BSOD 3 times tonight

#1
hi guys,
although my install of windows 7 is normally pretty stable, for some reason its been bsod 3 times tonight and i have no idea why as i havent changed any drivers or settings since it was stable. Here are the 3 mindumps from the bsods. Pleeeease tell me whats gone wrong with windows?

View attachment 101610-67564-01.dmp

View attachment 101610-26629-01.dmp

View attachment 101610-26208-01.dmp
 


Last edited:
#2
Uninstall sptd.sys for now, later if you need it install its latest 2010 version:

sptd.sys Sun Oct 11 23:55:14 2009
Daemon/Alcohol/Duplex Secure
DuplexSecure - FAQ



Update drivers:

athrxusb.sys Mon Jan 29 14:57:10 2007
Atheros Extensible Wireless LAN device driver

nvstor.sys Wed May 20 09:45:37 2009
nvmf6264.sys Fri Jul 31 02:48:18 2009
nvstor64.sys Wed Aug 05 03:31:07 2009
NVIDIA nForce(TM) SATA Driver

npf.sys Tue Oct 20 21:00:19 2009
Politecnico di Torino




If crashes persist, replace Avira with MSE:

Knowledgebase for Free

http://www.microsoft.com/security_essentials/



Code:
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [F:\a\Minidump\D M P\101610-26629-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`03060000 PsLoadedModuleList = 0xfffff800`0329de50
Debug session time: Sat Oct 16 04:07:15.560 2010 (UTC - 5:00)
System Uptime: 0 days 0:02:29.012
Loading Kernel Symbols
...............................................................
................................................................
.............................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 3B, {c0000005, fffff80003182b1f, fffff88004b8ccb0, 0}

Probably caused by : memory_corruption ( nt!MiIdentifyPfn+26f )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff80003182b1f, Address of the instruction which caused the bugcheck
Arg3: fffff88004b8ccb0, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - <Unable to get error code text>

FAULTING_IP: 
nt!MiIdentifyPfn+26f
fffff800`03182b1f f0410fba6e481f  lock bts dword ptr [r14+48h],1Fh

CONTEXT:  fffff88004b8ccb0 -- (.cxr 0xfffff88004b8ccb0)
rax=0000000000000001 rbx=020000000002e7d7 rcx=0a00000000000020
rdx=000000000001e2b6 rsi=0000000000000000 rdi=fffffa8001b218c8
rip=fffff80003182b1f rsp=fffff88004b8d680 rbp=fffffa80042a2a40
 r8=0000000000017417  r9=0000000000000001 r10=0000000000000042
r11=0000058000000000 r12=fffff8000324ae80 r13=0000000000000000
r14=d304c6e5a2e9d15d r15=0000000000000000
iopl=0         nv up ei pl nz na po nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010206
nt!MiIdentifyPfn+0x26f:
fffff800`03182b1f f0410fba6e481f  lock bts dword ptr [r14+48h],1Fh ds:002b:d304c6e5`a2e9d1a5=????????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x3B

PROCESS_NAME:  svchost.exe

CURRENT_IRQL:  2

LAST_CONTROL_TRANSFER:  from 0000000000000000 to fffff80003182b1f

STACK_TEXT:  
fffff880`04b8d680 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!MiIdentifyPfn+0x26f


FOLLOWUP_IP: 
nt!MiIdentifyPfn+26f
fffff800`03182b1f f0410fba6e481f  lock bts dword ptr [r14+48h],1Fh

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!MiIdentifyPfn+26f

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c44a9

STACK_COMMAND:  .cxr 0xfffff88004b8ccb0 ; kb

IMAGE_NAME:  memory_corruption

FAILURE_BUCKET_ID:  X64_0x3B_nt!MiIdentifyPfn+26f

BUCKET_ID:  X64_0x3B_nt!MiIdentifyPfn+26f

Followup: MachineOwner
---------



















Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [F:\a\Minidump\D M P\101610-26208-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`03008000 PsLoadedModuleList = 0xfffff800`03245e50
Debug session time: Sat Oct 16 13:26:18.452 2010 (UTC - 5:00)
System Uptime: 0 days 0:07:26.903
Loading Kernel Symbols
...............................................................
................................................................
............................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1E, {ffffffffc0000005, fffff80003058524, 0, ffffffffffffffff}

Probably caused by : fileinfo.sys ( fileinfo!FIStreamGet+52 )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff80003058524, The address that the exception occurred at
Arg3: 0000000000000000, Parameter 0 of the exception
Arg4: ffffffffffffffff, Parameter 1 of the exception

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - <Unable to get error code text>

FAULTING_IP: 
nt!FsRtlLookupPerStreamContextInternal+7c
fffff800`03058524 48396810        cmp     qword ptr [rax+10h],rbp

