# Vista boot time increasing.... help get it back to normal?



## sk1er18 (Sep 6, 2008)

I have Vista 64 and 4gigs of ram.

When I first got this computer (and up until recently) it would boot extremely fast:
Blue Hp screen
DOS dash
Windows Corp load bar
and then Vista login screen

Now this is the sequence:
Blue Hp screen
DOS dash
Windows Corp load bar
then BLACK screen with mouse pointer in the middle
.
.
.
about a minute and a half later the Vista login screen.



I've gone into the system performance and there are no 'startup' issues or recommendations. 

Advice/Recommendations welcome and appreciated.


Non-Windows items installed:
ESET NOD32
Acronis True Image 11
Using USB mouse & Keyboard



Note: I noticed one time that my computer would not boot and that I had my external hard drive plugged in. I thought that was the issue so now I leave it unplugged when I start the computer up.


Thanks


----------



## jcgriff2 (Sep 30, 2007)

Hi. . .

Welcome.

I would like for you to re-boot the do the following - 

Please click on the Live SysInternals AutoRuns link below in my sig area. Save it to desktop. Then download the attached zip file and extract the lone batch file to your desktop. Go to your desktop, *right-click *on the batch file and select run as administrator. You will see the black "DOS" screen appear and scroll followed by the green status bar. It will take a few minutes to run. It will dump the app and system logs, run AutoRuns, msinfo32 and dxdiag. The output will be in a new folder found within your documents folder named TSF_Vista_Support.

It is imperative that you download AutoRuns 1st - or the job will fail.

Zip the contents of the new folder up and attach to your next post.

Any ? - please let me know.

Regards. . .

jcgriff2


----------



## sk1er18 (Sep 6, 2008)

Hey man thanks for your help, i appreciate it! (btw im from NJ too)

Attached is the zip folder.

This also may help:
I clicked 'restart' to reboot my computer and there was absolutely NO delay (maybe 3 seconds which seems normal). So I shut my computer down and waited a minute or so. Then i started my computer back up and time a 1 minute and 10 second delay between the windows corporation load bar and the login screen. 

So i guess whatever the difference is between a restart and shutdown/reboot might be the issue.. or it could be random :4-dontkno

Thanks again!


----------



## jcgriff2 (Sep 30, 2007)

Hi. . .

Nice to meet some from from the Great State of New Jersey!

Some items that I found in the app and sys logs - not sure of the meaning of the 1st - 


```
Event[9]:
  Log Name: Application
  Source: IAANTmon
  Date: 2008-09-06T14:21:25.000
  Event ID: 7500
  Task: N/A
  Level: Information
  Opcode: N/A
  Keyword: Classic
  User: N/A
  User Name: N/A
  Computer: Matt-PC
  Description: 
Intel RAID Controller: Intel(R) ICH8R/ICH9R SATA RAID Controller
Number of Serial ATA ports: 6
 
RAID Option ROM Version: 7.5.0.1017
Driver Version: 7.6.0.1011
RAID Plug-In Version: 7.6.0.1011
Language Resource Version of the RAID Plug-In: File not found
Create Volume Wizard Version: 7.6.0.1011
Language Resource Version of the Create Volume Wizard: File not found
Create Volume from Existing Hard Drive Wizard Version: 7.6.0.1011
Language Resource Version of the Create Volume from Existing Hard Drive Wizard: File not found
Modify Volume Wizard Version: 7.6.0.1011
Language Resource Version of the Modify Volume Wizard: File not found
Delete Volume Wizard Version: 7.6.0.1011
Language Resource Version of the Delete Volume Wizard: File not found
ISDI Library Version: 7.6.0.1011
Event Monitor User Notification Tool Version: 7.6.0.1011
Language Resource Version of the Event Monitor User Notification Tool: File not found
Event Monitor Version: 7.6.0.1011
 
Hard Drive 0
Usage: Non-RAID hard drive
Status: Normal
Device Port: 0
Device Port Location: Internal
Current Serial ATA Transfer Mode: Generation 2
Model: ST3750640AS
Serial Number: 5QD5E500
Firmware: 3.CHN
Native Command Queuing Support: Yes
System Hard Drive: Yes
Size: 698.6 GB
Physical Sector Size: 512 Bytes
Logical Sector Size: 512 Bytes
 
Unused Port 0
Device Port: 2
Device Port Location: Internal
 
Unused Port 1
Device Port: 3
Device Port Location: Internal
 
Unused Port 2
Device Port: 4
Device Port Location: Internal
 
Unused Port 3
Device Port: 5
Device Port Location: Internal
 
CD/DVD Drive 0
Device Port: 1
Device Port Location: Internal
Current Serial ATA Transfer Mode: Generation 1
Model: HL-DT-ST DVD-RAM GH10L
Serial Number: K6983FF5320
Firmware: FC09
```

*Disable the hpqddsvc service - services.msc*

```
Event[55]:
  Log Name: Application
  Source: Windows Error Reporting
  Date: 2008-09-06T10:52:41.000
  Event ID: 1001
  Task: N/A
  Level: Information
  Opcode: Info
  Keyword: Classic
  User: N/A
  User Name: N/A
  Computer: Matt-PC
  Description: 
Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0

Problem signature:
P1: hpqddsvc
P2: hpqddsvc.dll
P3: 100.0.190.0
P4: 20
P5: 2
P6: 
P7: 
P8: 
P9: 
P10: 

Attached files:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report09e9ac35\WERA8CC.tmp.version.txt
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report09e9ac35\WERA94A.tmp.mdmp

These files may be available here:
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Report0461c908
```

*This service is hanging on boot-up - another HP - check services.msc*

```
Event[26]:
  Log Name: System
  Source: Service Control Manager
  Date: 2008-09-06T14:21:39.000
  Event ID: 7022
  Task: N/A
  Level: Error
  Opcode: N/A
  Keyword: Classic
  User: N/A
  User Name: N/A
  Computer: Matt-PC
  Description: 
The HP CUE DeviceDiscovery Service service hung on starting.
```

.


I calculate a boot-up time of 1 min 45 seconds - until Norton comes in then stalls the process for 1 min 40 sec. NIS is notorious for this. Norton A/V is fine - but I would not use the Norton firewall.

My suggestion is that you remove Norton using the Norton removal tool - click on the Norton RT link in my sig area, download it and save it to your desktop. Go to desktop, right-click on it and run as administrator. 

After completion, reset the Windows Firewall to its default settings - 
START | type FirewallSettings.exe into the start search box | click on FirewallSettings.exe above | select the Advanced Tab | click on "Restore Defaults" | Click Apply (if hilighted) | Click OK

See if this make any difference.

Regards. . .

jcgriff2

.


----------



## sk1er18 (Sep 6, 2008)

Thanks for the help. 

How do I disable the HP check services?

One of the first things I did when I bought this computer was to get rid of Norton. That program is long gone. I now use ESET NOD32 as my AV and Windows Defenders/Windows Firewall.


----------



## jcgriff2 (Sep 30, 2007)

Hi. . .

Did you run the Norton Removal Tool? You mentioned you got rid of Norton post haste, but your system logs clearly show a portion still running.

Also, after running the removal tool, reset the Windows Firewall as I mentioned.

To disable any service, click on START and type services.msc - then look for the service in question, double-click on it and another screen will appear. Change the start-up to disable. Click APPLY, then OK.

Regards. . .

jcgriff2

.


----------



## sk1er18 (Sep 6, 2008)

I did use a Norton removal tool, but maybe it wasn't a good one so ill try your link when I get home from work today.

Ill also disable the services and reset the firewall as you have instructed.

Thanks again for your help.


