# BSOD - PC crash



## kim50 (Jul 20, 2008)

I have a new PC. It's a HP m9277, running Vista home with 2.40 gigahertz Intel Core2 Quad Q6600 and 4GB RAM. Earlier today I installed some critical updates and updated graphic card driver through HP updater. All seemed fine. Tonight hubby played Call of Duty4 for an hour or so. He exited the game and a few minutes later the PC crashed with BSOD. 
I have zipped up the memory and mini dump and dxdiag file and have uploaded to my webspace as the file is quite large. It can be downloaded from http://www.kims-design.net/dump.rar I hope someone can help. 
Please let me know if you need any more info
Thanks for any help

Info from BSOD:

DRIVER_IRQL_NOT_LESS_OR_EQUAL

0x000000D1 (0x00000002, 0x00000001, 0x8F83F552)

pacer.sys - adress 8F83F552 base at 8F830000 Datestamp 468af785



Info after reboot:

Problem signature:
Problem Event Name:	BlueScreen
OS Version:	6.0.6000.2.0.0.768.3
Locale ID:	2057

Additional information about the problem:
BCCode:	d1
BCP1:	40020028
BCP2:	00000002
BCP3:	00000001
BCP4:	8F83F552
OS Version:	6_0_6000
Service Pack:	0_0
Product:	768_1

Files that help describe the problem:
C:\Windows\Minidump\Mini072308-01.dmp
C:\Users\Kim\AppData\Local\Temp\WER-36847-0.sysdata.xml
C:\Users\Kim\AppData\Local\Temp\WERB20F.tmp.version.txt


----------



## kim50 (Jul 20, 2008)

*Re: PC crash*

I've noticed on some posts that that system NFO file is asked for so I am attaching that too


----------



## Jacee (Jan 4, 2008)

*Re: PC crash*

Info from Microsoft:
http://support.microsoft.com/kb/931365


----------



## kim50 (Jul 20, 2008)

*Re: PC crash*

Thankyou. :grin: I have just installed service pack 1 so I hope that will solve the problem


----------



## jcgriff2 (Sep 30, 2007)

*Re: PC crash*

Thank you, Jacee... I was wondering about SP1 myself.

And kim50 - glad to see that you have installed it.

For info, msinfo32 shows the last 3 apps to fail were Call of Duty 4 - iwps3.exe.

Also... thanks for the 329mb kernel dump - it will not go to waste, I assure you. Please send one anytime a BSOD shows itself.

Regards. . .

jcgriff2


----------



## kim50 (Jul 20, 2008)

*Re: PC crash*

You're welcome and thanks
Is there any way of knowing why it caused the crash?


----------



## kim50 (Jul 20, 2008)

*PC BSOD again - please help*

Same senario as my previous thread, crashed after playing Call of Duty4

http://www.techsupportforum.com/microsoft-support/windows-vista-support/272592-pc-crash.html

The advice was to install service pack 1, which I did, but it's not helped unfortunately :4-dontkno
Do you knowledgable folks have any idea what's causing this?
I am attaching fresh mini dump and system NFO. Let me know if you need anything else, most of the info is in my previous thread


----------



## jcgriff2 (Sep 30, 2007)

*Re: PC crash*



Hi Kim. . .

I know you are new to the forum, so I took the liberty of merging your two threads together as the BSODs did occur within 48 hours of each other.

I will download the new rar file that you have provided, but need a few more items, please -

*1.* Please run Deckard's System Scanner (DSS), found HERE.

about 1/2 down the page you will see it - save it to your desktop.

Then do the following:

START | type cmd.exe into the start search box | right-click on cmd.exe | select run as admin | the type exactly as it appears below (hit enter after each line):


```
[COLOR=red]
c:

cd %userprofile\desktop

dss /config[/COLOR]
```
-check every box 
-allow it to install HiJackThis

Let it run... a minute or two should do it.

One notepad will appear - main.txt, another - extra.txt will be minimized. Save them both, zip them up and attach to your next post.

*2.* Belarc advisor - Click on the link below my sig... install it and run - say NO to going out on Internet to update. The output will appear in a web browser. It must be saved in mht format (IE7/8) or as a web page - html (Firefox). THIS MUST BE EMAILED TO ME as it contains product key code information.

See my PM for email info.

Regards. . .

jcgriff2


----------



## kim50 (Jul 20, 2008)

Sorry for my ignorance, but do I run deckard first and _then_ cmd?


----------



## kim50 (Jul 20, 2008)

Hi JC

Here are the 2 text files and I have posted my belarc info

Kim


----------



## jcgriff2 (Sep 30, 2007)

Hi Kim. . .

I picked up the files and will look at them as soon as time permits. I must go into Philadelphia this afternoon.

Regards. . .

JC


----------



## jcgriff2 (Sep 30, 2007)

Hi Kim. . .

I ran the last mini dump so that I could get something to you before I left for the day.

The STOP error (bugcheck) is 0x1000007E (0xc0000005, 0x8234028d, 0x8b7cbb38, 0x8b7cb834), with the probable cause being the ALWIL !Avast driver aswMonFlt.sys. The bugcheck 0x7e long with the exception 0xc..5, means that the driver attempted to access memory that is out-of-bounds or is just bad. I believe the former occurred here, as the !vast driver has a timestamp on it of Saturday, July 19, 2008 - obviously recently updated.

Un-install !avast and reset your Windows Firewall, as it is listed as currently disabled. There also seems to be an issue with Windows Defender. Also, you have Super Anti Syware installed.

```
Windows Internal Firewall is disabled.

AV: avast! antivirus 4.8.1229 [VPS 080727-0] v4.8.1229 (ALWIL Software)
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) [COLOR=RED]Disabled[/COLOR] [COLOR=RED]Outdated[/COLOR]
AS: SUPERAntiSpyware v4, 15, 0, 1000 (SUPERAntiSpyware.com) [COLOR=RED]Disabled[/COLOR]
AS: avast! antivirus 4.8.1229 [VPS 080727-0] v4.8.1229 (ALWIL Software)
```
That is all that I have for now... please let me know how you make out on the avast, windows firewall and windows defender.

Regards. . .

jcgriff2

.



