help me plz

Discussion in 'Windows 7 Blue Screen of Death (BSOD)' started by malikron7, Apr 10, 2012.

  1. malikron7

    malikron7 New Member

    Joined:
    Apr 10, 2012
    Messages:
    8
    Likes Received:
    0
    i have a v. v. big problem each time i put the pc to sleep it crash this problem is occurring from about 4 months i will upload all my crash dumps :angry_smile::angry_smile::angry_smile:
     

    Attached Files:

  2. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    Hello and welcome to the forum.
    Looks like most of your more recent dump files are indicating an issues with
    WinFLAdrv.sys 11/14/2011 which may be a part of a software product called Folder Locker from NewSoftwares.net although I am not absolutely certain. You may want to consider either updating or uninstalling at least temporarily.
    One of you dump files indicates an issue with
    EpfwLWF.sys 7/11/2011 which is part of the Eset family of Security Software and might be having a problem because it appears that you may have some remnants of another security suite from Sunbelt Software, perhaps Vipre
    SBREdrv.sys 4/29/2011
    I'd suggest getting that issue sorted out as two competing security suites can often cause unintended consequences.
    At your earliest convenience uninstall Daemon Tools
    sptd.sys 8/24/2010 use this tool from here DuplexSecure - Downloads get the correct version for your architecture and click the UNINSTALL button when you run it.
    After taking care of the above, grab a blank CD and this program What is Windows Defender Offline? again get the correct version for your architecture. The program will build a bootable CD for you with which you can then boot your system and run a FULL system scan, independent of your OS.
    If Blue Screens persist then
    First make sure your machine is configured properly to facilitate the collection of .dmp files.
    Then:
    Please read the first post in this sticky thread here How to ask for help with a BSOD problem
    Do your best to accumulate the data required.
    Run the SF Diagnostic tool (download and right click the executable and choose run as administrator)
    Download and run CPUz. Use the Windows snipping tool to gather images from all tabs including all slots populated with memory under the SPD tab.
    Likewise RAMMon. Export the html report, put everything into a desktop folder that you've created for this purpose, zip it up and attach it to your next post (right click it and choose send to, compressed (zipped) folder.
    Additionally, if you haven’t already, please take some time and fill out your system specs in your forum profile area http://windows7forums.com/windows-7-support/72212-help-us-help-you-filling-your-system-specs.html#post235529 .
    Good luck
    Randy
     
  3. malikron7

    malikron7 New Member

    Joined:
    Apr 10, 2012
    Messages:
    8
    Likes Received:
    0
    blue screen help

    hi i recently fixed a bsod before 2 weeks but now a new one is coming while the computer is on here are my dumpsView attachment minidump.zip
     