EXCEPTION_PARAMETER1:  0000000000000000

EXCEPTION_PARAMETER2:  ffffffffffffffff

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800032b00e0
 ffffffffffffffff 

ERROR_CODE: (NTSTATUS) 0xc0000005 - <Unable to get error code text>

BUGCHECK_STR:  0x1E_c0000005

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  svchost.exe

CURRENT_IRQL:  0

EXCEPTION_RECORD:  fffff88005c44828 -- (.exr 0xfffff88005c44828)
ExceptionAddress: fffff80003058524 (nt!FsRtlLookupPerStreamContextInternal+0x000000000000007c)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000000
   Parameter[1]: ffffffffffffffff
Attempt to read from address ffffffffffffffff

TRAP_FRAME:  fffff88005c448d0 -- (.trap 0xfffff88005c448d0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=abfd5a5f6bdaeed0 rbx=0000000000000000 rcx=fffff8a0016c5178
rdx=0000000000000011 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80003058524 rsp=fffff88005c44a60 rbp=fffffa8002d86010
 r8=0000000000000000  r9=fffff88005c44b30 r10=0000000000000000
r11=fffff88005c44c28 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz ac pe cy
nt!FsRtlLookupPerStreamContextInternal+0x7c:
fffff800`03058524 48396810        cmp     qword ptr [rax+10h],rbp ds:abfd5a5f`6bdaeee0=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff800030b2a39 to fffff80003078740

STACK_TEXT:  
fffff880`05c44058 fffff800`030b2a39 : 00000000`0000001e ffffffff`c0000005 fffff800`03058524 00000000`00000000 : nt!KeBugCheckEx
fffff880`05c44060 fffff800`03077d82 : fffff880`05c44828 fffff8a0`016c5140 fffff880`05c448d0 00000000`00000000 : nt!KiDispatchException+0x1b9
fffff880`05c446f0 fffff800`0307668a : fffff880`05c448e8 00000000`00000000 fffff8a0`041ab010 fffff880`02170147 : nt!KiExceptionDispatch+0xc2
fffff880`05c448d0 fffff800`03058524 : fffffa80`00000000 fffff800`0306ecc5 00000000`00000000 fffff6fc`40027b98 : nt!KiGeneralProtectionFault+0x10a
fffff880`05c44a60 fffff880`0123132e : fffffa80`021dcf20 fffff880`05c44bc0 fffffa80`02d86010 fffff880`01455734 : nt!FsRtlLookupPerStreamContextInternal+0x7c
fffff880`05c44aa0 fffff880`0123cd31 : fffffa80`02d86010 fffff880`0145af30 fffffa80`01e48520 00000000`00000001 : fltmgr!FltpGetStreamListCtrl+0x8e
fffff880`05c44b00 fffff880`01282052 : 00000000`00000000 00000000`00000000 fffff880`05c44d40 fffff880`014f8bfb : fltmgr!FltGetStreamContext+0x21
fffff880`05c44b30 fffff880`01280b07 : 00000000`00000000 fffff8a0`01a115c0 00000000`00000000 00000000`00000000 : fileinfo!FIStreamGet+0x52
fffff880`05c44ba0 fffff880`01231242 : 00000000`00000000 00000000`00000000 fffffa80`01bd37b0 00000000`00000000 : fileinfo!FIPostCreateCallback+0xf3
fffff880`05c44c30 fffff880`0123038b : fffffa80`02b77030 fffffa80`04434e00 fffffa80`02e48010 fffffa80`02e48230 : fltmgr!FltpPerformPostCallbacks+0x392
fffff880`05c44d00 fffff880`0124f2b9 : fffffa80`01bd3410 fffffa80`02d86010 fffffa80`01bd3400 fffffa80`02b722c0 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x39b
fffff880`05c44d90 fffff800`0337b807 : 00000000`00000060 fffff800`0339af30 fffffa80`01e73348 fffff8a0`00084430 : fltmgr!FltpCreate+0x2a9
fffff880`05c44e40 fffff800`03371c2f : fffffa80`02b722c0 00000000`00000000 fffffa80`024e8200 00000000`00040000 : nt!IopParseDevice+0x5a7
fffff880`05c44fd0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!ObpLookupObjectName+0x32f


STACK_COMMAND:  kb

FOLLOWUP_IP: 
fileinfo!FIStreamGet+52
fffff880`01282052 8bd8            mov     ebx,eax