*The dbug output*

```
Microsoft (R) Windows Debugger Version 6.9.0003.113 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [D:\#Dumps\Kim50  - KERNEL DUMP - Vista - 07-23-08\Mini072508-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows Server 2008 Kernel Version 6001 (Service Pack 1) MP (4 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6001.18000.x86fre.longhorn_rtm.080118-1840
Kernel base = 0x81c3c000 PsLoadedModuleList = 0x81d53c70
Debug session time: Fri Jul 25 16:04:42.242 2008 (GMT-4)
System Uptime: 0 days 6:56:47.282
Loading Kernel Symbols
...................................................................................................................................................
Loading User Symbols
Loading unloaded module list
.......
Unable to load image \SystemRoot\system32\DRIVERS\aswMonFlt.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for aswMonFlt.sys
*** ERROR: Module load completed but symbols could not be loaded for aswMonFlt.sys
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000007E, {c0000005, 8234028d, 8b7cbb38, 8b7cb834}

Probably caused by : aswMonFlt.sys ( aswMonFlt+2d41 )

Followup: MachineOwner
---------

0: kd> !analyze -v;r;kv;lmtn;lmv
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003.  This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG.  This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG.  This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 8234028d, The address that the exception occurred at
Arg3: 8b7cbb38, Exception Record Address
Arg4: 8b7cb834, Context Record Address

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
fltmgr!FltAllocatePoolAlignedWithTag+13
8234028d 8b491c          mov     ecx,dword ptr [ecx+1Ch]

EXCEPTION_RECORD:  8b7cbb38 -- (.exr 0xffffffff8b7cbb38)
ExceptionAddress: 8234028d (fltmgr!FltAllocatePoolAlignedWithTag+0x00000013)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 00000000
   Parameter[1]: 0000001c
Attempt to read from address 0000001c

CONTEXT:  8b7cb834 -- (.cxr 0xffffffff8b7cb834)
eax=00000400 ebx=00000000 ecx=00000000 edx=00000011 esi=00000400 edi=8884d008
eip=8234028d esp=8b7cbc00 ebp=8b7cbc00 iopl=0         nv up ei pl nz na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010206
fltmgr!FltAllocatePoolAlignedWithTag+0x13:
8234028d 8b491c          mov     ecx,dword ptr [ecx+1Ch] ds:0023:0000001c=????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

PROCESS_NAME:  System

CURRENT_IRQL:  0

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

READ_ADDRESS: GetPointerFromAddress: unable to read from 81d73868
Unable to read MiSystemVaType memory at 81d53420
 0000001c 

BUGCHECK_STR:  0x7E

DEFAULT_BUCKET_ID:  NULL_CLASS_PTR_DEREFERENCE

LAST_CONTROL_TRANSFER:  from 90532d41 to 8234028d

STACK_TEXT:  
8b7cbc00 90532d41 86d0c060 00000000 00000400 fltmgr!FltAllocatePoolAlignedWithTag+0x13
WARNING: Stack unwind information not available. Following frames may be wrong.
8b7cbc88 9053346e 8884d008 86d0c060 85f81ba8 aswMonFlt+0x2d41
8b7cbd10 8235aba2 86bd7e98 8884d008 00000000 aswMonFlt+0x346e
8b7cbd44 81c7441d 00000000 00000000 8454d2d8 fltmgr!FltpProcessGenericWorkItem+0x38
8b7cbd7c 81e11a1c 86bd7e98 8f6a3fec 00000000 nt!ExpWorkerThread+0xfd
8b7cbdc0 81c6aa3e 81c74320 00000001 00000000 nt!PspSystemThreadStartup+0x9d
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16


FOLLOWUP_IP: 
aswMonFlt+2d41
90532d41 ??              ???

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  aswMonFlt+2d41

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: aswMonFlt

IMAGE_NAME:  aswMonFlt.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4881fbd1

STACK_COMMAND:  .cxr 0xffffffff8b7cb834 ; kb

FAILURE_BUCKET_ID:  0x7E_aswMonFlt+2d41

BUCKET_ID:  0x7E_aswMonFlt+2d41

Followup: MachineOwner
---------

eax=00000400 ebx=00000000 ecx=00000000 edx=00000011 esi=00000400 edi=8884d008
eip=8234028d esp=8b7cbc00 ebp=8b7cbc00 iopl=0         nv up ei pl nz na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010206
fltmgr!FltAllocatePoolAlignedWithTag+0x13:
8234028d 8b491c          mov     ecx,dword ptr [ecx+1Ch] ds:0023:0000001c=????????
ChildEBP RetAddr  Args to Child              
8b7cbc00 90532d41 86d0c060 00000000 00000400 fltmgr!FltAllocatePoolAlignedWithTag+0x13 (FPO: [Non-Fpo])
WARNING: Stack unwind information not available. Following frames may be wrong.
8b7cbc88 9053346e 8884d008 86d0c060 85f81ba8 aswMonFlt+0x2d41
8b7cbd10 8235aba2 86bd7e98 8884d008 00000000 aswMonFlt+0x346e
8b7cbd44 81c7441d 00000000 00000000 8454d2d8 fltmgr!FltpProcessGenericWorkItem+0x38 (FPO: [Non-Fpo])
8b7cbd7c 81e11a1c 86bd7e98 8f6a3fec 00000000 nt!ExpWorkerThread+0xfd
8b7cbdc0 81c6aa3e 81c74320 00000001 00000000 nt!PspSystemThreadStartup+0x9d
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16
start    end        module name
80404000 8040c000   kdcom    kdcom.dll    Sat Jan 19 02:31:53 2008 (4791A769)
8040c000 8046c000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Sat Jan 19 02:29:43 2008 (4791A6E7)
8046c000 8047d000   PSHED    PSHED.dll    Sat Jan 19 02:31:21 2008 (4791A749)
8047d000 80485000   BOOTVID  BOOTVID.dll  Sat Jan 19 02:27:15 2008 (4791A653)
80485000 804c6000   CLFS     CLFS.SYS     Sat Jan 19 00:28:01 2008 (47918A61)
804c6000 805a6000   CI       CI.dll       Fri Feb 22 00:00:56 2008 (47BE5708)
805a6000 805ec000   acpi     acpi.sys     Sat Jan 19 00:32:48 2008 (47918B80)
805ec000 805fb000   partmgr  partmgr.sys  Sat Jan 19 00:49:54 2008 (47918F82)
8060b000 80687000   Wdf01000 Wdf01000.sys Sat Jan 19 00:52:21 2008 (47919015)
80687000 80694000   WDFLDR   WDFLDR.SYS   Sat Jan 19 00:52:19 2008 (47919013)
80694000 80794000   sptd     sptd.sys     Wed Mar 05 19:32:57 2008 (47CF3BB9)
80794000 8079d000   WMILIB   WMILIB.SYS   Sat Jan 19 00:53:08 2008 (47919044)
8079d000 807c3000   SCSIPORT SCSIPORT.SYS Sat Jan 19 00:49:44 2008 (47918F78)
807c3000 807cb000   msisadrv msisadrv.sys Sat Jan 19 00:32:51 2008 (47918B83)
807cb000 807f2000   pci      pci.sys      Sat Jan 19 00:32:57 2008 (47918B89)
81c09000 81c3c000   hal      halmacpi.dll Sat Jan 19 00:27:20 2008 (47918A38)
81c3c000 81ff5000   nt       ntkrpamp.exe Sat Jan 19 00:30:58 2008 (47918B12)
82207000 82216000   volmgr   volmgr.sys   Sat Jan 19 00:49:51 2008 (47918F7F)
82216000 82260000   volmgrx  volmgrx.sys  Sat Jan 19 00:50:00 2008 (47918F88)
82260000 82270000   mountmgr mountmgr.sys Sat Jan 19 00:49:13 2008 (47918F59)
82270000 82337000   iastor   iastor.sys   Thu Jul 12 18:59:22 2007 (4696B24A)
82337000 82369000   fltmgr   fltmgr.sys   Sat Jan 19 00:28:10 2008 (47918A6A)
82369000 82379000   fileinfo fileinfo.sys Sat Jan 19 00:34:27 2008 (47918BE3)
82379000 823ea000   ksecdd   ksecdd.sys   Sat Jan 19 00:41:20 2008 (47918D80)
8a804000 8a90f000   ndis     ndis.sys     Sat Jan 19 00:55:51 2008 (479190E7)
8a90f000 8a93a000   msrpc    msrpc.sys    unavailable (00000000)
8a93a000 8a974000   NETIO    NETIO.SYS    Sat Jan 19 00:56:19 2008 (47919103)
8a974000 8a9b2000   USBPORT  USBPORT.SYS  Sat Jan 19 00:53:23 2008 (47919053)
8a9b2000 8a9f3000   storport storport.sys Sat Jan 19 00:49:49 2008 (47918F7D)
8aa03000 8aaea000   tcpip    tcpip.sys    Sat Jan 19 00:56:48 2008 (47919120)
8aaea000 8ab05000   fwpkclnt fwpkclnt.sys Sat Jan 19 00:55:44 2008 (479190E0)
8ab05000 8ab7d000   netr73   netr73.sys   Sun Sep 23 23:09:09 2007 (46F72A55)
8ab7d000 8abc9000   srv      srv.sys      Sat Jan 19 00:29:25 2008 (47918AB5)
8abcc000 8abfa000   msiscsi  msiscsi.sys  Sat Jan 19 00:50:44 2008 (47918FB4)
8ac0a000 8ad19000   Ntfs     Ntfs.sys     Sat Jan 19 00:28:54 2008 (47918A96)
8ad19000 8ad52000   volsnap  volsnap.sys  Sat Jan 19 00:50:10 2008 (47918F92)
8ad52000 8ad5a000   spldr    spldr.sys    Thu Jun 21 20:29:17 2007 (467B17DD)
8ad5a000 8ad69000   mup      mup.sys      Sat Jan 19 00:28:20 2008 (47918A74)
8ad69000 8ad90000   ecache   ecache.sys   Sat Jan 19 00:50:47 2008 (47918FB7)
8ad90000 8ada1000   disk     disk.sys     Sat Jan 19 00:49:47 2008 (47918F7B)
8ada1000 8adc2000   CLASSPNP CLASSPNP.SYS Sat Jan 19 00:49:36 2008 (47918F70)
8adc2000 8adcb000   crcdisk  crcdisk.sys  Thu Nov 02 04:52:27 2006 (4549B1CB)
8add8000 8ade3000   tunnel   tunnel.sys   Sat Jan 19 00:55:50 2008 (479190E6)
8ade3000 8adec000   tunmp    tunmp.sys    Sat Jan 19 00:55:40 2008 (479190DC)
8adec000 8adfb000   intelppm intelppm.sys Sat Jan 19 00:27:20 2008 (47918A38)
8e809000 8ef20860   nvlddmkm nvlddmkm.sys Thu Apr 17 16:11:28 2008 (4807AEF0)
8ef21000 8efc0000   dxgkrnl  dxgkrnl.sys  Sat Jan 19 00:36:36 2008 (47918C64)
8efc0000 8efcd000   watchdog watchdog.sys Sat Jan 19 00:35:29 2008 (47918C21)
8efcd000 8efd8000   usbuhci  usbuhci.sys  Sat Jan 19 00:53:20 2008 (47919050)
8efd8000 8efe7000   usbehci  usbehci.sys  Sat Jan 19 00:53:21 2008 (47919051)
8efe7000 8eff9000   HDAudBus HDAudBus.sys Tue Nov 27 18:18:41 2007 (474CA5D1)
8f00f000 8f12e200   HCW85BDA HCW85BDA.sys Tue Mar 18 19:14:19 2008 (47E04CCB)
8f12f000 8f132000   BdaSup   BdaSup.SYS   Sat Jan 19 00:53:30 2008 (4791905A)
8f132000 8f15c000   ks       ks.sys       Sat Jan 19 00:49:21 2008 (47918F61)
8f15c000 8f178000   Rtlh86   Rtlh86.sys   Wed Oct 03 04:18:11 2007 (47035043)
8f178000 8f187200   ohci1394 ohci1394.sys Sat Jan 19 00:53:33 2008 (4791905D)
8f188000 8f195080   1394BUS  1394BUS.SYS  Sat Jan 19 00:53:27 2008 (47919057)
8f196000 8f1ae000   cdrom    cdrom.sys    Sat Jan 19 00:49:50 2008 (47918F7E)
8f1ae000 8f1e7000   aeg4siql aeg4siql.SYS Sun Jul 13 18:54:00 2008 (487A8788)
8f1e7000 8f1f2000   TDI      TDI.SYS      Sat Jan 19 00:57:10 2008 (47919136)
8f409000 8f420000   rasl2tp  rasl2tp.sys  Sat Jan 19 00:56:33 2008 (47919111)
8f420000 8f42b000   ndistapi ndistapi.sys Sat Jan 19 00:56:24 2008 (47919108)
8f42b000 8f44e000   ndiswan  ndiswan.sys  Sat Jan 19 00:56:32 2008 (47919110)
8f44e000 8f45d000   raspppoe raspppoe.sys Sat Jan 19 00:56:33 2008 (47919111)
8f45d000 8f471000   raspptp  raspptp.sys  Sat Jan 19 00:56:34 2008 (47919112)
8f471000 8f486000   rassstp  rassstp.sys  Sat Jan 19 00:56:43 2008 (4791911B)
8f486000 8f496000   termdd   termdd.sys   Sat Jan 19 01:01:06 2008 (47919222)
8f496000 8f4a1000   kbdclass kbdclass.sys Sat Jan 19 00:49:14 2008 (47918F5A)
8f4a1000 8f4ac000   mouclass mouclass.sys Sat Jan 19 00:49:14 2008 (47918F5A)
8f4ac000 8f4ad380   swenum   swenum.sys   Sat Jan 19 00:49:20 2008 (47918F60)
8f4ae000 8f4bc000   circlass circlass.sys Sat Jan 19 00:53:24 2008 (47919054)
8f4bc000 8f4c6000   mssmbios mssmbios.sys Sat Jan 19 00:32:55 2008 (47918B87)
8f4c6000 8f4d3000   umbus    umbus.sys    Sat Jan 19 00:53:40 2008 (47919064)
8f4d3000 8f507000   usbhub   usbhub.sys   Sat Jan 19 00:53:40 2008 (47919064)
8f507000 8f518000   NDProxy  NDProxy.SYS  Sat Jan 19 00:56:28 2008 (4791910C)
8f518000 8f554000   rdbss    rdbss.sys    Sat Jan 19 00:28:34 2008 (47918A82)
8f554000 8f56b000   dfsc     dfsc.sys     Sat Jan 19 00:28:20 2008 (47918A74)
8f56b000 8f582000   aswSP    aswSP.SYS    Sat Jul 19 10:35:15 2008 (4881FBA3)
8f582000 8f599000   usbccgp  usbccgp.sys  Sat Jan 19 00:53:29 2008 (47919059)
8f599000 8f5a9000   HIDCLASS HIDCLASS.SYS Sat Jan 19 00:53:16 2008 (4791904C)
8f5a9000 8f5b2000   kbdhid   kbdhid.sys   Sat Jan 19 00:49:17 2008 (47918F5D)
8f5b2000 8f5ba000   mouhid   mouhid.sys   Sat Jan 19 00:49:16 2008 (47918F5C)
8f5ba000 8f5c7000   crashdmp crashdmp.sys Sat Jan 19 00:49:43 2008 (47918F77)
8f805000 8fa053c0   RTKVHDA  RTKVHDA.sys  Wed Mar 26 06:35:47 2008 (47EA2703)
8fa06000 8fa33000   portcls  portcls.sys  Sat Jan 19 00:53:17 2008 (4791904D)
8fa33000 8fa58000   drmk     drmk.sys     Sat Jan 19 01:53:02 2008 (47919E4E)
8fa58000 8fa61000   Fs_Rec   Fs_Rec.SYS   unavailable (00000000)
8fa61000 8fa68000   Null     Null.SYS     unavailable (00000000)
8fa68000 8fa6f000   Beep     Beep.SYS     Sat Jan 19 00:49:10 2008 (47918F56)
8fa6f000 8fa76000   SASDIFSV SASDIFSV.SYS Wed Apr 16 17:39:35 2008 (48067217)
8fa76000 8fa80000   nsiproxy nsiproxy.sys Sat Jan 19 00:55:50 2008 (479190E6)
8fa80000 8fa81700   USBD     USBD.SYS     Sat Jan 19 00:53:17 2008 (4791904D)
8fa82000 8fa8b000   hidusb   hidusb.sys   Sat Jan 19 00:53:17 2008 (4791904D)
8fa8b000 8fa91380   HIDPARSE HIDPARSE.SYS Sat Jan 19 00:53:16 2008 (4791904C)
8fa92000 8fa9e000   vga      vga.sys      Sat Jan 19 00:52:06 2008 (47919006)
8fa9e000 8fabf000   VIDEOPRT VIDEOPRT.SYS Sat Jan 19 00:52:10 2008 (4791900A)
8fabf000 8fac7000   RDPCDD   RDPCDD.sys   Sat Jan 19 01:01:08 2008 (47919224)
8fac7000 8facf000   rdpencdd rdpencdd.sys Sat Jan 19 01:01:09 2008 (47919225)
8facf000 8fada000   Msfs     Msfs.SYS     unavailable (00000000)
8fada000 8fae8000   Npfs     Npfs.SYS     Sat Jan 19 00:28:09 2008 (47918A69)
8fae8000 8faf1000   rasacd   rasacd.sys   Sat Jan 19 00:56:31 2008 (4791910F)
8faf1000 8fb07000   tdx      tdx.sys      Sat Jan 19 00:55:58 2008 (479190EE)
8fb07000 8fb1b000   smb      smb.sys      Sat Jan 19 00:55:27 2008 (479190CF)
8fb1b000 8fb23360   aswTdi   aswTdi.SYS   Sat Jul 19 10:32:33 2008 (4881FB01)
8fb24000 8fb6c000   afd      afd.sys      Sat Jan 19 00:57:00 2008 (4791912C)
8fb6c000 8fb6fb20   aswRdr   aswRdr.SYS   Sat Jul 19 10:33:40 2008 (4881FB44)
8fb70000 8fba2000   netbt    netbt.sys    Sat Jan 19 00:55:33 2008 (479190D5)
8fba2000 8fbb8000   pacer    pacer.sys    Sat Jan 19 00:55:53 2008 (479190E9)
8fbb8000 8fbc6000   netbios  netbios.sys  Sat Jan 19 00:55:45 2008 (479190E1)
8fbc6000 8fbd9000   wanarp   wanarp.sys   Sat Jan 19 00:56:31 2008 (4791910F)
8fbd9000 8fbfa000   SASKUTIL SASKUTIL.sys Mon Apr 28 17:17:42 2008 (48163EF6)
90402000 904c9000   dump_iaStor dump_iaStor.sys Thu Jul 12 18:59:22 2007 (4696B24A)
904c9000 904d3000   Dxapi    Dxapi.sys    Sat Jan 19 00:36:12 2008 (47918C4C)
904d3000 904e2000   monitor  monitor.sys  Sat Jan 19 00:52:19 2008 (47919013)
904e2000 904f8000   usbcir   usbcir.sys   Sat Jan 19 00:53:25 2008 (47919055)
904f8000 90503000   hidir    hidir.sys    Sat Jan 19 00:53:18 2008 (4791904E)
90503000 90515000   USBSTOR  USBSTOR.SYS  Sat Jan 19 00:53:22 2008 (47919052)
90515000 90530000   luafv    luafv.sys    Sat Jan 19 00:30:35 2008 (47918AFB)
90530000 90547000   aswMonFlt aswMonFlt.sys Sat Jul 19 10:36:01 2008 (4881FBD1)
90547000 9054f000   aswFsBlk aswFsBlk.sys Sat Jul 19 10:37:40 2008 (4881FC34)
90557000 90576000   mrxsmb   mrxsmb.sys   Sat Jan 19 00:28:33 2008 (47918A81)
90576000 905af000   mrxsmb10 mrxsmb10.sys Sat Jan 19 00:28:40 2008 (47918A88)
905af000 905c7000   mrxsmb20 mrxsmb20.sys Sat Jan 19 00:28:35 2008 (47918A83)
905c7000 905ee000   srv2     srv2.sys     Sat Jan 19 00:29:14 2008 (47918AAA)
92aa0000 92ca1000   win32k   win32k.sys   unavailable (00000000)
92cc0000 92cc9000   TSDDD    TSDDD.dll    unavailable (00000000)
92ce0000 92cee000   cdd      cdd.dll      unavailable (00000000)
9980f000 998be000   spsys    spsys.sys    Thu Jun 21 20:33:02 2007 (467B18BE)
998be000 998ce000   lltdio   lltdio.sys   Sat Jan 19 00:55:03 2008 (479190B7)
998ce000 998f8000   nwifi    nwifi.sys    Sat Jan 19 00:53:58 2008 (47919076)
998f8000 99902000   ndisuio  ndisuio.sys  Sat Jan 19 00:55:40 2008 (479190DC)
99902000 99915000   rspndr   rspndr.sys   Sat Jan 19 00:55:03 2008 (479190B7)
99915000 99980000   HTTP     HTTP.sys     Sat Jan 19 00:55:21 2008 (479190C9)
99980000 9999d000   srvnet   srvnet.sys   Sat Jan 19 00:29:11 2008 (47918AA7)
9999d000 999b6000   bowser   bowser.sys   Sat Jan 19 00:28:26 2008 (47918A7A)
999b6000 999cb000   mpsdrv   mpsdrv.sys   Sat Jan 19 00:54:45 2008 (479190A5)
999cb000 999eb000   mrxdav   mrxdav.sys   Sat Jan 19 00:28:44 2008 (47918A8C)
9c60c000 9c6ea000   peauth   peauth.sys   Mon Oct 23 04:55:32 2006 (453C8384)
9c6ea000 9c6f4000   secdrv   secdrv.SYS   Wed Sep 13 09:18:32 2006 (45080528)
9c6f4000 9c700000   tcpipreg tcpipreg.sys Sat Jan 19 00:56:07 2008 (479190F7)
9c700000 9c714580   WUDFRd   WUDFRd.sys   Sat Jan 19 00:53:04 2008 (47919040)
9c715000 9c727000   WUDFPf   WUDFPf.sys   Sat Jan 19 00:52:49 2008 (47919031)
9c727000 9c732000   tdtcp    tdtcp.sys    Sat Jan 19 01:01:08 2008 (47919224)
9c732000 9c73e000   tssecsrv tssecsrv.sys Sat Jan 19 01:01:15 2008 (4791922B)
9c73e000 9c771000   RDPWD    RDPWD.SYS    Sat Jan 19 01:01:16 2008 (4791922C)
9c771000 9c787000   cdfs     cdfs.sys     Sat Jan 19 00:28:02 2008 (47918A62)
9c787000 9c7af000   fastfat  fastfat.SYS  Sat Jan 19 00:28:00 2008 (47918A60)
9c7af000 9c7ea000   udfs     udfs.sys     Sat Jan 19 00:28:08 2008 (47918A68)

Unloaded modules:
8d808000 8d8cf000   hiber_iaStor
    Timestamp: unavailable (00000000)
    Checksum:  00000000
ba204000 ba2cb000   hiber_iaStor
    Timestamp: unavailable (00000000)
    Checksum:  00000000
9054f000 90557000   drmkaud.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
8adcb000 8add8000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
8ab05000 8abcc000   dump_iaStor.
    Timestamp: unavailable (00000000)
    Checksum:  00000000
8fa82000 8fa8b000   kbdhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
8fa6f000 8fa82000   i8042prt.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
```


----------



## kim50 (Jul 20, 2008)

Thanks JC. I have turned firewall back on. I disabled it because my router is firewalled.
I have uninstalled superantispyware and turned defender back on, although the former does seem to pick up more than defender. I have downloaded Avira antivirus, but not installed it as yet. I will wait for your final diagnosis, but no rush please, I know you must be busy
Thanks again


----------



## jcgriff2 (Sep 30, 2007)

Hi Kim...

Ah.. but we all are busy - including yourself, I am sure! It has been somewhat hotter than usual and the kiddies love the beach and pool and I typically cave in!

One thing about the Windows Firewall if you have not already done so - please be sure to reset it to the default settings:

START | type Win Fire into the start search box | click on Windows Firewall above | select "Allow a program through Windows Firewall" on the top left | Answer the UAC prompt | select the Advanced Tab | click on "Restore Defaults" | Click Apply (if hilighted) | Click OK 

I ask this as I have recently seen first hand the effect that a 3rd party firewall product can have on the Windows Firewall. These products incredibly have the power to simply disable it - then when you un-install it you usually get a message to "... be sure to turn the Windows Firewall back on..." - but no instructions are given. I would like to see a setting - in the registry or elsewhere - that would prevent the Windows Firewall from being touched in any manner whatsoever (if the user so chooses, of course).

