000000`0007f460 00000000`76d6bb9c : 00000000`00000000 00000000`00000000 00000000`7efdf000 00000000`76d6d5c7 : ntdll!LdrpInitializeProcess+0x1568
00000000`0007f720 00000000`76d568de : 00000000`0007f820 00000000`00000000 00000000`7efdf000 00000000`00000000 : ntdll! ?? ::FNODOBFM::`string'+0x20959
00000000`0007f7d0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!LdrInitializeThunk+0xe


STACK_COMMAND:  ~0s; .ecxr ; kb

FOLLOWUP_IP: 
wow64cpu!WaitForMultipleObjects32+3a
00000000`74cf374f 418bbda0000000  mov     edi,dword ptr [r13+0A0h]

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  wow64cpu!WaitForMultipleObjects32+3a

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: wow64cpu

IMAGE_NAME:  wow64cpu.dll

DEBUG_FLR_IMAGE_TIMESTAMP:  49e042c7

FAILURE_BUCKET_ID:  STATUS_BREAKPOINT_80000003_wow64cpu.dll!WaitForMultipleObjects32

BUCKET_ID:  X64_APPLICATION_FAULT_STATUS_BREAKPOINT_wow64cpu!WaitForMultipleObjects32+3a

WATSON_STAGEONE_URL:  http://watson.microsoft.com/StageOne/NavyFIELD_exe/0_0_0_0/49ee8896/unknown/0_0_0_0/bbbbbbb4/80000003/00000000.htm?Retriage=1

Followup: MachineOwner
---------

0:000> lmvm wow64cpu
start             end                 module name
00000000`74cf0000 00000000`74cf9000   wow64cpu   (pdb symbols)          c:\symbols\wow64cpu.pdb\8A6F58C104B249588D568C056922E0171\wow64cpu.pdb
    Loaded symbol image file: wow64cpu.dll
    Image path: C:\Windows\System32\wow64cpu.dll
    Image name: wow64cpu.dll
    Timestamp:        Sat Apr 11 03:12:07 2009 (49E042C7)
    CheckSum:         0000A743
    ImageSize:        00009000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     wow64cpu
    OriginalFilename: wow64cpu.dll
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  AMD64 Wow64 CPU 
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
0:000> k
Child-SP          RetAddr           Call Site
00000000`0007ee28 00000000`74d0ab46 wow64cpu!WaitForMultipleObjects32+0x3a
00000000`0007eed0 00000000`74d0a14c wow64!RunCpuSimulation+0xa
00000000`0007ef00 00000000`76d6bf9d wow64!Wow64LdrpInitialize+0x4b4
00000000`0007f460 00000000`76d6bb9c ntdll!LdrpInitializeProcess+0x1568
00000000`0007f720 00000000`76d568de ntdll! ?? ::FNODOBFM::`string'+0x20959
00000000`0007f7d0 00000000`00000000 ntdll!LdrInitializeThunk+0xe
0:000> r
rax=0000000000000000 rbx=0000000000000002 rcx=0000000000000400
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=0000000074cf374f rsp=000000000007ee28 rbp=000000000017f5fc
 r8=000000000000002b  r9=0000000076f393b2 r10=0000000000000000
r11=000000000007ee20 r12=000000007efdb000 r13=000000000007fd20
r14=000000000007ee60 r15=0000000074cf3380
iopl=0         nv up ei pl nz ac po nc
cs=0033  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00000216
wow64cpu!WaitForMultipleObjects32+0x3a:
00000000`74cf374f 418bbda0000000  mov     edi,dword ptr [r13+0A0h] ds:00000000`0007fdc0=00000000
0:000> lmnt
start             end                 module name
00000000`00400000 00000000`00411000   NavyFIELD NavyFIELD.exe Tue Apr 21 23:01:42 2009 (49EE8896)
00000000`6d6f0000 00000000`6da7e000   atiumdag atiumdag.dll Tue Mar 02 22:46:41 2010 (4B8DDBA1)
00000000`6f860000 00000000`6fb52000   atiumdva atiumdva.dll Tue Mar 02 22:24:24 2010 (4B8DD668)
00000000`70830000 00000000`7091f000   ddraw    ddraw.dll    Sat Jan 19 02:54:39 2008 (4791ACBF)
00000000`709a0000 00000000`70a24000   dsound   dsound.dll   Sat Apr 11 03:05:33 2009 (49E0413D)
00000000`70a10000 00000000`70c24000   AcGenral AcGenral.dll Wed Jan 06 10:38:45 2010 (4B44AE85)
00000000`70c30000 00000000`70cb8000   AcLayers AcLayers.dll Wed Jan 06 10:38:46 2010 (4B44AE86)
00000000`70dc0000 00000000`70eee000   WindowsCodecs WindowsCodecs.dll Thu Sep 24 22:27:37 2009 (4ABC2A99)
00000000`72ca0000 00000000`72cb1000   dwmapi   dwmapi.dll   Sat Jan 19 02:55:59 2008 (4791AD0F)
00000000`72d00000 00000000`72d18000   msacm32  msacm32.dll  Sat Jan 19 02:56:57 2008 (4791AD49)
00000000`72d30000 00000000`72daa000   AudioEng AudioEng.dll Sat Jan 19 02:53:49 2008 (4791AC8D)
00000000`72da0000 00000000`72dd3000   AudioSes AudioSes.dll Sat Apr 11 03:03:34 2009 (49E040C6)
00000000`72dd0000 00000000`72dd8000   avrt     avrt.dll     Sat Jan 19 02:54:18 2008 (4791ACAA)
00000000`72de0000 00000000`72e16000   MMDevAPI MMDevAPI.dll Sat Apr 11 03:05:52 2009 (49E04150)
00000000`732a0000 00000000`732d5000   apphelp  apphelp.dll  Sat Apr 11 03:03:12 2009 (49E040B0)
00000000`73930000 00000000`73988000   winspool winspool.drv Tue Aug 11 13:10:04 2009 (4A81A5EC)
00000000`73b00000 00000000`73b51000   uxtheme  uxtheme.dll  Sat Jan 19 02:59:08 2008 (4791ADCC)
00000000`73c30000 00000000`73c82000   oleacc   oleacc.dll   Thu Oct 08 17:07:58 2009 (4ACE54AE)
00000000`73c70000 00000000`73ca9000   winmm    winmm.dll    Sat Apr 11 03:10:14 2009 (49E04256)
00000000`74300000 00000000`7449e000   comctl32 comctl32.dll Sat Apr 11 02:21:39 2009 (49E036F3)
00000000`74520000 00000000`745c3000   netapi32 netapi32.dll Sat Apr 11 03:07:17 2009 (49E041A5)
00000000`745f0000 00000000`7460c000   samlib   samlib.dll   Sat Apr 11 03:08:19 2009 (49E041E3)
00000000`74610000 00000000`7463c000   ntmarta  ntmarta.dll  Sat Apr 11 03:09:35 2009 (49E0422F)
00000000`74650000 00000000`74689000   wintrust wintrust.dll Sat Jan 19 03:00:26 2008 (4791AE1A)
00000000`74680000 00000000`74699000   msasn1   msasn1.dll   Fri Sep 04 07:55:10 2009 (4AA1001E)
00000000`746a0000 00000000`747d7000   crypt32  crypt32.dll  Sat Apr 11 03:08:50 2009 (49E04202)
00000000`748e0000 00000000`74906000   userenv  userenv.dll  Sat Apr 11 03:09:04 2009 (49E04210)
00000000`74900000 00000000`7490b000   version  version.dll  Sat Apr 11 03:09:04 2009 (49E04210)
00000000`74910000 00000000`7491e000   sfc_os   sfc_os.dll   Sat Jan 19 02:58:32 2008 (4791ADA8)
00000000`74920000 00000000`7496e000   wow64win wow64win.dll Sat Apr 11 03:12:09 2009 (49E042C9)
00000000`74c40000 00000000`74c48000   IconCodecService IconCodecService.dll Thu Nov 02 07:12:13 2006 (4549D28D)
00000000`74c50000 00000000`74c72000   powrprof powrprof.dll Sat Apr 11 03:09:10 2009 (49E04216)
00000000`74c70000 00000000`74c78000   dciman32 dciman32.dll Mon Jun 15 11:10:08 2009 (4A366450)
00000000`74c80000 00000000`74c99000   mpr      mpr.dll      Sat Apr 11 03:05:52 2009 (49E04150)
00000000`74ca0000 00000000`74cc2000   shimeng  shimeng.dll  Sat Jan 19 02:58:32 2008 (4791ADA8)
00000000`74cc0000 00000000`74cc8000   atiu9pag atiu9pag.dll Tue Mar 02 22:06:26 2010 (4B8DD232)
00000000`74cd0000 00000000`74cd5000   shunimpl shunimpl.dll Thu Nov 02 07:14:45 2006 (4549D325)
00000000`74ce0000 00000000`74ce6000   sfc      sfc.dll      Thu Nov 02 07:14:36 2006 (4549D31C)
00000000`74cf0000 00000000`74cf9000   wow64cpu wow64cpu.dll Sat Apr 11 03:12:07 2009 (49E042C7)
00000000`74d00000 00000000`74d45000   wow64    wow64.dll    Sat Apr 11 03:12:06 2009 (49E042C6)
00000000`74ec0000 00000000`74f20000   secur32  secur32.dll  Mon Jun 15 10:54:11 2009 (4A366093)
00000000`74f20000 00000000`74f9d000   usp10    usp10.dll    Sat Apr 11 02:26:25 2009 (49E03811)
00000000`74fa0000 00000000`74fcd000   ws2_32   ws2_32.dll   Sat Jan 19 02:32:40 2008 (4791A798)
00000000`74fd0000 00000000`7505d000   oleaut32 oleaut32.dll Sat Apr 11 02:25:30 2009 (49E037DA)
00000000`75060000 00000000`7510a000   msvcrt   msvcrt.dll   Sat Apr 11 02:24:30 2009 (49E0379E)
00000000`75110000 00000000`75117000   psapi    psapi.dll    Thu Nov 02 05:42:49 2006 (4549BD99)
00000000`75120000 00000000`75179000   shlwapi  shlwapi.dll  Sat Apr 11 02:25:53 2009 (49E037F1)
00000000`75270000 00000000`753fa000   setupapi setupapi.dll Sat Apr 11 02:25:45 2009 (49E037E9)
00000000`75400000 00000000`754f0000   rpcrt4   rpcrt4.dll   Thu Apr 23 08:15:39 2009 (49F05BEB)
00000000`754f0000 00000000`755b8000   msctf    msctf.dll    Sat Apr 11 02:24:19 2009 (49E03793)
00000000`755c0000 00000000`75686000   advapi32 advapi32.dll Sat Apr 11 02:22:15 2009 (49E03717)
00000000`75690000 00000000`756bd000   imm32    imm32.dll    Sat Apr 11 03:06:37 2009 (49E0417D)
00000000`756f0000 00000000`75780000   gdi32    gdi32.dll    Sat Apr 11 02:26:43 2009 (49E03823)
00000000`75780000 00000000`757c9000   Wldap32  Wldap32.dll  Sat Apr 11 02:28:14 2009 (49E0387E)
00000000`757d0000 00000000`758e0000   kernel32 kernel32.dll Sat Apr 11 02:29:20 2009 (49E038C0)
00000000`758e0000 00000000`763f0000   shell32  shell32.dll  Sat Apr 11 02:25:48 2009 (49E037EC)
00000000`763f0000 00000000`763f9000   lpk      lpk.dll      Sat Apr 11 02:26:44 2009 (49E03824)
00000000`76400000 00000000`76406000   nsi      nsi.dll      Sat Jan 19 02:32:52 2008 (4791A7A4)
00000000`764a0000 00000000`76570000   user32   user32.dll   Sat Apr 11 02:26:45 2009 (49E03825)
00000000`76570000 00000000`765f4000   clbcatq  clbcatq.dll  Sat Jan 19 02:27:43 2008 (4791A66F)
00000000`76600000 00000000`767e8000   iertutil iertutil.dll Tue Feb 23 01:34:22 2010 (4B8376EE)
00000000`76870000 00000000`769a3000   urlmon   urlmon.dll   Tue Feb 23 01:39:04 2010 (4B837808)
00000000`769b0000 00000000`76af5000   ole32    ole32.dll    Sat Apr 11 02:25:27 2009 (49E037D7)
00000000`76b00000 00000000`76b29000   imagehlp imagehlp.dll Sat Jan 19 02:30:17 2008 (4791A709)
00000000`76d30000 00000000`76eb6000   ntdll    ntdll.dll    Sat Apr 11 03:09:17 2009 (49E0421D)
00000000`76ef0000 00000000`77050000   ntdll_76ef0000 ntdll.dll    Sat Apr 11 02:26:44 2009 (49E03824)
0:000> lmntsm
start             end                 module name
00000000`70a10000 00000000`70c24000   AcGenral AcGenral.dll Wed Jan 06 10:38:45 2010 (4B44AE85)
00000000`70c30000 00000000`70cb8000   AcLayers AcLayers.dll Wed Jan 06 10:38:46 2010 (4B44AE86)
00000000`755c0000 00000000`75686000   advapi32 advapi32.dll Sat Apr 11 02:22:15 2009 (49E03717)
00000000`732a0000 00000000`732d5000   apphelp  apphelp.dll  Sat Apr 11 03:03:12 2009 (49E040B0)
00000000`74cc0000 00000000`74cc8000   atiu9pag atiu9pag.dll Tue Mar 02 22:06:26 2010 (4B8DD232)
00000000`6d6f0000 00000000`6da7e000   atiumdag atiumdag.dll Tue Mar 02 22:46:41 2010 (4B8DDBA1)
00000000`6f860000 00000000`6fb52000   atiumdva atiumdva.dll Tue Mar 02 22:24:24 2010 (4B8DD668)
00000000`72d30000 00000000`72daa000   AudioEng AudioEng.dll Sat Jan 19 02:53:49 2008 (4791AC8D)
00000000`72da0000 00000000`72dd3000   AudioSes AudioSes.dll Sat Apr 11 03:03:34 2009 (49E040C6)
00000000`72dd0000 00000000`72dd8000   avrt     avrt.dll     Sat Jan 19 02:54:18 2008 (4791ACAA)
00000000`76570000 00000000`765f4000   clbcatq  clbcatq.dll  Sat Jan 19 02:27:43 2008 (4791A66F)
00000000`74300000 00000000`7449e000   comctl32 comctl32.dll Sat Apr 11 02:21:39 2009 (49E036F3)
00000000`746a0000 00000000`747d7000   crypt32  crypt32.dll  Sat Apr 11 03:08:50 2009 (49E04202)
00000000`74c70000 00000000`74c78000   dciman32 dciman32.dll Mon Jun 15 11:10:08 2009 (4A366450)
00000000`70830000 00000000`7091f000   ddraw    ddraw.dll    Sat Jan 19 02:54:39 2008 (4791ACBF)
00000000`709a0000 00000000`70a24000   dsound   dsound.dll   Sat Apr 11 03:05:33 2009 (49E0413D)
00000000`72ca0000 00000000`72cb1000   dwmapi   dwmapi.dll   Sat Jan 19 02:55:59 2008 (4791AD0F)
00000000`756f0000 00000000`75780000   gdi32    gdi32.dll    Sat Apr 11 02:26:43 2009 (49E03823)
00000000`74c40000 00000000`74c48000   IconCodecService IconCodecService.dll Thu Nov 02 07:12:13 2006 (4549D28D)
00000000`76600000 00000000`767e8000   iertutil iertutil.dll Tue Feb 23 01:34:22 2010 (4B8376EE)
00000000`76b00000 00000000`76b29000   imagehlp imagehlp.dll Sat Jan 19 02:30:17 2008 (4791A709)
00000000`75690000 00000000`756bd000   imm32    imm32.dll    Sat Apr 11 03:06:37 2009 (49E0417D)
00000000`757d0000 00000000`758e0000   kernel32 kernel32.dll Sat Apr 11 02:29:20 2009 (49E038C0)
00000000`763f0000 00000000`763f9000   lpk      lpk.dll      Sat Apr 11 02:26:44 2009 (49E03824)
00000000`72de0000 00000000`72e16000   MMDevAPI MMDevAPI.dll Sat Apr 11 03:05:52 2009 (49E04150)
00000000`74c80000 00000000`74c99000   mpr      mpr.dll      Sat Apr 11 03:05:52 2009 (49E04150)
00000000`72d00000 00000000`72d18000   msacm32  msacm32.dll  Sat Jan 19 02:56:57 2008 (4791AD49)
00000000`74680000 00000000`74699000   msasn1   msasn1.dll   Fri Sep 04 07:55:10 2009 (4AA1001E)
00000000`754f0000 00000000`755b8000   msctf    msctf.dll    Sat Apr 11 02:24:19 2009 (49E03793)
00000000`75060000 00000000`7510a000   msvcrt   msvcrt.dll   Sat Apr 11 02:24:30 2009 (49E0379E)
00000000`00400000 00000000`00411000   NavyFIELD NavyFIELD.exe Tue Apr 21 23:01:42 2009 (49EE8896)
00000000`74520000 00000000`745c3000   netapi32 netapi32.dll Sat Apr 11 03:07:17 2009 (49E041A5)
00000000`76400000 00000000`76406000   nsi      nsi.dll      Sat Jan 19 02:32:52 2008 (4791A7A4)
00000000`76d30000 00000000`76eb6000   ntdll    ntdll.dll    Sat Apr 11 03:09:17 2009 (49E0421D)
00000000`76ef0000 00000000`77050000   ntdll_76ef0000 ntdll.dll    Sat Apr 11 02:26:44 2009 (49E03824)
00000000`74610000 00000000`7463c000   ntmarta  ntmarta.dll  Sat Apr 11 03:09:35 2009 (49E0422F)
00000000`769b0000 00000000`76af5000   ole32    ole32.dll    Sat Apr 11 02:25:27 2009 (49E037D7)
00000000`73c30000 00000000`73c82000   oleacc   oleacc.dll   Thu Oct 08 17:07:58 2009 (4ACE54AE)
00000000`74fd0000 00000000`7505d000   oleaut32 oleaut32.dll Sat Apr 11 02:25:30 2009 (49E037DA)
00000000`74c50000 00000000`74c72000   powrprof powrprof.dll Sat Apr 11 03:09:10 2009 (49E04216)
00000000`75110000 00000000`75117000   psapi    psapi.dll    Thu Nov 02 05:42:49 2006 (4549BD99)
00000000`75400000 00000000`754f0000   rpcrt4   rpcrt4.dll   Thu Apr 23 08:15:39 2009 (49F05BEB)
00000000`745f0000 00000000`7460c000   samlib   samlib.dll   Sat Apr 11 03:08:19 2009 (49E041E3)
00000000`74ec0000 00000000`74f20000   secur32  secur32.dll  Mon Jun 15 10:54:11 2009 (4A366093)
00000000`75270000 00000000`753fa000   setupapi setupapi.dll Sat Apr 11 02:25:45 2009 (49E037E9)
00000000`74ce0000 00000000`74ce6000   sfc      sfc.dll      Thu Nov 02 07:14:36 2006 (4549D31C)
00000000`74910000 00000000`7491e000   sfc_os   sfc_os.dll   Sat Jan 19 02:58:32 2008 (4791ADA8)
00000000`758e0000 00000000`763f0000   shell32  shell32.dll  Sat Apr 11 02:25:48 2009 (49E037EC)
00000000`74ca0000 00000000`74cc2000   shimeng  shimeng.dll  Sat Jan 19 02:58:32 2008 (4791ADA8)
00000000`75120000 00000000`75179000   shlwapi  shlwapi.dll  Sat Apr 11 02:25:53 2009 (49E037F1)
00000000`74cd0000 00000000`74cd5000   shunimpl shunimpl.dll Thu Nov 02 07:14:45 2006 (4549D325)
00000000`76870000 00000000`769a3000   urlmon   urlmon.dll   Tue Feb 23 01:39:04 2010 (4B837808)
00000000`764a0000 00000000`76570000   user32   user32.dll   Sat Apr 11 02:26:45 2009 (49E03825)
00000000`748e0000 00000000`74906000   userenv  userenv.dll  Sat Apr 11 03:09:04 2009 (49E04210)
00000000`74f20000 00000000`74f9d000   usp10    usp10.dll    Sat Apr 11 02:26:25 2009 (49E03811)
00000000`73b00000 00000000`73b51000   uxtheme  uxtheme.dll  Sat Jan 19 02:59:08 2008 (4791ADCC)
00000000`74900000 00000000`7490b000   version  version.dll  Sat Apr 11 03:09:04 2009 (49E04210)
00000000`70dc0000 00000000`70eee000   WindowsCodecs WindowsCodecs.dll Thu Sep 24 22:27:37 2009 (4ABC2A99)
00000000`73c70000 00000000`73ca9000   winmm    winmm.dll    Sat Apr 11 03:10:14 2009 (49E04256)
00000000`73930000 00000000`73988000   winspool winspool.drv Tue Aug 11 13:10:04 2009 (4A81A5EC)
00000000`74650000 00000000`74689000   wintrust wintrust.dll Sat Jan 19 03:00:26 2008 (4791AE1A)
00000000`75780000 00000000`757c9000   Wldap32  Wldap32.dll  Sat Apr 11 02:28:14 2009 (49E0387E)
00000000`74d00000 00000000`74d45000   wow64    wow64.dll    Sat Apr 11 03:12:06 2009 (49E042C6)
00000000`74cf0000 00000000`74cf9000   wow64cpu wow64cpu.dll Sat Apr 11 03:12:07 2009 (49E042C7)
00000000`74920000 00000000`7496e000   wow64win wow64win.dll Sat Apr 11 03:12:09 2009 (49E042C9)
00000000`74fa0000 00000000`74fcd000   ws2_32   ws2_32.dll   Sat Jan 19 02:32:40 2008 (4791A798)
windbg> .cmdtree c:\jcgriff2_cmdtree.txt