  4. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    Re: blue screen help

    As I have already mentioned. You have Daemon Tools installed on your computer
    sptd.sys
    and you need to remove it. Please reference my post above.
    Additionally, also as I mentioned before you seem to have competing security suites installed on your computer
    bckd.sys K9 Web Protection Driver from Blue Coat Systems
    and
    EpfwLWF.sys ESET Personal Firewall driver ESET Smart Security.
    not generally a good idea.
    My suggestion is to uninstall both at least temporarily and replace with Microsoft Security Essentials for now, as it is not known to produce Blue Screen issues. Once your machine is stable you can remove it and reinstall ESET if you so choose.
    Code:
    BugCheck 4E, {7, 12e1e3, 1, 0}
    Unable to load image EpfwLWF.sys, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for[COLOR=#ff0000][U][B] EpfwLWF.sys[/B][/U][/COLOR]
    *** ERROR: Module load completed but symbols could not be loaded for [COLOR=#ff0000][U][B]EpfwLWF.sys[/B][/U][/COLOR]
    Probably caused by : tcpip.sys ( tcpip!TcpCompleteTcbSend+40 )
    PFN_LIST_CORRUPT (4e)
    Typically caused by drivers passing bad memory descriptor lists (ie: calling
    MmUnlockPages twice with the same list, etc).  If a kernel debugger is
    available get the stack trace.
    Arguments:
    Arg1: 0000000000000007, A driver has unlocked a page more times than it locked it
    Arg2: 000000000012e1e3, page frame number
    Arg3: 0000000000000001, current share count
    Arg4: 0000000000000000, 0
    BUGCHECK_STR:  0x4E_7
    CUSTOMER_CRASH_COUNT:  1
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    PROCESS_NAME:  System
    CURRENT_IRQL:  2
    LAST_CONTROL_TRANSFER:  from fffff8000392c343 to fffff800038cdc80
    STACK_TEXT:  
    fffff800`00b9b228 fffff800`0392c343 : 00000000`0000004e 00000000`00000007 00000000`0012e1e3 00000000`00000001 : nt!KeBugCheckEx
    fffff800`00b9b230 fffff800`0393dc16 : 00000000`42646641 fffffa80`0000010d fffffa80`0408fc00 fffffa80`04ad1530 : nt! ?? ::FNODOBFM::`string'+0x16b66
    fffff800`00b9b270 fffff800`038d14e8 : fffffa80`04ad0004 00000000`00000000 00000000`00000002 00000000`00000000 : nt! ?? ::FNODOBFM::`string'+0x36e25
    fffff800`00b9b300 fffff880`018d24a0 : 00000000`0000019e 00000000`00000102 fffffa80`0408fcf0 00000000`00000000 : nt!IopfCompleteRequest+0x168
    fffff800`00b9b3f0 fffff880`018fc23e : 00000000`00000009 00000000`00000000 fffffa80`04889c40 00000000`00000000 : tcpip!TcpCompleteTcbSend+0x40
    fffff800`00b9b420 fffff880`018d23e2 : fffff800`00b9b978 fffff800`00b9b9a0 fffffa80`0408fcf0 fffff880`018e6f34 : tcpip!TcpShutdownTcb+0x50e
    fffff800`00b9b560 fffff880`018f55f4 : fffff800`00b90000 fffff800`00b9b978 fffff800`00b9ba60 fffff800`00000000 : tcpip!TcpAbortTcbDelivery+0x32
    fffff800`00b9b590 fffff880`018e7d54 : 00000000`00000000 fffffa80`05d10000 00000000`00000000 fffffa80`059fb8c0 : tcpip!TcpTcbCarefulDatagram+0xc44
    fffff800`00b9b740 fffff880`018e667a : fffffa80`048a89e0 fffff880`018deb00 fffffa80`04889c01 00000000`00000000 : tcpip!TcpTcbReceive+0x694
    fffff800`00b9b8f0 fffff880`018e82ab : fffffa80`05e324ac fffffa80`049d4000 00000000`00000000 00000000`00000000 : tcpip!TcpMatchReceive+0x1fa
    fffff800`00b9ba40 fffff880`018df1c7 : fffffa80`048a89e0 fffffa80`048ae950 fffffa80`00007e05 00000000`00000000 : tcpip!TcpPreValidatedReceive+0x36b
    fffff800`00b9bb10 fffff880`018ded3a : 00000000`00000000 fffff880`019fe9a0 fffff800`00b9bcd0 00000000`00000000 : tcpip!IppDeliverListToProtocol+0x97
    fffff800`00b9bbd0 fffff880`018de339 : 00000000`00000000 00000000`00000000 00000000`00000000 fffff800`00b9bcc0 : tcpip!IppProcessDeliverList+0x5a
    fffff800`00b9bc70 fffff880`018dc0af : 00000000`00000000 fffffa80`049d4000 fffff880`019fe9a0 00000000`00b9bf01 : tcpip!IppReceiveHeaderBatch+0x23a
    fffff800`00b9bd50 fffff880`018cab15 : fffffa80`056fac10 00000000`00000000 fffff800`00b9bf01 fffffa80`00000001 : tcpip!IpFlcReceivePackets+0x64f
    fffff800`00b9bf50 fffff880`018dab02 : fffffa80`05ec1010 fffffa80`05ec1010 00000000`00000002 fffffa80`06860000 : tcpip!IpFlcReceivePreValidatedPackets+0x705
    fffff800`00b9c0b0 fffff800`038d9968 : 00000000`00000000 00000000`00004800 fffff800`03a50cc0 00000000`00000000 : tcpip!FlReceiveNetBufferListChainCalloutRoutine+0xa2
    fffff800`00b9c100 fffff880`018db202 : fffff880`018daa60 00000000`0000003c 00000000`00000002 00000000`00000000 : nt!KeExpandKernelStackAndCalloutEx+0xd8
    fffff800`00b9c1e0 fffff880`016fe0eb : fffffa80`05ec3010 00000000`00000000 fffffa80`056551a0 00000000`00000000 : tcpip!FlReceiveNetBufferListChain+0xb2
    fffff800`00b9c250 fffff880`016c7ad6 : 00000002`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ndis!ndisMIndicateNetBufferListsToOpen+0xdb
    fffff800`00b9c2c0 fffff880`016499c4 : fffffa80`056551a0 00000000`00000002 00000000`00000001 fffff880`0433c358 : ndis!ndisMDispatchReceiveNetBufferLists+0x1d6
    fffff800`00b9c740 fffff880`01649939 : 00000000`00000030 fffffa80`04bed8c0 00000000`00000018 00000000`00000001 : ndis!ndisMTopReceiveNetBufferLists+0x24
    fffff800`00b9c780 fffff880`016498d0 : fffffa80`05ebac90 fffffa80`05df9030 00000000`00000001 00000002`00000801 : ndis!ndisFilterIndicateReceiveNetBufferLists+0x29
    fffff800`00b9c7c0 fffff880`0433bba0 : 00000000`00000000 00000000`00000801 00000000`00000000 fffffa80`05eba8c0 : ndis!NdisFIndicateReceiveNetBufferLists+0x50