Do you have any information or ideas about Windows Defender? Please go into Windows Defender and see if you can run a scan. As above, click start, then type Win Def in the start search box.

The other mini kernel dump dated July 23, 2008, contained the bugcheck 0x000000d1 (0x40020028, 0x00000002, 0x00000001, 0x8f83f552), with the probable cause listed as pacer.sys. For info, this driver under XP was known as psched.sys.

I have had the kernel dump running, and will post when finished.


From the dbug output of the July 23 mini dump:

```
[size=2][font=normal]

Loading Dump File [D:\#Dumps\Kim50  - KERNEL DUMP - Vista - 07-23-08\Mini072308-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows Vista Kernel Version 6000 MP (4 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6000.20697.x86fre.vista_ldr.071009-1543
Kernel base = 0x81c00000 PsLoadedModuleList = 0x81d11e10
Debug session time: Wed Jul 23 16:32:28.553 2008 (GMT-4)
System Uptime: 0 days 7:59:39.053
Loading Kernel Symbols
..................................................................................................................................................
Loading User Symbols
Loading unloaded module list
.......
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck D1, {40020028, 2, 1, 8f83f552}

Unable to load image \SystemRoot\system32\DRIVERS\Rtlh86.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for Rtlh86.sys
*** ERROR: Module load completed but symbols could not be loaded for Rtlh86.sys
Probably caused by : pacer.sys ( pacer!PcpDereferenceFlow+e )

Followup: MachineOwner
---------

1: kd> !analyze -v;r;kv;lmtn
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 40020028, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000001, value 0 = read operation, 1 = write operation
Arg4: 8f83f552, address which referenced memory

Debugging Details:
------------------


WRITE_ADDRESS: GetPointerFromAddress: unable to read from 81d315ac
Unable to read MiSystemVaType memory at 81d117e0
 40020028 

CURRENT_IRQL:  2

FAULTING_IP: 
pacer!PcpDereferenceFlow+e
8f83f552 f00fc102        lock xadd dword ptr [edx],eax

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0xD1

PROCESS_NAME:   ÑÐ�

TRAP_FRAME:  82a826ac -- (.trap 0xffffffff82a826ac)
ErrCode = 00000002
eax=fffffffe ebx=87aa4398 ecx=40020000 edx=40020028 esi=00000000 edi=87aa4398
eip=8f83f552 esp=82a82720 ebp=82a82720 iopl=0         nv up ei pl nz na po nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010202
pacer!PcpDereferenceFlow+0xe:
8f83f552 f00fc102        lock xadd dword ptr [edx],eax ds:0023:40020028=????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from 8f83f552 to 81c8fdc4

STACK_TEXT:  
82a826ac 8f83f552 badb0d00 40020028 8f8e5407 nt!KiTrap0E+0x2ac
82a82720 8f843877 40020000 82a82740 829cd396 pacer!PcpDereferenceFlow+0xe
82a8272c 829cd396 82a8273c 87aa43b8 40020000 pacer!PcQoSPDereferenceFlow+0xf
82a82740 829cb3ea 40020000 87aa9022 0000fec6 NETIO!QosDereference+0x32
82a8276c 8f96d82a 00000000 00000001 8f96d7ef NETIO!NetioDereferenceNetBufferListChain+0x5f
82a82778 8f96d7ef 00000000 87aa9022 00000040 tcpip!TcpFlushNetBufferLists+0x32
82a82798 8f979663 00000001 00000000 82a8287c tcpip!TcpFlushDelay+0x41c
82a827c8 8f97e470 87f9af80 87fe6808 87fe6810 tcpip!TcpPreValidatedReceive+0x2bf
82a827e4 8f97e697 87f9af80 87fe6808 82a82820 tcpip!TcpReceive+0x32
82a827f4 8f9701b4 82a82808 c000023e 00000000 tcpip!TcpNlClientReceiveDatagrams+0x12
82a82820 8f96ff84 8f9c1bac 82a8287c c000023e tcpip!IppDeliverListToProtocol+0x49
82a82840 8f96feb3 8f9c19c8 00000006 82a8287c tcpip!IppProcessDeliverList+0x2a
82a82894 8f96b56e 8f9c19c8 00000006 00000000 tcpip!IppReceiveHeaderBatch+0x1da
82a82924 8f96f7da 88030ba0 00000000 82a82901 tcpip!IpFlcReceivePackets+0xc06
82a829a0 8f96f0f3 88063268 87aa4398 00000000 tcpip!FlpReceiveNonPreValidatedNetBufferListChain+0x6db
82a829c8 81afc0b0 88063268 87aa4398 00000000 tcpip!FlReceiveNetBufferListChain+0x104
82a829fc 81aee8a2 00017c58 87aa4398 00000000 ndis!ndisMIndicateNetBufferListsToOpen+0xab
82a82a24 81aee819 00000000 00000001 87314000 ndis!ndisIndicateSortedNetBufferLists+0x4a
82a82ba0 81a36526 8542b0e8 00000000 00000000 ndis!ndisMDispatchReceiveNetBufferLists+0x129
82a82bbc 81aee476 8542b0e8 87aa4398 00000000 ndis!ndisMTopReceiveNetBufferLists+0x2c
82a82bd8 81a364f1 8542b0e8 87aa4398 00000000 ndis!ndisMIndicateReceiveNetBufferListsInternal+0x27
82a82bf4 8e879155 8542b0e8 87aa4398 00000000 ndis!NdisMIndicateReceiveNetBufferLists+0x20
WARNING: Stack unwind information not available. Following frames may be wrong.
82a82c70 8e86e755 00000000 00000000 87314000 Rtlh86+0xc155
82a82c8c 8e86e9a9 87314000 87ced1b8 8e86e97a Rtlh86+0x1755
82a82ca4 81aee086 87314000 87314000 00000000 Rtlh86+0x19a9
82a82cc8 81a36252 87ced220 00000000 00000000 ndis!ndisMiniportDpc+0x81
82a82ce8 81ca94ae 87ced220 87ced1b8 00000000 ndis!ndisInterruptDpc+0x8b
82a82d50 81c9142e 00000000 0000000e ff7f00ff nt!KiRetireDpcList+0x147
82a82d54 00000000 0000000e ff7f00ff 00000000 nt!KiIdleLoop+0x46


STACK_COMMAND:  kb

FOLLOWUP_IP: 
pacer!PcpDereferenceFlow+e
8f83f552 f00fc102        lock xadd dword ptr [edx],eax

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  pacer!PcpDereferenceFlow+e

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: pacer

IMAGE_NAME:  pacer.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  468af785

FAILURE_BUCKET_ID:  0xD1_W_pacer!PcpDereferenceFlow+e

BUCKET_ID:  0xD1_W_pacer!PcpDereferenceFlow+e

Followup: MachineOwner
---------

eax=82a9213c ebx=00000002 ecx=00000396 edx=81d2943c esi=82a92120 edi=40020028
eip=81c8fdc4 esp=82a82694 ebp=82a826ac iopl=0         nv up ei ng nz na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00000286
nt!KiTrap0E+0x2ac:
81c8fdc4 833dc48dd28100  cmp     dword ptr [nt!KiFreezeFlag (81d28dc4)],0 ds:0023:81d28dc4=????????
ChildEBP RetAddr  Args to Child              
82a826ac 8f83f552 badb0d00 40020028 8f8e5407 nt!KiTrap0E+0x2ac (FPO: [0,0] TrapFrame @ 82a826ac)
82a82720 8f843877 40020000 82a82740 829cd396 pacer!PcpDereferenceFlow+0xe (FPO: [Non-Fpo])
82a8272c 829cd396 82a8273c 87aa43b8 40020000 pacer!PcQoSPDereferenceFlow+0xf (FPO: [Non-Fpo])
82a82740 829cb3ea 40020000 87aa9022 0000fec6 NETIO!QosDereference+0x32 (FPO: [Non-Fpo])
82a8276c 8f96d82a 00000000 00000001 8f96d7ef NETIO!NetioDereferenceNetBufferListChain+0x5f (FPO: [Non-Fpo])
82a82778 8f96d7ef 00000000 87aa9022 00000040 tcpip!TcpFlushNetBufferLists+0x32 (FPO: [Non-Fpo])
82a82798 8f979663 00000001 00000000 82a8287c tcpip!TcpFlushDelay+0x41c (FPO: [Non-Fpo])
82a827c8 8f97e470 87f9af80 87fe6808 87fe6810 tcpip!TcpPreValidatedReceive+0x2bf (FPO: [Non-Fpo])
82a827e4 8f97e697 87f9af80 87fe6808 82a82820 tcpip!TcpReceive+0x32 (FPO: [Non-Fpo])
82a827f4 8f9701b4 82a82808 c000023e 00000000 tcpip!TcpNlClientReceiveDatagrams+0x12 (FPO: [Non-Fpo])
82a82820 8f96ff84 8f9c1bac 82a8287c c000023e tcpip!IppDeliverListToProtocol+0x49 (FPO: [Non-Fpo])
82a82840 8f96feb3 8f9c19c8 00000006 82a8287c tcpip!IppProcessDeliverList+0x2a (FPO: [Non-Fpo])
82a82894 8f96b56e 8f9c19c8 00000006 00000000 tcpip!IppReceiveHeaderBatch+0x1da (FPO: [Non-Fpo])
82a82924 8f96f7da 88030ba0 00000000 82a82901 tcpip!IpFlcReceivePackets+0xc06 (FPO: [Non-Fpo])
82a829a0 8f96f0f3 88063268 87aa4398 00000000 tcpip!FlpReceiveNonPreValidatedNetBufferListChain+0x6db (FPO: [Non-Fpo])
82a829c8 81afc0b0 88063268 87aa4398 00000000 tcpip!FlReceiveNetBufferListChain+0x104 (FPO: [Non-Fpo])
82a829fc 81aee8a2 00017c58 87aa4398 00000000 ndis!ndisMIndicateNetBufferListsToOpen+0xab (FPO: [Non-Fpo])
82a82a24 81aee819 00000000 00000001 87314000 ndis!ndisIndicateSortedNetBufferLists+0x4a (FPO: [Non-Fpo])
82a82ba0 81a36526 8542b0e8 00000000 00000000 ndis!ndisMDispatchReceiveNetBufferLists+0x129 (FPO: [Non-Fpo])
82a82bbc 81aee476 8542b0e8 87aa4398 00000000 ndis!ndisMTopReceiveNetBufferLists+0x2c (FPO: [Non-Fpo])
start    end        module name
80204000 8020d000   WMILIB   WMILIB.SYS   Thu Nov 02 04:54:53 2006 (4549B25D)
8020d000 8021a000   WDFLDR   WDFLDR.SYS   Wed Dec 05 21:21:19 2007 (47575C9F)
8021a000 80255000   CLFS     CLFS.SYS     Wed Dec 05 20:55:42 2007 (4757569E)
80255000 8025d000   BOOTVID  BOOTVID.dll  Thu Nov 02 05:39:29 2006 (4549BCD1)
8025d000 80266000   PSHED    PSHED.dll    Thu Nov 02 05:42:51 2006 (4549BD9B)
80266000 802c6000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Apr 23 23:40:05 2007 (462D7C15)
802c6000 802ce000   kdcom    kdcom.dll    Thu Nov 02 05:42:20 2006 (4549BD7C)
80404000 80414000   fileinfo fileinfo.sys Thu Nov 02 04:36:47 2006 (4549AE1F)
80414000 80424000   mountmgr mountmgr.sys Thu Nov 02 04:51:06 2006 (4549B17A)
80424000 80433000   volmgr   volmgr.sys   Thu Nov 02 04:51:44 2006 (4549B1A0)
80433000 8043b000   msisadrv msisadrv.sys Thu Nov 02 04:35:08 2006 (4549ADBC)
8043b000 8047e000   acpi     acpi.sys     Thu Aug 30 20:57:46 2007 (46D7678A)
8047e000 804a4000   SCSIPORT SCSIPORT.SYS Thu Nov 02 04:51:38 2006 (4549B19A)
804a4000 8051f000   Wdf01000 Wdf01000.sys Wed Dec 05 21:21:28 2007 (47575CA8)
8051f000 80600000   CI       CI.dll       Mon Feb 18 23:59:14 2008 (47BA6222)
80606000 8060f000   crcdisk  crcdisk.sys  Thu Nov 02 04:52:27 2006 (4549B1CB)
8060f000 8061e000   mup      mup.sys      Thu Nov 02 04:31:04 2006 (4549ACC8)
8061e000 8062d000   partmgr  partmgr.sys  Thu Nov 02 04:51:47 2006 (4549B1A3)
8062d000 80635000   spldr    spldr.sys    Wed Oct 25 18:40:44 2006 (453FE7EC)
80635000 80660000   msrpc    msrpc.sys    Thu Nov 02 04:50:16 2006 (4549B148)
80660000 80691000   fltmgr   fltmgr.sys   Thu Nov 02 04:30:58 2006 (4549ACC2)
80691000 806db000   volmgrx  volmgrx.sys  Thu Nov 02 04:51:54 2006 (4549B1AA)
806db000 80700000   pci      pci.sys      Thu Nov 02 04:35:13 2006 (4549ADC1)
80700000 80800000   sptd     sptd.sys     Wed Mar 05 19:32:57 2008 (47CF3BB9)
81a10000 81a35000   ecache   ecache.sys   Thu Nov 02 04:52:42 2006 (4549B1DA)
81a35000 81b39000   ndis     ndis.sys     Thu Nov 02 04:57:33 2006 (4549B2FD)
81b39000 81c00000   iastor   iastor.sys   Thu Jul 12 18:59:22 2007 (4696B24A)
81c00000 81fa1000   nt       ntkrpamp.exe Tue Oct 09 21:46:20 2007 (470C2EEC)
81fa1000 81fd5000   hal      halmacpi.dll Sat Dec 23 23:05:34 2006 (458DFC8E)
8280e000 8281f000   disk     disk.sys     Thu Nov 02 04:51:40 2006 (4549B19C)
8281f000 82855000   volsnap  volsnap.sys  Thu Oct 25 22:04:17 2007 (47214B21)
82855000 828bf000   ksecdd   ksecdd.sys   Thu Nov 02 04:43:45 2006 (4549AFC1)
828bf000 829c7000   Ntfs     Ntfs.sys     Thu Oct 25 21:40:39 2007 (47214597)
829c7000 82a00000   NETIO    NETIO.SYS    Sun Jan 13 22:17:13 2008 (478AD439)
82bdf000 82c00000   CLASSPNP CLASSPNP.SYS Thu Nov 02 04:51:34 2006 (4549B196)
8b6d5000 8b6e4280   ohci1394 ohci1394.sys Thu Nov 02 04:55:16 2006 (4549B274)
8b735000 8b745000   HIDCLASS HIDCLASS.SYS Thu Nov 02 04:55:00 2006 (4549B264)
8b765000 8b775000   lltdio   lltdio.sys   Thu Nov 02 04:56:48 2006 (4549B2D0)
8b7d9000 8b7e9000   NDProxy  NDProxy.SYS  Tue Jul 03 21:28:13 2007 (468AF7AD)