0:000> lmvo D sm
start             end                 module name
00000000`70a10000 00000000`70c24000   AcGenral   (pdb symbols)          c:\symbols\AcGenral.pdb\2E4EB262563146958ACFC9303128A97E2\AcGenral.pdb
    Loaded symbol image file: AcGenral.dll
    Image path: C:\Windows\AppPatch\AcGenral.dll
    Image name: AcGenral.dll
    Browse all global symbols  functions  data
    Timestamp:        Wed Jan 06 10:38:45 2010 (4B44AE85)
    CheckSum:         0021DE1C
    ImageSize:        00214000
    File version:     6.0.6002.18179
    Product version:  6.0.6002.18179
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     Microsoft® Windows® Operating System
    OriginalFilename: Microsoft® Windows® Operating System
    ProductVersion:   6.0.6002.18179
    FileVersion:      6.0.6002.18179 (vistasp2_gdr.100105-2324)
    FileDescription:  Windows Compatibility DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`70c30000 00000000`70cb8000   AcLayers   (pdb symbols)          c:\symbols\AcLayers.pdb\FEB1FCAD329646FFB70030F6A22619BC2\AcLayers.pdb
    Loaded symbol image file: AcLayers.dll
    Image path: C:\Windows\AppPatch\AcLayers.dll
    Image name: AcLayers.dll
    Browse all global symbols  functions  data
    Timestamp:        Wed Jan 06 10:38:46 2010 (4B44AE86)
    CheckSum:         0008CDCD
    ImageSize:        00088000
    File version:     6.0.6002.18179
    Product version:  6.0.6002.18179
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     Microsoft® Windows® Operating System
    OriginalFilename: Microsoft® Windows® Operating System
    ProductVersion:   6.0.6002.18179
    FileVersion:      6.0.6002.18179 (vistasp2_gdr.100105-2324)
    FileDescription:  Windows Compatibility DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`755c0000 00000000`75686000   advapi32   (pdb symbols)          c:\symbols\advapi32.pdb\66A66DBC8B0E4D88B54A47510DD8039B2\advapi32.pdb
    Loaded symbol image file: advapi32.dll
    Image path: C:\Windows\SysWOW64\advapi32.dll
    Image name: advapi32.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 02:22:15 2009 (49E03717)
    CheckSum:         000C9B73
    ImageSize:        000C6000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     advapi32.dll
    OriginalFilename: advapi32.dll
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Advanced Windows 32 Base API
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`732a0000 00000000`732d5000   apphelp  # (pdb symbols)          c:\symbols\apphelp.pdb\106D8ED641E04B8680350C1D3E541ADF2\apphelp.pdb
    Loaded symbol image file: apphelp.dll
    Image path: C:\Windows\System32\apphelp.dll
    Image name: apphelp.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 03:03:12 2009 (49E040B0)
    CheckSum:         0003C792
    ImageSize:        00035000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     Apphelp
    OriginalFilename: Apphelp
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Application Compatibility Client Library
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74cc0000 00000000`74cc8000   atiu9pag   (export symbols)       atiu9pag.dll
    Loaded symbol image file: atiu9pag.dll
    Image path: C:\Windows\system32\atiu9pag.dll
    Image name: atiu9pag.dll
    Browse all global symbols  functions  data
    Timestamp:        Tue Mar 02 22:06:26 2010 (4B8DD232)
    CheckSum:         0001339A
    ImageSize:        00008000
    File version:     0.0.0.0
    Product version:  0.0.0.0
    File flags:       0 (Mask 0)
    File OS:          0 Unknown Base
    File type:        0.0 Unknown
    File date:        00000000.00000000
    Translations:     0409.04e4
    CompanyName:      Advanced Micro Devices, Inc. 
    ProductName:      Advanced Micro Devices, Inc PowerXpress Vista User Mode Driver
    InternalName:     atiu9pag.dll
    OriginalFilename: atiu9pag.dll
    ProductVersion:   8.14.01.6099
    FileVersion:      8.14.01.6099
    PrivateBuild:     4 
    SpecialBuild:     DevStudio Build
    FileDescription:  atiu9pag.dll
    LegalCopyright:   Copyright (C) 2007 Advanced Micro Devices, Inc.
    LegalTrademarks:  PowerXpress (TM) is a Trademark of ATI Technologies Inc.
00000000`6d6f0000 00000000`6da7e000   atiumdag   (export symbols)       atiumdag.dll
    Loaded symbol image file: atiumdag.dll
    Image path: C:\Windows\system32\atiumdag.dll
    Image name: atiumdag.dll
    Browse all global symbols  functions  data
    Timestamp:        Tue Mar 02 22:46:41 2010 (4B8DDBA1)
    CheckSum:         00395C3C
    ImageSize:        0038E000
    File version:     0.0.0.0
    Product version:  0.0.0.0
    File flags:       0 (Mask 0)
    File OS:          0 Unknown Base
    File type:        0.0 Unknown
    File date:        00000000.00000000
    Translations:     0409.04e4
    CompanyName:      ATI Technologies Inc. 
    ProductName:      ATI Technologies Inc. Radeon DirectX Universal Driver
    InternalName:     atiumdag.dll
    OriginalFilename: atiumdag.dll
    ProductVersion:   8.14.10.0735
    FileVersion:      8.14.10.0735
    PrivateBuild:     Built by swtools on CNABCB07 on 03/02/10 at 22:46
    SpecialBuild:     DevStudio Build
    FileDescription:  atiumdag.dll
    LegalCopyright:   Copyright (C) 1998-2002 ATI Technologies Inc.
    LegalTrademarks:  Radeon (TM) is a Trademark of ATI Technologies Inc.
00000000`6f860000 00000000`6fb52000   atiumdva   (export symbols)       atiumdva.dll
    Loaded symbol image file: atiumdva.dll
    Image path: C:\Windows\system32\atiumdva.dll
    Image name: atiumdva.dll
    Browse all global symbols  functions  data
    Timestamp:        Tue Mar 02 22:24:24 2010 (4B8DD668)
    CheckSum:         002E9943
    ImageSize:        002F2000
    File version:     0.0.0.0
    Product version:  0.0.0.0
    File flags:       0 (Mask 0)
    File OS:          0 Unknown Base
    File type:        0.0 Unknown
    File date:        00000000.00000000
    Translations:     0409.04e4
    CompanyName:      Advanced Micro Devices, Inc. 
    ProductName:      Advanced Micro Devices, Inc. Radeon Video Acceleration Universal Driver
    InternalName:     atiumdva.dll
    OriginalFilename: atiumdva.dll
    ProductVersion:   8.14.10.0250
    FileVersion:      8.14.10.0250
    PrivateBuild:     Built by swtools on CNABCB07 on 03/02/10 at 22:23
    SpecialBuild:     DevStudio Build
    FileDescription:  Radeon Video Acceleration Universal Driver
    LegalCopyright:   Copyright (c) 2009 Advanced Micro Devices, Inc.
    LegalTrademarks:  Radeon (TM) is a Trademark of Advanced Micro Devices, Inc.
00000000`72d30000 00000000`72daa000   AudioEng # (pdb symbols)          c:\symbols\AUDIOENG.pdb\F57F050BFB52407BAB928502F1120EC02\AUDIOENG.pdb
    Loaded symbol image file: AudioEng.dll
    Image path: C:\Windows\System32\AudioEng.dll
    Image name: AudioEng.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Jan 19 02:53:49 2008 (4791AC8D)
    CheckSum:         00081513
    ImageSize:        0007A000
    File version:     6.0.6001.18000
    Product version:  6.0.6001.18000
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     AudioEngine
    OriginalFilename: AudioEng.Dll
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Audio Engine
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`72da0000 00000000`72dd3000   AudioSes # (pdb symbols)          c:\symbols\AUDIOENG.pdb\F57F050BFB52407BAB928502F1120EC02\AUDIOENG.pdb
    Loaded symbol image file: AudioEng.dll
    Image path: C:\Windows\System32\AudioSes.dll
    Image name: AudioSes.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 03:03:34 2009 (49E040C6)
    CheckSum:         000318F1
    ImageSize:        00033000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     AudioSession
    OriginalFilename: AudioSes.Dll
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Audio Session
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`72dd0000 00000000`72dd8000   avrt       (pdb symbols)          c:\symbols\avrt.pdb\DF0B089A5E80467383CCBBBBDCF2D0282\avrt.pdb
    Loaded symbol image file: avrt.dll
    Image path: C:\Windows\System32\avrt.dll
    Image name: avrt.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Jan 19 02:54:18 2008 (4791ACAA)
    CheckSum:         0000A90E
    ImageSize:        00008000
    File version:     6.0.6001.18000
    Product version:  6.0.6001.18000
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        1.0 App
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     avrt.dll
    OriginalFilename: avrt.dll
    ProductVersion:   6.0.6001.18000
    FileVersion:      6.0.6001.18000 (longhorn_rtm.080118-1840)
    FileDescription:  Multimedia Realtime Runtime
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`76570000 00000000`765f4000   clbcatq    (pdb symbols)          c:\symbols\CLBCatQ.pdb\9E0BF37E9B7B468BA033F0003A14A3A32\CLBCatQ.pdb
    Loaded symbol image file: clbcatq.dll
    Image path: C:\Windows\SysWOW64\clbcatq.dll
    Image name: clbcatq.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Jan 19 02:27:43 2008 (4791A66F)
    CheckSum:         00086A18
    ImageSize:        00084000
    File version:     2001.12.6931.18000
    Product version:  6.0.6001.18000
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     CLBCATQ.DLL
    OriginalFilename: CLBCATQ.DLL
    ProductVersion:   6.0.6001.18000
    FileVersion:      2001.12.6931.18000 (longhorn_rtm.080118-1840)
    FileDescription:  COM+ Configuration Catalog
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74300000 00000000`7449e000   comctl32   (pdb symbols)          c:\symbols\comctl32.pdb\A001C0FC482448E696B397073CABA1C52\comctl32.pdb
    Loaded symbol image file: comctl32.dll
    Image path: C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
    Image name: comctl32.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 02:21:39 2009 (49E036F3)
    CheckSum:         001A5BD5
    ImageSize:        0019E000
    File version:     6.10.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     comctl32
    OriginalFilename: comctl32.DLL
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.10 (lh_sp2rtm.090410-1830)
    FileDescription:  User Experience Controls Library
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`746a0000 00000000`747d7000   crypt32  # (pdb symbols)          c:\symbols\crypt32.pdb\CBDD5844C04541A885EBBC54AEBA68412\crypt32.pdb
    Loaded symbol image file: crypt32.dll
    Image path: C:\Windows\System32\crypt32.dll
    Image name: crypt32.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 03:08:50 2009 (49E04202)
    CheckSum:         001364A6
    ImageSize:        00137000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     CRYPT32.DLL
    OriginalFilename: CRYPT32.DLL
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Crypto API32
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74c70000 00000000`74c78000   dciman32   (pdb symbols)          c:\symbols\dciman32.pdb\F71656F1ECB345089881383B0C87AA952\dciman32.pdb
    Loaded symbol image file: dciman32.dll
    Image path: C:\Windows\System32\dciman32.dll
    Image name: dciman32.dll
    Browse all global symbols  functions  data
    Timestamp:        Mon Jun 15 11:10:08 2009 (4A366450)
    CheckSum:         00010E76
    ImageSize:        00008000
    File version:     6.0.6002.18051
    Product version:  6.0.6002.18051
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     dciman32
    OriginalFilename: dciman32
    ProductVersion:   6.0.6002.18051
    FileVersion:      6.0.6002.18051 (vistasp2_gdr.090615-0258)
    FileDescription:  DCI Manager
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`70830000 00000000`7091f000   ddraw    # (pdb symbols)          c:\symbols\ddraw.pdb\58E46585AF6A4FD4B01A2CA5C4EA3C092\ddraw.pdb
    Loaded symbol image file: ddraw.dll
    Image path: C:\Windows\System32\ddraw.dll
    Image name: ddraw.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Jan 19 02:54:39 2008 (4791ACBF)
    CheckSum:         0009521C
    ImageSize:        000EF000
    File version:     6.0.6001.18000
    Product version:  6.0.6001.18000
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     DDraw.dll
    OriginalFilename: DDraw.dll
    ProductVersion:   6.0.6001.18000
    FileVersion:      6.0.6001.18000 (longhorn_rtm.080118-1840)
    FileDescription:  Microsoft DirectDraw
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`709a0000 00000000`70a24000   dsound   # (no symbols)           
    Loaded symbol image file: <error>
    Image path: C:\Windows\System32\dsound.dll
    Image name: dsound.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 03:05:33 2009 (49E0413D)
    CheckSum:         0008C233
    ImageSize:        00084000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     DirectSound
    OriginalFilename: dsound.dll
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  DirectSound
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`72ca0000 00000000`72cb1000   dwmapi   # (pdb symbols)          c:\symbols\dwmapi.pdb\1E6F7E8306934DD8A2953D21A720F52D2\dwmapi.pdb
    Loaded symbol image file: dwmapi.dll
    Image path: C:\Windows\System32\dwmapi.dll
    Image name: dwmapi.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Jan 19 02:55:59 2008 (4791AD0F)
    CheckSum:         0001191F
    ImageSize:        00011000
    File version:     6.0.6001.18000
    Product version:  6.0.6001.18000
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     dwmapi.dll
    OriginalFilename: dwmapi.dll
    ProductVersion:   6.0.6001.18000
    FileVersion:      6.0.6001.18000 (longhorn_rtm.080118-1840)
    FileDescription:  Microsoft Desktop Window Manager API
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`756f0000 00000000`75780000   gdi32      (pdb symbols)          c:\symbols\wgdi32.pdb\AE067ABA7F024A11A207B2D803E0E55A2\wgdi32.pdb
    Loaded symbol image file: gdi32.dll
    Image path: C:\Windows\SysWOW64\gdi32.dll
    Image name: gdi32.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 02:26:43 2009 (49E03823)
    CheckSum:         00051D95
    ImageSize:        00090000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     gdi32
    OriginalFilename: gdi32
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  GDI Client DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74c40000 00000000`74c48000   IconCodecService # (pdb symbols)          c:\symbols\IconCodecService.pdb\0EFA5A802F5945A3843F6E3C1C4BA6932\IconCodecService.pdb
    Loaded symbol image file: IconCodecService.dll
    Image path: C:\Windows\System32\IconCodecService.dll
    Image name: IconCodecService.dll
    Browse all global symbols  functions  data
    Timestamp:        Thu Nov 02 07:12:13 2006 (4549D28D)
    CheckSum:         0000CB6F
    ImageSize:        00008000
    File version:     6.0.6000.16386
    Product version:  6.0.6000.16386
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     ICONCODESERVICE.DLL
    OriginalFilename: ICONCODESERVICE.DLL
    ProductVersion:   6.0.6000.16386
    FileVersion:      6.0.6000.16386 (vista_rtm.061101-2205)
    FileDescription:  Converts a PNG part of the icon to a legacy bmp icon
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`76600000 00000000`767e8000   iertutil   (pdb symbols)          c:\symbols\iertutil.pdb\9280F92B03CC4222BF6411FDF1B78F742\iertutil.pdb
    Loaded symbol image file: iertutil.dll
    Image path: C:\Windows\SysWOW64\iertutil.dll
    Image name: iertutil.dll
    Browse all global symbols  functions  data
    Timestamp:        Tue Feb 23 01:34:22 2010 (4B8376EE)
    CheckSum:         001EA948
    ImageSize:        001E8000
    File version:     8.0.6001.18904
    Product version:  8.0.6001.18904
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Windows® Internet Explorer
    InternalName:     IeRtUtil.dll
    OriginalFilename: IeRtUtil.dll
    ProductVersion:   8.00.6001.18904
    FileVersion:      8.00.6001.18904 (longhorn_ie8_gdr.100222-1700)
    FileDescription:  Run time utility for Internet Explorer
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`76b00000 00000000`76b29000   imagehlp   (pdb symbols)          c:\symbols\imagehlp.pdb\83857AB54AF242F49144544444A773502\imagehlp.pdb
    Loaded symbol image file: imagehlp.dll
    Image path: C:\Windows\SysWOW64\imagehlp.dll
    Image name: imagehlp.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Jan 19 02:30:17 2008 (4791A709)
    CheckSum:         0002BA6F
    ImageSize:        00029000
    File version:     6.0.6001.18000
    Product version:  6.0.6001.18000
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     IMAGEHLP.DLL
    OriginalFilename: IMAGEHLP.DLL
    ProductVersion:   6.0.6001.18000
    FileVersion:      6.0.6001.18000 (longhorn_rtm.080118-1840)
    FileDescription:  Windows NT Image Helper
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`75690000 00000000`756bd000   imm32    # (pdb symbols)          c:\symbols\wimm32.pdb\A34EE073E19B4B9B97B078FDBAE8ACA82\wimm32.pdb
    Loaded symbol image file: imm32.dll
    Image path: C:\Windows\System32\imm32.dll
    Image name: imm32.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 03:06:37 2009 (49E0417D)
    CheckSum:         0002E32E
    ImageSize:        0002D000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     imm32
    OriginalFilename: imm32
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Multi-User Windows IMM32 API Client DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`757d0000 00000000`758e0000   kernel32   (pdb symbols)          c:\symbols\wkernel32.pdb\5363FE3A6B284BD58ADBCAF4C3FF0FE82\wkernel32.pdb
    Loaded symbol image file: kernel32.dll
    Image path: C:\Windows\SysWOW64\kernel32.dll
    Image name: kernel32.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 02:29:20 2009 (49E038C0)
    CheckSum:         000E1028
    ImageSize:        00110000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     kernel32
    OriginalFilename: kernel32
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Windows NT BASE API Client DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`763f0000 00000000`763f9000   lpk        (pdb symbols)          c:\symbols\wlpk.pdb\C6E9E606D2024BFFB7B22064B65FFD152\wlpk.pdb
    Loaded symbol image file: lpk.dll
    Image path: C:\Windows\SysWOW64\lpk.dll
    Image name: lpk.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 02:26:44 2009 (49E03824)
    CheckSum:         00005FEF
    ImageSize:        00009000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     LanguagePack
    OriginalFilename: LanguagePack
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Language Pack
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`72de0000 00000000`72e16000   MMDevAPI # (pdb symbols)          c:\symbols\MMDevAPI.pdb\452F79E1B06349DC9A3713F89A2F530E2\MMDevAPI.pdb
    Loaded symbol image file: MMDevAPI.dll
    Image path: C:\Windows\System32\MMDevAPI.dll
    Image name: MMDevAPI.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 03:05:52 2009 (49E04150)
    CheckSum:         0003EA90
    ImageSize:        00036000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     MMDeviceAPI
    OriginalFilename: MMDevAPI.Dll
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  MMDevice API
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74c80000 00000000`74c99000   mpr      # (pdb symbols)          c:\symbols\mpr.pdb\FF53B737FF3545D6BC4B20760AFE03B42\mpr.pdb
    Loaded symbol image file: mpr.dll
    Image path: C:\Windows\System32\mpr.dll
    Image name: mpr.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 03:05:52 2009 (49E04150)
    CheckSum:         0002122F
    ImageSize:        00019000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     mpr.dll
    OriginalFilename: mpr.dll
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Multiple Provider Router DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`72d00000 00000000`72d18000   msacm32  # (pdb symbols)          c:\symbols\msacm32.pdb\376918E968B945C7AFADC00C7A541A422\msacm32.pdb
    Loaded symbol image file: msacm32.dll
    Image path: C:\Windows\System32\msacm32.dll
    Image name: msacm32.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Jan 19 02:56:57 2008 (4791AD49)
    CheckSum:         00016188
    ImageSize:        00018000
    File version:     6.0.6001.18000
    Product version:  6.0.6001.18000
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        3.8 Driver
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     Microsoft ACM Audio Filter
    OriginalFilename: msfltr32.acm
    ProductVersion:   6.0.6001.18000
    FileVersion:      6.0.6001.18000 (longhorn_rtm.080118-1840)
    FileDescription:  Microsoft ACM Audio Filter
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74680000 00000000`74699000   msasn1     (pdb symbols)          c:\symbols\msasn1.pdb\3166FD65BABE46E0B353A7A587FF605D2\msasn1.pdb
    Loaded symbol image file: msasn1.dll
    Image path: C:\Windows\System32\msasn1.dll
    Image name: msasn1.dll
    Browse all global symbols  functions  data
    Timestamp:        Fri Sep 04 07:55:10 2009 (4AA1001E)
    CheckSum:         000157A7
    ImageSize:        00019000
    File version:     6.0.6002.18106
    Product version:  6.0.6002.18106
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     msasn1.dll
    OriginalFilename: msasn1.dll
    ProductVersion:   6.0.6002.18106
    FileVersion:      6.0.6002.18106 (vistasp2_gdr.090903-2340)
    FileDescription:  ASN.1 Runtime APIs
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`754f0000 00000000`755b8000   msctf      (pdb symbols)          c:\symbols\msctf.pdb\C586659073A94B89B2EEFAAA7737FC092\msctf.pdb
    Loaded symbol image file: msctf.dll
    Image path: C:\Windows\SysWOW64\msctf.dll
    Image name: msctf.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 02:24:19 2009 (49E03793)
    CheckSum:         000C9534
    ImageSize:        000C8000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     MSCTF
    OriginalFilename: MSCTF.DLL
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  MSCTF Server DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`75060000 00000000`7510a000   msvcrt     (pdb symbols)          c:\symbols\msvcrt.pdb\7F8019F7BFB946868548036AA5881B4C2\msvcrt.pdb
    Loaded symbol image file: msvcrt.dll
    Image path: C:\Windows\SysWOW64\msvcrt.dll
    Image name: msvcrt.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 02:24:30 2009 (49E0379E)
    CheckSum:         000B2BF2
    ImageSize:        000AA000
    File version:     7.0.6002.18005
    Product version:  6.1.8638.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        1.0 App
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     msvcrt.dll
    OriginalFilename: msvcrt.dll
    ProductVersion:   7.0.6002.18005
    FileVersion:      7.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Windows NT CRT DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`00400000 00000000`00411000   NavyFIELD C (no symbols)           
    Loaded symbol image file: NavyFIELD.exe
    Image path: C:\Program Files\SD EnterNET\NavyFIELD\NavyFIELD.exe
    Image name: NavyFIELD.exe
    Browse all global symbols  functions  data
    Timestamp:        Tue Apr 21 23:01:42 2009 (49EE8896)
    CheckSum:         00000000
    ImageSize:        00011000
    File version:     0.0.0.0
    Product version:  0.0.0.0
    File flags:       0 (Mask 0)
    File OS:          0 Unknown Base
    File type:        0.0 Unknown
    File date:        00000000.00000000
    Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4
00000000`74520000 00000000`745c3000   netapi32 # (pdb symbols)          c:\symbols\netapi32.pdb\B9F360F0DBBC48A0AB9A1629C1633C382\netapi32.pdb
    Loaded symbol image file: netapi32.dll
    Image path: C:\Windows\System32\netapi32.dll
    Image name: netapi32.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 03:07:17 2009 (49E041A5)
    CheckSum:         000A8B49
    ImageSize:        000A3000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     NetApi32.DLL
    OriginalFilename: NetApi32.DLL
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Net Win32 API DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`76400000 00000000`76406000   nsi        (pdb symbols)          c:\symbols\nsi.pdb\37D074DFCA5D4B5FB51EB78B39F22BF12\nsi.pdb
    Loaded symbol image file: nsi.dll
    Image path: C:\Windows\SysWOW64\nsi.dll
    Image name: nsi.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Jan 19 02:32:52 2008 (4791A7A4)
    CheckSum:         000074AE
    ImageSize:        00006000
    File version:     6.0.6001.18000
    Product version:  6.0.6001.18000
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        3.6 Driver
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     nsi.dll
    OriginalFilename: nsi.dll
    ProductVersion:   6.0.6001.18000
    FileVersion:      6.0.6001.18000 (longhorn_rtm.080118-1840)
    FileDescription:  NSI User-mode interface DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`76d30000 00000000`76eb6000   ntdll      (pdb symbols)          c:\symbols\ntdll.pdb\441D43C059B84ACE88BAA2BCED236B532\ntdll.pdb
    Loaded symbol image file: ntdll.dll
    Image path: C:\Windows\System32\ntdll.dll
    Image name: ntdll.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 03:09:17 2009 (49E0421D)
    CheckSum:         00187A5E
    ImageSize:        00186000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     ntdll.dll
    OriginalFilename: ntdll.dll
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  NT Layer DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`76ef0000 00000000`77050000   ntdll_76ef0000   (pdb symbols)          c:\symbols\wntdll.pdb\73B43FA41AD149078FBBC1571258DCF92\wntdll.pdb
    Loaded symbol image file: ntdll.dll
    Image path: C:\Windows\SysWOW64\ntdll.dll
    Image name: ntdll.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 02:26:44 2009 (49E03824)
    CheckSum:         0012BD06
    ImageSize:        00160000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     ntdll.dll
    OriginalFilename: ntdll.dll
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  NT Layer DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74610000 00000000`7463c000   ntmarta  # (pdb symbols)          c:\symbols\ntmarta.pdb\0F439EC56F7147828D914F59499E4F582\ntmarta.pdb
    Loaded symbol image file: ntmarta.dll
    Image path: C:\Windows\System32\ntmarta.dll
    Image name: ntmarta.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 03:09:35 2009 (49E0422F)
    CheckSum:         0002810F
    ImageSize:        0002C000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        1.0 App
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     ntmarta.dll
    OriginalFilename: ntmarta.dll
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Windows NT MARTA provider
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`769b0000 00000000`76af5000   ole32      (pdb symbols)          c:\symbols\ole32.pdb\4F6EE07E85D24C1782E71BDDFD6CABC52\ole32.pdb
    Loaded symbol image file: ole32.dll
    Image path: C:\Windows\SysWOW64\ole32.dll
    Image name: ole32.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 02:25:27 2009 (49E037D7)
    CheckSum:         0014DE33
    ImageSize:        00145000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     OLE32.DLL
    OriginalFilename: OLE32.DLL
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Microsoft OLE for Windows
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`73c30000 00000000`73c82000   oleacc   # (pdb symbols)          c:\symbols\oleacc.pdb\80D69E8319D74C9EBB0085325DD2F1CC1\oleacc.pdb
    Loaded symbol image file: oleacc.dll
    Image path: C:\Windows\System32\oleacc.dll
    Image name: oleacc.dll
    Browse all global symbols  functions  data
    Timestamp:        Thu Oct 08 17:07:58 2009 (4ACE54AE)
    CheckSum:         00054AB1
    ImageSize:        00052000
    File version:     7.0.6002.18155
    Product version:  6.0.6002.18155
    File flags:       8 (Mask 3F) Private
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0000.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     OLEACC
    OriginalFilename: OLEACC.DLL
    ProductVersion:   6.0.6002.18155
    FileVersion:      7.0.6002.18155 (vistasp2_gdr_win7ip_uia(wmbla).091008-1406)
    FileDescription:  Active Accessibility Core Component
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74fd0000 00000000`7505d000   oleaut32   (pdb symbols)          c:\symbols\oleaut32.pdb\0BD459447A41461AAC54608898A59AD62\oleaut32.pdb
    Loaded symbol image file: oleaut32.dll
    Image path: C:\Windows\SysWOW64\oleaut32.dll
    Image name: oleaut32.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 02:25:30 2009 (49E037DA)
    CheckSum:         00095471
    ImageSize:        0008D000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04e4
    CompanyName:      Microsoft Corporation
    InternalName:     OLEAUT32.DLL
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
    LegalTrademarks:  Microsoft® is a registered trademark of Microsoft Corporation. Windows® is a registered trademark of Microsoft Corporation.
00000000`74c50000 00000000`74c72000   powrprof # (pdb symbols)          c:\symbols\powrprof.pdb\753F4385ED22490DB8BC77BCC4D6F8A02\powrprof.pdb
    Loaded symbol image file: powrprof.dll
    Image path: C:\Windows\System32\powrprof.dll
    Image name: powrprof.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 03:09:10 2009 (49E04216)
    CheckSum:         00020B7C
    ImageSize:        00022000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     POWRPROF
    OriginalFilename: POWRPROF.DLL
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Power Profile Helper DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`75110000 00000000`75117000   psapi      (pdb symbols)          c:\symbols\psapi.pdb\FA398191D257469CBA795A86B704D9B92\psapi.pdb
    Loaded symbol image file: psapi.dll
    Image path: C:\Windows\SysWOW64\psapi.dll
    Image name: psapi.dll
    Browse all global symbols  functions  data
    Timestamp:        Thu Nov 02 05:42:49 2006 (4549BD99)
    CheckSum:         00009AC8
    ImageSize:        00007000
    File version:     6.0.6000.16386
    Product version:  6.0.6000.16386
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     PSAPI
    OriginalFilename: PSAPI
    ProductVersion:   6.0.6000.16386
    FileVersion:      6.0.6000.16386 (vista_rtm.061101-2205)
    FileDescription:  Process Status Helper
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`75400000 00000000`754f0000   rpcrt4     (pdb symbols)          c:\symbols\wrpcrt4.pdb\1C4033A17ECA418982192733E23116152\wrpcrt4.pdb
    Loaded symbol image file: rpcrt4.dll
    Image path: C:\Windows\SysWOW64\rpcrt4.dll
    Image name: rpcrt4.dll
    Browse all global symbols  functions  data
    Timestamp:        Thu Apr 23 08:15:39 2009 (49F05BEB)
    CheckSum:         000ACBD4
    ImageSize:        000F0000
    File version:     6.0.6002.18024
    Product version:  6.0.6002.18024
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     rpcrt4.dll
    OriginalFilename: rpcrt4.dll
    ProductVersion:   6.0.6002.18024
    FileVersion:      6.0.6002.18024 (vistasp2_gdr.090423-0018)
    FileDescription:  Remote Procedure Call Runtime
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`745f0000 00000000`7460c000   samlib   # (pdb symbols)          c:\symbols\samlib.pdb\211C4D848CAA408CA4A19879757435CE2\samlib.pdb
    Loaded symbol image file: samlib.dll
    Image path: C:\Windows\System32\samlib.dll
    Image name: samlib.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 03:08:19 2009 (49E041E3)
    CheckSum:         00021F87
    ImageSize:        0001C000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     SAMLib.DLL
    OriginalFilename: SAMLib.DLL
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  SAM Library DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74ec0000 00000000`74f20000   secur32    (pdb symbols)          c:\symbols\wsecur32.pdb\1385738AB4334948A9AD074830923D1C2\wsecur32.pdb
    Loaded symbol image file: secur32.dll
    Image path: C:\Windows\SysWOW64\secur32.dll
    Image name: secur32.dll
    Browse all global symbols  functions  data
    Timestamp:        Mon Jun 15 10:54:11 2009 (4A366093)
    CheckSum:         0001DAF5
    ImageSize:        00060000
    File version:     6.0.6002.18051
    Product version:  6.0.6002.18051
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     security.dll
    OriginalFilename: security.dll
    ProductVersion:   6.0.6002.18051
    FileVersion:      6.0.6002.18051 (vistasp2_gdr.090615-0258)
    FileDescription:  Security Support Provider Interface
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`75270000 00000000`753fa000   setupapi   (pdb symbols)          c:\symbols\setupapi.pdb\3BC12B229D754162B904F56161343C0C2\setupapi.pdb
    Loaded symbol image file: setupapi.dll
    Image path: C:\Windows\SysWOW64\setupapi.dll
    Image name: setupapi.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 02:25:45 2009 (49E037E9)
    CheckSum:         0019350E
    ImageSize:        0018A000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     SETUPAPI.DLL
    OriginalFilename: SETUPAPI.DLL
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Windows Setup API
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74ce0000 00000000`74ce6000   sfc      # (pdb symbols)          c:\symbols\sfc.pdb\053C71267FD04F0EAA76C947162D956A1\sfc.pdb
    Loaded symbol image file: sfc.dll
    Image path: C:\Windows\System32\sfc.dll
    Image name: sfc.dll
    Browse all global symbols  functions  data
    Timestamp:        Thu Nov 02 07:14:36 2006 (4549D31C)
    CheckSum:         0000EA86
    ImageSize:        00006000
    File version:     6.0.6000.16386
    Product version:  6.0.6000.16386
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        1.0 App
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     sfc.dll
    OriginalFilename: sfc.dll
    ProductVersion:   6.0.6000.16386
    FileVersion:      6.0.6000.16386 (vista_rtm.061101-2205)
    FileDescription:  Windows File Protection
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74910000 00000000`7491e000   sfc_os   # (pdb symbols)          c:\symbols\sfc_os.pdb\5873E34AF3B14EA1AEAFA41D4EE00F9E2\sfc_os.pdb
    Loaded symbol image file: sfc_os.dll
    Image path: C:\Windows\System32\sfc_os.dll
    Image name: sfc_os.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Jan 19 02:58:32 2008 (4791ADA8)
    CheckSum:         00011458
    ImageSize:        0000E000
    File version:     6.0.6001.18000
    Product version:  6.0.6001.18000
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        1.0 App
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     sfc_os.dll
    OriginalFilename: sfc_os.dll
    ProductVersion:   6.0.6001.18000
    FileVersion:      6.0.6001.18000 (longhorn_rtm.080118-1840)
    FileDescription:  Windows File Protection
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`758e0000 00000000`763f0000   shell32    (pdb symbols)          c:\symbols\shell32.pdb\01C50E6382DD4CF0A9CA63D04A60159F2\shell32.pdb
    Loaded symbol image file: shell32.dll
    Image path: C:\Windows\SysWOW64\shell32.dll
    Image name: shell32.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 02:25:48 2009 (49E037EC)
    CheckSum:         00B16989
    ImageSize:        00B10000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     SHELL32
    OriginalFilename: SHELL32.DLL
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Windows Shell Common Dll
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74ca0000 00000000`74cc2000   shimeng  # (no symbols)           
    Loaded symbol image file: <error>
    Image path: C:\Windows\System32\shimeng.dll
    Image name: shimeng.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Jan 19 02:58:32 2008 (4791ADA8)
    CheckSum:         00014167
    ImageSize:        00022000
    File version:     6.0.6001.18000
    Product version:  6.0.6001.18000
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     Shim Engine DLL (IAT)
    OriginalFilename: Shim Engine DLL (IAT)
    ProductVersion:   6.0.6000.16386
    FileVersion:      6.0.6000.16386 (vista_rtm.061101-2205)
    FileDescription:  Shim Engine DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`75120000 00000000`75179000   shlwapi    (pdb symbols)          c:\symbols\shlwapi.pdb\4B71444384904537AE5971195A57C03D2\shlwapi.pdb
    Loaded symbol image file: shlwapi.dll
    Image path: C:\Windows\SysWOW64\shlwapi.dll
    Image name: shlwapi.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 02:25:53 2009 (49E037F1)
    CheckSum:         000627B2
    ImageSize:        00059000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     SHLWAPI
    OriginalFilename: SHLWAPI.DLL
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Shell Light-weight Utility Library
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74cd0000 00000000`74cd5000   shunimpl # (pdb symbols)          c:\symbols\shunimpl.pdb\DCA4E2C12F2F431EA8E1970259EDBC0B1\shunimpl.pdb
    Loaded symbol image file: shunimpl.dll
    Image path: C:\Windows\System32\shunimpl.dll
    Image name: shunimpl.dll
    Browse all global symbols  functions  data
    Timestamp:        Thu Nov 02 07:14:45 2006 (4549D325)
    CheckSum:         00004F81
    ImageSize:        00005000
    File version:     6.0.6000.16386
    Product version:  6.0.6000.16386
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     SHUNIMPL
    OriginalFilename: SHUNIMPL.DLL
    ProductVersion:   6.0.6000.16386
    FileVersion:      6.0.6000.16386 (vista_rtm.061101-2205)
    FileDescription:  Windows Shell Obsolete APIs
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`76870000 00000000`769a3000   urlmon     (pdb symbols)          c:\symbols\urlmon.pdb\9F7BFA5616994E9183B79B3F5E87AC302\urlmon.pdb
    Loaded symbol image file: urlmon.dll
    Image path: C:\Windows\SysWOW64\urlmon.dll
    Image name: urlmon.dll
    Browse all global symbols  functions  data
    Timestamp:        Tue Feb 23 01:39:04 2010 (4B837808)
    CheckSum:         0012C5B0
    ImageSize:        00133000
    File version:     8.0.6001.18904
    Product version:  8.0.6001.18904
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Windows® Internet Explorer
    InternalName:     UrlMon.dll
    OriginalFilename: UrlMon.dll
    ProductVersion:   8.00.6001.18904
    FileVersion:      8.00.6001.18904 (longhorn_ie8_gdr.100222-1700)
    FileDescription:  OLE32 Extensions for Win32
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`764a0000 00000000`76570000   user32     (pdb symbols)          c:\symbols\wuser32.pdb\5BF85E5C9B3D45FA90B6F3B44248FBE32\wuser32.pdb
    Loaded symbol image file: user32.dll
    Image path: C:\Windows\SysWOW64\user32.dll
    Image name: user32.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 02:26:45 2009 (49E03825)
    CheckSum:         000A6274
    ImageSize:        000D0000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     user32
    OriginalFilename: user32
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Multi-User Windows USER API Client DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`748e0000 00000000`74906000   userenv  # (no symbols)           
    Loaded symbol image file: <error>
    Image path: C:\Windows\System32\userenv.dll
    Image name: userenv.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 03:09:04 2009 (49E04210)
    CheckSum:         0002285C
    ImageSize:        00026000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        1.0 App
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     userenv
    OriginalFilename: userenv.dll
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Userenv
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74f20000 00000000`74f9d000   usp10      (pdb symbols)          c:\symbols\usp10.pdb\F20359F6776A4E6281AC5CFDEE639A102\usp10.pdb
    Loaded symbol image file: usp10.dll
    Image path: C:\Windows\SysWOW64\usp10.dll
    Image name: usp10.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 02:26:25 2009 (49E03811)
    CheckSum:         00084646
    ImageSize:        0007D000
    File version:     1.626.6002.18005
    Product version:  1.626.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft(R) Uniscribe Unicode script processor
    InternalName:     Uniscribe
    OriginalFilename: Uniscribe
    ProductVersion:   1.0626.6002.18005
    FileVersion:      1.0626.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Uniscribe Unicode script processor
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`73b00000 00000000`73b51000   uxtheme  # (pdb symbols)          c:\symbols\wuxtheme.pdb\2CED1BED6BF94C93BE45601FA010BAC22\wuxtheme.pdb
    Loaded symbol image file: uxtheme.dll
    Image path: C:\Windows\System32\uxtheme.dll
    Image name: uxtheme.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Jan 19 02:59:08 2008 (4791ADCC)
    CheckSum:         0005A298
    ImageSize:        00051000
    File version:     6.0.6001.18000
    Product version:  6.0.6001.18000
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     UxTheme.dll
    OriginalFilename: UxTheme.dll
    ProductVersion:   6.0.6001.18000
    FileVersion:      6.0.6001.18000 (longhorn_rtm.080118-1840)
    FileDescription:  Microsoft UxTheme Library
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74900000 00000000`7490b000   version    (pdb symbols)          c:\symbols\version.pdb\97D7BF0FB8A647DF8236D5D9F474AE352\version.pdb
    Loaded symbol image file: version.dll
    Image path: C:\Windows\System32\version.dll
    Image name: version.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 03:09:04 2009 (49E04210)
    CheckSum:         0000CB6B
    ImageSize:        0000B000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     version
    OriginalFilename: VERSION.DLL
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Version Checking and File Installation Libraries
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`70dc0000 00000000`70eee000   WindowsCodecs # (pdb symbols)          c:\symbols\WindowsCodecs.pdb\0AFDCFB6BF884AD2B40E859A5D0AE4C12\WindowsCodecs.pdb
    Loaded symbol image file: WindowsCodecs.dll
    Image path: C:\Windows\System32\WindowsCodecs.dll
    Image name: WindowsCodecs.dll
    Browse all global symbols  functions  data
    Timestamp:        Thu Sep 24 22:27:37 2009 (4ABC2A99)
    CheckSum:         001367C7
    ImageSize:        0012E000
    File version:     7.0.6002.18107
    Product version:  7.0.6002.18107
    File flags:       8 (Mask 3F) Private
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     WindowsCodecs
    OriginalFilename: WindowsCodecs
    ProductVersion:   7.0.6002.18107
    FileVersion:      7.0.6002.18107 (vistasp2_gdr_win7ip_dgt(wmbla).090924-1550)
    FileDescription:  Microsoft Windows Codecs Library
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`73c70000 00000000`73ca9000   winmm      (pdb symbols)          c:\symbols\winmm.pdb\8624A2B385BB483FBAC6DE9DEE566FEA2\winmm.pdb
    Loaded symbol image file: winmm.dll
    Image path: C:\Windows\System32\winmm.dll
    Image name: winmm.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 03:10:14 2009 (49E04256)
    CheckSum:         0003F410
    ImageSize:        00039000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     winmm.dll
    OriginalFilename: WINMM.DLL
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  MCI API DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`73930000 00000000`73988000   winspool # (pdb symbols)          c:\symbols\winspool.pdb\218E0F2BA75947DBAF6AB39B116259B31\winspool.pdb
    Loaded symbol image file: winspool.drv
    Image path: C:\Windows\System32\winspool.drv
    Image name: winspool.drv
    Browse all global symbols  functions  data
    Timestamp:        Tue Aug 11 13:10:04 2009 (4A81A5EC)
    CheckSum:         00061974
    ImageSize:        00058000
    File version:     6.0.6002.18087
    Product version:  6.0.6002.18087
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        3.1 Driver
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     winspool.drv
    OriginalFilename: winspool.drv
    ProductVersion:   6.0.6002.18087
    FileVersion:      6.0.6002.18087 (vistasp2_gdr.090811-0423)
    FileDescription:  Windows Spooler Driver
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74650000 00000000`74689000   wintrust # (no symbols)           
    Loaded symbol image file: <error>
    Image path: C:\Windows\System32\wintrust.dll
    Image name: wintrust.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Jan 19 03:00:26 2008 (4791AE1A)
    CheckSum:         0003E70F
    ImageSize:        00039000
    File version:     6.0.6001.18000
    Product version:  6.0.6001.18000
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     WINTRUST.DLL
    OriginalFilename: WINTRUST.DLL
    ProductVersion:   6.0.6001.18000
    FileVersion:      6.0.6001.18000 (longhorn_rtm.080118-1840)
    FileDescription:  Microsoft Trust Verification APIs
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`75780000 00000000`757c9000   Wldap32    (pdb symbols)          c:\symbols\wldap32.pdb\BDB50D98AD484CE1B6B6D332CAD547BB2\wldap32.pdb
    Loaded symbol image file: Wldap32.dll
    Image path: C:\Windows\SysWOW64\Wldap32.dll
    Image name: Wldap32.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 02:28:14 2009 (49E0387E)
    CheckSum:         0004E898
    ImageSize:        00049000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     WLDAP32.DLL
    OriginalFilename: WLDAP32.DLL
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Win32 LDAP API DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74d00000 00000000`74d45000   wow64      (pdb symbols)          c:\symbols\wow64.pdb\31FE0D0804C04792A8C30F0A22BD43F21\wow64.pdb
    Loaded symbol image file: wow64.dll
    Image path: C:\Windows\System32\wow64.dll
    Image name: wow64.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 03:12:06 2009 (49E042C6)
    CheckSum:         000466F1
    ImageSize:        00045000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     wow64
    OriginalFilename: wow64.dll
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Win32 Emulation on NT64
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74cf0000 00000000`74cf9000   wow64cpu   (pdb symbols)          c:\symbols\wow64cpu.pdb\8A6F58C104B249588D568C056922E0171\wow64cpu.pdb
    Loaded symbol image file: wow64cpu.dll
    Image path: C:\Windows\System32\wow64cpu.dll
    Image name: wow64cpu.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 03:12:07 2009 (49E042C7)
    CheckSum:         0000A743
    ImageSize:        00009000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     wow64cpu
    OriginalFilename: wow64cpu.dll
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  AMD64 Wow64 CPU 
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74920000 00000000`7496e000   wow64win   (pdb symbols)          c:\symbols\wow64win.pdb\F08072DB2B204295ABA8F2E43225C1351\wow64win.pdb
    Loaded symbol image file: wow64win.dll
    Image path: C:\Windows\System32\wow64win.dll
    Image name: wow64win.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Apr 11 03:12:09 2009 (49E042C9)
    CheckSum:         00058235
    ImageSize:        0004E000
    File version:     6.0.6002.18005
    Product version:  6.0.6002.18005
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     wow64lg2
    OriginalFilename: wow64lg2.dll
    ProductVersion:   6.0.6002.18005
    FileVersion:      6.0.6002.18005 (lh_sp2rtm.090410-1830)
    FileDescription:  Wow64 Console and Win32 API Logging
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
00000000`74fa0000 00000000`74fcd000   ws2_32     (pdb symbols)          c:\symbols\ws2_32.pdb\A004B77B4689467D8888B44DC5DD5DD72\ws2_32.pdb
    Loaded symbol image file: ws2_32.dll
    Image path: C:\Windows\SysWOW64\ws2_32.dll
    Image name: ws2_32.dll
    Browse all global symbols  functions  data
    Timestamp:        Sat Jan 19 02:32:40 2008 (4791A798)
    CheckSum:         0002E055
    ImageSize:        0002D000
    File version:     6.0.6001.18000
    Product version:  6.0.6001.18000
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     ws2_32.dll
    OriginalFilename: ws2_32.dll
    ProductVersion:   6.0.6001.18000
    FileVersion:      6.0.6001.18000 (longhorn_rtm.080118-1840)
    FileDescription:  Windows Socket 2.0 32-Bit DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
[/font]
```


----------



## jcgriff2 (Sep 30, 2007)

`

Just saw your attachments on prev post... thank you!

`

PART 2 - NavyFIELD.DMP 

```
[FONT=Lucida Console]
0:000> lme D sm
start             end                 module name
00000000`732a0000 00000000`732d5000   apphelp  # (pdb symbols)          c:\symbols\apphelp.pdb\106D8ED641E04B8680350C1D3E541ADF2\apphelp.pdb
00000000`74cc0000 00000000`74cc8000   atiu9pag   (export symbols)       atiu9pag.dll
00000000`6d6f0000 00000000`6da7e000   atiumdag   (export symbols)       atiumdag.dll
00000000`6f860000 00000000`6fb52000   atiumdva   (export symbols)       atiumdva.dll
00000000`72d30000 00000000`72daa000   AudioEng # (pdb symbols)          c:\symbols\AUDIOENG.pdb\F57F050BFB52407BAB928502F1120EC02\AUDIOENG.pdb
00000000`72da0000 00000000`72dd3000   AudioSes # (pdb symbols)          c:\symbols\AUDIOENG.pdb\F57F050BFB52407BAB928502F1120EC02\AUDIOENG.pdb
00000000`746a0000 00000000`747d7000   crypt32  # (pdb symbols)          c:\symbols\crypt32.pdb\CBDD5844C04541A885EBBC54AEBA68412\crypt32.pdb
00000000`70830000 00000000`7091f000   ddraw    # (pdb symbols)          c:\symbols\ddraw.pdb\58E46585AF6A4FD4B01A2CA5C4EA3C092\ddraw.pdb
00000000`709a0000 00000000`70a24000   dsound   # (no symbols)           
00000000`72ca0000 00000000`72cb1000   dwmapi   # (pdb symbols)          c:\symbols\dwmapi.pdb\1E6F7E8306934DD8A2953D21A720F52D2\dwmapi.pdb
00000000`74c40000 00000000`74c48000   IconCodecService # (pdb symbols)          c:\symbols\IconCodecService.pdb\0EFA5A802F5945A3843F6E3C1C4BA6932\IconCodecService.pdb
00000000`75690000 00000000`756bd000   imm32    # (pdb symbols)          c:\symbols\wimm32.pdb\A34EE073E19B4B9B97B078FDBAE8ACA82\wimm32.pdb
00000000`72de0000 00000000`72e16000   MMDevAPI # (pdb symbols)          c:\symbols\MMDevAPI.pdb\452F79E1B06349DC9A3713F89A2F530E2\MMDevAPI.pdb
00000000`74c80000 00000000`74c99000   mpr      # (pdb symbols)          c:\symbols\mpr.pdb\FF53B737FF3545D6BC4B20760AFE03B42\mpr.pdb
00000000`72d00000 00000000`72d18000   msacm32  # (pdb symbols)          c:\symbols\msacm32.pdb\376918E968B945C7AFADC00C7A541A422\msacm32.pdb
00000000`00400000 00000000`00411000   NavyFIELD C (no symbols)           
00000000`74520000 00000000`745c3000   netapi32 # (pdb symbols)          c:\symbols\netapi32.pdb\B9F360F0DBBC48A0AB9A1629C1633C382\netapi32.pdb
00000000`74610000 00000000`7463c000   ntmarta  # (pdb symbols)          c:\symbols\ntmarta.pdb\0F439EC56F7147828D914F59499E4F582\ntmarta.pdb
00000000`73c30000 00000000`73c82000   oleacc   # (pdb symbols)          c:\symbols\oleacc.pdb\80D69E8319D74C9EBB0085325DD2F1CC1\oleacc.pdb
00000000`74c50000 00000000`74c72000   powrprof # (pdb symbols)          c:\symbols\powrprof.pdb\753F4385ED22490DB8BC77BCC4D6F8A02\powrprof.pdb
00000000`745f0000 00000000`7460c000   samlib   # (pdb symbols)          c:\symbols\samlib.pdb\211C4D848CAA408CA4A19879757435CE2\samlib.pdb
00000000`74ce0000 00000000`74ce6000   sfc      # (pdb symbols)          c:\symbols\sfc.pdb\053C71267FD04F0EAA76C947162D956A1\sfc.pdb
00000000`74910000 00000000`7491e000   sfc_os   # (pdb symbols)          c:\symbols\sfc_os.pdb\5873E34AF3B14EA1AEAFA41D4EE00F9E2\sfc_os.pdb
00000000`74ca0000 00000000`74cc2000   shimeng  # (no symbols)           
00000000`74cd0000 00000000`74cd5000   shunimpl # (pdb symbols)          c:\symbols\shunimpl.pdb\DCA4E2C12F2F431EA8E1970259EDBC0B1\shunimpl.pdb
00000000`748e0000 00000000`74906000   userenv  # (no symbols)           
00000000`73b00000 00000000`73b51000   uxtheme  # (pdb symbols)          c:\symbols\wuxtheme.pdb\2CED1BED6BF94C93BE45601FA010BAC22\wuxtheme.pdb
00000000`70dc0000 00000000`70eee000   WindowsCodecs # (pdb symbols)          c:\symbols\WindowsCodecs.pdb\0AFDCFB6BF884AD2B40E859A5D0AE4C12\WindowsCodecs.pdb
00000000`73930000 00000000`73988000   winspool # (pdb symbols)          c:\symbols\winspool.pdb\218E0F2BA75947DBAF6AB39B116259B31\winspool.pdb
00000000`74650000 00000000`74689000   wintrust # (no symbols)           
0:000> .kframes 2000
Default stack trace depth is 0n8192 frames
0:000> kpM 1000
 # Child-SP          RetAddr           Call Site
00 00000000`0007ee28 00000000`74d0ab46 wow64cpu!WaitForMultipleObjects32+0x3a
01 00000000`0007eed0 00000000`74d0a14c wow64!RunCpuSimulation+0xa
02 00000000`0007ef00 00000000`76d6bf9d wow64!Wow64LdrpInitialize+0x4b4
03 00000000`0007f460 00000000`76d6bb9c ntdll!LdrpInitializeProcess+0x1568
04 00000000`0007f720 00000000`76d568de ntdll! ?? ::FNODOBFM::`string'+0x20959
05 00000000`0007f7d0 00000000`00000000 ntdll!LdrInitializeThunk+0xe
0:000> .frame 0n0;dv
00 00000000`0007ee28 00000000`74d0ab46 wow64cpu!WaitForMultipleObjects32+0x3a
Unable to enumerate locals, HRESULT 0x80004005
Private symbols (symbols.pri) are required for locals.
Type ".hh dbgerr005" for details.
0:000> knL 1000
 # Child-SP          RetAddr           Call Site
00 00000000`0007ee28 00000000`74d0ab46 wow64cpu!WaitForMultipleObjects32+0x3a
01 00000000`0007eed0 00000000`74d0a14c wow64!RunCpuSimulation+0xa
02 00000000`0007ef00 00000000`76d6bf9d wow64!Wow64LdrpInitialize+0x4b4
03 00000000`0007f460 00000000`76d6bb9c ntdll!LdrpInitializeProcess+0x1568
04 00000000`0007f720 00000000`76d568de ntdll! ?? ::FNODOBFM::`string'+0x20959
05 00000000`0007f7d0 00000000`00000000 ntdll!LdrInitializeThunk+0xe
0:000> kPn 1000
 # Child-SP          RetAddr           Call Site
00 00000000`0007ee28 00000000`74d0ab46 wow64cpu!WaitForMultipleObjects32+0x3a
01 00000000`0007eed0 00000000`74d0a14c wow64!RunCpuSimulation+0xa
02 00000000`0007ef00 00000000`76d6bf9d wow64!Wow64LdrpInitialize+0x4b4
03 00000000`0007f460 00000000`76d6bb9c ntdll!LdrpInitializeProcess+0x1568
04 00000000`0007f720 00000000`76d568de ntdll! ?? ::FNODOBFM::`string'+0x20959
05 00000000`0007f7d0 00000000`00000000 ntdll!LdrInitializeThunk+0xe
0:000> kf 1000
  Memory  Child-SP          RetAddr           Call Site
          00000000`0007ee28 00000000`74d0ab46 wow64cpu!WaitForMultipleObjects32+0x3a
       a8 00000000`0007eed0 00000000`74d0a14c wow64!RunCpuSimulation+0xa
       30 00000000`0007ef00 00000000`76d6bf9d wow64!Wow64LdrpInitialize+0x4b4
      560 00000000`0007f460 00000000`76d6bb9c ntdll!LdrpInitializeProcess+0x1568
      2c0 00000000`0007f720 00000000`76d568de ntdll! ?? ::FNODOBFM::`string'+0x20959
       b0 00000000`0007f7d0 00000000`00000000 ntdll!LdrInitializeThunk+0xe
0:000> kvn 1000
 # Child-SP          RetAddr           : Args to Child                                                           : Call Site
00 00000000`0007ee28 00000000`74d0ab46 : 00000000`00000000 00000000`0007fd20 00000000`74ca12e4 00000000`0007f820 : wow64cpu!WaitForMultipleObjects32+0x3a
01 00000000`0007eed0 00000000`74d0a14c : 00000000`00000000 00000000`00000000 00000000`74d03258 00000000`7ffe0030 : wow64!RunCpuSimulation+0xa
02 00000000`0007ef00 00000000`76d6bf9d : 00000000`76d30000 00000000`00000000 00000000`7efdf000 00000000`7efdf000 : wow64!Wow64LdrpInitialize+0x4b4
03 00000000`0007f460 00000000`76d6bb9c : 00000000`00000000 00000000`00000000 00000000`7efdf000 00000000`76d6d5c7 : ntdll!LdrpInitializeProcess+0x1568
04 00000000`0007f720 00000000`76d568de : 00000000`0007f820 00000000`00000000 00000000`7efdf000 00000000`00000000 : ntdll! ?? ::FNODOBFM::`string'+0x20959
05 00000000`0007f7d0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!LdrInitializeThunk+0xe
0:000> ~*kbn 1000

.  0  Id: 830.d84 Suspend: 0 Teb: 00000000`7efdb000 Unfrozen
 # RetAddr           : Args to Child                                                           : Call Site
00 00000000`74d0ab46 : 00000000`00000000 00000000`0007fd20 00000000`74ca12e4 00000000`0007f820 : wow64cpu!WaitForMultipleObjects32+0x3a
01 00000000`74d0a14c : 00000000`00000000 00000000`00000000 00000000`74d03258 00000000`7ffe0030 : wow64!RunCpuSimulation+0xa
02 00000000`76d6bf9d : 00000000`76d30000 00000000`00000000 00000000`7efdf000 00000000`7efdf000 : wow64!Wow64LdrpInitialize+0x4b4
03 00000000`76d6bb9c : 00000000`00000000 00000000`00000000 00000000`7efdf000 00000000`76d6d5c7 : ntdll!LdrpInitializeProcess+0x1568
04 00000000`76d568de : 00000000`0007f820 00000000`00000000 00000000`7efdf000 00000000`00000000 : ntdll! ?? ::FNODOBFM::`string'+0x20959
05 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!LdrInitializeThunk+0xe

   1  Id: 830.11b0 Suspend: 1 Teb: 00000000`7efd8000 Unfrozen
 # RetAddr           : Args to Child                                                           : Call Site
00 00000000`74d22923 : 00000000`7efd8000 00000000`74d11167 00000000`02e0fd24 00000000`74d16d76 : ntdll!NtWaitForWorkViaWorkerFactory+0xa
01 00000000`74d0a996 : 00000000`02e0fd08 00000000`02e0fd10 00000000`7efda000 00000000`00000000 : wow64!whNtWaitForWorkViaWorkerFactory+0x23
02 00000000`74cf3688 : 00000000`00000000 00000000`00000000 00000000`00000003 00000000`00000002 : wow64!Wow64SystemServiceEx+0xca
03 00000000`74d0ab46 : 00000000`76d30000 00000000`00d0fd20 00000000`741d17a4 00000000`00d0f820 : wow64cpu!ServiceNoTurbo+0x28
04 00000000`74d0a14c : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : wow64!RunCpuSimulation+0xa
05 00000000`76da05a8 : 00000000`00000000 00000000`00000000 00000000`7efdf000 00000000`00000000 : wow64!Wow64LdrpInitialize+0x4b4
06 00000000`76d568de : 00000000`00d0f820 00000000`00000000 00000000`7efdf000 00000000`00000000 : ntdll! ?? ::FNODOBFM::`string'+0x20aa1
07 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!LdrInitializeThunk+0xe

   2  Id: 830.e1c Suspend: 1 Teb: 00000000`7efd5000 Unfrozen
 # RetAddr           : Args to Child                                                           : Call Site
00 00000000`74d0ab46 : 00000000`76d30000 00000000`00d8fd20 00000000`741517a4 00000000`00d8f820 : wow64cpu!WaitForMultipleObjects32+0x3a
01 00000000`74d0a14c : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : wow64!RunCpuSimulation+0xa
02 00000000`76da05a8 : 00000000`00000000 00000000`00000000 00000000`7efdf000 00000000`00000000 : wow64!Wow64LdrpInitialize+0x4b4
03 00000000`76d568de : 00000000`00d8f820 00000000`00000000 00000000`7efdf000 00000000`00000000 : ntdll! ?? ::FNODOBFM::`string'+0x20aa1
04 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!LdrInitializeThunk+0xe

   3  Id: 830.1164 Suspend: 1 Teb: 00000000`7efad000 Unfrozen
 # RetAddr           : Args to Child                                                           : Call Site
00 00000000`74d22923 : 00000000`7efad000 00000000`74d11167 00000000`0426fd24 00000000`74d16d76 : ntdll!NtWaitForWorkViaWorkerFactory+0xa
01 00000000`74d0a996 : 00000000`0426fd08 00000000`0426fd10 00000000`7efaf000 00000000`7efaf000 : wow64!whNtWaitForWorkViaWorkerFactory+0x23
02 00000000`74cf3688 : 00000000`00000000 00000000`00000000 00000000`00000003 00000000`00000002 : wow64!Wow64SystemServiceEx+0xca
03 00000000`74d0ab46 : 00000000`76d30000 00000000`00defd20 00000000`741317a4 00000000`00def820 : wow64cpu!ServiceNoTurbo+0x28
04 00000000`74d0a14c : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : wow64!RunCpuSimulation+0xa
05 00000000`76da05a8 : 00000000`00000000 00000000`00000000 00000000`7efdf000 00000000`00000000 : wow64!Wow64LdrpInitialize+0x4b4
06 00000000`76d568de : 00000000`00def820 00000000`00000000 00000000`7efdf000 00000000`00000000 : ntdll! ?? ::FNODOBFM::`string'+0x20aa1
07 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!LdrInitializeThunk+0xe

   4  Id: 830.cfc Suspend: 1 Teb: 00000000`7efaa000 Unfrozen
 # RetAddr           : Args to Child                                                           : Call Site
00 00000000`74d0ab46 : 00000000`76d30000 00000000`0243fd20 00000000`768e17a4 00000000`0243f820 : wow64cpu!WaitForMultipleObjects32+0x3a
01 00000000`74d0a14c : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : wow64!RunCpuSimulation+0xa
02 00000000`76da05a8 : 00000000`00000000 00000000`00000000 00000000`7efdf000 00000000`00000000 : wow64!Wow64LdrpInitialize+0x4b4
03 00000000`76d568de : 00000000`0243f820 00000000`00000000 00000000`7efdf000 00000000`00000000 : ntdll! ?? ::FNODOBFM::`string'+0x20aa1
04 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!LdrInitializeThunk+0xe

   5  Id: 830.b14 Suspend: 1 Teb: 00000000`7efa7000 Unfrozen
 # RetAddr           : Args to Child                                                           : Call Site
00 00000000`74d0ab46 : 00000000`76d30000 00000000`0248fd20 00000000`768517a4 00000000`0248f820 : wow64cpu!WaitForMultipleObjects32+0x3a
01 00000000`74d0a14c : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : wow64!RunCpuSimulation+0xa
02 00000000`76da05a8 : 00000000`00000000 00000000`00000000 00000000`7efdf000 00000000`00000000 : wow64!Wow64LdrpInitialize+0x4b4
03 00000000`76d568de : 00000000`0248f820 00000000`00000000 00000000`7efdf000 00000000`00000000 : ntdll! ?? ::FNODOBFM::`string'+0x20aa1
04 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!LdrInitializeThunk+0xe
0:000> !uniqstack -pn
Processing 6 threads, please wait

.  0  Id: 830.d84 Suspend: 0 Teb: 00000000`7efdb000 Unfrozen
      Start: NavyFIELD+0x9040 (00000000`00409040) 
      Priority: 0  Priority class: 32  Affinity: f
 # Child-SP          RetAddr           Call Site
00 00000000`0007ee28 00000000`74d0ab46 wow64cpu!WaitForMultipleObjects32+0x3a
01 00000000`0007eed0 00000000`74d0a14c wow64!RunCpuSimulation+0xa
02 00000000`0007ef00 00000000`76d6bf9d wow64!Wow64LdrpInitialize+0x4b4
03 00000000`0007f460 00000000`76d6bb9c ntdll!LdrpInitializeProcess+0x1568
04 00000000`0007f720 00000000`76d568de ntdll! ?? ::FNODOBFM::`string'+0x20959
05 00000000`0007f7d0 00000000`00000000 ntdll!LdrInitializeThunk+0xe

.  1  Id: 830.11b0 Suspend: 1 Teb: 00000000`7efd8000 Unfrozen
      Start: ntdll_76ef0000!TppWorkerThread (00000000`76f2c639) 
      Priority: 0  Priority class: 32  Affinity: f
 # Child-SP          RetAddr           Call Site
00 00000000`00d0e7f8 00000000`74d22923 ntdll!NtWaitForWorkViaWorkerFactory+0xa
01 00000000`00d0e800 00000000`74d0a996 wow64!whNtWaitForWorkViaWorkerFactory+0x23
02 00000000`00d0e850 00000000`74cf3688 wow64!Wow64SystemServiceEx+0xca
03 00000000`00d0f100 00000000`74d0ab46 wow64cpu!ServiceNoTurbo+0x28
04 00000000`00d0f190 00000000`74d0a14c wow64!RunCpuSimulation+0xa
05 00000000`00d0f1c0 00000000`76da05a8 wow64!Wow64LdrpInitialize+0x4b4
06 00000000`00d0f720 00000000`76d568de ntdll! ?? ::FNODOBFM::`string'+0x20aa1
07 00000000`00d0f7d0 00000000`00000000 ntdll!LdrInitializeThunk+0xe

.  2  Id: 830.e1c Suspend: 1 Teb: 00000000`7efd5000 Unfrozen
      Start: ntdll_76ef0000!TppWaiterpThread (00000000`76fb7555) 
      Priority: 0  Priority class: 32  Affinity: f
 # Child-SP          RetAddr           Call Site
00 00000000`00d8f0e8 00000000`74d0ab46 wow64cpu!WaitForMultipleObjects32+0x3a
01 00000000`00d8f190 00000000`74d0a14c wow64!RunCpuSimulation+0xa
02 00000000`00d8f1c0 00000000`76da05a8 wow64!Wow64LdrpInitialize+0x4b4
03 00000000`00d8f720 00000000`76d568de ntdll! ?? ::FNODOBFM::`string'+0x20aa1
04 00000000`00d8f7d0 00000000`00000000 ntdll!LdrInitializeThunk+0xe

Total threads: 6
Duplicate callstacks: 3 (windbg thread #s follow):
3, 4, 5
0:000> !teb
Wow64 TEB32 at 000000007efdd000
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: wow64!_TEB32                                  ***
***                                                                   ***
*************************************************************************
error InitTypeRead( wow64!_TEB32 )...