SYMBOL_STACK_INDEX:  7

SYMBOL_NAME:  fileinfo!FIStreamGet+52

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: fileinfo

IMAGE_NAME:  fileinfo.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc481

FAILURE_BUCKET_ID:  X64_0x1E_c0000005_fileinfo!FIStreamGet+52

BUCKET_ID:  X64_0x1E_c0000005_fileinfo!FIStreamGet+52

Followup: MachineOwner
---------
















Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [F:\a\Minidump\D M P\101610-67564-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`03063000 PsLoadedModuleList = 0xfffff800`032a0e50
Debug session time: Sat Oct 16 13:17:57.016 2010 (UTC - 5:00)
System Uptime: 0 days 4:03:03.468
Loading Kernel Symbols
...............................................................
................................................................
.............................
Loading User Symbols
Loading unloaded module list
........
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 20, {0, ffff, 0, 0}

Probably caused by : ntkrnlmp.exe ( nt!PspExitThread+9a0 )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KERNEL_APC_PENDING_DURING_EXIT (20)
The key data item is the thread's APC disable count.
If this is non-zero, then this is the source of the problem.
The APC disable count is decremented each time a driver calls
KeEnterCriticalRegion, FsRtlEnterFileSystem, or acquires a mutex.  The APC
disable count is incremented each time a driver calls KeLeaveCriticalRegion,
FsRtlExitFileSystem, or KeReleaseMutex.  Since these calls should always be in
pairs, this value should be zero when a thread exits.  A negative value
indicates that a driver has disabled APC calls without re-enabling them.  A
positive value indicates that the reverse is true.
If you ever see this error, be very suspicious of all drivers installed on the
machine -- especially unusual or non-standard drivers.  Third party file
system redirectors are especially suspicious since they do not generally
receive the heavy duty testing that NTFS, FAT, RDR, etc receive.
This current IRQL should also be 0.  If it is not, that a driver's
cancelation routine can cause this bugcheck by returning at an elevated
IRQL.  Always attempt to note what you were doing/closing at the
time of the crash, and note all of the installed drivers at the time of
the crash.  This symptom is usually a severe bug in a third party
driver.
Arguments:
Arg1: 0000000000000000, The address of the APC found pending during exit.
Arg2: 000000000000ffff, The thread's APC disable count
Arg3: 0000000000000000, The current IRQL
Arg4: 0000000000000000

Debugging Details:
------------------


BUGCHECK_STR:  0x20_NULLAPC_KAPC_NEGATIVE

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  sandra.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from fffff800033b8e40 to fffff800030d3740

STACK_TEXT:  
fffff880`02841ad8 fffff800`033b8e40 : 00000000`00000020 00000000`00000000 00000000`0000ffff 00000000`00000000 : nt!KeBugCheckEx
fffff880`02841ae0 fffff800`0339085b : 00000000`00000000 00000000`00000001 00000000`fffdb000 00000000`00000000 : nt!PspExitThread+0x9a0
fffff880`02841ba0 fffff800`030d2993 : fffffa80`019659d0 00000000`00000000 00000000`fffdb001 fffffa80`01b1e860 : nt!NtTerminateProcess+0x25b
fffff880`02841c20 00000000`7732001a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0012e028 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x7732001a


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!PspExitThread+9a0
fffff800`033b8e40 cc              int     3