8b808000 8b815000   crashdmp crashdmp.sys Thu Nov 02 04:51:36 2006 (4549B198)
8b852000 8b853700   USBD     USBD.SYS     Thu Aug 30 21:23:36 2007 (46D76D98)
8b85a000 8b85b380   swenum   swenum.sys   Thu Nov 02 04:51:15 2006 (4549B183)
8b904000 8b907000   BdaSup   BdaSup.SYS   Thu Nov 02 04:55:15 2006 (4549B273)
8b94c000 8b95b000   raspppoe raspppoe.sys Thu Nov 02 04:58:12 2006 (4549B324)
8b95b000 8b96a000   termdd   termdd.sys   Thu Nov 02 05:02:00 2006 (4549B408)
8b988000 8b997000   monitor  monitor.sys  Thu Nov 02 04:54:05 2006 (4549B22D)
8da15000 8da20000   tunnel   tunnel.sys   Wed Jun 06 22:57:03 2007 (466773FF)
8daa3000 8dab0000   watchdog watchdog.sys Thu Nov 02 04:37:44 2006 (4549AE58)
8db2c000 8db33000   Null     Null.SYS     Thu Nov 02 04:51:05 2006 (4549B179)
8db33000 8db3a000   Beep     Beep.SYS     Thu Nov 02 04:51:03 2006 (4549B177)
8db3a000 8db40380   HIDPARSE HIDPARSE.SYS Thu Nov 02 04:55:00 2006 (4549B264)
8db72000 8db79000   SASDIFSV SASDIFSV.SYS Wed Apr 16 17:39:35 2008 (48067217)
8dbd0000 8dbd8000   mouhid   mouhid.sys   Wed Dec 05 21:18:25 2007 (47575BF1)
8dbd8000 8dbe0000   RDPCDD   RDPCDD.sys   Thu Nov 02 05:02:01 2006 (4549B409)
8dbe0000 8dbe8000   rdpencdd rdpencdd.sys Thu Nov 02 05:02:01 2006 (4549B409)
8de17000 8de41000   ks       ks.sys       Thu Nov 02 04:51:18 2006 (4549B186)
8de41000 8de53000   HDAudBus HDAudBus.sys Sat Mar 24 14:54:34 2007 (460573EA)
8de53000 8de90000   USBPORT  USBPORT.SYS  Thu Aug 30 21:23:43 2007 (46D76D9F)
8deac000 8deba000   intelppm intelppm.sys Thu Nov 02 04:30:18 2006 (4549AC9A)
8deba000 8dec8000   usbehci  usbehci.sys  Thu Aug 30 21:23:40 2007 (46D76D9C)
8dec8000 8ded5080   1394BUS  1394BUS.SYS  Thu Nov 02 04:55:12 2006 (4549B270)
8ded6000 8dee4000   circlass circlass.sys Thu Nov 02 04:55:08 2006 (4549B26C)
8dee4000 8def2000   Npfs     Npfs.SYS     Thu Nov 02 04:30:57 2006 (4549ACC1)
8def2000 8df00000   netbios  netbios.sys  Thu Nov 02 04:57:26 2006 (4549B2F6)
8df94000 8df9d000   Fs_Rec   Fs_Rec.SYS   Mon Apr 16 21:26:39 2007 (4624224F)
8dfa6000 8dfaf000   rasacd   rasacd.sys   Thu Nov 02 04:58:13 2006 (4549B325)
8dfb8000 8dfc0360   aswTdi   aswTdi.SYS   Sat Jul 19 10:32:33 2008 (4881FB01)
8dfc1000 8dfca000   tunmp    tunmp.sys    Wed Jun 06 22:56:53 2007 (466773F5)
8dfd3000 8dfdc000   hidusb   hidusb.sys   Thu Nov 02 04:55:01 2006 (4549B265)
8dfdc000 8dfe5000   kbdhid   kbdhid.sys   Wed Dec 05 21:18:26 2007 (47575BF2)
8e603000 8e6a0000   dxgkrnl  dxgkrnl.sys  Mon Jul 02 21:01:10 2007 (46899FD6)
8e6a0000 8e6ac000   vga      vga.sys      Thu Nov 02 04:53:56 2006 (4549B224)
8e6e8000 8e6f4000   tssecsrv tssecsrv.sys Thu Nov 02 05:02:07 2006 (4549B40F)
8e760000 8e76a000   mssmbios mssmbios.sys Thu Nov 02 04:35:13 2006 (4549ADC1)
8e774000 8e77e000   nsiproxy nsiproxy.sys Thu Nov 02 04:57:30 2006 (4549B2FA)
8e79c000 8e7a6000   Dxapi    Dxapi.sys    Thu Nov 02 04:38:17 2006 (4549AE79)
8e7ce000 8e7d8000   secdrv   secdrv.SYS   Wed Sep 13 09:18:32 2006 (45080528)
8e7ec000 8e7f6000   ndisuio  ndisuio.sys  Thu Nov 02 04:57:22 2006 (4549B2F2)
8e805000 8e81c000   rasl2tp  rasl2tp.sys  Mon Jan 08 21:17:02 2007 (45A2FB1E)
8e81c000 8e855000   arhbn85l arhbn85l.SYS Sun Jul 13 18:54:00 2008 (487A8788)
8e855000 8e86d000   cdrom    cdrom.sys    Thu Nov 02 04:51:44 2006 (4549B1A0)
8e86d000 8e889000   Rtlh86   Rtlh86.sys   Wed Oct 03 04:18:11 2007 (47035043)
8e889000 8e894000   usbuhci  usbuhci.sys  Thu Aug 30 21:23:39 2007 (46D76D9B)
8e894000 8e89f000   TDI      TDI.SYS      Thu Nov 02 04:58:46 2006 (4549B346)
8e89f000 8e8aa000   ndistapi ndistapi.sys Tue Jul 03 21:28:09 2007 (468AF7A9)
8e8aa000 8e8b5000   kbdclass kbdclass.sys Wed Dec 05 21:18:23 2007 (47575BEF)
8e8b5000 8e8c0000   mouclass mouclass.sys Wed Dec 05 21:18:22 2007 (47575BEE)
8e8c0000 8e8cb000   Msfs     Msfs.SYS     Thu Nov 02 04:30:56 2006 (4549ACC0)
8e8d6000 8e8e1000   hidir    hidir.sys    Thu Nov 02 04:55:01 2006 (4549B265)
8e8ec000 8e8f7000   tdtcp    tdtcp.sys    Thu Nov 02 05:02:01 2006 (4549B409)
8e918000 8e923000   tcpipreg tcpipreg.sys Thu Nov 02 04:57:46 2006 (4549B30A)
8e93f000 8ea06000   dump_iaStor dump_iaStor.sys Thu Jul 12 18:59:22 2007 (4696B24A)
8ea06000 8ea3a000   usbhub   usbhub.sys   Thu Aug 30 21:24:00 2007 (46D76DB0)
8ea3a000 8ea47000   umbus    umbus.sys    Thu Nov 02 04:55:24 2006 (4549B27C)
8ea47000 8ea5a000   raspptp  raspptp.sys  Mon Jan 08 21:17:01 2007 (45A2FB1D)
8ea5a000 8ea7d000   ndiswan  ndiswan.sys  Thu Nov 02 04:58:13 2006 (4549B325)
8ea7d000 8eabd000   storport storport.sys Thu Nov 02 04:51:45 2006 (4549B1A1)
8eabd000 8eae8000   msiscsi  msiscsi.sys  Thu Nov 02 04:52:40 2006 (4549B1D8)
8eae8000 8f1ff860   nvlddmkm nvlddmkm.sys Thu Apr 17 16:11:28 2008 (4807AEF0)
8f20b000 8f21d000   USBSTOR  USBSTOR.SYS  Fri Apr 27 22:39:34 2007 (4632B3E6)
8f21d000 8f23e000   VIDEOPRT VIDEOPRT.SYS Thu Nov 02 04:54:07 2006 (4549B22F)
8f25e000 8f261b20   aswRdr   aswRdr.SYS   Sat Jul 19 10:33:40 2008 (4881FB44)
8f28e000 8f2b3000   drmk     drmk.sys     Thu Nov 02 05:20:49 2006 (4549B871)
8f2b3000 8f2e0000   portcls  portcls.sys  Thu Nov 02 04:55:02 2006 (4549B266)
8f2e0000 8f3ff200   HCW85BDA HCW85BDA.sys Tue Mar 18 19:14:19 2008 (47E04CCB)
8f809000 8f82a000   SASKUTIL SASKUTIL.sys Mon Apr 28 17:17:42 2008 (48163EF6)
8f82a000 8f83d000   wanarp   wanarp.sys   Tue Jul 03 21:28:16 2007 (468AF7B0)
8f83d000 8f853000   pacer    pacer.sys    Tue Jul 03 21:27:33 2007 (468AF785)
8f853000 8f885000   netbt    netbt.sys    Thu Nov 02 04:57:18 2006 (4549B2EE)
8f885000 8f8cc000   afd      afd.sys      Thu Nov 02 04:58:41 2006 (4549B341)
8f8cc000 8f8e0000   smb      smb.sys      Thu Nov 02 04:57:10 2006 (4549B2E6)
8f8e0000 8f8f5000   tdx      tdx.sys      Thu Nov 02 04:57:34 2006 (4549B2FE)
8f8f5000 8f90e000   fwpkclnt fwpkclnt.sys Thu Nov 02 04:57:26 2006 (4549B2F6)
8f90e000 8f9df000   tcpip    tcpip.sys    Sun Jan 13 22:17:51 2008 (478AD45F)
8f9ff000 8fbff3c0   RTKVHDA  RTKVHDA.sys  Wed Mar 26 06:35:47 2008 (47EA2703)
8fca2000 8fcb8000   usbcir   usbcir.sys   Thu Nov 02 04:55:08 2006 (4549B26C)
8fcc8000 8fd40000   netr73   netr73.sys   Sun Sep 23 23:09:09 2007 (46F72A55)
8fd40000 8fd57000   usbccgp  usbccgp.sys  Thu Aug 30 21:23:48 2007 (46D76DA4)
8fd57000 8fd6e000   aswSP    aswSP.SYS    Sat Jul 19 10:35:15 2008 (4881FBA3)
8fdae000 8fdc5000   dfsc     dfsc.sys     Thu Nov 02 04:31:04 2006 (4549ACC8)
8fdc5000 8fe00000   rdbss    rdbss.sys    Thu Nov 02 04:31:24 2006 (4549ACDC)
94e00000 94fff000   win32k   win32k.sys   unavailable (00000000)
97c11000 97c28000   aswMonFlt aswMonFlt.sys Sat Jul 19 10:36:01 2008 (4881FBD1)
97c40000 97c48000   aswFsBlk aswFsBlk.sys Sat Jul 19 10:37:40 2008 (4881FC34)
97f25000 97f40000   luafv    luafv.sys    Thu Nov 02 04:33:07 2006 (4549AD43)
98200000 98209000   TSDDD    TSDDD.dll    unavailable (00000000)
98210000 9821e000   cdd      cdd.dll      unavailable (00000000)
99c39000 99c4c000   rspndr   rspndr.sys   Thu Nov 02 04:56:48 2006 (4549B2D0)
99c4c000 99c77000   nwifi    nwifi.sys    Mon Oct 29 21:21:14 2007 (4726870A)
99c77000 99d05000   spsys    spsys.sys    Wed Oct 25 18:43:28 2006 (453FE890)
9a408000 9a421000   bowser   bowser.sys   Thu Nov 02 04:31:11 2006 (4549ACCF)
9a421000 9a43c000   srvnet   srvnet.sys   Thu Oct 25 21:40:43 2007 (4721459B)
9a43c000 9a4a2000   HTTP     HTTP.sys     Thu Nov 02 04:57:06 2006 (4549B2E2)
9aa73000 9aabf000   srv      srv.sys      Thu Nov 02 04:31:55 2006 (4549ACFB)
9aabf000 9aae3000   srv2     srv2.sys     Thu Oct 25 21:40:47 2007 (4721459F)
9aae3000 9aaf5000   mrxsmb20 mrxsmb20.sys Thu Oct 25 21:40:16 2007 (47214580)
9aaf5000 9ab2e000   mrxsmb10 mrxsmb10.sys Thu Nov 02 04:31:25 2006 (4549ACDD)
9ab2e000 9ab4c000   mrxsmb   mrxsmb.sys   Thu Oct 25 21:40:17 2007 (47214581)
9ab4c000 9ab6c000   mrxdav   mrxdav.sys   Fri Jan 11 20:45:54 2008 (47881BD2)
9ab6c000 9ab80000   mpsdrv   mpsdrv.sys   Wed Jun 06 22:55:55 2007 (466773BB)
9de8f000 9dea1000   WUDFPf   WUDFPf.sys   Thu Nov 02 04:54:36 2006 (4549B24C)
9dea1000 9deb5280   WUDFRd   WUDFRd.sys   Thu Nov 02 04:54:51 2006 (4549B25B)
a1ea2000 a1f80000   peauth   peauth.sys   Mon Oct 23 04:55:32 2006 (453C8384)
a2718000 a272e000   cdfs     cdfs.sys     Thu Nov 02 04:30:50 2006 (4549ACBA)
a3392000 a33c0000   RDPWD    RDPWD.SYS    Thu Nov 02 05:02:08 2006 (4549B410)
be99b000 be9d6000   udfs     udfs.sys     Thu Nov 02 04:30:57 2006 (4549ACC1)
c4f98000 c4fc0000   fastfat  fastfat.SYS  Thu Nov 02 04:30:49 2006 (4549ACB9)

Unloaded modules:
c5139000 c5200000   hiber_iaStor
    Timestamp: unavailable (00000000)
    Checksum:  00000000
c4f39000 c5000000   hiber_iaStor
    Timestamp: unavailable (00000000)
    Checksum:  00000000
8dbc0000 8dbc8000   drmkaud.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
8b808000 8b815000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
8e939000 8ea00000   dump_iaStor.
    Timestamp: unavailable (00000000)
    Checksum:  00000000
8df9d000 8dfa6000   kbdhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
8f22b000 8f23e000   i8042prt.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
1: kd> !process
GetPointerFromAddress: unable to read from 81d315b0
PROCESS 81cf8740  SessionId: none  Cid: 0000    Peb: 00000000  ParentCid: 0000
    DirBase: 00122000  ObjectTable: 8b4003b8  HandleCount: <Data Not Accessible>
    Image:  ÑÐ�
    VadRoot 00000000 Vads 0 Clone 0 Private 0. Modified 0. Locked 0.
    DeviceMap 00000000
    Token                             8b403a58
    ReadMemory error: Cannot get nt!KeMaximumIncrement value.
ffdf0000: Unable to get shared data
    ElapsedTime                       00:00:00.000
    UserTime                          00:00:00.000
    KernelTime                        00:00:00.000
    QuotaPoolUsage[PagedPool]         0
    QuotaPoolUsage[NonPagedPool]      0
    Working Set Sizes (now,min,max)  (7, 50, 450) (28KB, 200KB, 1800KB)
    PeakWorkingSetSize                0
    VirtualSize                       0 Mb
    PeakVirtualSize                   0 Mb
    PageFaultCount                    0
    MemoryPriority                    BACKGROUND
    BasePriority                      0
    CommitCharge                      0

        *** Error in reading nt!_ETHREAD @ 81cf8300

1: kd> lmvm pacer
start    end        module name
8f83d000 8f853000   pacer      (pdb symbols)          c:\symbols\pacer.pdb\555D8F442AD3401C85BADBEED28004851\pacer.pdb
    Loaded symbol image file: pacer.sys
    Mapped memory image file: c:\symbols\pacer.sys\468AF78516000\pacer.sys
    Image path: \SystemRoot\system32\DRIVERS\pacer.sys
    Image name: pacer.sys
    Timestamp:        Tue Jul 03 21:27:33 2007 (468AF785)
    CheckSum:         0001981A
    ImageSize:        00016000
    File version:     6.0.6000.16518
    Product version:  6.0.6000.16518
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        3.6 Driver
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     pacer.sys
    OriginalFilename: pacer.sys
    ProductVersion:   6.0.6000.16518
    FileVersion:      6.0.6000.16518 (vista_gdr.070703-1500)