Wow64 TEB at 000000007efdb000
    ExceptionList:        000000007efdd000
    StackBase:            000000000007fd20
    StackLimit:           0000000000079000
    SubSystemTib:         0000000000000000
    FiberData:            0000000000001e00
    ArbitraryUserPointer: 0000000000000000
    Self:                 000000007efdb000
    EnvironmentPointer:   0000000000000000
    ClientId:             0000000000000830 . 0000000000000d84
    RpcHandle:            0000000000000000
    Tls Storage:          0000000000000000
    PEB Address:          000000007efdf000
    LastErrorValue:       0
    LastStatusValue:      c0000034
    Count Owned Locks:    0
    HardErrorMode:        0
0:000> .f+
01 00000000`0007eed0 00000000`74d0a14c wow64!RunCpuSimulation+0xa
0:000> .f-
00 00000000`0007ee28 00000000`74d0ab46 wow64cpu!WaitForMultipleObjects32+0x3a
0:000> .f+
01 00000000`0007eed0 00000000`74d0a14c wow64!RunCpuSimulation+0xa
0:000> .f+
02 00000000`0007ef00 00000000`76d6bf9d wow64!Wow64LdrpInitialize+0x4b4
0:000> .f+
03 00000000`0007f460 00000000`76d6bb9c ntdll!LdrpInitializeProcess+0x1568
0:000> .f+
04 00000000`0007f720 00000000`76d568de ntdll! ?? ::FNODOBFM::`string'+0x20959
0:000> .f+
05 00000000`0007f7d0 00000000`00000000 ntdll!LdrInitializeThunk+0xe
0:000> .f+
Cannot find frame 0x6, previous scope unchanged
05 00000000`0007f7d0 00000000`00000000 ntdll!LdrInitializeThunk+0xe
0:000> .f+
Cannot find frame 0x6, previous scope unchanged
05 00000000`0007f7d0 00000000`00000000 ntdll!LdrInitializeThunk+0xe
0:000> .f+
Cannot find frame 0x6, previous scope unchanged
05 00000000`0007f7d0 00000000`00000000 ntdll!LdrInitializeThunk+0xe
0:000> !heap -a
Index   Address  Name      Debugging options enabled
  1:   00250000 
    Segment at 0000000000250000 to 00000000002d0000 (00004000 bytes committed)
  2:   00010000 
    Segment at 0000000000010000 to 0000000000020000 (00002000 bytes committed)
0:000> !analyze -v
*******************************************************************************
*                                                                             *
*                        Exception Analysis                                   *
*                                                                             *
*******************************************************************************

*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: kernel32!pNlsUserInfo                         ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: kernel32!pNlsUserInfo                         ***
***                                                                   ***
*************************************************************************

FAULTING_IP: 
+0
00000000`00000000 ??              ???

EXCEPTION_RECORD:  ffffffffffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 0000000000000000
   ExceptionCode: 80000003 (Break instruction exception)
  ExceptionFlags: 00000000
NumberParameters: 0

FAULTING_THREAD:  0000000000000d84

DEFAULT_BUCKET_ID:  STATUS_BREAKPOINT

PROCESS_NAME:  NavyFIELD.exe

ERROR_CODE: (NTSTATUS) 0x80000003 - {EXCEPTION}  Breakpoint  A breakpoint has been reached.

EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) - One or more arguments are invalid

NTGLOBALFLAG:  0

APPLICATION_VERIFIER_FLAGS:  0

PRIMARY_PROBLEM_CLASS:  STATUS_BREAKPOINT

BUGCHECK_STR:  APPLICATION_FAULT_STATUS_BREAKPOINT

LAST_CONTROL_TRANSFER:  from 0000000074d0ab46 to 0000000074cf374f

STACK_TEXT:  
00000000`0007ee28 00000000`74d0ab46 : 00000000`00000000 00000000`0007fd20 00000000`74ca12e4 00000000`0007f820 : wow64cpu!WaitForMultipleObjects32+0x3a
00000000`0007eed0 00000000`74d0a14c : 00000000`00000000 00000000`00000000 00000000`74d03258 00000000`7ffe0030 : wow64!RunCpuSimulation+0xa
00000000`0007ef00 00000000`76d6bf9d : 00000000`76d30000 00000000`00000000 00000000`7efdf000 00000000`7efdf000 : wow64!Wow64LdrpInitialize+0x4b4
00000000`0007f460 00000000`76d6bb9c : 00000000`00000000 00000000`00000000 00000000`7efdf000 00000000`76d6d5c7 : ntdll!LdrpInitializeProcess+0x1568
00000000`0007f720 00000000`76d568de : 00000000`0007f820 00000000`00000000 00000000`7efdf000 00000000`00000000 : ntdll! ?? ::FNODOBFM::`string'+0x20959
00000000`0007f7d0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!LdrInitializeThunk+0xe


STACK_COMMAND:  ~0s; .ecxr ; kb

FOLLOWUP_IP: 
wow64cpu!WaitForMultipleObjects32+3a
00000000`74cf374f 418bbda0000000  mov     edi,dword ptr [r13+0A0h]

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  wow64cpu!WaitForMultipleObjects32+3a

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: wow64cpu

IMAGE_NAME:  wow64cpu.dll

DEBUG_FLR_IMAGE_TIMESTAMP:  49e042c7

FAILURE_BUCKET_ID:  STATUS_BREAKPOINT_80000003_wow64cpu.dll!WaitForMultipleObjects32

BUCKET_ID:  X64_APPLICATION_FAULT_STATUS_BREAKPOINT_wow64cpu!WaitForMultipleObjects32+3a

WATSON_STAGEONE_URL:  http://watson.microsoft.com/StageOne/NavyFIELD_exe/0_0_0_0/49ee8896/unknown/0_0_0_0/bbbbbbb4/80000003/00000000.htm?Retriage=1

Followup: MachineOwner
---------

0:000> !ntsdexts.locks
NTSDEXTS: Unable to resolve ntdll!RTL_CRITICAL_SECTION_DEBUG type
NTSDEXTS: Please check your symbols
0:000> !runaway 7
 User Mode Time
  Thread       Time
   0:d84       0 days 0:00:00.140
   5:b14       0 days 0:00:00.000
   4:cfc       0 days 0:00:00.000
   3:1164      0 days 0:00:00.000
   2:e1c       0 days 0:00:00.000
   1:11b0      0 days 0:00:00.000
 Kernel Mode Time
  Thread       Time
   0:d84       0 days 0:00:00.156
   5:b14       0 days 0:00:00.000
   4:cfc       0 days 0:00:00.000
   3:1164      0 days 0:00:00.000
   2:e1c       0 days 0:00:00.000
   1:11b0      0 days 0:00:00.000
 Elapsed Time
  Thread       Time
   0:d84       0 days 0:00:41.254
   2:e1c       0 days 0:00:41.178
   1:11b0      0 days 0:00:41.178
   3:1164      0 days 0:00:41.078
   4:cfc       0 days 0:00:40.751
   5:b14       0 days 0:00:40.747
0:000> !dae
No export dae found
0:000> !dso
No export dso found
0:000> !clrstack
No export clrstack found
0:000> !for_each_module .echo @#ModuleIndex : @#Base @#End @#ModuleName @#ImageName  @#LoadedImageName
00 : 0000000000400000 0000000000411000 NavyFIELD C:\Program Files\SD EnterNET\NavyFIELD\NavyFIELD.exe  NavyFIELD.exe
01 : 000000006d6f0000 000000006da7e000 atiumdag C:\Windows\system32\atiumdag.dll  atiumdag.dll
02 : 000000006f860000 000000006fb52000 atiumdva C:\Windows\system32\atiumdva.dll  atiumdva.dll
03 : 0000000070830000 000000007091f000 ddraw C:\Windows\System32\ddraw.dll  ddraw.dll
04: Unable to retrieve module names (8007007e)
05 : 0000000070a10000 0000000070c24000 AcGenral C:\Windows\AppPatch\AcGenral.dll  AcGenral.dll
06 : 0000000070c30000 0000000070cb8000 AcLayers C:\Windows\AppPatch\AcLayers.dll  AcLayers.dll
07 : 0000000070dc0000 0000000070eee000 WindowsCodecs C:\Windows\System32\WindowsCodecs.dll  WindowsCodecs.dll
08 : 0000000072ca0000 0000000072cb1000 dwmapi C:\Windows\System32\dwmapi.dll  dwmapi.dll
09 : 0000000072d00000 0000000072d18000 msacm32 C:\Windows\System32\msacm32.dll  msacm32.dll
0a : 0000000072d30000 0000000072daa000 AudioEng C:\Windows\System32\AudioEng.dll  AudioEng.dll
0b : 0000000072da0000 0000000072dd3000 AudioSes C:\Windows\System32\AudioSes.dll  AudioEng.dll
0c : 0000000072dd0000 0000000072dd8000 avrt C:\Windows\System32\avrt.dll  avrt.dll
0d : 0000000072de0000 0000000072e16000 MMDevAPI C:\Windows\System32\MMDevAPI.dll  MMDevAPI.dll
0e : 00000000732a0000 00000000732d5000 apphelp C:\Windows\System32\apphelp.dll  apphelp.dll
0f : 0000000073930000 0000000073988000 winspool C:\Windows\System32\winspool.drv  winspool.drv
10 : 0000000073b00000 0000000073b51000 uxtheme C:\Windows\System32\uxtheme.dll  uxtheme.dll
11 : 0000000073c30000 0000000073c82000 oleacc C:\Windows\System32\oleacc.dll  oleacc.dll
12 : 0000000073c70000 0000000073ca9000 winmm C:\Windows\System32\winmm.dll  winmm.dll
13 : 0000000074300000 000000007449e000 comctl32 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll  comctl32.dll
14 : 0000000074520000 00000000745c3000 netapi32 C:\Windows\System32\netapi32.dll  netapi32.dll
15 : 00000000745f0000 000000007460c000 samlib C:\Windows\System32\samlib.dll  samlib.dll
16 : 0000000074610000 000000007463c000 ntmarta C:\Windows\System32\ntmarta.dll  ntmarta.dll
17: Unable to retrieve module names (8007007e)
18 : 0000000074680000 0000000074699000 msasn1 C:\Windows\System32\msasn1.dll  msasn1.dll
19 : 00000000746a0000 00000000747d7000 crypt32 C:\Windows\System32\crypt32.dll  crypt32.dll
1a: Unable to retrieve module names (8007007e)
1b : 0000000074900000 000000007490b000 version C:\Windows\System32\version.dll  version.dll
1c : 0000000074910000 000000007491e000 sfc_os C:\Windows\System32\sfc_os.dll  sfc_os.dll
1d : 0000000074920000 000000007496e000 wow64win C:\Windows\System32\wow64win.dll  wow64win.dll
1e : 0000000074c40000 0000000074c48000 IconCodecService C:\Windows\System32\IconCodecService.dll  IconCodecService.dll
1f : 0000000074c50000 0000000074c72000 powrprof C:\Windows\System32\powrprof.dll  powrprof.dll
20 : 0000000074c70000 0000000074c78000 dciman32 C:\Windows\System32\dciman32.dll  dciman32.dll
21 : 0000000074c80000 0000000074c99000 mpr C:\Windows\System32\mpr.dll  mpr.dll
22: Unable to retrieve module names (8007007e)
23 : 0000000074cc0000 0000000074cc8000 atiu9pag C:\Windows\system32\atiu9pag.dll  atiu9pag.dll
24 : 0000000074cd0000 0000000074cd5000 shunimpl C:\Windows\System32\shunimpl.dll  shunimpl.dll
25 : 0000000074ce0000 0000000074ce6000 sfc C:\Windows\System32\sfc.dll  sfc.dll
26 : 0000000074cf0000 0000000074cf9000 wow64cpu C:\Windows\System32\wow64cpu.dll  wow64cpu.dll
27 : 0000000074d00000 0000000074d45000 wow64 C:\Windows\System32\wow64.dll  wow64.dll
28 : 0000000074ec0000 0000000074f20000 secur32 C:\Windows\SysWOW64\secur32.dll  secur32.dll
29 : 0000000074f20000 0000000074f9d000 usp10 C:\Windows\SysWOW64\usp10.dll  usp10.dll
2a : 0000000074fa0000 0000000074fcd000 ws2_32 C:\Windows\SysWOW64\ws2_32.dll  ws2_32.dll
2b : 0000000074fd0000 000000007505d000 oleaut32 C:\Windows\SysWOW64\oleaut32.dll  oleaut32.dll
2c : 0000000075060000 000000007510a000 msvcrt C:\Windows\SysWOW64\msvcrt.dll  msvcrt.dll
2d : 0000000075110000 0000000075117000 psapi C:\Windows\SysWOW64\psapi.dll  psapi.dll
2e : 0000000075120000 0000000075179000 shlwapi C:\Windows\SysWOW64\shlwapi.dll  shlwapi.dll
2f : 0000000075270000 00000000753fa000 setupapi C:\Windows\SysWOW64\setupapi.dll  setupapi.dll
30 : 0000000075400000 00000000754f0000 rpcrt4 C:\Windows\SysWOW64\rpcrt4.dll  rpcrt4.dll
31 : 00000000754f0000 00000000755b8000 msctf C:\Windows\SysWOW64\msctf.dll  msctf.dll
32 : 00000000755c0000 0000000075686000 advapi32 C:\Windows\SysWOW64\advapi32.dll  advapi32.dll
33 : 0000000075690000 00000000756bd000 imm32 C:\Windows\System32\imm32.dll  imm32.dll
34 : 00000000756f0000 0000000075780000 gdi32 C:\Windows\SysWOW64\gdi32.dll  gdi32.dll
35 : 0000000075780000 00000000757c9000 Wldap32 C:\Windows\SysWOW64\Wldap32.dll  Wldap32.dll
36 : 00000000757d0000 00000000758e0000 kernel32 C:\Windows\SysWOW64\kernel32.dll  kernel32.dll
37 : 00000000758e0000 00000000763f0000 shell32 C:\Windows\SysWOW64\shell32.dll  shell32.dll
38 : 00000000763f0000 00000000763f9000 lpk C:\Windows\SysWOW64\lpk.dll  lpk.dll
39 : 0000000076400000 0000000076406000 nsi C:\Windows\SysWOW64\nsi.dll  nsi.dll
3a : 00000000764a0000 0000000076570000 user32 C:\Windows\SysWOW64\user32.dll  user32.dll
3b : 0000000076570000 00000000765f4000 clbcatq C:\Windows\SysWOW64\clbcatq.dll  clbcatq.dll
3c : 0000000076600000 00000000767e8000 iertutil C:\Windows\SysWOW64\iertutil.dll  iertutil.dll
3d : 0000000076870000 00000000769a3000 urlmon C:\Windows\SysWOW64\urlmon.dll  urlmon.dll
3e : 00000000769b0000 0000000076af5000 ole32 C:\Windows\SysWOW64\ole32.dll  ole32.dll
3f : 0000000076b00000 0000000076b29000 imagehlp C:\Windows\SysWOW64\imagehlp.dll  imagehlp.dll
40 : 0000000076d30000 0000000076eb6000 ntdll C:\Windows\System32\ntdll.dll  ntdll.dll
41 : 0000000076ef0000 0000000077050000 ntdll_76ef0000 C:\Windows\SysWOW64\ntdll.dll  ntdll.dll
0:000> !for_each_module .echo @#ModuleName fver = @#FileVersion pver = @#ProductVersion
NavyFIELD fver =  pver =
atiumdag fver =  pver =
atiumdva fver =  pver =
ddraw fver = 6.0.6001.18000 (longhorn_rtm.080118-1840) pver = 6.0.6001.18000
04: Unable to retrieve module names (8007007e)
AcGenral fver = 6.0.6002.18179 (vistasp2_gdr.100105-2324) pver = 6.0.6002.18179
AcLayers fver = 6.0.6002.18179 (vistasp2_gdr.100105-2324) pver = 6.0.6002.18179
WindowsCodecs fver = 7.0.6002.18107 (vistasp2_gdr_win7ip_dgt(wmbla).090924-1550) pver = 7.0.6002.18107
dwmapi fver = 6.0.6001.18000 (longhorn_rtm.080118-1840) pver = 6.0.6001.18000
msacm32 fver = 6.0.6001.18000 (longhorn_rtm.080118-1840) pver = 6.0.6001.18000
AudioEng fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
AudioSes fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
avrt fver = 6.0.6001.18000 (longhorn_rtm.080118-1840) pver = 6.0.6001.18000
MMDevAPI fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
apphelp fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
winspool fver = 6.0.6002.18087 (vistasp2_gdr.090811-0423) pver = 6.0.6002.18087
uxtheme fver = 6.0.6001.18000 (longhorn_rtm.080118-1840) pver = 6.0.6001.18000
oleacc fver =  pver =
winmm fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
comctl32 fver = 6.10 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
netapi32 fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
samlib fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
ntmarta fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
17: Unable to retrieve module names (8007007e)
msasn1 fver = 6.0.6002.18106 (vistasp2_gdr.090903-2340) pver = 6.0.6002.18106
crypt32 fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
1a: Unable to retrieve module names (8007007e)
version fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
sfc_os fver = 6.0.6001.18000 (longhorn_rtm.080118-1840) pver = 6.0.6001.18000
wow64win fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
IconCodecService fver = 6.0.6000.16386 (vista_rtm.061101-2205) pver = 6.0.6000.16386
powrprof fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
dciman32 fver = 6.0.6002.18051 (vistasp2_gdr.090615-0258) pver = 6.0.6002.18051
mpr fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
22: Unable to retrieve module names (8007007e)
atiu9pag fver =  pver =
shunimpl fver = 6.0.6000.16386 (vista_rtm.061101-2205) pver = 6.0.6000.16386
sfc fver = 6.0.6000.16386 (vista_rtm.061101-2205) pver = 6.0.6000.16386
wow64cpu fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
wow64 fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
secur32 fver = 6.0.6002.18051 (vistasp2_gdr.090615-0258) pver = 6.0.6002.18051
usp10 fver = 1.0626.6002.18005 (lh_sp2rtm.090410-1830) pver = 1.0626.6002.18005
ws2_32 fver = 6.0.6001.18000 (longhorn_rtm.080118-1840) pver = 6.0.6001.18000
oleaut32 fver =  pver =
msvcrt fver = 7.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 7.0.6002.18005
psapi fver = 6.0.6000.16386 (vista_rtm.061101-2205) pver = 6.0.6000.16386
shlwapi fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
setupapi fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
rpcrt4 fver = 6.0.6002.18024 (vistasp2_gdr.090423-0018) pver = 6.0.6002.18024
msctf fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
advapi32 fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
imm32 fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
gdi32 fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
Wldap32 fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
kernel32 fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
shell32 fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
lpk fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
nsi fver = 6.0.6001.18000 (longhorn_rtm.080118-1840) pver = 6.0.6001.18000
user32 fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
clbcatq fver = 2001.12.6931.18000 (longhorn_rtm.080118-1840) pver = 6.0.6001.18000
iertutil fver = 8.00.6001.18904 (longhorn_ie8_gdr.100222-1700) pver = 8.00.6001.18904
urlmon fver = 8.00.6001.18904 (longhorn_ie8_gdr.100222-1700) pver = 8.00.6001.18904
ole32 fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
imagehlp fver = 6.0.6001.18000 (longhorn_rtm.080118-1840) pver = 6.0.6001.18000
ntdll fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005
ntdll_76ef0000 fver = 6.0.6002.18005 (lh_sp2rtm.090410-1830) pver = 6.0.6002.18005



0:000> .time

NavyFIELD.exe
Debug session time: Fri Apr  2 00:46:54.000 2010 (GMT-4)
System Uptime: 0 days 0:34:34.214
Process Uptime: 0 days 0:00:42.000
  Kernel time: 0 days 0:00:00.000
  User time: 0 days 0:00:00.000
0:000> |
.  0	id: 830	examine	name: C:\Program Files\SD EnterNET\NavyFIELD\NavyFIELD.exe
0:000> ||
.  0 Full memory user mini dump: C:\Users\PalmDesert7\_jcgriff2_\dbug\__Kernel__\NavyFIELD.DMP
0:000> .logopen /t /u /d
Opened log file 'NavyFIELD.DMP_0be8_2010-04-06_09-32-23-571.log'
0:000> lm D sm
start             end                 module name
00000000`70a10000 00000000`70c24000   AcGenral   (pdb symbols)          c:\symbols\AcGenral.pdb\2E4EB262563146958ACFC9303128A97E2\AcGenral.pdb
00000000`70c30000 00000000`70cb8000   AcLayers   (pdb symbols)          c:\symbols\AcLayers.pdb\FEB1FCAD329646FFB70030F6A22619BC2\AcLayers.pdb
00000000`755c0000 00000000`75686000   advapi32   (pdb symbols)          c:\symbols\advapi32.pdb\66A66DBC8B0E4D88B54A47510DD8039B2\advapi32.pdb
00000000`732a0000 00000000`732d5000   apphelp  # (pdb symbols)          c:\symbols\apphelp.pdb\106D8ED641E04B8680350C1D3E541ADF2\apphelp.pdb
00000000`74cc0000 00000000`74cc8000   atiu9pag   (export symbols)       atiu9pag.dll
00000000`6d6f0000 00000000`6da7e000   atiumdag   (export symbols)       atiumdag.dll
00000000`6f860000 00000000`6fb52000   atiumdva   (export symbols)       atiumdva.dll
00000000`72d30000 00000000`72daa000   AudioEng # (pdb symbols)          c:\symbols\AUDIOENG.pdb\F57F050BFB52407BAB928502F1120EC02\AUDIOENG.pdb
00000000`72da0000 00000000`72dd3000   AudioSes # (pdb symbols)          c:\symbols\AUDIOENG.pdb\F57F050BFB52407BAB928502F1120EC02\AUDIOENG.pdb
00000000`72dd0000 00000000`72dd8000   avrt       (pdb symbols)          c:\symbols\avrt.pdb\DF0B089A5E80467383CCBBBBDCF2D0282\avrt.pdb
00000000`76570000 00000000`765f4000   clbcatq    (pdb symbols)          c:\symbols\CLBCatQ.pdb\9E0BF37E9B7B468BA033F0003A14A3A32\CLBCatQ.pdb
00000000`74300000 00000000`7449e000   comctl32   (pdb symbols)          c:\symbols\comctl32.pdb\A001C0FC482448E696B397073CABA1C52\comctl32.pdb
00000000`746a0000 00000000`747d7000   crypt32  # (pdb symbols)          c:\symbols\crypt32.pdb\CBDD5844C04541A885EBBC54AEBA68412\crypt32.pdb
00000000`74c70000 00000000`74c78000   dciman32   (pdb symbols)          c:\symbols\dciman32.pdb\F71656F1ECB345089881383B0C87AA952\dciman32.pdb
00000000`70830000 00000000`7091f000   ddraw    # (pdb symbols)          c:\symbols\ddraw.pdb\58E46585AF6A4FD4B01A2CA5C4EA3C092\ddraw.pdb
00000000`709a0000 00000000`70a24000   dsound   # (no symbols)           
00000000`72ca0000 00000000`72cb1000   dwmapi   # (pdb symbols)          c:\symbols\dwmapi.pdb\1E6F7E8306934DD8A2953D21A720F52D2\dwmapi.pdb
00000000`756f0000 00000000`75780000   gdi32      (pdb symbols)          c:\symbols\wgdi32.pdb\AE067ABA7F024A11A207B2D803E0E55A2\wgdi32.pdb
00000000`74c40000 00000000`74c48000   IconCodecService # (pdb symbols)          c:\symbols\IconCodecService.pdb\0EFA5A802F5945A3843F6E3C1C4BA6932\IconCodecService.pdb
00000000`76600000 00000000`767e8000   iertutil   (pdb symbols)          c:\symbols\iertutil.pdb\9280F92B03CC4222BF6411FDF1B78F742\iertutil.pdb
00000000`76b00000 00000000`76b29000   imagehlp   (pdb symbols)          c:\symbols\imagehlp.pdb\83857AB54AF242F49144544444A773502\imagehlp.pdb
00000000`75690000 00000000`756bd000   imm32    # (pdb symbols)          c:\symbols\wimm32.pdb\A34EE073E19B4B9B97B078FDBAE8ACA82\wimm32.pdb
00000000`757d0000 00000000`758e0000   kernel32   (pdb symbols)          c:\symbols\wkernel32.pdb\5363FE3A6B284BD58ADBCAF4C3FF0FE82\wkernel32.pdb
00000000`763f0000 00000000`763f9000   lpk        (pdb symbols)          c:\symbols\wlpk.pdb\C6E9E606D2024BFFB7B22064B65FFD152\wlpk.pdb
00000000`72de0000 00000000`72e16000   MMDevAPI # (pdb symbols)          c:\symbols\MMDevAPI.pdb\452F79E1B06349DC9A3713F89A2F530E2\MMDevAPI.pdb
00000000`74c80000 00000000`74c99000   mpr      # (pdb symbols)          c:\symbols\mpr.pdb\FF53B737FF3545D6BC4B20760AFE03B42\mpr.pdb
00000000`72d00000 00000000`72d18000   msacm32  # (pdb symbols)          c:\symbols\msacm32.pdb\376918E968B945C7AFADC00C7A541A422\msacm32.pdb
00000000`74680000 00000000`74699000   msasn1     (pdb symbols)          c:\symbols\msasn1.pdb\3166FD65BABE46E0B353A7A587FF605D2\msasn1.pdb
00000000`754f0000 00000000`755b8000   msctf      (pdb symbols)          c:\symbols\msctf.pdb\C586659073A94B89B2EEFAAA7737FC092\msctf.pdb
00000000`75060000 00000000`7510a000   msvcrt     (pdb symbols)          c:\symbols\msvcrt.pdb\7F8019F7BFB946868548036AA5881B4C2\msvcrt.pdb
00000000`00400000 00000000`00411000   NavyFIELD C (no symbols)           
00000000`74520000 00000000`745c3000   netapi32 # (pdb symbols)          c:\symbols\netapi32.pdb\B9F360F0DBBC48A0AB9A1629C1633C382\netapi32.pdb
00000000`76400000 00000000`76406000   nsi        (pdb symbols)          c:\symbols\nsi.pdb\37D074DFCA5D4B5FB51EB78B39F22BF12\nsi.pdb
00000000`76d30000 00000000`76eb6000   ntdll      (pdb symbols)          c:\symbols\ntdll.pdb\441D43C059B84ACE88BAA2BCED236B532\ntdll.pdb
00000000`76ef0000 00000000`77050000   ntdll_76ef0000   (pdb symbols)          c:\symbols\wntdll.pdb\73B43FA41AD149078FBBC1571258DCF92\wntdll.pdb
00000000`74610000 00000000`7463c000   ntmarta  # (pdb symbols)          c:\symbols\ntmarta.pdb\0F439EC56F7147828D914F59499E4F582\ntmarta.pdb
00000000`769b0000 00000000`76af5000   ole32      (pdb symbols)          c:\symbols\ole32.pdb\4F6EE07E85D24C1782E71BDDFD6CABC52\ole32.pdb
00000000`73c30000 00000000`73c82000   oleacc   # (pdb symbols)          c:\symbols\oleacc.pdb\80D69E8319D74C9EBB0085325DD2F1CC1\oleacc.pdb
00000000`74fd0000 00000000`7505d000   oleaut32   (pdb symbols)          c:\symbols\oleaut32.pdb\0BD459447A41461AAC54608898A59AD62\oleaut32.pdb
00000000`74c50000 00000000`74c72000   powrprof # (pdb symbols)          c:\symbols\powrprof.pdb\753F4385ED22490DB8BC77BCC4D6F8A02\powrprof.pdb
00000000`75110000 00000000`75117000   psapi      (pdb symbols)          c:\symbols\psapi.pdb\FA398191D257469CBA795A86B704D9B92\psapi.pdb
00000000`75400000 00000000`754f0000   rpcrt4     (pdb symbols)          c:\symbols\wrpcrt4.pdb\1C4033A17ECA418982192733E23116152\wrpcrt4.pdb
00000000`745f0000 00000000`7460c000   samlib   # (pdb symbols)          c:\symbols\samlib.pdb\211C4D848CAA408CA4A19879757435CE2\samlib.pdb
00000000`74ec0000 00000000`74f20000   secur32    (pdb symbols)          c:\symbols\wsecur32.pdb\1385738AB4334948A9AD074830923D1C2\wsecur32.pdb
00000000`75270000 00000000`753fa000   setupapi   (pdb symbols)          c:\symbols\setupapi.pdb\3BC12B229D754162B904F56161343C0C2\setupapi.pdb
00000000`74ce0000 00000000`74ce6000   sfc      # (pdb symbols)          c:\symbols\sfc.pdb\053C71267FD04F0EAA76C947162D956A1\sfc.pdb
00000000`74910000 00000000`7491e000   sfc_os   # (pdb symbols)          c:\symbols\sfc_os.pdb\5873E34AF3B14EA1AEAFA41D4EE00F9E2\sfc_os.pdb
00000000`758e0000 00000000`763f0000   shell32    (pdb symbols)          c:\symbols\shell32.pdb\01C50E6382DD4CF0A9CA63D04A60159F2\shell32.pdb
00000000`74ca0000 00000000`74cc2000   shimeng  # (no symbols)           
00000000`75120000 00000000`75179000   shlwapi    (pdb symbols)          c:\symbols\shlwapi.pdb\4B71444384904537AE5971195A57C03D2\shlwapi.pdb
00000000`74cd0000 00000000`74cd5000   shunimpl # (pdb symbols)          c:\symbols\shunimpl.pdb\DCA4E2C12F2F431EA8E1970259EDBC0B1\shunimpl.pdb
00000000`76870000 00000000`769a3000   urlmon     (pdb symbols)          c:\symbols\urlmon.pdb\9F7BFA5616994E9183B79B3F5E87AC302\urlmon.pdb
00000000`764a0000 00000000`76570000   user32     (pdb symbols)          c:\symbols\wuser32.pdb\5BF85E5C9B3D45FA90B6F3B44248FBE32\wuser32.pdb
00000000`748e0000 00000000`74906000   userenv  # (no symbols)           
00000000`74f20000 00000000`74f9d000   usp10      (pdb symbols)          c:\symbols\usp10.pdb\F20359F6776A4E6281AC5CFDEE639A102\usp10.pdb
00000000`73b00000 00000000`73b51000   uxtheme  # (pdb symbols)          c:\symbols\wuxtheme.pdb\2CED1BED6BF94C93BE45601FA010BAC22\wuxtheme.pdb
00000000`74900000 00000000`7490b000   version    (pdb symbols)          c:\symbols\version.pdb\97D7BF0FB8A647DF8236D5D9F474AE352\version.pdb
00000000`70dc0000 00000000`70eee000   WindowsCodecs # (pdb symbols)          c:\symbols\WindowsCodecs.pdb\0AFDCFB6BF884AD2B40E859A5D0AE4C12\WindowsCodecs.pdb
00000000`73c70000 00000000`73ca9000   winmm      (pdb symbols)          c:\symbols\winmm.pdb\8624A2B385BB483FBAC6DE9DEE566FEA2\winmm.pdb
00000000`73930000 00000000`73988000   winspool # (pdb symbols)          c:\symbols\winspool.pdb\218E0F2BA75947DBAF6AB39B116259B31\winspool.pdb
00000000`74650000 00000000`74689000   wintrust # (no symbols)           
00000000`75780000 00000000`757c9000   Wldap32    (pdb symbols)          c:\symbols\wldap32.pdb\BDB50D98AD484CE1B6B6D332CAD547BB2\wldap32.pdb
00000000`74d00000 00000000`74d45000   wow64      (pdb symbols)          c:\symbols\wow64.pdb\31FE0D0804C04792A8C30F0A22BD43F21\wow64.pdb
00000000`74cf0000 00000000`74cf9000   wow64cpu   (pdb symbols)          c:\symbols\wow64cpu.pdb\8A6F58C104B249588D568C056922E0171\wow64cpu.pdb
00000000`74920000 00000000`7496e000   wow64win   (pdb symbols)          c:\symbols\wow64win.pdb\F08072DB2B204295ABA8F2E43225C1351\wow64win.pdb
00000000`74fa0000 00000000`74fcd000   ws2_32     (pdb symbols)          c:\symbols\ws2_32.pdb\A004B77B4689467D8888B44DC5DD5DD72\ws2_32.pdb
0:000> lmo D sm
start             end                 module name
00000000`70a10000 00000000`70c24000   AcGenral   (pdb symbols)          c:\symbols\AcGenral.pdb\2E4EB262563146958ACFC9303128A97E2\AcGenral.pdb
00000000`70c30000 00000000`70cb8000   AcLayers   (pdb symbols)          c:\symbols\AcLayers.pdb\FEB1FCAD329646FFB70030F6A22619BC2\AcLayers.pdb
00000000`755c0000 00000000`75686000   advapi32   (pdb symbols)          c:\symbols\advapi32.pdb\66A66DBC8B0E4D88B54A47510DD8039B2\advapi32.pdb
00000000`732a0000 00000000`732d5000   apphelp  # (pdb symbols)          c:\symbols\apphelp.pdb\106D8ED641E04B8680350C1D3E541ADF2\apphelp.pdb
00000000`74cc0000 00000000`74cc8000   atiu9pag   (export symbols)       atiu9pag.dll
00000000`6d6f0000 00000000`6da7e000   atiumdag   (export symbols)       atiumdag.dll
00000000`6f860000 00000000`6fb52000   atiumdva   (export symbols)       atiumdva.dll
00000000`72d30000 00000000`72daa000   AudioEng # (pdb symbols)          c:\symbols\AUDIOENG.pdb\F57F050BFB52407BAB928502F1120EC02\AUDIOENG.pdb
00000000`72da0000 00000000`72dd3000   AudioSes # (pdb symbols)          c:\symbols\AUDIOENG.pdb\F57F050BFB52407BAB928502F1120EC02\AUDIOENG.pdb
00000000`72dd0000 00000000`72dd8000   avrt       (pdb symbols)          c:\symbols\avrt.pdb\DF0B089A5E80467383CCBBBBDCF2D0282\avrt.pdb
00000000`76570000 00000000`765f4000   clbcatq    (pdb symbols)          c:\symbols\CLBCatQ.pdb\9E0BF37E9B7B468BA033F0003A14A3A32\CLBCatQ.pdb
00000000`74300000 00000000`7449e000   comctl32   (pdb symbols)          c:\symbols\comctl32.pdb\A001C0FC482448E696B397073CABA1C52\comctl32.pdb
00000000`746a0000 00000000`747d7000   crypt32  # (pdb symbols)          c:\symbols\crypt32.pdb\CBDD5844C04541A885EBBC54AEBA68412\crypt32.pdb
00000000`74c70000 00000000`74c78000   dciman32   (pdb symbols)          c:\symbols\dciman32.pdb\F71656F1ECB345089881383B0C87AA952\dciman32.pdb
00000000`70830000 00000000`7091f000   ddraw    # (pdb symbols)          c:\symbols\ddraw.pdb\58E46585AF6A4FD4B01A2CA5C4EA3C092\ddraw.pdb
00000000`709a0000 00000000`70a24000   dsound   # (no symbols)           
00000000`72ca0000 00000000`72cb1000   dwmapi   # (pdb symbols)          c:\symbols\dwmapi.pdb\1E6F7E8306934DD8A2953D21A720F52D2\dwmapi.pdb
00000000`756f0000 00000000`75780000   gdi32      (pdb symbols)          c:\symbols\wgdi32.pdb\AE067ABA7F024A11A207B2D803E0E55A2\wgdi32.pdb
00000000`74c40000 00000000`74c48000   IconCodecService # (pdb symbols)          c:\symbols\IconCodecService.pdb\0EFA5A802F5945A3843F6E3C1C4BA6932\IconCodecService.pdb
00000000`76600000 00000000`767e8000   iertutil   (pdb symbols)          c:\symbols\iertutil.pdb\9280F92B03CC4222BF6411FDF1B78F742\iertutil.pdb
00000000`76b00000 00000000`76b29000   imagehlp   (pdb symbols)          c:\symbols\imagehlp.pdb\83857AB54AF242F49144544444A773502\imagehlp.pdb
00000000`75690000 00000000`756bd000   imm32    # (pdb symbols)          c:\symbols\wimm32.pdb\A34EE073E19B4B9B97B078FDBAE8ACA82\wimm32.pdb
00000000`757d0000 00000000`758e0000   kernel32   (pdb symbols)          c:\symbols\wkernel32.pdb\5363FE3A6B284BD58ADBCAF4C3FF0FE82\wkernel32.pdb
00000000`763f0000 00000000`763f9000   lpk        (pdb symbols)          c:\symbols\wlpk.pdb\C6E9E606D2024BFFB7B22064B65FFD152\wlpk.pdb
00000000`72de0000 00000000`72e16000   MMDevAPI # (pdb symbols)          c:\symbols\MMDevAPI.pdb\452F79E1B06349DC9A3713F89A2F530E2\MMDevAPI.pdb
00000000`74c80000 00000000`74c99000   mpr      # (pdb symbols)          c:\symbols\mpr.pdb\FF53B737FF3545D6BC4B20760AFE03B42\mpr.pdb
00000000`72d00000 00000000`72d18000   msacm32  # (pdb symbols)          c:\symbols\msacm32.pdb\376918E968B945C7AFADC00C7A541A422\msacm32.pdb
00000000`74680000 00000000`74699000   msasn1     (pdb symbols)          c:\symbols\msasn1.pdb\3166FD65BABE46E0B353A7A587FF605D2\msasn1.pdb
00000000`754f0000 00000000`755b8000   msctf      (pdb symbols)          c:\symbols\msctf.pdb\C586659073A94B89B2EEFAAA7737FC092\msctf.pdb
00000000`75060000 00000000`7510a000   msvcrt     (pdb symbols)          c:\symbols\msvcrt.pdb\7F8019F7BFB946868548036AA5881B4C2\msvcrt.pdb
00000000`00400000 00000000`00411000   NavyFIELD C (no symbols)           
00000000`74520000 00000000`745c3000   netapi32 # (pdb symbols)          c:\symbols\netapi32.pdb\B9F360F0DBBC48A0AB9A1629C1633C382\netapi32.pdb
00000000`76400000 00000000`76406000   nsi        (pdb symbols)          c:\symbols\nsi.pdb\37D074DFCA5D4B5FB51EB78B39F22BF12\nsi.pdb
00000000`76d30000 00000000`76eb6000   ntdll      (pdb symbols)          c:\symbols\ntdll.pdb\441D43C059B84ACE88BAA2BCED236B532\ntdll.pdb
00000000`76ef0000 00000000`77050000   ntdll_76ef0000   (pdb symbols)          c:\symbols\wntdll.pdb\73B43FA41AD149078FBBC1571258DCF92\wntdll.pdb
00000000`74610000 00000000`7463c000   ntmarta  # (pdb symbols)          c:\symbols\ntmarta.pdb\0F439EC56F7147828D914F59499E4F582\ntmarta.pdb
00000000`769b0000 00000000`76af5000   ole32      (pdb symbols)          c:\symbols\ole32.pdb\4F6EE07E85D24C1782E71BDDFD6CABC52\ole32.pdb
00000000`73c30000 00000000`73c82000   oleacc   # (pdb symbols)          c:\symbols\oleacc.pdb\80D69E8319D74C9EBB0085325DD2F1CC1\oleacc.pdb
00000000`74fd0000 00000000`7505d000   oleaut32   (pdb symbols)          c:\symbols\oleaut32.pdb\0BD459447A41461AAC54608898A59AD62\oleaut32.pdb
00000000`74c50000 00000000`74c72000   powrprof # (pdb symbols)          c:\symbols\powrprof.pdb\753F4385ED22490DB8BC77BCC4D6F8A02\powrprof.pdb
00000000`75110000 00000000`75117000   psapi      (pdb symbols)          c:\symbols\psapi.pdb\FA398191D257469CBA795A86B704D9B92\psapi.pdb
00000000`75400000 00000000`754f0000   rpcrt4     (pdb symbols)          c:\symbols\wrpcrt4.pdb\1C4033A17ECA418982192733E23116152\wrpcrt4.pdb
00000000`745f0000 00000000`7460c000   samlib   # (pdb symbols)          c:\symbols\samlib.pdb\211C4D848CAA408CA4A19879757435CE2\samlib.pdb
00000000`74ec0000 00000000`74f20000   secur32    (pdb symbols)          c:\symbols\wsecur32.pdb\1385738AB4334948A9AD074830923D1C2\wsecur32.pdb
00000000`75270000 00000000`753fa000   setupapi   (pdb symbols)          c:\symbols\setupapi.pdb\3BC12B229D754162B904F56161343C0C2\setupapi.pdb
00000000`74ce0000 00000000`74ce6000   sfc      # (pdb symbols)          c:\symbols\sfc.pdb\053C71267FD04F0EAA76C947162D956A1\sfc.pdb
00000000`74910000 00000000`7491e000   sfc_os   # (pdb symbols)          c:\symbols\sfc_os.pdb\5873E34AF3B14EA1AEAFA41D4EE00F9E2\sfc_os.pdb
00000000`758e0000 00000000`763f0000   shell32    (pdb symbols)          c:\symbols\shell32.pdb\01C50E6382DD4CF0A9CA63D04A60159F2\shell32.pdb
00000000`74ca0000 00000000`74cc2000   shimeng  # (no symbols)           
00000000`75120000 00000000`75179000   shlwapi    (pdb symbols)          c:\symbols\shlwapi.pdb\4B71444384904537AE5971195A57C03D2\shlwapi.pdb
00000000`74cd0000 00000000`74cd5000   shunimpl # (pdb symbols)          c:\symbols\shunimpl.pdb\DCA4E2C12F2F431EA8E1970259EDBC0B1\shunimpl.pdb
00000000`76870000 00000000`769a3000   urlmon     (pdb symbols)          c:\symbols\urlmon.pdb\9F7BFA5616994E9183B79B3F5E87AC302\urlmon.pdb
00000000`764a0000 00000000`76570000   user32     (pdb symbols)          c:\symbols\wuser32.pdb\5BF85E5C9B3D45FA90B6F3B44248FBE32\wuser32.pdb
00000000`748e0000 00000000`74906000   userenv  # (no symbols)           
00000000`74f20000 00000000`74f9d000   usp10      (pdb symbols)          c:\symbols\usp10.pdb\F20359F6776A4E6281AC5CFDEE639A102\usp10.pdb
00000000`73b00000 00000000`73b51000   uxtheme  # (pdb symbols)          c:\symbols\wuxtheme.pdb\2CED1BED6BF94C93BE45601FA010BAC22\wuxtheme.pdb
00000000`74900000 00000000`7490b000   version    (pdb symbols)          c:\symbols\version.pdb\97D7BF0FB8A647DF8236D5D9F474AE352\version.pdb
00000000`70dc0000 00000000`70eee000   WindowsCodecs # (pdb symbols)          c:\symbols\WindowsCodecs.pdb\0AFDCFB6BF884AD2B40E859A5D0AE4C12\WindowsCodecs.pdb
00000000`73c70000 00000000`73ca9000   winmm      (pdb symbols)          c:\symbols\winmm.pdb\8624A2B385BB483FBAC6DE9DEE566FEA2\winmm.pdb
00000000`73930000 00000000`73988000   winspool # (pdb symbols)          c:\symbols\winspool.pdb\218E0F2BA75947DBAF6AB39B116259B31\winspool.pdb
00000000`74650000 00000000`74689000   wintrust # (no symbols)           
00000000`75780000 00000000`757c9000   Wldap32    (pdb symbols)          c:\symbols\wldap32.pdb\BDB50D98AD484CE1B6B6D332CAD547BB2\wldap32.pdb
00000000`74d00000 00000000`74d45000   wow64      (pdb symbols)          c:\symbols\wow64.pdb\31FE0D0804C04792A8C30F0A22BD43F21\wow64.pdb
00000000`74cf0000 00000000`74cf9000   wow64cpu   (pdb symbols)          c:\symbols\wow64cpu.pdb\8A6F58C104B249588D568C056922E0171\wow64cpu.pdb
00000000`74920000 00000000`7496e000   wow64win   (pdb symbols)          c:\symbols\wow64win.pdb\F08072DB2B204295ABA8F2E43225C1351\wow64win.pdb
00000000`74fa0000 00000000`74fcd000   ws2_32     (pdb symbols)          c:\symbols\ws2_32.pdb\A004B77B4689467D8888B44DC5DD5DD72\ws2_32.pdb