    fffff800`00b9c800 00000000`00000000 : 00000000`00000801 00000000`00000000 fffffa80`05eba8c0 fffffa80`00000801 : [COLOR=#ff0000][U][B]EpfwLWF[/B][/U][/COLOR]+0x3ba0
    STACK_COMMAND:  kb
    FOLLOWUP_IP: 
    tcpip!TcpCompleteTcbSend+40
    fffff880`018d24a0 488b4e48        mov     rcx,qword ptr [rsi+48h]
    SYMBOL_STACK_INDEX:  4
    SYMBOL_NAME:  tcpip!TcpCompleteTcbSend+40
    FOLLOWUP_NAME:  MachineOwner
    MODULE_NAME: tcpip
    IMAGE_NAME:  tcpip.sys
    DEBUG_FLR_IMAGE_TIMESTAMP:  4e83e948
    FAILURE_BUCKET_ID:  X64_0x4E_7_tcpip!TcpCompleteTcbSend+40
    BUCKET_ID:  X64_0x4E_7_tcpip!TcpCompleteTcbSend+40
    and
    Code:
    BugCheck 4E, {7, 12ddb8, 1, 0}
    Unable to load image [COLOR=#ff0000][U][B]bckd.sys[/B][/U][/COLOR], Win32 error 0n2
    *** WARNING: Unable to verify timestamp for [COLOR=#ff0000][U][B]bckd.sys[/B][/U][/COLOR]
    *** ERROR: Module load completed but symbols could not be loaded for[COLOR=#ff0000][U][B] bckd.sys[/B][/U][/COLOR]
    Probably caused by : ntkrnlmp.exe ( nt! ?? ::FNODOBFM::`string'+16b66 )
    PFN_LIST_CORRUPT (4e)
    Typically caused by drivers passing bad memory descriptor lists (ie: calling
    MmUnlockPages twice with the same list, etc).  If a kernel debugger is
    available get the stack trace.
    Arguments:
    Arg1: 0000000000000007, A driver has unlocked a page more times than it locked it
    Arg2: 000000000012ddb8, page frame number
    Arg3: 0000000000000001, current share count
    Arg4: 0000000000000000, 0
    BUGCHECK_STR:  0x4E_7
    CUSTOMER_CRASH_COUNT:  1
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    PROCESS_NAME:  uTorrent.exe
    CURRENT_IRQL:  2
    LAST_CONTROL_TRANSFER:  from fffff800038f2343 to fffff80003893c80
    STACK_TEXT:  
    fffff880`089da438 fffff800`038f2343 : 00000000`0000004e 00000000`00000007 00000000`0012ddb8 00000000`00000001 : nt!KeBugCheckEx
    fffff880`089da440 fffff800`03903c16 : 000000ff`fffa8005 fffff880`013c107d fffffa80`053ef1cc fffff880`013c107d : nt! ?? ::FNODOBFM::`string'+0x16b66
    fffff880`089da480 fffff800`038974e8 : 000fffff`a8000004 00000000`00000000 00000000`00000000 00000000`00000000 : nt! ?? ::FNODOBFM::`string'+0x36e25
    fffff880`089da510 fffff800`03878c22 : fffffa80`04def650 00000000`00000000 fffffa80`05db84e0 00000000`00000000 : nt!IopfCompleteRequest+0x168
    fffff880`089da600 fffff880`013c8a3b : fffffa80`052a4180 fffff880`013c1ce8 fffff880`013d2670 fffffa80`05db84e0 : nt!IopInvalidDeviceRequest+0x16
    fffff880`089da630 fffffa80`052a4180 : fffff880`013c1ce8 fffff880`013d2670 fffffa80`05db84e0 fffffa80`052a4180 : bckd+0x8a3b
    fffff880`089da638 fffff880`013c1ce8 : fffff880`013d2670 fffffa80`05db84e0 fffffa80`052a4180 fffffa80`07ac55e8 : 0xfffffa80`052a4180
    fffff880`089da640 fffff880`013d2670 : fffffa80`05db84e0 fffffa80`052a4180 fffffa80`07ac55e8 fffffa80`05db84e0 : [COLOR=#ff0000][U][B]bckd[/B][/U][/COLOR]+0x1ce8
    fffff880`089da648 fffffa80`05db84e0 : fffffa80`052a4180 fffffa80`07ac55e8 fffffa80`05db84e0 fffff880`013ce13e : [COLOR=#ff0000][U][B]bckd[/B][/U][/COLOR]+0x12670
    fffff880`089da650 fffffa80`052a4180 : fffffa80`07ac55e8 fffffa80`05db84e0 fffff880`013ce13e fffffa80`052a4180 : 0xfffffa80`05db84e0
    fffff880`089da658 fffffa80`07ac55e8 : fffffa80`05db84e0 fffff880`013ce13e fffffa80`052a4180 fffffa80`07ac55e8 : 0xfffffa80`052a4180
    fffff880`089da660 fffffa80`05db84e0 : fffff880`013ce13e fffffa80`052a4180 fffffa80`07ac55e8 fffffa80`052a4180 : 0xfffffa80`07ac55e8
    fffff880`089da668 fffff880`013ce13e : fffffa80`052a4180 fffffa80`07ac55e8 fffffa80`052a4180 fffffa80`05db84e0 : 0xfffffa80`05db84e0
    fffff880`089da670 fffffa80`052a4180 : fffffa80`07ac55e8 fffffa80`052a4180 fffffa80`05db84e0 fffffa80`07ac5400 : [COLOR=#ff0000][U][B]bckd[/B][/U][/COLOR]+0xe13e
    fffff880`089da678 fffffa80`07ac55e8 : fffffa80`052a4180 fffffa80`05db84e0 fffffa80`07ac5400 fffff880`013cc9e8 : 0xfffffa80`052a4180
    fffff880`089da680 fffffa80`052a4180 : fffffa80`05db84e0 fffffa80`07ac5400 fffff880`013cc9e8 00000000`00000001 : 0xfffffa80`07ac55e8
    fffff880`089da688 fffffa80`05db84e0 : fffffa80`07ac5400 fffff880`013cc9e8 00000000`00000001 fffffa80`052a4180 : 0xfffffa80`052a4180
    fffff880`089da690 fffffa80`07ac5400 : fffff880`013cc9e8 00000000`00000001 fffffa80`052a4180 fffff880`013d3af0 : 0xfffffa80`05db84e0
    fffff880`089da698 fffff880`013cc9e8 : 00000000`00000001 fffffa80`052a4180 fffff880`013d3af0 00000000`00000000 : 0xfffffa80`07ac5400
    fffff880`089da6a0 00000000`00000001 : fffffa80`052a4180 fffff880`013d3af0 00000000`00000000 fffffa80`07697128 : [COLOR=#ff0000][U][B]bckd[/B][/U][/COLOR]+0xc9e8
    fffff880`089da6a8 fffffa80`052a4180 : fffff880`013d3af0 00000000`00000000 fffffa80`07697128 fffff880`013ccbd2 : 0x1
    fffff880`089da6b0 fffff880`013d3af0 : 00000000`00000000 fffffa80`07697128 fffff880`013ccbd2 fffffa80`04543820 : 0xfffffa80`052a4180
    fffff880`089da6b8 00000000`00000000 : fffffa80`07697128 fffff880`013ccbd2 fffffa80`04543820 fffffa80`052a4180 :[COLOR=#ff0000][U][B] bckd[/B][/U][/COLOR]+0x13af0
    STACK_COMMAND:  kb
    FOLLOWUP_IP: 
    nt! ?? ::FNODOBFM::`string'+16b66
    fffff800`038f2343 cc              int     3
    SYMBOL_STACK_INDEX:  1
    SYMBOL_NAME:  nt! ?? ::FNODOBFM::`string'+16b66
    FOLLOWUP_NAME:  MachineOwner
    MODULE_NAME: nt
    IMAGE_NAME:  ntkrnlmp.exe
    DEBUG_FLR_IMAGE_TIMESTAMP:  4f558b55
    FAILURE_BUCKET_ID:  X64_0x4E_7_nt!_??_::FNODOBFM::_string_+16b66
    BUCKET_ID:  X64_0x4E_7_nt!_??_::FNODOBFM::_string_+16b66
     