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  nt!PspExitThread+9a0

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c44a9

FAILURE_BUCKET_ID:  X64_0x20_NULLAPC_KAPC_NEGATIVE_nt!PspExitThread+9a0

BUCKET_ID:  X64_0x20_NULLAPC_KAPC_NEGATIVE_nt!PspExitThread+9a0
fffff800`00bba000 fffff800`00bc4000   kdcom    kdcom.dll    Tue Jul 14 04:31:07 2009 (4A5BDFDB)
fffff800`0301a000 fffff800`03063000   hal      hal.dll      Tue Jul 14 04:27:36 2009 (4A5BDF08)
fffff800`03063000 fffff800`0363f000   nt       ntkrnlmp.exe Sat Jun 19 07:16:41 2010 (4C1C44A9)
fffff880`00c00000 fffff880`00cc0000   CI       CI.dll       Tue Jul 14 04:32:13 2009 (4A5BE01D)
fffff880`00cc0000 fffff880`00ccf000   WDFLDR   WDFLDR.SYS   Tue Jul 14 02:19:54 2009 (4A5BC11A)
fffff880`00cdb000 fffff880`00ce8000   mcupdate_AuthenticAMD mcupdate_AuthenticAMD.dll Tue Jul 14 04:29:09 2009 (4A5BDF65)
fffff880`00ce8000 fffff880`00cfc000   PSHED    PSHED.dll    Tue Jul 14 04:32:23 2009 (4A5BE027)
fffff880`00cfc000 fffff880`00d5a000   CLFS     CLFS.SYS     Tue Jul 14 02:19:57 2009 (4A5BC11D)
fffff880`00d5a000 fffff880`00dfe000   Wdf01000 Wdf01000.sys Tue Jul 14 02:22:07 2009 (4A5BC19F)
fffff880`00e12000 fffff880`00f38000   sptd     sptd.sys     Sun Oct 11 23:55:14 2009 (4AD24632)
fffff880`00f38000 fffff880`00f41000   WMILIB   WMILIB.SYS   Tue Jul 14 02:19:51 2009 (4A5BC117)
fffff880`00f41000 fffff880`00f70000   SCSIPORT SCSIPORT.SYS Tue Jul 14 03:01:04 2009 (4A5BCAC0)
fffff880`00f70000 fffff880`00fc7000   ACPI     ACPI.sys     Tue Jul 14 02:19:34 2009 (4A5BC106)
fffff880`00fc7000 fffff880`00fd1000   msisadrv msisadrv.sys Tue Jul 14 02:19:26 2009 (4A5BC0FE)
fffff880`00fd1000 fffff880`00fde000   vdrvroot vdrvroot.sys Tue Jul 14 03:01:31 2009 (4A5BCADB)
fffff880`01000000 fffff880`0103f000   nvstor64 nvstor64.sys Wed Aug 05 03:31:07 2009 (4A78D2CB)
fffff880`0103f000 fffff880`0104a000   amdxata  amdxata.sys  Tue May 19 20:56:59 2009 (4A12F2EB)
fffff880`01050000 fffff880`01083000   pci      pci.sys      Tue Jul 14 02:19:51 2009 (4A5BC117)
fffff880`01083000 fffff880`01098000   partmgr  partmgr.sys  Tue Jul 14 02:19:58 2009 (4A5BC11E)
fffff880`01098000 fffff880`010ad000   volmgr   volmgr.sys   Tue Jul 14 02:19:57 2009 (4A5BC11D)
fffff880`010ad000 fffff880`01109000   volmgrx  volmgrx.sys  unavailable (00000000)
fffff880`01109000 fffff880`01110000   pciide   pciide.sys   Tue Jul 14 02:19:49 2009 (4A5BC115)
fffff880`01110000 fffff880`01120000   PCIIDEX  PCIIDEX.SYS  Tue Jul 14 02:19:48 2009 (4A5BC114)
fffff880`01120000 fffff880`0113a000   mountmgr mountmgr.sys Tue Jul 14 02:19:54 2009 (4A5BC11A)
fffff880`0113a000 fffff880`01143000   atapi    atapi.sys    Tue Jul 14 02:19:47 2009 (4A5BC113)
fffff880`01143000 fffff880`0116d000   ataport  ataport.SYS  Tue Jul 14 02:19:52 2009 (4A5BC118)
fffff880`0116d000 fffff880`01198000   nvstor   nvstor.sys   Wed May 20 09:45:37 2009 (4A13A711)
fffff880`01198000 fffff880`011fa000   storport storport.sys Tue Jul 14 03:01:18 2009 (4A5BCACE)
fffff880`01200000 fffff880`0124c000   volsnap  volsnap.sys  Tue Jul 14 02:20:08 2009 (4A5BC128)
fffff880`0124c000 fffff880`01286000   rdyboost rdyboost.sys Tue Jul 14 02:34:34 2009 (4A5BC48A)
fffff880`0129b000 fffff880`012e7000   fltmgr   fltmgr.sys   Tue Jul 14 02:19:59 2009 (4A5BC11F)