----------



## sk1er18 (Sep 6, 2008)

jcgriff2 said:


> Hi. . .
> 
> Did you run the Norton Removal Tool? You mentioned you got rid of Norton post haste, but your system logs clearly show a portion still running.
> .



By any chance can you tell what version of Norton has processes running? The computer is only a couple of months old so I would imagine it had a 2008 version, but im not 100% certain. And i dont want to run the incorrect removal tool and potentially cause other issues...


----------



## jcgriff2 (Sep 30, 2007)

Hi - 

Select the 2008 - believe it or not - they are all the same!

JC

.


----------



## sk1er18 (Sep 6, 2008)

Cool thanks man.

I just ran the Norton RT tool. 

Also I found out that the 2nd and 3rd events you listed were the same service: hpqddsvc is the HP CUE Device Discovery service that was listed in the 3rd event. So I disabled it in the services.msc

On my desktop I now have Autoruns/ sk1er18 batch file/ and Norton RT. Can those 3 items be right click ---> Delete or is any uninstalling necessary?

Shut down my computer twice in a row to see if it would hang and both time is started up in ~ 40 seconds total (the minute long wait was reduced to 10 seconds). So hopefully it stays like this so I dont have to bug you anymore :grin:

Thanks again ray::4-cheers:


----------



## jcgriff2 (Sep 30, 2007)

Hi M- 

I never mind being "bugged" - ask away antime. You are always welcome to come back and start a new thread for a new issue.

Glad to hear that this slow boot-up has been solved for you.

Isn't is so nice that HP does these nice things for us? It is too bad that they place services in new systems that they know damn well are a problem - whether it be HP programs or worse - Norton.

Good Luck to you.

Regards. . .

JC

.


----------



## sk1er18 (Sep 6, 2008)

*Re: [SOLVED] Vista boot time increasing.... help get it back to normal?*

 started the computer after work today and it took forever again

:sigh:

any other suggestions?:4-dontkno


----------



## jcgriff2 (Sep 30, 2007)

*Re: [SOLVED] Vista boot time increasing.... help get it back to normal?*

Hi. . .

Sorry to hear of the increase once again in boot-up time.

Please re-run the batch file from my previous post - zip up the folder and attach to your next post.

http://www.techsupportforum.com/mic...reasing-help-get-back-normal.html#post1690794

Also, I'd like a Vista System Health report in HTML format. Please do the following:
START | type cmd.exe into the start search box | right-click on cmd.exe | select Run as Administrator | the black cmd prompt (DOS) screen will appear - type the following:

```
[size=3]
perfmon /report

[/size]
```
It will take about a minute to run... then save it as an HTML file - you will see the default HTML file extension when you go to save it.

Please add this to the zip file - or zip it up seperately and attach.

Regards. . .

jcgriff2

.


----------



## sk1er18 (Sep 6, 2008)

*Re: [SOLVED] Vista boot time increasing.... help get it back to normal?*

Here's the zip folder with both of the requested files.

Thanks man.

There should be a lot less running in the background this time. Last night I turned off all the non-necessary boot apps...


----------



## jcgriff2 (Sep 30, 2007)

Hi. . .

While reviewing the files you sent, I noticed that you had a BSOD on September 8, 2008, 0228 hours. you may not have known about it if the system restarted (or are you holding out on me?? ...kidding !!).

Please get that dump file - it s/b in c:\windows\minidump. Zip it up and attach.

Also, I found these entries in wercon/msinfo32 but cannot read them due to encryption. Please look at wercon and see what they are - 
START | type wercon.exe and hit enter

Scroll to the right here and you can see the BSOD entry -

```
9/10/2008 12:02 AM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/10/2008 10:01 PM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/10/2008 10:01 PM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/9/2008 9:30 PM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/9/2008 10:50 AM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/8/2008 9:44 PM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
[color=red]9/8/2008 2:29 AM	Windows Error Reporting	Fault bucket X64_0xc2_7_None_eamon+1ff5, type 0
Event Name: [color=blue]BlueScreen[/color]
&#x[/color]
9/8/2008 2:28 AM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0[/color]
9/8/2008 11:09 AM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/7/2008 5:04 PM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/7/2008 4:11 AM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/7/2008 12:25 PM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/6/2008 6:34 PM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/6/2008 2:52 PM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/6/2008 2:31 AM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/6/2008 2:03 PM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/5/2008 5:35 PM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/5/2008 5:35 PM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/5/2008 5:35 PM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/5/2008 11:12 AM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/5/2008 10:22 PM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/5/2008 10:05 PM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/5/2008 10:01 PM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
9/4/2008 11:28 PM	Windows Error Reporting	Fault bucket 111712637, type 5
Event Name: ServiceHang
Response: None
Cab Id: 0
```
.

Regards. . .

jcgriff2

.


----------



## sk1er18 (Sep 6, 2008)

lol yea at 2:30 AM i was probably sleeping so i didnt know my computer restarted 

The dump file is attached to this post.

I also opened up Wercon but im not exactly sure what im looking at....
I do see a lot of instances of the hpqddsvc hanging on startup though (last occurance was on 9/10 but i have still had the long boot since then).


----------



## jcgriff2 (Sep 30, 2007)

Hi M - 

I ran the dump - 

Bugcheck = 0x000000c2 (0x7, 0x110b, 0x4020008, 0xfffffa80087b3b70), listing the probable cause as the ESET driver eamon.sys - timestamp *Tue Jun 10 12:42:25 2008*.

0xc2 = Bad Pool Caller. The current thread attempted to free the pool, which was already freed. This is a driver trying to free (release) memory that already has been freed.

ESET is a dman good product - I use it myself - but just the anti-virus - are you running the ESET firewall?

I have gone through most of the 15,000 event viewer entries and found ones like this - something is preventing system services/drivers from loading and I believe hanging the system:

```
Event[367]:
  Log Name: System
  Source: Service Control Manager
  Date: 2008-09-11T21:18:40.000
  Event ID: 7026
  Task: N/A
  Level: Error
  Opcode: N/A
  Keyword: Classic
  User: N/A
  User Name: N/A
  Computer: Matt-PC
  Description: 
The following boot-start or system-start driver(s) failed to load: 
AFD
DfsC
easdrv
epfwtdir
i8042prt
NetBIOS
netbt
nsiproxy
PSched
RasAcd
rdbss
Smb
spldr
tdx
Wanarpv6
```
`

I do need to kinow the version of ESET you are using - A/V or Internet Security???

Regards. . .

jcgriff2

.


`

`

*SYSTEM SPECS*

```
Operating System: Windows Vista™ Home Premium (6.0, Build 6001) Service Pack 1 (6001.vistasp1_gdr.080425-1930)
           Language: English (Regional Setting: English)
System Manufacturer: HP-Pavilion
       System Model: KJ376AA-ABA m8430f
               BIOS: BIOS Date: 03/28/08 16:53:51 Ver: 5.22
          Processor: Intel(R) Core(TM)2 Quad CPU    Q6600  @ 2.40GHz (4 CPUs), ~2.4GHz
             Memory: 4094MB RAM
          Page File: 1217MB used, 7146MB available
```
.