  5. malikron7

    malikron7 New Member

    Joined:
    Apr 10, 2012
    Messages:
    8
    Likes Received:
    0
    Re: blue screen help

    but idont have daemon tools and i have another machine running k9 and eset with no problem a all
     
  6. malikron7

    malikron7 New Member

    Joined:
    Apr 10, 2012
    Messages:
    8
    Likes Received:
    0
    i did what you said but i still get a bsod i attached my new dumps
     

    Attached Files:

  7. Trouble

    Trouble Noob Whisperer

    Joined:
    Nov 30, 2009
    Messages:
    13,845
    Likes Received:
    833
    Apparently you have not.
    Your latest dump file 042012-35849-01.dmp 4/20/2012 5:19:24 PM
    List of Drivers:
    Code:
    start             end                 module name
    fffff800`00bd1000 fffff800`00bdb000   kdcom    kdcom.dll    Sat Feb 05 10:52:49 2011 (4D4D8061)
    fffff800`0380a000 fffff800`03853000   hal      hal.dll      Sat Nov 20 07:00:25 2010 (4CE7C669)
    fffff800`03853000 fffff800`03e3b000   nt       ntkrnlmp.exe Mon Mar 05 21:58:13 2012 (4F558B55)
    fffff880`00c00000 fffff880`00c21000   raspptp  raspptp.sys  Sat Nov 20 04:52:31 2010 (4CE7A86F)
    fffff880`00c23000 fffff880`00c72000   mcupdate mcupdate.dll Sat Nov 20 07:03:51 2010 (4CE7C737)
    fffff880`00c72000 fffff880`00c86000   PSHED    PSHED.dll    Mon Jul 13 20:32:23 2009 (4A5BE027)
    fffff880`00c86000 fffff880`00ce4000   CLFS     CLFS.SYS     Mon Jul 13 18:19:57 2009 (4A5BC11D)
    fffff880`00ce4000 fffff880`00da4000   CI       CI.dll       Sat Nov 20 07:12:36 2010 (4CE7C944)
    fffff880`00da4000 fffff880`00de0000   vmbus    vmbus.sys    Sat Nov 20 03:57:29 2010 (4CE79B89)
    fffff880`00de0000 fffff880`00dfa000   rassstp  rassstp.sys  Mon Jul 13 19:10:25 2009 (4A5BCCF1)
    fffff880`00e00000 fffff880`00e5c000   volmgrx  volmgrx.sys  Sat Nov 20 03:20:43 2010 (4CE792EB)
    fffff880`00e5c000 fffff880`00e63000   pciide   pciide.sys   Mon Jul 13 18:19:49 2009 (4A5BC115)
    fffff880`00e63000 fffff880`00e73000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 18:19:48 2009 (4A5BC114)
    fffff880`00e73000 fffff880`00e93000   vmci     vmci.sys     Tue Jul 26 21:42:09 2011 (4E2F7B01)
    fffff880`00e93000 fffff880`00ead000   mountmgr mountmgr.sys Sat Nov 20 03:19:21 2010 (4CE79299)
    fffff880`00ead000 fffff880`00ec1000   winhv    winhv.sys    Sat Nov 20 03:20:02 2010 (4CE792C2)
    fffff880`00ec3000 fffff880`00f67000   Wdf01000 Wdf01000.sys Mon Jul 13 18:22:07 2009 (4A5BC19F)
    fffff880`00f67000 fffff880`00f76000   WDFLDR   WDFLDR.SYS   Mon Jul 13 18:19:54 2009 (4A5BC11A)
    fffff880`00f76000 fffff880`00fcd000   ACPI     ACPI.sys     Sat Nov 20 03:19:16 2010 (4CE79294)
    fffff880`00fcd000 fffff880`00fe2000   volmgr   volmgr.sys   Sat Nov 20 03:19:28 2010 (4CE792A0)
    fffff880`00fe2000 fffff880`00feb000   atapi    atapi.sys    Mon Jul 13 18:19:47 2009 (4A5BC113)
    fffff880`01000000 fffff880`01033000   pci      pci.sys      Sat Nov 20 03:19:11 2010 (4CE7928F)
    [COLOR=#ff0000][U][B]fffff880`01039000 fffff880`01196000   sptd     sptd.sys     Tue Aug 24 01:13:12 2010 (4C7362F8)[/B][/U][/COLOR]  Normally associated with Daemon Tools.
    fffff880`01196000 fffff880`0119f000   WMILIB   WMILIB.SYS   Mon Jul 13 18:19:51 2009 (4A5BC117)
    fffff880`0119f000 fffff880`011ce000   SCSIPORT SCSIPORT.SYS Sat Nov 20 04:34:01 2010 (4CE7A419)
    fffff880`011ce000 fffff880`011d8000   msisadrv msisadrv.sys Mon Jul 13 18:19:26 2009 (4A5BC0FE)
    fffff880`011d8000 fffff880`011e5000   vdrvroot vdrvroot.sys Mon Jul 13 19:01:31 2009 (4A5BCADB)
    fffff880`011e5000 fffff880`011fa000   partmgr  partmgr.sys  Sat Nov 20 03:20:00 2010 (4CE792C0)
    fffff880`01208000 fffff880`01232000   ataport  ataport.SYS  Sat Nov 20 03:19:15 2010 (4CE79293)
    fffff880`01232000 fffff880`0123d000   amdxata  amdxata.sys  Fri Mar 19 11:18:18 2010 (4BA3A3CA)
