Please Help Major BSOD affectiong most Windows 7 systems in company


  1. EvoBora
    Posts : 2
    Windows 7 32bit Proffessional
       New #1

    Please Help Major BSOD affectiong most Windows 7 systems in company


    We have an issue that has developed over the last two weeks and slowely is affectiong all our windows 7 computers in the company. They will Randomly reboot with BSOD sometimes couple times a day and sometimes every time you login it blue screens. I have found if I login and remove network cable it won't crash at login. I have searched the logs but can't see anything pointing to the problem. I'm thinking it has to be caused by and update from our Symantec Endpoint Protection or SCCM servers, but the admins stated they didn't change anything. Windows 7 computers have been running fine for almost a year then two weeks ago they slowly started having this problem.

    Is Windows 7 Proffessional
    - x86 (32-bit)
    - Zipfile is from Unattended install of windows 7, but we are being affected on OEM installs too.
    - Both an OEM or Open License version depending on machine
    - Zip is from Dell 760 1 year old or so.
    - OS installed about a year ago. Dec 2009
    Last edited by EvoBora; 07 Oct 2010 at 22:44.
      My Computer
    Quote Quote

  3. usasma
    Posts : 5,705
    Win7 x64 + x86
       New #2

    First glance blames Symantec. Please do the following (try it on one or two systems to see if it works):
    Anti-Virus Removal:
    Please do the following:
    - download a free antivirus for testing purposes: Free AntiVirus
    - uninstall the Norton/Symantec from your system (you can reinstall it, if so desired, when we're done troubleshooting)
    - remove any remnants of Norton/Symantec using this free tool: KB Article Not Found
    - IMMEDIATELY install and update the free antivirus
    - check to see if this fixes the BSOD's
    Reinstall a fresh (and updated) copy of Norton/Symantec once you're sure that the problem is solved.

    Also, please remove or update these older drivers that were loaded at the time of the crash. Don't use Windows Update or the Update drivers function of Device Manager.
    Please use the following instructions to locate the most currently available drivers to replace the one's that you uninstall OR remove:
    How To Find Drivers:
    - I have listed links to most of the drivers in the code box below. Please use the links there to see what info I've found about those drivers.
    - search Google for the name of the driver
    - compare the Google results with what's installed on your system to figure out which device/program it belongs to
    - visit the web site of the manufacturer of the hardware/program to get the latest drivers (DON'T use Windows Update or the Update driver function of Device Manager).
    - if there are difficulties in locating them, post back with questions and someone will try and help you locate the appropriate program.
    - - The most common drivers are listed on this page: Driver Reference
    - - Driver manufacturer links are on this page: http://www.carrona.org/drvrdown.html

    Here's the older drivers (You can look them up here: Driver Reference ).
    Please pay particular attention to any dated 2008 or earlier:
    Code:
    
vmm.sys      Tue Feb 12 06:37:59 2008 (47B18517) - Virtual Machine Monitor driver -  Microsoft Virtual PC 2004 - http://www.carrona.org/dvrref.html#vmm.sys
 e1k6032.sys  Tue Oct 21 15:47:28 2008 (48FE31D0) - Intel Gigabit Adapter NDIS 6.x driver - http://www.carrona.org/dvrref.html#e1k6032.sys
 VMNetSrv.sys Wed Jan 16 06:51:44 2008 (478DEFD0) -  Microsoft Virtual Machine Network  Services Driver - http://www.carrona.org/dvrref.html#VMNetSrv.sys
    I'll first give you the summary of the BSOD's, then there'll be a longer listing with the entire text of one of the BSOD analysis' (I'll highlight the Symantec stuff in RED)

    BSOD BUGCHECK SUMMARY
    Code:
    