    FileDescription:  QoS Packet Scheduler
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
1: kd> lm
start    end        module name
80204000 8020d000   WMILIB     (deferred)             
8020d000 8021a000   WDFLDR     (deferred)             
8021a000 80255000   CLFS       (deferred)             
80255000 8025d000   BOOTVID    (deferred)             
8025d000 80266000   PSHED      (deferred)             
80266000 802c6000   mcupdate_GenuineIntel   (deferred)             
802c6000 802ce000   kdcom      (deferred)             
80404000 80414000   fileinfo   (deferred)             
80414000 80424000   mountmgr   (deferred)             
80424000 80433000   volmgr     (deferred)             
80433000 8043b000   msisadrv   (deferred)             
8043b000 8047e000   acpi       (deferred)             
8047e000 804a4000   SCSIPORT   (deferred)             
804a4000 8051f000   Wdf01000   (deferred)             
8051f000 80600000   CI         (deferred)             
80606000 8060f000   crcdisk    (deferred)             
8060f000 8061e000   mup        (deferred)             
8061e000 8062d000   partmgr    (deferred)             
8062d000 80635000   spldr      (deferred)             
80635000 80660000   msrpc      (deferred)             
80660000 80691000   fltmgr     (deferred)             
80691000 806db000   volmgrx    (deferred)             
806db000 80700000   pci        (deferred)             
80700000 80800000   sptd       (deferred)             
81a10000 81a35000   ecache     (deferred)             
81a35000 81b39000   ndis       (pdb symbols)          c:\symbols\ndis.pdb\93E7C38CE3454B78AA882083F442C17A2\ndis.pdb
81b39000 81c00000   iastor     (deferred)             
81c00000 81fa1000   nt         (pdb symbols)          c:\symbols\ntkrpamp.pdb\7018E534B06E4A5BB6C63F6F2AA802072\ntkrpamp.pdb
81fa1000 81fd5000   hal        (deferred)             
8280e000 8281f000   disk       (deferred)             
8281f000 82855000   volsnap    (deferred)             
82855000 828bf000   ksecdd     (deferred)             
828bf000 829c7000   Ntfs       (deferred)             
829c7000 82a00000   NETIO      (pdb symbols)          c:\symbols\netio.pdb\D50557BEB72F4F829AED472217577B5E2\netio.pdb
82bdf000 82c00000   CLASSPNP   (deferred)             
8b6d5000 8b6e4280   ohci1394   (deferred)             
8b735000 8b745000   HIDCLASS   (deferred)             
8b765000 8b775000   lltdio     (deferred)             
8b7d9000 8b7e9000   NDProxy    (deferred)             
8b808000 8b815000   crashdmp   (deferred)             
8b852000 8b853700   USBD       (deferred)             
8b85a000 8b85b380   swenum     (deferred)             
8b904000 8b907000   BdaSup     (deferred)             
8b94c000 8b95b000   raspppoe   (deferred)             
8b95b000 8b96a000   termdd     (deferred)             
8b988000 8b997000   monitor    (deferred)             
8da15000 8da20000   tunnel     (deferred)             
8daa3000 8dab0000   watchdog   (deferred)             
8db2c000 8db33000   Null       (deferred)             
8db33000 8db3a000   Beep       (deferred)             
8db3a000 8db40380   HIDPARSE   (deferred)             
8db72000 8db79000   SASDIFSV   (deferred)             
8dbd0000 8dbd8000   mouhid     (deferred)             
8dbd8000 8dbe0000   RDPCDD     (deferred)             
8dbe0000 8dbe8000   rdpencdd   (deferred)             
8de17000 8de41000   ks         (deferred)             
8de41000 8de53000   HDAudBus   (deferred)             
8de53000 8de90000   USBPORT    (deferred)             
8deac000 8deba000   intelppm   (deferred)             
8deba000 8dec8000   usbehci    (deferred)             
8dec8000 8ded5080   1394BUS    (deferred)             
8ded6000 8dee4000   circlass   (deferred)             
8dee4000 8def2000   Npfs       (deferred)             
8def2000 8df00000   netbios    (deferred)             
8df94000 8df9d000   Fs_Rec     (deferred)             
8dfa6000 8dfaf000   rasacd     (deferred)             
8dfb8000 8dfc0360   aswTdi     (deferred)             
8dfc1000 8dfca000   tunmp      (deferred)             
8dfd3000 8dfdc000   hidusb     (deferred)             
8dfdc000 8dfe5000   kbdhid     (deferred)             
8e603000 8e6a0000   dxgkrnl    (deferred)             
8e6a0000 8e6ac000   vga        (deferred)             
8e6e8000 8e6f4000   tssecsrv   (deferred)             
8e760000 8e76a000   mssmbios   (deferred)             
8e774000 8e77e000   nsiproxy   (deferred)             
8e79c000 8e7a6000   Dxapi      (deferred)             
8e7ce000 8e7d8000   secdrv     (deferred)             
8e7ec000 8e7f6000   ndisuio    (deferred)             
8e805000 8e81c000   rasl2tp    (deferred)             
8e81c000 8e855000   arhbn85l   (deferred)             
8e855000 8e86d000   cdrom      (deferred)             
8e86d000 8e889000   Rtlh86   T (no symbols)           
8e889000 8e894000   usbuhci    (deferred)             
8e894000 8e89f000   TDI        (deferred)             
8e89f000 8e8aa000   ndistapi   (deferred)             
8e8aa000 8e8b5000   kbdclass   (deferred)             
8e8b5000 8e8c0000   mouclass   (deferred)             
8e8c0000 8e8cb000   Msfs       (deferred)             
8e8d6000 8e8e1000   hidir      (deferred)             
8e8ec000 8e8f7000   tdtcp      (deferred)             
8e918000 8e923000   tcpipreg   (deferred)             
8e93f000 8ea06000   dump_iaStor   (deferred)             
8ea06000 8ea3a000   usbhub     (deferred)             
8ea3a000 8ea47000   umbus      (deferred)             
8ea47000 8ea5a000   raspptp    (deferred)             
8ea5a000 8ea7d000   ndiswan    (deferred)             
8ea7d000 8eabd000   storport   (deferred)             
8eabd000 8eae8000   msiscsi    (deferred)             
8eae8000 8f1ff860   nvlddmkm   (deferred)             
8f20b000 8f21d000   USBSTOR    (deferred)             
8f21d000 8f23e000   VIDEOPRT   (deferred)             
8f25e000 8f261b20   aswRdr     (deferred)             
8f28e000 8f2b3000   drmk       (deferred)             
8f2b3000 8f2e0000   portcls    (deferred)             
8f2e0000 8f3ff200   HCW85BDA   (deferred)             
8f809000 8f82a000   SASKUTIL   (deferred)             
8f82a000 8f83d000   wanarp     (deferred)             
8f83d000 8f853000   pacer      (pdb symbols)          c:\symbols\pacer.pdb\555D8F442AD3401C85BADBEED28004851\pacer.pdb
8f853000 8f885000   netbt      (deferred)             
8f885000 8f8cc000   afd        (deferred)             
8f8cc000 8f8e0000   smb        (deferred)             
8f8e0000 8f8f5000   tdx        (deferred)             
8f8f5000 8f90e000   fwpkclnt   (deferred)             
8f90e000 8f9df000   tcpip      (pdb symbols)          c:\symbols\tcpip.pdb\37844BB3D4164F3ABE93BA62E89E022E2\tcpip.pdb
8f9ff000 8fbff3c0   RTKVHDA    (deferred)             
8fca2000 8fcb8000   usbcir     (deferred)             
8fcc8000 8fd40000   netr73     (deferred)             
8fd40000 8fd57000   usbccgp    (deferred)             
8fd57000 8fd6e000   aswSP      (deferred)             
8fdae000 8fdc5000   dfsc       (deferred)             
8fdc5000 8fe00000   rdbss      (deferred)             
94e00000 94fff000   win32k     (deferred)             
97c11000 97c28000   aswMonFlt   (deferred)             
97c40000 97c48000   aswFsBlk   (deferred)             
97f25000 97f40000   luafv      (deferred)             
98200000 98209000   TSDDD      (deferred)             
98210000 9821e000   cdd        (deferred)             
99c39000 99c4c000   rspndr     (deferred)             
99c4c000 99c77000   nwifi      (deferred)             
99c77000 99d05000   spsys      (deferred)             
9a408000 9a421000   bowser     (deferred)             
9a421000 9a43c000   srvnet     (deferred)             
9a43c000 9a4a2000   HTTP       (deferred)             
9aa73000 9aabf000   srv        (deferred)             
9aabf000 9aae3000   srv2       (deferred)             
9aae3000 9aaf5000   mrxsmb20   (deferred)             
9aaf5000 9ab2e000   mrxsmb10   (deferred)             
9ab2e000 9ab4c000   mrxsmb     (deferred)             
9ab4c000 9ab6c000   mrxdav     (deferred)             
9ab6c000 9ab80000   mpsdrv     (deferred)             
9de8f000 9dea1000   WUDFPf     (deferred)             
9dea1000 9deb5280   WUDFRd     (deferred)             
a1ea2000 a1f80000   peauth     (deferred)             
a2718000 a272e000   cdfs       (deferred)             
a3392000 a33c0000   RDPWD      (deferred)             
be99b000 be9d6000   udfs       (deferred)             
c4f98000 c4fc0000   fastfat    (deferred)             

Unloaded modules:
c5139000 c5200000   hiber_iaStor
c4f39000 c5000000   hiber_iaStor
8dbc0000 8dbc8000   drmkaud.sys
8b808000 8b815000   crashdmp.sys
8e939000 8ea00000   dump_iaStor.
8df9d000 8dfa6000   kbdhid.sys
8f22b000 8f23e000   i8042prt.sys




LOADED MODULE LIST:

WMILIB	80204000	8020d000	Thu Nov 02 04:54:53 2006 (4549b25d)	00004ea9		WMILIB.SYS
WDFLDR	8020d000	8021a000	Wed Dec 05 21:21:19 2007 (47575c9f)	00017523		WDFLDR.SYS
CLFS	8021a000	80255000	Wed Dec 05 20:55:42 2007 (4757569e)	0003a178		CLFS.SYS
BOOTVID	80255000	8025d000	Thu Nov 02 05:39:29 2006 (4549bcd1)	0000c572		BOOTVID.dll
PSHED	8025d000	80266000	Thu Nov 02 05:42:51 2006 (4549bd9b)	0001395b		PSHED.dll
mcupdate_GenuineIntel	80266000	802c6000	Mon Apr 23 23:40:05 2007 (462d7c15)	00065549		mcupdate_GenuineIntel.dll
kdcom	802c6000	802ce000	Thu Nov 02 05:42:20 2006 (4549bd7c)	00009994		kdcom.dll
fileinfo	80404000	80414000	Thu Nov 02 04:36:47 2006 (4549ae1f)	0001c10f		fileinfo.sys
mountmgr	80414000	80424000	Thu Nov 02 04:51:06 2006 (4549b17a)	0000f0b3		mountmgr.sys
volmgr	80424000	80433000	Thu Nov 02 04:51:44 2006 (4549b1a0)	00015faa		volmgr.sys
msisadrv	80433000	8043b000	Thu Nov 02 04:35:08 2006 (4549adbc)	0000d703		msisadrv.sys
acpi	8043b000	8047e000	Thu Aug 30 20:57:46 2007 (46d7678a)	00042bc2		acpi.sys
SCSIPORT	8047e000	804a4000	Thu Nov 02 04:51:38 2006 (4549b19a)	00031e8f		SCSIPORT.SYS
Wdf01000	804a4000	8051f000	Wed Dec 05 21:21:28 2007 (47575ca8)	000885f4		Wdf01000.sys
CI	8051f000	80600000	Mon Feb 18 23:59:14 2008 (47ba6222)	000a6aff		CI.dll
crcdisk	80606000	8060f000	Thu Nov 02 04:52:27 2006 (4549b1cb)	00006d96		crcdisk.sys
mup	8060f000	8061e000	Thu Nov 02 04:31:04 2006 (4549acc8)	00019b87		mup.sys
partmgr	8061e000	8062d000	Thu Nov 02 04:51:47 2006 (4549b1a3)	00015e29		partmgr.sys
spldr	8062d000	80635000	Wed Oct 25 18:40:44 2006 (453fe7ec)	0000bc5e		spldr.sys
msrpc	80635000	80660000	Thu Nov 02 04:50:16 2006 (4549b148)	00030f7f		msrpc.sys
fltmgr	80660000	80691000	Thu Nov 02 04:30:58 2006 (4549acc2)	00035410		fltmgr.sys
volmgrx	80691000	806db000	Thu Nov 02 04:51:54 2006 (4549b1aa)	0004955f		volmgrx.sys
pci	806db000	80700000	Thu Nov 02 04:35:13 2006 (4549adc1)	0002e8cb		pci.sys
sptd	80700000	80800000	Wed Mar 05 19:32:57 2008 (47cf3bb9)	000b4211		sptd.sys
ecache	81a10000	81a35000	Thu Nov 02 04:52:42 2006 (4549b1da)	0002a2cd		ecache.sys
