# [SOLVED] MemTest86



## nicnicman

Hopefully I am posting this in the correct place. 

I have been having some issues with RAM and MemTest.

First, when I test 2 or more modules simultaneously MemTest will run for about a second and then the computer restarts. When running the modules separately the test seems to operate fine. Even when running two good modules the computer restarts. What could be causing this?

Second is it possible for a specific module to not run well in a specific slot. I have one module that tests good in all slots except one. This same slot test good with other modules.

Are these issues related? I'm starting to wonder if my motherboard is at fault.

Thanks for any suggestions


----------



## nicole_kidman

*Re: MemTest86*

it might be coz of viruses or harddisk problem........


----------



## Wrench97

*Re: MemTest86*

Neither a virus or a hard drive will cause issues on a bootable program.

If you have a single stick that tests bad in one slot but not another and the slot tests other sticks ok, it probably an issue with the slot making good contact with all the ram connection points try cleaning the ram stick with a clean pencil type eraser.

Are you running the latest version of Memtest+?
http://www.memtest.org/#downiso

List the specs of your PC.


----------



## nicnicman

*Re: MemTest86*

Thanks for the replies.

Is it safe to clean the contacts with an eraser? These are brand new modules can't imagine they'd be too dirty. 

I'm running version 3.5. I'll update and try again.

Asus Rampage Extreme
Intel Core 2 Quad Q9650
Nvidia Quadro FX4500
Mushkin Enhanced Blackline SDRAM DDR3 1600 (PC3 12800)


----------



## Wrench97

*Re: MemTest86*

If they are new sticks return them, There have been some DDR3 recalls of Elpida chips, Corsair being the most notable but it seems there are other manufacturers involved also.
http://www.atomicmpc.com.au/Tools/Print.aspx?CIID=149685


----------



## nicnicman

*Re: MemTest86*

This is the second time I've had issues with this type of RAM. I thought the chances of getting two bad sticks were pretty slim which is why I am starting to suspect other problems.

Also, I still don't understand why MemTest will only run one stick at a time without the system rebooting. Are you aware of any common causes of this.

Thanks for the help.


----------



## Wrench97

*Re: MemTest86*

Usually it indicates a bad stick or too low a voltage setting I.E. 1.8v on sticks rated for 2.2v. Yours are rated for 1.95v do you have the voltage set for auto or for 1.95?


----------



## nicnicman

*Re: MemTest86*

The voltage is set for auto. Should I change this to 1.95? 

Could the rebooting be caused by other system components? I tested 2 modules separately and they each passed but when tested together the system reboots almost immediately after starting MemTest. Maybe its something other than the RAM?


----------



## nicnicman

*Re: MemTest86*

After upgrading to MemTest4.0 I tested all 4 sticks of RAM with out the computer rebooting. I did one pass with no errors but the OS failed to start. I removed one stick that I believe is bad and the OS started. I will let MemTest run all night with all 4 sticks to see if it finds errors.

Not sure of my issue with v.3.5 but v4.0 seems to working better.


----------



## Wrench97

*Re: MemTest86*

Set the voltage up to 1.95v sometimes having 4 sticks installed causes a voltage drop.


----------



## nicnicman

*Re: MemTest86*

I've been testing the modules individually using the latest version of MemTest. I kept the voltage at auto which seems to run at 1.85V. 

One module is giving some strange results. First After running it in 3 slots I found no errors. Each was run for a significant amount of time; One test running all night. Then I ran it in the last slot overnight and surprisingly Memtest came back with 91,716,480 errors and still counting on Pass 3 Test 6. 

Since this is the second bad module I've gotten from Mushkin I want to be sure there is not some other component causing the issues before I send it back. I find it strange that the module seems to function correctly in all other slots except this one. 

After I stopped the test I rebooted and before the Windows could finish starting a BSOD error pops up.

Here is the Technical Info

IRQL_NOT_LESS_OR_EQUAL

***STOP: 0X0000000A (0X00000008, 0X00000002, 0X00000001, 0X82AEF168)

After this I rebooted went into the OS and after about 15 minutes I get another BSOD.

This one just said;

***STOP: 0X0000008E, (0XC0000005, 0X82C7BFFE, 0X9720FAEC, 0X00000000)

After this I did not get another BSOD but The OS became nonresponsive (could not use mouse or keyboard). This happened twice before I put the module into a different slot and now the system seems to be stable. 

If anyone can decipher these BSOD message I would be very grateful.
My screen has been flashing on and off when starting the OS and accessing certain programs. I suspect the video card to be at fault and I am wondering if these problems are related in some way. I don't want to keep sending back ram if there is really nothing wrong with it. 

Thanks


----------



## Wrench97

*Re: MemTest86*

It just tells you what you already know, it 's a referenced memory error.
I other sticks test good in that slot it's a ram stick issue, the farther away the slot from the cpu the more precise the tolerances are.


----------



## nicnicman

*Re: MemTest86*

Okay. I suppose its time to do another RMA. Needless to say, I'm not very impressed with Mushikin RAM. As long as there's a lifetime warranty on it I guess its alright but still a hassle.


----------



## nicnicman

*Re: MemTest86*

Okay last night I tested another stick of ram and MemTest came back with no errors. 

While using the computer with this module installed I got a popup saying that the "Display drive has stopped working and has successfully recovered"
I believe this is due to some flickering issues I'm having with my video card.
I'm working with Nvidia customer service to troubleshoot it.

A few hours later with same module installed I get a BSOD

REFERENCE_BY_POINTER

Technical information:
***STOP: 0X00000018 (0X8483B9E0, 0X86A6C7D8, 0X00000001, 0X00080000)

After restarting the computer and continuing to use the computer; another BSOD

Technical information:

IRQL_NOT_LESS_OR_EQUAL
***STOP: 0X0000000A (0X839FFFEC, 0X00000002, 0X00000001, 0X82ADD168)

What are the chances of this being caused by another bad RAM stick? If so this would be number three. Also MemTest tested the RAM with no errors.

I think some of these problems are related to my video card which unfortunately is out of warranty. 

If anyone has any ideas please let me know.
Thanks


----------



## Wrench97

*Re: MemTest86*

Are you running the ram at the voltage it's rated for?


----------



## nicnicman

*Re: MemTest86*

Well actually I'm running it on auto assuming that it will set the right voltage. I suppose I could set it to 1.95 though.

Thanks again.


----------



## Wrench97

*Re: MemTest86*

Set it to 1.95v Auto will usually give you 1.8v.


----------



## nicnicman

*Re: MemTest86*

Alright I'll try it.


----------



## nicnicman

*Re: MemTest86*

I changed the voltage to 1.95 but shortly after I got another BSOD.

REFERENCE_BY_POINTER

Technical information:
***STOP: 0X00000018 (0X848E0378, 0X867FFA58, 0X00000001, 0X00080000)

This is similar to a previous BSOD error.


----------



## Wrench97

*Re: MemTest86*

Follow the instructions found in this post and post the logs back I'll get someone to look over the dumps> http://www.techsupportforum.com/1871981-post2.html


----------



## nicnicman

*Re: MemTest86*

Here they are. Bye the way, thanks a lot.


----------



## jcgriff2

*Re: MemTest86*

Hi - 

First and foremost - please follow the instructions in the link that *Wrench97* provided to you --> http://www.techsupportforum.com/1871981-post2.html

Attach the resulting zip file(s) to your next post.



nicnicman said:


> Okay last night I tested another stick of ram and MemTest came back with no errors.
> While using the computer with this module installed I got a popup saying that the "Display drive has stopped working and has successfully recovered"
> I believe this is due to some flickering issues I'm having with my video card.
> I'm working with Nvidia customer service to troubleshoot it.


The next time that you speak to NVIDIA inform them that you are experiencing *0x116* Live Kernel Events - a Video TDR Error. As the message says, your video crashed, but was able to recover within 30000ms = 30 secs. There may be some *0x117* full-fledged bugcheck BSOD dumps lying around. 0x116 Live Kernels usually precede 0x117 BSODs, but not always.



nicnicman said:


> A few hours later with same module installed I get a BSOD
> 
> REFERENCE_BY_POINTER
> 
> Technical information:
> ***STOP: 0X00000018 (0X8483B9E0, 0X86A6C7D8, 0X00000001, 0X00080000)


Bugcheck *0x18* is often cause by rogue drivers. The kernel has reference counters that keep track of a driver's call and returns from any given object - either +1 or -1. A 0x18 bugcheck suggests the existence of a driver gone nuts; hence is reference counter is way off. Could be RAM, but the errors appear a little too consistent for now, I think. However, RAM should not be ruled out here along with possible other unknown hardware failure.




nicnicman said:


> After restarting the computer and continuing to use the computer; another BSOD
> IRQL_NOT_LESS_OR_EQUAL
> ***STOP: 0X0000000A (0X839FFFEC, 0X00000002, 0X00000001, 0X82ADD168)
> 
> What are the chances of this being caused by another bad RAM stick? If so this would be number three. Also MemTest tested the RAM with no errors.



The bugcheck *0xa* can be tied directly to RAM or a misbehaving driver corrupting memory. As for memtest86+ - I am far from a hardware expert like wrench97 and the others found within TSF, but I have seen where a stick of RAM can show no errors on 100+ passes, only to finally fail when test conditions become just right days or weeks later. I don't believe any test is 100% accurate.





nicnicman said:


> After I stopped the test I rebooted and before the Windows could finish starting a BSOD error pops up.
> 
> IRQL_NOT_LESS_OR_EQUAL
> 
> ***STOP: 0X0000000A (0X00000008, 0X00000002, 0X00000001, 0X82AEF168)


Bugcheck *0xa* - kernel mode app attempted to access paged memory at a time it should not have (IRQL too high)

PARMS (inside parenthesis) - 
0x8 = memory address referenced by the object in parm #4
0x2 = IRQL
0x1 = write - the memory address in parm 1 was being (or attempted) written to by the object in parm #4 
0x82aef168 - the object that was referencing the memory address in parm #1

That 0x8 memory address does not look quite right to me; not sure exactly why at this time.



nicnicman said:


> After this I rebooted went into the OS and after about 15 minutes I get another BSOD.
> 
> ***STOP: 0X0000008E, (0XC0000005, 0X82C7BFFE, 0X9720FAEC, 0X00000000)
> 
> After this I did not get another BSOD but The OS became nonresponsive (could not use mouse or keyboard). This happened twice before I put the module into a different slot and now the system seems to be stable.
> 
> If anyone can decipher these BSOD message I would be very grateful.
> My screen has been flashing on and off when starting the OS and accessing certain programs. I suspect the video card to be at fault and I am wondering if these problems are related in some way. I don't want to keep sending back ram if there is really nothing wrong with it. Thanks


the bugcheck *0x8e* = kernel mode app threw an exception; the exception is the 1st parm inside the parenthesis - *0xc0000005* = memory acess violation.

Looking to the quote above this one where the memory address 0x8 was referenced, I believe that too may have been an access violation - just like this one is. 




nicnicman said:


> . . ."Display drive has stopped working and has successfully recovered" . . .
> I believe this is due to some flickering issues I'm having with my video card.
> 
> I'm working with Nvidia customer service to troubleshoot it.
> 
> I think some of these problems are related to my video card which unfortunately is out of warranty.


[/quote]


Sorry to take quotes out of context, but I have to ask --> What exactly is NVIDIA doing to help you with these crashes?


`

Some questions, please - 
1. Was XP or Vista on this system prior to Windows 7?
2. How old is the hardware - in general (I know about the new RAM)?


OK, I'll stop there. I just saw that you posted 5 min ago w/ the files.

One other request, please.

I'd like to see the RAM sticks through the eyes of Windows Management Instrumentation (WMI). Not sure what, if anything earth-shattering will appear, but it does no harm and just reads information.

Please download the zip file, extract the batch script & save to desktop. RIGHT-click on the batch file, select Run as Administrator. It should take a few seconds; a web browser will open with the results. Please save the file, zip it up and attach to your next post. (file is in your documents folder, name = 1.html). Thank you.

http://www.techsupportforum.com/att...82957-bsod-wmi_memorychip__jcgriff2__.bat.zip


Varying bugchecks almost always point to hardware failure. It is nearly impossible to tell which piece of hardware is at fault simply from the dump files. One thing that I would stress - re-install the OS on a completely wiped (formatted) hard drive. I'll know a little of the status of your OS in about 15-30 minutes, assuming there are memory dumps in the zip file. But you really should consider re-installing Windows 7 - soon.



Regards. . . 

jcgriff2

.


----------



## nicnicman

*Re: MemTest86*

Nvidia only knows of my original problem; The display flickers when starting the OS, accessing certain programs, and sometimes at random. I thought the BSOD errors had gone away when I eliminated a bad RAM module but they are now persisting. Once I contact them again I will be sure to mention the errors.

So far, Nvidia has only recommended other drivers and an optional install of the drivers. None of these drivers or installation methods have worked to eliminate the flickering. 

XP is still on the system. Similar issues have been experienced when using XP.

Most of the hardware is new. Except for the video card and the hard drive. The video card is about a year old but has not been used much. The hard drive is also about a year old with daily use.