[/FONT]
```


----------



## Nuclear_Bob (Apr 2, 2010)

> Where did the two dumps in your first post come from? I assume they are from your system... correct?


Yes.



> So... how was the dump created?


I saw a post about app crashes you made, and read how to find the program to create a DMP file from. By finding the program in the processes list in the task manager, I didn't click Close Program before I did it. Perhaps I misread it? (If I did it wrong, post a procedure please and I'll redo it.)



> I am seeing most drivers loading from \syswow64, meaning they are 32-bit.


I know any Drivers *I* installed were 64s, but when the computer was built, someone else put the drivers on for the Mobo Chipset and anything else for it. Since then I have updated most of the drivers, which should of included it. Should I go back and make sure I update all the drivers?

I'll check back soon.


----------



## jcgriff2 (Sep 30, 2007)

Nuclear_Bob said:


> Sounds like someone has dial up
> 
> Anyway thanks for getting back to me, and at least expanding on some of your posts.


My pleasure. I hope something helpful comes out of this.

No dial-up, but close - DSL. We're about 85° F now - no more cool air from an open window to cool the system and Internet download speed begins to suffer. A/C will go on soon! It only took 30-45 min to download the 2 dumps totalling ~143 MB. The debugger needed ~250 MB symbol files downloaded from Microsoft.

Need to ask about the 2 attachments. The actual attachments were RAR files; each contained a zip file - both contain identical content. Was there supposed to be a different zip in the second RAR file? I ask as I find it interesting that the RAR size differs, yet the un-RAR'd zip files are identical in size. Seems strange to me -

```
[FONT=Lucida Console] Volume in drive C is Windows 7 x64
 Volume Serial Number is AEC1-A506

 Directory of C:\Users\PalmDesert7\_jcgriff2_\dbug\__Kernel__\NAVY_Field_Nuclear_Bob_04-06-10

04/06/2010  12:48         1,457,664 TSF_Vista_Support.part1.rar
04/06/2010  12:48         1,226,672 TSF_Vista_Support.part2.rar

04/06/2010  11:44         2,859,293 TSF_Vista_Support_part1.zip
04/06/2010  11:44         2,859,293 TSF_Vista_Support_part2.zip

               4 File(s)      8,402,922 bytes
               0 Dir(s)  59,916,619,776 bytes free[/FONT]
```
`

Again, not a big deal, just want to make sure there are no additional files. But the RAR size difference is odd.

Regards. . .

jcgriff2

.


----------



## Nuclear_Bob (Apr 2, 2010)

Sorry bout that, I must of put the zip file I made (but couldn't upload for some reason) into the RAR instead of the original output folder. I had winRAR split the files because I saw you said the file uploaded has to be less than 2mb. Little confused about that because the attachments thing says less than 5 or something.  

Let me post it again, Just in case.


----------



## jcgriff2 (Sep 30, 2007)

jcgriff2 said:


> Where did the two dumps in your first post come from? I assume they are from your system... correct?
> 
> 
> Nuclear_Bob said:
> ...


OK.



jcgriff2 said:


> So... how was the dump created?
> 
> 
> 
> ...


No, you did fine. The process you used produced the user-mode dumps. I'm just not sure how much they will tell me because they were hard assert crashes, meaning the app did not actually cause the crash that produced the dumps. 

But there may be dumps from the actual crashes. I assume you obtained this crash info from WERCON - Problem Reports & Solutions?
START | *wercon* | "View Problem Reports"


Nuclear_Bob said:


> Problem signature:
> Problem Event Name:	APPCRASH
> Application Name:	NavyFIELD.exe
> Application Version:	0.0.0.0
> ...



If so, when you double-clicked on a line item to obtain the crash info - was there an option (maybe a small screen) that appeared informing you that you could review additional files about the crash? It may have said - 


> *View a temporary copy of these files*
> *Warning:* If a virus or other security threat caused the problem, opening a copy of the files could harm your computer.


Often, those temp files contain dump files with a file ext = *.mdump* & *.hdump*. There should also be files with ext = *.wer* and *.xml*.

One of the locations where the WER files are stored - 

*C:\Users\_username_\AppData\Local\Microsoft\Windows\WER\ReportQueue*

The may be blue in color. If you can get them, please do.




jcgriff2 said:


> I am seeing most drivers loading from \syswow64, meaning they are 32-bit
> 
> 
> Nuclear_Bob said:
> ...


It is perfectly normal on x64 systems for drivers to load from x86 \syswow64. Most apps are x86, including Microsoft apps.

You can see it by going into your own system's \Program Files directory - both of them.

When my system was Vista x64 (now Windows 7 x64) in Nov 2008, my \Program Files - x64 & x86 - 

http://www.techsupportforum.com/1807410-post2.html

It is just interesting that a single EXE file used for installation on Windows NT builds going back to Windows 95 would be x64 - it did install itself in the x64 \Program Files folder based on info I had when I made my last post. Please check the PF dirs and see.

Must take kids out for a while - they're off school all week.

Regards. . .

jcgriff2

.


----------



## Nuclear_Bob (Apr 2, 2010)

> I assume you obtained this crash info from WERCON - Problem Reports & Solutions?
> START | wercon | "View Problem Reports"
> Quote:
> Originally Posted by Nuclear_Bob View Post
> ...


Actually, I got that info off the box that pops up telling you a program stopped working by clicking additional information, same info though. I looked through trying to find .mdump & .hdump but didn't see anything, but here is a copy of an error report folder (most recent one I saw.)




> It is just interesting that a single EXE file used for installation on Windows NT builds going back to Windows 95 would be x64 - it did install itself in the x64 \Program Files folder based on info I had when I made my last post. Please check the PF dirs and see.


Yes, your info is correct. And yes it is very odd that it is so old and installs it self there. I thought that was odd too, I even tried reinstalling it to the x86 program files folder to make sure it wasn't messing up because of that, but it used to work fine in x64.


----------



## Nuclear_Bob (Apr 2, 2010)

Bump-


----------



## jcgriff2 (Sep 30, 2007)

Hi - 

This is one of the files that was in the WER report directory -

```
Version=1
EventType=PCA2
EventTime=129126653533880106
Consent=1
Response.type=4
Sig[0].Name=Problem Signature 01
Sig[0].Value=REACTOR.exe
Sig[1].Name=Problem Signature 02
Sig[1].Value=1.0.0.55
Sig[2].Name=Problem Signature 03
Sig[2].Value=Reactor Application
Sig[3].Name=Problem Signature 04
Sig[3].Value=Reactor Application
Sig[4].Name=Problem Signature 05
Sig[4].Value=NHN Corporation
Sig[5].Name=Problem Signature 06
Sig[5].Value=200
Sig[6].Name=Problem Signature 07
Sig[6].Value=-1
DynamicSig[1].Name=OS Version
DynamicSig[1].Value=6.0.6002.2.2.0.768.3
DynamicSig[2].Name=Locale ID
DynamicSig[2].Value=1033
File[0].CabName=appcompat.txt
File[0].Path=appcompat.txt
File[0].Flags=65536
File[0].Type=5
File[1].CabName=Tab20C2.tmp
File[1].Path=Tab20C2.tmp
File[1].Flags=65536
File[1].Type=5
FriendlyEventName=Program Compatibility
ConsentKey=PCA2
AppName=Reactor Application
AppPath=[COLOR=Red]C:\Program Files (x86)\ijji\ijji REACTOR\REACTOR.exe[/COLOR]
```


This is a different app crash listing PCA2 as cause = Program Compatibility

It is from NHN Corp --> http://www.nhncorp.com/en/main/index.html

Also from NHN --> ChannelingPluginforReactor.dll

Per search --> ChannelingPluginforReactor.dll search


```
[FONT=Lucida Console]
<?xml version="1.0" encoding="UTF-16"?>
<DATABASE>
<EXE NAME="REACTOR.exe" FILTER="GRABMI_FILTER_PRIVACY">
    <MATCHING_FILE NAME="ChannelingPluginforReactor.dll" SIZE="65536" CHECKSUM="0xA6FB95D0" BIN_FILE_VERSION="1.0.0.2" BIN_PRODUCT_VERSION="1.0.0.2" PRODUCT_VERSION="1, 0, 0, 2" FILE_DESCRIPTION="ChannelingPluginforReactor Dynamic Linking Library" COMPANY_NAME="NHN Corporation" PRODUCT_NAME="ChannelingPluginforReactor Dynamic Linking Library" FILE_VERSION="1, 0, 0, 2" ORIGINAL_FILENAME="ChannelingPluginforReactor.dll" INTERNAL_NAME="ChannelingPlugin" LEGAL_COPYRIGHT="(c) NHN Corporation.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1D065" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.0.2" UPTO_BIN_PRODUCT_VERSION="1.0.0.2" LINK_DATE="10/16/2009 08:24:49" UPTO_LINK_DATE="10/16/2009 08:24:49" EXPORT_NAME="ChannelingPluginforReactor.dll" VER_LANGUAGE="English (United States) [0x409]" />
    <MATCHING_FILE NAME="CreateShortCut.dll" SIZE="114688" CHECKSUM="0xB5729954" BIN_FILE_VERSION="1.0.0.11" BIN_PRODUCT_VERSION="1.0.0.11" PRODUCT_VERSION="1, 0, 0, 11" FILE_DESCRIPTION="CreateShortCut Dynamic Link Library" COMPANY_NAME="NHN Corporation" PRODUCT_NAME="CreateShortCut" FILE_VERSION="1, 0, 0, 11" ORIGINAL_FILENAME="CreateShortCut.dll" INTERNAL_NAME="CreateShortCut" VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x274F8" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.0.11" UPTO_BIN_PRODUCT_VERSION="1.0.0.11" LINK_DATE="11/04/2009 09:03:59" UPTO_LINK_DATE="11/04/2009 09:03:59" EXPORT_NAME="CreateShortCut.dll" VER_LANGUAGE="English (United States) [0x409]" />
    <MATCHING_FILE NAME="dbghelp.dll" SIZE="986112" CHECKSUM="0xA2D6F6A5" BIN_FILE_VERSION="6.4.7.1" BIN_PRODUCT_VERSION="6.4.7.1" PRODUCT_VERSION="6.4.0007.1" FILE_DESCRIPTION="Windows Image Helper" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Debugging Tools for Windows(R)" FILE_VERSION="6.4.0007.1 (vbl_core(jshay).050105-2304)" ORIGINAL_FILENAME="DBGHELP.DLL" INTERNAL_NAME="DBGHELP.DLL" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xF3FF4" LINKER_VERSION="0x40000" UPTO_BIN_FILE_VERSION="6.4.7.1" UPTO_BIN_PRODUCT_VERSION="6.4.7.1" LINK_DATE="01/12/2005 19:23:59" UPTO_LINK_DATE="01/12/2005 19:23:59" EXPORT_NAME="dbghelp.dll" VER_LANGUAGE="English (United States) [0x409]" />
    <MATCHING_FILE NAME="HanAuthForClient.dll" SIZE="241664" CHECKSUM="0x9AD3331D" BIN_FILE_VERSION="2.0.0.19" BIN_PRODUCT_VERSION="2.0.0.19" PRODUCT_VERSION="2, 0, 0, 19" FILE_DESCRIPTION="DLL for user client authentication" COMPANY_NAME="NHN Corp." PRODUCT_NAME="Authenticating Module" FILE_VERSION="2, 0, 0, 19" ORIGINAL_FILENAME="HanAuthForClient.dll" INTERNAL_NAME="HanAuthForClient" LEGAL_COPYRIGHT="Copyright ⓒ NHN Corp. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x3F5E1" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.0.19" UPTO_BIN_PRODUCT_VERSION="2.0.0.19" LINK_DATE="09/22/2009 02:12:56" UPTO_LINK_DATE="09/22/2009 02:12:56" EXPORT_NAME="HanAuthForClient.dll" VER_LANGUAGE="Korean (Korea) [0x412]" />
    <MATCHING_FILE NAME="HanReportForClient.dll" SIZE="172032" CHECKSUM="0x57AE2314" BIN_FILE_VERSION="2.1.0.3" BIN_PRODUCT_VERSION="2.1.0.3" PRODUCT_VERSION="2, 1, 0, 3" FILE_DESCRIPTION="DLL for client log reporting" COMPANY_NAME="NHN Corp." PRODUCT_NAME="Multipurpose Reporting Module" FILE_VERSION="2, 1, 0, 3" ORIGINAL_FILENAME="HanReportForClient.dll" INTERNAL_NAME="HanReportForClient" LEGAL_COPYRIGHT="Copyright ? NHN JAPAN Corp. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x37607" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.1.0.3" UPTO_BIN_PRODUCT_VERSION="2.1.0.3" LINK_DATE="08/19/2009 06:34:01" UPTO_LINK_DATE="08/19/2009 06:34:01" EXPORT_NAME="HanReportForClient.dll" VER_LANGUAGE="Japanese (Japan) [0x411]" />
    <MATCHING_FILE NAME="ijjiPCPlugin01.dll" SIZE="57104" CHECKSUM="0x9C734D0A" BIN_FILE_VERSION="1.0.0.7" BIN_PRODUCT_VERSION="1.0.0.7" PRODUCT_VERSION="1, 0, 0, 7" FILE_DESCRIPTION="ijjiPCPlugin01" COMPANY_NAME="NHN.USA Inc." PRODUCT_NAME="ijjiPCPlugin01" FILE_VERSION="1, 0, 0, 7" ORIGINAL_FILENAME="ijjiPCPlugin01.dll" INTERNAL_NAME="ijjiPCPlugin01" LEGAL_COPYRIGHT="Copyright (C) 2010 NHN.USA Inc." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x149AD" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.0.7" UPTO_BIN_PRODUCT_VERSION="1.0.0.7" LINK_DATE="02/11/2010 02:28:31" UPTO_LINK_DATE="02/11/2010 02:28:31" EXPORT_NAME="ijjiPCPluginDLL.dll" VER_LANGUAGE="English (United States) [0x9]" />
    <MATCHING_FILE NAME="ijjiPrePatch_r.dll" SIZE="188416" CHECKSUM="0x17AE3A53" BIN_FILE_VERSION="1.0.4.2" BIN_PRODUCT_VERSION="1.0.4.2" PRODUCT_VERSION="1, 0, 4, 2" FILE_DESCRIPTION="PrePatch Dynamic Link Library" COMPANY_NAME="NHN USA Inc." PRODUCT_NAME="PrePatch Dynamic Link Library" FILE_VERSION="1, 0, 4, 2" ORIGINAL_FILENAME="PrePatch.dll" INTERNAL_NAME="PrePatch" LEGAL_COPYRIGHT="Copyright (C) NHN USA Inc. 2008" VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.4.2" UPTO_BIN_PRODUCT_VERSION="1.0.4.2" LINK_DATE="08/16/2009 09:47:21" UPTO_LINK_DATE="08/16/2009 09:47:21" EXPORT_NAME="ijjiPrePatch_r.dll" VER_LANGUAGE="English (United States) [0x409]" />
    <MATCHING_FILE NAME="ijjiPurpleOutBound_r.exe" SIZE="216256" CHECKSUM="0x47AFB8ED" BIN_FILE_VERSION="1.1.0.9" BIN_PRODUCT_VERSION="1.1.0.9" PRODUCT_VERSION="1, 1, 0, 9" FILE_DESCRIPTION="ijjiPurpleOutBound Application" COMPANY_NAME="NHN USA Inc." PRODUCT_NAME="ijjiPurpleOutBound.exe" FILE_VERSION="1, 1, 0, 9" ORIGINAL_FILENAME="ijjiPurpleOutBound.exe" INTERNAL_NAME="ijjiPurpleOutBound.exe" LEGAL_COPYRIGHT="Copyright (C) NHN USA Inc. 2008" VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x3DF64" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.1.0.9" UPTO_BIN_PRODUCT_VERSION="1.1.0.9" LINK_DATE="11/06/2009 06:56:49" UPTO_LINK_DATE="11/06/2009 06:56:49" VER_LANGUAGE="English (United States) [0x409]" />
    <MATCHING_FILE NAME="ijjiPurplePlugin01.dll" SIZE="163840" CHECKSUM="0x9565E7C3" BIN_FILE_VERSION="1.0.0.3" BIN_PRODUCT_VERSION="1.0.0.3" PRODUCT_VERSION="1.0.0.3" FILE_DESCRIPTION="ijjiPurplePlugin" COMPANY_NAME="NHN USA Inc." PRODUCT_NAME="ijjiPurplePlugin" FILE_VERSION="1.0.0.3" ORIGINAL_FILENAME="ijjiPurplePlugin01.dll" INTERNAL_NAME="ijjiPurplePlugin01.dll" LEGAL_COPYRIGHT="Copyright (C) NHN USA Inc. All Rights Reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.0.3" UPTO_BIN_PRODUCT_VERSION="1.0.0.3" LINK_DATE="08/16/2009 07:11:52" UPTO_LINK_DATE="08/16/2009 07:11:52" EXPORT_NAME="ijjiPurplePlugin01.dll" VER_LANGUAGE="English (United States) [0x409]" />
    <MATCHING_FILE NAME="ijjiPurplePlugin02.dll" SIZE="159744" CHECKSUM="0x5BEB3F3F" BIN_FILE_VERSION="1.0.0.1" BIN_PRODUCT_VERSION="1.0.0.1" PRODUCT_VERSION="1.0.0.1" FILE_DESCRIPTION="ijjiPurplePlugin" COMPANY_NAME="NHN USA Inc." PRODUCT_NAME="ijjiPurplePlugin" FILE_VERSION="1.0.0.1" ORIGINAL_FILENAME="ijjiPurplePlugin02.dll" INTERNAL_NAME="ijjiPurplePlugin02.dll" LEGAL_COPYRIGHT="Copyright (C) NHN USA Inc. All Rights Reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.0.1" UPTO_BIN_PRODUCT_VERSION="1.0.0.1" LINK_DATE="01/20/2009 06:40:34" UPTO_LINK_DATE="01/20/2009 06:40:34" EXPORT_NAME="ijjiPurplePlugin02.dll" VER_LANGUAGE="English (United States) [0x409]" />
    <MATCHING_FILE NAME="ijjiPurplePlugin03_r.dll" SIZE="163840" CHECKSUM="0x245265DA" BIN_FILE_VERSION="1.0.0.2" BIN_PRODUCT_VERSION="1.0.0.2" PRODUCT_VERSION="1.0.0.2" FILE_DESCRIPTION="ijjiPurplePlugin" COMPANY_NAME="NHN USA Inc." PRODUCT_NAME="ijjiPurplePlugin" FILE_VERSION="1.0.0.2" ORIGINAL_FILENAME="ijjiPurplePlugin03.dll" INTERNAL_NAME="ijjiPurplePlugin03.dll" LEGAL_COPYRIGHT="(c) <NHN USA Inc>.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.0.2" UPTO_BIN_PRODUCT_VERSION="1.0.0.2" LINK_DATE="08/16/2009 07:11:37" UPTO_LINK_DATE="08/16/2009 07:11:37" EXPORT_NAME="ijjiPurplePlugin03.dll" VER_LANGUAGE="Korean (Korea) [0x412]" />
    <MATCHING_FILE NAME="ijjiPurplePlugin04_r.dll" SIZE="61440" CHECKSUM="0xED6AA95A" BIN_FILE_VERSION="1.0.0.2" BIN_PRODUCT_VERSION="1.0.0.2" PRODUCT_VERSION="1, 0, 0, 2" FILE_DESCRIPTION="ijjiPurp Dynamic Link Library" COMPANY_NAME="NHN USA Inc." PRODUCT_NAME="ijjiPurplePlugin" FILE_VERSION="1, 0, 0, 2" ORIGINAL_FILENAME="ijjiPurplePlugin04.dll" INTERNAL_NAME="ijjiPurp" LEGAL_COPYRIGHT="Copyright <NHN USA Inc.> (C) 2009" VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.0.2" UPTO_BIN_PRODUCT_VERSION="1.0.0.2" LINK_DATE="08/16/2009 07:11:30" UPTO_LINK_DATE="08/16/2009 07:11:30" EXPORT_NAME="ijjiPurplePlugin04.dll" VER_LANGUAGE="English (United States) [0x409]" />
    <MATCHING_FILE NAME="ijjiPurplePlugin05_r.dll" SIZE="57344" CHECKSUM="0x86228DB7" BIN_FILE_VERSION="1.0.0.1" BIN_PRODUCT_VERSION="1.0.0.1" PRODUCT_VERSION="1, 0, 0, 1" FILE_DESCRIPTION="ijjiPurp Dynamic Link Library" COMPANY_NAME="NHN USA Inc." PRODUCT_NAME=" ijjiPurp Dynamic Link Library" FILE_VERSION="1, 0, 0, 1" ORIGINAL_FILENAME="ijjiPurp.dll" INTERNAL_NAME="ijjiPurp" LEGAL_COPYRIGHT="Copyright <NHN USA Inc.> (C) 2009" VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.0.1" UPTO_BIN_PRODUCT_VERSION="1.0.0.1" LINK_DATE="08/19/2009 16:24:54" UPTO_LINK_DATE="08/19/2009 16:24:54" EXPORT_NAME="ijjiPurplePlugin05.dll" VER_LANGUAGE="English (United States) [0x409]" />
    <MATCHING_FILE NAME="MiracleCommon.dll" SIZE="176128" CHECKSUM="0xBE9CC4A" BIN_FILE_VERSION="1.0.3.0" BIN_PRODUCT_VERSION="1.0.3.0" PRODUCT_VERSION="1, 0, 3, 0" FILE_DESCRIPTION="MiracleCommon Dynamic Link Library" COMPANY_NAME="NHN Corporation" PRODUCT_NAME="MiracleCommon Dynamic Link Library" FILE_VERSION="1, 0, 3, 0" ORIGINAL_FILENAME="MiracleCommon.dll" INTERNAL_NAME="MiracleCommon" LEGAL_COPYRIGHT="(c) NHN Corporation.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x2B2F1" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.3.0" UPTO_BIN_PRODUCT_VERSION="1.0.3.0" LINK_DATE="02/04/2010 05:31:00" UPTO_LINK_DATE="02/04/2010 05:31:00" EXPORT_NAME="MiracleCommon.dll" VER_LANGUAGE="English (United States) [0x409]" />
    <MATCHING_FILE NAME="MiracleExLauncher.dll" SIZE="618496" CHECKSUM="0xA59EDF25" BIN_FILE_VERSION="1.0.12.0" BIN_PRODUCT_VERSION="1.0.12.0" PRODUCT_VERSION="1, 0, 12, 0" FILE_DESCRIPTION="MiracleExLauncher Dynamic Link Library" PRODUCT_NAME="MiracleExLauncher Dynamic Link Library" FILE_VERSION="1, 0, 12, 0" ORIGINAL_FILENAME="MiracleExLauncher.dll" INTERNAL_NAME="MiracleExLauncher" LEGAL_COPYRIGHT="(c) NHN Corporation.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x9A787" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.12.0" UPTO_BIN_PRODUCT_VERSION="1.0.12.0" LINK_DATE="02/09/2010 01:49:54" UPTO_LINK_DATE="02/09/2010 01:49:54" EXPORT_NAME="MiracleExLauncher.dll" VER_LANGUAGE="English (United States) [0x409]" />
    <MATCHING_FILE NAME="MiracleMessage.dll" SIZE="200704" CHECKSUM="0x15F01FBD" BIN_FILE_VERSION="1.0.2.0" BIN_PRODUCT_VERSION="1.0.2.0" PRODUCT_VERSION="1, 0, 2, 0" FILE_DESCRIPTION="MiracleMessage Dynamic Link Library" COMPANY_NAME="NHN Corporation" PRODUCT_NAME="MiracleMessage Dynamic Link Library" FILE_VERSION="1, 0, 2, 0" ORIGINAL_FILENAME="MiracleMessage.dll" INTERNAL_NAME="MiracleMessage" LEGAL_COPYRIGHT="(c) NHN Corporation.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x40A94" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.2.0" UPTO_BIN_PRODUCT_VERSION="1.0.2.0" LINK_DATE="02/04/2010 05:30:52" UPTO_LINK_DATE="02/04/2010 05:30:52" EXPORT_NAME="MiracleMessage.dll" VER_LANGUAGE="English (United States) [0x409]" />
    <MATCHING_FILE NAME="MiracleProxy.dll" SIZE="200704" CHECKSUM="0x1AB36279" BIN_FILE_VERSION="1.0.2.0" BIN_PRODUCT_VERSION="1.0.2.0" PRODUCT_VERSION="1, 0, 2, 0" FILE_DESCRIPTION="MiracleProxy Dynamic Link Library" COMPANY_NAME="NHN Corporation" PRODUCT_NAME="MiracleProxy Dynamic Link Library" FILE_VERSION="1, 0, 2, 0" ORIGINAL_FILENAME="MiracleProxy.dll" INTERNAL_NAME="MiracleProxy" LEGAL_COPYRIGHT="(c) NHN Corporation.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x40E12" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.2.0" UPTO_BIN_PRODUCT_VERSION="1.0.2.0" LINK_DATE="02/04/2010 05:31:06" UPTO_LINK_DATE="02/04/2010 05:31:06" EXPORT_NAME="MiracleProxy.dll" VER_LANGUAGE="English (United States) [0x409]" />
    <MATCHING_FILE NAME="MiracleRCEng.dll" SIZE="57344" CHECKSUM="0x61F2D58D" BIN_FILE_VERSION="1.0.0.11" BIN_PRODUCT_VERSION="1.0.0.11" PRODUCT_VERSION="1, 0, 0, 11" FILE_DESCRIPTION="MiracleRCEng Dynamic Link Library" COMPANY_NAME="NHN Corporation" PRODUCT_NAME="MiracleRCEng Dynamic Link Library" FILE_VERSION="1, 0, 0, 11" ORIGINAL_FILENAME="MiracleRCEng.dll" INTERNAL_NAME="MiracleRCEng" LEGAL_COPYRIGHT="(c) NHN Corporation.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x19446" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.0.11" UPTO_BIN_PRODUCT_VERSION="1.0.0.11" LINK_DATE="09/01/2009 06:18:43" UPTO_LINK_DATE="09/01/2009 06:18:43" VER_LANGUAGE="English (United States) [0x409]" />
    <MATCHING_FILE NAME="MiracleRCGer.dll" SIZE="57344" CHECKSUM="0x25F2D58C" BIN_FILE_VERSION="1.0.0.11" BIN_PRODUCT_VERSION="1.0.0.11" PRODUCT_VERSION="1, 0, 0, 11" FILE_DESCRIPTION="MiracleRCGer Dynamic Link Library" COMPANY_NAME="NHN Corporation" PRODUCT_NAME="MiracleRCGer Dynamic Link Library" FILE_VERSION="1, 0, 0, 11" ORIGINAL_FILENAME="MiracleRCGer.dll" INTERNAL_NAME="MiracleRCGer" LEGAL_COPYRIGHT="(c) NHN Corporation.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xF9AE" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.0.11" UPTO_BIN_PRODUCT_VERSION="1.0.0.11" LINK_DATE="09/01/2009 06:18:20" UPTO_LINK_DATE="09/01/2009 06:18:20" VER_LANGUAGE="German (Germany) [0x407]" />
    <MATCHING_FILE NAME="MiracleRCSpn.dll" SIZE="57344" CHECKSUM="0xD7F2D58B" BIN_FILE_VERSION="1.0.0.11" BIN_PRODUCT_VERSION="1.0.0.11" PRODUCT_VERSION="1, 0, 0, 11" FILE_DESCRIPTION="MiracleRCSpn Dynamic Link Library" COMPANY_NAME="NHN Corporation" PRODUCT_NAME="MiracleRCSpn Dynamic Link Library" FILE_VERSION="1, 0, 0, 11" ORIGINAL_FILENAME="MiracleRCSpn.dll" INTERNAL_NAME="MiracleRCSpn" LEGAL_COPYRIGHT="(c) NHN Corporation.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xEA61" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.0.11" UPTO_BIN_PRODUCT_VERSION="1.0.0.11" LINK_DATE="09/01/2009 06:18:17" UPTO_LINK_DATE="09/01/2009 06:18:17" VER_LANGUAGE="Spanish (Mexico) [0x80a]" />
    <MATCHING_FILE NAME="MiracleReport.dll" SIZE="172032" CHECKSUM="0xE794AA88" BIN_FILE_VERSION="1.0.2.0" BIN_PRODUCT_VERSION="1.0.2.0" PRODUCT_VERSION="1, 0, 2, 0" FILE_DESCRIPTION="MiracleReport Dynamic Link Library" PRODUCT_NAME="MiracleReport Dynamic Link Library" FILE_VERSION="1, 0, 2, 0" ORIGINAL_FILENAME="MiracleR.dll" INTERNAL_NAME="MiracleReport" LEGAL_COPYRIGHT="(c) NHN Corporation.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x2AFF5" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.2.0" UPTO_BIN_PRODUCT_VERSION="1.0.2.0" LINK_DATE="02/04/2010 05:31:11" UPTO_LINK_DATE="02/04/2010 05:31:11" EXPORT_NAME="MiracleReport.dll" VER_LANGUAGE="Korean (Korea) [0x412]" />
    <MATCHING_FILE NAME="MiracleRuntime.dll" SIZE="278528" CHECKSUM="0x383223D2" BIN_FILE_VERSION="1.0.2.0" BIN_PRODUCT_VERSION="1.0.2.0" PRODUCT_VERSION="1, 0, 2, 0" FILE_DESCRIPTION="MiracleRuntime Dynamic Link Library" COMPANY_NAME="NHN Corporation" PRODUCT_NAME="MiracleRuntime Dynamic Link Library" FILE_VERSION="1, 0, 2, 0" ORIGINAL_FILENAME="MiracleRuntime.dll" INTERNAL_NAME="MiracleRuntime" LEGAL_COPYRIGHT="(c) NHN Corporation.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x4AA43" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.2.0" UPTO_BIN_PRODUCT_VERSION="1.0.2.0" LINK_DATE="02/04/2010 05:31:54" UPTO_LINK_DATE="02/04/2010 05:31:54" EXPORT_NAME="MiracleRuntime.dll" VER_LANGUAGE="English (United States) [0x409]" />
    <MATCHING_FILE NAME="MiracleSystemInfo.dll" SIZE="151552" CHECKSUM="0xED681DD8" BIN_FILE_VERSION="1.0.2.0" BIN_PRODUCT_VERSION="1.0.2.0" PRODUCT_VERSION="1, 0, 2, 0" FILE_DESCRIPTION="MiracleSystemInfo Dynamic Link Library" COMPANY_NAME="NHN Corporation" PRODUCT_NAME="MiracleSystemInfo Dynamic Link Library" FILE_VERSION="1, 0, 2, 0" ORIGINAL_FILENAME="MiracleSystemInfo.dll" INTERNAL_NAME="MiracleS" LEGAL_COPYRIGHT="(c) NHN Corporation.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x34D20" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.2.0" UPTO_BIN_PRODUCT_VERSION="1.0.2.0" LINK_DATE="02/04/2010 05:35:54" UPTO_LINK_DATE="02/04/2010 05:35:54" EXPORT_NAME="MiracleSystemInfo.dll" VER_LANGUAGE="Korean (Korea) [0x412]" />
    <MATCHING_FILE NAME="MiracleUI.dll" SIZE="446464" CHECKSUM="0x1D08B8DC" BIN_FILE_VERSION="1.0.3.0" BIN_PRODUCT_VERSION="1.0.3.0" PRODUCT_VERSION="1, 0, 3, 0" FILE_DESCRIPTION="MiracleUI Dynamic Link Library" COMPANY_NAME="NHN Corporation" PRODUCT_NAME="MiracleUI Dynamic Link Library" FILE_VERSION="1, 0, 3, 0" ORIGINAL_FILENAME="MiracleUI.dll" INTERNAL_NAME="MiracleUI" LEGAL_COPYRIGHT="(c) NHN Corporation.  All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x7258D" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.3.0" UPTO_BIN_PRODUCT_VERSION="1.0.3.0" LINK_DATE="02/09/2010 02:49:26" UPTO_LINK_DATE="02/09/2010 02:49:26" EXPORT_NAME="MiracleUI.dll" VER_LANGUAGE="English (United States) [0x409]" />
    <MATCHING_FILE NAME="NeoBit.dll" SIZE="536576" CHECKSUM="0x7F88BAAC" BIN_FILE_VERSION="1.5.7.0" BIN_PRODUCT_VERSION="1.5.7.0" PRODUCT_VERSION="1, 5, 7, 0" FILE_DESCRIPTION="NeoBit Dynamic Link Library" COMPANY_NAME="NHN Corporation" PRODUCT_NAME=" NeoBit Dynamic Link Library" FILE_VERSION="1, 5, 7, 0" ORIGINAL_FILENAME="NeoBit.dll" INTERNAL_NAME="NeoBit" LEGAL_COPYRIGHT="Copyright (C) 2006 NHN Corporation. All rights reserved." VERDATEHI="0x0" VERDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x89E97" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.5.7.0" UPTO_BIN_PRODUCT_VERSION="1.5.7.0" LINK_DATE="09/03/2009 03:15:32" UPTO_LINK_DATE="09/03/2009 03:15:32" EXPORT_NAME="NeoBit.dll" VER_LANGUAGE="Korean (Korea) [0x412]" />
</EXE>
</DATABASE>


[/FONT]
```
Do you know what product that is?

See if you have --> C:\Windows\Downloaded Program Files\ChannelingPluginforReactor.dll


The Event Viewer logs show Majic Jack crashing repeatedly.

Also seen crashing - *vivoxsdk.dll* --> http://www.eq2flames.com/tech-support/27241-help-please-vivaxsdk-dll-freezing-patcher.html

`

The first mention of NavyField in the Event Logs - 15 May 2009 - creating a system restore point to install the app -

```
[font=lucida console]
Event[33199]:
  Log Name: Application
  Source: System Restore
  Date: 2009-05-15T01:22:39.000
  Description: 
Successfully created restore point 
(Process = C:\Users\MARK\Downloads\NF1250(2).exe -deleter ; 
Description = Installed NavyFIELD NorthAmerica).  
[/font]
```

The next time NavyField appears is 4 days later when NavyFIELD app hangs -

```
[font=lucida console]  
Event[32564]:
  Log Name: Application
  Source: Application Hang
  Date: 2009-05-19T05:00:48.000
  Level: Error
  Description: 
The program NavyFIELD.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 11f8 Start Time: 01c9d85f3726dd78 Termination Time: 0[/font]
```
Between that time - dozens of entries like these - repeated over & over - 