    fffff880`0123d000 fffff880`01289000   fltmgr   fltmgr.sys   Sat Nov 20 03:19:24 2010 (4CE7929C)
    fffff880`01289000 fffff880`0129d000   fileinfo fileinfo.sys Mon Jul 13 18:34:25 2009 (4A5BC481)
    fffff880`0129d000 fffff880`012fb000   msrpc    msrpc.sys    Sat Nov 20 03:21:56 2010 (4CE79334)
    fffff880`012fb000 fffff880`0136d000   cng      cng.sys      Wed Nov 16 22:23:17 2011 (4EC48C35)
    fffff880`0136d000 fffff880`0137e000   Npfs     Npfs.SYS     Mon Jul 13 18:19:48 2009 (4A5BC114)
    fffff880`0137e000 fffff880`013a0000   tdx      tdx.sys      Sat Nov 20 03:21:54 2010 (4CE79332)
    fffff880`013a0000 fffff880`013ad000   TDI      TDI.SYS      Sat Nov 20 03:22:06 2010 (4CE7933E)
    [COLOR=#ff0000][U][B]fffff880`013ad000 fffff880`013ca000   bckd     bckd.sys     Fri Jun 10 16:46:02 2011 (4DF2909A)[/B][/U][/COLOR]  Normally associated with K9 Web Protection
    fffff880`013ca000 fffff880`013f9000   ndiswan  ndiswan.sys  Sat Nov 20 04:52:32 2010 (4CE7A870)
    fffff880`01400000 fffff880`0141b000   ksecdd   ksecdd.sys   Wed Nov 16 21:48:13 2011 (4EC483FD)
    fffff880`0141b000 fffff880`0142c000   pcw      pcw.sys      Mon Jul 13 18:19:27 2009 (4A5BC0FF)
    fffff880`0142c000 fffff880`01436000   Fs_Rec   Fs_Rec.sys   Wed Feb 29 21:41:06 2012 (4F4EEFD2)
    fffff880`01436000 fffff880`01446000   watchdog watchdog.sys Mon Jul 13 18:37:35 2009 (4A5BC53F)
    fffff880`01446000 fffff880`0144f000   rdprefmp rdprefmp.sys Mon Jul 13 19:16:35 2009 (4A5BCE63)
    fffff880`0144f000 fffff880`0145a000   Msfs     Msfs.SYS     Mon Jul 13 18:19:47 2009 (4A5BC113)
    fffff880`0145a000 fffff880`015fd000   Ntfs     Ntfs.sys     Thu Mar 10 21:39:39 2011 (4D79997B)
    fffff880`01600000 fffff880`01625000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 18:38:51 2009 (4A5BC58B)
    fffff880`01625000 fffff880`01718000   ndis     ndis.sys     Sat Nov 20 03:23:30 2010 (4CE79392)
    fffff880`01718000 fffff880`01778000   NETIO    NETIO.SYS    Sat Nov 20 03:23:13 2010 (4CE79381)
    fffff880`01778000 fffff880`017a3000   ksecpkg  ksecpkg.sys  Wed Nov 16 22:23:44 2011 (4EC48C50)
    fffff880`017a3000 fffff880`017cd000   cdrom    cdrom.sys    Sat Nov 20 03:19:20 2010 (4CE79298)
    fffff880`017cd000 fffff880`017f4000   ehdrv    ehdrv.sys    Tue Jun 28 02:34:38 2011 (4E09840E)
    fffff880`017f4000 fffff880`017fd000   rdpencdd rdpencdd.sys Mon Jul 13 19:16:34 2009 (4A5BCE62)
    fffff880`01800000 fffff880`0183a000   fvevol   fvevol.sys   Sat Nov 20 03:24:06 2010 (4CE793B6)
    fffff880`0183a000 fffff880`01850000   disk     disk.sys     Mon Jul 13 18:19:57 2009 (4A5BC11D)
    fffff880`01850000 fffff880`01880000   CLASSPNP CLASSPNP.SYS Sat Nov 20 03:19:23 2010 (4CE7929B)
    fffff880`018b6000 fffff880`018bf000   Null     Null.SYS     Mon Jul 13 18:19:37 2009 (4A5BC109)
    fffff880`018bf000 fffff880`018c6000   Beep     Beep.SYS     Mon Jul 13 19:00:13 2009 (4A5BCA8D)
    fffff880`018c6000 fffff880`018cf000   RDPCDD   RDPCDD.sys   Mon Jul 13 19:16:34 2009 (4A5BCE62)
    fffff880`018cf000 fffff880`01ad3000   tcpip    tcpip.sys    Wed Sep 28 22:43:04 2011 (4E83E948)
    fffff880`01ad3000 fffff880`01b1d000   fwpkclnt fwpkclnt.sys Sat Nov 20 03:21:37 2010 (4CE79321)
    fffff880`01b1d000 fffff880`01b32000   epfwwfp  epfwwfp.sys  Tue Jun 28 02:30:08 2011 (4E098300)
    fffff880`01b32000 fffff880`01b42000   vmstorfl vmstorfl.sys Sat Nov 20 03:57:30 2010 (4CE79B8A)
    fffff880`01b42000 fffff880`01b8e000   volsnap  volsnap.sys  Sat Nov 20 03:20:08 2010 (4CE792C8)
    fffff880`01b8e000 fffff880`01b96000   spldr    spldr.sys    Mon May 11 11:56:27 2009 (4A0858BB)
    fffff880`01b96000 fffff880`01b9d000   SmartDefragDriver SmartDefragDriver.sys Fri Nov 26 03:29:40 2010 (4CEF7E04)
    fffff880`01b9d000 fffff880`01bd7000   rdyboost rdyboost.sys Sat Nov 20 03:43:10 2010 (4CE7982E)
    fffff880`01bd7000 fffff880`01be9000   mup      mup.sys      Mon Jul 13 18:23:45 2009 (4A5BC201)