*dbug output*

```
Microsoft (R) Windows Debugger Version 6.9.0003.113 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [A:\D\#Dumps\sk1er18_Vista_09-06-08_SLOW_boot\Mini090708-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows Server 2008 Kernel Version 6001 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6001.18063.amd64fre.vistasp1_gdr.080425-1930
Kernel base = 0xfffff800`01c12000 PsLoadedModuleList = 0xfffff800`01dd7db0
Debug session time: Sun Sep  7 22:24:04.680 2008 (GMT-4)
System Uptime: 0 days 9:33:18.331
Loading Kernel Symbols
............................................................................................................................................................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck C2, {7, 110b, 4020008, fffffa80087b3b70}

Unable to load image eamon.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for eamon.sys
*** ERROR: Module load completed but symbols could not be loaded for eamon.sys
GetPointerFromAddress: unable to read from fffff80001e3b080
Probably caused by : eamon.sys ( eamon+1ff5 )

Followup: MachineOwner
---------

2: kd> !analyze -v;r;kv;lmtn
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

BAD_POOL_CALLER (c2)
The current thread is making a bad pool request.  Typically this is at a bad IRQL level or double freeing the same allocation, etc.
Arguments:
Arg1: 0000000000000007, Attempt to free pool which was already freed
Arg2: 000000000000110b, (reserved)
Arg3: 0000000004020008, Memory contents of the pool block
Arg4: fffffa80087b3b70, Address of the block of pool being deallocated

Debugging Details:
------------------


POOL_ADDRESS:  fffffa80087b3b70 

FREED_POOL_TAG:  None

BUGCHECK_STR:  0xc2_7_None

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  svchost.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from fffff80001d46f98 to fffff80001c67390

STACK_TEXT:  
fffffa60`0b990588 fffff800`01d46f98 : 00000000`000000c2 00000000`00000007 00000000`0000110b 00000000`04020008 : nt!KeBugCheckEx
fffffa60`0b990590 fffffa60`09c04ff5 : fffffa80`08c4f620 00000000`00000040 fffffa80`08cd3690 00000000`00000040 : nt!ExDeferredFreePool+0x902
fffffa60`0b990640 fffffa80`08c4f620 : 00000000`00000040 fffffa80`08cd3690 00000000`00000040 fffffa80`08f74fb8 : eamon+0x1ff5
fffffa60`0b990648 00000000`00000040 : fffffa80`08cd3690 00000000`00000040 fffffa80`08f74fb8 fffffa60`09c074dd : 0xfffffa80`08c4f620
fffffa60`0b990650 fffffa80`08cd3690 : 00000000`00000040 fffffa80`08f74fb8 fffffa60`09c074dd 00000000`00000000 : 0x40
fffffa60`0b990658 00000000`00000040 : fffffa80`08f74fb8 fffffa60`09c074dd 00000000`00000000 00000000`00000000 : 0xfffffa80`08cd3690
fffffa60`0b990660 fffffa80`08f74fb8 : fffffa60`09c074dd 00000000`00000000 00000000`00000000 00000000`00000801 : 0x40
fffffa60`0b990668 fffffa60`09c074dd : 00000000`00000000 00000000`00000000 00000000`00000801 00000000`00000000 : 0xfffffa80`08f74fb8
fffffa60`0b990670 00000000`00000000 : 00000000`00000000 00000000`00000801 00000000`00000000 fffffa80`08f74f20 : eamon+0x44dd
fffffa60`0b990678 00000000`00000000 : 00000000`00000801 00000000`00000000 fffffa80`08f74f20 fffff800`00000030 : 0x0
fffffa60`0b990680 00000000`00000801 : 00000000`00000000 fffffa80`08f74f20 fffff800`00000030 00000000`00000000 : 0x0
fffffa60`0b990688 00000000`00000000 : fffffa80`08f74f20 fffff800`00000030 00000000`00000000 00000000`00000000 : 0x801
fffffa60`0b990690 fffffa80`08f74f20 : fffff800`00000030 00000000`00000000 00000000`00000000 00000000`00000040 : 0x0
fffffa60`0b990698 fffff800`00000030 : 00000000`00000000 00000000`00000000 00000000`00000040 00000000`00000000 : 0xfffffa80`08f74f20
fffffa60`0b9906a0 00000000`00000000 : 00000000`00000000 00000000`00000040 00000000`00000000 fffffa80`08c4f620 : 0xfffff800`00000030
fffffa60`0b9906a8 00000000`00000000 : 00000000`00000040 00000000`00000000 fffffa80`08c4f620 00000000`00000000 : 0x0
fffffa60`0b9906b0 00000000`00000040 : 00000000`00000000 fffffa80`08c4f620 00000000`00000000 fffffa80`08f74f20 : 0x0
fffffa60`0b9906b8 00000000`00000000 : fffffa80`08c4f620 00000000`00000000 fffffa80`08f74f20 fffffa80`08cd3690 : 0x40
fffffa60`0b9906c0 fffffa80`08c4f620 : 00000000`00000000 fffffa80`08f74f20 fffffa80`08cd3690 fffffa80`08f74fb8 : 0x0
fffffa60`0b9906c8 00000000`00000000 : fffffa80`08f74f20 fffffa80`08cd3690 fffffa80`08f74fb8 fffffa80`05f90010 : 0xfffffa80`08c4f620
fffffa60`0b9906d0 fffffa80`08f74f20 : fffffa80`08cd3690 fffffa80`08f74fb8 fffffa80`05f90010 00000000`00000040 : 0x0
fffffa60`0b9906d8 fffffa80`08cd3690 : fffffa80`08f74fb8 fffffa80`05f90010 00000000`00000040 fffff800`01eef293 : 0xfffffa80`08f74f20
fffffa60`0b9906e0 fffffa80`08f74fb8 : fffffa80`05f90010 00000000`00000040 fffff800`01eef293 00000000`00000005 : 0xfffffa80`08cd3690
fffffa60`0b9906e8 fffffa80`05f90010 : 00000000`00000040 fffff800`01eef293 00000000`00000005 00000000`00000005 : 0xfffffa80`08f74fb8
fffffa60`0b9906f0 00000000`00000040 : fffff800`01eef293 00000000`00000005 00000000`00000005 00000000`00000040 : 0xfffffa80`05f90010
fffffa60`0b9906f8 fffff800`01eef293 : 00000000`00000005 00000000`00000005 00000000`00000040 fffff880`ffffffff : 0x40
fffffa60`0b990700 fffff800`01ee8f69 : fffffa80`06bed4b0 00000000`00000000 fffffa80`062b2b10 00000000`00000001 : nt!IopParseDevice+0x5e3
fffffa60`0b9908a0 fffff800`01eece54 : 00000000`00000000 fffffa80`08a86d01 00000000`00000040 00000000`00000000 : nt!ObpLookupObjectName+0x5eb
fffffa60`0b9909b0 fffff800`01ef9400 : 00000000`00100001 00000000`03e6e1e8 fffffa80`05b9d601 00000000`00000005 : nt!ObOpenObjectByName+0x2f4
fffffa60`0b990a80 fffff800`01ed5c0c : 00000000`03e6e1a0 fffff800`00100001 fffffa80`00000000 00000000`03e6e218 : nt!IopCreateFile+0x290
fffffa60`0b990b20 fffff800`01c66e33 : fffff880`06f7a8e0 fffffa80`062e8bb0 00000000`00000474 fffff800`01ee63d4 : nt!NtOpenFile+0x58
fffffa60`0b990bb0 00000000`770c5daa : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`03e6e118 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x770c5daa


STACK_COMMAND:  kb

FOLLOWUP_IP: 
eamon+1ff5
fffffa60`09c04ff5 ??              ???

SYMBOL_STACK_INDEX:  2

SYMBOL_NAME:  eamon+1ff5

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: eamon

IMAGE_NAME:  eamon.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  484eaef1

FAILURE_BUCKET_ID:  X64_0xc2_7_None_eamon+1ff5

BUCKET_ID:  X64_0xc2_7_None_eamon+1ff5

Followup: MachineOwner