```
[font=lucida console]  
A request to disable the Desktop Window Manager was 
made by process (World of Warcraft Retail)

The Desktop Window Manager was unable to start because 
composition was disabled by a running application


A request to disable the Desktop Window Manager was 
made by process (Guild Wars Game Client)

The Desktop Window Manager was unable to start because composition was disabled by a running application

A request to disable the Desktop Window Manager was 
made by process (iw3mp.exe)

The Desktop Window Manager was unable to start because composition was disabled by a running application

A request to disable the Desktop Window Manager was made 
by process (4156)

The Desktop Window Manager was unable to start because composition was disabled by a running application

A request to disable the Desktop Window Manager was made
by process (mm.exe)

The Desktop Window Manager was unable to start because  composition was disabled by a running application[/FONT]
```

Other crashes as well - 

```
[font=lucida console]
Event[32738]:
  Log Name: Application
  Source: Application Error
  Date: 2009-05-17T08:33:44.000
  Level: Error
  Description: 
Faulting application HitmanBloodMoney.exe, version 0.0.0.0, time stamp 
0x4492b845, faulting module ntdll.dll, version 6.0.6001.18000, time stamp
 0x4791a783, exception code 0xc0000005, fault offset 0x00060043, process id 0xfcc, application start time 0x01c9d6ebb755f691.[/font]
```
Back to the same as above - 

```
[font=lucida console]
A request to disable the Desktop Window Manager was made 
by process (HitmanBloodMoney.exe)

The Desktop Window Manager was unable to start because composition was disabled by a running application

A request to disable the Desktop Window Manager was made 
by process (SplinterCell4.exe)
[/font]
```
 
*SC4UpdateLauncher.exe* crashing -

```
[font=lucida console]
Event[32768]:
  Log Name: Application
  Source: Application Error
  Date: 2009-05-17T01:41:03.000
  Level: Error
  Description: 
Faulting application SC4UpdateLauncher.exe, version 1.0.0.1, time stamp 
0x45275b58, faulting module MSVCR71.dll, version 6.0.6001.18000, 
time stamp 0x4791a783, exception code 0xc0000135, fault offset 0x0006ecfb, process id 0x13f0, application start time 0x01c9d6b20d8c33b1.
[/font]
```


```
[font=lucida console]
A request to disable the Desktop Window Manager was made 
by process (SplinterCell4.exe)

The Desktop Window Manager was unable to start because composition was disabled by a running application
[/font]
```
Prior to that - 

```
[font=lucida console]
Product: EAX4 Unified Redist -- Installation operation completed successfully.
[/font]
```

Crash related to attempted install of DirectX9 -

```
[font=lucida console]
Failed to create restore point on volume 
(Process = C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Double
     Agent\support\Directx\DirectX9\DXSETUP.exe Files (x86)\Ubisoft\Tom 

Clancy's Splinter Cell Double Agent\support\Directx\DirectX9\DXSETUP.exe" ;
    Descripton =[COLOR=red] ôju[/COLOR]; Hr = 0x80070057).
[/font]
```
Anothe mm.exe crash -

```
[font=lucida console]
Faulting application mm.exe, version 0.0.0.0, time stamp [B]0x45211f69[/B],
 faulting module unknown, version 0.0.0.0, time stamp 0x00000000,
 exception code 0xc0000005, fault offset 0x202b6859, process id 0x238,
 application start time 0x01c9d6b060a0d789.
[/font]
```
The timestamp 0x45211f69 = Mon Oct 02 10:17:13 2006

It may be too old for Vista SP2 x64.

And the list goes on. . .

It appears that factors outside of NAVYField are contributing to its crashes.

Your Vista OS was installed on 14 May 2009. Has anyone yet suggested that you re-install Vista and try installing NAVYField before any others?

There may very well be OS corruption of some type occurring.

Regards. . .

jcgriff2

.


----------



## Nuclear_Bob (Apr 2, 2010)

Just to make sure; did you get my PM reply?

Ok there's a lot to go over here.

nhn, as I said bugged programs lot of other people on other OS have issue with their stuff. (in case you missed my PM)



> A request to disable the Desktop Window Manager was
> made by process (World of Warcraft Retail)


Now everyone knows I played WoW,  but seriously, I ran a ton of add-ons (interface mods) and they would cause a crash A LOT.

MM.exe is for a game called Dark Messiah Might & Magic. That is a fairly old game not meant for vista and doesn't play well with it often, game play was better after I patched it.

As for magic jack that I keep having to Unplug / crash / kill because it pops up and annoys me while I game (I do know why.) I just haven't moved it back to my remote PC because I was troubleshooting it (unrelated.)

EQ - (which I have only played 2 times or so) Had some sort of Alt tab issue and it's launcher was not working properly, issue with Steam (steampowered.com) which I finally fixed, worked fine. No longer installed.

HitmanBloodMoney.exe & SplinterCell4.exe (SC4UpdateLauncher.exe) Hitman was fixed, general vista incompatibility, was fixed in a patch as well as splinter cell (same as MM.) Splinter Cell I had running at a non-standard resolution as well which I'm sure didn't help.



> Anothe mm.exe crash -
> Code:
> 
> 
> ...


What do you mean too old? MM was released that year maybe that is what its referring to?

Still think I have to reinstall vista? :S

For the most part the computer and windows have been working great (for vista anyway.)


----------



## Nuclear_Bob (Apr 2, 2010)

WGA Confirmation-

Please delete when you are done with the screenshots. *Note* The majority of my Product Key is blanked for security reasons.


----------



## jcgriff2 (Sep 30, 2007)

Nuclear_Bob said:


> Just to make sure; did you get my PM reply?
> 
> Ok there's a lot to go over here.
> 
> ...


Not being a gamer myself, I assume the purpose to disable DWM is due to themes? What I don't quite understand is why different games repeatedly "request to disable DWM..", nor the amount of APPCRASHes/ APPHANGs.

On 4 April 2010, within 21 minutes - > 167 events recorded 
- 77 APPCRASH
- 29 APPHANG
- 74 of the 77 had 0xc0000005 exceptions = memory access violations. This means a rogue driver attempted to write to protected memory area; clashed with another driver, 3rd party or Microsoft; did not have permission to access an object; 3rd party firewall blocking access; BAD RAM - just to name a few causes.

This is a list of the apps that crashed sorted by name -

```
[font=lucida console]
 AgeOfConan.exe
 AgeOfConan.exe
 AgeOfConan.exe
 AgeOfConanDX10.exe
 Atlantica.exe
 Atlantica.exe
 Battlestationsmidway.exe
 Battlestationsmidway.exe
 BFHeroes.exe
 ccc.exe
 ConanPatcher.exe
 ConanPatcher.exe
 ConanPatcher.exe
 ConanPatcher.exe
 defcon.exe
 ENFUNSUpdater.exe
 ENFUNSUpdater.exe
 ENFUNSUpdater.exe
 Engine.exe
 ESSVR.EXE
 ESSVR.EXE
 ExeFile.exe
 ExeFile.exe
 ExeFile.exe
 Explorer.EXE
 Explorer.EXE
 Explorer.EXE
 Explorer.EXE
 Fallout3.exe
 Fallout3.exe
 Fallout3.exe
 Fallout3.exe
 Fallout3.exe
 Fallout3.exe
 Fallout3.exe
 Fallout3.exe
 Fallout3.exe
 firefox.exe
 firefox.exe
 firefox.exe
 firefox.exe
 FLVPlayer.exe
 GTAIV.exe
 GTAIV.exe
 helppane.exe
 helppane.exe
 HitmanBloodMoney.exe
 HitmanBloodMoney.exe
 HitmanBloodMoney.exe
 HitmanBloodMoney.exe
 HitmanBloodMoney.exe
 HitmanBloodMoney.exe
 HitmanBloodMoney.exe
 HitmanBloodMoney.exe
 HitmanBloodMoney.exe
 HitmanBloodMoney.exe
 hitmanbloodmoney.exe
 hitmanbloodmoney.exe
 hitmanbloodmoney.exe
 HitmanContracts.exe
 HitmanContracts.exe
 HitmanContracts.exe
 HitmanContracts.exe
 hl2.exe
 hl2.exe
 hl2.exe
 hl2.exe
 hl2.exe
 hl2.exe
 hl2.exe
 hl2.exe
 hl2.exe
 hl2.exe
 hoi3game.exe
 hoi3game.exe
 hoi3game.exe
 hoi3game.exe
 hoi3game.exe
 hoi3game.exe
 hoi3game.exe
 hoi3game.exe
 hoi3game.exe
 hoi3game.exe
 hoi3game.exe
 hoi3game.exe
 hoi3game.exe
 iexplore.exe
 iexplore.exe
 iexplore.exe
 iexplore.exe
 iexplore.exe
 iexplore.exe
 iexplore.exe
 il2fb.exe
 iw3sp.exe
 left4dead.exe
 legends.exe
 legends.exe
 mm.exe
 mm.exe
 mm.exe
 mohpa.exe
 mohpa.exe
 mohpa.exe
 mohpa.exe
 NavyFIELD Launcher.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 NavyFIELD.exe
 Oblivion.exe
 RelicCOH.exe
 RelicCOH.exe
 RelicCOH.exe
 SC4UpdateLauncher.exe
 Setup.exe
 SGCSim v5.1.0.exe
 SGCSim v5.1.0.exe
 SGOTCG.exe
 sgtls_beta11_full.exe
 SplinterCell4.exe
 SplinterCell4.exe
 SplinterCell4.exe
 srcds.exe
 Steam.exe
 Steam.exe
 Steam.exe
 Steam.exe
 SWRepublicCommando.exe
 TurbineLauncher.exe
 turbinemessageservice.exe[/font]
```

- 2 PnP device errors - Realtek Ethernet - needs update

```
[font=lucida console]
	Rtlh64.sys
	6.195.625.2007
	06-25-2007[/font]
```


These are the edited Event Viewer entries - note 0xc0000005 exceptions -

```
[font=lucida console]
Event[29]:
  Source: Application Error
  Date: 2010-04-05  T  21:44:25.000
  Description: 
Faulting application NavyFIELD.exe, version 0.0.0.0, time stamp 0x49ee8896, faulting module NavyFIELD.exe, version 0.0.0.0, time stamp 0x49ee8896, exception code 0xc0000005, fault offset 0x00001441, process id 0x1324, application start time 0x01cad52aad47c757.

Event[30]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  21:44:21.000
  Description: 
The Desktop Window Manager was unable to start because composition was disabled by a running application

Event[31]:
  Source: XLive
  Date: 2010-04-05  T  19:43:02.000
  Description: 
Title GTAIV.exe (1, 0, 0, 4) XLive 3.1.0099.0 (WGX_XLIVE_V3.01_RTM.091106-1035) C:\Windows\system32\xlive.dll  
0x80151000

XLive Logon Failed
00:3B:42:80:90:83
0.0.0.0
0xfb0000000045f7ad
LogonHR == 0x80151000
Games for Windows - LIVE DLL

Event[32]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:26.000
  Description: 
Fault bucket 1625983699, type 1
Event Name: APPCRASH

Problem signature:
P1: Engine.exe
P2: 0.0.0.0
P3: 4b289af1
P4: vivoxsdk.dll_unloaded
P5: 0.0.0.0
P6: 4b01b94f
P7:[color=red]  c0000005[/color]
P8: 06d67b15




Event[33]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:25.000
  Description: 
Fault bucket 1242757707, type 1
Event Name: APPCRASH

Problem signature:
P1: NavyFIELD.exe
P2: 0.0.0.0
P3: 49ee8896
P4: NavyFIELD.exe
P5: 0.0.0.0
P6: 49ee8896
P7:[color=red]  c0000005[/color]
P8: 00001441




Event[34]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:25.000
  Description: 
Fault bucket 798351518, type 5
Event Name: AppHangB1

Problem signature:
P1: GTAIV.exe
P2: 1.0.0.4
P3: 4ab94397
P4: bd5e
P5: 2048
P6: 
P7: 
P8: 




Event[35]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:24.000
  Description: 
Fault bucket 1546994726, type 1
Event Name: APPCRASH

Problem signature:
P1: hoi3game.exe
P2: 0.0.0.0
P3: 4af3f6d3
P4: hoi3game.exe
P5: 0.0.0.0
P6: 4af3f6d3
P7:[color=red]  c0000005[/color]
P8: 003feacd




Event[36]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:22.000
  Description: 
Fault bucket 1242757707, type 1
Event Name: APPCRASH

Problem signature:
P1: NavyFIELD.exe
P2: 0.0.0.0
P3: 49ee8896
P4: NavyFIELD.exe
P5: 0.0.0.0
P6: 49ee8896
P7:[color=red]  c0000005[/color]
P8: 00001441




Event[37]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:22.000
  Description: 
Fault bucket 1242757707, type 1
Event Name: APPCRASH

Problem signature:
P1: NavyFIELD.exe
P2: 0.0.0.0
P3: 49ee8896
P4: NavyFIELD.exe
P5: 0.0.0.0
P6: 49ee8896
P7:[color=red]  c0000005[/color]
P8: 00001441




Event[38]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:22.000
  Description: 
Fault bucket 1787529498, type 1
Event Name: APPCRASH

Problem signature:
P1: NavyFIELD.exe
P2: 0.0.0.0
P3: 4bb45802
P4: NavyFIELD.exe
P5: 0.0.0.0
P6: 4bb45802
P7:[color=red]  c0000005[/color]
P8: 000013c6




Event[39]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:22.000
  Description: 
Fault bucket 818038559, type 5
Event Name: AppHangB1

Problem signature:
P1: hoi3game.exe
P2: 0.0.0.0
P3: 4af3f6d3
P4: be9b
P5: 2048
P6: 
P7: 
P8: 




Event[40]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:22.000
  Description: 
Fault bucket 490671046, type 5
Event Name: AppHangB1

Problem signature:
P1: sgtls_beta11_full.exe
P2: 0.0.0.0
P3: 494ce7df
P4: 0dcf
P5: 2048
P6: 
P7: 
P8: 




Event[41]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:21.000
  Description: 
Fault bucket 1242757707, type 1
Event Name: APPCRASH

Problem signature:
P1: NavyFIELD.exe
P2: 0.0.0.0
P3: 49ee8896
P4: NavyFIELD.exe
P5: 0.0.0.0
P6: 49ee8896
P7:[color=red]  c0000005[/color]
P8: 00001441




Event[42]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:21.000
  Description: 
Fault bucket 1242757707, type 1
Event Name: APPCRASH

Problem signature:
P1: NavyFIELD.exe
P2: 0.0.0.0
P3: 49ee8896
P4: NavyFIELD.exe
P5: 0.0.0.0
P6: 49ee8896
P7:[color=red]  c0000005[/color]
P8: 00001441




Event[43]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:21.000
  Description: 
Fault bucket 884764054, type 5
Event Name: AppHangB1

Problem signature:
P1: SGOTCG.exe
P2: 1.0.0.30
P3: 48470bf4
P4: 2476
P5: 2048
P6: 
P7: 
P8: 




Event[44]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:19.000
  Description: 
Fault bucket 1716757753, type 1
Event Name: APPCRASH

Problem signature:
P1: Atlantica.exe
P2: 1.1.1.3
P3: 4b70c605
P4: Atlantica.exe
P5: 1.1.1.3
P6: 4b70c605
P7:[color=red]  c0000005[/color]
P8: 00696a50




Event[45]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:19.000
  Description: 
Fault bucket 1242757707, type 1
Event Name: APPCRASH

Problem signature:
P1: NavyFIELD.exe
P2: 0.0.0.0
P3: 49ee8896
P4: NavyFIELD.exe
P5: 0.0.0.0
P6: 49ee8896
P7:[color=red]  c0000005[/color]
P8: 00001441




Event[46]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:19.000
  Description: 
Fault bucket 1242602183, type 1
Event Name: APPCRASH

Problem signature:
P1: NavyFIELD.exe
P2: 0.0.0.0
P3: 49ee8896
P4: NavyFIELD.exe
P5: 0.0.0.0
P6: 49ee8896
P7:[color=red]  c0000005[/color]
P8: 00007eb7




Event[47]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:19.000
  Description: 
Fault bucket 1242757707, type 1
Event Name: APPCRASH

Problem signature:
P1: NavyFIELD.exe
P2: 0.0.0.0
P3: 49ee8896
P4: NavyFIELD.exe
P5: 0.0.0.0
P6: 49ee8896
P7:[color=red]  c0000005[/color]
P8: 00001441




Event[48]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:18.000
  Description: 
Fault bucket 196764871, type 5
Event Name: MpTelemetry

Problem signature:
P1: 80244015
P2: EndSearch
P3: Search
P4: 1.1.1600.0
P5: MpSigDwn.dll
P6: 1.1.1600.0
P7: Windows Defender
P8: 




Event[49]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:18.000
  Description: 
Fault bucket 644830929, type 1
Event Name: APPCRASH

Problem signature:
P1: SC4UpdateLauncher.exe
P2: 1.0.0.1
P3: 45275b58
P4: MSVCR71.dll
P5: 6.0.6001.18000
P6: 4791a783
P7: c0000135
P8: 0006ecfb




Event[50]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:18.000
  Description: 
Fault bucket 373300008, type 1
Event Name: APPCRASH

Problem signature:
P1: mohpa.exe
P2: 1.0.0.1
P3: 41779396
P4: mohpa.exe
P5: 1.0.0.1
P6: 41779396
P7:[color=red]  c0000005[/color]
P8: 005252bc




Event[51]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:18.000
  Description: 
Fault bucket 1681880191, type 1
Event Name: APPCRASH

Problem signature:
P1: FLVPlayer.exe
P2: 1.0.0.8
P3: 4ac4dbef
P4: dskinliteu.dll
P5: 1.2.1.1
P6: 49390687
P7:[color=red]  c0000005[/color]
P8: 00042d8a




Event[52]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:17.000
  Description: 
Fault bucket 1242757707, type 1
Event Name: APPCRASH

Problem signature:
P1: NavyFIELD.exe
P2: 0.0.0.0
P3: 49ee8896
P4: NavyFIELD.exe
P5: 0.0.0.0
P6: 49ee8896
P7:[color=red]  c0000005[/color]
P8: 00001441




Event[53]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:17.000
  Description: 
Fault bucket 295203419, type 1
Event Name: APPCRASH

Problem signature:
P1: hitmanbloodmoney.exe
P2: 0.0.0.0
P3: 445e87c7
P4: hitmanbloodmoney.exe
P5: 0.0.0.0
P6: 445e87c7
P7:[color=red]  c0000005[/color]
P8: 000a5000




Event[54]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:16.000
  Description: 
Fault bucket 1242757707, type 1
Event Name: APPCRASH

Problem signature:
P1: NavyFIELD.exe
P2: 0.0.0.0
P3: 49ee8896
P4: NavyFIELD.exe
P5: 0.0.0.0
P6: 49ee8896
P7:[color=red]  c0000005[/color]
P8: 00001441




Event[55]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:16.000
  Description: 
Fault bucket 1159831242, type 1
Event Name: APPCRASH

Problem signature:
P1: ESSVR.EXE
P2: 0.0.0.0
P3: 498a7c2e
P4: ESSVR.EXE
P5: 0.0.0.0
P6: 498a7c2e
P7:[color=red]  c0000005[/color]
P8: 00004312




Event[56]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:14.000
  Description: 
Fault bucket 1552517724, type 1
Event Name: APPCRASH

Problem signature:
P1: hoi3game.exe
P2: 0.0.0.0
P3: 4af3f6d3
P4: hoi3game.exe
P5: 0.0.0.0
P6: 4af3f6d3
P7:[color=red]  c0000005[/color]
P8: 00120f76




Event[57]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:14.000
  Description: 
Fault bucket 1775430129, type 1
Event Name: APPCRASH

Problem signature:
P1: hoi3game.exe
P2: 0.0.0.0
P3: 4baa29f6
P4: hoi3game.exe
P5: 0.0.0.0
P6: 4baa29f6
P7:[color=red]  c0000005[/color]
P8: 009612e0




Event[58]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:13.000
  Description: 
Fault bucket 1242757707, type 1
Event Name: APPCRASH

Problem signature:
P1: NavyFIELD.exe
P2: 0.0.0.0
P3: 49ee8896
P4: NavyFIELD.exe
P5: 0.0.0.0
P6: 49ee8896
P7:[color=red]  c0000005[/color]
P8: 00001441




Event[59]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:13.000
  Description: 
Fault bucket 829923628, type 5
Event Name: AppHangB1

Problem signature:
P1: AgeOfConan.exe
P2: 1.0.0.0
P3: 4b0152b6
P4: 9297
P5: 2049
P6: 
P7: 
P8: 




Event[60]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:13.000
  Description: 
Fault bucket 1555844291, type 1
Event Name: APPCRASH

Problem signature:
P1: ConanPatcher.exe
P2: 1.0.0.1
P3: 4af82a29
P4: ConanPatcher.exe
P5: 1.0.0.1
P6: 4af82a29
P7:[color=red]  c0000005[/color]
P8: 000836b4




Event[61]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:13.000
  Description: 
Fault bucket 1554893131, type 1
Event Name: APPCRASH

Problem signature:
P1: ConanPatcher.exe
P2: 1.0.0.1
P3: 4af82a29
P4: ConanPatcher.exe
P5: 1.0.0.1
P6: 4af82a29
P7:[color=red]  c0000005[/color]
P8: 000836c0




Event[62]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:12.000
  Description: 
Fault bucket 1242757707, type 1
Event Name: APPCRASH

Problem signature:
P1: NavyFIELD.exe
P2: 0.0.0.0
P3: 49ee8896
P4: NavyFIELD.exe
P5: 0.0.0.0
P6: 49ee8896
P7:[color=red]  c0000005[/color]
P8: 00001441




Event[63]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:12.000
  Description: 
Fault bucket 1494937676, type 1
Event Name: APPCRASH

Problem signature:
P1: ENFUNSUpdater.exe
P2: 1.0.0.7
P3: 46d7812b
P5: 6.0.6002.18005
P6: 49e03825
P7:[color=red]  c0000005[/color]
P8: 000218b6




Event[64]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:11.000
  Description: 
Fault bucket 818845664, type 5
Event Name: BEX

Problem signature:
P1: hoi3game.exe
P2: 0.0.0.0
P3: 4af3f6d3
P4: hoi3game.exe
P5: 0.0.0.0
P6: 4af3f6d3
P7: 00829638
P8:[color=red]  c0000005[/color]




Event[65]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:11.000
  Description: 
Fault bucket 330444096, type 5
Event Name: AppHangB1

Problem signature:
P1: Setup.exe
P2: 16.0.0.125
P3: 48b8da96
P4: 3b60
P5: 6144
P6: 
P7: 
P8: 




Event[66]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:11.000
  Description: 
Fault bucket 1242757707, type 1
Event Name: APPCRASH

Problem signature:
P1: NavyFIELD.exe
P2: 0.0.0.0
P3: 49ee8896
P4: NavyFIELD.exe
P5: 0.0.0.0
P6: 49ee8896
P7:[color=red]  c0000005[/color]
P8: 00001441




Event[67]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:11.000
  Description: 
Fault bucket 1553350137, type 1
Event Name: APPCRASH

Problem signature:
P1: hoi3game.exe
P2: 0.0.0.0
P3: 4af3f6d3
P4: hoi3game.exe
P5: 0.0.0.0
P6: 4af3f6d3
P7:[color=red]  c0000005[/color]
P8: 00829638




Event[68]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:11.000
  Description: 
Fault bucket 355184998, type 1
Event Name: APPCRASH

Problem signature:
P1: HitmanContracts.exe
P2: 1.0.0.174
P3: 00000000
P4: HitmanContracts.exe
P5: 1.0.0.174
P6: 00000000
P7:[color=red]  c0000005[/color]
P8: 001ecb32




Event[69]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:10.000
  Description: 
Fault bucket 269531957, type 5
Event Name: PnPGenericDriverFound

Problem signature:
P1: x64
P2: USB\VID_04F2&PID_B086&REV_3557&MI_00
P3: 
P4: 
P5: 
P6: 
P7: 
P8: 




Event[70]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:10.000
  Description: 
Fault bucket 478877786, type 1
Event Name: APPCRASH

Problem signature:
P1: RelicCOH.exe
P2: 1.71.0.10609
P3: 469ebcb9
P4: spDx9.dll
P5: 1.71.0.10609
P6: 469eb961
P7:[color=red]  c0000005[/color]
P8: 0007723c




Event[71]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:10.000
  Description: 
Fault bucket 1257473103, type 1
Event Name: APPCRASH

Problem signature:
P1: ENFUNSUpdater.exe
P2: 1.0.0.7
P3: 46d7812b
P4: kernel32.dll
P5: 6.0.6002.18005
P6: 49e038c0
P7:[color=red]  c0000005[/color]
P8: 00010e0d




Event[72]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:10.000
  Description: 
Fault bucket 387173618, type 5
Event Name: PnPDeviceProblemCode

Problem signature:
P1: x64
P2: PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_03
P3: {4d36e972-e325-11ce-bfc1-08002be10318}
P4: 0000000A
P5: Rtlh64.sys
P6: 6.195.625.2007
P7: 06-25-2007
P8: 




Event[73]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:10.000
  Description: 
Fault bucket 682884177, type 5
Event Name: WindowsUpdateFailure

Problem signature:
P1: 7.4.7600.226
P2: 80244015
P3: 00000000-0000-0000-0000-000000000000
P4: Scan
P5: 101
P6: Unmanaged
P7: 
P8: 




Event[74]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:10.000
  Description: 
Fault bucket 702532612, type 1
Event Name: APPCRASH

Problem signature:
P1: ENFUNSUpdater.exe
P2: 1.0.0.7
P3: 46d7812b
P5: 6.0.6001.18000
P6: 4791a783
P7:[color=red]  c0000005[/color]
P8: 00020dfe




Event[75]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:10.000
  Description: 
Fault bucket 174177609, type 5
Event Name: WindowsWcpOtherFailure3

Problem signature:
P1: 6.0.6001.18000:1
P2: base\wcp\componentstore\com\transaction.cpp
P3: Windows::COM::CPendingTransaction::IStorePendingTransaction_Pend
P4: 1886
P5: 80070bc9
P6: 0xa0b634bb
P7: 
P8: 




Event[76]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:10.000
  Description: 
Fault bucket 203780853, type 5
Event Name: PnPGenericDriverFound

Problem signature:
P1: x64
P2: USB\VID_04F2&PID_B086&REV_3555&MI_00
P3: 
P4: 
P5: 
P6: 
P7: 
P8: 




Event[77]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:09.000
  Description: 
Fault bucket 174177719, type 5
Event Name: WindowsWcpOtherFailure3

Problem signature:
P1: 6.0.6001.18000:1
P2: base\wcp\componentstore\com\transaction.cpp
P3: Windows::COM::CPendingTransaction::IStorePendingTransaction_Pend
P4: 1886
P5: 80070bc9
P6: 0x5285eb28
P7: 
P8: 




Event[78]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:09.000
  Description: 
Fault bucket 656776927, type 5
Event Name: CLR20r3

Problem signature:
P1: turbinemessageservice.exe
P2: 1.4.3470.29707
P3: 4a4d2895
P4: System
P5: 2.0.0.0
P6: 49cc5ec9
P7: 1cc7
P8: 4a




Event[79]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:09.000
  Description: 
Fault bucket 192152395, type 5
Event Name: PnPGenericDriverFound

Problem signature:
P1: x64
P2: PCI\VEN_1002&DEV_9440&SUBSYS_05021002&REV_00
P3: 
P4: 
P5: 
P6: 
P7: 
P8: 




Event[80]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:09.000
  Description: 
Fault bucket 269266344, type 5
Event Name: PnPDeviceProblemCode

Problem signature:
P1: x64
P2: PCI\VEN_1002&DEV_9440&SUBSYS_05021002&REV_00
P3: {4d36e968-e325-11ce-bfc1-08002be10318}
P4: 0000000A
P5: vgapnp.sys
P6: 6.0.6001.18000
P7: 01-21-2008
P8: 




Event[81]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:09.000
  Description: 
Fault bucket 824304736, type 5
Event Name: AppHangB1

Problem signature:
P1: AgeOfConanDX10.exe
P2: 1.0.0.0
P3: 4af83613
P4: e5c2
P5: 2049
P6: 
P7: 
P8: 




Event[82]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:09.000
  Description: 
Fault bucket 370660323, type 5
Event Name: PnPDeviceProblemCode

Problem signature:
P1: x64
P2: PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_03
P3: {4d36e972-e325-11ce-bfc1-08002be10318}
P4: 0000000A
P5: Rtlh64.sys
P6: 6.1837.926.2006
P7: 10-03-2006
P8: 




Event[83]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:07.000
  Description: 
Fault bucket 270848663, type 5
Event Name: PnPDriverImportError

Problem signature:
P1: x64
P2: 80070002
P3: RimUsbNT.inf
P4: 6b6c4192b9fb09d1c63dded4bb709dfc65c71cf8
P5: 
P6: 
P7: 
P8: 




Event[84]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:07.000
  Description: 
Fault bucket 122134586, type 5
Event Name: PnPDriverImportError

Problem signature:
P1: x64
P2: 80070002
P3: rimserial.inf
P4: 36a8687484e4b5aee9a9f7cf6f1f59f5e1e066db
P5: 
P6: 
P7: 
P8: 




Event[85]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:07.000
  Description: 
Fault bucket 385240962, type 5
Event Name: PnPDriverImportError

Problem signature:
P1: x86
P2: 80070002
P3: ccdcmbx64.inf
P4: 7faa258841f1e999b1cbf71944115300b7c9f8af
P5: 
P6: 
P7: 
P8: 




Event[86]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:06.000
  Description: 
Fault bucket 817186836, type 5
Event Name: WindowsUpdateFailure

Problem signature:
P1: 7.4.7600.226
P2: 8024000b
P3: 872BD8CA-8FE0-487B-8D19-39A58C48FC44
P4: Install
P5: 101
P6: Unmanaged
P7: 
P8: 




Event[87]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:06.000
  Description: 
Fault bucket 22267790, type 5
Event Name: NetworkDiagnosticsFrameworkV2

Problem signature:
P1: Microsoft
P2: AddressAcquisition
P3: 1.0
P4: 1
P5: 80070079
P6: {FD3DBBC9-877F-4b96-BB3B-0DC95D657057}
P7: NetworkAccessProtection
P8: 1.0




Event[88]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:06.000
  Description: 
Fault bucket 22383732, type 5
Event Name: NetworkDiagnosticsFrameworkV2

Problem signature:
P1: Microsoft
P2: NdisHC
P3: 1.0
P4: 2
P5: 8008F906
P6: {4C1DB172-9A9E-4b1a-BDAB-24021291A158}
P7: NdisHC
P8: 1.0




Event[89]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:06.000
  Description: 
Fault bucket 1779640998, type 1
Event Name: APPCRASH

Problem signature:
P1: 30161982.ex_
P2: 0.0.0.0
P3: 4a2ae2a2
P4: Math.dll
P5: 0.0.0.0
P6: 4a2ae283
P7:[color=red]  c0000005[/color]
P8: 00001d1e




Event[90]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:06.000
  Description: 
Fault bucket 1271756979, type 1
Event Name: APPCRASH

Problem signature:
P1: HitmanBloodMoney.exe
P2: 0.0.0.0
P3: 4492b845
P4: ntdll.dll
P5: 6.0.6002.18005
P6: 49e03824
P7:[color=red]  c0000005[/color]
P8: 0006020b




Event[91]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:06.000
  Description: 
Fault bucket 1242757707, type 1
Event Name: APPCRASH

Problem signature:
P1: NavyFIELD.exe
P2: 0.0.0.0
P3: 49ee8896
P4: NavyFIELD.exe
P5: 0.0.0.0
P6: 49ee8896
P7:[color=red]  c0000005[/color]
P8: 00001441




Event[92]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:06.000
  Description: 
Fault bucket 832899179, type 5
Event Name: AppHangB1

Problem signature:
P1: AgeOfConan.exe
P2: 1.0.0.0
P3: 4b0152b6
P4: 7d98
P5: 2048
P6: 
P7: 
P8: 




Event[93]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:05.000
  Description: 
Fault bucket 295769476, type 1
Event Name: APPCRASH

Problem signature:
P1: HitmanBloodMoney.exe
P2: 0.0.0.0
P3: 445e87c7
P4: HitmanBloodMoney.exe
P5: 0.0.0.0
P6: 445e87c7
P7: 80000003
P8: 001200d4




Event[94]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:05.000
  Description: 
Fault bucket 1242757707, type 1
Event Name: APPCRASH

Problem signature:
P1: NavyFIELD.exe
P2: 0.0.0.0
P3: 49ee8896
P4: NavyFIELD.exe
P5: 0.0.0.0
P6: 49ee8896
P7:[color=red]  c0000005[/color]
P8: 00001441




Event[95]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:05.000
  Description: 
Fault bucket 822894912, type 5
Event Name: AppHangB1

Problem signature:
P1: AgeOfConan.exe
P2: 1.0.0.0
P3: 4af83175
P4: 8470
P5: 2048
P6: 
P7: 
P8: 




Event[96]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:05.000
  Description: 
Fault bucket 379355716, type 1
Event Name: APPCRASH

Problem signature:
P1: ins4CF7.tmp
P2: 3.0.0.0
P3: 40daa4fa
P4: ins4CF7.tmp
P5: 3.0.0.0
P6: 40daa4fa
P7:[color=red]  c0000005[/color]
P8: 00097ea6




Event[97]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:05.000
  Description: 
Fault bucket 28517248, type 5
Event Name: NetworkDiagnosticsFrameworkV2

Problem signature:
P1: Microsoft
P2: AddressAcquisition
P3: 1.0
P4: 2
P5: 8008F906
P6: {07D37F7B-FA5E-4443-BDA7-AB107B29AFB6}
P7: DLInterface
P8: 1.0



Event[98]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:05.000
  Description: 
Fault bucket 32289657, type 5
Event Name: NetworkDiagnosticsFrameworkV2

Problem signature:
P1: Microsoft
P2: DLInterface
P3: 1.0
P4: 5
P5: 0
P6: {07D37F7B-FA5E-4443-BDA7-AB107B29AFB6}
P7: DLInterface
P8: 1.0



Event[99]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:04.000
  Description: 
Fault bucket 738676030, type 5
Event Name: AppHangXProcB1

Problem signature:
P1: iexplore.exe
P2: 8.0.6001.18828
P3: 4a9600c9
P4: 6a01
P5: 32
P6: iexplore.exe
P7: 8.0.6001.18828
P8: 




Event[100]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:04.000
  Description: 
Fault bucket 940875334, type 5
Event Name: AppHangXProcB1

Problem signature:
P1: iexplore.exe
P2: 8.0.6001.18882
P3: 4b3ed243
P4: 1b2b
P5: 32
P6: iexplore.exe
P7: 8.0.6001.18882
P8: 




Event[101]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:04.000
  Description: 
Fault bucket 455935055, type 5
Event Name: BEX

Problem signature:
P1: hl2.exe
P2: 0.0.0.0
P3: 4445c334
P4: filesystem_steam.dll_unloaded
P5: 0.0.0.0
P6: 47e2d72b
P7: 02d0553e
P8:[color=red]  c0000005[/color]




Event[102]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:04.000
  Description: 
Fault bucket 809845192, type 5
Event Name: AppHangB1

Problem signature:
P1: firefox.exe
P2: 1.9.1.3593
P3: 4aef8082
P4: 4ea5
P5: 0
P6: 
P7: 
P8: 




Event[103]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:04.000
  Description: 
Fault bucket 942180335, type 5
Event Name: BEX

Problem signature:
P1: firefox.exe
P2: 1.9.2.3667
P3: 4b5102f0
P4: StackHash_2b79
P5: 0.0.0.0
P6: 00000000
P7: 00000000
P8:[color=red]  c0000005[/color]




Event[104]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:04.000
  Description: 
Fault bucket 1070092157, type 5
Event Name: BEX

Problem signature:
P1: NavyFIELD Launcher.exe
P2: 0.0.0.0
P3: 49d32caa
P4: StackHash_ac6a
P5: 0.0.0.0
P6: 00000000
P7: 00000000
P8:[color=red]  c0000005[/color]




Event[105]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:04.000
  Description: 
Fault bucket 1665040653, type 1
Event Name: APPCRASH

Problem signature:
P1: firefox.exe
P2: 1.9.2.3667
P3: 4b5102f0
P4: ole32.dll
P5: 6.0.6002.18005
P6: 49e037d7
P7:[color=red]  c0000005[/color]
P8: 000472da




Event[106]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:03.000
  Description: 
Fault bucket 458804279, type 5
Event Name: CLR20r3

Problem signature:
P1: ccc.exe
P2: 2.0.0.0
P3: 494a943f
P4: System.Windows.Forms
P5: 2.0.0.0
P6: 4889dee7
P7: 1521
P8: 137




Event[107]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:03.000
  Description: 
Fault bucket 363707986, type 1
Event Name: APPCRASH

Problem signature:
P1: HitmanBloodMoney.exe
P2: 0.0.0.0
P3: 4492b845
P4: HitmanBloodMoney.exe
P5: 0.0.0.0
P6: 4492b845
P7: 80000003
P8: 000b2668




Event[108]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:03.000
  Description: 
Fault bucket 432805830, type 1
Event Name: APPCRASH

Problem signature:
P1: hl2.exe
P2: 0.0.0.0
P3: 4445c334
P4: datacache.dll
P5: 0.0.0.0
P6: 46439c7b
P7:[color=red]  c0000005[/color]
P8: 0000b423




Event[109]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:03.000
  Description: 
Fault bucket 1333209254, type 1
Event Name: APPCRASH

Problem signature:
P1: Fallout3.exe
P2: 1.6.0.3
P3: 4a147392
P4: Fallout3.exe
P5: 1.6.0.3
P6: 4a147392
P7:[color=red]  c0000005[/color]
P8: 000e84ac




Event[110]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:03.000
  Description: 
Fault bucket 1304352303, type 1
Event Name: APPCRASH

Problem signature:
P1: Fallout3.exe
P2: 1.6.0.3
P3: 4a147392
P4: Fallout3.exe
P5: 1.6.0.3
P6: 4a147392
P7:[color=red]  c0000005[/color]
P8: 00227140




Event[111]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:03.000
  Description: 
Fault bucket 594059679, type 5
Event Name: BEX

Problem signature:
P1: Steam.exe
P2: 1.0.0.0
P3: 4a15c82b
P4: Steam.dll_unloaded
P5: 0.0.0.0
P6: 4a1f296d
P7: 301cba50
P8:[color=red]  c0000005[/color]




Event[112]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:02.000
  Description: 
Fault bucket 844356934, type 5
Event Name: BEX

Problem signature:
P1: ExeFile.exe
P2: 6.20.1.51847
P3: 4b0e9d2a
P4: python25.dll
P5: 2.5.3100.1013
P6: 4b02bd6d
P7: 0002c547
P8: c0000409




Event[113]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:02.000
  Description: 
Fault bucket 50999657, type 5
Event Name: AppHangB1

Problem signature:
P1: hl2.exe
P2: 0.0.0.0
P3: 4445c334
P4: 238e
P5: 2048
P6: 
P7: 
P8: 




Event[114]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:02.000
  Description: 
Fault bucket 226255251, type 1
Event Name: APPCRASH

Problem signature:
P1: mohpa.exe
P2: 1.0.0.1
P3: 41779396
P4: mohpa.exe
P5: 1.0.0.1
P6: 41779396
P7:[color=red]  c0000005[/color]
P8: 00418d80




Event[115]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:02.000
  Description: 
Fault bucket 579403442, type 5
Event Name: AppHangB1

Problem signature:
P1: Explorer.EXE
P2: 6.0.6002.18005
P3: 49e02a1e
P4: a09b
P5: 4
P6: 
P7: 
P8: 




Event[116]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:01.000
  Description: 
Fault bucket 869470836, type 5
Event Name: BEX

Problem signature:
P1: ExeFile.exe
P2: 6.20.1.53887
P3: 4b1cdcac
P4: python25.dll
P5: 2.5.3100.1013
P6: 4b1e5858
P7: 0002e407
P8: c0000409




Event[117]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:01.000
  Description: 
Fault bucket 504096246, type 1
Event Name: APPCRASH

Problem signature:
P1: ins2BA2.tmp
P2: 3.0.0.0
P3: 40daa4fa
P4: ins2BA2.tmp
P5: 3.0.0.0
P6: 40daa4fa
P7:[color=red]  c0000005[/color]
P8: 00097ea6




Event[118]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:01.000
  Description: 
Fault bucket 1332622302, type 1
Event Name: APPCRASH

Problem signature:
P1: Fallout3.exe
P2: 1.6.0.3
P3: 4a147392
P4: d3d9.dll
P5: 6.0.6002.18005
P6: 49e03705
P7:[color=red]  c0000005[/color]
P8: 0004b468




Event[119]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:01.000
  Description: 
Fault bucket 344253839, type 1
Event Name: APPCRASH

Problem signature:
P1: SplinterCell4.exe
P2: 0.0.0.0
P3: 4539e082
P4: SplinterCell4.exe
P5: 0.0.0.0
P6: 4539e082
P7:[color=red]  c0000005[/color]
P8: 0000bba6




Event[120]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:01.000
  Description: 
Fault bucket 893823304, type 5
Event Name: BEX