    fffff880`01be9000 fffff880`01bf2000   hwpolicy hwpolicy.sys Sat Nov 20 03:18:54 2010 (4CE7927E)
    fffff880`01bf2000 fffff880`01c00000   vga      vga.sys      Mon Jul 13 18:38:47 2009 (4A5BC587)
    fffff880`02e00000 fffff880`02e0b000   mssmbios mssmbios.sys Mon Jul 13 18:31:10 2009 (4A5BC3BE)
    fffff880`02e0b000 fffff880`02e1a000   discache discache.sys Mon Jul 13 18:37:18 2009 (4A5BC52E)
    fffff880`02e1a000 fffff880`02e29000   kbdclass kbdclass.sys Mon Jul 13 18:19:50 2009 (4A5BC116)
    fffff880`02e33000 fffff880`02ebc000   afd      afd.sys      Tue Dec 27 21:59:20 2011 (4EFA9418)
    fffff880`02ebc000 fffff880`02f01000   netbt    netbt.sys    Sat Nov 20 03:23:18 2010 (4CE79386)
    fffff880`02f01000 fffff880`02f0c000   ws2ifsl  ws2ifsl.sys  Mon Jul 13 19:10:33 2009 (4A5BCCF9)
    fffff880`02f0c000 fffff880`02f15000   wfplwf   wfplwf.sys   Mon Jul 13 19:09:26 2009 (4A5BCCB6)
    fffff880`02f15000 fffff880`02f3b000   pacer    pacer.sys    Sat Nov 20 04:52:18 2010 (4CE7A862)
    [COLOR=#ff0000][U][B]fffff880`02f3b000 fffff880`02f48000   EpfwLWF  EpfwLWF.sys  Mon Jul 11 11:19:38 2011 (4E1B229A)[/B][/U][/COLOR]  Normally associated with ESET Personal Firewall
    fffff880`02f48000 fffff880`02f57000   netbios  netbios.sys  Mon Jul 13 19:09:26 2009 (4A5BCCB6)
    fffff880`02f57000 fffff880`02f74000   serial   serial.sys   Mon Jul 13 19:00:40 2009 (4A5BCAA8)
    fffff880`02f74000 fffff880`02f8f000   wanarp   wanarp.sys   Sat Nov 20 04:52:36 2010 (4CE7A874)
    fffff880`02f8f000 fffff880`02fa3000   termdd   termdd.sys   Sat Nov 20 05:03:40 2010 (4CE7AB0C)
    fffff880`02fa3000 fffff880`02ff4000   rdbss    rdbss.sys    Sat Nov 20 03:27:51 2010 (4CE79497)
    fffff880`02ff4000 fffff880`03000000   nsiproxy nsiproxy.sys Mon Jul 13 18:21:02 2009 (4A5BC15E)
    fffff880`03c00000 fffff880`03cf4000   dxgkrnl  dxgkrnl.sys  Sat Nov 20 03:50:50 2010 (4CE799FA)
    fffff880`03cf5000 fffff880`03d78000   csc      csc.sys      Sat Nov 20 03:27:12 2010 (4CE79470)
    fffff880`03d78000 fffff880`03d96000   dfsc     dfsc.sys     Sat Nov 20 03:26:31 2010 (4CE79447)
    fffff880`03d96000 fffff880`03da7000   blbdrive blbdrive.sys Mon Jul 13 18:35:59 2009 (4A5BC4DF)
    fffff880`03da7000 fffff880`03db8000   AntiLog64 AntiLog64.sys Thu Feb 02 03:00:09 2012 (4F2A5099)
    fffff880`03db8000 fffff880`03dde000   tunnel   tunnel.sys   Sat Nov 20 04:51:50 2010 (4CE7A846)
    fffff880`03dde000 fffff880`03df9000   raspppoe raspppoe.sys Mon Jul 13 19:10:17 2009 (4A5BCCE9)
    fffff880`04400000 fffff880`0440c000   ndistapi ndistapi.sys Mon Jul 13 19:10:00 2009 (4A5BCCD8)
    fffff880`0440d000 fffff880`04463000   USBPORT  USBPORT.SYS  Thu Mar 24 22:29:12 2011 (4D8C0C08)
    fffff880`04463000 fffff880`04487000   HDAudBus HDAudBus.sys Sat Nov 20 04:43:42 2010 (4CE7A65E)
    fffff880`04487000 fffff880`044a4000   parport  parport.sys  Mon Jul 13 19:00:40 2009 (4A5BCAA8)
    fffff880`044a4000 fffff880`044c2000   i8042prt i8042prt.sys Mon Jul 13 18:19:57 2009 (4A5BC11D)
    fffff880`044c2000 fffff880`044d1000   mouclass mouclass.sys Mon Jul 13 18:19:50 2009 (4A5BC116)
    fffff880`044d1000 fffff880`044e7000   intelppm intelppm.sys Mon Jul 13 18:19:25 2009 (4A5BC0FD)
    fffff880`044e7000 fffff880`044f7000   CompositeBus CompositeBus.sys Sat Nov 20 04:33:17 2010 (4CE7A3ED)
    fffff880`044f7000 fffff880`044ff600   mcvidrv_x64 mcvidrv_x64.sys Tue Dec 13 23:44:59 2011 (4EE837DB)
    fffff880`04500000 fffff880`04510d00   STREAM   STREAM.SYS   Mon Jul 13 19:06:18 2009 (4A5BCBFA)
    fffff880`04511000 fffff880`04554000   ks       ks.sys       Sat Nov 20 04:33:23 2010 (4CE7A3F3)
    fffff880`04554000 fffff880`04559200   ksthunk  ksthunk.sys  Mon Jul 13 19:00:19 2009 (4A5BCA93)
    fffff880`0455a000 fffff880`04566000   mcaudrv_x64 mcaudrv_x64.sys Sun Jan 29 00:54:55 2012 (4F24ED3F)
    fffff880`04566000 fffff880`045a3000   portcls  portcls.sys  Mon Jul 13 19:06:27 2009 (4A5BCC03)