ndis	81a35000	81b39000	Thu Nov 02 04:57:33 2006 (4549b2fd)	000889fd	PDB	c:\symbols\ndis.pdb\93E7C38CE3454B78AA882083F442C17A2\ndis.pdb
iastor	81b39000	81c00000	Thu Jul 12 18:59:22 2007 (4696b24a)	000596ab		iastor.sys
nt	81c00000	81fa1000	Tue Oct 09 21:46:20 2007 (470c2eec)	00366023	PDB	c:\symbols\ntkrpamp.pdb\7018E534B06E4A5BB6C63F6F2AA802072\ntkrpamp.pdb
hal	81fa1000	81fd5000	Sat Dec 23 23:05:34 2006 (458dfc8e)	00035dc3		halmacpi.dll
disk	8280e000	8281f000	Thu Nov 02 04:51:40 2006 (4549b19c)	00016517		disk.sys
volsnap	8281f000	82855000	Thu Oct 25 22:04:17 2007 (47214b21)	0003b087		volsnap.sys
ksecdd	82855000	828bf000	Thu Nov 02 04:43:45 2006 (4549afc1)	00064045		ksecdd.sys
Ntfs	828bf000	829c7000	Thu Oct 25 21:40:39 2007 (47214597)	0010dd91		Ntfs.sys
NETIO	829c7000	82a00000	Sun Jan 13 22:17:13 2008 (478ad439)	00042d04	PDB	c:\symbols\netio.pdb\D50557BEB72F4F829AED472217577B5E2\netio.pdb
CLASSPNP	82bdf000	82c00000	Thu Nov 02 04:51:34 2006 (4549b196)	00028767		CLASSPNP.SYS
ohci1394	8b6d5000	8b6e4280	Thu Nov 02 04:55:16 2006 (4549b274)	0000fa1f		ohci1394.sys
HIDCLASS	8b735000	8b745000	Thu Nov 02 04:55:00 2006 (4549b264)	00014363		HIDCLASS.SYS
lltdio	8b765000	8b775000	Thu Nov 02 04:56:48 2006 (4549b2d0)	00010aff		lltdio.sys
NDProxy	8b7d9000	8b7e9000	Tue Jul 03 21:28:13 2007 (468af7ad)	00013454		NDProxy.SYS
<Unloaded>	8b808000	8b815000	Wed Dec 31 19:00:00 1969 (00000000)	00000000	None	\SystemRoot\System32\Drivers\crashdmp.sys
crashdmp	8b808000	8b815000	Thu Nov 02 04:51:36 2006 (4549b198)	0001054e		crashdmp.sys
USBD	8b852000	8b853700	Thu Aug 30 21:23:36 2007 (46d76d98)	0000f284		USBD.SYS
swenum	8b85a000	8b85b380	Thu Nov 02 04:51:15 2006 (4549b183)	00007ae5		swenum.sys
BdaSup	8b904000	8b907000	Thu Nov 02 04:55:15 2006 (4549b273)	00004359		BdaSup.SYS
raspppoe	8b94c000	8b95b000	Thu Nov 02 04:58:12 2006 (4549b324)	00015c59		raspppoe.sys
termdd	8b95b000	8b96a000	Thu Nov 02 05:02:00 2006 (4549b408)	00016581		termdd.sys
monitor	8b988000	8b997000	Thu Nov 02 04:54:05 2006 (4549b22d)	000126ad		monitor.sys
tunnel	8da15000	8da20000	Wed Jun 06 22:57:03 2007 (466773ff)	0000a64f		tunnel.sys
watchdog	8daa3000	8dab0000	Thu Nov 02 04:37:44 2006 (4549ae58)	0000e618		watchdog.sys
Null	8db2c000	8db33000	Thu Nov 02 04:51:05 2006 (4549b179)	0000ed81		Null.SYS
Beep	8db33000	8db3a000	Thu Nov 02 04:51:03 2006 (4549b177)	0000f272		Beep.SYS
HIDPARSE	8db3a000	8db40380	Thu Nov 02 04:55:00 2006 (4549b264)	00008a44		HIDPARSE.SYS
SASDIFSV	8db72000	8db79000	Wed Apr 16 17:39:35 2008 (48067217)	00011079		SASDIFSV.SYS
<Unloaded>	8dbc0000	8dbc8000	Wed Dec 31 19:00:00 1969 (00000000)	00000000	None	drmkaud.sys
mouhid	8dbd0000	8dbd8000	Wed Dec 05 21:18:25 2007 (47575bf1)	0001326b		mouhid.sys
RDPCDD	8dbd8000	8dbe0000	Thu Nov 02 05:02:01 2006 (4549b409)	000095c6		RDPCDD.sys
rdpencdd	8dbe0000	8dbe8000	Thu Nov 02 05:02:01 2006 (4549b409)	0000cdee		rdpencdd.sys
ks	8de17000	8de41000	Thu Nov 02 04:51:18 2006 (4549b186)	000285ff		ks.sys
HDAudBus	8de41000	8de53000	Sat Mar 24 14:54:34 2007 (460573ea)	0001a527		HDAudBus.sys
USBPORT	8de53000	8de90000	Thu Aug 30 21:23:43 2007 (46d76d9f)	000465c5		USBPORT.SYS
intelppm	8deac000	8deba000	Thu Nov 02 04:30:18 2006 (4549ac9a)	00013132		intelppm.sys
usbehci	8deba000	8dec8000	Thu Aug 30 21:23:40 2007 (46d76d9c)	000106f3		usbehci.sys
1394BUS	8dec8000	8ded5080	Thu Nov 02 04:55:12 2006 (4549b270)	0001a682		1394BUS.SYS
circlass	8ded6000	8dee4000	Thu Nov 02 04:55:08 2006 (4549b26c)	0000c044		circlass.sys
Npfs	8dee4000	8def2000	Thu Nov 02 04:30:57 2006 (4549acc1)	00016ea8		Npfs.SYS
netbios	8def2000	8df00000	Thu Nov 02 04:57:26 2006 (4549b2f6)	0000f480		netbios.sys
Fs_Rec	8df94000	8df9d000	Mon Apr 16 21:26:39 2007 (4624224f)	000083ab		Fs_Rec.SYS
<Unloaded>	8df9d000	8dfa6000	Wed Dec 31 19:00:00 1969 (00000000)	00000000	None	kbdhid.sys
rasacd	8dfa6000	8dfaf000	Thu Nov 02 04:58:13 2006 (4549b325)	0000e90b		rasacd.sys
aswTdi	8dfb8000	8dfc0360	Sat Jul 19 10:32:33 2008 (4881fb01)	0001305d		aswTdi.SYS
tunmp	8dfc1000	8dfca000	Wed Jun 06 22:56:53 2007 (466773f5)	0000774f		tunmp.sys
hidusb	8dfd3000	8dfdc000	Thu Nov 02 04:55:01 2006 (4549b265)	0000c577		hidusb.sys
kbdhid	8dfdc000	8dfe5000	Wed Dec 05 21:18:26 2007 (47575bf2)	0000f5d9		kbdhid.sys
dxgkrnl	8e603000	8e6a0000	Mon Jul 02 21:01:10 2007 (46899fd6)	000a2242		dxgkrnl.sys
vga	8e6a0000	8e6ac000	Thu Nov 02 04:53:56 2006 (4549b224)	0000ae5e		vga.sys
tssecsrv	8e6e8000	8e6f4000	Thu Nov 02 05:02:07 2006 (4549b40f)	00006c99		tssecsrv.sys
mssmbios	8e760000	8e76a000	Thu Nov 02 04:35:13 2006 (4549adc1)	00010ccd		mssmbios.sys
nsiproxy	8e774000	8e77e000	Thu Nov 02 04:57:30 2006 (4549b2fa)	0000d051		nsiproxy.sys
Dxapi	8e79c000	8e7a6000	Thu Nov 02 04:38:17 2006 (4549ae79)	0000c639		Dxapi.sys
secdrv	8e7ce000	8e7d8000	Wed Sep 13 09:18:32 2006 (45080528)	0000f9e8		secdrv.SYS
ndisuio	8e7ec000	8e7f6000	Thu Nov 02 04:57:22 2006 (4549b2f2)	000086d8		ndisuio.sys
rasl2tp	8e805000	8e81c000	Mon Jan 08 21:17:02 2007 (45a2fb1e)	00017ce1		rasl2tp.sys
arhbn85l	8e81c000	8e855000	Sun Jul 13 18:54:00 2008 (487a8788)	00042e1d		arhbn85l.SYS
cdrom	8e855000	8e86d000	Thu Nov 02 04:51:44 2006 (4549b1a0)	0001ba75		cdrom.sys
Rtlh86	8e86d000	8e889000	Wed Oct 03 04:18:11 2007 (47035043)	0001f0b7	None	Rtlh86.sys
usbuhci	8e889000	8e894000	Thu Aug 30 21:23:39 2007 (46d76d9b)	00015340		usbuhci.sys
TDI	8e894000	8e89f000	Thu Nov 02 04:58:46 2006 (4549b346)	0000b17f		TDI.SYS
ndistapi	8e89f000	8e8aa000	Tue Jul 03 21:28:09 2007 (468af7a9)	0000e7eb		ndistapi.sys
kbdclass	8e8aa000	8e8b5000	Wed Dec 05 21:18:23 2007 (47575bef)	0000b667		kbdclass.sys
mouclass	8e8b5000	8e8c0000	Wed Dec 05 21:18:22 2007 (47575bee)	000114e0		mouclass.sys
Msfs	8e8c0000	8e8cb000	Thu Nov 02 04:30:56 2006 (4549acc0)	0000fc5e		Msfs.SYS
hidir	8e8d6000	8e8e1000	Thu Nov 02 04:55:01 2006 (4549b265)	000143ca		hidir.sys
tdtcp	8e8ec000	8e8f7000	Thu Nov 02 05:02:01 2006 (4549b409)	0000f9a4		tdtcp.sys
tcpipreg	8e918000	8e923000	Thu Nov 02 04:57:46 2006 (4549b30a)	0000792d		tcpipreg.sys
<Unloaded>	8e939000	8ea00000	Wed Dec 31 19:00:00 1969 (00000000)	00000000	None	dump_iaStor.
dump_iaStor	8e93f000	8ea06000	Thu Jul 12 18:59:22 2007 (4696b24a)	000596f5		dump_iaStor.sys
usbhub	8ea06000	8ea3a000	Thu Aug 30 21:24:00 2007 (46d76db0)	0003d3c0		usbhub.sys
umbus	8ea3a000	8ea47000	Thu Nov 02 04:55:24 2006 (4549b27c)	0000a198		umbus.sys
raspptp	8ea47000	8ea5a000	Mon Jan 08 21:17:01 2007 (45a2fb1d)	0001dac8		raspptp.sys
ndiswan	8ea5a000	8ea7d000	Thu Nov 02 04:58:13 2006 (4549b325)	00023d9f		ndiswan.sys
storport	8ea7d000	8eabd000	Thu Nov 02 04:51:45 2006 (4549b1a1)	0001ecb2		storport.sys
msiscsi	8eabd000	8eae8000	Thu Nov 02 04:52:40 2006 (4549b1d8)	0002c426		msiscsi.sys
nvlddmkm	8eae8000	8f1ff860	Thu Apr 17 16:11:28 2008 (4807aef0)	0071a860		nvlddmkm.sys
USBSTOR	8f20b000	8f21d000	Fri Apr 27 22:39:34 2007 (4632b3e6)	00016434		USBSTOR.SYS
VIDEOPRT	8f21d000	8f23e000	Thu Nov 02 04:54:07 2006 (4549b22f)	0001dd84		VIDEOPRT.SYS
<Unloaded>	8f22b000	8f23e000	Wed Dec 31 19:00:00 1969 (00000000)	00000000	None	i8042prt.sys
aswRdr	8f25e000	8f261b20	Sat Jul 19 10:33:40 2008 (4881fb44)	0000a3ed		aswRdr.SYS
drmk	8f28e000	8f2b3000	Thu Nov 02 05:20:49 2006 (4549b871)	0002e713		drmk.sys
portcls	8f2b3000	8f2e0000	Thu Nov 02 04:55:02 2006 (4549b266)	00034f0f		portcls.sys
HCW85BDA	8f2e0000	8f3ff200	Tue Mar 18 19:14:19 2008 (47e04ccb)	001275c3		HCW85BDA.sys
SASKUTIL	8f809000	8f82a000	Mon Apr 28 17:17:42 2008 (48163ef6)	00011c05		SASKUTIL.sys
wanarp	8f82a000	8f83d000	Tue Jul 03 21:28:16 2007 (468af7b0)	0001cff4		wanarp.sys
pacer	8f83d000	8f853000	Tue Jul 03 21:27:33 2007 (468af785)	0001981a	PDB	c:\symbols\pacer.pdb\555D8F442AD3401C85BADBEED28004851\pacer.pdb
netbt	8f853000	8f885000	Thu Nov 02 04:57:18 2006 (4549b2ee)	0002dca1		netbt.sys
afd	8f885000	8f8cc000	Thu Nov 02 04:58:41 2006 (4549b341)	00049ffb		afd.sys
smb	8f8cc000	8f8e0000	Thu Nov 02 04:57:10 2006 (4549b2e6)	00010933		smb.sys
tdx	8f8e0000	8f8f5000	Thu Nov 02 04:57:34 2006 (4549b2fe)	0001fe16		tdx.sys
fwpkclnt	8f8f5000	8f90e000	Thu Nov 02 04:57:26 2006 (4549b2f6)	0002402a		fwpkclnt.sys
tcpip	8f90e000	8f9df000	Sun Jan 13 22:17:51 2008 (478ad45f)	000c7a7f	PDB	c:\symbols\tcpip.pdb\37844BB3D4164F3ABE93BA62E89E022E2\tcpip.pdb
RTKVHDA	8f9ff000	8fbff3c0	Wed Mar 26 06:35:47 2008 (47ea2703)	0020bd7b		RTKVHDA.sys
usbcir	8fca2000	8fcb8000	Thu Nov 02 04:55:08 2006 (4549b26c)	00020a05		usbcir.sys
netr73	8fcc8000	8fd40000	Sun Sep 23 23:09:09 2007 (46f72a55)	000791cb		netr73.sys
usbccgp	8fd40000	8fd57000	Thu Aug 30 21:23:48 2007 (46d76da4)	0001810b		usbccgp.sys
aswSP	8fd57000	8fd6e000	Sat Jul 19 10:35:15 2008 (4881fba3)	000202bc		aswSP.SYS
dfsc	8fdae000	8fdc5000	Thu Nov 02 04:31:04 2006 (4549acc8)	00015c96		dfsc.sys
rdbss	8fdc5000	8fe00000	Thu Nov 02 04:31:24 2006 (4549acdc)	0003a186		rdbss.sys
win32k	94e00000	94fff000	Wed Dec 31 19:00:00 1969 (00000000)	00000000		win32k.sys
aswMonFlt	97c11000	97c28000	Sat Jul 19 10:36:01 2008 (4881fbd1)	0000f986		aswMonFlt.sys
aswFsBlk	97c40000	97c48000	Sat Jul 19 10:37:40 2008 (4881fc34)	00008a97		aswFsBlk.sys
luafv	97f25000	97f40000	Thu Nov 02 04:33:07 2006 (4549ad43)	0001bbef		luafv.sys
TSDDD	98200000	98209000	Wed Dec 31 19:00:00 1969 (00000000)	00000000		TSDDD.dll
cdd	98210000	9821e000	Wed Dec 31 19:00:00 1969 (00000000)	00000000		cdd.dll
rspndr	99c39000	99c4c000	Thu Nov 02 04:56:48 2006 (4549b2d0)	00016310		rspndr.sys
nwifi	99c4c000	99c77000	Mon Oct 29 21:21:14 2007 (4726870a)	00028ae3		nwifi.sys
spsys	99c77000	99d05000	Wed Oct 25 18:43:28 2006 (453fe890)	00089d11		spsys.sys
bowser	9a408000	9a421000	Thu Nov 02 04:31:11 2006 (4549accf)	0001d6ec		bowser.sys
srvnet	9a421000	9a43c000	Thu Oct 25 21:40:43 2007 (4721459b)	0001dae5		srvnet.sys
HTTP	9a43c000	9a4a2000	Thu Nov 02 04:57:06 2006 (4549b2e2)	0006169a		HTTP.sys
srv	9aa73000	9aabf000	Thu Nov 02 04:31:55 2006 (4549acfb)	0005310d		srv.sys
srv2	9aabf000	9aae3000	Thu Oct 25 21:40:47 2007 (4721459f)	0002b85a		srv2.sys
mrxsmb20	9aae3000	9aaf5000	Thu Oct 25 21:40:16 2007 (47214580)	00016bd9		mrxsmb20.sys
mrxsmb10	9aaf5000	9ab2e000	Thu Nov 02 04:31:25 2006 (4549acdd)	00042ee5		mrxsmb10.sys
mrxsmb	9ab2e000	9ab4c000	Thu Oct 25 21:40:17 2007 (47214581)	0001962a		mrxsmb.sys
mrxdav	9ab4c000	9ab6c000	Fri Jan 11 20:45:54 2008 (47881bd2)	00029c6f		mrxdav.sys
mpsdrv	9ab6c000	9ab80000	Wed Jun 06 22:55:55 2007 (466773bb)	00017b0b		mpsdrv.sys
WUDFPf	9de8f000	9dea1000	Thu Nov 02 04:54:36 2006 (4549b24c)	00018bf0		WUDFPf.sys
WUDFRd	9dea1000	9deb5280	Thu Nov 02 04:54:51 2006 (4549b25b)	0001ce3c		WUDFRd.sys
peauth	a1ea2000	a1f80000	Mon Oct 23 04:55:32 2006 (453c8384)	000dbd03		peauth.sys
cdfs	a2718000	a272e000	Thu Nov 02 04:30:50 2006 (4549acba)	0001eeb3		cdfs.sys
RDPWD	a3392000	a33c0000	Thu Nov 02 05:02:08 2006 (4549b410)	00030170		RDPWD.SYS
udfs	be99b000	be9d6000	Thu Nov 02 04:30:57 2006 (4549acc1)	0003a0f8		udfs.sys
<Unloaded>	c4f39000	c5000000	Wed Dec 31 19:00:00 1969 (00000000)	00000000	None	hiber_iaStor
fastfat	c4f98000	c4fc0000	Thu Nov 02 04:30:49 2006 (4549acb9)	0002a9c1		fastfat.SYS
<Unloaded>	c5139000	c5200000	Wed Dec 31 19:00:00 1969 (00000000)	00000000	None	hiber_iaStor

[/size][/font]
```