Problem signature:
P1: BFHeroes.exe
P2: 0.0.0.0
P3: 4b210c00
P4: pbcl.dll_unloaded
P5: 0.0.0.0
P6: 4ac1187b
P7: 21cdf80c
P8:[color=red]  c0000005[/color]




Event[121]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:01.000
  Description: 
Fault bucket 95451193, type 5
Event Name: AppHangB1

Problem signature:
P1: hl2.exe
P2: 0.0.0.0
P3: 470c11ae
P4: 6f54
P5: 0
P6: 
P7: 
P8: 




Event[122]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:00.000
  Description: 
Fault bucket 781051789, type 5
Event Name: AppHangB1

Problem signature:
P1: Steam.exe
P2: 1.0.0.0
P3: 4aaadaf8
P4: 9385
P5: 3
P6: 
P7: 
P8: 




Event[123]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:00.000
  Description: 
Fault bucket 95573375, type 5
Event Name: AppHangB1

Problem signature:
P1: hl2.exe
P2: 0.0.0.0
P3: 470c11ae
P4: 1574
P5: 2048
P6: 
P7: 
P8: 




Event[124]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:00.000
  Description: 
Fault bucket 95519309, type 5
Event Name: AppHangB1

Problem signature:
P1: hl2.exe
P2: 0.0.0.0
P3: 470c11ae
P4: c14a
P5: 0
P6: 
P7: 
P8: 




Event[125]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:00.000
  Description: 
Fault bucket 1664870102, type 1
Event Name: APPCRASH

Problem signature:
P1: iexplore.exe
P2: 8.0.6001.18882
P3: 4b3ed243
P4: mshtml.dll
P5: 8.0.6001.18882
P6: 4b3ee91c
P7: c00000fd
P8: 000d676b




Event[126]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:40:00.000
  Description: 
Fault bucket 563814703, type 5
Event Name: AppHangB1

Problem signature:
P1: Explorer.EXE
P2: 6.0.6002.18005
P3: 49e02a1e
P4: bb64
P5: 6144
P6: 
P7: 
P8: 




Event[127]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:59.000
  Description: 
Fault bucket 601495305, type 1
Event Name: APPCRASH

Problem signature:
P1: ins8E99.tmp
P2: 3.0.0.0
P3: 40daa4fa
P4: ins8E99.tmp
P5: 3.0.0.0
P6: 40daa4fa
P7:[color=red]  c0000005[/color]
P8: 00097ea6




Event[128]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:59.000
  Description: 
Fault bucket 1332501520, type 1
Event Name: APPCRASH

Problem signature:
P1: Fallout3.exe
P2: 1.6.0.3
P3: 4a147392
P4: Fallout3.exe
P5: 1.6.0.3
P6: 4a147392
P7:[color=red]  c0000005[/color]
P8: 002e2973




Event[129]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:59.000
  Description: 
Fault bucket 4, type 5
Event Name: APPLICATION CRASH

Problem signature:
P1: -2547712
P2: 1688408064
P3: 4
P4: ATI Technologies Inc.
P5: ATI Radeon HD 4800 Series
P6: 8.14.0010.0708
P7: 
P8: 




Event[130]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:59.000
  Description: 
Fault bucket 851546821, type 5
Event Name: BEX

Problem signature:
P1: Steam.exe
P2: 1.0.0.0
P3: 4aaadaf8
P4: Steam.dll
P5: 2.0.772.381
P6: 4b0eb829
P7: 001cf271
P8: c0000409




Event[131]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:59.000
  Description: 
Fault bucket 432711540, type 1
Event Name: APPCRASH

Problem signature:
P1: insE83C.tmp
P2: 3.0.0.0
P3: 40daa4fa
P4: insE83C.tmp
P5: 3.0.0.0
P6: 40daa4fa
P7:[color=red]  c0000005[/color]
P8: 00097ea6




Event[132]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:59.000
  Description: 
Fault bucket 434893381, type 1
Event Name: APPCRASH

Problem signature:
P1: ins67B8.tmp
P2: 3.0.0.0
P3: 40daa4fa
P4: ins67B8.tmp
P5: 3.0.0.0
P6: 40daa4fa
P7:[color=red]  c0000005[/color]
P8: 00097ea6




Event[133]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:58.000
  Description: 
Fault bucket 544211194, type 5
Event Name: AppHangB1

Problem signature:
P1: left4dead.exe
P2: 0.0.0.0
P3: 492b66bb
P4: 9533
P5: 6144
P6: 
P7: 
P8: 




Event[134]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:58.000
  Description: 
Fault bucket 11250838, type 5
Event Name: BEX

Problem signature:
P1: mm.exe
P2: 0.0.0.0
P3: 45211f69
P4: StackHash_e52f
P5: 0.0.0.0
P6: 00000000
P7: 00000100
P8:[color=red]  c0000005[/color]




Event[135]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:58.000
  Description: 
Fault bucket 591909325, type 5
Event Name: AppHangB1

Problem signature:
P1: Explorer.EXE
P2: 6.0.6002.18005
P3: 49e02a1e
P4: 8439
P5: 0
P6: 
P7: 
P8: 




Event[136]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:57.000
  Description: 
Fault bucket 1722005875, type 1
Event Name: APPCRASH

Problem signature:
P1: Steam.exe
P2: 1.0.778.935
P3: 4b22b67a
P4: tier0_s.dll
P5: 8.0.76.84
P6: 4b74a7a7
P7:[color=red]  c0000005[/color]
P8: 000117ee




Event[137]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:57.000
  Description: 
Fault bucket 1069176, type 4
Event Name: APPCRASH

Problem signature:
P1: helppane.exe
P2: 6.0.6001.18000
P3: 47919f6a
P4: helppane.exe
P5: 6.0.6001.18000
P6: 47919f6a
P7:[color=red]  c0000005[/color]
P8: 00000000000364be




Event[138]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:57.000
  Description: 
Fault bucket 236441331, type 5
Event Name: BEX

Problem signature:
P1: Oblivion.exe
P2: 1.1.0.425
P3: 444e8718
P4: StackHash_2ccd
P5: 0.0.0.0
P6: 00000000
P7: 3e4ccccd
P8:[color=red]  c0000005[/color]




Event[139]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:57.000
  Description: 
Fault bucket 388650326, type 1
Event Name: APPCRASH

Problem signature:
P1: HitmanBloodMoney.exe
P2: 0.0.0.0
P3: 4492b845
P4: HitmanBloodMoney.exe
P5: 0.0.0.0
P6: 4492b845
P7: 80000003
P8: 002a488e




Event[140]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:56.000
  Description: 
Fault bucket 183755584, type 5
Event Name: BEX

Problem signature:
P1: SWRepublicCommando.exe
P2: 0.0.0.0
P3: 41af9d88
P4: StackHash_5569
P5: 0.0.0.0
P6: 00000000
P7: 6c707544
P8:[color=red]  c0000005[/color]




Event[141]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:56.000
  Description: 
Fault bucket 1552832310, type 1
Event Name: APPCRASH

Problem signature:
P1: srcds.exe
P2: 0.0.0.0
P3: 492b6b78
P4: datacache.dll
P5: 0.0.0.0
P6: 4ae09605
P7:[color=red]  c0000005[/color]
P8: 000019b5




Event[142]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:56.000
  Description: 
Fault bucket 411610347, type 1
Event Name: APPCRASH

Problem signature:
P1: insD5D5.tmp
P2: 3.0.0.0
P3: 40daa4fa
P4: insD5D5.tmp
P5: 3.0.0.0
P6: 40daa4fa
P7:[color=red]  c0000005[/color]
P8: 00097ea6




Event[143]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:56.000
  Description: 
Fault bucket 1305943281, type 1
Event Name: APPCRASH

Problem signature:
P1: SplinterCell4.exe
P2: 0.0.0.0
P3: 4539e082
P4: ntdll.dll
P5: 6.0.6002.18005
P6: 49e03824
P7: 80000003
P8: 00010004




Event[144]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:56.000
  Description: 
Fault bucket 378261308, type 1
Event Name: APPCRASH

Problem signature:
P1: HitmanBloodMoney.exe
P2: 0.0.0.0
P3: 445e87c7
P4: HitmanBloodMoney.exe
P5: 0.0.0.0
P6: 445e87c7
P7:[color=red]  c0000005[/color]
P8: 000e9f69




Event[145]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:56.000
  Description: 
Fault bucket 97004142, type 5
Event Name: AppHangB1

Problem signature:
P1: hl2.exe
P2: 0.0.0.0
P3: 470c11ae
P4: e9e2
P5: 6144
P6: 
P7: 
P8: 




Event[146]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:55.000
  Description: 
Fault bucket 1308635014, type 1
Event Name: APPCRASH

Problem signature:
P1: defcon.exe
P2: 1.0.0.1
P3: 46892d1f
P4: Steam.dll
P5: 6.0.6002.18005
P6: 49e03824
P7: c0000135
P8: 0006f04e




Event[147]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:55.000
  Description: 
Fault bucket 421051984, type 1
Event Name: APPCRASH

Problem signature:
P1: ins1803.tmp
P2: 3.0.0.0
P3: 40daa4fa
P4: ins1803.tmp
P5: 3.0.0.0
P6: 40daa4fa
P7:[color=red]  c0000005[/color]
P8: 00097ea6




Event[148]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:55.000
  Description: 
Fault bucket 340281399, type 1
Event Name: APPCRASH

Problem signature:
P1: mm.exe
P2: 0.0.0.0
P3: 45211f69
P4: datacache.dll
P5: 0.0.0.0
P6: 4517b585
P7:[color=red]  c0000005[/color]
P8: 00009737




Event[149]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:55.000
  Description: 
Fault bucket 585942668, type 5
Event Name: AppHangB1

Problem signature:
P1: Explorer.EXE
P2: 6.0.6002.18005
P3: 49e02a1e
P4: 77eb
P5: 1
P6: 
P7: 
P8: 




Event[150]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:55.000
  Description: 
Fault bucket 1334002003, type 1
Event Name: APPCRASH

Problem signature:
P1: Fallout3.exe
P2: 1.6.0.3
P3: 4a147392
P4: Fallout3.exe
P5: 1.6.0.3
P6: 4a147392
P7: 40000015
P8: 0080c509




Event[151]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:55.000
  Description: 
Fault bucket 564457642, type 1
Event Name: APPCRASH

Problem signature:
P1: hl2.exe
P2: 0.0.0.0
P3: 4445c334
P4: studiorender.dll
P5: 0.0.0.0
P6: 47140813
P7:[color=red]  c0000005[/color]
P8: 0003198a




Event[152]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:54.000
  Description: 
Fault bucket 996535349, type 5
Event Name: AppHangB1

Problem signature:
P1: TurbineLauncher.exe
P2: 1.16.0.0
P3: 4b68683a
P4: ef71
P5: 6144
P6: 
P7: 
P8: 




Event[153]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:54.000
  Description: 
Fault bucket 642881663, type 1
Event Name: APPCRASH

Problem signature:
P1: iw3sp.exe
P2: 0.0.0.0
P3: 47044075
P4: D3DX9_34.DLL
P5: 6.0.6001.18000
P6: 4791a783
P7: c0000135
P8: 0006ecfb




Event[154]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:54.000
  Description: 
Fault bucket 1242635222, type 1
Event Name: APPCRASH

Problem signature:
P1: NavyFIELD.exe
P2: 0.0.0.0
P3: 49ee8896
P4: NavyFIELD.exe
P5: 0.0.0.0
P6: 49ee8896
P7:[color=red]  c0000005[/color]
P8: 0000337f




Event[155]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:54.000
  Description: 
Fault bucket 659889915, type 1
Event Name: APPCRASH

Problem signature:
P1: hitmanbloodmoney.exe
P2: 0.0.0.0
P3: 00000000
P4: d3dx9_27.dll
P5: 6.0.6001.18000
P6: 4791a783
P7: c0000135
P8: 0006ecfb




Event[156]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:54.000
  Description: 
Fault bucket 198587634, type 1
Event Name: APPCRASH

Problem signature:
P1: HitmanContracts.exe
P2: 1.0.0.174
P3: 00000000
P4: HitmanContracts.exe
P5: 1.0.0.174
P6: 00000000
P7:[color=red]  c0000005[/color]
P8: 001ef705




Event[157]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:53.000
  Description: 
Fault bucket 363533573, type 1
Event Name: APPCRASH

Problem signature:
P1: SGCSim v5.1.0.exe
P2: 6.0.21.0
P3: 3c85aaa3
P4: SGCSim v5.1.0.exe
P5: 6.0.21.0
P6: 3c85aaa3
P7:[color=red]  c0000005[/color]
P8: 0008b0e4




Event[158]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:53.000
  Description: 
Fault bucket 860424414, type 5
Event Name: AppHangXProcB1

Problem signature:
P1: iexplore.exe
P2: 8.0.6001.18865
P3: 4b077416
P4: 34c1
P5: 32
P6: iexplore.exe
P7: 8.0.6001.18865
P8: 




Event[159]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:53.000
  Description: 
Fault bucket 398213644, type 1
Event Name: APPCRASH

Problem signature:
P1: ins470E.tmp
P2: 3.0.0.0
P3: 40daa4fa
P4: ins470E.tmp
P5: 3.0.0.0
P6: 40daa4fa
P7:[color=red]  c0000005[/color]
P8: 00097ea6




Event[160]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:53.000
  Description: 
Fault bucket 565236292, type 1
Event Name: APPCRASH

Problem signature:
P1: mm.exe
P2: 0.0.0.0
P3: 45211f69
P4: StackHash_1eb0
P5: 0.0.0.0
P6: 00000000
P7:[color=red]  c0000005[/color]
P8: 202b6859




Event[161]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:53.000
  Description: 
Fault bucket 7881895, type 5
Event Name: AppHangB1

Problem signature:
P1: hl2.exe
P2: 0.0.0.0
P3: 4445c334
P4: 59c2
P5: 2048
P6: 
P7: 
P8: 




Event[162]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:52.000
  Description: 
Fault bucket 277613189, type 1
Event Name: APPCRASH

Problem signature:
P1: legends.exe
P2: 0.13.3.1300
P3: 44159b5d
P4: legends.exe
P5: 0.13.3.1300
P6: 44159b5d
P7:[color=red]  c0000005[/color]
P8: 0014c4ed




Event[163]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:52.000
  Description: 
Fault bucket 662418213, type 1
Event Name: APPCRASH

Problem signature:
P1: HitmanBloodMoney.exe
P2: 0.0.0.0
P3: 00000000
P4: MSVCR71.dll
P5: 6.0.6001.18000
P6: 4791a783
P7: c0000135
P8: 0006ecfb




Event[164]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:52.000
  Description: 
Fault bucket 17537480, type 5
Event Name: BEX

Problem signature:
P1: Battlestationsmidway.exe
P2: 0.0.0.0
P3: 45a3c4c5
P4: Battlestationsmidway.exe
P5: 0.0.0.0
P6: 45a3c4c5
P7: 005cbe85
P8: c000000d




Event[165]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:52.000
  Description: 
Fault bucket 1382646181, type 1
Event Name: APPCRASH

Problem signature:
P1: RelicCOH.exe
P2: 1.71.0.10609
P3: 469ebcb9
P4: atidxx32.dll
P5: 8.15.10.212
P6: 4a4cea11
P7:[color=red]  c0000005[/color]
P8: 00019768




Event[166]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:52.000
  Description: 
Fault bucket 97622333, type 5
Event Name: AppHangB1

Problem signature:
P1: hl2.exe
P2: 0.0.0.0
P3: 470c11ae
P4: 6a57
P5: 6144
P6: 
P7: 
P8: 




Event[167]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:52.000
  Description: 
Fault bucket 1318254072, type 1
Event Name: APPCRASH

Problem signature:
P1: il2fb.exe
P2: 0.0.0.0
P3: 3e4362be
P4: rts.dll
P5: 6.0.6002.18005
P6: 49e03824
P7: c0000142
P8: 0006f04e


Event[168]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:51.000
  Description: 
Fault bucket 953395575, type 5
Event Name: AppHangB1

Problem signature:
P1: firefox.exe
P2: 1.9.2.3667
P3: 4b5102f0
P4: 28c6
P5: 4
P6: 
P7: 
P8: 


Event[169]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:51.000
  Description: 
Fault bucket 563420123, type 5
Event Name: BEX

Problem signature:
P1: ExeFile.exe
P2: 6.10.1.22539
P3: 4a01b457
P4: python25.dll
P5: 2.5.3100.1013
P6: 49830d07
P7: 0002be77
P8: c0000409


Event[170]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:51.000
  Description: 
Fault bucket 1380994484, type 1
Event Name: APPCRASH

Problem signature:
P1: RelicCOH.exe
P2: 1.71.0.10609
P3: 469ebcb9
P4: atidxx32.dll
P5: 8.15.10.212
P6: 4a4cea11
P7:[color=red]  c0000005[/color]
P8: 000196fe



Event[171]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:39:51.000
  Description: 
Fault bucket 1546994726, type 1
Event Name: APPCRASH

Problem signature:
P1: hoi3game.exe
P2: 0.0.0.0
P3: 4af3f6d3
P4: hoi3game.exe
P5: 0.0.0.0
P6: 4af3f6d3
P7:[color=red]  c0000005[/color]
P8: 003feacd


Event[172]:
  Source: Application Hang
  Date: 2010-04-05  T  19:37:45.000
  Description: 
The program GTAIV.exe version 1.0.0.4 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 404 Start Time: 01cad5187885f087 Termination Time: 11

Event[173]:
  Source: Windows Error Reporting
  Date: 2010-04-05  T  19:37:45.000
  Description: 
Fault bucket 798351518, type 5
Event Name: AppHangB1

Problem signature:
P1: GTAIV.exe
P2: 1.0.0.4
P3: 4ab94397
P4: bd5e
P5: 2048
P6: 
P7: 
P8: 


Event[174]:
  Source: XLive
  Date: 2010-04-05  T  19:34:55.000
  Description: 
Title GTAIV.exe (1, 0, 0, 4) XLive 3.1.0099.0 (WGX_XLIVE_V3.01_RTM.091106-1035) C:\Windows\system32\xlive.dll  
0x80151000

XLive Logon Failed

00:3B:42:80:90:83
0.0.0.0
0xfb0000000045f7ad
LogonHR == 0x80151000
Games for Windows - LIVE DLL

Event[175]:
  Source: XLive
  Date: 2010-04-05  T  19:31:39.000
  Description: 
Title GTAIV.exe (1, 0, 0, 4) XLive 3.1.0099.0 (WGX_XLIVE_V3.01_RTM.091106-1035) C:\Windows\system32\xlive.dll  
0x80151911

Live Logon Failed

00:3B:42:80:90:83
192.168.2.2
0xfb0000000045f7ad
LogonHR == 0x80150002
Games for Windows - LIVE DLL

Event[176]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:28:55.000
  Description: 
A request to disable the Desktop Window Manager was made by process (4892)

Event[177]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:28:54.000
  Description: 
The Desktop Window Manager was unable to start because composition was disabled by a running application

Event[178]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:28:54.000
  Description: 
A request to disable the Desktop Window Manager was made by process (5032)

Event[179]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:28:05.000
  Description: 
The Desktop Window Manager was unable to start because composition was disabled by a running application

Event[180]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:28:05.000
  Description: 
A request to disable the Desktop Window Manager was made by process (Grand Theft Auto IV)

Event[181]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:27:27.000
  Description: 
The Desktop Window Manager was unable to start because composition was disabled by a running application

Event[182]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:27:27.000
  Description: 
A request to disable the Desktop Window Manager was made by process (Grand Theft Auto IV)

Event[183]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:27:24.000
  Description: 
The Desktop Window Manager was unable to start because composition was disabled by a running application

Event[184]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:27:24.000
  Description: 
A request to disable the Desktop Window Manager was made by process (Grand Theft Auto IV)

Event[185]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:26:06.000
  Description: 
The Desktop Window Manager was unable to start because composition was disabled by a running application

Event[186]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:26:06.000
  Description: 
A request to disable the Desktop Window Manager was made by process (5124)

Event[187]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:26:05.000
  Description: 
The Desktop Window Manager was unable to start because composition was disabled by a running application

Event[188]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:26:05.000
  Description: 
A request to disable the Desktop Window Manager was made by process (4764)

Event[189]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:24:02.000
  Description: 
The Desktop Window Manager was unable to start because composition was disabled by a running application

Event[190]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:24:02.000
  Description: 
A request to disable the Desktop Window Manager was made by process (Grand Theft Auto IV)

Event[191]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:23:59.000
  Description: 
The Desktop Window Manager was unable to start because composition was disabled by a running application

Event[192]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:23:59.000
  Description: 
A request to disable the Desktop Window Manager was made by process (Grand Theft Auto IV)

Event[193]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:23:23.000
  Description: 
The Desktop Window Manager was unable to start because composition was disabled by a running application

Event[194]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:23:23.000
  Description: 
A request to disable the Desktop Window Manager was made by process (Grand Theft Auto IV)

Event[195]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:23:20.000
  Description: 
The Desktop Window Manager was unable to start because composition was disabled by a running application

Event[196]:
  Source: Desktop Window Manager
  Date: 2010-04-05  T  19:23:20.000
  Description: 
A request to disable the Desktop Window Manager was made by process (Grand Theft Auto IV)
[/font]
```

`

Having that many crashes in 21 minutes would probably end with my laptop being trown out the window. Honestly, how do you tolerate such?




Nuclear_Bob said:


> Now everyone knows I played WoW,  but seriously, I ran a ton of add-ons (interface mods) and they would cause a crash A LOT.
> 
> MM.exe is for a game called Dark Messiah Might & Magic. That is a fairly old game not meant for vista and doesn't play well with it often, game play was better after I patched it.


In the above code boxes, WoW is not listed, nor is Dark Messiah.



Nuclear_Bob said:


> As for magic jack that I keep having to Unplug / crash / kill because it pops up and annoys me while I game (I do know why.) I just haven't moved it back to my remote PC because I was troubleshooting it (unrelated.)


Use SysInternals AutoRuns to prevent Majic Jack pop-up window -

Live SysInternals AutoRuns --> http://live.sysinternals.com/autoruns.exe




Nuclear_Bob said:


> EQ - (which I have only played 2 times or so) Had some sort of Alt tab issue and it's launcher was not working properly, issue with Steam (steampowered.com) which I finally fixed, worked fine. No longer installed.
> 
> HitmanBloodMoney.exe & SplinterCell4.exe (SC4UpdateLauncher.exe) Hitman was fixed, general vista incompatibility, was fixed in a patch as well as splinter cell (same as MM.) Splinter Cell I had running at a non-standard resolution as well which I'm sure didn't help.


*APPCRASH* - 5 April 2010
13 - Hitman
1- SC4
3 - Splintercell4
3 - mm





jcgriff2 said:


> Another mm.exe crash -
> 
> ```
> [font=lucida console]
> ...


When I see 3.5 year old drivers listed in crashes, especially ones that were released prior to the OS itself (Vista SP0 drivers = Nov 2006; your SP2 drivers mostly April 2009, with many being updated to 2010 now), I question whether or not they were written with Vista SP2 or even Vista in mind, i.e., are they violating Vista kernel law..? Not sure yet on this one. Also, x64 possibly comes into play because of re-direction of x86 apps to \syswow64 and 6432node in HKLM, while the pure x64 \system32 becomes \sysnative - x86 cannot access \system32. Run HJT sometime and review the output. Many "missing" files - not true. x86 apps like HJT believe and report they are in \system32, when they are really in \syswow64. 



jcgriff2 said:


> Has anyone yet suggested that you re-install Vista and try installing NAVYField before any others?
> 
> 
> 
> ...


Actually, after reading PM info and reviewing files again, maybe not. I'll reserve final "reinstall judgment" after you do the following, please - 

Remove Ad-Aware from your system. It's firewall is the likely culprit behind the *0xc0000005* exception crashes. Any 3rd party firewall in Vista or Windows 7 tends to block local ports used by system services causing them to crash.

Use Revo or your favorite uninstaller as I don't have a removal tool for Ad-Aware -

Revo --> http://www.revouninstaller.com/revo_uninstaller_free_download.html

Uninstall any other a/v, a/malware protection. Re-boot after each removal to allow boot and kernel mode drivers to be removed. Then install MSE -

Microsoft Security Essentials --> http://www.microsoft.com/security_essentials/

Then run the System File Checker/ repair utility - SFC. Bring up elevated admin cmd/DOS prompt -
START | *cmd.exe* | right-click on cmd.exe | select "Run as Administrator" -

```
[font=lucida console]sfc /scannow[/font]
```
Upon completion re-boot to allow files in use to be repaired.

SFC general info --> http://support.microsoft.com/kb/936212

SFC & the CBS log --> http://support.microsoft.com/kb/928228


Regards. . .

jcgriff2

.


----------



## jcgriff2 (Sep 30, 2007)

Hi -

One last thing for tonight - 3 BSODs, rather unimportant at this point since the most recent one was 8 December 2009.

I see two 0xc0000005 exceptions. . . hmmm... Ad-Aware?? YES.

Regards. . .

jcgriff2

.

BUGCHECK SUMMARY 

```
[font=lucida console]  
Built by: 6002.18082.amd64fre.vistasp2_gdr.090803-2339
Debug session time: Tue Dec  8 10:41:45.942 2009 (GMT-4)
System Uptime: 0 days 0:00:49.056
BugCheck 1000007E, {[COLOR=Red]ffffffffc0000005[/COLOR], fffff800026bc18a, fffffa6001bbfa88, fffffa6001bbf460}
Probably caused by : ntkrnlmp.exe ( nt!CmpDelayDerefKCBWorker+be )
PROCESS_NAME:  System
BUGCHECK_STR:  0x7E
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨
Built by: 6002.18082.amd64fre.vistasp2_gdr.090803-2339
Debug session time: Wed Nov 25 03:47:18.532 2009 (GMT-4)
System Uptime: 0 days 11:08:07.867
BugCheck 3B, {[COLOR=red]c0000005[/COLOR], fffff960000af2c0, fffffa600b801f70, 0}
Probably caused by : win32k.sys ( win32k!PFEOBJ::vFreepfdg+e8 )
BUGCHECK_STR:  0x3B
PROCESS_NAME:  left4dead.exe
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨
Built by: 6002.18005.amd64fre.lh_sp2rtm.090410-1830
Debug session time: Sat Jul 25 05:31:05.157 2009 (GMT-4)
System Uptime: 0 days 8:23:32.324
BugCheck 100000EA, {fffffa8005d85060, 0, 0, 0}
*** WARNING: Unable to verify timestamp for atikmdag.sys
*** ERROR: Module load completed but symbols could not be loaded for atikmdag.sys
Probably caused by : dxgkrnl.sys ( dxgkrnl!TdrTimedOperationBugcheckOnTimeout+37 )
BUGCHECK_STR:  0xEA
PROCESS_NAME:  wmplayer.exe


¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨

[/font]
```


----------



## Nuclear_Bob (Apr 2, 2010)

> Not being a gamer myself, I assume the purpose to disable DWM is due to themes? What I don't quite understand is why different games repeatedly "request to disable DWM..", nor the amount of APPCRASHes/ APPHANGs.


Yes, I think so a lot of fullscreen games do not like Aero.




> 2 PnP device errors - Realtek Ethernet - needs update
> Code:
> 
> 
> ...


Was updated ago Month off the Mobo Manufacturer's Webpage. The windows update driver causes device failure.



> Having that many crashes in 21 minutes would probably end with my laptop being trown out the window. Honestly, how do you tolerate such?





> APPCRASH - 5 April 2010
> 13 - Hitman
> 1- SC4
> 3 - Splintercell4
> 3 - mm



That might of been from error reporting, sending crashes that I originally hadn't. Not sure exactly how that works though. SC4 Has NOT been open this month. And Hitman HAS NOT crashed this month or last month that I can remember. Not saying you are wrong, just that I'm not sure about that timetable.



> Remove Ad-Aware from your system. It's firewall is the likely culprit behind the 0xc0000005 exception crashes. Any 3rd party firewall in Vista or Windows 7 tends to block local ports used by system services causing them to crash.
> 
> Use Revo or your favorite uninstaller as I don't have a removal tool for Ad-Aware -
> 
> ...


We'll see, I'm pretty sure I have posted that the program still crashes in safe mode with the same message. I'm fairly Ad-aware has been on my system while the program worked. I'm not shooting you down, I will remove it but, SB S&D will stay on as well as AVG, unless I can dig up information on them. (Both AVG and SB S&D have worked for years along NF.) I'll post back tomorrow most likely, as there's a lot to fiddle with and re-install. Thanks.


----------



## jcgriff2 (Sep 30, 2007)

Good point on WERCON crash info. If you sent/ reported them on April 5, they would have been recorded on April 5, regardless of actual crash date.

However, please see attachment. You installed Vista on 14 May 2009, and the crashes (reporting) begins on 15 May 2009.

1491 APPCRASH
318 APPHANG

1,366 = 0xc0000005 exceptions

1366/ 1491 = 92%

My money right now is on Ad-Aware.

S&D, AVG fine with me. After Ad-Aware removal, be sure to reset Windows Firewall.

Regards. . .

jcgriff2

.


----------



## Nuclear_Bob (Apr 2, 2010)

> However, please see attachment. You installed Vista on 14 May 2009, and the crashes (reporting) begins on 15 May 2009.


I have not had ad-aware on that long.



> After Ad-Aware removal, be sure to reset Windows Firewall.


Firewall was never turned off.


Still fiddling, atm need to re-install and patch NF.


----------



## Nuclear_Bob (Apr 2, 2010)

*UPDATE* Did NOT work. Should I see if I can update drivers or try something else? I'll check back tomorrow. Thanks for your patience and continued help.


----------



## jcgriff2 (Sep 30, 2007)

Did you run SFC?

I noticed in the screenshots - "Windows Experience Index - unrated" - click on it and allow WINSAT to run.

Deamon Tools/ Alcohol 120 driver sptd.sys is known to cause crashes in Vista/ Windows 7. Please uninstall the offending app.

Windows Defender is starting up. You have S&D.

You should not have 2 firewalls on at the same time. Reset Windows Firewall to default settings now that Ad-aware is gone. It may not have solved current issue with NAVYField app, but with its removal along with Ad-Aware, the 0xc0000005 exception crashes should calm considerably.

3DMark06 driver - this 2004 version was written for XP x64 -

```
[FONT=Lucida Console]
Module Name:       ENTECH64
Display Name:      ENTECH64
Driver Type:       Kernel 
Link Date:         3/26/2004 7:44:04 AM
[/FONT]
```
Test your 3rd party drivers.

Run --> *DRIVER VERIFIER - Windows 7 & Vista *

The goal is for system to BSOD - if driver verifier flags a driver. Allow it to run 24-36 hours in the background. Use system as usual.

Regards. . .

jcgriff2

.


----------



## Nuclear_Bob (Apr 2, 2010)

> I noticed in the screenshots - "Windows Experience Index - unrated" - click on it and allow WINSAT to run.


I have run it a few times but, after a while it goes back to unrated. Never looked into it seemed kinda minor.



> Windows Defender is starting up. You have S&D.


I looked Windows Defender is off.


----------



## Nuclear_Bob (Apr 2, 2010)

> Deamon Tools/ Alcohol 120 driver sptd.sys is known to cause crashes in Vista/ Windows 7. Please uninstall the offending app.


I see it in memory but, I can't find the program associated with it. I have looked through to see if I saw it in MSCONFIG but, I did not find it. Should I just delete the .sys file out of the system32 directory?


----------



## Nuclear_Bob (Apr 2, 2010)

> Did you run SFC?


Did not find any integrity violations.


----------



## Nuclear_Bob (Apr 2, 2010)

So anyway, I got bored and deleted sptd.sys. Shortly after my computer started to act odd (seemed like processor was at full load), so I went to reboot and it BSOD'd. I did not have the driver verifier minidump thing on for sptd.sys as I thought I wouldn't need it, since I was getting rid of it. In anycase here is the relevant info. I'll keep the driver verifiyer running for a while to be sure there's not another BSOD from something else.


----------



## Nuclear_Bob (Apr 2, 2010)

Another BSOD on reboot, attaching DMP for good measure.


----------



## pat mcgroin (May 1, 2009)

Referencing JCs post #30 and #33
and since it is a older application.

Please give this a try.
Create a shortcut to the desktop if not already there.
In properties|compatibility check the disable visual themes box.

I am wondering if due to the age of the app., if it is possible that that windows is not doing the reversion to a standard desktop.
I myself have had issues with this especially when I ran the live wallpaper or what ever it was callled.
I am not referring to live desktop, but I cant recall the exact name offhand.


----------



## Nuclear_Bob (Apr 2, 2010)

Pat: 

I have went over all that before I was here and while I was here as well. Thanks for the reply anyway.


----------



## jcgriff2 (Sep 30, 2007)

Hi - 

Run SysInternals AutoRuns at elevated admin level, go to "logon" tab - you'll see Windows Defender. Un-check the box.

Live SysInternals AutoRuns --> http://live.sysinternals.com/autoruns.exe 

WINSAT - delete all XML files in *C:\Windows\Performance\WinSAT\DataStore*

START | *cmd.exe* | RIGHT-click on cmd.exe | Run as Admin -

```
[font=lucida console]
del /q %windir%\Performance\WinSAT\DataStore\*.xml
[/font]
```
Re-run WINSAT.

How is driver verifier doing?

From the same elevated cmd/DOS prompt - *verifier /query*

Regards. . .

jcgriff2

.


----------



## Nuclear_Bob (Apr 2, 2010)

> How is driver verifier doing?
> 
> From the same elevated cmd/DOS prompt - verifier /query


Look at the BSODs. Verifier query window does not stay open. I have turned off the verifier off after my 3rd restart BSOD because I think the restart error reports are eating my HDD bandwidth. I can't post when firefox refuses to respond. I'll be checking back tomorrow, if I can get this performance issue straightened out.


----------



## jcgriff2 (Sep 30, 2007)

For some reason I was end of p1 of thread and did not see p2 w/ the dump files. I'll run them shortly.

For *sptd.sys* - 

- create system restore point
- open *regedit* - go to *HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services*
- scroll down to *sptd.sys* - 2x-click on it
- look for "Start"
- 2x-click on blue icon next to "Start"
- change DWORD to "*4*" - disable
- re-boot

I'll run dumps, but it sounds like there are driver issues in your system.

The dumps will hopefully provides insight.

Regards. . .

jcgriff2

.


----------



## jcgriff2 (Sep 30, 2007)

Hi - 

Driver Verifier flagged *gdrv.sys* = Gigabyte Easy Saver - mobo power utility driver for CPU - in 55 seconds flat

*0xc1 (,,,0x24)* = attempt made to free memory area beyond allocation in special pool; corruption detected


```
[font=lucida console]  
gdrv.sys     Fri Dec 05 19:57:14 2008 (4939CDEA)
[/font]
```
Update it and all other mobo related drivers.

Gigabyte driver download --> http://www.gigabyte.com.tw/Support/Motherboard/Driver_List.aspx

Then run Driver Verifier again.

Regards. . .

jcgriff2

.


BUGCHECK SUMMARY -- VERIFIER_ENABLED_VISTA_MINIDUMP 

```
[font=lucida console]  
Built by: 6002.18160.amd64fre.vistasp2_gdr.091208-0542
Debug session time: Wed Apr  7 15:26:27.935 2010 (GMT-4)
System Uptime: 0 days 0:55:18.119
BugCheck C1, {fffff980306f4ff0, fffff980306f4ffc, db000c, 24}
*** WARNING: Unable to verify timestamp for gdrv.sys
*** ERROR: Module load completed but symbols could not be loaded for gdrv.sys
Probably caused by : gdrv.sys ( gdrv+2cc0 )
BUGCHECK_STR:  0xC1_24
DEFAULT_BUCKET_ID:  VERIFIER_ENABLED_VISTA_MINIDUMP
PROCESS_NAME:  essvr.exe
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨
Built by: 6002.18160.amd64fre.vistasp2_gdr.091208-0542
Debug session time: Wed Apr  7 14:30:32.931 2010 (GMT-4)
System Uptime: 0 days 3:58:41.330
BugCheck C1, {fffff9803b49cff0, fffff9803b49cffc, d000c, 24}
*** WARNING: Unable to verify timestamp for gdrv.sys
*** ERROR: Module load completed but symbols could not be loaded for gdrv.sys
Probably caused by : gdrv.sys ( gdrv+2cc0 )
BUGCHECK_STR:  0xC1_24
DEFAULT_BUCKET_ID:  VERIFIER_ENABLED_VISTA_MINIDUMP
PROCESS_NAME:  essvr.exe
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨

[/font]
```

Vista SP2 x64 - VERIFIER_ENABLED - - 0xc1 (,,,0x24) 

```
[font=lucida console] 
Opened log file 'C:\Users\PalmDesert7\_jcgriff2_\dbug\__Kernel__\_99-dbug.txt'

Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\PalmDesert7\_jcgriff2_\dbug\__Kernel__\Mini040710-02.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6002.18160.amd64fre.vistasp2_gdr.091208-0542
Machine Name:
Kernel base = 0xfffff800`01e48000 PsLoadedModuleList = 0xfffff800`0200cdd0
Debug session time: Wed Apr  7 15:26:27.935 2010 (GMT-4)
System Uptime: 0 days 0:55:18.119
Loading Kernel Symbols
...............................................................
................................................................
...........
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck C1, {fffff980306f4ff0, fffff980306f4ffc, db000c, 24}

Unable to load image \??\C:\Windows\gdrv.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for gdrv.sys
*** ERROR: Module load completed but symbols could not be loaded for gdrv.sys
Probably caused by : gdrv.sys ( gdrv+2cc0 )

Followup: MachineOwner
---------

0: kd> !analyze -v;r;kv;lmtn;lmtsmn;.bugcheck;.logclose;q
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SPECIAL_POOL_DETECTED_MEMORY_CORRUPTION (c1)
Special pool has detected memory corruption.  Typically the current thread's
stack backtrace will reveal the guilty party.
Arguments:
Arg1: fffff980306f4ff0, address trying to free
Arg2: fffff980306f4ffc, address where bits are corrupted
Arg3: 0000000000db000c, (reserved)
Arg4: 0000000000000024, caller is freeing an address where bytes after the end of the allocation have been overwritten

Debugging Details:
------------------


BUGCHECK_STR:  0xC1_24

SPECIAL_POOL_CORRUPTION_TYPE:  24

CUSTOMER_CRASH_COUNT:  2

DEFAULT_BUCKET_ID:  VERIFIER_ENABLED_VISTA_MINIDUMP

PROCESS_NAME:  essvr.exe

CURRENT_IRQL:  1

IRP_ADDRESS:  ffffffffffffff88

LAST_CONTROL_TRANSFER:  from fffff80001f40f44 to fffff80001ea2450

STACK_TEXT:  
fffffa60`0903f318 fffff800`01f40f44 : 00000000`000000c1 fffff980`306f4ff0 fffff980`306f4ffc 00000000`00db000c : nt!KeBugCheckEx
fffffa60`0903f320 fffff800`01f7b1bc : fffff800`01e48000 00000000`20206f49 00000000`0014ee3b fffffa80`07df5e60 : nt!MmFreeSpecialPool+0x414
fffffa60`0903f460 fffff800`01eb7a9e : 001df5c8`001df5c4 001df5f0`001df5ec 001df610`001df60c 001df618`001df614 : nt!ExDeferredFreePool+0x701
fffffa60`0903f510 fffff800`01ec3bae : 00000000`00000000 fffffa80`080ed7d0 fffffa60`0903f670 00000000`00000000 : nt!IopCompleteRequest+0x47e
fffffa60`0903f5d0 fffff800`01ec7613 : fffffa60`0903f6f0 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDeliverApc+0x19e
fffffa60`0903f670 fffff800`01eab94d : fffff980`26556ee0 fffffa80`07f67300 fffff980`26556f58 fffff980`26556fb3 : nt!KiApcInterrupt+0x103
fffffa60`0903f800 fffff800`022a4853 : fffff980`26556ee0 fffff800`0229a100 ffff1a23`faac101f fffffa80`07f673b0 : nt!IopfCompleteRequest+0x68d
fffffa60`0903f8b0 fffffa60`0ab12cc0 : fffffa60`0ab135a0 00000000`00000008 00000000`00000000 fffff980`26556fb0 : nt!IovCompleteRequest+0x43
fffffa60`0903f990 fffffa60`0ab135a0 : 00000000`00000008 00000000`00000000 fffff980`26556fb0 fffffa80`07f67260 : gdrv+0x2cc0
fffffa60`0903f998 00000000`00000008 : 00000000`00000000 fffff980`26556fb0 fffffa80`07f67260 00000000`00000001 : gdrv+0x35a0
fffffa60`0903f9a0 00000000`00000000 : fffff980`26556fb0 fffffa80`07f67260 00000000`00000001 fffff980`26556ff8 : 0x8


STACK_COMMAND:  kb

FOLLOWUP_IP: 
gdrv+2cc0
fffffa60`0ab12cc0 ??              ???