    fffff880`045a3000 fffff880`045c5000   drmk     drmk.sys     Mon Jul 13 20:01:25 2009 (4A5BD8E5)
    fffff880`045c5000 fffff880`045db000   AgileVpn AgileVpn.sys Mon Jul 13 19:10:24 2009 (4A5BCCF0)
    fffff880`045db000 fffff880`045ff000   rasl2tp  rasl2tp.sys  Sat Nov 20 04:52:34 2010 (4CE7A872)
    fffff880`04600000 fffff880`04623000   luafv    luafv.sys    Mon Jul 13 18:26:13 2009 (4A5BC295)
    fffff880`04623000 fffff880`04665000   FileMonitor FileMonitor.sys Thu Jan 05 04:03:38 2012 (4F05757A)
    fffff880`04693000 fffff880`046cf880   mcdbus   mcdbus.sys   Tue Feb 24 04:34:07 2009 (49A3CD1F)
    fffff880`046d0000 fffff880`046d1480   swenum   swenum.sys   Mon Jul 13 19:00:18 2009 (4A5BCA92)
    fffff880`046d2000 fffff880`046e4000   umbus    umbus.sys    Sat Nov 20 04:44:37 2010 (4CE7A695)
    fffff880`046e4000 fffff880`0473e000   usbhub   usbhub.sys   Thu Mar 24 22:29:25 2011 (4D8C0C15)
    fffff880`0473e000 fffff880`04753000   NDProxy  NDProxy.SYS  Sat Nov 20 04:52:20 2010 (4CE7A864)
    fffff880`04753000 fffff880`0475f000   dump_ataport dump_ataport.sys Mon Jul 13 18:19:47 2009 (4A5BC113)
    fffff880`0475f000 fffff880`04768000   dump_atapi dump_atapi.sys Mon Jul 13 18:19:47 2009 (4A5BC113)
    fffff880`04768000 fffff880`0477b000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 18:21:51 2009 (4A5BC18F)
    fffff880`0477b000 fffff880`04787000   Dxapi    Dxapi.sys    Mon Jul 13 18:38:28 2009 (4A5BC574)
    fffff880`04787000 fffff880`047a4000   usbccgp  usbccgp.sys  Thu Mar 24 22:29:14 2011 (4D8C0C0A)
    fffff880`047a4000 fffff880`047a5f00   USBD     USBD.SYS     Thu Mar 24 22:28:59 2011 (4D8C0BFB)
    fffff880`047a6000 fffff880`047b4000   hidusb   hidusb.sys   Sat Nov 20 04:43:49 2010 (4CE7A665)
    fffff880`047b4000 fffff880`047cd000   HIDCLASS HIDCLASS.SYS Sat Nov 20 04:43:49 2010 (4CE7A665)
    fffff880`047cd000 fffff880`047d5080   HIDPARSE HIDPARSE.SYS Mon Jul 13 19:06:17 2009 (4A5BCBF9)
    fffff880`047d6000 fffff880`047e4000   kbdhid   kbdhid.sys   Sat Nov 20 04:33:25 2010 (4CE7A3F5)
    fffff880`047e4000 fffff880`047f2000   monitor  monitor.sys  Mon Jul 13 18:38:52 2009 (4A5BC58C)
    fffff880`04e00000 fffff880`04e1d000   cdfs     cdfs.sys     Mon Jul 13 18:19:46 2009 (4A5BC112)
    fffff880`04e1e000 fffff880`051f0b80   RTKVHD64 RTKVHD64.sys Tue Mar 27 04:01:50 2012 (4F7181FE)
    fffff880`051f1000 fffff880`051ff000   crashdmp crashdmp.sys Mon Jul 13 19:01:01 2009 (4A5BCABD)
    fffff880`0661f000 fffff880`06701000   eamonm   eamonm.sys   Tue Aug 02 04:33:29 2011 (4E37C469)
    fffff880`06701000 fffff880`06722000   WudfPf   WudfPf.sys   Sat Nov 20 04:42:44 2010 (4CE7A624)
    fffff880`06722000 fffff880`06753000   epfw     epfw.sys     Tue Jun 28 02:30:10 2011 (4E098302)
    fffff880`06753000 fffff880`0677e000   SbieDrv  SbieDrv.sys  Thu Mar 22 05:14:07 2012 (4F6AFB6F)
    fffff880`0677e000 fffff880`0678f000   vmnetbridge vmnetbridge.sys Fri Jul 08 02:44:44 2011 (4E16B56C)
    fffff880`0678f000 fffff880`06799000   VMNET    VMNET.SYS    Fri Jul 08 02:43:55 2011 (4E16B53B)
    fffff880`06799000 fffff880`067ae000   lltdio   lltdio.sys   Mon Jul 13 19:08:50 2009 (4A5BCC92)
    fffff880`067ae000 fffff880`067c6000   rspndr   rspndr.sys   Mon Jul 13 19:08:50 2009 (4A5BCC92)
    fffff880`067c6000 fffff880`067ee000   idmwfp   idmwfp.sys   Tue Feb 07 09:13:20 2012 (4F313F90)
    fffff880`06e00000 fffff880`06e4e000   mrxsmb10 mrxsmb10.sys Fri Jul 08 21:46:28 2011 (4E17C104)
    fffff880`06e4e000 fffff880`06e72000   mrxsmb20 mrxsmb20.sys Tue Apr 26 21:39:37 2011 (4DB781E9)
    fffff880`06e72000 fffff880`06e7e000   hcmon    hcmon.sys    Tue Aug 30 01:05:35 2011 (4E5C7DAF)
    fffff880`06e7e000 fffff880`06e89000   VMparport VMparport.sys Sun Nov 13 23:38:09 2011 (4EC0A941)
    fffff880`06e89000 fffff880`06e9b000   vmx86    vmx86.sys    Mon Nov 14 01:18:14 2011 (4EC0C0B6)
    fffff880`06e9b000 fffff880`06ea7000   npf      npf.sys      Fri Jun 25 11:50:58 2010 (4C24DE72)