---------

rax=0000000004020008 rbx=fffffa80087b3b60 rcx=00000000000000c2
rdx=0000000000000007 rsi=fffffa8008cd3690 rdi=fffffa6009c0c7c8
rip=fffff80001c67390 rsp=fffffa600b990588 rbp=0000000000000040
 r8=000000000000110b  r9=0000000004020008 r10=5000c896934a0008
r11=0000000000000002 r12=fffffa8008c4f620 r13=fffffa80087b3b70
r14=0000000000000000 r15=fffffa8008c4f620
iopl=0         nv up ei pl nz na pe nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00000202
nt!KeBugCheckEx:
fffff800`01c67390 48894c2408      mov     qword ptr [rsp+8],rcx ss:0018:fffffa60`0b990590=00000000000000c2
Child-SP          RetAddr           : Args to Child                                                           : Call Site
fffffa60`0b990588 fffff800`01d46f98 : 00000000`000000c2 00000000`00000007 00000000`0000110b 00000000`04020008 : nt!KeBugCheckEx
fffffa60`0b990590 fffffa60`09c04ff5 : fffffa80`08c4f620 00000000`00000040 fffffa80`08cd3690 00000000`00000040 : nt!ExDeferredFreePool+0x902
fffffa60`0b990640 fffffa80`08c4f620 : 00000000`00000040 fffffa80`08cd3690 00000000`00000040 fffffa80`08f74fb8 : eamon+0x1ff5
fffffa60`0b990648 00000000`00000040 : fffffa80`08cd3690 00000000`00000040 fffffa80`08f74fb8 fffffa60`09c074dd : 0xfffffa80`08c4f620
fffffa60`0b990650 fffffa80`08cd3690 : 00000000`00000040 fffffa80`08f74fb8 fffffa60`09c074dd 00000000`00000000 : 0x40
fffffa60`0b990658 00000000`00000040 : fffffa80`08f74fb8 fffffa60`09c074dd 00000000`00000000 00000000`00000000 : 0xfffffa80`08cd3690
fffffa60`0b990660 fffffa80`08f74fb8 : fffffa60`09c074dd 00000000`00000000 00000000`00000000 00000000`00000801 : 0x40
fffffa60`0b990668 fffffa60`09c074dd : 00000000`00000000 00000000`00000000 00000000`00000801 00000000`00000000 : 0xfffffa80`08f74fb8
fffffa60`0b990670 00000000`00000000 : 00000000`00000000 00000000`00000801 00000000`00000000 fffffa80`08f74f20 : eamon+0x44dd
fffffa60`0b990678 00000000`00000000 : 00000000`00000801 00000000`00000000 fffffa80`08f74f20 fffff800`00000030 : 0x0
fffffa60`0b990680 00000000`00000801 : 00000000`00000000 fffffa80`08f74f20 fffff800`00000030 00000000`00000000 : 0x0
fffffa60`0b990688 00000000`00000000 : fffffa80`08f74f20 fffff800`00000030 00000000`00000000 00000000`00000000 : 0x801
fffffa60`0b990690 fffffa80`08f74f20 : fffff800`00000030 00000000`00000000 00000000`00000000 00000000`00000040 : 0x0
fffffa60`0b990698 fffff800`00000030 : 00000000`00000000 00000000`00000000 00000000`00000040 00000000`00000000 : 0xfffffa80`08f74f20
fffffa60`0b9906a0 00000000`00000000 : 00000000`00000000 00000000`00000040 00000000`00000000 fffffa80`08c4f620 : 0xfffff800`00000030
fffffa60`0b9906a8 00000000`00000000 : 00000000`00000040 00000000`00000000 fffffa80`08c4f620 00000000`00000000 : 0x0
fffffa60`0b9906b0 00000000`00000040 : 00000000`00000000 fffffa80`08c4f620 00000000`00000000 fffffa80`08f74f20 : 0x0
fffffa60`0b9906b8 00000000`00000000 : fffffa80`08c4f620 00000000`00000000 fffffa80`08f74f20 fffffa80`08cd3690 : 0x40
fffffa60`0b9906c0 fffffa80`08c4f620 : 00000000`00000000 fffffa80`08f74f20 fffffa80`08cd3690 fffffa80`08f74fb8 : 0x0
fffffa60`0b9906c8 00000000`00000000 : fffffa80`08f74f20 fffffa80`08cd3690 fffffa80`08f74fb8 fffffa80`05f90010 : 0xfffffa80`08c4f620
start             end                 module name
fffff800`01c12000 fffff800`0212a000   nt       ntkrnlmp.exe Sat Apr 26 01:56:07 2008 (4812C3F7)
fffff800`0212a000 fffff800`02170000   hal      hal.dll      Sat Jan 19 02:55:25 2008 (4791ACED)
fffff960`00030000 fffff960`002e1000   win32k   win32k.sys   Thu Feb 28 23:46:45 2008 (47C78E35)
fffff960`004c0000 fffff960`004ca000   TSDDD    TSDDD.dll    Sat Jan 19 01:42:04 2008 (47919BBC)
fffff960`00650000 fffff960`00661000   cdd      cdd.dll      Sat Jan 19 02:54:15 2008 (4791ACA7)
fffffa60`0060f000 fffffa60`00619000   kdcom    kdcom.dll    Sat Jan 19 02:58:25 2008 (4791ADA1)
fffffa60`00619000 fffffa60`00646000   mcupdate mcupdate.dll Sat Jan 19 02:56:17 2008 (4791AD21)
fffffa60`00646000 fffffa60`0065a000   PSHED    PSHED.dll    Sat Jan 19 02:58:13 2008 (4791AD95)
fffffa60`0065a000 fffffa60`006b7000   CLFS     CLFS.SYS     Sat Jan 19 00:53:58 2008 (47919076)
fffffa60`006b7000 fffffa60`00769000   CI       CI.dll       Fri Feb 22 00:20:54 2008 (47BE5BB6)
fffffa60`00769000 fffffa60`007cf000   volmgrx  volmgrx.sys  Sat Jan 19 01:29:45 2008 (479198D9)
fffffa60`007cf000 fffffa60`007f2000   drmk     drmk.sys     Sat Jan 19 02:20:04 2008 (4791A4A4)
fffffa60`0080f000 fffffa60`008e9000   Wdf01000 Wdf01000.sys Sat Jan 19 01:33:27 2008 (479199B7)
fffffa60`008e9000 fffffa60`008f7000   WDFLDR   WDFLDR.SYS   Sat Jan 19 01:32:33 2008 (47919981)
fffffa60`008f7000 fffffa60`0094d000   acpi     acpi.sys     Sat Jan 19 01:02:45 2008 (47919285)
fffffa60`0094d000 fffffa60`00956000   WMILIB   WMILIB.SYS   Sat Jan 19 01:33:45 2008 (479199C9)
fffffa60`00956000 fffffa60`00960000   msisadrv msisadrv.sys Sat Jan 19 01:02:50 2008 (4791928A)
fffffa60`00960000 fffffa60`00990000   pci      pci.sys      Sat Jan 19 01:02:57 2008 (47919291)
fffffa60`00990000 fffffa60`009a5000   partmgr  partmgr.sys  Sat Jan 19 01:29:14 2008 (479198BA)
fffffa60`009a5000 fffffa60`009b9000   volmgr   volmgr.sys   Sat Jan 19 01:29:12 2008 (479198B8)
fffffa60`009b9000 fffffa60`009cc000   mountmgr mountmgr.sys Sat Jan 19 01:28:01 2008 (47919871)
fffffa60`009cc000 fffffa60`009f8000   CLASSPNP CLASSPNP.SYS Sat Jan 19 01:28:53 2008 (479198A5)
fffffa60`00a05000 fffffa60`00b08000   iastor   iastor.sys   Thu Jul 12 19:14:09 2007 (4696B5C1)
fffffa60`00b08000 fffffa60`00b4e000   fltmgr   fltmgr.sys   Sat Jan 19 00:54:10 2008 (47919082)
fffffa60`00b4e000 fffffa60`00b62000   fileinfo fileinfo.sys Sat Jan 19 01:05:23 2008 (47919323)
fffffa60`00b62000 fffffa60`00be7000   ksecdd   ksecdd.sys   Sat Jan 19 01:16:38 2008 (479195C6)
fffffa60`00be7000 fffffa60`00bf7000   umbus    umbus.sys    Sat Jan 19 01:34:16 2008 (479199E8)
fffffa60`00c0d000 fffffa60`00dd0000   ndis     ndis.sys     Sat Jan 19 01:37:13 2008 (47919A99)
fffffa60`00dd0000 fffffa60`00dfc000   ecache   ecache.sys   Sat Jan 19 01:30:39 2008 (4791990F)
fffffa60`00e00000 fffffa60`00e0e000   vga      vga.sys      Sat Jan 19 01:32:21 2008 (47919975)
fffffa60`00e0f000 fffffa60`00e5f000   msrpc    msrpc.sys    Sat Jan 19 01:27:01 2008 (47919835)
fffffa60`00e5f000 fffffa60`00eb7000   NETIO    NETIO.SYS    Sat Jan 19 01:37:27 2008 (47919AA7)
fffffa60`00eb7000 fffffa60`00f67000   timntr   timntr.sys   Wed Aug 29 08:38:23 2007 (46D568BF)