SYMBOL_STACK_INDEX:  8

SYMBOL_NAME:  gdrv+2cc0

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: gdrv

IMAGE_NAME:  gdrv.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4939cdea

FAILURE_BUCKET_ID:  X64_0xC1_24_VRF_gdrv+2cc0

BUCKET_ID:  X64_0xC1_24_VRF_gdrv+2cc0

Followup: MachineOwner
---------

rax=0000000000000004 rbx=0000000000000001 rcx=00000000000000c1
rdx=fffff980306f4ff0 rsi=fffff980306f4000 rdi=fffff980306f4ff0
rip=fffff80001ea2450 rsp=fffffa600903f318 rbp=fffffa600903f350
 r8=fffff980306f4ffc  r9=0000000000db000c r10=0000000000000000
r11=00000000000000db r12=fffff6fcc01837a0 r13=0000000000000000
r14=000000000000000c r15=0000000000001000
iopl=0         ov up ei ng nz ac pe cy
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00000a93
nt!KeBugCheckEx:
fffff800`01ea2450 48894c2408      mov     qword ptr [rsp+8],rcx ss:0018:fffffa60`0903f320=00000000000000c1
Child-SP          RetAddr           : Args to Child                                                           : Call Site
fffffa60`0903f318 fffff800`01f40f44 : 00000000`000000c1 fffff980`306f4ff0 fffff980`306f4ffc 00000000`00db000c : nt!KeBugCheckEx
fffffa60`0903f320 fffff800`01f7b1bc : fffff800`01e48000 00000000`20206f49 00000000`0014ee3b fffffa80`07df5e60 : nt!MmFreeSpecialPool+0x414
fffffa60`0903f460 fffff800`01eb7a9e : 001df5c8`001df5c4 001df5f0`001df5ec 001df610`001df60c 001df618`001df614 : nt!ExDeferredFreePool+0x701
fffffa60`0903f510 fffff800`01ec3bae : 00000000`00000000 fffffa80`080ed7d0 fffffa60`0903f670 00000000`00000000 : nt!IopCompleteRequest+0x47e
fffffa60`0903f5d0 fffff800`01ec7613 : fffffa60`0903f6f0 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDeliverApc+0x19e
fffffa60`0903f670 fffff800`01eab94d : fffff980`26556ee0 fffffa80`07f67300 fffff980`26556f58 fffff980`26556fb3 : nt!KiApcInterrupt+0x103 (TrapFrame @ fffffa60`0903f670)
fffffa60`0903f800 fffff800`022a4853 : fffff980`26556ee0 fffff800`0229a100 ffff1a23`faac101f fffffa80`07f673b0 : nt!IopfCompleteRequest+0x68d
fffffa60`0903f8b0 fffffa60`0ab12cc0 : fffffa60`0ab135a0 00000000`00000008 00000000`00000000 fffff980`26556fb0 : nt!IovCompleteRequest+0x43
fffffa60`0903f990 fffffa60`0ab135a0 : 00000000`00000008 00000000`00000000 fffff980`26556fb0 fffffa80`07f67260 : gdrv+0x2cc0
fffffa60`0903f998 00000000`00000008 : 00000000`00000000 fffff980`26556fb0 fffffa80`07f67260 00000000`00000001 : gdrv+0x35a0
fffffa60`0903f9a0 00000000`00000000 : fffff980`26556fb0 fffffa80`07f67260 00000000`00000001 fffff980`26556ff8 : 0x8
start             end                 module name
fffff800`01e02000 fffff800`01e48000   hal      hal.dll      Sat Apr 11 03:04:56 2009 (49E04118)
fffff800`01e48000 fffff800`02360000   nt       ntkrnlmp.exe Tue Dec 08 12:18:34 2009 (4B1E8A6A)
fffff960`00050000 fffff960`00304000   win32k   win32k.sys   Fri Aug 14 09:42:57 2009 (4A8569E1)
fffff960`004e0000 fffff960`004ea000   TSDDD    TSDDD.dll    Sat Jan 19 01:42:04 2008 (47919BBC)
fffff960`006d0000 fffff960`006e1000   cdd      cdd.dll      unavailable (00000000)
fffffa60`00603000 fffffa60`0060d000   kdcom    kdcom.dll    Sat Apr 11 03:07:57 2009 (49E041CD)
fffffa60`0060d000 fffffa60`00621000   PSHED    PSHED.dll    Sat Apr 11 03:08:17 2009 (49E041E1)
fffffa60`00621000 fffffa60`0067e000   CLFS     CLFS.SYS     Sat Apr 11 00:54:21 2009 (49E0227D)
fffffa60`0067e000 fffffa60`00730000   CI       CI.dll       Sat Apr 11 03:08:09 2009 (49E041D9)
fffffa60`00730000 fffffa60`00796000   volmgrx  volmgrx.sys  Sat Apr 11 01:35:14 2009 (49E02C12)
fffffa60`00796000 fffffa60`007ba000   ataport  ataport.SYS  Sat Apr 11 01:34:25 2009 (49E02BE1)
fffffa60`007ba000 fffffa60`007d5000   jraid    jraid.sys    Mon Nov 03 21:20:09 2008 (490FB159)
fffffa60`007d5000 fffffa60`007f7000   luafv    luafv.sys    Sat Jan 19 00:59:06 2008 (479191AA)
fffffa60`0080b000 fffffa60`008e5000   Wdf01000 Wdf01000.sys Sat Jan 19 01:33:27 2008 (479199B7)
fffffa60`008e5000 fffffa60`008f3000   WDFLDR   WDFLDR.SYS   Sat Jan 19 01:32:33 2008 (47919981)
fffffa60`008f3000 fffffa60`00949000   acpi     acpi.sys     Sat Apr 11 01:03:26 2009 (49E0249E)
fffffa60`00949000 fffffa60`00952000   WMILIB   WMILIB.SYS   Sat Jan 19 01:33:45 2008 (479199C9)
fffffa60`00952000 fffffa60`0095c000   msisadrv msisadrv.sys Sat Jan 19 01:02:50 2008 (4791928A)
fffffa60`0095c000 fffffa60`0098c000   pci      pci.sys      Sat Apr 11 01:03:33 2009 (49E024A5)
fffffa60`0098c000 fffffa60`009a1000   partmgr  partmgr.sys  Sat Apr 11 01:34:51 2009 (49E02BFB)
fffffa60`009a1000 fffffa60`009b5000   volmgr   volmgr.sys   Sat Apr 11 01:34:49 2009 (49E02BF9)
fffffa60`009b5000 fffffa60`009bc000   pciide   pciide.sys   Sat Apr 11 01:34:28 2009 (49E02BE4)
fffffa60`009bc000 fffffa60`009cc000   PCIIDEX  PCIIDEX.SYS  Sat Apr 11 01:34:22 2009 (49E02BDE)
fffffa60`009cc000 fffffa60`009df000   mountmgr mountmgr.sys Sat Jan 19 01:28:01 2008 (47919871)
fffffa60`009df000 fffffa60`009e7000   atapi    atapi.sys    Sat Apr 11 01:34:19 2009 (49E02BDB)
fffffa60`009e7000 fffffa60`009ff000   rspndr   rspndr.sys   Sat Jan 19 01:35:48 2008 (47919A44)
fffffa60`00a0a000 fffffa60`00a38000   SCSIPORT SCSIPORT.SYS Sat Jan 19 01:28:52 2008 (479198A4)
fffffa60`00a38000 fffffa60`00a7f000   fltmgr   fltmgr.sys   Sat Apr 11 00:54:38 2009 (49E0228E)
fffffa60`00a7f000 fffffa60`00a93000   fileinfo fileinfo.sys Sat Jan 19 01:05:23 2008 (47919323)
fffffa60`00a93000 fffffa60`00b1a000   ksecdd   ksecdd.sys   Mon Jun 15 09:15:18 2009 (4A364966)
fffffa60`00b1a000 fffffa60`00b6a000   msrpc    msrpc.sys    unavailable (00000000)
fffffa60`00b6a000 fffffa60`00bc3000   NETIO    NETIO.SYS    Sat Apr 11 01:43:34 2009 (49E02E06)
fffffa60`00bc3000 fffffa60`00bcf000   tunnel   tunnel.sys   Sat Jan 19 01:36:44 2008 (47919A7C)
fffffa60`00bcf000 fffffa60`00bd8000   tunmp    tunmp.sys    Sat Jan 19 01:36:30 2008 (47919A6E)
fffffa60`00bd8000 fffffa60`00beb000   processr processr.sys Sat Jan 19 00:52:45 2008 (4791902D)
fffffa60`00beb000 fffffa60`00bf4000   wmiacpi  wmiacpi.sys  Sat Jan 19 01:02:42 2008 (47919282)
fffffa60`00c0e000 fffffa60`00dd1000   ndis     ndis.sys     Sat Apr 11 01:43:15 2009 (49E02DF3)
fffffa60`00dd1000 fffffa60`00dfd000   CLASSPNP CLASSPNP.SYS Sat Apr 11 01:34:15 2009 (49E02BD7)
fffffa60`00e08000 fffffa60`00f7e000   tcpip    tcpip.sys    Tue Dec 08 12:56:33 2009 (4B1E9351)
fffffa60`00f7e000 fffffa60`00faa000   fwpkclnt fwpkclnt.sys Sat Apr 11 01:42:44 2009 (49E02DD4)
fffffa60`00faa000 fffffa60`00fd6000   ecache   ecache.sys   Sat Apr 11 01:36:18 2009 (49E02C52)
fffffa60`00fd6000 fffffa60`00fea000   disk     disk.sys     Sat Apr 11 01:34:38 2009 (49E02BEE)
fffffa60`01000000 fffffa60`0100a000   crcdisk  crcdisk.sys  Sat Jan 19 01:30:12 2008 (479198F4)
fffffa60`0100e000 fffffa60`0118e000   Ntfs     Ntfs.sys     Sat Apr 11 00:55:38 2009 (49E022CA)
fffffa60`0118e000 fffffa60`011d2000   volsnap  volsnap.sys  Sat Apr 11 01:35:33 2009 (49E02C25)
fffffa60`011d2000 fffffa60`011da000   spldr    spldr.sys    Mon Jan 12 16:51:29 2009 (496BBB61)
fffffa60`011da000 fffffa60`011e1000   speedfan speedfan.sys Sun Sep 24 09:26:48 2006 (45168798)
fffffa60`011e1000 fffffa60`011f3000   mup      mup.sys      Sat Apr 11 00:54:47 2009 (49E02297)
fffffa60`011f3000 fffffa60`011fb000   AtiPcie  AtiPcie.sys  Tue May 05 11:00:22 2009 (4A005486)
fffffa60`0280b000 fffffa60`0283f000   atikmpag atikmpag.sys Tue Mar 02 22:07:33 2010 (4B8DD275)
fffffa60`0283f000 fffffa60`0292c000   HDAudBus HDAudBus.sys Sat Apr 11 01:39:38 2009 (49E02D1A)
fffffa60`0292c000 fffffa60`0293d000   usbehci  usbehci.sys  Sat Apr 11 01:39:36 2009 (49E02D18)
fffffa60`0293d000 fffffa60`02959000   cdrom    cdrom.sys    Sat Apr 11 01:34:39 2009 (49E02BEF)
fffffa60`02959000 fffffa60`02976000   serial   serial.sys   Sat Jan 19 01:28:41 2008 (47919899)
fffffa60`02976000 fffffa60`02982000   serenum  serenum.sys  Sat Jan 19 01:28:36 2008 (47919894)
fffffa60`02982000 fffffa60`029bb000   msiscsi  msiscsi.sys  Sat Apr 11 01:36:09 2009 (49E02C49)
fffffa60`029bb000 fffffa60`029e7e00   RtHDMIVX RtHDMIVX.sys Thu Dec 25 04:30:47 2008 (495352C7)
fffffa60`029e8000 fffffa60`029fc000   lltdio   lltdio.sys   Sat Jan 19 01:35:48 2008 (47919A44)
fffffa60`06a00000 fffffa60`06a0c000   usbfilter usbfilter.sys Fri Apr 03 07:39:51 2009 (49D5F587)
fffffa60`06a0d000 fffffa60`0707c000   atipmdag atipmdag.sys Tue Mar 02 22:47:08 2010 (4B8DDBBC)
fffffa60`0707c000 fffffa60`0715f000   dxgkrnl  dxgkrnl.sys  Thu Sep 24 21:27:15 2009 (4ABC1C73)
fffffa60`0715f000 fffffa60`0716f000   watchdog watchdog.sys Sat Apr 11 01:09:16 2009 (49E025FC)
fffffa60`0716f000 fffffa60`071a9000   Rtlh64   Rtlh64.sys   Tue Sep 01 23:09:35 2009 (4A9DE1EF)
fffffa60`071a9000 fffffa60`071b4000   usbohci  usbohci.sys  Sat Apr 11 01:39:36 2009 (49E02D18)
fffffa60`071b4000 fffffa60`071fa000   USBPORT  USBPORT.SYS  Sat Apr 11 01:39:39 2009 (49E02D1B)
fffffa60`07208000 fffffa60`07265000   storport storport.sys Sat Apr 11 01:34:45 2009 (49E02BF5)
fffffa60`07265000 fffffa60`07272000   TDI      TDI.SYS      Sat Apr 11 01:44:14 2009 (49E02E2E)
fffffa60`07272000 fffffa60`07295000   rasl2tp  rasl2tp.sys  Sat Apr 11 01:43:37 2009 (49E02E09)
fffffa60`07295000 fffffa60`072a1000   ndistapi ndistapi.sys Sat Jan 19 01:37:22 2008 (47919AA2)
fffffa60`072a1000 fffffa60`072d2000   ndiswan  ndiswan.sys  Sat Apr 11 01:43:39 2009 (49E02E0B)
fffffa60`072d2000 fffffa60`072e2000   raspppoe raspppoe.sys Sat Apr 11 01:43:33 2009 (49E02E05)
fffffa60`072e2000 fffffa60`07300000   raspptp  raspptp.sys  Sat Apr 11 01:43:38 2009 (49E02E0A)
fffffa60`07300000 fffffa60`07318000   rassstp  rassstp.sys  Sat Apr 11 01:43:46 2009 (49E02E12)
fffffa60`07318000 fffffa60`0732b000   termdd   termdd.sys   Sat Apr 11 01:48:13 2009 (49E02F1D)
fffffa60`0732b000 fffffa60`07339000   kbdclass kbdclass.sys Sat Jan 19 01:28:05 2008 (47919875)
fffffa60`07339000 fffffa60`07345000   mouclass mouclass.sys Sat Jan 19 01:28:05 2008 (47919875)
fffffa60`07345000 fffffa60`07346480   swenum   swenum.sys   Thu Nov 02 05:37:33 2006 (4549BC5D)
fffffa60`07347000 fffffa60`0737b000   ks       ks.sys       Sat Apr 11 01:33:51 2009 (49E02BBF)
fffffa60`0737b000 fffffa60`07386000   mssmbios mssmbios.sys Sat Jan 19 01:02:54 2008 (4791928E)
fffffa60`07386000 fffffa60`07396000   umbus    umbus.sys    Sat Jan 19 01:34:16 2008 (479199E8)
fffffa60`07396000 fffffa60`073de000   usbhub   usbhub.sys   Sat Apr 11 01:39:52 2009 (49E02D28)
fffffa60`073de000 fffffa60`073f2000   NDProxy  NDProxy.SYS  Sat Jan 19 01:37:26 2008 (47919AA6)
fffffa60`08207000 fffffa60`08242000   portcls  portcls.sys  Sat Apr 11 01:39:36 2009 (49E02D18)
fffffa60`08242000 fffffa60`08265000   drmk     drmk.sys     Sat Jan 19 02:20:04 2008 (4791A4A4)
fffffa60`08265000 fffffa60`0826a180   ksthunk  ksthunk.sys  Sat Jan 19 01:28:14 2008 (4791987E)
fffffa60`0826b000 fffffa60`08274000   Null     Null.SYS     unavailable (00000000)
fffffa60`08274000 fffffa60`08287000   monitor  monitor.sys  Sat Jan 19 01:32:34 2008 (47919982)
fffffa60`08295000 fffffa60`082a3000   vga      vga.sys      Sat Jan 19 01:32:21 2008 (47919975)
fffffa60`082a3000 fffffa60`082c8000   VIDEOPRT VIDEOPRT.SYS Sat Jan 19 01:32:25 2008 (47919979)
fffffa60`082c8000 fffffa60`082d1000   RDPCDD   RDPCDD.sys   Sat Jan 19 01:42:04 2008 (47919BBC)
fffffa60`082d1000 fffffa60`082da000   rdpencdd rdpencdd.sys Sat Jan 19 01:42:03 2008 (47919BBB)
fffffa60`082da000 fffffa60`082e5000   Msfs     Msfs.SYS     unavailable (00000000)
fffffa60`082e5000 fffffa60`082f6000   Npfs     Npfs.SYS     Sat Apr 11 00:54:22 2009 (49E0227E)
fffffa60`082f6000 fffffa60`082ff000   rasacd   rasacd.sys   Sat Jan 19 01:37:30 2008 (47919AAA)
fffffa60`082ff000 fffffa60`0831c000   tdx      tdx.sys      Sat Apr 11 01:43:00 2009 (49E02DE4)
fffffa60`0831c000 fffffa60`0836c000   avgtdia  avgtdia.sys  Wed Mar 03 12:23:33 2010 (4B8E9B15)
fffffa60`0836c000 fffffa60`083b0000   netbt    netbt.sys    Sat Apr 11 01:42:31 2009 (49E02DC7)
fffffa60`083b0000 fffffa60`083cb000   smb      smb.sys      Sat Apr 11 01:42:19 2009 (49E02DBB)
fffffa60`083cb000 fffffa60`083d9000   crashdmp crashdmp.sys Sat Apr 11 01:34:31 2009 (49E02BE7)
fffffa60`083d9000 fffffa60`083e5000   dump_dumpata dump_dumpata.sys Sat Apr 11 01:34:22 2009 (49E02BDE)
fffffa60`083e5000 fffffa60`083ed000   dump_atapi dump_atapi.sys Sat Apr 11 01:34:19 2009 (49E02BDB)
fffffa60`083ed000 fffffa60`083f9000   Dxapi    Dxapi.sys    Sat Jan 19 01:08:00 2008 (479193C0)
fffffa60`08400000 fffffa60`08407b80   HIDPARSE HIDPARSE.SYS Sat Jan 19 01:33:51 2008 (479199CF)
fffffa60`085f3000 fffffa60`085fd000   Fs_Rec   Fs_Rec.SYS   unavailable (00000000)
fffffa60`08606000 fffffa60`08671000   afd      afd.sys      Sat Apr 11 01:44:21 2009 (49E02E35)
fffffa60`08671000 fffffa60`0868f000   pacer    pacer.sys    Sat Apr 11 01:42:56 2009 (49E02DE0)
fffffa60`0868f000 fffffa60`0869e000   netbios  netbios.sys  Sat Jan 19 01:36:35 2008 (47919A73)
fffffa60`0869e000 fffffa60`086b9000   wanarp   wanarp.sys   Sat Apr 11 01:43:38 2009 (49E02E0A)
fffffa60`086b9000 fffffa60`08706000   rdbss    rdbss.sys    Sat Apr 11 00:55:21 2009 (49E022B9)
fffffa60`08706000 fffffa60`08712000   nsiproxy nsiproxy.sys Sat Jan 19 01:36:45 2008 (47919A7D)
fffffa60`08712000 fffffa60`0872f000   dfsc     dfsc.sys     Sat Apr 11 00:54:44 2009 (49E02294)
fffffa60`0872f000 fffffa60`08736080   avgmfx64 avgmfx64.sys Wed Feb 17 17:40:14 2010 (4B7C704E)
fffffa60`08737000 fffffa60`0877e000   avgldx64 avgldx64.sys Wed Feb 10 22:52:31 2010 (4B737EFF)
fffffa60`0877e000 fffffa60`08787000   hidusb   hidusb.sys   Sat Apr 11 01:39:32 2009 (49E02D14)
fffffa60`08787000 fffffa60`08799000   HIDCLASS HIDCLASS.SYS Sat Apr 11 01:39:32 2009 (49E02D14)
fffffa60`08799000 fffffa60`0879ae00   USBD     USBD.SYS     Sat Jan 19 01:33:53 2008 (479199D1)
fffffa60`0879b000 fffffa60`087a6000   kbdhid   kbdhid.sys   Sat Apr 11 01:33:40 2009 (49E02BB4)
fffffa60`087a6000 fffffa60`087be000   USBSTOR  USBSTOR.SYS  Sat Apr 11 01:39:38 2009 (49E02D1A)
fffffa60`087be000 fffffa60`087c9000   mouhid   mouhid.sys   Sat Jan 19 01:28:10 2008 (4791987A)
fffffa60`087c9000 fffffa60`087fe000   fastfat  fastfat.SYS  Sat Apr 11 00:54:10 2009 (49E02272)
fffffa60`09e09000 fffffa60`09ea3000   spsys    spsys.sys    Tue Mar 10 13:16:43 2009 (49B6A07B)
fffffa60`09ea3000 fffffa60`09f46000   HTTP     HTTP.sys     Sat Feb 20 16:30:05 2010 (4B80545D)
fffffa60`09f46000 fffffa60`09f51000   asyncmac asyncmac.sys Sat Jan 19 01:37:27 2008 (47919AA7)
fffffa60`09f51000 fffffa60`09f7a000   srvnet   srvnet.sys   Fri Dec 11 07:03:47 2009 (4B223523)
fffffa60`09f7a000 fffffa60`09f98000   bowser   bowser.sys   Sat Jan 19 00:54:51 2008 (479190AB)
fffffa60`09f98000 fffffa60`09fb2000   mpsdrv   mpsdrv.sys   Sat Jan 19 01:35:28 2008 (47919A30)
fffffa60`09fb2000 fffffa60`09fd9000   mrxdav   mrxdav.sys   Sat Apr 11 00:55:42 2009 (49E022CE)
fffffa60`0a408000 fffffa60`0a431000   mrxsmb   mrxsmb.sys   Fri Dec 04 11:20:18 2009 (4B1936C2)
fffffa60`0a431000 fffffa60`0a47a000   mrxsmb10 mrxsmb10.sys Fri Dec 04 11:20:25 2009 (4B1936C9)
fffffa60`0a47a000 fffffa60`0a499000   mrxsmb20 mrxsmb20.sys Sat Apr 11 00:55:26 2009 (49E022BE)
fffffa60`0a499000 fffffa60`0a4cb000   srv2     srv2.sys     Mon Sep 14 05:45:22 2009 (4AAE10B2)
fffffa60`0a4cb000 fffffa60`0a560000   srv      srv.sys      Fri Dec 11 07:04:08 2009 (4B223538)
fffffa60`0aa09000 fffffa60`0aabf000   peauth   peauth.sys   Mon Oct 23 07:57:00 2006 (453CAE0C)
fffffa60`0aabf000 fffffa60`0aaca000   secdrv   secdrv.SYS   Wed Sep 13 09:18:38 2006 (4508052E)
fffffa60`0aaca000 fffffa60`0aada000   tcpipreg tcpipreg.sys Tue Dec 08 12:55:32 2009 (4B1E9314)
fffffa60`0aada000 fffffa60`0aafa000   WUDFRd   WUDFRd.sys   Sat Jan 19 01:33:43 2008 (479199C7)
fffffa60`0aafa000 fffffa60`0ab10000   WUDFPf   WUDFPf.sys   Sat Jan 19 01:33:22 2008 (479199B2)
fffffa60`0ab10000 fffffa60`0ab19000   gdrv     gdrv.sys     Fri Dec 05 19:57:14 2008 (4939CDEA)
fffffa60`0ab19000 fffffa60`0ab35000   cdfs     cdfs.sys     Sat Jan 19 00:53:45 2008 (47919069)

Unloaded modules:
fffffa60`08408000 fffffa60`085f3000   RTKVHD64.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffffa60`00fea000 fffffa60`00ff8000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffffa60`00c00000 fffffa60`00c0c000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffffa60`00ff8000 fffffa60`01000000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffffa60`0827f000 fffffa60`08295000   i8042prt.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffffa60`08274000 fffffa60`0827f000   kbdhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
start             end                 module name
fffffa60`008f3000 fffffa60`00949000   acpi     acpi.sys     Sat Apr 11 01:03:26 2009 (49E0249E)
fffffa60`08606000 fffffa60`08671000   afd      afd.sys      Sat Apr 11 01:44:21 2009 (49E02E35)
fffffa60`09f46000 fffffa60`09f51000   asyncmac asyncmac.sys Sat Jan 19 01:37:27 2008 (47919AA7)
fffffa60`009df000 fffffa60`009e7000   atapi    atapi.sys    Sat Apr 11 01:34:19 2009 (49E02BDB)
fffffa60`00796000 fffffa60`007ba000   ataport  ataport.SYS  Sat Apr 11 01:34:25 2009 (49E02BE1)
fffffa60`0280b000 fffffa60`0283f000   atikmpag atikmpag.sys Tue Mar 02 22:07:33 2010 (4B8DD275)
fffffa60`011f3000 fffffa60`011fb000   AtiPcie  AtiPcie.sys  Tue May 05 11:00:22 2009 (4A005486)
fffffa60`06a0d000 fffffa60`0707c000   atipmdag atipmdag.sys Tue Mar 02 22:47:08 2010 (4B8DDBBC)
fffffa60`08737000 fffffa60`0877e000   avgldx64 avgldx64.sys Wed Feb 10 22:52:31 2010 (4B737EFF)
fffffa60`0872f000 fffffa60`08736080   avgmfx64 avgmfx64.sys Wed Feb 17 17:40:14 2010 (4B7C704E)
fffffa60`0831c000 fffffa60`0836c000   avgtdia  avgtdia.sys  Wed Mar 03 12:23:33 2010 (4B8E9B15)
fffffa60`09f7a000 fffffa60`09f98000   bowser   bowser.sys   Sat Jan 19 00:54:51 2008 (479190AB)
fffff960`006d0000 fffff960`006e1000   cdd      cdd.dll      unavailable (00000000)
fffffa60`0ab19000 fffffa60`0ab35000   cdfs     cdfs.sys     Sat Jan 19 00:53:45 2008 (47919069)
fffffa60`0293d000 fffffa60`02959000   cdrom    cdrom.sys    Sat Apr 11 01:34:39 2009 (49E02BEF)
fffffa60`0067e000 fffffa60`00730000   CI       CI.dll       Sat Apr 11 03:08:09 2009 (49E041D9)
fffffa60`00dd1000 fffffa60`00dfd000   CLASSPNP CLASSPNP.SYS Sat Apr 11 01:34:15 2009 (49E02BD7)
fffffa60`00621000 fffffa60`0067e000   CLFS     CLFS.SYS     Sat Apr 11 00:54:21 2009 (49E0227D)
fffffa60`083cb000 fffffa60`083d9000   crashdmp crashdmp.sys Sat Apr 11 01:34:31 2009 (49E02BE7)
fffffa60`01000000 fffffa60`0100a000   crcdisk  crcdisk.sys  Sat Jan 19 01:30:12 2008 (479198F4)
fffffa60`08712000 fffffa60`0872f000   dfsc     dfsc.sys     Sat Apr 11 00:54:44 2009 (49E02294)
fffffa60`00fd6000 fffffa60`00fea000   disk     disk.sys     Sat Apr 11 01:34:38 2009 (49E02BEE)
fffffa60`08242000 fffffa60`08265000   drmk     drmk.sys     Sat Jan 19 02:20:04 2008 (4791A4A4)
fffffa60`083e5000 fffffa60`083ed000   dump_atapi dump_atapi.sys Sat Apr 11 01:34:19 2009 (49E02BDB)
fffffa60`083d9000 fffffa60`083e5000   dump_dumpata dump_dumpata.sys Sat Apr 11 01:34:22 2009 (49E02BDE)
fffffa60`083ed000 fffffa60`083f9000   Dxapi    Dxapi.sys    Sat Jan 19 01:08:00 2008 (479193C0)
fffffa60`0707c000 fffffa60`0715f000   dxgkrnl  dxgkrnl.sys  Thu Sep 24 21:27:15 2009 (4ABC1C73)
fffffa60`00faa000 fffffa60`00fd6000   ecache   ecache.sys   Sat Apr 11 01:36:18 2009 (49E02C52)
fffffa60`087c9000 fffffa60`087fe000   fastfat  fastfat.SYS  Sat Apr 11 00:54:10 2009 (49E02272)
fffffa60`00a7f000 fffffa60`00a93000   fileinfo fileinfo.sys Sat Jan 19 01:05:23 2008 (47919323)
fffffa60`00a38000 fffffa60`00a7f000   fltmgr   fltmgr.sys   Sat Apr 11 00:54:38 2009 (49E0228E)
fffffa60`085f3000 fffffa60`085fd000   Fs_Rec   Fs_Rec.SYS   unavailable (00000000)
fffffa60`00f7e000 fffffa60`00faa000   fwpkclnt fwpkclnt.sys Sat Apr 11 01:42:44 2009 (49E02DD4)
fffffa60`0ab10000 fffffa60`0ab19000   gdrv     gdrv.sys     Fri Dec 05 19:57:14 2008 (4939CDEA)
fffff800`01e02000 fffff800`01e48000   hal      hal.dll      Sat Apr 11 03:04:56 2009 (49E04118)
fffffa60`0283f000 fffffa60`0292c000   HDAudBus HDAudBus.sys Sat Apr 11 01:39:38 2009 (49E02D1A)
fffffa60`08787000 fffffa60`08799000   HIDCLASS HIDCLASS.SYS Sat Apr 11 01:39:32 2009 (49E02D14)
fffffa60`08400000 fffffa60`08407b80   HIDPARSE HIDPARSE.SYS Sat Jan 19 01:33:51 2008 (479199CF)
fffffa60`0877e000 fffffa60`08787000   hidusb   hidusb.sys   Sat Apr 11 01:39:32 2009 (49E02D14)
fffffa60`09ea3000 fffffa60`09f46000   HTTP     HTTP.sys     Sat Feb 20 16:30:05 2010 (4B80545D)
fffffa60`007ba000 fffffa60`007d5000   jraid    jraid.sys    Mon Nov 03 21:20:09 2008 (490FB159)
fffffa60`0732b000 fffffa60`07339000   kbdclass kbdclass.sys Sat Jan 19 01:28:05 2008 (47919875)
fffffa60`0879b000 fffffa60`087a6000   kbdhid   kbdhid.sys   Sat Apr 11 01:33:40 2009 (49E02BB4)
fffffa60`00603000 fffffa60`0060d000   kdcom    kdcom.dll    Sat Apr 11 03:07:57 2009 (49E041CD)
fffffa60`07347000 fffffa60`0737b000   ks       ks.sys       Sat Apr 11 01:33:51 2009 (49E02BBF)
fffffa60`00a93000 fffffa60`00b1a000   ksecdd   ksecdd.sys   Mon Jun 15 09:15:18 2009 (4A364966)
fffffa60`08265000 fffffa60`0826a180   ksthunk  ksthunk.sys  Sat Jan 19 01:28:14 2008 (4791987E)
fffffa60`029e8000 fffffa60`029fc000   lltdio   lltdio.sys   Sat Jan 19 01:35:48 2008 (47919A44)
fffffa60`007d5000 fffffa60`007f7000   luafv    luafv.sys    Sat Jan 19 00:59:06 2008 (479191AA)
fffffa60`08274000 fffffa60`08287000   monitor  monitor.sys  Sat Jan 19 01:32:34 2008 (47919982)
fffffa60`07339000 fffffa60`07345000   mouclass mouclass.sys Sat Jan 19 01:28:05 2008 (47919875)
fffffa60`087be000 fffffa60`087c9000   mouhid   mouhid.sys   Sat Jan 19 01:28:10 2008 (4791987A)
fffffa60`009cc000 fffffa60`009df000   mountmgr mountmgr.sys Sat Jan 19 01:28:01 2008 (47919871)
fffffa60`09f98000 fffffa60`09fb2000   mpsdrv   mpsdrv.sys   Sat Jan 19 01:35:28 2008 (47919A30)
fffffa60`09fb2000 fffffa60`09fd9000   mrxdav   mrxdav.sys   Sat Apr 11 00:55:42 2009 (49E022CE)
fffffa60`0a408000 fffffa60`0a431000   mrxsmb   mrxsmb.sys   Fri Dec 04 11:20:18 2009 (4B1936C2)
fffffa60`0a431000 fffffa60`0a47a000   mrxsmb10 mrxsmb10.sys Fri Dec 04 11:20:25 2009 (4B1936C9)
fffffa60`0a47a000 fffffa60`0a499000   mrxsmb20 mrxsmb20.sys Sat Apr 11 00:55:26 2009 (49E022BE)
fffffa60`082da000 fffffa60`082e5000   Msfs     Msfs.SYS     unavailable (00000000)
fffffa60`00952000 fffffa60`0095c000   msisadrv msisadrv.sys Sat Jan 19 01:02:50 2008 (4791928A)
fffffa60`02982000 fffffa60`029bb000   msiscsi  msiscsi.sys  Sat Apr 11 01:36:09 2009 (49E02C49)
fffffa60`00b1a000 fffffa60`00b6a000   msrpc    msrpc.sys    unavailable (00000000)
fffffa60`0737b000 fffffa60`07386000   mssmbios mssmbios.sys Sat Jan 19 01:02:54 2008 (4791928E)
fffffa60`011e1000 fffffa60`011f3000   mup      mup.sys      Sat Apr 11 00:54:47 2009 (49E02297)
fffffa60`00c0e000 fffffa60`00dd1000   ndis     ndis.sys     Sat Apr 11 01:43:15 2009 (49E02DF3)
fffffa60`07295000 fffffa60`072a1000   ndistapi ndistapi.sys Sat Jan 19 01:37:22 2008 (47919AA2)
fffffa60`072a1000 fffffa60`072d2000   ndiswan  ndiswan.sys  Sat Apr 11 01:43:39 2009 (49E02E0B)
fffffa60`073de000 fffffa60`073f2000   NDProxy  NDProxy.SYS  Sat Jan 19 01:37:26 2008 (47919AA6)
fffffa60`0868f000 fffffa60`0869e000   netbios  netbios.sys  Sat Jan 19 01:36:35 2008 (47919A73)
fffffa60`0836c000 fffffa60`083b0000   netbt    netbt.sys    Sat Apr 11 01:42:31 2009 (49E02DC7)
fffffa60`00b6a000 fffffa60`00bc3000   NETIO    NETIO.SYS    Sat Apr 11 01:43:34 2009 (49E02E06)
fffffa60`082e5000 fffffa60`082f6000   Npfs     Npfs.SYS     Sat Apr 11 00:54:22 2009 (49E0227E)
fffffa60`08706000 fffffa60`08712000   nsiproxy nsiproxy.sys Sat Jan 19 01:36:45 2008 (47919A7D)
fffff800`01e48000 fffff800`02360000   nt       ntkrnlmp.exe Tue Dec 08 12:18:34 2009 (4B1E8A6A)
fffffa60`0100e000 fffffa60`0118e000   Ntfs     Ntfs.sys     Sat Apr 11 00:55:38 2009 (49E022CA)
fffffa60`0826b000 fffffa60`08274000   Null     Null.SYS     unavailable (00000000)
fffffa60`08671000 fffffa60`0868f000   pacer    pacer.sys    Sat Apr 11 01:42:56 2009 (49E02DE0)
fffffa60`0098c000 fffffa60`009a1000   partmgr  partmgr.sys  Sat Apr 11 01:34:51 2009 (49E02BFB)
fffffa60`0095c000 fffffa60`0098c000   pci      pci.sys      Sat Apr 11 01:03:33 2009 (49E024A5)
fffffa60`009b5000 fffffa60`009bc000   pciide   pciide.sys   Sat Apr 11 01:34:28 2009 (49E02BE4)
fffffa60`009bc000 fffffa60`009cc000   PCIIDEX  PCIIDEX.SYS  Sat Apr 11 01:34:22 2009 (49E02BDE)
fffffa60`0aa09000 fffffa60`0aabf000   peauth   peauth.sys   Mon Oct 23 07:57:00 2006 (453CAE0C)
fffffa60`08207000 fffffa60`08242000   portcls  portcls.sys  Sat Apr 11 01:39:36 2009 (49E02D18)
fffffa60`00bd8000 fffffa60`00beb000   processr processr.sys Sat Jan 19 00:52:45 2008 (4791902D)
fffffa60`0060d000 fffffa60`00621000   PSHED    PSHED.dll    Sat Apr 11 03:08:17 2009 (49E041E1)
fffffa60`082f6000 fffffa60`082ff000   rasacd   rasacd.sys   Sat Jan 19 01:37:30 2008 (47919AAA)
fffffa60`07272000 fffffa60`07295000   rasl2tp  rasl2tp.sys  Sat Apr 11 01:43:37 2009 (49E02E09)
fffffa60`072d2000 fffffa60`072e2000   raspppoe raspppoe.sys Sat Apr 11 01:43:33 2009 (49E02E05)
fffffa60`072e2000 fffffa60`07300000   raspptp  raspptp.sys  Sat Apr 11 01:43:38 2009 (49E02E0A)
fffffa60`07300000 fffffa60`07318000   rassstp  rassstp.sys  Sat Apr 11 01:43:46 2009 (49E02E12)
fffffa60`086b9000 fffffa60`08706000   rdbss    rdbss.sys    Sat Apr 11 00:55:21 2009 (49E022B9)
fffffa60`082c8000 fffffa60`082d1000   RDPCDD   RDPCDD.sys   Sat Jan 19 01:42:04 2008 (47919BBC)
fffffa60`082d1000 fffffa60`082da000   rdpencdd rdpencdd.sys Sat Jan 19 01:42:03 2008 (47919BBB)
fffffa60`009e7000 fffffa60`009ff000   rspndr   rspndr.sys   Sat Jan 19 01:35:48 2008 (47919A44)
fffffa60`029bb000 fffffa60`029e7e00   RtHDMIVX RtHDMIVX.sys Thu Dec 25 04:30:47 2008 (495352C7)
fffffa60`0716f000 fffffa60`071a9000   Rtlh64   Rtlh64.sys   Tue Sep 01 23:09:35 2009 (4A9DE1EF)
fffffa60`00a0a000 fffffa60`00a38000   SCSIPORT SCSIPORT.SYS Sat Jan 19 01:28:52 2008 (479198A4)
fffffa60`0aabf000 fffffa60`0aaca000   secdrv   secdrv.SYS   Wed Sep 13 09:18:38 2006 (4508052E)
fffffa60`02976000 fffffa60`02982000   serenum  serenum.sys  Sat Jan 19 01:28:36 2008 (47919894)
fffffa60`02959000 fffffa60`02976000   serial   serial.sys   Sat Jan 19 01:28:41 2008 (47919899)
fffffa60`083b0000 fffffa60`083cb000   smb      smb.sys      Sat Apr 11 01:42:19 2009 (49E02DBB)
fffffa60`011da000 fffffa60`011e1000   speedfan speedfan.sys Sun Sep 24 09:26:48 2006 (45168798)
fffffa60`011d2000 fffffa60`011da000   spldr    spldr.sys    Mon Jan 12 16:51:29 2009 (496BBB61)
fffffa60`09e09000 fffffa60`09ea3000   spsys    spsys.sys    Tue Mar 10 13:16:43 2009 (49B6A07B)
fffffa60`0a4cb000 fffffa60`0a560000   srv      srv.sys      Fri Dec 11 07:04:08 2009 (4B223538)
fffffa60`0a499000 fffffa60`0a4cb000   srv2     srv2.sys     Mon Sep 14 05:45:22 2009 (4AAE10B2)
fffffa60`09f51000 fffffa60`09f7a000   srvnet   srvnet.sys   Fri Dec 11 07:03:47 2009 (4B223523)
fffffa60`07208000 fffffa60`07265000   storport storport.sys Sat Apr 11 01:34:45 2009 (49E02BF5)
fffffa60`07345000 fffffa60`07346480   swenum   swenum.sys   Thu Nov 02 05:37:33 2006 (4549BC5D)
fffffa60`00e08000 fffffa60`00f7e000   tcpip    tcpip.sys    Tue Dec 08 12:56:33 2009 (4B1E9351)
fffffa60`0aaca000 fffffa60`0aada000   tcpipreg tcpipreg.sys Tue Dec 08 12:55:32 2009 (4B1E9314)
fffffa60`07265000 fffffa60`07272000   TDI      TDI.SYS      Sat Apr 11 01:44:14 2009 (49E02E2E)
fffffa60`082ff000 fffffa60`0831c000   tdx      tdx.sys      Sat Apr 11 01:43:00 2009 (49E02DE4)
fffffa60`07318000 fffffa60`0732b000   termdd   termdd.sys   Sat Apr 11 01:48:13 2009 (49E02F1D)
fffff960`004e0000 fffff960`004ea000   TSDDD    TSDDD.dll    Sat Jan 19 01:42:04 2008 (47919BBC)
fffffa60`00bcf000 fffffa60`00bd8000   tunmp    tunmp.sys    Sat Jan 19 01:36:30 2008 (47919A6E)
fffffa60`00bc3000 fffffa60`00bcf000   tunnel   tunnel.sys   Sat Jan 19 01:36:44 2008 (47919A7C)
fffffa60`07386000 fffffa60`07396000   umbus    umbus.sys    Sat Jan 19 01:34:16 2008 (479199E8)
fffffa60`08799000 fffffa60`0879ae00   USBD     USBD.SYS     Sat Jan 19 01:33:53 2008 (479199D1)
fffffa60`0292c000 fffffa60`0293d000   usbehci  usbehci.sys  Sat Apr 11 01:39:36 2009 (49E02D18)
fffffa60`06a00000 fffffa60`06a0c000   usbfilter usbfilter.sys Fri Apr 03 07:39:51 2009 (49D5F587)
fffffa60`07396000 fffffa60`073de000   usbhub   usbhub.sys   Sat Apr 11 01:39:52 2009 (49E02D28)
fffffa60`071a9000 fffffa60`071b4000   usbohci  usbohci.sys  Sat Apr 11 01:39:36 2009 (49E02D18)
fffffa60`071b4000 fffffa60`071fa000   USBPORT  USBPORT.SYS  Sat Apr 11 01:39:39 2009 (49E02D1B)
fffffa60`087a6000 fffffa60`087be000   USBSTOR  USBSTOR.SYS  Sat Apr 11 01:39:38 2009 (49E02D1A)
fffffa60`08295000 fffffa60`082a3000   vga      vga.sys      Sat Jan 19 01:32:21 2008 (47919975)
fffffa60`082a3000 fffffa60`082c8000   VIDEOPRT VIDEOPRT.SYS Sat Jan 19 01:32:25 2008 (47919979)
fffffa60`009a1000 fffffa60`009b5000   volmgr   volmgr.sys   Sat Apr 11 01:34:49 2009 (49E02BF9)
fffffa60`00730000 fffffa60`00796000   volmgrx  volmgrx.sys  Sat Apr 11 01:35:14 2009 (49E02C12)
fffffa60`0118e000 fffffa60`011d2000   volsnap  volsnap.sys  Sat Apr 11 01:35:33 2009 (49E02C25)
fffffa60`0869e000 fffffa60`086b9000   wanarp   wanarp.sys   Sat Apr 11 01:43:38 2009 (49E02E0A)
fffffa60`0715f000 fffffa60`0716f000   watchdog watchdog.sys Sat Apr 11 01:09:16 2009 (49E025FC)
fffffa60`0080b000 fffffa60`008e5000   Wdf01000 Wdf01000.sys Sat Jan 19 01:33:27 2008 (479199B7)
fffffa60`008e5000 fffffa60`008f3000   WDFLDR   WDFLDR.SYS   Sat Jan 19 01:32:33 2008 (47919981)
fffff960`00050000 fffff960`00304000   win32k   win32k.sys   Fri Aug 14 09:42:57 2009 (4A8569E1)
fffffa60`00beb000 fffffa60`00bf4000   wmiacpi  wmiacpi.sys  Sat Jan 19 01:02:42 2008 (47919282)
fffffa60`00949000 fffffa60`00952000   WMILIB   WMILIB.SYS   Sat Jan 19 01:33:45 2008 (479199C9)
fffffa60`0aafa000 fffffa60`0ab10000   WUDFPf   WUDFPf.sys   Sat Jan 19 01:33:22 2008 (479199B2)
fffffa60`0aada000 fffffa60`0aafa000   WUDFRd   WUDFRd.sys   Sat Jan 19 01:33:43 2008 (479199C7)