fffff880`012e7000 fffff880`012fb000   fileinfo fileinfo.sys Tue Jul 14 02:34:25 2009 (4A5BC481)
fffff880`012fb000 fffff880`01359000   msrpc    msrpc.sys    unavailable (00000000)
fffff880`01359000 fffff880`013cc000   cng      cng.sys      Tue Jul 14 02:49:40 2009 (4A5BC814)
fffff880`01413000 fffff880`015b6000   Ntfs     Ntfs.sys     Tue Jul 14 02:20:47 2009 (4A5BC14F)
fffff880`015b6000 fffff880`015d0000   ksecdd   ksecdd.sys   Tue Jul 14 02:20:54 2009 (4A5BC156)
fffff880`015d0000 fffff880`015e1000   pcw      pcw.sys      Tue Jul 14 02:19:27 2009 (4A5BC0FF)
fffff880`015e1000 fffff880`015eb000   Fs_Rec   Fs_Rec.sys   unavailable (00000000)
fffff880`01600000 fffff880`0164a000   fwpkclnt fwpkclnt.sys Tue Jul 14 02:21:08 2009 (4A5BC164)
fffff880`0164a000 fffff880`0165a000   vmstorfl vmstorfl.sys unavailable (00000000)
fffff880`0165a000 fffff880`01662000   spldr    spldr.sys    Mon May 11 19:56:27 2009 (4A0858BB)
fffff880`01662000 fffff880`0166b000   hwpolicy hwpolicy.sys Tue Jul 14 02:19:22 2009 (4A5BC0FA)
fffff880`0166b000 fffff880`0175d000   ndis     ndis.sys     Tue Jul 14 02:21:40 2009 (4A5BC184)
fffff880`0175d000 fffff880`017bd000   NETIO    NETIO.SYS    Tue Jul 14 02:21:46 2009 (4A5BC18A)
fffff880`017bd000 fffff880`017e8000   ksecpkg  ksecpkg.sys  Fri Dec 11 08:03:32 2009 (4B21E0B4)
fffff880`017e8000 fffff880`017fa000   mup      mup.sys      Tue Jul 14 02:23:45 2009 (4A5BC201)
fffff880`01802000 fffff880`019ff000   tcpip    tcpip.sys    Mon Jun 14 06:39:04 2010 (4C15A458)
fffff880`01a00000 fffff880`01a09000   Null     Null.SYS     unavailable (00000000)
fffff880`01a09000 fffff880`01a10000   Beep     Beep.SYS     Tue Jul 14 03:00:13 2009 (4A5BCA8D)
fffff880`01a10000 fffff880`01a1e000   vga      vga.sys      Tue Jul 14 02:38:47 2009 (4A5BC587)
fffff880`01a1e000 fffff880`01a43000   VIDEOPRT VIDEOPRT.SYS Tue Jul 14 02:38:51 2009 (4A5BC58B)
fffff880`01a43000 fffff880`01a53000   watchdog watchdog.sys Tue Jul 14 02:37:35 2009 (4A5BC53F)
fffff880`01a53000 fffff880`01a5c000   RDPCDD   RDPCDD.sys   Tue Jul 14 03:16:34 2009 (4A5BCE62)
fffff880`01a5c000 fffff880`01a65000   rdpencdd rdpencdd.sys Tue Jul 14 03:16:34 2009 (4A5BCE62)
fffff880`01a65000 fffff880`01a6e000   rdprefmp rdprefmp.sys Tue Jul 14 03:16:35 2009 (4A5BCE63)
fffff880`01a6e000 fffff880`01a79000   Msfs     Msfs.SYS     Tue Jul 14 02:19:47 2009 (4A5BC113)
fffff880`01a79000 fffff880`01a8a000   Npfs     Npfs.SYS     Tue Jul 14 02:19:48 2009 (4A5BC114)
fffff880`01a8a000 fffff880`01aa8000   tdx      tdx.sys      Tue Jul 14 02:21:15 2009 (4A5BC16B)
fffff880`01aa8000 fffff880`01ab5000   TDI      TDI.SYS      Tue Jul 14 02:21:18 2009 (4A5BC16E)
fffff880`01ae5000 fffff880`01b1f000   fvevol   fvevol.sys   Sat Sep 26 05:34:26 2009 (4ABD7DB2)
fffff880`01b1f000 fffff880`01b35000   disk     disk.sys     Tue Jul 14 02:19:57 2009 (4A5BC11D)
fffff880`01b35000 fffff880`01b65000   CLASSPNP CLASSPNP.SYS Tue Jul 14 02:19:58 2009 (4A5BC11E)
fffff880`01b65000 fffff880`01bb3000   mrxsmb10 mrxsmb10.sys Sat Feb 27 09:52:28 2010 (4B88CF3C)
fffff880`01bcf000 fffff880`01bf9000   cdrom    cdrom.sys    Tue Jul 14 02:19:54 2009 (4A5BC11A)
fffff880`02000000 fffff880`0201b000   avgntflt avgntflt.sys Tue Mar 24 16:00:46 2009 (49C8E78E)