Originally I had 4 sticks of RAM but one was found to be bad so I RMAed one of the sets of 2 (still waiting on the new ones). Now after doing further testing I have found one stick of the other set to be bad. Once I get the first set back I will likely RMA this set also. 

I did plan on reinstalling Windows on a new hard drive but I was hoping to figure out these problems before I did. 

Hope I answered all your questions. Thanks for the help.


----------



## jcgriff2

*Re: MemTest86*

Hi - 

Thanks for running the WMI.

You now have 2-2gb sticks in = 4gb RAM, correct?

jcgriff2

.

*EDIT:* I see 4 gb RAM - 2x2gb. You are runing Windows 7 x86 - you can't utilize more than 4 GB total.

.


----------



## jcgriff2

*Re: MemTest86*

Hi - 

Thank you for running the memory HTML file. The way I read it, if correct, is that you have 2 x 2 GB sticks in... your system is only seeing 2 GB RAM total.


Specs as I see them from the files - 


Code:


[font=lucida console]- Windows 7 x86
- RTM build 7600
- v 6.1.7600 - OEM
- installed = August 29, 2009
- 9 Windows Updates installed
- BIOS = American Megatrends Inc. 0501   , 8/28/2008
- x64 Family 6 Model 23 Stepping 10 GenuineIntel ~3603 Mhz [color=blue]<-- is that stock??[/color]
- RAM = 2 GB[/font]


This is probably the #1 BSOD causing driver these days - Asus -


Code:


[font=lucida console]
ASACPI.sys   Thu Aug 12 19:52:52 2004 (411C2D04)
[/font]



The BSODs started within 36 hours of your Windows 7 installation; app crashes within the first 2 hours -


Code:


[font=lucida console]09/01/2009  14:41           154,736 090109-16879-01.dmp
09/23/2009  15:29           144,568 092309-17191-01.dmp
09/27/2009  22:36           160,936 092709-22854-01.dmp
09/27/2009  22:20           144,520 092709-23821-01.dmp
09/28/2009  22:08           144,520 092809-24850-01.dmp
09/30/2009  17:14           144,520 093009-35193-01.dmp
10/05/2009  17:06           144,520 100509-14196-01.dmp
10/05/2009  19:11           144,520 100509-15288-01.dmp
10/06/2009  18:54           144,520 100609-14648-01.dmp
10/07/2009  21:41           144,520 100709-15584-01.dmp
10/07/2009  18:03           144,520 100709-16676-01.dmp
10/08/2009  16:06           144,520 100809-16894-01.dmp
10/08/2009  21:49           144,520 100809-17924-01.dmp
10/09/2009  19:11           144,520 100909-22510-01.dmp
10/11/2009  12:26           144,520 101109-21949-01.dmp
10/12/2009  19:29           144,520 101209-15865-01.dmp
11/07/2009  11:29           160,936 110709-16863-01.dmp
11/08/2009  13:22           160,888 110809-22791-01.dmp
11/08/2009  13:06           160,936 110809-27253-01.dmp
11/09/2009  18:04           160,936 110909-17019-01.dmp
11/09/2009  08:41           160,936 110909-19359-01.dmp
11/09/2009  09:28           160,936 110909-20326-01.dmp
              22 File(s)      3,304,568 bytes
               0 Dir(s)  22,076,923,904 bytes free[/font]

`


This system service MAY belong to a LexMark printer - do you have one?


Code:


[font=lucida console]lxbl_device	[color=red]lxbl_device[/color]	Running	Auto	Own Process	
c:\windows\system32\[color=red]lxblcoms.exe[/color] -service	Normal	LocalSystem	0[/font]



I would suggest leaving these as well as the torrents behind in the future -


Code:


[font=lucida console]
VClone.sys   Fri May 22 16:08:32 2009 (4A173070)

ElbyCDIO.sys Tue Feb 17 09:11:28 2009 (499AEFC0)[/font]


Virtual devices can play games with RAM -- especially when RAM is a primary suspect in system crashes.


I was unable to determine exactly what firmware this app updates - 


Code:


[font=lucida console] 
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Sansa Updater
    NoModify    REG_DWORD    0x1
    NoRepair    REG_DWORD    0x1
    DisplayName    REG_SZ    [color=red]Sansa Updater[/color][/font]


This stack text has some interesting items in it -


Code:


[font=lucida console] 
0: kd> k
ChildEBP RetAddr  
97337894 828e5168 nt!KiTrap0E+0x2cf
9733791c 828d65b6 nt![color=red]Mi[/color]ReplenishPageSlist+0x69
97337988 828de273 nt![color=red]Mi[/color]RemoveAnyPage+0x514
973379b0 828d88d5 nt![color=red]Mi[/color]GetPage+0x28a
973379f8 828da979 nt![color=red]Mi[/color]ResolveDemandZeroFault+0x121
97337a78 828d0d56 nt![color=red]Mi[/color]DispatchFault+0x659
97337b00 828905f8 nt!MmAccessFault+0x157c
97337b00 828887d3 nt!KiTrap0E+0xdc
97337b94 82aee307 nt!memcpy+0x33
97337c10 82aedbc1 nt![color=purple][b]CmpSnapshotHiveToOffsetArray[/b][/color]+0x551
97337cf0 82aed9a9 nt![color=blue]CmpFlushBackupHive[/color]+0x158
97337d10 82a042c4 nt![color=red]CmpSyncNextBackupHive[/color]+0xb0
97337d28 8288d42a nt!NtInitializeRegistry+0x5e
97337d28 775e64f4 nt!KiFastCallEntry+0x12a[/font]



`
Mi - memory

The following instructions are doing something with a registry hive - not sure what -
*SnapshotHiveToOffsetArray*
CmpFlushBackupHive+0x158
CmpSyncNextBackupHive+0xb0

I am unsure what the system is trying to do with the registry hive(s). It could be a hard drive issue, RAM, a "lockout" - an area of the HDD that Windows 7 is not authorized to venture; not sure.

`

I would highly suggest that you re-install Windows 7 at this time. It is an OEM version and because of that you may not have a choice on which partition to install it on. It may want the entire drive. I don't know the circumstances under which you acquired the OEM version of Windows 7 Ultimate x86.

The Asus driver issue is #1 - this forum is littered with the same driver resulting in BSODs.

Regards. . . 

jcgriff2

.

`




*EDIT: *Did you run the Windows 7 Upgrade Advisor --> http://www.microsoft.com/downloads/...90-7659-4bd9-9e51-2497c146af15&displaylang=en

jcgriff2

.









0x18 Bugcheck - Windows 7 x86


Code:


[font
Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\PalmDesert7\Documents\__11-09-09__nicnicman__SysInfo&BSODDump[1]\!_Kernel\110909-17019-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16385.x86fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0x82a08000 PsLoadedModuleList = 0x82b50810
Debug session time: Mon Nov  9 14:58:05.233 2009 (GMT-8)
System Uptime: 0 days 0:03:03.810
Loading Kernel Symbols
...............................................................
................................................................
.......................
Loading User Symbols
Loading unloaded module list
.......
2: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

REFERENCE_BY_POINTER (18)
Arguments:
Arg1: 848e0378, Object type of the object whose reference count is being lowered
Arg2: 867ffa58, Object whose reference count is being lowered
Arg3: 00000001, Reserved
Arg4: 00080000, Reserved
	The reference count of an object is illegal for the current state of the object.
	Each time a driver uses a pointer to an object the driver calls a kernel routine
	to increment the reference count of the object. When the driver is done with the
	pointer the driver calls another kernel routine to decrement the reference count.
	Drivers must match calls to the increment and decrement routines. This bugcheck
	can occur because an object's reference count goes to zero while there are still
	open handles to the object, in which case the fourth parameter indicates the number
	of opened handles. It may also occur when the object’s reference count drops below zero
	whether or not there are open handles to the object, and in that case the fourth parameter
	contains the actual value of the pointer references count.

Debugging Details:
------------------


CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x18

PROCESS_NAME:  reader_sl.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from 82a70f22 to 82ae4d10

STACK_TEXT:  
9c277b84 82a70f22 00000018 848e0378 867ffa58 nt!KeBugCheckEx+0x1e
9c277ba8 82a70ed0 867ffa58 82c4d78c 9bba21b8 nt!ObfDereferenceObjectWithTag+0x4b
9c277bb0 82c4d78c 9bba21b8 867ffc80 9bba21b8 nt!ObfDereferenceObject+0xd
9c277bf0 82c7f8d9 9bba3ee0 9bba21b8 86908b38 nt!ObpCloseHandleTableEntry+0x21d
9c277c20 82c85227 9bba3ee0 9c277c34 9bba3030 nt!ExSweepHandleTable+0x5f
9c277c40 82c50c78 b2c71de7 867ffc80 40010004 nt!ObKillProcess+0x54
9c277cb4 82c85151 40010004 86579510 00000001 nt!PspExitThread+0x5d9
9c277ccc 82ab0123 86579510 9c277cf8 9c277d04 nt!PsExitSpecialApc+0x22
9c277d1c 82a4b4e4 00000001 00000000 9c277d34 nt!KiDeliverApc+0x28b
9c277d1c 76fb64f4 00000001 00000000 9c277d34 nt!KiServiceExit+0x64
WARNING: Frame IP not in any known module. Following frames may be wrong.
015dff88 00000000 00000000 00000000 00000000 0x76fb64f4


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!ObfDereferenceObjectWithTag+4b
82a70f22 cc              int     3

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  nt!ObfDereferenceObjectWithTag+4b

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrpamp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc007