    fffff880`06eb1000 fffff880`06f7a000   HTTP     HTTP.sys     Sat Nov 20 03:24:30 2010 (4CE793CE)
    fffff880`06f7a000 fffff880`06f98000   bowser   bowser.sys   Tue Feb 22 22:55:04 2011 (4D649328)
    fffff880`06f98000 fffff880`06fb0000   mpsdrv   mpsdrv.sys   Mon Jul 13 19:08:25 2009 (4A5BCC79)
    fffff880`06fb0000 fffff880`06fdd000   mrxsmb   mrxsmb.sys   Tue Apr 26 21:40:38 2011 (4DB78226)
    fffff880`08800000 fffff880`0880c000   vstor2_mntapi10_shared vstor2-mntapi10-shared.sys Fri Jul 08 17:31:49 2011 (4E178555)
    fffff880`0880c000 fffff880`08875000   srv2     srv2.sys     Thu Apr 28 22:05:46 2011 (4DBA2B0A)
    fffff880`0888e000 fffff880`08934000   peauth   peauth.sys   Mon Jul 13 20:01:19 2009 (4A5BD8DF)
    fffff880`08934000 fffff880`0893f000   secdrv   secdrv.SYS   Wed Sep 13 08:18:38 2006 (4508052E)
    fffff880`0893f000 fffff880`08970000   srvnet   srvnet.sys   Thu Apr 28 22:05:35 2011 (4DBA2AFF)
    fffff880`08970000 fffff880`08982000   tcpipreg tcpipreg.sys Sat Nov 20 04:51:48 2010 (4CE7A844)
    fffff880`08982000 fffff880`0898c000   vmnetuserif vmnetuserif.sys Sun Nov 13 23:56:43 2011 (4EC0AD9B)
    fffff880`0898c000 fffff880`089fd000   spsys    spsys.sys    Mon May 11 12:20:58 2009 (4A085E7A)
    fffff880`0a228000 fffff880`0a2c0000   srv      srv.sys      Thu Apr 28 22:06:06 2011 (4DBA2B1E)
    fffff880`0a2c0000 fffff880`0a2ef000   ipnat    ipnat.sys    Mon Jul 13 19:10:03 2009 (4A5BCCDB)
    fffff880`0a2ef000 fffff880`0a342000   nwifi    nwifi.sys    Mon Jul 13 19:07:23 2009 (4A5BCC3B)
    fffff880`0a342000 fffff880`0a355000   ndisuio  ndisuio.sys  Sat Nov 20 04:50:08 2010 (4CE7A7E0)
    fffff880`0a355000 fffff880`0a383000   rdpdr    rdpdr.sys    Sat Nov 20 05:06:41 2010 (4CE7ABC1)
    fffff880`0a383000 fffff880`0a38e000   tdtcp    tdtcp.sys    Thu Feb 16 22:57:32 2012 (4F3DDE3C)
    fffff880`0a38e000 fffff880`0a39d000   tssecsrv tssecsrv.sys Sat Nov 20 05:04:09 2010 (4CE7AB29)
    fffff880`0a39d000 fffff880`0a3d6000   RDPWD    RDPWD.SYS    Thu Feb 16 22:58:23 2012 (4F3DDE6F)
    fffff880`0a3d6000 fffff880`0a3e0000   mbam     mbam.sys     Tue Mar 20 11:04:48 2012 (4F68AAA0)
    fffff880`0a3e0000 fffff880`0a3eb000   regfilter regfilter.sys Fri Sep 16 04:12:03 2011 (4E7312E3)
    [COLOR=#ff0000][U][B]fffff880`0a3eb000 fffff880`0a3f4000   UrlFilter UrlFilter.sys Fri Sep 16 02:46:34 2011 (4E72FEDA)[/B][/U][/COLOR]  Normally associated with IObit Malware Fighter
    fffff880`0f200000 fffff880`0f257000   e1k62x64 e1k62x64.sys Wed Jul 20 11:58:22 2011 (4E27092E)
    fffff880`0f257000 fffff880`0f262000   rdpbus   rdpbus.sys   Mon Jul 13 19:17:46 2009 (4A5BCEAA)
    fffff880`0f265000 fffff880`0ff83000   nvlddmkm nvlddmkm.sys Wed Feb 29 12:04:52 2012 (4F4E68C4)
    fffff880`0ff83000 fffff880`0ffc9000   dxgmms1  dxgmms1.sys  Sat Nov 20 03:49:53 2010 (4CE799C1)
    fffff880`0ffc9000 fffff880`0ffda000   HECIx64  HECIx64.sys  Thu Sep 17 14:54:16 2009 (4AB293E8)
    fffff880`0ffda000 fffff880`0ffe6000   serenum  serenum.sys  Mon Jul 13 19:00:33 2009 (4A5BCAA1)
    fffff880`0ffe6000 fffff880`0fff7000   usbehci  usbehci.sys  Thu Mar 24 22:29:04 2011 (4D8C0C00)
    fffff960`000d0000 fffff960`003e5000   win32k   win32k.sys   Thu Feb 02 22:34:05 2012 (4F2B63BD)
    fffff960`00430000 fffff960`0043a000   TSDDD    TSDDD.dll    Mon Jul 13 19:16:34 2009 (4A5BCE62)
    fffff960`00610000 fffff960`00637000   cdd      cdd.dll      Sat Nov 20 06:55:34 2010 (4CE7C546)
    fffff960`00920000 fffff960`00981000   ATMFD    ATMFD.DLL    Sat Feb 19 03:00:32 2011 (4D5F86B0)
    Not sure how much more I can do to provide evidence that these drivers are still present on your system. If you believe that you have removed the assoicated programs then perhaps performing a search for, and renaming of the .sys file extension to .OLD, might help prevent the drivers from loading.
    Regards
    Randy
     
    1 person likes this.

Share This Page

Loading...