fffff880`0201b000 fffff880`0203c000   WudfPf   WudfPf.sys   Tue Jul 14 03:05:37 2009 (4A5BCBD1)
fffff880`0203c000 fffff880`02051000   lltdio   lltdio.sys   Tue Jul 14 03:08:50 2009 (4A5BCC92)
fffff880`02051000 fffff880`020a4000   nwifi    nwifi.sys    Tue Jul 14 03:07:23 2009 (4A5BCC3B)
fffff880`020a4000 fffff880`020b7000   ndisuio  ndisuio.sys  Tue Jul 14 03:09:25 2009 (4A5BCCB5)
fffff880`020b7000 fffff880`020cf000   rspndr   rspndr.sys   Tue Jul 14 03:08:50 2009 (4A5BCC92)
fffff880`020cf000 fffff880`020ed000   bowser   bowser.sys   Tue Jul 14 02:23:50 2009 (4A5BC206)
fffff880`020ef000 fffff880`02181000   athrxusb athrxusb.sys Mon Jan 29 14:57:10 2007 (45BDEF26)
fffff880`02181000 fffff880`0218f000   monitor  monitor.sys  Tue Jul 14 02:38:52 2009 (4A5BC58C)
fffff880`0218f000 fffff880`0219c000   mouhid   mouhid.sys   Tue Jul 14 03:00:20 2009 (4A5BCA94)
fffff880`0219c000 fffff880`021d2000   fastfat  fastfat.SYS  Tue Jul 14 02:23:28 2009 (4A5BC1F0)
fffff880`021d2000 fffff880`021f5000   luafv    luafv.sys    Tue Jul 14 02:26:13 2009 (4A5BC295)
fffff880`03c00000 fffff880`03c51000   rdbss    rdbss.sys    Tue Jul 14 02:24:09 2009 (4A5BC219)
fffff880`03c51000 fffff880`03c5d000   nsiproxy nsiproxy.sys Tue Jul 14 02:21:02 2009 (4A5BC15E)
fffff880`03c5d000 fffff880`03c68000   mssmbios mssmbios.sys Tue Jul 14 02:31:10 2009 (4A5BC3BE)
fffff880`03c68000 fffff880`03c77000   discache discache.sys Tue Jul 14 02:37:18 2009 (4A5BC52E)
fffff880`03c88000 fffff880`03d12000   afd      afd.sys      Tue Jul 14 02:21:40 2009 (4A5BC184)
fffff880`03d12000 fffff880`03d57000   netbt    netbt.sys    Tue Jul 14 02:21:28 2009 (4A5BC178)
fffff880`03d57000 fffff880`03d60000   wfplwf   wfplwf.sys   Tue Jul 14 03:09:26 2009 (4A5BCCB6)
fffff880`03d60000 fffff880`03d86000   pacer    pacer.sys    Tue Jul 14 03:09:41 2009 (4A5BCCC5)
fffff880`03d86000 fffff880`03d95000   netbios  netbios.sys  Tue Jul 14 03:09:26 2009 (4A5BCCB6)
fffff880`03d95000 fffff880`03db2000   serial   serial.sys   Tue Jul 14 03:00:40 2009 (4A5BCAA8)
fffff880`03db2000 fffff880`03dcd000   wanarp   wanarp.sys   Tue Jul 14 03:10:21 2009 (4A5BCCED)
fffff880`03dcd000 fffff880`03de1000   termdd   termdd.sys   Tue Jul 14 03:16:36 2009 (4A5BCE64)
fffff880`03e00000 fffff880`03e56000   USBPORT  USBPORT.SYS  Tue Jul 14 03:06:31 2009 (4A5BCC07)
fffff880`03e56000 fffff880`03e67000   usbehci  usbehci.sys  Sat Oct 24 07:27:33 2009 (4AE28235)
fffff880`03e67000 fffff880`03e8b000   HDAudBus HDAudBus.sys Tue Jul 14 03:06:13 2009 (4A5BCBF5)
fffff880`03ec0000 fffff880`03f43000   csc      csc.sys      Tue Jul 14 02:24:26 2009 (4A5BC22A)
fffff880`03f43000 fffff880`03f61000   dfsc     dfsc.sys     Tue Jul 14 02:23:44 2009 (4A5BC200)
fffff880`03f61000 fffff880`03f72000   blbdrive blbdrive.sys Tue Jul 14 02:35:59 2009 (4A5BC4DF)
fffff880`03f72000 fffff880`03f98000   tunnel   tunnel.sys   Tue Jul 14 03:09:37 2009 (4A5BCCC1)
fffff880`03f98000 fffff880`03fad000   amdppm   amdppm.sys   Tue Jul 14 02:19:25 2009 (4A5BC0FD)
fffff880`03fad000 fffff880`03fb5000   ASACPI   ASACPI.sys   Thu May 14 04:25:17 2009 (4A0B72FD)
fffff880`03fb5000 fffff880`03fd3000   i8042prt i8042prt.sys Tue Jul 14 02:19:57 2009 (4A5BC11D)
fffff880`03fd3000 fffff880`03fe2000   kbdclass kbdclass.sys Tue Jul 14 02:19:50 2009 (4A5BC116)