FAILURE_BUCKET_ID:  0x18_nt!ObfDereferenceObjectWithTag+4b

BUCKET_ID:  0x18_nt!ObfDereferenceObjectWithTag+4b

Followup: MachineOwner
---------

2: kd> lmvm nt
start    end        module name
82a08000 82e18000   nt         (pdb symbols)          c:\symbols\ntkrpamp.pdb\5B308B4ED6464159B87117C711E7340C2\ntkrpamp.pdb
    Loaded symbol image file: ntkrpamp.exe
    Mapped memory image file: c:\symbols\ntkrpamp.exe\4A5BC007410000\ntkrpamp.exe
    Image path: ntkrpamp.exe
    Image name: ntkrpamp.exe
    Timestamp:        Mon Jul 13 16:15:19 2009 (4A5BC007)
    CheckSum:         003C9503
    ImageSize:        00410000
    File version:     6.1.7600.16385
    Product version:  6.1.7600.16385
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        1.0 App
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     ntkrpamp.exe
    OriginalFilename: ntkrpamp.exe
    ProductVersion:   6.1.7600.16385
    FileVersion:      6.1.7600.16385 (win7_rtm.090713-1255)
    FileDescription:  NT Kernel & System
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
2: kd> k
ChildEBP RetAddr  
9c277b84 82a70f22 nt!KeBugCheckEx+0x1e
9c277ba8 82a70ed0 nt!ObfDereferenceObjectWithTag+0x4b
9c277bb0 82c4d78c nt!ObfDereferenceObject+0xd
9c277bf0 82c7f8d9 nt!ObpCloseHandleTableEntry+0x21d
9c277c20 82c85227 nt!ExSweepHandleTable+0x5f
9c277c40 82c50c78 nt!ObKillProcess+0x54
9c277cb4 82c85151 nt!PspExitThread+0x5d9
9c277ccc 82ab0123 nt!PsExitSpecialApc+0x22
9c277d1c 82a4b4e4 nt!KiDeliverApc+0x28b
9c277d1c 76fb64f4 nt!KiServiceExit+0x64
WARNING: Frame IP not in any known module. Following frames may be wrong.
015dff88 00000000 0x76fb64f4
2: kd> kv
ChildEBP RetAddr  Args to Child              
9c277b84 82a70f22 00000018 848e0378 867ffa58 nt!KeBugCheckEx+0x1e
9c277ba8 82a70ed0 867ffa58 82c4d78c 9bba21b8 nt!ObfDereferenceObjectWithTag+0x4b (FPO: [0,0,3])
9c277bb0 82c4d78c 9bba21b8 867ffc80 9bba21b8 nt!ObfDereferenceObject+0xd (FPO: [0,1,0])
9c277bf0 82c7f8d9 9bba3ee0 9bba21b8 86908b38 nt!ObpCloseHandleTableEntry+0x21d
9c277c20 82c85227 9bba3ee0 9c277c34 9bba3030 nt!ExSweepHandleTable+0x5f
9c277c40 82c50c78 b2c71de7 867ffc80 40010004 nt!ObKillProcess+0x54
9c277cb4 82c85151 40010004 86579510 00000001 nt!PspExitThread+0x5d9
9c277ccc 82ab0123 86579510 9c277cf8 9c277d04 nt!PsExitSpecialApc+0x22
9c277d1c 82a4b4e4 00000001 00000000 9c277d34 nt!KiDeliverApc+0x28b
9c277d1c 76fb64f4 00000001 00000000 9c277d34 nt!KiServiceExit+0x64 (FPO: [0,3] TrapFrame @ 9c277d34)
WARNING: Frame IP not in any known module. Following frames may be wrong.
015dff88 00000000 00000000 00000000 00000000 0x76fb64f4
2: kd> r
eax=82b3f17c ebx=00000000 ecx=00000016 edx=00000000 esi=8ab02120 edi=00000000
eip=82ae4d10 esp=9c277b68 ebp=9c277b84 iopl=0         nv up ei pl nz na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00000206
nt!KeBugCheckEx+0x1e:
82ae4d10 cc              int     3
2: kd> lmnt
start    end        module name
80bbc000 80bc4000   kdcom    kdcom.dll    Mon Jul 13 18:08:58 2009 (4A5BDAAA)
82a08000 82e18000   nt       ntkrpamp.exe Mon Jul 13 16:15:19 2009 (4A5BC007)
82e18000 82e4f000   hal      halmacpi.dll Mon Jul 13 16:11:03 2009 (4A5BBF07)
88615000 8868d000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 18:06:41 2009 (4A5BDA21)
8868d000 8869e000   PSHED    PSHED.dll    Mon Jul 13 18:09:36 2009 (4A5BDAD0)
8869e000 886a6000   BOOTVID  BOOTVID.dll  Mon Jul 13 18:04:34 2009 (4A5BD9A2)
886a6000 886e8000   CLFS     CLFS.SYS     Mon Jul 13 16:11:10 2009 (4A5BBF0E)
886e8000 88793000   CI       CI.dll       Mon Jul 13 18:09:28 2009 (4A5BDAC8)
88793000 887c7000   fltmgr   fltmgr.sys   Mon Jul 13 16:11:13 2009 (4A5BBF11)
887c7000 887e6000   cdrom    cdrom.sys    Mon Jul 13 16:11:24 2009 (4A5BBF1C)
88800000 88811000   fileinfo fileinfo.sys Mon Jul 13 16:21:51 2009 (4A5BC18F)
8881f000 88890000   Wdf01000 Wdf01000.sys Mon Jul 13 16:11:36 2009 (4A5BBF28)
88890000 8889e000   WDFLDR   WDFLDR.SYS   Mon Jul 13 16:11:25 2009 (4A5BBF1D)
8889e000 888e6000   ACPI     ACPI.sys     Mon Jul 13 16:11:11 2009 (4A5BBF0F)
888e6000 888ef000   WMILIB   WMILIB.SYS   Mon Jul 13 16:11:22 2009 (4A5BBF1A)
888ef000 888f7000   msisadrv msisadrv.sys Mon Jul 13 16:11:09 2009 (4A5BBF0D)
888f7000 88921000   pci      pci.sys      Mon Jul 13 16:11:16 2009 (4A5BBF14)
88921000 8892c000   vdrvroot vdrvroot.sys Mon Jul 13 16:46:19 2009 (4A5BC74B)
8892c000 8893d000   partmgr  partmgr.sys  Mon Jul 13 16:11:35 2009 (4A5BBF27)
8893d000 8894d000   volmgr   volmgr.sys   Mon Jul 13 16:11:25 2009 (4A5BBF1D)
8894d000 88998000   volmgrx  volmgrx.sys  Mon Jul 13 16:11:41 2009 (4A5BBF2D)
88998000 8899f000   pciide   pciide.sys   Mon Jul 13 16:11:19 2009 (4A5BBF17)
8899f000 889ad000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 16:11:15 2009 (4A5BBF13)
889ad000 889c3000   mountmgr mountmgr.sys Mon Jul 13 16:11:27 2009 (4A5BBF1F)
889c3000 889cc000   atapi    atapi.sys    Mon Jul 13 16:11:15 2009 (4A5BBF13)
889cc000 889ef000   ataport  ataport.SYS  Mon Jul 13 16:11:18 2009 (4A5BBF16)
889ef000 889f8000   amdxata  amdxata.sys  Tue May 19 10:57:35 2009 (4A12F30F)
88a1c000 88b4b000   Ntfs     Ntfs.sys     Mon Jul 13 16:12:05 2009 (4A5BBF45)
88b4b000 88b76000   msrpc    msrpc.sys    Mon Jul 13 16:11:59 2009 (4A5BBF3F)
88b76000 88b89000   ksecdd   ksecdd.sys   Mon Jul 13 16:11:56 2009 (4A5BBF3C)
88b89000 88be6000   cng      cng.sys      Mon Jul 13 16:32:55 2009 (4A5BC427)
88be6000 88bf4000   pcw      pcw.sys      Mon Jul 13 16:11:10 2009 (4A5BBF0E)
88bf4000 88bfd000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 16:11:14 2009 (4A5BBF12)
88c19000 88cd0000   ndis     ndis.sys     Mon Jul 13 16:12:24 2009 (4A5BBF58)
88cd0000 88d0e000   NETIO    NETIO.SYS    Mon Jul 13 16:12:35 2009 (4A5BBF63)
88d0e000 88d33000   ksecpkg  ksecpkg.sys  Mon Jul 13 16:34:00 2009 (4A5BC468)
88d33000 88d43000   mup      mup.sys      Mon Jul 13 16:14:14 2009 (4A5BBFC6)
88d43000 88d4b000   hwpolicy hwpolicy.sys Mon Jul 13 16:11:01 2009 (4A5BBF05)
88d4b000 88d7d000   fvevol   fvevol.sys   Mon Jul 13 16:13:01 2009 (4A5BBF7D)
88d7d000 88d8e000   disk     disk.sys     Mon Jul 13 16:11:28 2009 (4A5BBF20)
88d8e000 88db3000   CLASSPNP CLASSPNP.SYS Mon Jul 13 16:11:20 2009 (4A5BBF18)
88db3000 88dd4000   srvnet   srvnet.sys   Mon Jul 13 16:14:45 2009 (4A5BBFE5)
88de5000 88dec000   Beep     Beep.SYS     Mon Jul 13 16:45:00 2009 (4A5BC6FC)
88dec000 88df8000   vga      vga.sys      Mon Jul 13 16:25:50 2009 (4A5BC27E)
88e00000 88e2d000   rdyboost rdyboost.sys Mon Jul 13 16:22:02 2009 (4A5BC19A)
88e2f000 88f78000   tcpip    tcpip.sys    Mon Jul 13 16:13:18 2009 (4A5BBF8E)
88f78000 88fa9000   fwpkclnt fwpkclnt.sys Mon Jul 13 16:12:03 2009 (4A5BBF43)
88fa9000 88fb1380   vmstorfl vmstorfl.sys Mon Jul 13 16:28:44 2009 (4A5BC32C)
88fb2000 88ff1000   volsnap  volsnap.sys  Mon Jul 13 16:11:34 2009 (4A5BBF26)
88ff1000 88ff9000   spldr    spldr.sys    Mon May 11 09:13:47 2009 (4A084EBB)
88ff9000 89000000   Null     Null.SYS     Mon Jul 13 16:11:12 2009 (4A5BBF10)
8d80a000 8d86e000   csc      csc.sys      Mon Jul 13 16:15:08 2009 (4A5BBFFC)
8d86e000 8d886000   dfsc     dfsc.sys     Mon Jul 13 16:14:16 2009 (4A5BBFC8)
8d886000 8d894000   blbdrive blbdrive.sys Mon Jul 13 16:23:04 2009 (4A5BC1D8)
8d894000 8d8b5000   aswSP    aswSP.SYS    Tue Aug 11 03:28:30 2009 (4A8147CE)
8d8b5000 8d8d6000   tunnel   tunnel.sys   Mon Jul 13 16:54:03 2009 (4A5BC91B)
8d8d6000 8d8e8000   intelppm intelppm.sys Mon Jul 13 16:11:03 2009 (4A5BBF07)