Regards. . .

jcgriff2


----------



## kim50 (Jul 20, 2008)

I reset the firewall to default and then I tried running defender and got this:









Rebooting made no difference so I looked in services and found it was stopped (I started it yesterday). I have started it again and its running now and has completed scan which found nothing.


----------



## kim50 (Jul 20, 2008)

Anything to report yet JC? Although we haven't tried Call of Duty 4 again yet, everything seems to be stable up to now :icon_bigg


----------



## af3 (Jun 18, 2008)

kim50 said:


> I reset the firewall to default and then I tried running defender and got this:
> 
> 
> 
> ...


To prevent this problem in the future, switch the service's startup mode from manual to automatic. I am not sure this is a recommended move but it should prevent this error from happening in the future. I would think the program would start it's service on demand/when needed but I guess it is not... :4-dontkno


----------



## jcgriff2 (Sep 30, 2007)

Hi Kim...

I have been going through the kernel dump and have found that one process running at the time of the crash was iexplore.exe - IE7. To show you one difference between the minidump and the kernel dump, the minidump reported process as this - just a little difficult for me to know that it was IE7:

```
[B]PROCESS_NAME:   ÑÐ[/B]
```
.

No big surprise that the bugcheck was the same as the minidump 0x000000d1 (0x40020028, 0x00000002, 0x00000001, 0x8f83f552).

At this time I would take a closer look at the Realtek RTL8168C/8111C Family PCI-E Gigabit Ethernet NIC driver Rtlh86.sys - per dxdiag:

```
Name: Realtek RTL8168C/8111C Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)

Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_2A6F103C&REV_02\4&5D52B92&0&00E2

Driver: C:\Windows\system32\DRIVERS\[COLOR=red]Rtlh86.sys[/COLOR], 
6.198.1003.2007 (English), 10/3/2007 17:18:12, 99840 bytes
```
The reason being is that there was a driver update - v6.207 for Windows Vista and Server 2008 - on July 25, 2008, and can be found on the Realtek download site HERE.

I sent a reply PM to you with additional info.

Regards. . .

jcgriff2


----------



## kim50 (Jul 20, 2008)

Thanks JC, most of it is foreign to my aging brain.........lol Do I need to install that realtek driver?


----------



## jcgriff2 (Sep 30, 2007)

Hi Kim...

I would say yes based on what I found in the kernel dump so far - and that you do use the Realtek Ethernet for your Internet connection. Eventhough the Realtek driver was not listed as the probable cause of the BSOD, Internet Explorer was listed a process active at the time; hence your Ethernet connection and related software may not have been innocent bystanders.

Rather than going to the Realtek site via the link that I provided, go to the HP website instead, found HERE. I see that there are also other driver updates available -Realtek audio driver, Nvidia graphics, BIOS and firmware for your DVD as well.

Usually these updates come in automatically or you are alerted to the fact they are available. Does your system have the HP Total Care Advisor? Click on start and type HP into the start search box and see if something like that appears on the menu. I just tried the same on an HP laptop here and it came up.

Either way, I would update the Realtek Ethernet driver. It is listed under "Driver - Network" - "Realtek RTL81xx Series LAN Driver Update" - 3rd one down on the HP site.

Then use your system and let me know how you make out.

Regards. . .

jcgriff2


----------



## kim50 (Jul 20, 2008)

The driver update didn't show in HP Advisor so I went to the site and installed it from there
Everything seems fine so far, no more bsod since. Fingers crossed

Thanks for all your help, it's appreciated


----------



## jcgriff2 (Sep 30, 2007)

Hi Kim. . .

I do hope the driver update does it.
'
I just want to reference your new BSOD thread in the Gaming Forum involving SIMS.

http://www.techsupportforum.com/f59...after-to-run-blue-screen-of-death-275476.html

Regards. . .

JC

.


----------



## katiesnan (Jan 14, 2008)

Sorry to say, experienced BSOD again this morning.  My grandson was playing Peggle (game) and the PC crashed and shut down to BSOD. I am attaching mini dump
Thanks
Kim


----------



## katiesnan (Jan 14, 2008)

oops sorry I didn't realise I had 2 accounts here


----------



## jcgriff2 (Sep 30, 2007)

Hi Kim. . .

The bugcheck for the August 2, 2008, BSOD was 0x00000101 (0x00000031, 0x00000000, 0x803d1120, 0x00000001), with and unknown module at fault. 0x101 = CLOCK_WATCHDOG_TIMEOUT - and means that a processor was hung - it did not respond in the time provided.