fffff880`03fe2000 fffff880`03fee000   serenum  serenum.sys  Tue Jul 14 03:00:33 2009 (4A5BCAA1)
fffff880`03fee000 fffff880`03ff9000   usbohci  usbohci.sys  Tue Jul 14 03:06:30 2009 (4A5BCC06)
fffff880`04000000 fffff880`04043000   ks       ks.sys       Thu Mar 04 06:32:25 2010 (4B8F37D9)
fffff880`04043000 fffff880`04055000   umbus    umbus.sys    Tue Jul 14 03:06:56 2009 (4A5BCC20)
fffff880`04055000 fffff880`04078000   mrxsmb20 mrxsmb20.sys Sat Feb 27 09:52:26 2010 (4B88CF3A)
fffff880`04079000 fffff880`040ca500   nvmf6264 nvmf6264.sys Fri Jul 31 02:48:18 2009 (4A723142)
fffff880`040cb000 fffff880`041bf000   dxgkrnl  dxgkrnl.sys  Fri Oct 02 04:00:14 2009 (4AC5509E)
fffff880`041cb000 fffff880`041d6000   rdpbus   rdpbus.sys   Tue Jul 14 03:17:46 2009 (4A5BCEAA)
fffff880`041d6000 fffff880`041e5000   mouclass mouclass.sys Tue Jul 14 02:19:50 2009 (4A5BC116)
fffff880`04213000 fffff880`0426d000   usbhub   usbhub.sys   Sat Oct 24 07:28:24 2009 (4AE28268)
fffff880`0426d000 fffff880`04282000   NDProxy  NDProxy.SYS  Tue Jul 14 03:10:05 2009 (4A5BCCDD)
fffff880`04282000 fffff880`042bf000   portcls  portcls.sys  Tue Jul 14 03:06:27 2009 (4A5BCC03)
fffff880`042bf000 fffff880`042e1000   drmk     drmk.sys     Tue Jul 14 04:01:25 2009 (4A5BD8E5)
fffff880`042e1000 fffff880`04304000   nvhda64v nvhda64v.sys Tue Jun 22 01:07:25 2010 (4C1FE29D)
fffff880`04304000 fffff880`04312000   crashdmp crashdmp.sys Tue Jul 14 03:01:01 2009 (4A5BCABD)
fffff880`04312000 fffff880`04351000   dump_nvstor64 dump_nvstor64.sys Wed Aug 05 03:31:07 2009 (4A78D2CB)
fffff880`04351000 fffff880`04364000   dump_dumpfve dump_dumpfve.sys Tue Jul 14 02:21:51 2009 (4A5BC18F)
fffff880`04364000 fffff880`0437f000   USBSTOR  USBSTOR.SYS  Tue Jul 14 03:06:34 2009 (4A5BCC0A)
fffff880`0437f000 fffff880`04380f00   USBD     USBD.SYS     Tue Jul 14 03:06:23 2009 (4A5BCBFF)
fffff880`04381000 fffff880`0438f000   hidusb   hidusb.sys   Tue Jul 14 03:06:22 2009 (4A5BCBFE)
fffff880`0438f000 fffff880`043a8000   HIDCLASS HIDCLASS.SYS Tue Jul 14 03:06:21 2009 (4A5BCBFD)
fffff880`043a8000 fffff880`043b0080   HIDPARSE HIDPARSE.SYS Tue Jul 14 03:06:17 2009 (4A5BCBF9)
fffff880`043b1000 fffff880`043de000   mrxsmb   mrxsmb.sys   Sat Feb 27 09:52:19 2010 (4B88CF33)
fffff880`043de000 fffff880`043ed000   npf      npf.sys      Tue Oct 20 21:00:19 2009 (4ADDFAB3)
fffff880`04600000 fffff880`04605200   ksthunk  ksthunk.sys  Tue Jul 14 03:00:19 2009 (4A5BCA93)
fffff880`04606000 fffff880`04612000   Dxapi    Dxapi.sys    Tue Jul 14 02:38:28 2009 (4A5BC574)
fffff880`04612000 fffff880`0461c000   dump_diskdump dump_diskdump.sys Tue Jul 14 03:01:00 2009 (4A5BCABC)
fffff880`0461d000 fffff880`047ff900   RTKVHD64 RTKVHD64.sys Tue Aug 18 12:29:10 2009 (4A8A7466)
fffff880`04871000 fffff880`04883000   tcpipreg tcpipreg.sys Tue Jul 14 03:09:49 2009 (4A5BCCCD)
fffff880`048e1000 fffff880`04987000   peauth   peauth.sys   Tue Jul 14 04:01:19 2009 (4A5BD8DF)
fffff880`04987000 fffff880`04992000   secdrv   secdrv.SYS   Wed Sep 13 16:18:38 2006 (4508052E)
fffff880`04992000 fffff880`049bf000   srvnet   srvnet.sys   Tue Jun 22 06:20:32 2010 (4C202C00)
fffff880`04c00000 fffff880`04c38000   RDPWD    RDPWD.SYS    Tue Jul 14 03:16:47 2009 (4A5BCE6F)
fffff880`04c52000 fffff880`04cba000   srv2     srv2.sys     Tue Jun 22 06:20:47 2010 (4C202C0F)