8d8e8000 8d99f000   dxgkrnl  dxgkrnl.sys  Thu Oct 01 17:48:33 2009 (4AC54DE1)
8d99f000 8d9ea000   USBPORT  USBPORT.SYS  Mon Jul 13 16:51:13 2009 (4A5BC871)
8da0f000 8da30000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 16:25:49 2009 (4A5BC27D)
8da30000 8da3d000   watchdog watchdog.sys Mon Jul 13 16:24:10 2009 (4A5BC21A)
8da3d000 8da45000   RDPCDD   RDPCDD.sys   Mon Jul 13 17:01:40 2009 (4A5BCAE4)
8da45000 8da4d000   rdpencdd rdpencdd.sys Mon Jul 13 17:01:39 2009 (4A5BCAE3)
8da4d000 8da55000   rdprefmp rdprefmp.sys Mon Jul 13 17:01:41 2009 (4A5BCAE5)
8da55000 8da60000   Msfs     Msfs.SYS     Mon Jul 13 16:11:26 2009 (4A5BBF1E)
8da60000 8da6e000   Npfs     Npfs.SYS     Mon Jul 13 16:11:31 2009 (4A5BBF23)
8da6e000 8da85000   tdx      tdx.sys      Mon Jul 13 16:12:10 2009 (4A5BBF4A)
8da85000 8da90000   TDI      TDI.SYS      Mon Jul 13 16:12:12 2009 (4A5BBF4C)
8da90000 8da9a2c0   aswTdi   aswTdi.SYS   Mon Aug 17 09:04:38 2009 (4A897F96)
8da9b000 8daf5000   afd      afd.sys      Mon Jul 13 16:12:34 2009 (4A5BBF62)
8daf5000 8daf8b20   aswRdr   aswRdr.SYS   Mon Aug 17 09:04:27 2009 (4A897F8B)
8daf9000 8db2b000   netbt    netbt.sys    Mon Jul 13 16:12:18 2009 (4A5BBF52)
8db2b000 8db32000   wfplwf   wfplwf.sys   Mon Jul 13 16:53:51 2009 (4A5BC90F)
8db32000 8db51000   pacer    pacer.sys    Mon Jul 13 16:53:58 2009 (4A5BC916)
8db51000 8db5f000   netbios  netbios.sys  Mon Jul 13 16:53:54 2009 (4A5BC912)
8db5f000 8db72000   wanarp   wanarp.sys   Mon Jul 13 16:55:02 2009 (4A5BC956)
8db72000 8db82000   termdd   termdd.sys   Mon Jul 13 17:01:35 2009 (4A5BCADF)
8db82000 8dbc3000   rdbss    rdbss.sys    Mon Jul 13 16:14:26 2009 (4A5BBFD2)
8dbc3000 8dbcd000   nsiproxy nsiproxy.sys Mon Jul 13 16:12:08 2009 (4A5BBF48)
8dbcd000 8dbd7000   mssmbios mssmbios.sys Mon Jul 13 16:19:25 2009 (4A5BC0FD)
8dbd7000 8dbdb200   ElbyCDIO ElbyCDIO.sys Tue Feb 17 09:11:28 2009 (499AEFC0)
8dbdc000 8dbe8000   discache discache.sys Mon Jul 13 16:24:04 2009 (4A5BC214)
8e000000 8e013000   rspndr   rspndr.sys   Mon Jul 13 16:53:20 2009 (4A5BC8F0)
8e031000 8e986280   nvlddmkm nvlddmkm.sys Tue Jun 30 13:24:07 2009 (4A4A7467)
8e987000 8e988080   nvBridge nvBridge.kmd Tue Jun 30 12:49:58 2009 (4A4A6C66)
8e989000 8e9c2000   dxgmms1  dxgmms1.sys  Mon Jul 13 16:25:25 2009 (4A5BC265)
8e9c2000 8e9cd000   usbuhci  usbuhci.sys  Mon Jul 13 16:51:10 2009 (4A5BC86E)
8e9cd000 8e9dc000   usbehci  usbehci.sys  Mon Jul 13 16:51:14 2009 (4A5BC872)
8e9dc000 8e9fb000   HDAudBus HDAudBus.sys Mon Jul 13 16:50:55 2009 (4A5BC85F)
8ea0a000 8ea5a000   yk62x86  yk62x86.sys  Mon Feb 23 06:44:18 2009 (49A2B642)
8ea5a000 8ea86000   1394ohci 1394ohci.sys Mon Jul 13 16:51:59 2009 (4A5BC89F)
8ea86000 8ea91000   fdc      fdc.sys      Mon Jul 13 16:45:45 2009 (4A5BC729)
8ea91000 8ea92420   ASACPI   ASACPI.sys   Thu Aug 12 19:52:52 2004 (411C2D04)
8ea93000 8eaa0000   CompositeBus CompositeBus.sys Mon Jul 13 16:45:26 2009 (4A5BC716)
8eaa0000 8eab2000   AgileVpn AgileVpn.sys Mon Jul 13 16:55:00 2009 (4A5BC954)
8eab2000 8eaca000   rasl2tp  rasl2tp.sys  Mon Jul 13 16:54:33 2009 (4A5BC939)
8eaca000 8ead5000   ndistapi ndistapi.sys Mon Jul 13 16:54:24 2009 (4A5BC930)
8ead5000 8eaf7000   ndiswan  ndiswan.sys  Mon Jul 13 16:54:34 2009 (4A5BC93A)
8eaf7000 8eb0f000   raspppoe raspppoe.sys Mon Jul 13 16:54:53 2009 (4A5BC94D)
8eb0f000 8eb26000   raspptp  raspptp.sys  Mon Jul 13 16:54:47 2009 (4A5BC947)
8eb26000 8eb3d000   rassstp  rassstp.sys  Mon Jul 13 16:54:57 2009 (4A5BC951)
8eb3d000 8eb47000   rdpbus   rdpbus.sys   Mon Jul 13 17:02:40 2009 (4A5BCB20)
8eb47000 8eb54000   kbdclass kbdclass.sys Mon Jul 13 16:11:15 2009 (4A5BBF13)
8eb54000 8eb61000   mouclass mouclass.sys Mon Jul 13 16:11:15 2009 (4A5BBF13)
8eb61000 8eb6c000   VClone   VClone.sys   Fri May 22 16:08:32 2009 (4A173070)
8eb6c000 8eb92000   SCSIPORT SCSIPORT.SYS Mon Jul 13 16:45:55 2009 (4A5BC733)
8eb92000 8eb93380   swenum   swenum.sys   Mon Jul 13 16:45:08 2009 (4A5BC704)
8eb94000 8ebc8000   ks       ks.sys       Mon Jul 13 16:45:13 2009 (4A5BC709)
8ebc8000 8ebd6000   umbus    umbus.sys    Mon Jul 13 16:51:38 2009 (4A5BC88A)
8ebd6000 8ebf0000   WudfPf   WudfPf.sys   Mon Jul 13 16:50:13 2009 (4A5BC835)
8f20f000 8f253000   usbhub   usbhub.sys   Mon Jul 13 16:52:06 2009 (4A5BC8A6)
8f253000 8f25d000   flpydisk flpydisk.sys Mon Jul 13 16:45:45 2009 (4A5BC729)
8f25d000 8f26e000   NDProxy  NDProxy.SYS  Mon Jul 13 16:54:27 2009 (4A5BC933)
8f26e000 8f2be000   HdAudio  HdAudio.sys  Mon Jul 13 16:51:46 2009 (4A5BC892)
8f2be000 8f2ed000   portcls  portcls.sys  Mon Jul 13 16:51:00 2009 (4A5BC864)
8f2ed000 8f306000   drmk     drmk.sys     Mon Jul 13 17:36:05 2009 (4A5BD2F5)
8f306000 8f31d000   USBSTOR  USBSTOR.SYS  Mon Jul 13 16:51:19 2009 (4A5BC877)
8f31d000 8f31e700   USBD     USBD.SYS     Mon Jul 13 16:51:05 2009 (4A5BC869)
8f31f000 8f32c000   crashdmp crashdmp.sys Mon Jul 13 16:45:50 2009 (4A5BC72E)
8f32c000 8f337000   dump_dumpata dump_dumpata.sys Mon Jul 13 16:11:16 2009 (4A5BBF14)
8f337000 8f340000   dump_atapi dump_atapi.sys Mon Jul 13 16:11:15 2009 (4A5BBF13)
8f340000 8f351000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 16:12:47 2009 (4A5BBF6F)
8f351000 8f35b000   Dxapi    Dxapi.sys    Mon Jul 13 16:25:25 2009 (4A5BC265)
8f35b000 8f366000   hidusb   hidusb.sys   Mon Jul 13 16:51:04 2009 (4A5BC868)
8f366000 8f379000   HIDCLASS HIDCLASS.SYS Mon Jul 13 16:51:01 2009 (4A5BC865)
8f379000 8f37f480   HIDPARSE HIDPARSE.SYS Mon Jul 13 16:50:59 2009 (4A5BC863)
8f380000 8f38c000   kbdhid   kbdhid.sys   Mon Jul 13 16:45:09 2009 (4A5BC705)
8f38c000 8f397000   mouhid   mouhid.sys   Mon Jul 13 16:45:08 2009 (4A5BC704)
8f397000 8f3a2000   monitor  monitor.sys  Mon Jul 13 16:25:58 2009 (4A5BC286)
8f3a2000 8f3ad000   usbprint usbprint.sys Mon Jul 13 17:17:06 2009 (4A5BCE82)
8f3ad000 8f3c8000   luafv    luafv.sys    Mon Jul 13 16:15:44 2009 (4A5BC020)
8f3c8000 8f3df000   aswMonFlt aswMonFlt.sys Tue Aug 11 03:28:05 2009 (4A8147B5)
8f3df000 8f3e7000   aswFsBlk aswFsBlk.sys Tue Aug 11 03:28:20 2009 (4A8147C4)
8f3e7000 8f3f7000   lltdio   lltdio.sys   Mon Jul 13 16:53:18 2009 (4A5BC8EE)
90ad0000 90d1a000   win32k   win32k.sys   Mon Jul 13 16:26:26 2009 (4A5BC2A2)
90d30000 90d39000   TSDDD    TSDDD.dll    unavailable (00000000)
90d60000 90d7e000   cdd      cdd.dll      Mon Jul 13 18:04:18 2009 (4A5BD992)
9860f000 98694000   HTTP     HTTP.sys     Mon Jul 13 16:12:53 2009 (4A5BBF75)
98694000 986ad000   bowser   bowser.sys   Mon Jul 13 16:14:21 2009 (4A5BBFCD)
986ad000 986bf000   mpsdrv   mpsdrv.sys   Mon Jul 13 16:52:52 2009 (4A5BC8D4)
986bf000 986e2000   mrxsmb   mrxsmb.sys   Mon Jul 13 16:14:24 2009 (4A5BBFD0)
986e2000 9871d000   mrxsmb10 mrxsmb10.sys Mon Jul 13 16:14:34 2009 (4A5BBFDA)
9871d000 98738000   mrxsmb20 mrxsmb20.sys Mon Jul 13 16:14:29 2009 (4A5BBFD5)
98754000 987eb000   peauth   peauth.sys   Mon Jul 13 17:35:44 2009 (4A5BD2E0)
987eb000 987f5000   secdrv   secdrv.SYS   Wed Sep 13 06:18:32 2006 (45080528)
99432000 9949c000   spsys    spsys.sys    Mon May 11 09:37:10 2009 (4A085436)
9949c000 994a9000   tcpipreg tcpipreg.sys Mon Jul 13 16:54:14 2009 (4A5BC926)
994a9000 994f8000   srv2     srv2.sys     Mon Jul 13 16:14:52 2009 (4A5BBFEC)
994f8000 99549000   srv      srv.sys      Mon Jul 13 16:15:10 2009 (4A5BBFFE)
99549000 99573000   fastfat  fastfat.SYS  Mon Jul 13 16:14:01 2009 (4A5BBFB9)
99573000 99593480   WUDFRd   WUDFRd.sys   Mon Jul 13 16:50:44 2009 (4A5BC854)