fffffa60`00f67000 fffffa60`00ffb000   tdrpman  tdrpman.sys  Mon Nov 12 08:36:33 2007 (473856E1)
fffffa60`01003000 fffffa60`01177000   tcpip    tcpip.sys    Sat Apr 26 02:33:23 2008 (4812CCB3)
fffffa60`01177000 fffffa60`011a3000   fwpkclnt fwpkclnt.sys Sat Jan 19 01:36:43 2008 (47919A7B)
fffffa60`011a3000 fffffa60`011de000   snapman  snapman.sys  Thu Nov 22 03:19:33 2007 (47453B95)
fffffa60`011de000 fffffa60`011e8000   crcdisk  crcdisk.sys  Sat Jan 19 01:30:12 2008 (479198F4)
fffffa60`01206000 fffffa60`0138a000   Ntfs     Ntfs.sys     Sat Jan 19 00:55:29 2008 (479190D1)
fffffa60`0138a000 fffffa60`013ce000   volsnap  volsnap.sys  Sat Jan 19 01:29:47 2008 (479198DB)
fffffa60`013ce000 fffffa60`013d6000   spldr    spldr.sys    Thu Jun 21 20:57:56 2007 (467B1E94)
fffffa60`013d6000 fffffa60`013e8000   mup      mup.sys      Sat Jan 19 00:54:18 2008 (4791908A)
fffffa60`013e8000 fffffa60`013fc000   disk     disk.sys     Sat Jan 19 01:29:02 2008 (479198AE)
fffffa60`02800000 fffffa60`0289f000   netr7364 netr7364.sys Tue Feb 26 04:17:59 2008 (47C3D947)
fffffa60`0289f000 fffffa60`028c7000   Dot4     Dot4.sys     Sat Jan 19 01:28:01 2008 (47919871)
fffffa60`028c7000 fffffa60`028e1000   usbcir   usbcir.sys   Sat Jan 19 01:34:01 2008 (479199D9)
fffffa60`028e1000 fffffa60`028ec000   hidir    hidir.sys    Sat Jan 19 01:33:53 2008 (479199D1)
fffffa60`028ec000 fffffa60`028ff000   monitor  monitor.sys  Sat Jan 19 01:32:34 2008 (47919982)
fffffa60`02903000 fffffa60`0290f000   tunnel   tunnel.sys   Sat Jan 19 01:36:44 2008 (47919A7C)
fffffa60`0290f000 fffffa60`02918000   tunmp    tunmp.sys    Sat Jan 19 01:36:30 2008 (47919A6E)
fffffa60`02918000 fffffa60`0292b000   intelppm intelppm.sys Sat Jan 19 00:52:45 2008 (4791902D)
fffffa60`0292b000 fffffa60`029ac000   xcfex64  xcfex64.sys  Fri Sep 07 14:42:27 2007 (46E19B93)
fffffa60`029ac000 fffffa60`029dd000   ndiswan  ndiswan.sys  Sat Jan 19 01:37:33 2008 (47919AAD)
fffffa60`029dd000 fffffa60`029eb000   kbdclass kbdclass.sys Sat Jan 19 01:28:05 2008 (47919875)
fffffa60`029eb000 fffffa60`029fc000   circlass circlass.sys Sat Jan 19 01:34:00 2008 (479199D8)
fffffa60`02a07000 fffffa60`033bc280   nvlddmkm nvlddmkm.sys Thu Jan 10 11:05:08 2008 (47864234)
fffffa60`033bd000 fffffa60`033e8000   Rtlh64   Rtlh64.sys   Thu Feb 14 01:56:12 2008 (47B3E60C)
fffffa60`033e8000 fffffa60`033fa000   termdd   termdd.sys   Sat Jan 19 01:42:03 2008 (47919BBB)
fffffa60`03400000 fffffa60`0340a000   Dot4Prt  Dot4Prt.sys  Sat Jan 19 01:27:58 2008 (4791986E)
fffffa60`0340c000 fffffa60`034eb000   dxgkrnl  dxgkrnl.sys  Sat Jan 19 01:08:38 2008 (479193E6)
fffffa60`034eb000 fffffa60`034fa000   watchdog watchdog.sys Sat Jan 19 01:07:23 2008 (4791939B)
fffffa60`034fa000 fffffa60`03506000   usbuhci  usbuhci.sys  Sat Jan 19 01:33:56 2008 (479199D4)
fffffa60`03506000 fffffa60`0354c000   USBPORT  USBPORT.SYS  Sat Jan 19 01:34:00 2008 (479199D8)
fffffa60`0354c000 fffffa60`0355d000   usbehci  usbehci.sys  Sat Jan 19 01:33:57 2008 (479199D5)
fffffa60`0355d000 fffffa60`03570000   HDAudBus HDAudBus.sys Tue Nov 27 18:24:06 2007 (474CA716)
fffffa60`03570000 fffffa60`035a1f80   xcbdax64 xcbdax64.sys Fri Sep 07 14:43:23 2007 (46E19BCB)
fffffa60`035a2000 fffffa60`035d6000   ks       ks.sys       Sat Jan 19 01:28:24 2008 (47919888)
fffffa60`035d6000 fffffa60`035d9d00   BdaSup   BdaSup.SYS   Sat Jan 19 01:34:06 2008 (479199DE)
fffffa60`035da000 fffffa60`035f8000   raspptp  raspptp.sys  Sat Jan 19 01:37:34 2008 (47919AAE)
fffffa60`03600000 fffffa60`0360b000   mssmbios mssmbios.sys Sat Jan 19 01:02:54 2008 (4791928E)
fffffa60`0360c000 fffffa60`03b80000   xchalx64 xchalx64.sys Fri Sep 07 14:41:01 2007 (46E19B3D)
fffffa60`03b80000 fffffa60`03be1000   xcmemx64 xcmemx64.sys Fri Sep 07 14:39:35 2007 (46E19AE7)
fffffa60`03be1000 fffffa60`03be6180   ksthunk  ksthunk.sys  Sat Jan 19 01:28:14 2008 (4791987E)
fffffa60`03be7000 fffffa60`03bff000   rassstp  rassstp.sys  Sat Jan 19 01:37:42 2008 (47919AB6)
fffffa60`03c09000 fffffa60`03c79000   CAXHWBS2 CAXHWBS2.sys Thu May 08 16:26:58 2008 (48236212)
fffffa60`03c79000 fffffa60`03ded000   CAX_DP   CAX_DP.sys   Thu May 08 16:24:03 2008 (48236163)
fffffa60`03ded000 fffffa60`03dfd000   raspppoe raspppoe.sys Sat Jan 19 01:37:30 2008 (47919AAA)
fffffa60`03e00000 fffffa60`03e0c000   mouclass mouclass.sys Sat Jan 19 01:28:05 2008 (47919875)
fffffa60`03e0d000 fffffa60`03ed8000   CAX_CNXT CAX_CNXT.sys Thu May 08 16:25:10 2008 (482361A6)
fffffa60`03ed8000 fffffa60`03ee7000   modem    modem.sys    Sat Jan 19 01:38:17 2008 (47919AD9)
fffffa60`03ee7000 fffffa60`03ef8a00   ohci1394 ohci1394.sys Sat Jan 19 01:34:08 2008 (479199E0)
fffffa60`03ef9000 fffffa60`03f08f00   1394BUS  1394BUS.SYS  Sat Jan 19 01:34:04 2008 (479199DC)
fffffa60`03f09000 fffffa60`03f25000   cdrom    cdrom.sys    Sat Jan 19 01:29:04 2008 (479198B0)
fffffa60`03f25000 fffffa60`03f5d000   msiscsi  msiscsi.sys  Sat Jan 19 01:30:31 2008 (47919907)
fffffa60`03f5d000 fffffa60`03fba000   storport storport.sys Sat Jan 19 01:29:09 2008 (479198B5)
fffffa60`03fba000 fffffa60`03fc7000   TDI      TDI.SYS      Sat Jan 19 01:38:11 2008 (47919AD3)
fffffa60`03fc7000 fffffa60`03fea000   rasl2tp  rasl2tp.sys  Sat Jan 19 01:37:33 2008 (47919AAD)
fffffa60`03fea000 fffffa60`03ff6000   ndistapi ndistapi.sys Sat Jan 19 01:37:22 2008 (47919AA2)
fffffa60`03ff6000 fffffa60`03ff7480   swenum   swenum.sys   Thu Nov 02 05:37:33 2006 (4549BC5D)
fffffa60`04207000 fffffa60`0424e000   usbhub   usbhub.sys   Sat Jan 19 01:34:13 2008 (479199E5)
fffffa60`0424e000 fffffa60`04262000   NDProxy  NDProxy.SYS  Sat Jan 19 01:37:26 2008 (47919AA6)
fffffa60`04262000 fffffa60`043a8300   RTKVHD64 RTKVHD64.sys Tue Jan 15 06:19:16 2008 (478C96B4)
fffffa60`043a9000 fffffa60`043e4000   portcls  portcls.sys  Sat Jan 19 01:33:58 2008 (479199D6)
fffffa60`043e4000 fffffa60`043ee000   Fs_Rec   Fs_Rec.SYS   Sat Jan 19 00:53:41 2008 (47919065)
fffffa60`043ee000 fffffa60`043f7000   Null     Null.SYS     Thu Nov 02 05:37:15 2006 (4549BC4B)
fffffa60`043f7000 fffffa60`043feb80   HIDPARSE HIDPARSE.SYS Sat Jan 19 01:33:51 2008 (479199CF)
fffffa60`05400000 fffffa60`0540c000   Dxapi    Dxapi.sys    Sat Jan 19 01:08:00 2008 (479193C0)
fffffa60`0540d000 fffffa60`05432000   VIDEOPRT VIDEOPRT.SYS Sat Jan 19 01:32:25 2008 (47919979)
fffffa60`05432000 fffffa60`0543b000   RDPCDD   RDPCDD.sys   Sat Jan 19 01:42:04 2008 (47919BBC)