fffff880`04cba000 fffff880`04d50000   srv      srv.sys      Tue Jun 22 06:21:11 2010 (4C202C27)
fffff880`04d5c000 fffff880`04d8d000   AODDriver2 AODDriver2.sys Thu Apr 22 13:28:05 2010 (4BD024B5)
fffff880`04d8d000 fffff880`04dbb000   rdpdr    rdpdr.sys    Tue Jul 14 03:18:02 2009 (4A5BCEBA)
fffff880`04dbb000 fffff880`04dc6000   tdtcp    tdtcp.sys    Tue Jul 14 03:16:32 2009 (4A5BCE60)
fffff880`04dc6000 fffff880`04dd5000   tssecsrv tssecsrv.sys Tue Jul 14 03:16:41 2009 (4A5BCE69)
fffff880`0541a000 fffff880`054e2000   HTTP     HTTP.sys     Tue Jul 14 02:22:16 2009 (4A5BC1A8)
fffff880`054e2000 fffff880`054eb000   Sandra   Sandra.sys   Sat Aug 08 01:44:51 2009 (4A7CAE63)
fffff880`054f7000 fffff880`05503000   nrtap    nrtap.sys    Tue Sep 01 22:10:01 2009 (4A9D7189)
fffff880`0f200000 fffff880`0f245000   aoig0wxr aoig0wxr.SYS Wed Jul 15 00:12:55 2009 (4A5CF4D7)
fffff880`0f245000 fffff880`0f255000   CompositeBus CompositeBus.sys Tue Jul 14 03:00:33 2009 (4A5BCAA1)
fffff880`0f255000 fffff880`0f26b000   AgileVpn AgileVpn.sys Tue Jul 14 03:10:24 2009 (4A5BCCF0)
fffff880`0f26b000 fffff880`0f28f000   rasl2tp  rasl2tp.sys  Tue Jul 14 03:10:11 2009 (4A5BCCE3)
fffff880`0f28f000 fffff880`0f29b000   ndistapi ndistapi.sys Tue Jul 14 03:10:00 2009 (4A5BCCD8)
fffff880`0f29b000 fffff880`0f2ca000   ndiswan  ndiswan.sys  Tue Jul 14 03:10:11 2009 (4A5BCCE3)
fffff880`0f2ca000 fffff880`0f2e5000   raspppoe raspppoe.sys Tue Jul 14 03:10:17 2009 (4A5BCCE9)
fffff880`0f2e5000 fffff880`0ff76e00   nvlddmkm nvlddmkm.sys Sat Jul 10 00:15:58 2010 (4C37918E)
fffff880`0ff77000 fffff880`0ff78180   nvBridge nvBridge.kmd Sat Jul 10 00:07:54 2010 (4C378FAA)
fffff880`0ff79000 fffff880`0ffbf000   dxgmms1  dxgmms1.sys  Tue Jul 14 02:38:32 2009 (4A5BC578)
fffff880`0ffbf000 fffff880`0ffe0000   raspptp  raspptp.sys  Tue Jul 14 03:10:18 2009 (4A5BCCEA)
fffff880`0ffe0000 fffff880`0fffa000   rassstp  rassstp.sys  Tue Jul 14 03:10:25 2009 (4A5BCCF1)
fffff880`0fffa000 fffff880`0fffb480   swenum   swenum.sys   Tue Jul 14 03:00:18 2009 (4A5BCA92)
fffff960`000c0000 fffff960`003cf000   win32k   win32k.sys   Sat Jun 19 07:31:59 2010 (4C1C483F)
fffff960`00560000 fffff960`0056a000   TSDDD    TSDDD.dll    unavailable (00000000)
fffff960`006c0000 fffff960`006e7000   cdd      cdd.dll      unavailable (00000000)

Unloaded modules:
fffff880`054eb000 fffff880`054f7000   nrtap.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000C000
fffff880`04d50000 fffff880`04d5c000   nrtap.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000C000
fffff880`04800000 fffff880`04871000   spsys.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00071000
fffff880`041bf000 fffff880`041cb000   nrtap.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000C000
fffff880`01b65000 fffff880`01b73000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`01b73000 fffff880`01b7d000   dump_storpor
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000A000
fffff880`01b7d000 fffff880`01bbc000   dump_nvstor6
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0003F000
fffff880`01bbc000 fffff880`01bcf000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00013000
 


Last edited:
This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.