Unloaded modules:
99594000 9959f000   GPU-Z.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
98750000 98754000   cpuz132_x32.
    Timestamp: unavailable (00000000)
    Checksum:  00000000
98738000 98750000   parport.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
88db3000 88dc0000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
88dc0000 88dcb000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
88dcb000 88dd4000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
88dd4000 88de5000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
2: kd> lmntsm
start    end        module name
8ea5a000 8ea86000   1394ohci 1394ohci.sys Mon Jul 13 16:51:59 2009 (4A5BC89F)
8889e000 888e6000   ACPI     ACPI.sys     Mon Jul 13 16:11:11 2009 (4A5BBF0F)
8da9b000 8daf5000   afd      afd.sys      Mon Jul 13 16:12:34 2009 (4A5BBF62)
8eaa0000 8eab2000   AgileVpn AgileVpn.sys Mon Jul 13 16:55:00 2009 (4A5BC954)
889ef000 889f8000   amdxata  amdxata.sys  Tue May 19 10:57:35 2009 (4A12F30F)
8ea91000 8ea92420   ASACPI   ASACPI.sys   Thu Aug 12 19:52:52 2004 (411C2D04)
8f3df000 8f3e7000   aswFsBlk aswFsBlk.sys Tue Aug 11 03:28:20 2009 (4A8147C4)
8f3c8000 8f3df000   aswMonFlt aswMonFlt.sys Tue Aug 11 03:28:05 2009 (4A8147B5)
8daf5000 8daf8b20   aswRdr   aswRdr.SYS   Mon Aug 17 09:04:27 2009 (4A897F8B)
8d894000 8d8b5000   aswSP    aswSP.SYS    Tue Aug 11 03:28:30 2009 (4A8147CE)
8da90000 8da9a2c0   aswTdi   aswTdi.SYS   Mon Aug 17 09:04:38 2009 (4A897F96)
889c3000 889cc000   atapi    atapi.sys    Mon Jul 13 16:11:15 2009 (4A5BBF13)
889cc000 889ef000   ataport  ataport.SYS  Mon Jul 13 16:11:18 2009 (4A5BBF16)
88de5000 88dec000   Beep     Beep.SYS     Mon Jul 13 16:45:00 2009 (4A5BC6FC)
8d886000 8d894000   blbdrive blbdrive.sys Mon Jul 13 16:23:04 2009 (4A5BC1D8)
8869e000 886a6000   BOOTVID  BOOTVID.dll  Mon Jul 13 18:04:34 2009 (4A5BD9A2)
98694000 986ad000   bowser   bowser.sys   Mon Jul 13 16:14:21 2009 (4A5BBFCD)
90d60000 90d7e000   cdd      cdd.dll      Mon Jul 13 18:04:18 2009 (4A5BD992)
887c7000 887e6000   cdrom    cdrom.sys    Mon Jul 13 16:11:24 2009 (4A5BBF1C)
886e8000 88793000   CI       CI.dll       Mon Jul 13 18:09:28 2009 (4A5BDAC8)
88d8e000 88db3000   CLASSPNP CLASSPNP.SYS Mon Jul 13 16:11:20 2009 (4A5BBF18)
886a6000 886e8000   CLFS     CLFS.SYS     Mon Jul 13 16:11:10 2009 (4A5BBF0E)
88b89000 88be6000   cng      cng.sys      Mon Jul 13 16:32:55 2009 (4A5BC427)
8ea93000 8eaa0000   CompositeBus CompositeBus.sys Mon Jul 13 16:45:26 2009 (4A5BC716)
8f31f000 8f32c000   crashdmp crashdmp.sys Mon Jul 13 16:45:50 2009 (4A5BC72E)
8d80a000 8d86e000   csc      csc.sys      Mon Jul 13 16:15:08 2009 (4A5BBFFC)
8d86e000 8d886000   dfsc     dfsc.sys     Mon Jul 13 16:14:16 2009 (4A5BBFC8)
8dbdc000 8dbe8000   discache discache.sys Mon Jul 13 16:24:04 2009 (4A5BC214)
88d7d000 88d8e000   disk     disk.sys     Mon Jul 13 16:11:28 2009 (4A5BBF20)
8f2ed000 8f306000   drmk     drmk.sys     Mon Jul 13 17:36:05 2009 (4A5BD2F5)
8f337000 8f340000   dump_atapi dump_atapi.sys Mon Jul 13 16:11:15 2009 (4A5BBF13)
8f32c000 8f337000   dump_dumpata dump_dumpata.sys Mon Jul 13 16:11:16 2009 (4A5BBF14)
8f340000 8f351000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 16:12:47 2009 (4A5BBF6F)
8f351000 8f35b000   Dxapi    Dxapi.sys    Mon Jul 13 16:25:25 2009 (4A5BC265)
8d8e8000 8d99f000   dxgkrnl  dxgkrnl.sys  Thu Oct 01 17:48:33 2009 (4AC54DE1)
8e989000 8e9c2000   dxgmms1  dxgmms1.sys  Mon Jul 13 16:25:25 2009 (4A5BC265)
8dbd7000 8dbdb200   ElbyCDIO ElbyCDIO.sys Tue Feb 17 09:11:28 2009 (499AEFC0)
99549000 99573000   fastfat  fastfat.SYS  Mon Jul 13 16:14:01 2009 (4A5BBFB9)
8ea86000 8ea91000   fdc      fdc.sys      Mon Jul 13 16:45:45 2009 (4A5BC729)
88800000 88811000   fileinfo fileinfo.sys Mon Jul 13 16:21:51 2009 (4A5BC18F)
8f253000 8f25d000   flpydisk flpydisk.sys Mon Jul 13 16:45:45 2009 (4A5BC729)
88793000 887c7000   fltmgr   fltmgr.sys   Mon Jul 13 16:11:13 2009 (4A5BBF11)
88bf4000 88bfd000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 16:11:14 2009 (4A5BBF12)
88d4b000 88d7d000   fvevol   fvevol.sys   Mon Jul 13 16:13:01 2009 (4A5BBF7D)
88f78000 88fa9000   fwpkclnt fwpkclnt.sys Mon Jul 13 16:12:03 2009 (4A5BBF43)
82e18000 82e4f000   hal      halmacpi.dll Mon Jul 13 16:11:03 2009 (4A5BBF07)
8e9dc000 8e9fb000   HDAudBus HDAudBus.sys Mon Jul 13 16:50:55 2009 (4A5BC85F)
8f26e000 8f2be000   HdAudio  HdAudio.sys  Mon Jul 13 16:51:46 2009 (4A5BC892)
8f366000 8f379000   HIDCLASS HIDCLASS.SYS Mon Jul 13 16:51:01 2009 (4A5BC865)
8f379000 8f37f480   HIDPARSE HIDPARSE.SYS Mon Jul 13 16:50:59 2009 (4A5BC863)
8f35b000 8f366000   hidusb   hidusb.sys   Mon Jul 13 16:51:04 2009 (4A5BC868)
9860f000 98694000   HTTP     HTTP.sys     Mon Jul 13 16:12:53 2009 (4A5BBF75)
88d43000 88d4b000   hwpolicy hwpolicy.sys Mon Jul 13 16:11:01 2009 (4A5BBF05)
8d8d6000 8d8e8000   intelppm intelppm.sys Mon Jul 13 16:11:03 2009 (4A5BBF07)
8eb47000 8eb54000   kbdclass kbdclass.sys Mon Jul 13 16:11:15 2009 (4A5BBF13)
8f380000 8f38c000   kbdhid   kbdhid.sys   Mon Jul 13 16:45:09 2009 (4A5BC705)
80bbc000 80bc4000   kdcom    kdcom.dll    Mon Jul 13 18:08:58 2009 (4A5BDAAA)
8eb94000 8ebc8000   ks       ks.sys       Mon Jul 13 16:45:13 2009 (4A5BC709)
88b76000 88b89000   ksecdd   ksecdd.sys   Mon Jul 13 16:11:56 2009 (4A5BBF3C)
88d0e000 88d33000   ksecpkg  ksecpkg.sys  Mon Jul 13 16:34:00 2009 (4A5BC468)
8f3e7000 8f3f7000   lltdio   lltdio.sys   Mon Jul 13 16:53:18 2009 (4A5BC8EE)
8f3ad000 8f3c8000   luafv    luafv.sys    Mon Jul 13 16:15:44 2009 (4A5BC020)
88615000 8868d000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 18:06:41 2009 (4A5BDA21)
8f397000 8f3a2000   monitor  monitor.sys  Mon Jul 13 16:25:58 2009 (4A5BC286)
8eb54000 8eb61000   mouclass mouclass.sys Mon Jul 13 16:11:15 2009 (4A5BBF13)
8f38c000 8f397000   mouhid   mouhid.sys   Mon Jul 13 16:45:08 2009 (4A5BC704)
889ad000 889c3000   mountmgr mountmgr.sys Mon Jul 13 16:11:27 2009 (4A5BBF1F)
986ad000 986bf000   mpsdrv   mpsdrv.sys   Mon Jul 13 16:52:52 2009 (4A5BC8D4)
986bf000 986e2000   mrxsmb   mrxsmb.sys   Mon Jul 13 16:14:24 2009 (4A5BBFD0)
986e2000 9871d000   mrxsmb10 mrxsmb10.sys Mon Jul 13 16:14:34 2009 (4A5BBFDA)
9871d000 98738000   mrxsmb20 mrxsmb20.sys Mon Jul 13 16:14:29 2009 (4A5BBFD5)
8da55000 8da60000   Msfs     Msfs.SYS     Mon Jul 13 16:11:26 2009 (4A5BBF1E)
888ef000 888f7000   msisadrv msisadrv.sys Mon Jul 13 16:11:09 2009 (4A5BBF0D)
88b4b000 88b76000   msrpc    msrpc.sys    Mon Jul 13 16:11:59 2009 (4A5BBF3F)
8dbcd000 8dbd7000   mssmbios mssmbios.sys Mon Jul 13 16:19:25 2009 (4A5BC0FD)
88d33000 88d43000   mup      mup.sys      Mon Jul 13 16:14:14 2009 (4A5BBFC6)
88c19000 88cd0000   ndis     ndis.sys     Mon Jul 13 16:12:24 2009 (4A5BBF58)
8eaca000 8ead5000   ndistapi ndistapi.sys Mon Jul 13 16:54:24 2009 (4A5BC930)
8ead5000 8eaf7000   ndiswan  ndiswan.sys  Mon Jul 13 16:54:34 2009 (4A5BC93A)
8f25d000 8f26e000   NDProxy  NDProxy.SYS  Mon Jul 13 16:54:27 2009 (4A5BC933)
8db51000 8db5f000   netbios  netbios.sys  Mon Jul 13 16:53:54 2009 (4A5BC912)
8daf9000 8db2b000   netbt    netbt.sys    Mon Jul 13 16:12:18 2009 (4A5BBF52)
88cd0000 88d0e000   NETIO    NETIO.SYS    Mon Jul 13 16:12:35 2009 (4A5BBF63)
8da60000 8da6e000   Npfs     Npfs.SYS     Mon Jul 13 16:11:31 2009 (4A5BBF23)
8dbc3000 8dbcd000   nsiproxy nsiproxy.sys Mon Jul 13 16:12:08 2009 (4A5BBF48)
82a08000 82e18000   nt       ntkrpamp.exe Mon Jul 13 16:15:19 2009 (4A5BC007)
88a1c000 88b4b000   Ntfs     Ntfs.sys     Mon Jul 13 16:12:05 2009 (4A5BBF45)
88ff9000 89000000   Null     Null.SYS     Mon Jul 13 16:11:12 2009 (4A5BBF10)
8e987000 8e988080   nvBridge nvBridge.kmd Tue Jun 30 12:49:58 2009 (4A4A6C66)
8e031000 8e986280   nvlddmkm nvlddmkm.sys Tue Jun 30 13:24:07 2009 (4A4A7467)
8db32000 8db51000   pacer    pacer.sys    Mon Jul 13 16:53:58 2009 (4A5BC916)
8892c000 8893d000   partmgr  partmgr.sys  Mon Jul 13 16:11:35 2009 (4A5BBF27)
888f7000 88921000   pci      pci.sys      Mon Jul 13 16:11:16 2009 (4A5BBF14)
88998000 8899f000   pciide   pciide.sys   Mon Jul 13 16:11:19 2009 (4A5BBF17)
8899f000 889ad000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 16:11:15 2009 (4A5BBF13)
88be6000 88bf4000   pcw      pcw.sys      Mon Jul 13 16:11:10 2009 (4A5BBF0E)
98754000 987eb000   peauth   peauth.sys   Mon Jul 13 17:35:44 2009 (4A5BD2E0)
8f2be000 8f2ed000   portcls  portcls.sys  Mon Jul 13 16:51:00 2009 (4A5BC864)
8868d000 8869e000   PSHED    PSHED.dll    Mon Jul 13 18:09:36 2009 (4A5BDAD0)
8eab2000 8eaca000   rasl2tp  rasl2tp.sys  Mon Jul 13 16:54:33 2009 (4A5BC939)
8eaf7000 8eb0f000   raspppoe raspppoe.sys Mon Jul 13 16:54:53 2009 (4A5BC94D)
8eb0f000 8eb26000   raspptp  raspptp.sys  Mon Jul 13 16:54:47 2009 (4A5BC947)
8eb26000 8eb3d000   rassstp  rassstp.sys  Mon Jul 13 16:54:57 2009 (4A5BC951)
8db82000 8dbc3000   rdbss    rdbss.sys    Mon Jul 13 16:14:26 2009 (4A5BBFD2)
8eb3d000 8eb47000   rdpbus   rdpbus.sys   Mon Jul 13 17:02:40 2009 (4A5BCB20)
8da3d000 8da45000   RDPCDD   RDPCDD.sys   Mon Jul 13 17:01:40 2009 (4A5BCAE4)
8da45000 8da4d000   rdpencdd rdpencdd.sys Mon Jul 13 17:01:39 2009 (4A5BCAE3)
8da4d000 8da55000   rdprefmp rdprefmp.sys Mon Jul 13 17:01:41 2009 (4A5BCAE5)
88e00000 88e2d000   rdyboost rdyboost.sys Mon Jul 13 16:22:02 2009 (4A5BC19A)
8e000000 8e013000   rspndr   rspndr.sys   Mon Jul 13 16:53:20 2009 (4A5BC8F0)
8eb6c000 8eb92000   SCSIPORT SCSIPORT.SYS Mon Jul 13 16:45:55 2009 (4A5BC733)
987eb000 987f5000   secdrv   secdrv.SYS   Wed Sep 13 06:18:32 2006 (45080528)
88ff1000 88ff9000   spldr    spldr.sys    Mon May 11 09:13:47 2009 (4A084EBB)
99432000 9949c000   spsys    spsys.sys    Mon May 11 09:37:10 2009 (4A085436)
994f8000 99549000   srv      srv.sys      Mon Jul 13 16:15:10 2009 (4A5BBFFE)
994a9000 994f8000   srv2     srv2.sys     Mon Jul 13 16:14:52 2009 (4A5BBFEC)
88db3000 88dd4000   srvnet   srvnet.sys   Mon Jul 13 16:14:45 2009 (4A5BBFE5)
8eb92000 8eb93380   swenum   swenum.sys   Mon Jul 13 16:45:08 2009 (4A5BC704)
88e2f000 88f78000   tcpip    tcpip.sys    Mon Jul 13 16:13:18 2009 (4A5BBF8E)
9949c000 994a9000   tcpipreg tcpipreg.sys Mon Jul 13 16:54:14 2009 (4A5BC926)
8da85000 8da90000   TDI      TDI.SYS      Mon Jul 13 16:12:12 2009 (4A5BBF4C)
8da6e000 8da85000   tdx      tdx.sys      Mon Jul 13 16:12:10 2009 (4A5BBF4A)
8db72000 8db82000   termdd   termdd.sys   Mon Jul 13 17:01:35 2009 (4A5BCADF)
90d30000 90d39000   TSDDD    TSDDD.dll    unavailable (00000000)
8d8b5000 8d8d6000   tunnel   tunnel.sys   Mon Jul 13 16:54:03 2009 (4A5BC91B)
8ebc8000 8ebd6000   umbus    umbus.sys    Mon Jul 13 16:51:38 2009 (4A5BC88A)
8f31d000 8f31e700   USBD     USBD.SYS     Mon Jul 13 16:51:05 2009 (4A5BC869)
8e9cd000 8e9dc000   usbehci  usbehci.sys  Mon Jul 13 16:51:14 2009 (4A5BC872)
8f20f000 8f253000   usbhub   usbhub.sys   Mon Jul 13 16:52:06 2009 (4A5BC8A6)
8d99f000 8d9ea000   USBPORT  USBPORT.SYS  Mon Jul 13 16:51:13 2009 (4A5BC871)
8f3a2000 8f3ad000   usbprint usbprint.sys Mon Jul 13 17:17:06 2009 (4A5BCE82)
8f306000 8f31d000   USBSTOR  USBSTOR.SYS  Mon Jul 13 16:51:19 2009 (4A5BC877)
8e9c2000 8e9cd000   usbuhci  usbuhci.sys  Mon Jul 13 16:51:10 2009 (4A5BC86E)
8eb61000 8eb6c000   VClone   VClone.sys   Fri May 22 16:08:32 2009 (4A173070)
88921000 8892c000   vdrvroot vdrvroot.sys Mon Jul 13 16:46:19 2009 (4A5BC74B)
88dec000 88df8000   vga      vga.sys      Mon Jul 13 16:25:50 2009 (4A5BC27E)
8da0f000 8da30000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 16:25:49 2009 (4A5BC27D)
88fa9000 88fb1380   vmstorfl vmstorfl.sys Mon Jul 13 16:28:44 2009 (4A5BC32C)
8893d000 8894d000   volmgr   volmgr.sys   Mon Jul 13 16:11:25 2009 (4A5BBF1D)
8894d000 88998000   volmgrx  volmgrx.sys  Mon Jul 13 16:11:41 2009 (4A5BBF2D)
88fb2000 88ff1000   volsnap  volsnap.sys  Mon Jul 13 16:11:34 2009 (4A5BBF26)
8db5f000 8db72000   wanarp   wanarp.sys   Mon Jul 13 16:55:02 2009 (4A5BC956)
8da30000 8da3d000   watchdog watchdog.sys Mon Jul 13 16:24:10 2009 (4A5BC21A)
8881f000 88890000   Wdf01000 Wdf01000.sys Mon Jul 13 16:11:36 2009 (4A5BBF28)
88890000 8889e000   WDFLDR   WDFLDR.SYS   Mon Jul 13 16:11:25 2009 (4A5BBF1D)
8db2b000 8db32000   wfplwf   wfplwf.sys   Mon Jul 13 16:53:51 2009 (4A5BC90F)
90ad0000 90d1a000   win32k   win32k.sys   Mon Jul 13 16:26:26 2009 (4A5BC2A2)
888e6000 888ef000   WMILIB   WMILIB.SYS   Mon Jul 13 16:11:22 2009 (4A5BBF1A)
8ebd6000 8ebf0000   WudfPf   WudfPf.sys   Mon Jul 13 16:50:13 2009 (4A5BC835)
99573000 99593480   WUDFRd   WUDFRd.sys   Mon Jul 13 16:50:44 2009 (4A5BC854)
8ea0a000 8ea5a000   yk62x86  yk62x86.sys  Mon Feb 23 06:44:18 2009 (49A2B642)