One thing that did show - but not as a primary probable cause was the driver sptd.sys for Daemon Tools. I would suggest un-installing Daemon Tools and see how the system performs then.



```
Loading Dump File [D:\#Dumps\Kim50  - KERNEL DUMP - Vista - 07-23-08\Mini080208-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows Server 2008 Kernel Version 6001 (Service Pack 1) MP (4 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6001.18063.x86fre.vistasp1_gdr.080425-1930
Kernel base = 0x81c42000 PsLoadedModuleList = 0x81d59c70
Debug session time: Sat Aug  2 06:17:22.792 2008 (GMT-4)
System Uptime: 0 days 2:55:27.431
Loading Kernel Symbols
...............................................................................................................................................
Loading User Symbols
Loading unloaded module list
........
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 101, {31, 0, 803d1120, 1}

*** WARNING: Unable to verify timestamp for sptd.sys
*** ERROR: Module load completed but symbols could not be loaded for sptd.sys
Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )

Followup: MachineOwner
---------

0: kd> !analyze -v;r;kv;lmtn
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

CLOCK_WATCHDOG_TIMEOUT (101)
An expected clock interrupt was not received on a secondary processor in an
MP system within the allocated interval. This indicates that the specified
processor is hung and not processing interrupts.
Arguments:
Arg1: 00000031, Clock interrupt time out interval in nominal clock ticks.
Arg2: 00000000, 0.
Arg3: 803d1120, The PRCB address of the hung processor.
Arg4: 00000001, 0.

Debugging Details:
------------------


BUGCHECK_STR:  CLOCK_WATCHDOG_TIMEOUT

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  System

CURRENT_IRQL:  1c

STACK_TEXT:  
81d378bc 81cfa321 00000101 00000031 00000000 nt!KeBugCheckEx+0x1e
81d378f0 81cfa02d 0000001b 000000d1 81d379b0 nt!KeUpdateRunTime+0xd5
81d378f0 81cf9cc0 0000001b 000000d1 81d379b0 nt!KeUpdateSystemTime+0xed
81d3797c 81c48671 0000000e 81c48712 8069e982 nt!KiIpiSendPacket+0xac
81d379b0 8069eb3e 8069e982 81d379c8 00040000 nt!KeIpiGenericCall+0x6e
WARNING: Stack unwind information not available. Following frames may be wrong.
81d37a00 8069f26a 0000001f 8069e84e 81d37a24 sptd+0x14b3e
81d37a30 806995e3 01000001 871fc3a8 87cd5f20 sptd+0x1526a
81d37a48 8069af6d 00000103 87cab500 87bf9008 sptd+0xf5e3
81d37a74 8069d8c4 871fc2f0 81d37acc 8069a8ec sptd+0x10f6d
81d37ae4 81cfe053 87c66030 871fc2f0 871fc2f0 sptd+0x138c4
81d37afc 8ad9f264 87c7ab70 87cab4e0 87c7aab8 nt!IofCallDriver+0x63
81d37b10 8ad9f45d 87c7ab70 87cab4f8 00000000 CLASSPNP!ClasspSendMediaStateIrp+0x2ec
81d37b28 8ad9f2af 87c7ab70 8778609c 81d76cc0 CLASSPNP!ClassCheckMediaState+0x54
81d37b48 81c7c598 87c7aab8 00000000 81d37b94 CLASSPNP!ClasspTimerTick+0x41
81d37b68 81cf8d00 81d76ca0 02d76c44 f0962340 nt!IopTimerDispatch+0x49
81d37c88 81cf88c0 81d37cd0 8451ec02 81d37cd8 nt!KiTimerListExpire+0x367
81d37ce8 81cf8483 00000000 00000000 000a4a96 nt!KiTimerExpiration+0x22a
81d37d50 81cf6f9d 00000000 0000000e 00000000 nt!KiRetireDpcList+0xba
81d37d54 00000000 0000000e 00000000 00000000 nt!KiIdleLoop+0x49


STACK_COMMAND:  kb

SYMBOL_NAME:  ANALYSIS_INCONCLUSIVE

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: Unknown_Module

IMAGE_NAME:  Unknown_Image

DEBUG_FLR_IMAGE_TIMESTAMP:  0

FAILURE_BUCKET_ID:  CLOCK_WATCHDOG_TIMEOUT_ANALYSIS_INCONCLUSIVE

BUCKET_ID:  CLOCK_WATCHDOG_TIMEOUT_ANALYSIS_INCONCLUSIVE

Followup: MachineOwner
---------

eax=81d3a920 ebx=00000000 ecx=81d421f8 edx=00000108 esi=81d3a93c edi=81d37530
eip=81d0f163 esp=81d378a0 ebp=81d378bc iopl=0         nv up ei pl nz na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00000206
nt!KeBugCheckEx+0x1e:
81d0f163 8be5            mov     esp,ebp
ChildEBP RetAddr  Args to Child              
81d378bc 81cfa321 00000101 00000031 00000000 nt!KeBugCheckEx+0x1e
81d378f0 81cfa02d 0000001b 000000d1 81d379b0 nt!KeUpdateRunTime+0xd5
81d378f0 81cf9cc0 0000001b 000000d1 81d379b0 nt!KeUpdateSystemTime+0xed (FPO: [0,2] TrapFrame @ 81d37900)
81d3797c 81c48671 0000000e 81c48712 8069e982 nt!KiIpiSendPacket+0xac (FPO: [5,2,0])
81d379b0 8069eb3e 8069e982 81d379c8 00040000 nt!KeIpiGenericCall+0x6e
WARNING: Stack unwind information not available. Following frames may be wrong.
81d37a00 8069f26a 0000001f 8069e84e 81d37a24 sptd+0x14b3e
81d37a30 806995e3 01000001 871fc3a8 87cd5f20 sptd+0x1526a
81d37a48 8069af6d 00000103 87cab500 87bf9008 sptd+0xf5e3
81d37a74 8069d8c4 871fc2f0 81d37acc 8069a8ec sptd+0x10f6d
81d37ae4 81cfe053 87c66030 871fc2f0 871fc2f0 sptd+0x138c4
81d37afc 8ad9f264 87c7ab70 87cab4e0 87c7aab8 nt!IofCallDriver+0x63
81d37b10 8ad9f45d 87c7ab70 87cab4f8 00000000 CLASSPNP!ClasspSendMediaStateIrp+0x2ec (FPO: [Non-Fpo])
81d37b28 8ad9f2af 87c7ab70 8778609c 81d76cc0 CLASSPNP!ClassCheckMediaState+0x54 (FPO: [Non-Fpo])
81d37b48 81c7c598 87c7aab8 00000000 81d37b94 CLASSPNP!ClasspTimerTick+0x41 (FPO: [Non-Fpo])
81d37b68 81cf8d00 81d76ca0 02d76c44 f0962340 nt!IopTimerDispatch+0x49
81d37c88 81cf88c0 81d37cd0 8451ec02 81d37cd8 nt!KiTimerListExpire+0x367
81d37ce8 81cf8483 00000000 00000000 000a4a96 nt!KiTimerExpiration+0x22a
81d37d50 81cf6f9d 00000000 0000000e 00000000 nt!KiRetireDpcList+0xba
81d37d54 00000000 0000000e 00000000 00000000 nt!KiIdleLoop+0x49 (FPO: [0,0,0])
start    end        module name
80400000 80408000   kdcom    kdcom.dll    Sat Jan 19 02:31:53 2008 (4791A769)
80408000 80468000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Sat Jan 19 02:29:43 2008 (4791A6E7)
80468000 80479000   PSHED    PSHED.dll    Sat Jan 19 02:31:21 2008 (4791A749)
80479000 80481000   BOOTVID  BOOTVID.dll  Sat Jan 19 02:27:15 2008 (4791A653)
80481000 804c2000   CLFS     CLFS.SYS     Sat Jan 19 00:28:01 2008 (47918A61)
804c2000 805a2000   CI       CI.dll       Fri Feb 22 00:00:56 2008 (47BE5708)
805a2000 805aa000   msisadrv msisadrv.sys Sat Jan 19 00:32:51 2008 (47918B83)
805aa000 805d1000   pci      pci.sys      Sat Jan 19 00:32:57 2008 (47918B89)
805d1000 805e0000   partmgr  partmgr.sys  Sat Jan 19 00:49:54 2008 (47918F82)
805e0000 805ef000   volmgr   volmgr.sys   Sat Jan 19 00:49:51 2008 (47918F7F)
80601000 8067d000   Wdf01000 Wdf01000.sys Sat Jan 19 00:52:21 2008 (47919015)
8067d000 8068a000   WDFLDR   WDFLDR.SYS   Sat Jan 19 00:52:19 2008 (47919013)
8068a000 8078a000   sptd     sptd.sys     Wed Mar 05 19:32:57 2008 (47CF3BB9)
8078a000 80793000   WMILIB   WMILIB.SYS   Sat Jan 19 00:53:08 2008 (47919044)
80793000 807b9000   SCSIPORT SCSIPORT.SYS Sat Jan 19 00:49:44 2008 (47918F78)
807b9000 807ff000   acpi     acpi.sys     Sat Jan 19 00:32:48 2008 (47918B80)
81c0f000 81c42000   hal      halmacpi.dll Sat Jan 19 00:27:20 2008 (47918A38)
81c42000 81ffb000   nt       ntkrpamp.exe Sat Apr 26 01:28:17 2008 (4812BD71)
82208000 82252000   volmgrx  volmgrx.sys  Sat Jan 19 00:50:00 2008 (47918F88)
82252000 82262000   mountmgr mountmgr.sys Sat Jan 19 00:49:13 2008 (47918F59)
82262000 82329000   iastor   iastor.sys   Thu Jul 12 18:59:22 2007 (4696B24A)
82329000 8235b000   fltmgr   fltmgr.sys   Sat Jan 19 00:28:10 2008 (47918A6A)
8235b000 8236b000   fileinfo fileinfo.sys Sat Jan 19 00:34:27 2008 (47918BE3)
8236b000 823dc000   ksecdd   ksecdd.sys   Sat Jan 19 00:41:20 2008 (47918D80)
823dc000 823ff000   ndiswan  ndiswan.sys  Sat Jan 19 00:56:32 2008 (47919110)
8a80c000 8a917000   ndis     ndis.sys     Sat Jan 19 00:55:51 2008 (479190E7)
8a917000 8a942000   msrpc    msrpc.sys    Sat Jan 19 00:48:15 2008 (47918F1F)
8a942000 8a97c000   NETIO    NETIO.SYS    Sat Jan 19 00:56:19 2008 (47919103)
8a97c000 8a9aa000   msiscsi  msiscsi.sys  Sat Jan 19 00:50:44 2008 (47918FB4)
8a9aa000 8a9eb000   storport storport.sys Sat Jan 19 00:49:49 2008 (47918F7D)
8a9eb000 8a9fa000   raspppoe raspppoe.sys Sat Jan 19 00:56:33 2008 (47919111)
8aa03000 8aaea000   tcpip    tcpip.sys    Sat Apr 26 02:00:17 2008 (4812C4F1)
8aaea000 8ab05000   fwpkclnt fwpkclnt.sys Sat Jan 19 00:55:44 2008 (479190E0)
8ab05000 8ab15000   HIDCLASS HIDCLASS.SYS Sat Jan 19 00:53:16 2008 (4791904C)
8ab15000 8ab8d000   netr73   netr73.sys   Sun Sep 23 23:09:09 2007 (46F72A55)
8ab8d000 8aba3000   usbcir   usbcir.sys   Sat Jan 19 00:53:25 2008 (47919055)
8aba3000 8abb2000   monitor  monitor.sys  Sat Jan 19 00:52:19 2008 (47919013)
8abb2000 8abbd000   hidir    hidir.sys    Sat Jan 19 00:53:18 2008 (4791904E)
8abcc000 8abde000   HDAudBus HDAudBus.sys Tue Nov 27 18:18:41 2007 (474CA5D1)
8abde000 8abf5000   rasl2tp  rasl2tp.sys  Sat Jan 19 00:56:33 2008 (47919111)
8ac04000 8ad13000   Ntfs     Ntfs.sys     Sat Jan 19 00:28:54 2008 (47918A96)
8ad13000 8ad4c000   volsnap  volsnap.sys  Sat Jan 19 00:50:10 2008 (47918F92)
8ad4c000 8ad54000   spldr    spldr.sys    Thu Jun 21 20:29:17 2007 (467B17DD)
8ad54000 8ad63000   mup      mup.sys      Sat Jan 19 00:28:20 2008 (47918A74)
8ad63000 8ad8a000   ecache   ecache.sys   Sat Jan 19 00:50:47 2008 (47918FB7)
8ad8a000 8ad9b000   disk     disk.sys     Sat Jan 19 00:49:47 2008 (47918F7B)
8ad9b000 8adbc000   CLASSPNP CLASSPNP.SYS Sat Jan 19 00:49:36 2008 (47918F70)
8adbc000 8adc5000   crcdisk  crcdisk.sys  Thu Nov 02 04:52:27 2006 (4549B1CB)
8adc5000 8adcf000   Dxapi    Dxapi.sys    Sat Jan 19 00:36:12 2008 (47918C4C)
8add2000 8addd000   tunnel   tunnel.sys   Sat Jan 19 00:55:50 2008 (479190E6)
8addd000 8ade6000   tunmp    tunmp.sys    Sat Jan 19 00:55:40 2008 (479190DC)
8ade6000 8adf5000   intelppm intelppm.sys Sat Jan 19 00:27:20 2008 (47918A38)
8adf5000 8adfd000   mouhid   mouhid.sys   Sat Jan 19 00:49:16 2008 (47918F5C)
8f406000 8faf79a0   nvlddmkm nvlddmkm.sys Sat Jul 26 16:50:02 2008 (488B8DFA)
8faf8000 8fb97000   dxgkrnl  dxgkrnl.sys  Sat Jan 19 00:36:36 2008 (47918C64)
8fb97000 8fba4000   watchdog watchdog.sys Sat Jan 19 00:35:29 2008 (47918C21)
8fba4000 8fbaf000   usbuhci  usbuhci.sys  Sat Jan 19 00:53:20 2008 (47919050)
8fbaf000 8fbed000   USBPORT  USBPORT.SYS  Sat Jan 19 00:53:23 2008 (47919053)
8fbed000 8fbfc000   usbehci  usbehci.sys  Sat Jan 19 00:53:21 2008 (47919051)
8fc00000 8fc09000   kbdhid   kbdhid.sys   Sat Jan 19 00:49:17 2008 (47918F5D)
8fc0b000 8fd2a200   HCW85BDA HCW85BDA.sys Tue Mar 18 19:14:19 2008 (47E04CCB)
8fd2b000 8fd2e000   BdaSup   BdaSup.SYS   Sat Jan 19 00:53:30 2008 (4791905A)
8fd2e000 8fd58000   ks       ks.sys       Sat Jan 19 00:49:21 2008 (47918F61)
8fd58000 8fd79000   Rtlh86   Rtlh86.sys   Thu Feb 14 01:56:01 2008 (47B3E601)
8fd79000 8fd88200   ohci1394 ohci1394.sys Sat Jan 19 00:53:33 2008 (4791905D)
8fd89000 8fd96080   1394BUS  1394BUS.SYS  Sat Jan 19 00:53:27 2008 (47919057)
8fd97000 8fdaf000   cdrom    cdrom.sys    Sat Jan 19 00:49:50 2008 (47918F7E)
8fdaf000 8fde8000   aomit4x0 aomit4x0.SYS Sun Jul 13 18:54:00 2008 (487A8788)
8fde8000 8fdf3000   TDI      TDI.SYS      Sat Jan 19 00:57:10 2008 (47919136)
8fdf3000 8fdfe000   ndistapi ndistapi.sys Sat Jan 19 00:56:24 2008 (47919108)
90007000 9001b000   raspptp  raspptp.sys  Sat Jan 19 00:56:34 2008 (47919112)
9001b000 90030000   rassstp  rassstp.sys  Sat Jan 19 00:56:43 2008 (4791911B)
90030000 90040000   termdd   termdd.sys   Sat Jan 19 01:01:06 2008 (47919222)
90040000 9004b000   kbdclass kbdclass.sys Sat Jan 19 00:49:14 2008 (47918F5A)
9004b000 90056000   mouclass mouclass.sys Sat Jan 19 00:49:14 2008 (47918F5A)
90056000 90057380   swenum   swenum.sys   Sat Jan 19 00:49:20 2008 (47918F60)
90058000 90066000   circlass circlass.sys Sat Jan 19 00:53:24 2008 (47919054)
90066000 90070000   mssmbios mssmbios.sys Sat Jan 19 00:32:55 2008 (47918B87)
90070000 9007d000   umbus    umbus.sys    Sat Jan 19 00:53:40 2008 (47919064)
9007d000 900b1000   usbhub   usbhub.sys   Sat Jan 19 00:53:40 2008 (47919064)
900b1000 900c2000   NDProxy  NDProxy.SYS  Sat Jan 19 00:56:28 2008 (4791910C)
900c2000 900fe000   rdbss    rdbss.sys    Sat Jan 19 00:28:34 2008 (47918A82)
900fe000 90115000   aswSP    aswSP.SYS    Sat Jul 19 10:35:15 2008 (4881FBA3)
90115000 901dc000   dump_iaStor dump_iaStor.sys Thu Jul 12 18:59:22 2007 (4696B24A)
901dc000 901f3000   usbccgp  usbccgp.sys  Sat Jan 19 00:53:29 2008 (47919059)
901f3000 901fc000   hidusb   hidusb.sys   Sat Jan 19 00:53:17 2008 (4791904D)
90406000 90610fc0   RTKVHDA  RTKVHDA.sys  Mon Jun 02 06:10:49 2008 (4843C729)
90611000 9063e000   portcls  portcls.sys  Sat Jan 19 00:53:17 2008 (4791904D)
9063e000 90663000   drmk     drmk.sys     Sat Jan 19 01:53:02 2008 (47919E4E)
90663000 9066c000   Fs_Rec   Fs_Rec.SYS   Sat Jan 19 00:27:57 2008 (47918A5D)
9066c000 90673000   Null     Null.SYS     Sat Jan 19 00:49:12 2008 (47918F58)
90673000 9067a000   Beep     Beep.SYS     Sat Jan 19 00:49:10 2008 (47918F56)
9067a000 90691000   dfsc     dfsc.sys     Sat Jan 19 00:28:20 2008 (47918A74)
90696000 9069c380   HIDPARSE HIDPARSE.SYS Sat Jan 19 00:53:16 2008 (4791904C)
9069d000 906a9000   vga      vga.sys      Sat Jan 19 00:52:06 2008 (47919006)
906a9000 906ca000   VIDEOPRT VIDEOPRT.SYS Sat Jan 19 00:52:10 2008 (4791900A)
906ca000 906d2000   RDPCDD   RDPCDD.sys   Sat Jan 19 01:01:08 2008 (47919224)
906d2000 906da000   rdpencdd rdpencdd.sys Sat Jan 19 01:01:09 2008 (47919225)
906da000 906e5000   Msfs     Msfs.SYS     Sat Jan 19 00:28:08 2008 (47918A68)
906e5000 906f3000   Npfs     Npfs.SYS     Sat Jan 19 00:28:09 2008 (47918A69)
906f3000 906fc000   rasacd   rasacd.sys   Sat Jan 19 00:56:31 2008 (4791910F)
906fc000 90712000   tdx      tdx.sys      Sat Jan 19 00:55:58 2008 (479190EE)
90712000 90726000   smb      smb.sys      Sat Jan 19 00:55:27 2008 (479190CF)
90726000 9072e360   aswTdi   aswTdi.SYS   Sat Jul 19 10:32:33 2008 (4881FB01)
9072f000 90777000   afd      afd.sys      Sat Jan 19 00:57:00 2008 (4791912C)
90777000 9077ab20   aswRdr   aswRdr.SYS   Sat Jul 19 10:33:40 2008 (4881FB44)
9077b000 907ad000   netbt    netbt.sys    Sat Jan 19 00:55:33 2008 (479190D5)
907ad000 907c3000   pacer    pacer.sys    Fri Apr 04 21:21:42 2008 (47F6D426)
907c3000 907d1000   netbios  netbios.sys  Sat Jan 19 00:55:45 2008 (479190E1)
907d1000 907e4000   wanarp   wanarp.sys   Sat Jan 19 00:56:31 2008 (4791910F)
907e4000 907ee000   nsiproxy nsiproxy.sys Sat Jan 19 00:55:50 2008 (479190E6)
907ee000 907fb000   crashdmp crashdmp.sys Sat Jan 19 00:49:43 2008 (47918F77)
907fb000 907fc700   USBD     USBD.SYS     Sat Jan 19 00:53:17 2008 (4791904D)
950e0000 952e1000   win32k   win32k.sys   unavailable (00000000)
95300000 95309000   TSDDD    TSDDD.dll    unavailable (00000000)
95320000 9532e000   cdd      cdd.dll      unavailable (00000000)
9960f000 99621000   USBSTOR  USBSTOR.SYS  Sat Jan 19 00:53:22 2008 (47919052)
99621000 9963c000   luafv    luafv.sys    Sat Jan 19 00:30:35 2008 (47918AFB)
9963c000 99653000   aswMonFlt aswMonFlt.sys Sat Jul 19 10:36:01 2008 (4881FBD1)
99653000 9965b000   aswFsBlk aswFsBlk.sys Sat Jul 19 10:37:40 2008 (4881FC34)
99663000 99712000   spsys    spsys.sys    Thu Jun 21 20:33:02 2007 (467B18BE)
99712000 99722000   lltdio   lltdio.sys   Sat Jan 19 00:55:03 2008 (479190B7)
99722000 9974c000   nwifi    nwifi.sys    Sat Jan 19 00:53:58 2008 (47919076)
9974c000 99756000   ndisuio  ndisuio.sys  Sat Jan 19 00:55:40 2008 (479190DC)
99756000 99769000   rspndr   rspndr.sys   Sat Jan 19 00:55:03 2008 (479190B7)
99769000 997d4000   HTTP     HTTP.sys     Sat Jan 19 00:55:21 2008 (479190C9)
997d4000 997f1000   srvnet   srvnet.sys   Sat Jan 19 00:29:11 2008 (47918AA7)
9b601000 9b61a000   bowser   bowser.sys   Sat Jan 19 00:28:26 2008 (47918A7A)
9b61a000 9b62f000   mpsdrv   mpsdrv.sys   Sat Jan 19 00:54:45 2008 (479190A5)
9b62f000 9b64f000   mrxdav   mrxdav.sys   Sat Jan 19 00:28:44 2008 (47918A8C)
9b64f000 9b66e000   mrxsmb   mrxsmb.sys   Sat Jan 19 00:28:33 2008 (47918A81)
9b66e000 9b6a7000   mrxsmb10 mrxsmb10.sys Sat Jan 19 00:28:40 2008 (47918A88)
9b6a7000 9b6bf000   mrxsmb20 mrxsmb20.sys Sat Jan 19 00:28:35 2008 (47918A83)
9b6bf000 9b6e6000   srv2     srv2.sys     Sat Jan 19 00:29:14 2008 (47918AAA)
9b6e6000 9b732000   srv      srv.sys      Sat Jan 19 00:29:25 2008 (47918AB5)
9c60c000 9c6ea000   peauth   peauth.sys   Mon Oct 23 04:55:32 2006 (453C8384)
9c6ea000 9c6f4000   secdrv   secdrv.SYS   Wed Sep 13 09:18:32 2006 (45080528)
9c6f4000 9c700000   tcpipreg tcpipreg.sys Sat Jan 19 00:56:07 2008 (479190F7)
9c700000 9c714580   WUDFRd   WUDFRd.sys   Sat Jan 19 00:53:04 2008 (47919040)
9c715000 9c727000   WUDFPf   WUDFPf.sys   Sat Jan 19 00:52:49 2008 (47919031)
9c727000 9c732000   tdtcp    tdtcp.sys    Sat Jan 19 01:01:08 2008 (47919224)
9c732000 9c73e000   tssecsrv tssecsrv.sys Sat Jan 19 01:01:15 2008 (4791922B)
9c73e000 9c771000   RDPWD    RDPWD.SYS    Sat Jan 19 01:01:16 2008 (4791922C)
9c771000 9c787000   cdfs     cdfs.sys     Sat Jan 19 00:28:02 2008 (47918A62)

Unloaded modules:
9b732000 9b7f9000   hiber_iaStor
    Timestamp: unavailable (00000000)
    Checksum:  00000000
9b732000 9b7f9000   hiber_iaStor
    Timestamp: unavailable (00000000)
    Checksum:  00000000
9b732000 9b7f9000   hiber_iaStor
    Timestamp: unavailable (00000000)
    Checksum:  00000000
9965b000 99663000   drmkaud.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
8adc5000 8add2000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
8ab05000 8abcc000   dump_iaStor.
    Timestamp: unavailable (00000000)
    Checksum:  00000000
9068d000 90696000   kbdhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
9067a000 9068d000   i8042prt.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
```

Any other BSODs... just post.

Regards. . .

jcgriff2


----------



## kim50 (Jul 20, 2008)

Hi JC

I'll uninstall it, I only installed it to copy a few back up discs as I only have one CD drive. If I need it again I can always reinstall then uninstall again :0)
I have also uninstalled Avast, as you mentioned a while back that it possibly caused one of the bsods. I am trying PC Tools AV which seems ok. Hubby tried COD4 again and no crashes this time
Thanks again JC, fingers crossed I won't be back..........lol


----------