fffffa60`0543b000 fffffa60`05444000   rdpencdd rdpencdd.sys Sat Jan 19 01:42:03 2008 (47919BBB)
fffffa60`05444000 fffffa60`0544f000   Msfs     Msfs.SYS     Sat Jan 19 00:53:55 2008 (47919073)
fffffa60`0544f000 fffffa60`05460000   Npfs     Npfs.SYS     Sat Jan 19 00:53:57 2008 (47919075)
fffffa60`05460000 fffffa60`05469000   rasacd   rasacd.sys   Sat Jan 19 01:37:30 2008 (47919AAA)
fffffa60`05469000 fffffa60`05486000   tdx      tdx.sys      Sat Jan 19 01:36:53 2008 (47919A85)
fffffa60`05486000 fffffa60`054a1000   smb      smb.sys      Sat Jan 19 01:36:17 2008 (47919A61)
fffffa60`054a1000 fffffa60`054ad000   epfwtdir epfwtdir.sys Tue Jun 10 12:32:08 2008 (484EAC88)
fffffa60`054ad000 fffffa60`0551a000   afd      afd.sys      Sat Jan 19 01:38:15 2008 (47919AD7)
fffffa60`0551a000 fffffa60`0555e000   netbt    netbt.sys    Sat Jan 19 01:36:24 2008 (47919A68)
fffffa60`0555e000 fffffa60`0557c000   pacer    pacer.sys    Fri Apr 04 21:55:46 2008 (47F6DC22)
fffffa60`0557c000 fffffa60`0558b000   netbios  netbios.sys  Sat Jan 19 01:36:35 2008 (47919A73)
fffffa60`0558b000 fffffa60`055a6000   wanarp   wanarp.sys   Sat Jan 19 01:37:35 2008 (47919AAF)
fffffa60`055a6000 fffffa60`055f4000   rdbss    rdbss.sys    Sat Jan 19 00:55:09 2008 (479190BD)
fffffa60`055f4000 fffffa60`05600000   nsiproxy nsiproxy.sys Sat Jan 19 01:36:45 2008 (47919A7D)
fffffa60`05607000 fffffa60`05618000   easdrv   easdrv.sys   Tue Jun 10 12:43:27 2008 (484EAF2F)
fffffa60`05618000 fffffa60`05635000   dfsc     dfsc.sys     Sat Jan 19 00:54:16 2008 (47919088)
fffffa60`05635000 fffffa60`05643000   crashdmp crashdmp.sys Sat Jan 19 01:28:59 2008 (479198AB)
fffffa60`05643000 fffffa60`05746000   dump_iaStor dump_iaStor.sys Thu Jul 12 19:14:09 2007 (4696B5C1)
fffffa60`05746000 fffffa60`05762000   usbccgp  usbccgp.sys  Sat Jan 19 01:34:04 2008 (479199DC)
fffffa60`05762000 fffffa60`05763e00   USBD     USBD.SYS     Sat Jan 19 01:33:53 2008 (479199D1)
fffffa60`05764000 fffffa60`0576d000   hidusb   hidusb.sys   Sat Jan 19 01:33:54 2008 (479199D2)
fffffa60`0576d000 fffffa60`0577f000   HIDCLASS HIDCLASS.SYS Sat Jan 19 01:33:52 2008 (479199D0)
fffffa60`0577f000 fffffa60`05789000   kbdhid   kbdhid.sys   Sat Jan 19 01:28:10 2008 (4791987A)
fffffa60`05789000 fffffa60`0579e000   USBSTOR  USBSTOR.SYS  Sat Jan 19 01:33:58 2008 (479199D6)
fffffa60`0579e000 fffffa60`057b1000   LHidFilt LHidFilt.Sys Fri Feb 29 05:08:27 2008 (47C7D99B)
fffffa60`057b1000 fffffa60`057bc000   mouhid   mouhid.sys   Sat Jan 19 01:28:10 2008 (4791987A)
fffffa60`057bc000 fffffa60`057d0000   LMouFilt LMouFilt.Sys Fri Feb 29 05:08:31 2008 (47C7D99F)
fffffa60`057d0000 fffffa60`057e0000   usbscan  usbscan.sys  Sat Jan 19 02:09:56 2008 (4791A244)
fffffa60`057e0000 fffffa60`057eb000   usbprint usbprint.sys Sat Jan 19 02:10:56 2008 (4791A280)
fffffa60`057eb000 fffffa60`057fb000   dot4usb  dot4usb.sys  Sat Jan 19 01:28:00 2008 (47919870)
fffffa60`08a0e000 fffffa60`08a30000   luafv    luafv.sys    Sat Jan 19 00:59:06 2008 (479191AA)
fffffa60`08a30000 fffffa60`08a47000   tifsfilt tifsfilt.sys Wed Aug 29 08:37:29 2007 (46D56889)
fffffa60`08a47000 fffffa60`08ae1000   spsys    spsys.sys    Thu Jun 21 21:02:05 2007 (467B1F8D)
fffffa60`08ae1000 fffffa60`08af5000   lltdio   lltdio.sys   Sat Jan 19 01:35:48 2008 (47919A44)
fffffa60`08af5000 fffffa60`08b29000   nwifi    nwifi.sys    Sat Jan 19 01:34:38 2008 (479199FE)
fffffa60`08b29000 fffffa60`08b34000   ndisuio  ndisuio.sys  Sat Jan 19 01:36:29 2008 (47919A6D)
fffffa60`08b34000 fffffa60`08b4c000   rspndr   rspndr.sys   Sat Jan 19 01:35:48 2008 (47919A44)
fffffa60`08b4c000 fffffa60`08be7000   HTTP     HTTP.sys     Sat Jan 19 01:36:22 2008 (47919A66)
fffffa60`0980f000 fffffa60`09837000   srvnet   srvnet.sys   Sat Jan 19 00:56:38 2008 (47919116)
fffffa60`09837000 fffffa60`09855000   bowser   bowser.sys   Sat Jan 19 00:54:51 2008 (479190AB)
fffffa60`09855000 fffffa60`0986f000   mpsdrv   mpsdrv.sys   Sat Jan 19 01:35:28 2008 (47919A30)
fffffa60`0986f000 fffffa60`09896000   mrxdav   mrxdav.sys   Sat Jan 19 00:55:28 2008 (479190D0)
fffffa60`09896000 fffffa60`098be000   mrxsmb   mrxsmb.sys   Sat Jan 19 00:55:21 2008 (479190C9)
fffffa60`098be000 fffffa60`09907000   mrxsmb10 mrxsmb10.sys Sat Jan 19 00:55:07 2008 (479190BB)
fffffa60`09907000 fffffa60`09926000   mrxsmb20 mrxsmb20.sys Sat Jan 19 00:55:19 2008 (479190C7)
fffffa60`09926000 fffffa60`09957000   srv2     srv2.sys     Sat Jan 19 00:56:40 2008 (47919118)
fffffa60`09957000 fffffa60`099eb000   srv      srv.sys      Sat Jan 19 00:57:09 2008 (47919135)
fffffa60`09c03000 fffffa60`09c51000   eamon    eamon.sys    Tue Jun 10 12:42:25 2008 (484EAEF1)
fffffa60`09c51000 fffffa60`09c55280   mdmxsdk  mdmxsdk.sys  Mon Jun 19 17:27:26 2006 (449716BE)
fffffa60`09c56000 fffffa60`09d0c000   peauth   peauth.sys   Mon Oct 23 07:57:00 2006 (453CAE0C)
fffffa60`09d0c000 fffffa60`09d17000   secdrv   secdrv.SYS   Wed Sep 13 09:18:38 2006 (4508052E)
fffffa60`09d17000 fffffa60`09d26000   tcpipreg tcpipreg.sys Sat Jan 19 01:37:01 2008 (47919A8D)
fffffa60`09d26000 fffffa60`09d46000   WUDFRd   WUDFRd.sys   Sat Jan 19 01:33:43 2008 (479199C7)
fffffa60`09d46000 fffffa60`09d5c000   WUDFPf   WUDFPf.sys   Sat Jan 19 01:33:22 2008 (479199B2)
fffffa60`09d5c000 fffffa60`09d64000   xaudio64 xaudio64.sys Thu Oct 18 18:37:08 2007 (4717E014)
fffffa60`09d64000 fffffa60`09d80000   cdfs     cdfs.sys     Sat Jan 19 00:53:45 2008 (47919069)
fffffa60`09d80000 fffffa60`09d81a00   MSPQM    MSPQM.sys    Thu Nov 02 05:37:30 2006 (4549BC5A)
fffffa60`09d82000 fffffa60`09d83b80   MSPCLOCK MSPCLOCK.sys Thu Nov 02 05:37:30 2006 (4549BC5A)

Unloaded modules:
fffffa60`011e8000 fffffa60`011f6000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffffa60`02800000 fffffa60`02903000   dump_iaStor.
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffffa60`05407000 fffffa60`0541d000   i8042prt.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
fffffa60`03400000 fffffa60`0340a000   kbdhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
2: kd> lmvm eamon
start             end                 module name
fffffa60`09c03000 fffffa60`09c51000   eamon    T (no symbols)           
    Loaded symbol image file: eamon.sys
    Image path: eamon.sys
    Image name: eamon.sys
    Timestamp:        Tue Jun 10 12:42:25 2008 (484EAEF1)
    CheckSum:         0000FED0
    ImageSize:        0004E000
    Translations:     0000.04b0 0000.04e0 0409.04b0 0409.04e0
```