Unloaded modules:
99594000 9959f000   GPU-Z.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
98750000 98754000   cpuz132_x32.
    Timestamp: unavailable (00000000)
    Checksum:  00000000
98738000 98750000   parport.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
88db3000 88dc0000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
88dc0000 88dcb000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
88dcb000 88dd4000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
88dd4000 88de5000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
=lucida console] 

[/font]






0xa Bugcheck - Windows 7 x86


Code:


[font=lucida console]
Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\PalmDesert7\AppData\Local\Temp\SAL25D.tmp\101209-15865-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (4 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16385.x86fre.win7_rtm.090713-1255
Machine Name:
Kernel base = 0x8284a000 PsLoadedModuleList = 0x82992810
Debug session time: Mon Oct 12 15:50:15.344 2009 (GMT-8)
System Uptime: 0 days 3:25:25.499
Loading Kernel Symbols
...............................................................
................................................................
......................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck A, {8, 2, 1, 828e5168}

Probably caused by : memory_corruption ( nt!MiReplenishPageSlist+69 )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 00000008, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000001, bitfield :
	bit 0 : value 0 = read operation, 1 = write operation
	bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: 828e5168, address which referenced memory

Debugging Details:
------------------


WRITE_ADDRESS: GetPointerFromAddress: unable to read from 829b2718
Unable to read MiSystemVaType memory at 82992160
 00000008 

CURRENT_IRQL:  2

FAULTING_IP: 
nt!MiReplenishPageSlist+69
828e5168 f00fba2900      lock bts dword ptr [ecx],0

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0xA

PROCESS_NAME:  taskhost.exe

TRAP_FRAME:  97337b18 -- (.trap 0xffffffff97337b18)
ErrCode = 00000002
eax=9533e000 ebx=8cee7798 ecx=00000400 edx=00000000 esi=9533d000 edi=a91ea000
eip=828887d3 esp=97337b8c ebp=97337b94 iopl=0         nv up ei pl nz ac po nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010212
nt!memcpy+0x33:
828887d3 f3a5            rep movs dword ptr es:[edi],dword ptr [esi]
Resetting default scope

LAST_CONTROL_TRANSFER:  from 828e5168 to 828907eb

STACK_TEXT:  
97337894 828e5168 badb0d00 00000017 00000003 nt!KiTrap0E+0x2cf
9733791c 828d65b6 829b3000 00000017 00000001 nt!MiReplenishPageSlist+0x69
97337988 828de273 00000017 00000000 00000000 nt!MiRemoveAnyPage+0x514
973379b0 828d88d5 00000017 00000000 00000000 nt!MiGetPage+0x28a
973379f8 828da979 00000001 a91ea000 97337b18 nt!MiResolveDemandZeroFault+0x121
97337a78 828d0d56 a91ea000 00000000 8297e300 nt!MiDispatchFault+0x659
97337b00 828905f8 00000001 a91ea000 00000000 nt!MmAccessFault+0x157c
97337b00 828887d3 00000001 a91ea000 00000000 nt!KiTrap0E+0xdc
97337b94 82aee307 a91ea000 9533d000 00001000 nt!memcpy+0x33
97337c10 82aedbc1 9533d000 97337c64 97337c48 nt!CmpSnapshotHiveToOffsetArray+0x551
97337cf0 82aed9a9 000003ea 0092fbec 82a04266 nt!CmpFlushBackupHive+0x158
97337d10 82a042c4 0092fbec 82a04266 85480501 nt!CmpSyncNextBackupHive+0xb0
97337d28 8288d42a 000003ea 0092fc00 775e64f4 nt!NtInitializeRegistry+0x5e
97337d28 775e64f4 000003ea 0092fc00 775e64f4 nt!KiFastCallEntry+0x12a
WARNING: Frame IP not in any known module. Following frames may be wrong.
0092fc00 00000000 00000000 00000000 00000000 0x775e64f4


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!MiReplenishPageSlist+69
828e5168 f00fba2900      lock bts dword ptr [ecx],0

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  nt!MiReplenishPageSlist+69