Unloaded modules:
fffffa60`08408000 fffffa60`085f3000   RTKVHD64.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffffa60`00fea000 fffffa60`00ff8000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffffa60`00c00000 fffffa60`00c0c000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffffa60`00ff8000 fffffa60`01000000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffffa60`0827f000 fffffa60`08295000   i8042prt.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffffa60`08274000 fffffa60`0827f000   kbdhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
Bugcheck code 000000C1
Arguments fffff980`306f4ff0 fffff980`306f4ffc 00000000`00db000c 00000000`00000024

¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨

by [color=navy]jcgriff2   
  
J. C. Griffith, Microsoft MVP[/color] 
  
  [color=#000055]https://mvp.support.microsoft.com/profile/Griffith[/color] 
 
  [color=#000055]www.jcgriff2.com[/color] 


[/font]
```
¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨¨

[/font] [/code]


----------



## Nuclear_Bob (Apr 2, 2010)

> Driver Verifier flagged gdrv.sys = Gigabyte Easy Saver - mobo power utility driver for CPU - in 55 seconds flat
> 
> 0xc1 (,,,0x24) = attempt made to free memory area beyond allocation in special pool; corruption detected
> 
> ...


Not a necessary driver as I recall, I will uninstall the program using it.


----------



## Nuclear_Bob (Apr 2, 2010)

```
C:\Windows\system32>verifier/query
4/8/2010, 12:38:11 PM
Level: 0000082B
RaiseIrqls: 0
AcquireSpinLocks: 2818115
SynchronizeExecutions: 43
AllocationsAttempted: 368150
AllocationsSucceeded: 368150
AllocationsSucceededSpecialPool: 368150
AllocationsWithNoTag: 49
AllocationsFailed: 0
AllocationsFailedDeliberately: 0
Trims: 509893
UnTrackedPool: 0

Verified drivers:

Name: jraid.sys, loads: 1, unloads: 0
CurrentPagedPoolAllocations: 0
CurrentNonPagedPoolAllocations: 0
PeakPagedPoolAllocations: 0
PeakNonPagedPoolAllocations: 0
PagedPoolUsageInBytes: 0
NonPagedPoolUsageInBytes: 0
PeakPagedPoolUsageInBytes: 0
PeakNonPagedPoolUsageInBytes: 0

Name: scsiport.sys, loads: 1, unloads: 0
CurrentPagedPoolAllocations: 5
CurrentNonPagedPoolAllocations: 11
PeakPagedPoolAllocations: 6
PeakNonPagedPoolAllocations: 25
PagedPoolUsageInBytes: 336
NonPagedPoolUsageInBytes: 30724
PeakPagedPoolUsageInBytes: 840
PeakNonPagedPoolUsageInBytes: 31512

Name: speedfan.sys, loads: 1, unloads: 0
CurrentPagedPoolAllocations: 0
CurrentNonPagedPoolAllocations: 0
PeakPagedPoolAllocations: 0
PeakNonPagedPoolAllocations: 0
PagedPoolUsageInBytes: 0
NonPagedPoolUsageInBytes: 0
PeakPagedPoolUsageInBytes: 0
PeakNonPagedPoolUsageInBytes: 0

Name: atipcie.sys, loads: 1, unloads: 0
CurrentPagedPoolAllocations: 0
CurrentNonPagedPoolAllocations: 0
PeakPagedPoolAllocations: 0
PeakNonPagedPoolAllocations: 0
PagedPoolUsageInBytes: 0
NonPagedPoolUsageInBytes: 0
PeakPagedPoolUsageInBytes: 0
PeakNonPagedPoolUsageInBytes: 0

Name: atikmpag.sys, loads: 1, unloads: 0
CurrentPagedPoolAllocations: 2
CurrentNonPagedPoolAllocations: 95
PeakPagedPoolAllocations: 5
PeakNonPagedPoolAllocations: 103
PagedPoolUsageInBytes: 37072
NonPagedPoolUsageInBytes: 5680
PeakPagedPoolUsageInBytes: 40144
PeakNonPagedPoolUsageInBytes: 6992

Name: atipmdag.sys, loads: 1, unloads: 0
CurrentPagedPoolAllocations: 476
CurrentNonPagedPoolAllocations: 179
PeakPagedPoolAllocations: 490
PeakNonPagedPoolAllocations: 186
PagedPoolUsageInBytes: 21521020
NonPagedPoolUsageInBytes: 1197012
PeakPagedPoolUsageInBytes: 21607244
PeakNonPagedPoolUsageInBytes: 1241036

Name: rtlh64.sys, loads: 1, unloads: 0
CurrentPagedPoolAllocations: 0
CurrentNonPagedPoolAllocations: 4096
PeakPagedPoolAllocations: 0
PeakNonPagedPoolAllocations: 4096
PagedPoolUsageInBytes: 0
NonPagedPoolUsageInBytes: 327680
PeakPagedPoolUsageInBytes: 0
PeakNonPagedPoolUsageInBytes: 327680

Name: usbfilter.sys, loads: 1, unloads: 0
CurrentPagedPoolAllocations: 0
CurrentNonPagedPoolAllocations: 0
PeakPagedPoolAllocations: 1
PeakNonPagedPoolAllocations: 0
PagedPoolUsageInBytes: 0
NonPagedPoolUsageInBytes: 0
PeakPagedPoolUsageInBytes: 140
PeakNonPagedPoolUsageInBytes: 0

Name: rthdmivx.sys, loads: 1, unloads: 0
CurrentPagedPoolAllocations: 0
CurrentNonPagedPoolAllocations: 89
PeakPagedPoolAllocations: 1
PeakNonPagedPoolAllocations: 90
PagedPoolUsageInBytes: 0
NonPagedPoolUsageInBytes: 29772
PeakPagedPoolUsageInBytes: 84
PeakNonPagedPoolUsageInBytes: 29800

Name: rtkvhd64.sys, loads: 1, unloads: 0
CurrentPagedPoolAllocations: 0
CurrentNonPagedPoolAllocations: 1183
PeakPagedPoolAllocations: 1
PeakNonPagedPoolAllocations: 1184
PagedPoolUsageInBytes: 0
NonPagedPoolUsageInBytes: 853932
PeakPagedPoolUsageInBytes: 92
PeakNonPagedPoolUsageInBytes: 854660

Name: avgtdia.sys, loads: 1, unloads: 0
CurrentPagedPoolAllocations: 101
CurrentNonPagedPoolAllocations: 1147
PeakPagedPoolAllocations: 130
PeakNonPagedPoolAllocations: 1302
PagedPoolUsageInBytes: 17328
NonPagedPoolUsageInBytes: 407328
PeakPagedPoolUsageInBytes: 24496
PeakNonPagedPoolUsageInBytes: 738816

Name: avgmfx64.sys, loads: 1, unloads: 0
CurrentPagedPoolAllocations: 2
CurrentNonPagedPoolAllocations: 14
PeakPagedPoolAllocations: 3
PeakNonPagedPoolAllocations: 17
PagedPoolUsageInBytes: 912
NonPagedPoolUsageInBytes: 1632
PeakPagedPoolUsageInBytes: 9104
PeakNonPagedPoolUsageInBytes: 1968

Name: avgldx64.sys, loads: 1, unloads: 0
CurrentPagedPoolAllocations: 154
CurrentNonPagedPoolAllocations: 20
PeakPagedPoolAllocations: 180
PeakNonPagedPoolAllocations: 24
PagedPoolUsageInBytes: 20576
NonPagedPoolUsageInBytes: 2128
PeakPagedPoolUsageInBytes: 121676
PeakNonPagedPoolUsageInBytes: 3564

Name: dump_dumpata.sys, loads: 0, unloads: 0
CurrentPagedPoolAllocations: 0
CurrentNonPagedPoolAllocations: 0
PeakPagedPoolAllocations: 0
PeakNonPagedPoolAllocations: 0
PagedPoolUsageInBytes: 0
NonPagedPoolUsageInBytes: 0
PeakPagedPoolUsageInBytes: 0
PeakNonPagedPoolUsageInBytes: 0

Name: dump_atapi.sys, loads: 2, unloads: 1
CurrentPagedPoolAllocations: 0
CurrentNonPagedPoolAllocations: 0
PeakPagedPoolAllocations: 0
PeakNonPagedPoolAllocations: 0
PagedPoolUsageInBytes: 0
NonPagedPoolUsageInBytes: 0
PeakPagedPoolUsageInBytes: 0
PeakNonPagedPoolUsageInBytes: 0

Name: secdrv.sys, loads: 1, unloads: 0
CurrentPagedPoolAllocations: 1
CurrentNonPagedPoolAllocations: 0
PeakPagedPoolAllocations: 3
PeakNonPagedPoolAllocations: 0
PagedPoolUsageInBytes: 72
NonPagedPoolUsageInBytes: 0
PeakPagedPoolUsageInBytes: 316
PeakNonPagedPoolUsageInBytes: 0
```
Verifier Output if you want it.


----------



## Nuclear_Bob (Apr 2, 2010)

Bump - No BSOD's yet


----------



## Nuclear_Bob (Apr 2, 2010)

long xiaodie:



> http://www.partitionwizard.com


Wrong thread.


----------



## jcgriff2 (Sep 30, 2007)

The verifier is going through the drivers - allow it to continue.

What is WERCON showing for the last few days - crash wise?
START | *wercon* | View Problem Reports

Reliability Monitor
START | *perfmon /rel*

Is *sptd.sys* disabled?

jcgriff2

.


----------



## Nuclear_Bob (Apr 2, 2010)

> What is WERCON showing for the last few days - crash wise?
> START | wercon | View Problem Reports


Just the four blue screens when I was rebooting before I deleted sptd.sys, a windows explorer close, which I did because of my hard drive issues during the last two bsods. Navyfield several times because I was testing it after system changes. Windows search filter once, says the info was deleted or changed, same day as the bsods. 

Another game crashed 6 days ago before anything was substantially changed, it is a little buggy, doesn't like to be alt-tabbed (which is the cause of the crashes 60% of the time.)


```
Description
A problem caused this program to stop interacting with Windows.

Problem signature
Problem Event Name:	AppHangB1
Application Name:	hoi3game.exe
Application Version:	0.0.0.0
Application Timestamp:	4baa29f6
Hang Signature:	ac8d
Hang Type:	2048
OS Version:	6.0.6002.2.2.0.768.3
Locale ID:	1033
Additional Hang Signature 1:	4430abbc9334812166ab09e84b8775d0
Additional Hang Signature 2:	98b9
Additional Hang Signature 3:	4568e8be938c2ddf0b45203741e1e1af
Additional Hang Signature 4:	ac8d
Additional Hang Signature 5:	4430abbc9334812166ab09e84b8775d0
Additional Hang Signature 6:	98b9
Additional Hang Signature 7:	4568e8be938c2ddf0b45203741e1e1af
```
One more game four days ago which was most likely an alt-tab issue or an issue with windows live (unrelated, been having sign in errors.)


```
Description
A problem caused this program to stop interacting with Windows.

Problem signature
Problem Event Name:	AppHangB1
Application Name:	GTAIV.exe
Application Version:	1.0.0.4
Application Timestamp:	4ab94397
Hang Signature:	bd5e
Hang Type:	2048
OS Version:	6.0.6002.2.2.0.768.3
Locale ID:	1033
Additional Hang Signature 1:	9f9fcd955a03b51b28d898996e10de1d
Additional Hang Signature 2:	8a98
Additional Hang Signature 3:	97b48406e7b21778863ae4ffd13fda1a
Additional Hang Signature 4:	bd5e
Additional Hang Signature 5:	9f9fcd955a03b51b28d898996e10de1d
Additional Hang Signature 6:	8a98
Additional Hang Signature 7:	97b48406e7b21778863ae4ffd13fda1a

Extra information about the problem
Bucket ID:	798351518
```
Last two crashed before anything was done, seem not to be related, as crashes are fairly rare (even when alt-tabbing.)



> Is sptd.sys disabled?


As stated above, I deleted it and used regedit as per your instructions, I no longer see it in Task Manager.


----------



## jcgriff2 (Sep 30, 2007)

I see the screenshots show the four *0xc1* driver verifier enabled BSODs for --> http://www.techsupportforum.com/2676074-post50.html

Other than that things seem quiet, yet you still cannot install NAVYField..? Although I still believe the other games running are somehow interfering due to their crashing. Many of their drivers are 2001 & 2005 and obviously not written with Vista SP2 x64 in mind. I still think Vista re-install inevitable to know if NAVYField by itself will or will not install.

jcgriff2

.


----------



## Nuclear_Bob (Apr 2, 2010)

It installs fine. The game just doesn't start. I will re-install the game one more time, if it doesn't work, I'll live with that. It just seems there is an underlying issue between the program and vista, as the error report said from Microsoft. There are no other games I have with this issue, re-installing Vista just to make sure Navyfield doesn't work just sounds like a headache. And as I have said a different region's version of the game works fine, even the game devs have said the programs are virtually identical.


----------



## Nuclear_Bob (Apr 2, 2010)

Just re-installed, game still won't start. I have been looking for a virtual OS to play the game, that I can run off a flash drive but, the ones I have found are not 64-bit compatible. Anyway, thanks for your time jcgriff2.


----------



## jcgriff2 (Sep 30, 2007)

Have you tried running game at elevated admin level - RIGHT-click on icon, slect "Run as Admin"?

Try running under XP SP3 compatibility mode - RIGHT-click on icon, "Properties", "Compatibility" check box for XP SP3.

Enable hidden-admin account and try running under it. To activate the Vista hidden admin account -
START | type *cmd.exe* | right-click on cmd.exe | "Run as Administrator" - 

```
[font=lucida console]
net user administrator /active:yes
[/font]
```
Logoff your account and the user account named Administrator will be waiting for you at the logon screen. 

Regards. . .

jcgriff2

.


----------



## Nuclear_Bob (Apr 2, 2010)

> Have you tried running game at elevated admin level - RIGHT-click on icon, slect "Run as Admin"?
> 
> Try running under XP SP3 compatibility mode - RIGHT-click on icon, "Properties", "Compatibility" check box for XP SP3.


>.>

Please refer to page 1 post 3; 



> I do run the program as an administrator and with XP compatibility mode...


...btw its SP2 not 3 (at least thats what I see.)




> Enable hidden-admin account and try running under it. To activate the Vista hidden admin account -
> START | type cmd.exe | right-click on cmd.exe | "Run as Administrator" -
> Code:
> 
> ...


No effect on the game when run on that account.


----------



## jcgriff2 (Sep 30, 2007)

Yes, Vista SP2 = XP SP2 compatibility in 'Properties" tab; Running Windows 7 here - compatibility tab = XP SP3.

If you wish to re-hide hidden admin account, change "/active=yes" to "/active=no"

My thoughts are still on the old drivers from these games going back to 2001. . .

```
[font=lucida console]
 10/15/2005    1:05:36 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\boost_python-vc71-mt-1_32.dll"
 10/15/2005    1:07:44 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\dbghelp.dll"
 10/15/2005    1:08:04 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\hapdbg.dll"
 10/15/2005    1:08:42 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Mss32.dll"
 3/18/2003    8:14:52 PM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\msvcp71.dll"
 2/21/2003    4:42:22 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\msvcr71.dll"
 10/15/2005    1:08:54 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\python24.dll"
 10/15/2005    1:09:30 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\vort_dls.dll"
 2/10/2006    7:04:04 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\zlib1.dll"
 3/30/2006   11:00:12 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Assets\CvGameCoreDLL.dll"
 10/15/2005    1:00:22 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Assets\Python\System\wx\wxmsw253h_gizmos_vc.dll"
 10/15/2005    1:00:22 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Assets\Python\System\wx\wxmsw253h_gl_vc.dll"
 10/15/2005    1:00:22 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Assets\Python\System\wx\wxmsw253h_ogl_vc.dll"
 10/15/2005    1:00:22 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Assets\Python\System\wx\wxmsw253h_stc_vc.dll"
 10/15/2005    1:00:22 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Assets\Python\System\wx\wxmsw253h_vc.dll"
 10/15/2005    1:00:22 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Assets\Python\System\wx\wxmsw26h_animate_vc.dll"
 10/15/2005    1:00:22 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Assets\Python\System\wx\wxmsw26h_gizmos_vc.dll"
 10/15/2005    1:00:22 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Assets\Python\System\wx\wxmsw26h_gizmos_xrc_vc.dll"
 10/15/2005    1:00:22 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Assets\Python\System\wx\wxmsw26h_gl_vc.dll"
 10/15/2005    1:00:22 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Assets\Python\System\wx\wxmsw26h_stc_vc.dll"
 10/15/2005    1:00:24 AM  "C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization 4\Assets\Python\System\wx\wxmsw26h_vc.dll"

  1/6/2005   11:43:20 AM  "C:\Program Files (x86)\Sierra\Empire Earth II SP Demo\binkw32.dll"
  1/6/2005   11:43:20 AM  "C:\Program Files (x86)\Sierra\Empire Earth II SP Demo\d3dx8d.dll"
  1/6/2005   11:43:20 AM  "C:\Program Files (x86)\Sierra\Empire Earth II SP Demo\mss32.dll"
  1/6/2005   11:43:20 AM  "C:\Program Files (x86)\Sierra\Empire Earth II SP Demo\MSVCP60.DLL"
  1/6/2005   11:43:20 AM  "C:\Program Files (x86)\Sierra\Empire Earth II SP Demo\MSVCP60D.DLL"
  1/6/2005   11:43:20 AM  "C:\Program Files (x86)\Sierra\Empire Earth II SP Demo\MSVCRTD.DLL"
  1/6/2005   11:48:30 AM  "C:\Program Files (x86)\Sierra\Empire Earth II SP Demo\redist\mss32.dll"
  1/6/2005   11:48:30 AM  "C:\Program Files (x86)\Sierra\Empire Earth II SP Demo\ScriptLibs\AI\AI_default.dll"
  1/6/2005   11:48:30 AM  "C:\Program Files (x86)\Sierra\Empire Earth II SP Demo\ScriptLibs\AI\Eco_Crown.dll"
  1/6/2005   11:48:30 AM  "C:\Program Files (x86)\Sierra\Empire Earth II SP Demo\ScriptLibs\AI\Imp_Crown.dll"
  1/6/2005   11:48:30 AM  "C:\Program Files (x86)\Sierra\Empire Earth II SP Demo\ScriptLibs\AI\Mil_Crown.dll"
 6/24/2005    9:41:16 PM  "C:\Program Files (x86)\Sierra\FEAR SP Demo\binkw32.dll"
 3/24/2005   12:58:36 PM  "C:\Program Files (x86)\Sierra\FEAR SP Demo\eax.dll"
 7/28/2005   10:59:20 PM  "C:\Program Files (x86)\Sierra\FEAR SP Demo\GameDatabase.dll"
 7/28/2005   10:21:26 PM  "C:\Program Files (x86)\Sierra\FEAR SP Demo\LTMemory.dll"
 3/18/2003    9:20:00 PM  "C:\Program Files (x86)\Sierra\FEAR SP Demo\mfc71.dll"
 3/18/2003    9:12:12 PM  "C:\Program Files (x86)\Sierra\FEAR SP Demo\mfc71u.dll"
 3/18/2003    8:14:52 PM  "C:\Program Files (x86)\Sierra\FEAR SP Demo\msvcp71.dll"
 2/21/2003    4:42:22 AM  "C:\Program Files (x86)\Sierra\FEAR SP Demo\msvcr71.dll"
 7/28/2005   10:59:20 PM  "C:\Program Files (x86)\Sierra\FEAR SP Demo\SndDrv.dll"
 7/28/2005   10:59:20 PM  "C:\Program Files (x86)\Sierra\FEAR SP Demo\StringEditRuntime.dll"


 2/10/2003   12:16:00 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\dx8Wrap.dll"
 2/14/2003   11:11:52 AM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\il2_core.dll"
 10/26/2001    9:12:00 AM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\il2_usgs.dll"
 9/21/2001   11:27:24 AM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\jgl.dll"
 2/14/2003    1:57:36 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\mg_snd.dll"
  9/7/2001   12:32:40 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\pathfind.dll"
  3/5/2003   10:21:00 AM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\rts.dll"
 8/26/2002    3:44:18 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\ActPanel.dll"
 8/26/2002    3:44:20 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\awt.dll"
 8/26/2002    3:44:20 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\cmm.dll"
 8/26/2002    3:44:20 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\dcpr.dll"
 8/26/2002    3:44:20 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\dt_socket.dll"
 8/26/2002    3:44:20 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\fontmanager.dll"
 8/26/2002    3:44:20 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\hpi.dll"
 8/26/2002    3:44:20 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\hprof.dll"
 8/26/2002    3:44:20 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\ioser12.dll"
 8/26/2002    3:44:20 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\java.dll"
 8/26/2002    3:44:20 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\jawt.dll"
 8/26/2002    3:44:20 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\jcov.dll"
 8/26/2002    3:44:20 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\JdbcOdbc.dll"
 8/26/2002    3:44:22 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\jdwp.dll"
 8/26/2002    3:44:22 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\jpeg.dll"
 8/26/2002    3:44:22 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\jpins32.dll"
 8/26/2002    3:44:22 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\jpishare.dll"
 8/26/2002    3:44:22 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\jsound.dll"
 8/26/2002    3:44:22 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\msvcrt.dll"
 8/26/2002    3:44:22 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\net.dll"
 8/26/2002    3:44:22 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\NPJava11.dll"
 8/26/2002    3:44:22 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\NPJava12.dll"
 8/26/2002    3:44:22 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\NPJava131.dll"
 8/26/2002    3:44:22 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\NPJava32.dll"
 8/26/2002    3:44:24 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\NPOJI600.dll"
 8/26/2002    3:44:24 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\packager.dll"
 8/26/2002    3:44:24 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\verify.dll"
 8/26/2002    3:44:24 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\zip.dll"
 8/26/2002    3:44:24 PM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\bin\hotspot\jvm.dll"
 1/28/2003   10:30:22 AM  "C:\Program Files (x86)\Ubi Soft\IL-2 Sturmovik Forgotten Battles\New Folder\rts.dll"

  1/7/2005    3:17:04 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\AICommon.dll"
  1/7/2005    3:17:04 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\ALAudio.dll"
  1/7/2005    3:17:04 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\Core.dll"
  1/7/2005    3:17:04 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\D3DDrv.dll"
  1/7/2005    3:17:04 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\DefOpenAL32.dll"
  1/7/2005    3:17:10 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\dinterface.dll"
  1/7/2005    3:17:04 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\Editor.dll"
  1/7/2005    3:17:08 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\Engine.dll"
  1/7/2005    3:17:08 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\GUI.dll"
  1/7/2005    3:17:08 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\IFC23.dll"
  1/7/2005    3:17:08 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\IGEffectsSystem.dll"
  1/7/2005    3:17:08 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\IGSoundEffectsSubsystem.dll"
  1/7/2005    3:17:08 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\IGVisualEffectsSubsystem.dll"
  1/7/2005    3:17:08 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\IpDrv.dll"
  1/7/2005    3:17:08 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\IrrSupport.dll"
  1/7/2005    3:17:08 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\MFC71u.dll"
  1/7/2005    3:17:10 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\msvcp71.dll"
  1/7/2005    3:17:12 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\msvcr71.dll"
  1/7/2005    3:17:12 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\msvcrt.dll"
  1/7/2005    3:17:12 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\ogg.dll"
  1/7/2005    3:17:08 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\RenderUtilities.dll"
  1/7/2005    3:17:08 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\RTCShader.dll"
  1/7/2005    3:17:08 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\RWOSupport.dll"
  1/7/2005    3:17:08 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\ScriptCompiler.dll"
  1/7/2005    3:17:10 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\Scripting.dll"
  1/7/2005    3:17:10 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\SwatAIAwareness.dll"
  1/7/2005    3:17:10 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\SwatAICommon.dll"
  1/7/2005    3:17:10 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\SwatGame.dll"
  1/7/2005    3:17:10 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\SwatGui.dll"
  1/7/2005    3:17:10 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\Tyrion.dll"
  1/7/2005    3:17:10 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\UnrealEdPerforce.dll"
  1/7/2005    3:17:10 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\UWeb.dll"
  1/7/2005    3:17:12 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\vorbis.dll"
  1/7/2005    3:17:12 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\vorbisfile.dll"
  1/7/2005    3:17:10 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\Window.dll"
  1/7/2005    3:17:10 PM  "C:\Program Files (x86)\VUGames\SWAT 4 Single Player Demo\Content\System\WinDrv.dll"
[/font]
```
`


... and their likely interference in some manner with NAVYField drivers like this one w/ timestamp = March 2010 - 

```
[font=lucida console]
 3/12/2010    2:39:29 AM  "C:\Users\MARK\Desktop\Files\NavyField\Main.dll"
[/font]
```
`

The former obviously not written with Vista SP2 x64 in mind; the latter not only Vista x64 SP2, but Windows 7 x64 as well.

Only a re-install of Vista, followed by all Windows Updates + device manufacturer updates installed -- then installing NAVYField as the very 1st app will tell you if NAVYField is the problem or not. The only real way to test this out.

Regards. . .

jcgriff2

.


----------



## Nuclear_Bob (Apr 2, 2010)

> If you wish to re-hide hidden admin account, change "/active=yes" to "/active=no"


Thanks, I figured that out already lol. 

All of those games in that list, (Swat 4, IL-2, FEAR, EE, Civ 4) have not crashed ever, so I don't see an issue there.



> ... and their likely interference in some manner with NAVYField drivers like this one w/ timestamp = March 2010 -
> Code:
> 
> 
> 3/12/2010 2:39:29 AM "C:\Users\MARK\Desktop\Files\NavyField\Main.dll"


You are digging too much now, that .dll isn't even for US version, its for the European version. (Unless you posted the wrong directory.)



> Only a re-install of Vista, followed by all Windows Updates + device manufacturer updates installed -- then installing NAVYField as the very 1st app will tell you if NAVYField is the problem or not. The only real way to test this out.


Seeing as how I had a few other games on this computer before I installed Navyfield, and installed more after it. The program was running fine. I don't really see re-installing as an acceptable troubleshooting tool, seeing as how its only going to say the program will not work at all, or will not work with other programs installed. Not to be stubborn, but I'd rather have one game not work, (This is the ONLY game I cannot play) then to deal with the headache of a re-install. Again thanks for your time, but the approach just doesn't really seem to have a solid practical gain.


----------



## jcgriff2 (Sep 30, 2007)

Nuclear_Bob said:


> Verifier query window does not stay open.
> 
> 
> 
> ...


Given the comment about line command driver verifier window... I thought it prudent to mention hidden-admin re-hide command.

*verifier /query* is a line command... of course the cmd/DOS screen will not stay open. If you wish to use Driver Verifier GUI to query - 
START | *verifier* | select last option "Display information..."




jcgriff2 said:


> ... and their likely interference in some manner with NAVYField drivers like this one w/ timestamp = March 2010 -
> 
> ```
> [font=lucida console]
> ...


No such thing as "digging too much"! What is it exactly that you did/ allowed the game company to do for 9 months working with them? I hope they dove head first into this, given that amount of time; however, I have a feeling they did not go through your system files at all to try and figure this out.


```
[font=lucida console]
3/10/2010    9:53:53 PM  "C:\Program Files\SD EnterNET\NavyFIELD\Main.dll"
[/font]
```
There is the driver -- 2 days older in the x64 \Program Files directory. Drivers should not be in the \Program Files directory for reasons noted earlier. Vista & Windows 7 = virtualization within the \Program Files folder; hence the Virtual Store.



Back to prior posts for a bit. . .



jcgriff2 said:


> WINSAT - delete all XML files in *C:\Windows\Performance\WinSAT\DataStore*
> 
> START | *cmd.exe* | RIGHT-click on cmd.exe | Run as Admin -
> 
> ...


Did you delete the XML files & re-run WINSAT? Are you able to run WINSAT at all? You did mention that the score never registered... that would mean issue with performance information; hence issue with performace itself.




Nuclear_Bob said:


> I have turned off the verifier off after my 3rd restart BSOD because I think the restart error reports are eating my HDD bandwidth. I can't post when firefox refuses to respond. I'll be checking back tomorrow, if I can get this performance issue straightened out.



Driver Verifier does not need the Internet to run. Error reporting would be WERCON - check it and see what is being reported. Driver Verifier would BSOD system and result in a single report upon restart. Certainly not enough to continually eat into bandwidth that would prevent you from using Internet to post here, let alone cause FireFox to crash. Driver Verifier BSODs systems, does not simply result in APPHANGs/ APPCRASHes. It will utilize system resources - CPU & RAM to do its job.

Driver Verifier needs to run until it no longer BSODs your system. If your system cannot withstand the D/V for 24-36 hours... something is very wrong.




Nuclear_Bob said:


> Seeing as how I had a few other games on this computer before I installed Navyfield, and installed more after it. The program was running fine. I don't really see re-installing as an acceptable troubleshooting tool, seeing as how its only going to say the program will not work at all, or will not work with other programs installed. Not to be stubborn, but I'd rather have one game not work, (This is the ONLY game I cannot play) then to deal with the headache of a re-install. Again thanks for your time, but the approach just doesn't really seem to have a solid practical gain.


It is not only a solid and practical approach, but the only logical approach at this time. You do not know if hardware failure is present or not.

I have a feeling that if I do an Internet search on NAVYField. . . I would find others that have suggested Vista re-install... or will in another month or so.

There is no other way to test that to test on a fresh install as I have mentioned. . .



jcgriff2 said:


> Only a re-install of Vista, followed by all Windows Updates + device manufacturer updates installed -- then installing NAVYField as the very 1st app will tell you if NAVYField is the problem or not. The only real way to test this out.
> 
> .


There is no other way for you to know if the game will work on your system or not. If it works on other's systems as you have said, but not on yours - that would leave hardware failure as the likely cause. Perhaps an underpowered PSU? I am told that 1000w minimum PSU needed for your system. 

You can go with dual-boot Vista & XP, but I would think that after spending nearly a year on this, someone, somewhere before me has/ definitely should have suggested the above.

One other comment made to me that you should try - re-allocate the page file. It may be corrupted. Set page file min/max each to zero; re-boot; reset to system managed; re-boot.

I really would like to know what the game company did for 9 months working with you on this. I simply do not understand the need for all of these patches you speak of. If the game company followed the "kernel law" of Vista SP2... there should be no problems whatsoever. 

Regards. . .

jcgriff2

.


----------



## Nuclear_Bob (Apr 2, 2010)

> Quote:
> Originally Posted by Nuclear_Bob View Post
> 
> Verifier query window does not stay open.
> ...


Found out i accidentally ran command prompt without admin access, works fine, that was a while ago.




> Quote:
> Originally Posted by jcgriff2 View Post
> ... and their likely interference in some manner with NAVYField drivers like this one w/ timestamp = March 2010 -
> Code:
> ...



No, they did not. There is a complete list of tickets I sent in attached to this post. Reading it, you will find out I did more troubleshooting than they did.



> Quote:
> Originally Posted by jcgriff2 View Post
> 
> WINSAT - delete all XML files in C:\Windows\Performance\WinSAT\DataStore
> ...


It seems when, drivers get installed the index gets set to unrated. If you look at the screenshot again it does say 5.6 next to unrated. (I did run it again after updating some drivers, its fine now.)



> Quote:
> Originally Posted by Nuclear_Bob View Post
> I have turned off the verifier off after my 3rd restart BSOD because I think the restart error reports are eating my HDD bandwidth. I can't post when firefox refuses to respond. I'll be checking back tomorrow, if I can get this performance issue straightened out.
> 
> ...


If you re-read it says HDD (Hard drive) bandwidth, not internet bandwidth. The BSOD error reports apparently had a lot of data in them, that coupled with vista's aggressive caching ground my IDE hard drive to a halt, making firefox slow. Nothing is wrong now.



> There is no other way for you to know if the game will work on your system or not. If it works on other's systems as you have said, but not on yours - that would leave hardware failure as the likely cause. Perhaps an underpowered PSU? I am told that 1000w minimum PSU needed for your system.


LOL! Who told you that? (Have you been listening to the non-QVL RAM guy?  ) Did you tell them my exact specs without a mistake? I could run two 4870's with the PSU I have. (Corsair TX-650W) I am only running one. Taken off AMD's webpage : 

"ATI Radeon™ HD 4870 System Requirements: 500 Watt or greater power supply with two 75W 6-pin PCI Express® power connectors recommended (600 Watt and four 6-pin connectors for ATI CrossFireX™ technology in dual mode)"

Note that, I am only running 1 HDD (standard 7200 rpm), one Optical drive and 4 case fans, One Quad core CPU (125W) 




> One other comment made to me that you should try - re-allocate the page file. It may be corrupted. Set page file min/max each to zero; re-boot; reset to system managed; re-boot.


I'll try it.




> I really would like to know what the game company did for 9 months working with you on this. I simply do not understand the need for all of these patches you speak of. If the game company followed the "kernel law" of Vista SP2... there should be no problems whatsoever.


The patches are for new game content, such as new items, maps, etc. Yes they are at a crossroads most of the PC's now are Vista / Win 7 and they need to fix the game code.


----------



## Nuclear_Bob (Apr 2, 2010)

> Quote:
> One other comment made to me that you should try - re-allocate the page file. It may be corrupted. Set page file min/max each to zero; re-boot; reset to system managed; re-boot.
> 
> I'll try it.


Didn't work.


----------



## jcgriff2 (Sep 30, 2007)

nuclear_bob said:


> Product
> NavyFIELD.exe
> 
> Problem
> ...


I see the tell-tale *0xc0000005* exception error again!

0xc0000005 = memory access violation, i.e., "Access Denied.."




nuclear_bob said:


> And yes it still happens with this month's new patch, and FOR THE LAST TIME: this has nothing to do with my firewall, the updater program can auto download the patch(es) and I have played the game with the same firewall settings a few months ago, and have even redone the firewall settings. This has nothing to do with a hardware firewall ether since a junky spare computer can get in game. And even if it was a firewall problem the game would not just crash it would say "cannot connect to update server" or whatever.


The presence of a 3rd party firewall in Vista would not necessarily lead to "cannot connect with server" as the sole error at all. A 3rd party firewall in Vista or Windows 7 can block local NETBIOS ports used by Vista system services causing them to hang or crash. These system services hanging/ crashing may be among the ones that NAVY Field utilizes.

XP admin user accounts run with 2-user-token full admin rights; Vista & Windows 7 user-admin accounts run with a single user token. When full admin rights needed, elevation via UAC/ consent.exe requested. If approved, the 2nd token needed for full admin rights granted.

XP & Vista/ Windows 7 admin accounts run at different security levels.


These 2 replies from Navy Field certainly speakes volumes -


> TeamNF:
> 
> Hello there,
> 
> ...


They are right. Windows OS' are NT-based going back to Windows 3.1 (1993). Vista changed security heavily, continuing into Windows 7, making them very different from XP and those before. However, they got it to work on their systems.




> TeamNF:
> 
> Hello there,
> 
> ...


XP compatibility mode - and Windows 2000? Obviously the game is not written with Vista SP2 x64 in mind. But the patches and their testing of such indicate they are in fact keeping/ trying to keep up with the ever-evolving Windows NT Kernel.

I would think when suggesting that all apps be closed... this refers to other games as well. From your logs, seeing the other games constantly disabling DWM tells me that all other apps are not closed, including loaded drivers from them as well.




> TeamNF:
> 
> Hello there,
> 
> ...


Did you ever allow them to do a remote desktop session?



> TeamNF:
> 
> 'Still curious I replaced the US launcher with the EU launcher, and to my surprise the game launched! The loading screen was the normal US one (just the SDEnternet logo not the eFusion one and the user agreement was the US one as well). The only thing was the login screen message was the EU message, when I tried to login with my US username and password, it said data file corrupted.'
> 
> ...


You have now patched the game on your own. Is this still the case?





nuclear_bob said:


> Mar 31 2010:
> 
> What I did was just move the original US Navyfield Launcher out of the main directory (just stuck in a new folder in the NF install directory so I could undo it later). And then moved the EU launcher into the US NF install folder (the EU version is installed in a folder on my desktop, I know there's nothing wrong with the EU version on my PC, I was playing it for a while before I thought doing of this). And that is pretty much it, I just double clicked the NFEU launcher from the US NF folder. If you need more info, just tell me, I should be able to get back to you fairly quick. Thanks!
> 
> ...


 
I see a newer timestamp on NavyField.exe, so patch was installed. . . yet there is the 0xc0000005 exception again!




> TeamNF:
> 
> Hello there,
> 
> ...



I see that "soblueGM"/ others from Navy Field found the 0xc0000005 exception to be paramount based on the link they provided to a TSF thread -

TSF Vista/ Windows 7 thread - 0xc0000005 exception code --> http://www.techsupportforum.com/f217/vista-appcrash-except-code-c0000005-390863.html

Given the paragraph in RED, I truly believe it may have been a subtle way of suggesting that you re-install the OS and then try Navy Field on the fresh OS install.

You are a programmer yourself. You should then know that testing must commence on a level and "clean" playing field. Navy Field app developers got it to work on their systems. So how did they do that? My theory - they did so on a system(s) with no baggage, i.e., no other apps installed. . . a system with nothing on it but the Vista or Windows 7 OS itself.

I have suggested the same and stand by such. There simply is no other way for you to determine the reason(s) behind Navy Field failing on *your* Vista x64 SP2 system only. You said you got it to run before. So what has changed since then? I would say it is the addition of other 3rd party apps rather than anything to do with the Vista OS itself.

With all due respect, you dodged many of their questions and passed on the "big one" - their offer of a remote desktop session. You did not even acknowledge the offer. Personally, I would have jumped at the chance. 

Their offer of remote desktop proves me both right as well as dead-wrong in what I have said in some prior posts - that no one from Navy Field has/ would have gone through your system files in the manner in which I did -- as they offered to do just that - via remote desktop session.

*I am very impressed with the responses from those at Navy Field.*

Navy Field obviously put quite a bit of time and effort into trying to help you.

I find my last suggestion to you to be extremely prudent and the only option on the table at this point, especially after seeing the Navy Field replies. . .

Re-install Vista and see. . .

Thank you for sharing the emails. I mean that with utmost sincerity.

Regards. . .

jcgriff2

.


----------



## Nuclear_Bob (Apr 2, 2010)

I could go through and answer all your sets of questions and quotes, but as I have seen, you are set on a vista re-install. So I will not waste our time going back and forth for several more days.



> I'd rather have one game not work, (This is the ONLY game I cannot play) then to deal with the headache of a re-install.


That is the bottom line, and unless *I* find more evidence that there is a serious problem with this install of windows, then this install will remain.

I am posting this, just to say that, in my judgment it is not worth it. This is the third and last time I will say that, I am finished re-posting things.


I will PM info that you have overlooked in your last few posts. 



> Again thanks for your time, but the approach just doesn't really seem to have a solid practical gain.


(I do not expect a reply.)


----------



## jcgriff2 (Sep 30, 2007)

I do wish you the best of luck in your endeavor.

Regards. . .

jcgriff2

.


----------