----------



## sk1er18 (Sep 6, 2008)

Hey JC. Just got home from work.. perfect timing on the reply :laugh:

I'm running ESET NOD32 Antivirus version 3.0.667.0: Antivirus & Antispyware

I do not believe I am running the ESET firewall, although there is nothing in the settings that calls out the 'firewall' by name these are the following protections:
1) Real-time file system protection
2) Email protection
3) Web Access protection

I am also running Windows Defender & Windows Firewall if that helps.

Enjoy dinner! I have to go cut the lawn... but at least its nice out here in jersey isn't it :grin:


----------



## jcgriff2 (Sep 30, 2007)

Hi. . .

Download the attached zip file, save batch file to desktop. Go to desktop, RIGHT-click on *$drvquery1.bat*, select run as admin.

New folder in documents folder - TSF_Vista_support2 - zip it up and attach to next post. I want to see versions on your drivers.

Regards. . .

jcgriff2

p.s. - Very nice indeed in New Jersey today - mid 70's and sunny!

.


----------



## sk1er18 (Sep 6, 2008)

File attached.

I hope its this nice out tomorrow... i only got the front yard cut (since when does it get dark at 7:30!)


----------



## jcgriff2 (Sep 30, 2007)

Supposed to be mid-upper 70's, cooler at the shore where I will be going (Spring Lake).

Do you recall how long you have had ESET - or when the last time you installed it was?

JC

.


----------



## sk1er18 (Sep 6, 2008)

Spring Lake eh? You'll be around my area- im just inland more :wave:

As for ESET. It was one of the firt things I installed on the computer. Pretty much within a week of buying this computer I uninstalled Norton and put ESET on it as my AVS

I've only had the computer for a few months... since June/July timeframe..