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc007

IMAGE_NAME:  memory_corruption

FAILURE_BUCKET_ID:  0xA_nt!MiReplenishPageSlist+69

BUCKET_ID:  0xA_nt!MiReplenishPageSlist+69

Followup: MachineOwner
---------

0: kd> lmvm nt
start    end        module name
8284a000 82c5a000   nt         (pdb symbols)          c:\symbols\ntkrpamp.pdb\5B308B4ED6464159B87117C711E7340C2\ntkrpamp.pdb
    Loaded symbol image file: ntkrpamp.exe
    Mapped memory image file: c:\symbols\ntkrpamp.exe\4A5BC007410000\ntkrpamp.exe
    Image path: ntkrpamp.exe
    Image name: ntkrpamp.exe
    Timestamp:        Mon Jul 13 16:15:19 2009 (4A5BC007)
    CheckSum:         003C9503
    ImageSize:        00410000
    File version:     6.1.7600.16385
    Product version:  6.1.7600.16385
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        1.0 App
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     ntkrpamp.exe
    OriginalFilename: ntkrpamp.exe
    ProductVersion:   6.1.7600.16385
    FileVersion:      6.1.7600.16385 (win7_rtm.090713-1255)
    FileDescription:  NT Kernel & System
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
0: kd> k
ChildEBP RetAddr  
97337894 828e5168 nt!KiTrap0E+0x2cf
9733791c 828d65b6 nt!MiReplenishPageSlist+0x69
97337988 828de273 nt!MiRemoveAnyPage+0x514
973379b0 828d88d5 nt!MiGetPage+0x28a
973379f8 828da979 nt!MiResolveDemandZeroFault+0x121
97337a78 828d0d56 nt!MiDispatchFault+0x659
97337b00 828905f8 nt!MmAccessFault+0x157c
97337b00 828887d3 nt!KiTrap0E+0xdc
97337b94 82aee307 nt!memcpy+0x33
97337c10 82aedbc1 nt!CmpSnapshotHiveToOffsetArray+0x551
97337cf0 82aed9a9 nt!CmpFlushBackupHive+0x158
97337d10 82a042c4 nt!CmpSyncNextBackupHive+0xb0
97337d28 8288d42a nt!NtInitializeRegistry+0x5e
97337d28 775e64f4 nt!KiFastCallEntry+0x12a
WARNING: Frame IP not in any known module. Following frames may be wrong.
0092fc00 00000000 0x775e64f4
0: kd> lmnt
start    end        module name
80b97000 80b9f000   kdcom    kdcom.dll    Mon Jul 13 18:08:58 2009 (4A5BDAAA)
82813000 8284a000   hal      halmacpi.dll Mon Jul 13 16:11:03 2009 (4A5BBF07)
8284a000 82c5a000   nt       ntkrpamp.exe Mon Jul 13 16:15:19 2009 (4A5BC007)
82e00000 82e78000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 18:06:41 2009 (4A5BDA21)
82e78000 82e89000   PSHED    PSHED.dll    Mon Jul 13 18:09:36 2009 (4A5BDAD0)
82e89000 82e91000   BOOTVID  BOOTVID.dll  Mon Jul 13 18:04:34 2009 (4A5BD9A2)
82e91000 82ed3000   CLFS     CLFS.SYS     Mon Jul 13 16:11:10 2009 (4A5BBF0E)
82ed3000 82f7e000   CI       CI.dll       Mon Jul 13 18:09:28 2009 (4A5BDAC8)
82f7e000 82fef000   Wdf01000 Wdf01000.sys Mon Jul 13 16:11:36 2009 (4A5BBF28)
82fef000 82ffd000   WDFLDR   WDFLDR.SYS   Mon Jul 13 16:11:25 2009 (4A5BBF1D)
8be00000 8be0b000   Msfs     Msfs.SYS     Mon Jul 13 16:11:26 2009 (4A5BBF1E)
8be0b000 8be19000   Npfs     Npfs.SYS     Mon Jul 13 16:11:31 2009 (4A5BBF23)
8be22000 8be6a000   ACPI     ACPI.sys     Mon Jul 13 16:11:11 2009 (4A5BBF0F)
8be6a000 8be73000   WMILIB   WMILIB.SYS   Mon Jul 13 16:11:22 2009 (4A5BBF1A)
8be73000 8be7b000   msisadrv msisadrv.sys Mon Jul 13 16:11:09 2009 (4A5BBF0D)
8be7b000 8bea5000   pci      pci.sys      Mon Jul 13 16:11:16 2009 (4A5BBF14)
8bea5000 8beb0000   vdrvroot vdrvroot.sys Mon Jul 13 16:46:19 2009 (4A5BC74B)
8beb0000 8bec1000   partmgr  partmgr.sys  Mon Jul 13 16:11:35 2009 (4A5BBF27)
8bec1000 8bed1000   volmgr   volmgr.sys   Mon Jul 13 16:11:25 2009 (4A5BBF1D)
8bed1000 8bf1c000   volmgrx  volmgrx.sys  Mon Jul 13 16:11:41 2009 (4A5BBF2D)
8bf1c000 8bf23000   pciide   pciide.sys   Mon Jul 13 16:11:19 2009 (4A5BBF17)
8bf23000 8bf31000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 16:11:15 2009 (4A5BBF13)
8bf31000 8bf47000   mountmgr mountmgr.sys Mon Jul 13 16:11:27 2009 (4A5BBF1F)
8bf47000 8bf50000   atapi    atapi.sys    Mon Jul 13 16:11:15 2009 (4A5BBF13)
8bf50000 8bf73000   ataport  ataport.SYS  Mon Jul 13 16:11:18 2009 (4A5BBF16)
8bf73000 8bf7c000   amdxata  amdxata.sys  Tue May 19 10:57:35 2009 (4A12F30F)
8bf7c000 8bfb0000   fltmgr   fltmgr.sys   Mon Jul 13 16:11:13 2009 (4A5BBF11)
8bfb0000 8bfc1000   fileinfo fileinfo.sys Mon Jul 13 16:21:51 2009 (4A5BC18F)
8bfc1000 8bfe2000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 16:25:49 2009 (4A5BC27D)
8bfe2000 8bfef000   watchdog watchdog.sys Mon Jul 13 16:24:10 2009 (4A5BC21A)
8bfef000 8bff7000   rdpencdd rdpencdd.sys Mon Jul 13 17:01:39 2009 (4A5BCAE3)
8bff7000 8bfff000   rdprefmp rdprefmp.sys Mon Jul 13 17:01:41 2009 (4A5BCAE5)
8c000000 8c00e000   pcw      pcw.sys      Mon Jul 13 16:11:10 2009 (4A5BBF0E)
8c00e000 8c017000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 16:11:14 2009 (4A5BBF12)
8c017000 8c023000   vga      vga.sys      Mon Jul 13 16:25:50 2009 (4A5BC27E)
8c02a000 8c159000   Ntfs     Ntfs.sys     Mon Jul 13 16:12:05 2009 (4A5BBF45)
8c159000 8c184000   msrpc    msrpc.sys    Mon Jul 13 16:11:59 2009 (4A5BBF3F)
8c184000 8c197000   ksecdd   ksecdd.sys   Mon Jul 13 16:11:56 2009 (4A5BBF3C)
8c197000 8c1f4000   cng      cng.sys      Mon Jul 13 16:32:55 2009 (4A5BC427)
8c1f4000 8c1fc000   RDPCDD   RDPCDD.sys   Mon Jul 13 17:01:40 2009 (4A5BCAE4)
8c200000 8c21f000   cdrom    cdrom.sys    Mon Jul 13 16:11:24 2009 (4A5BBF1C)
8c21f000 8c226000   Null     Null.SYS     Mon Jul 13 16:11:12 2009 (4A5BBF10)
8c227000 8c2de000   ndis     ndis.sys     Mon Jul 13 16:12:24 2009 (4A5BBF58)
8c2de000 8c31c000   NETIO    NETIO.SYS    Mon Jul 13 16:12:35 2009 (4A5BBF63)
8c31c000 8c341000   ksecpkg  ksecpkg.sys  Mon Jul 13 16:34:00 2009 (4A5BC468)
8c341000 8c351000   mup      mup.sys      Mon Jul 13 16:14:14 2009 (4A5BBFC6)
8c351000 8c359000   hwpolicy hwpolicy.sys Mon Jul 13 16:11:01 2009 (4A5BBF05)
8c359000 8c38b000   fvevol   fvevol.sys   Mon Jul 13 16:13:01 2009 (4A5BBF7D)
8c38b000 8c39c000   disk     disk.sys     Mon Jul 13 16:11:28 2009 (4A5BBF20)
8c39c000 8c3c1000   CLASSPNP CLASSPNP.SYS Mon Jul 13 16:11:20 2009 (4A5BBF18)
8c3c1000 8c3ca000   dump_atapi dump_atapi.sys Mon Jul 13 16:11:15 2009 (4A5BBF13)
8c3ca000 8c3db000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 16:12:47 2009 (4A5BBF6F)
8c3db000 8c3eb000   lltdio   lltdio.sys   Mon Jul 13 16:53:18 2009 (4A5BC8EE)
8c3f3000 8c3fa000   Beep     Beep.SYS     Mon Jul 13 16:45:00 2009 (4A5BC6FC)
8c400000 8c408000   spldr    spldr.sys    Mon May 11 09:13:47 2009 (4A084EBB)
8c408000 8c435000   rdyboost rdyboost.sys Mon Jul 13 16:22:02 2009 (4A5BC19A)
8c439000 8c582000   tcpip    tcpip.sys    Mon Jul 13 16:13:18 2009 (4A5BBF8E)
8c582000 8c5b3000   fwpkclnt fwpkclnt.sys Mon Jul 13 16:12:03 2009 (4A5BBF43)
8c5b3000 8c5bb380   vmstorfl vmstorfl.sys Mon Jul 13 16:28:44 2009 (4A5BC32C)
8c5bc000 8c5fb000   volsnap  volsnap.sys  Mon Jul 13 16:11:34 2009 (4A5BBF26)
8de00000 8de16000   cdfs     cdfs.sys     Mon Jul 13 16:11:14 2009 (4A5BBF12)
8de16000 8de21000   dump_dumpata dump_dumpata.sys Mon Jul 13 16:11:16 2009 (4A5BBF14)
8de28000 8de3f000   tdx      tdx.sys      Mon Jul 13 16:12:10 2009 (4A5BBF4A)
8de3f000 8de4a000   TDI      TDI.SYS      Mon Jul 13 16:12:12 2009 (4A5BBF4C)
8de4a000 8de542c0   aswTdi   aswTdi.SYS   Mon Aug 17 09:04:38 2009 (4A897F96)
8de55000 8deaf000   afd      afd.sys      Mon Jul 13 16:12:34 2009 (4A5BBF62)
8deaf000 8deb2b20   aswRdr   aswRdr.SYS   Mon Aug 17 09:04:27 2009 (4A897F8B)
8deb3000 8dee5000   netbt    netbt.sys    Mon Jul 13 16:12:18 2009 (4A5BBF52)
8dee5000 8deec000   wfplwf   wfplwf.sys   Mon Jul 13 16:53:51 2009 (4A5BC90F)
8deec000 8df0b000   pacer    pacer.sys    Mon Jul 13 16:53:58 2009 (4A5BC916)
8df0b000 8df19000   netbios  netbios.sys  Mon Jul 13 16:53:54 2009 (4A5BC912)
8df19000 8df2c000   wanarp   wanarp.sys   Mon Jul 13 16:55:02 2009 (4A5BC956)
8df2c000 8df3c000   termdd   termdd.sys   Mon Jul 13 17:01:35 2009 (4A5BCADF)
8df3c000 8df7d000   rdbss    rdbss.sys    Mon Jul 13 16:14:26 2009 (4A5BBFD2)
8df7d000 8df87000   nsiproxy nsiproxy.sys Mon Jul 13 16:12:08 2009 (4A5BBF48)
8df87000 8df91000   mssmbios mssmbios.sys Mon Jul 13 16:19:25 2009 (4A5BC0FD)
8df91000 8df95200   ElbyCDIO ElbyCDIO.sys Tue Feb 17 09:11:28 2009 (499AEFC0)
8df96000 8dfa2000   discache discache.sys Mon Jul 13 16:24:04 2009 (4A5BC214)
8dfa2000 8dfaf000   mouclass mouclass.sys Mon Jul 13 16:11:15 2009 (4A5BBF13)
8dfaf000 8dfba000   VClone   VClone.sys   Fri May 22 16:08:32 2009 (4A173070)
8dfba000 8dfe0000   SCSIPORT SCSIPORT.SYS Mon Jul 13 16:45:55 2009 (4A5BC733)
8dfe0000 8dffa000   WudfPf   WudfPf.sys   Mon Jul 13 16:50:13 2009 (4A5BC835)
90e00000 90e17000   raspptp  raspptp.sys  Mon Jul 13 16:54:47 2009 (4A5BC947)
90e17000 90e2e000   rassstp  rassstp.sys  Mon Jul 13 16:54:57 2009 (4A5BC951)
90e2e000 90e3b000   kbdclass kbdclass.sys Mon Jul 13 16:11:15 2009 (4A5BBF13)
90e3c000 90ea0000   csc      csc.sys      Mon Jul 13 16:15:08 2009 (4A5BBFFC)
90ea0000 90eb8000   dfsc     dfsc.sys     Mon Jul 13 16:14:16 2009 (4A5BBFC8)
90eb8000 90ec6000   blbdrive blbdrive.sys Mon Jul 13 16:23:04 2009 (4A5BC1D8)
90ec6000 90ee7000   aswSP    aswSP.SYS    Tue Aug 11 03:28:30 2009 (4A8147CE)
90ee7000 90f08000   tunnel   tunnel.sys   Mon Jul 13 16:54:03 2009 (4A5BC91B)
90f08000 90f1a000   intelppm intelppm.sys Mon Jul 13 16:11:03 2009 (4A5BBF07)
90f1a000 90f6a000   yk62x86  yk62x86.sys  Mon Feb 23 06:44:18 2009 (49A2B642)
90f6a000 90f96000   1394ohci 1394ohci.sys Mon Jul 13 16:51:59 2009 (4A5BC89F)
90f96000 90fa8000   AgileVpn AgileVpn.sys Mon Jul 13 16:55:00 2009 (4A5BC954)
90fa8000 90fc0000   rasl2tp  rasl2tp.sys  Mon Jul 13 16:54:33 2009 (4A5BC939)
90fc0000 90fe2000   ndiswan  ndiswan.sys  Mon Jul 13 16:54:34 2009 (4A5BC93A)
90fe2000 90ffa000   raspppoe raspppoe.sys Mon Jul 13 16:54:53 2009 (4A5BC94D)
91600000 9160a000   rdpbus   rdpbus.sys   Mon Jul 13 17:02:40 2009 (4A5BCB20)
9160a000 9160b380   swenum   swenum.sys   Mon Jul 13 16:45:08 2009 (4A5BC704)
9160e000 91a62000   atikmdag atikmdag.sys Fri Apr 24 03:50:20 2009 (49F1996C)
91a62000 91b19000   dxgkrnl  dxgkrnl.sys  Mon Jul 13 16:26:15 2009 (4A5BC297)
91b19000 91b52000   dxgmms1  dxgmms1.sys  Mon Jul 13 16:25:25 2009 (4A5BC265)
91b52000 91b5d000   usbuhci  usbuhci.sys  Mon Jul 13 16:51:10 2009 (4A5BC86E)
91b5d000 91ba8000   USBPORT  USBPORT.SYS  Mon Jul 13 16:51:13 2009 (4A5BC871)
91ba8000 91bb7000   usbehci  usbehci.sys  Mon Jul 13 16:51:14 2009 (4A5BC872)
91bb7000 91bd6000   HDAudBus HDAudBus.sys Mon Jul 13 16:50:55 2009 (4A5BC85F)
91bd6000 91be1000   fdc      fdc.sys      Mon Jul 13 16:45:45 2009 (4A5BC729)
91be1000 91be2420   ASACPI   ASACPI.sys   Thu Aug 12 19:52:52 2004 (411C2D04)
91be3000 91bf0000   CompositeBus CompositeBus.sys Mon Jul 13 16:45:26 2009 (4A5BC716)
91bf0000 91bfb000   ndistapi ndistapi.sys Mon Jul 13 16:54:24 2009 (4A5BC930)
92600000 92617000   aswMonFlt aswMonFlt.sys Tue Aug 11 03:28:05 2009 (4A8147B5)
92617000 9261f000   aswFsBlk aswFsBlk.sys Tue Aug 11 03:28:20 2009 (4A8147C4)
9261f000 9262a000   usbprint usbprint.sys Mon Jul 13 17:17:06 2009 (4A5BCE82)
9262f000 92663000   ks       ks.sys       Mon Jul 13 16:45:13 2009 (4A5BC709)
92663000 92671000   umbus    umbus.sys    Mon Jul 13 16:51:38 2009 (4A5BC88A)
92671000 926b5000   usbhub   usbhub.sys   Mon Jul 13 16:52:06 2009 (4A5BC8A6)
926b5000 926bf000   flpydisk flpydisk.sys Mon Jul 13 16:45:45 2009 (4A5BC729)
926bf000 926d0000   NDProxy  NDProxy.SYS  Mon Jul 13 16:54:27 2009 (4A5BC933)
926d0000 92720000   HdAudio  HdAudio.sys  Mon Jul 13 16:51:46 2009 (4A5BC892)
92720000 9274f000   portcls  portcls.sys  Mon Jul 13 16:51:00 2009 (4A5BC864)
9274f000 92768000   drmk     drmk.sys     Mon Jul 13 17:36:05 2009 (4A5BD2F5)
92768000 92773000   hidusb   hidusb.sys   Mon Jul 13 16:51:04 2009 (4A5BC868)
92773000 92786000   HIDCLASS HIDCLASS.SYS Mon Jul 13 16:51:01 2009 (4A5BC865)
92786000 9278c480   HIDPARSE HIDPARSE.SYS Mon Jul 13 16:50:59 2009 (4A5BC863)
9278d000 9278e700   USBD     USBD.SYS     Mon Jul 13 16:51:05 2009 (4A5BC869)
9278f000 92799000   Dxapi    Dxapi.sys    Mon Jul 13 16:25:25 2009 (4A5BC265)
92799000 927a5000   kbdhid   kbdhid.sys   Mon Jul 13 16:45:09 2009 (4A5BC705)
927a5000 927b0000   mouhid   mouhid.sys   Mon Jul 13 16:45:08 2009 (4A5BC704)
927b0000 927c7000   USBSTOR  USBSTOR.SYS  Mon Jul 13 16:51:19 2009 (4A5BC877)
927c7000 927d2000   monitor  monitor.sys  Mon Jul 13 16:25:58 2009 (4A5BC286)
927d2000 927ed000   luafv    luafv.sys    Mon Jul 13 16:15:44 2009 (4A5BC020)
927ed000 927fa000   crashdmp crashdmp.sys Mon Jul 13 16:45:50 2009 (4A5BC72E)
93a20000 93a3e000   cdd      cdd.dll      unavailable (00000000)
93b80000 93dca000   win32k   win32k.sys   Mon Jul 13 16:26:26 2009 (4A5BC2A2)
93de0000 93de9000   TSDDD    TSDDD.dll    Mon Jul 13 17:01:40 2009 (4A5BCAE4)
97c1e000 97c31000   rspndr   rspndr.sys   Mon Jul 13 16:53:20 2009 (4A5BC8F0)
97c31000 97c5b000   fastfat  fastfat.SYS  Mon Jul 13 16:14:01 2009 (4A5BBFB9)
97c5b000 97ce0000   HTTP     HTTP.sys     Mon Jul 13 16:12:53 2009 (4A5BBF75)
97ce0000 97cf9000   bowser   bowser.sys   Mon Jul 13 16:14:21 2009 (4A5BBFCD)
97cf9000 97d0b000   mpsdrv   mpsdrv.sys   Mon Jul 13 16:52:52 2009 (4A5BC8D4)
97d0b000 97d2e000   mrxsmb   mrxsmb.sys   Mon Jul 13 16:14:24 2009 (4A5BBFD0)
97d2e000 97d69000   mrxsmb10 mrxsmb10.sys Mon Jul 13 16:14:34 2009 (4A5BBFDA)
97d69000 97d84000   mrxsmb20 mrxsmb20.sys Mon Jul 13 16:14:29 2009 (4A5BBFD5)
97d9c000 97dbc480   WUDFRd   WUDFRd.sys   Mon Jul 13 16:50:44 2009 (4A5BC854)
9b418000 9b4af000   peauth   peauth.sys   Mon Jul 13 17:35:44 2009 (4A5BD2E0)
9b4af000 9b4b9000   secdrv   secdrv.SYS   Wed Sep 13 06:18:32 2006 (45080528)
9b4b9000 9b4da000   srvnet   srvnet.sys   Mon Jul 13 16:14:45 2009 (4A5BBFE5)
9b4da000 9b4e7000   tcpipreg tcpipreg.sys Mon Jul 13 16:54:14 2009 (4A5BC926)
9b551000 9b5a0000   srv2     srv2.sys     Mon Jul 13 16:14:52 2009 (4A5BBFEC)
9b5a0000 9b5f1000   srv      srv.sys      Mon Jul 13 16:15:10 2009 (4A5BBFFE)