----------



## jcgriff2 (Sep 30, 2007)

Hi M. . .

I would like for you to un-install ESET, re-boot, then download the newest version of ESET A/V - here is ESET download site - 

http://www.eset.com/download/index.php

I ask this b/c I run ESET NOD 32 A/V on this Vista SP1 x64 system - same as yours - look at dates on modules from driverquery (driver named in BSOD in BLUE):

*YOUR system*

```
Module Name  Display Name           Driver Type   Link Date             
============ ====================== ============= ======================
[COLOR=blue]eamon        EAMON                  Kernel        [/COLOR][color=red]6/10/2008 12:42:25 PM[/color] 


[B][SIZE=3]ESET loaded driver list[/SIZE][/B]
ekrn		3.0.667.0	457.25 KB (468,224 bytes)	6/10/2008 6:53 PM	ESET	c:\program files\eset\eset nod32 antivirus\x86\ekrn.exe
eguiUpdate	3.0.667.0	287.25 KB (294,144 bytes)	6/10/2008 7:04 PM	ESET	c:\program files\eset\eset nod32 antivirus\eguiupdate.dll
egui		3.0.667.0	1.82 MB (1,910,016 bytes)	6/10/2008 6:52 PM	ESET	c:\program files\eset\eset nod32 antivirus\egui.exe
eguiscan	3.0.667.0	369.75 KB (378,624 bytes)	6/10/2008 6:56 PM	ESET	c:\program files\eset\eset nod32 antivirus\eguiscan.dll
eguiamon	3.0.667.0	110.75 KB (113,408 bytes)	6/10/2008 6:48 PM	ESET	c:\program files\eset\eset nod32 antivirus\eguiamon.dll
eguiemon	3.0.667.0	122.75 KB (125,696 bytes)	6/10/2008 6:51 PM	ESET	c:\program files\eset\eset nod32 antivirus\eguiemon.dll
eguiepfw	3.0.667.0	1.12 MB (1,172,736 bytes)	6/10/2008 6:56 PM	ESET	c:\program files\eset\eset nod32 antivirus\eguiepfw.dll
eguiMailPlugins	3.0.667.0	102.25 KB (104,704 bytes)	6/10/2008 7:02 PM	ESET	c:\program files\eset\eset nod32 antivirus\eguimailplugins.dll
shellext	3.0.667.0	195.25 KB (199,936 bytes)	6/10/2008 7:03 PM	ESET	c:\program files\eset\eset nod32 antivirus\shellext.dll
```

*MY system*

```
Module Name  Display Name           Driver Type   Link Date             
============ ====================== ============= ======================
[COLOR=blue]eamon        EAMON                  Kernel        [/COLOR][color=red]7/1/2008 02:51:04[/color]  


[B][SIZE=3]ESET loaded driver list[/SIZE][/B]
egui		3.0.669.0	1.82 MB (1,910,016 bytes)	7/1/2008 09:01	ESET	c:\program files\eset\eset nod32 antivirus\egui.exe
eguiamon	3.0.669.0	110.75 KB (113,408 bytes)	7/1/2008 08:57	ESET	c:\program files\eset\eset nod32 antivirus\eguiamon.dll
eguiemon	3.0.669.0	122.75 KB (125,696 bytes)	7/1/2008 09:00	ESET	c:\program files\eset\eset nod32 antivirus\eguiemon.dll
eguiepfw	3.0.669.0	1.12 MB (1,172,736 bytes)	7/1/2008 09:04	ESET	c:\program files\eset\eset nod32 antivirus\eguiepfw.dll
eguiMailPlugins	3.0.669.0	102.25 KB (104,704 bytes)	7/1/2008 09:10	ESET	c:\program files\eset\eset nod32 antivirus\eguimailplugins.dll
eguiscan	3.0.669.0	369.75 KB (378,624 bytes)	7/1/2008 09:05	ESET	c:\program files\eset\eset nod32 antivirus\eguiscan.dll
eguiUpdate	3.0.669.0	287.25 KB (294,144 bytes)	7/1/2008 09:12	ESET	c:\program files\eset\eset nod32 antivirus\eguiupdate.dll
```

So there appears to be a newer version out. Let's see if this new version helps your system out.

So how much further in-land approx, if I may ask? In Monmouth County? Near the county seat? I have other family in Tom's River, Ocean City, Ocean Township (Wanamassa), etc... you name the shore point, we're all over!! I went to St. Rose - although almost ended up at Christian Brothers Academy.

Regards. . .

JC

.


----------



## sk1er18 (Sep 6, 2008)

Thanks. I'll try updating my AVS to the newest version to see if that helps. Maybe they've worked out some of those Vista bugs :laugh:

Location wise-- I'm in Jackson, Right near Rt 9. Toms River/ Belmar/Point/etc are all a stones throw away


----------



## AntPitXRP (Nov 20, 2008)

Hello,

I seem to have the same issue here, but not sure how to go about fixing it... 

Slow Start up (slower than when I first got the PC earlier this month). 
hpqddsvc service hang, and occasional microsoft sync error.

I haven't installed any weird software, nor any peripherals.

Any help? thanks!:4-dontkno


----------



## sk1er18 (Sep 6, 2008)

Never was able to fully resolve mine...

I just put the computer in 'sleep' mode instead of fully shutting it down each night. Only shut it down if im not going to use it for over a day or so.


----------



## AntPitXRP (Nov 20, 2008)

That's a bummer...

Do you still get that hpqddsvc hang error (Control Panel > Problem Reports and Solutions)?


----------



## sk1er18 (Sep 6, 2008)

im assuming thats still hanging it up. I restart my computer so rarely anymore that i dont pay attention.

How long is yours hanging up for and does it always do it? Every once in a while mine would start very fast without any faults


----------



## AntPitXRP (Nov 20, 2008)

It usually has about minute and half hang time between windows load bar and login. It seems to do this every time.

Maybe I should consider sleep/hibernate over shutdown


----------



## sk1er18 (Sep 6, 2008)

i would PM jcgriff so he can run some diagnostics to make sure there isnt a resolvable cause to your issue.

if he figures it out-- make sure you post to let me know what he found.

if nothing works... lol then do what i do and use sleep mode instead of shut down :4-dontkno


----------



## jcgriff2 (Sep 30, 2007)

Hi. . .

I know you hunted down one HP service, but I have learned w/ this HP laptop that HP QuickPlay is not compatible with Vista x64. I have un-installed QuickPlay from this system b/c it did nothing but hang on boot-up.

The trick is that you must also disable it in the Device Manager b/c it is a boot driver. Not even Microsoft does this with Windows Media player. QuickPlay is hidden under its CLSID number which makes it difficult to find.

Un-install QuickPlay. Then go to the Device Manager (devmgmt.msc), click on View then Show Hidden Devices. Look for Non-Plug and Play Drivers and 2x click it. Now look for the entry "named"

```
[B]
{22D78859-9CE9-4B77-BF18-AC83E81A9263}[/B]
```
That is Quick Play. Disable it. Nice name, huh? Maybe its a top-secret relic from the Cold War no one got around to yet. Everything in Windows has a CLSID like that. Usually security drivers hide behind the number, not media players.

Another question you asked was about WERCON. There were entries in THIS post. I couldn't read the names on the appcrashes/ hangs. You can in WERCON. Also look at the Reliability Monitor. It gives you a day-by-day summary of system events like program installs, Windows Updates and also app crashes. Click on START - type *perfmon /rel* & hit enter. You should see this -



All of the red X's are failures. And yes, that is from this system.

Regards. . .

JC

.


----------