Unloaded modules:
9b4e7000 9b551000   spsys.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
97d84000 97d9c000   parport.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
8c3c1000 8c3ce000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
8c3ce000 8c3d9000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
8c3d9000 8c3e2000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
8c3e2000 8c3f3000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
0: kd> !for_each_module .echo @#ModuleName fver = @#FileVersion pver = @#ProductVersion 
kdcom fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
hal fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
nt fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
mcupdate_GenuineIntel fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
PSHED fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
BOOTVID fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
CLFS fver =  pver =
CI fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
Wdf01000 fver = 1.9.7600.16385 (win7_rtm.090713-1255) pver = 1.9.7600.16385
WDFLDR fver =  pver =
Msfs fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
Npfs fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
ACPI fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
WMILIB fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
msisadrv fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
pci fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
vdrvroot fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
partmgr fver =  pver =
volmgr fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
volmgrx fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
pciide fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
PCIIDEX fver =  pver =
mountmgr fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
atapi fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
ataport fver =  pver =
amdxata fver =  pver =
fltmgr fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
fileinfo fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
VIDEOPRT fver =  pver =
watchdog fver =  pver =
rdpencdd fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
rdprefmp fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
pcw fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
Fs_Rec fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
vga fver =  pver =
Ntfs fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
msrpc fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
ksecdd fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
cng fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
RDPCDD fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
cdrom fver =  pver =
Null fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
ndis fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
NETIO fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
ksecpkg fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
mup fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
hwpolicy fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
fvevol fver =  pver =
disk fver =  pver =
CLASSPNP fver =  pver =
dump_atapi fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
dump_dumpfve fver =  pver =
lltdio fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
Beep fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
spldr fver =  pver =
rdyboost fver =  pver =
tcpip fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
fwpkclnt fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
vmstorfl fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
volsnap fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
cdfs fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
dump_dumpata fver =  pver =
tdx fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
TDI fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
aswTdi fver =  pver =
afd fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
aswRdr fver =  pver =
netbt fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
wfplwf fver =  pver =
pacer fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
netbios fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
wanarp fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
termdd fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
rdbss fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
nsiproxy fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
mssmbios fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
ElbyCDIO fver =  pver =
discache fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
mouclass fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
VClone fver =  pver =
SCSIPORT fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
WudfPf fver =  pver =
raspptp fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
rassstp fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
kbdclass fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
csc fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
dfsc fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
blbdrive fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
aswSP fver =  pver =
tunnel fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
intelppm fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
yk62x86 fver =  pver =
1394ohci fver =  pver =
AgileVpn fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
rasl2tp fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
ndiswan fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
raspppoe fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
rdpbus fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
swenum fver =  pver =
atikmdag fver =  pver =
dxgkrnl fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
dxgmms1 fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
usbuhci fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
USBPORT fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
usbehci fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
HDAudBus fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
fdc fver =  pver =
ASACPI fver =  pver =
CompositeBus fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
ndistapi fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
aswMonFlt fver =  pver =
aswFsBlk fver =  pver =
usbprint fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
ks fver =  pver =
umbus fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
usbhub fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
flpydisk fver =  pver =
NDProxy fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
HdAudio fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
portcls fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
drmk fver =  pver =
hidusb fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
HIDCLASS fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
HIDPARSE fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
USBD fver =  pver =
Dxapi fver =  pver =
kbdhid fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
mouhid fver =  pver =
USBSTOR fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
monitor fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
luafv fver =  pver =
crashdmp fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
cdd fver =  pver =
win32k fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
TSDDD fver =  pver =
rspndr fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
fastfat fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
HTTP fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
bowser fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
mpsdrv fver =  pver =
mrxsmb fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
mrxsmb10 fver =  pver =
mrxsmb20 fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
WUDFRd fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
peauth fver =  pver =
secdrv fver =  pver =
srvnet fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
tcpipreg fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
srv2 fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385
srv fver = 6.1.7600.16385 (win7_rtm.090713-1255) pver = 6.1.7600.16385

[/font]


----------



## nicnicman

*Re: MemTest86*

No, I'm sorry I should have mentioned I only had one RAM stick in at the time of the test. I can test again with both sticks.


----------



## nicnicman

*Re: MemTest86*

The processor is a 3GHz Intel Core2 Quad Q9650. I haven't done any overclocking. 

Isn't ASACPI.sys a motherboard driver. How can I safely remove it?

Yes I do have a Lexmark printer.

The Sansa updater updates the firmware on an mp3 player.

I do have an external SimpleTech drive that is sometimes difficult to access; It takes a while to access the files.

No I didn't run the upgrade advisor.

When I do install Windows again I will run the advisor. Also I will avoid the Virtual device software until I discover the source(s) of these issues. Do you have any other recommendations? How can use the motherboard without the ASACPI.sys file.

Thanks for all the help.


----------



## Wrench97

*Re: MemTest86*

ASACPI.sys is for the Asus AI booster(software overclocking program) If you wipe the drive and reinstall Win 7 don't use the Asus drivers just the MS versions and see what you get.


----------



## nicnicman

*Re: MemTest86*

I was hoping to overclock after I got this all figured out but I can probably find another overclocking program. 

Thanks for the suggestions.


----------



## Wrench97

*Re: MemTest86*

You can still overclock In the Bios which is the best way AI tweaker or AI booster can be a real PITA.


----------



## nicnicman

*Re: MemTest86*

Okay sounds good. Thanks again.


----------



## nicnicman

*Re: MemTest86*

Recently got a 3 more BSOD errors and few of the "Display drive has stopped working and has successfully recovered" errors. This error only seems to occur while using one specific application. 

One of the BSOD errors seems new.

PFN_LIST_CORRUPT
Technical information:
***STOP: 0X0000004E (0X00000099, 0X0004B38D, 0X00000000, 0X000C388D)

I'm now running 2 sticks of RAM. I don't seem to see as many BSODs when I run the sticks in two specific slot. Right now I'm running them in the slots that seem to throw the most BSODs.


----------



## Wrench97

*Re: MemTest86*

For 2 dimms they should be in slots A2 & B2


----------



## nicnicman

*Re: MemTest86*

In A2 and b2 the system seems more stable. It's when there in A1 and B1 that I seem to get the most BSODs. Do you know if the A1 B1 configuration is known to throw BSODs similar to the ones I've been getting?

Thanks


----------



## Wrench97

*Re: MemTest86*

A2 and B2 are the recommended config I'm sure there is a reason, normally it's the slot closest to the CPU but not on this board even the single Dimm recommendation is the B2 the slot farthest from the CPU.


----------



## nicnicman

*Re: MemTest86*

Yeah, I'll run them in the recommended slots and see if I still get any BSODs. I just hope I don't get the BSODs when running all 4 sticks.

Thanks again


----------



## nicnicman

*Re: MemTest86*

Ran the computer all day today with 2 sticks in the recommended slots with no BSODs. Do you suppose that testing the sticks with MemTest while they weren't in the recommended slots might throw the test off? 

Also, this message still comes up from time to time:

"Display driver has stopped responding and has recovered"

The error also specifically mentions the Nvidia driver v.185.855.
The screen flickering is also still present. Maybe this should be posted elsewhere?

Anyway thanks for all your help jcgriff2 and wrench97.


----------



## Wrench97

*Re: MemTest86*

If the sticks when tested were not in the correct slots it could cause the errors.

Uninstall the video driver completely using driver sweeper to get all the bits removed boot into safe or vga mode disable any antivirus/malware protection and try the latest 191 driver> http://www.nvidia.com/Download/Find.aspx?lang=en-us

Driver sweeper> http://downloads.guru3d.com/Guru3D---Driver-Sweeper-(Setup)_d1655.html


----------



## hakazulu

*Re: MemTest86*

Firs flash bios and reset bios parameters , clean slots and memory modules, test every module separate for a 24h and if every of it works problem is with matherboard she dont work with two modules fine, or somethimes cant be problem with vendor...


----------



## nicnicman

*Re: MemTest86*

@wrench97 While working with Nvidia customer support I tried sweeping and reinstalling with a number of drivers. None resolved the flickering issues. After informing them of the number of BSODs I have encountered Nvidia also recommends Windows reinstall, Bios update and updated chipset drivers.

@hakazulu I will reinstall Windows update the BIOS and test again.

Thanks for the responses.


----------



## Wrench97

*Re: MemTest86*

Let us know how it goes.


----------



## nicnicman

*Re: MemTest86*

After many reinstalls of Win7 I still have not been able to get a stable system working.

The first symptom that each install shows are two warnings in the event viewer:

Event ID: 11 
Source: RPC
Possible Memory Leak. Application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 1052) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3f31c91e-2545-4b7b-9311-9529e8bffef6}), Method number (10). User Action: Contact your application vendor for an updated version of the application.

Event ID: 1008
Source: Search
The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}. 

Over time the system begins randomly freezing, slowing, and crashing. Both firefox and explorer become prone to crashes. BSODs include REFERENCE_BY_POINTER, IRQL_NOT_LESS_OR_EQUAL, and KERNEL_MODE_EXCEPTION. 

Using BlueScreenView I have found that all BSODs are caused by one or a combination of ntkrnlpa.exe, win32.sys, and halmacpi.dll

Some steps I've tried are; swapping and testing RAM, swapping video card, updating BIOS and chipset drivers, and running with only Windows provided drivers.

Not sure what is going on here but I'm hoping someone can help.

Thanks everybody


----------



## Wrench97

*Re: MemTest86*

Still "Feels" like a ram issue to me, but lets test the hard drive to rule that out Use the drive manufacturers bootable diagnostic utility to test the drive Seagate> Sea tools of Dos> http://www.seagate.com/ww/v/index.j...toid=720bd20cacdec010VgnVCM100000dd04090aRCRD

WD> http://support.wdc.com/product/download.asp?lang=en


----------



## nicnicman

*Re: MemTest86*

Wrench I believe you were right. It was the RAM all along. 

It's strange that when tested overnight MemTest came up with no errors on numerous occasions, but the system would consistently throw errors in Windows. I suppose that maybe it needed to be tested for a longer amount of time. Anyway, after replacing the RAM the errors seemed to magically disappear, although it did freeze up on me yesterday. 

I'm still tinkering with RAM, RMAs and the Nvidia video card drivers but the system is running smoothly. I'd like to run Win7 64 bit with 8GB of RAM once I get 4 sticks that work! Also, because the Nvidia drivers cause the screen to flicker occasionally I am running the Windows drivers. This might be caused by my older dell monitor? 

Thanks for all your help Wrench and everyone else who took the time to post.


----------



## Wrench97

*Re: MemTest86*

The screen flickering and nvidia driver errors may be a sign of a failing or underpowered card, your running a Quadro card? what PSU do you have?


----------



## nicnicman

*Re: MemTest86*

It's a Nvidia Quadro FX4500 and a Corsair TX 650W PSU. It only flickers when the Nvidia drivers are installed.


----------



## nicnicman

*Re: MemTest86*

I realize this thread is a year old but I just wanted to update. After a lot of trial and error with RAM on this machine I decided the memory controller had to be bad so RMAed the motherboard. It turns out all my issues were being caused by the motherboard and ASUS offered to replace it with another board. 

It's too bad because I sent back a lot of Mushkin RAM thinking it was the problem. Sorry Mushkin!

Once I get the new board I will work on the video issues I was having.


----------



## Wrench97

*Re: MemTest86*

Good to hear Asus is sending you another board, did they have you run any tests on the controller?


----------



## inphoenix

*Re: MemTest86*

Wow, reading this thread I had to check if I was the OP!! I have been having these issues with my system. Here is my thread.

[URL="http://www.techsupportforum.com/f210/solved-memtest-error-corsair-ram-with-gigabyte-ga-ep43-ud3l-board-535275.html"][url]http://www.techsupportforum.com/f210/solved-memtest-error-corsair-ram-with-gigabyte-ga-ep43-ud3l-board-535275.html[/URL][/URL]

My new PSU and video card will be delievered today. If I get another BSOD I am going to RMA the board. 

Please update when you put in the new board and if that resolves the issues.


----------



## nicnicman

*Re: MemTest86*

Wrench, one of their techs also suspected the controller but they did not have me perform any tests personally. Nor did they tell me the specific failure. I am curious though. I'll try to find out.

btw, they offered to send me a Rampage 3 Extreme to replace my existing Rampage Extreme. I declined the offer so I'll have to wait and see if they can locate my original model. See thread: http://www.techsupportforum.com/f15/asus-rma-offeres-new-board-should-i-take-it-536454.html

inphoenix, Muskin had to be getting irritated with me; I must have sent back a 1/2 dozen pairs of RAM. Guess I really wanted to be sure! btw Muskin is a great company with great customer service.


----------



## nicnicman

*Re: MemTest86*

Just finished a livesupport chat session with Asus. The tech said this: "ok it shows that they tryed to replace the the chip set on this board but was not able to repair the board"

Thats all the info I got before I was disconnected for the second time.


----------



## nicnicman

*Re: MemTest86*

Wrench97, how would one go about testing the memory controller?


----------



## Wrench97

*Re: MemTest86*

I'm not sure how you test it in the field, the manufacturers have high dollar equipment that can test different chips through serial ports. I was hopping they had developed a software program for testing


----------



## nicnicman

*Re: MemTest86*



wrench97 said:


> I'm not sure how you test it in the field, the manufacturers have high dollar equipment that can test different chips through serial ports. I was hopping they had developed a software program for testing


Yeah, that would be nice.


----------



## nicnicman

*Re: MemTest86*

Asus ended up sending me a Rampage 3 Extreme to replace the Rampage Extreme. I upgraded the processor to an i7-950 but I'm still using the same RAM and video card and everything seems very stable. 

Well it's been a long road but the new board is beautiful and the processor is smoking fast. 

Thanks for the help everyone.


----------



## Wrench97

*Re: MemTest86*

Good to hear it all worked out in the end, Thanks for letting us know


----------