Built by: 7600.16617.x86fre.win7_gdr.100618-1621
Debug session time: Wed Oct  6 17:14:48.739 2010 (UTC - 4:00)
System Uptime: 0 days 0:03:06.108
*** WARNING: Unable to verify timestamp for SYMEVENT.SYS
*** ERROR: Module load completed but symbols could not be loaded for SYMEVENT.SYS
PROCESS_NAME:  WerFault.exe
BUGCHECK_STR:  0xF4_WerFault.exe
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
Bugcheck code 000000F4
Arguments 00000003 86c9d1c0 86c9d32c 82a35dd0
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16617.x86fre.win7_gdr.100618-1621
Debug session time: Wed Oct  6 16:51:39.562 2010 (UTC - 4:00)
System Uptime: 0 days 0:03:16.232
*** WARNING: Unable to verify timestamp for SYMEVENT.SYS
*** ERROR: Module load completed but symbols could not be loaded for SYMEVENT.SYS
PROCESS_NAME:  WerFault.exe
BUGCHECK_STR:  0xF4_WerFault.exe
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
Bugcheck code 000000F4
Arguments 00000003 86b03530 86b0369c 82a71dd0
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16617.x86fre.win7_gdr.100618-1621
Debug session time: Wed Oct  6 16:45:15.897 2010 (UTC - 4:00)
System Uptime: 0 days 0:03:23.299
*** WARNING: Unable to verify timestamp for SYMEVENT.SYS
*** ERROR: Module load completed but symbols could not be loaded for SYMEVENT.SYS
PROCESS_NAME:  WerFault.exe
BUGCHECK_STR:  0xF4_WerFault.exe
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
Bugcheck code 000000F4
Arguments 00000003 86db9530 86db969c 82a42dd0
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16617.x86fre.win7_gdr.100618-1621
Debug session time: Wed Oct  6 16:41:30.724 2010 (UTC - 4:00)
System Uptime: 0 days 0:03:16.435
*** WARNING: Unable to verify timestamp for SYMEVENT.SYS
*** ERROR: Module load completed but symbols could not be loaded for SYMEVENT.SYS
PROCESS_NAME:  WerFault.exe
BUGCHECK_STR:  0xF4_WerFault.exe
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
Bugcheck code 000000F4
Arguments 00000003 86d81530 86d8169c 82a32dd0
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16617.x86fre.win7_gdr.100618-1621
Debug session time: Wed Oct  6 16:37:45.901 2010 (UTC - 4:00)
System Uptime: 0 days 0:03:25.347
*** WARNING: Unable to verify timestamp for SYMEVENT.SYS
*** ERROR: Module load completed but symbols could not be loaded for SYMEVENT.SYS
PROCESS_NAME:  WerFault.exe
BUGCHECK_STR:  0xF4_WerFault.exe
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
Bugcheck code 000000F4
Arguments 00000003 86d26570 86d266dc 82a37dd0
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16617.x86fre.win7_gdr.100618-1621
Debug session time: Wed Oct  6 16:33:37.458 2010 (UTC - 4:00)
System Uptime: 1 days 0:00:42.650
*** WARNING: Unable to verify timestamp for SYMEVENT.SYS
*** ERROR: Module load completed but symbols could not be loaded for SYMEVENT.SYS
PROCESS_NAME:  WerFault.exe
BUGCHECK_STR:  0xF4_WerFault.exe
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
Bugcheck code 000000F4
Arguments 00000003 86978530 8697869c 82a2fdd0
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16617.x86fre.win7_gdr.100618-1621
Debug session time: Tue Oct  5 16:32:01.380 2010 (UTC - 4:00)
System Uptime: 0 days 23:56:23.636
*** WARNING: Unable to verify timestamp for SYMEVENT.SYS
*** ERROR: Module load completed but symbols could not be loaded for SYMEVENT.SYS
PROCESS_NAME:  WerFault.exe
BUGCHECK_STR:  0xF4_WerFault.exe
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
Bugcheck code 000000F4
Arguments 00000003 85f53958 85f53ac4 82a6edd0
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16617.x86fre.win7_gdr.100618-1621
Debug session time: Mon Oct  4 16:34:47.316 2010 (UTC - 4:00)
System Uptime: 0 days 23:57:16.430
*** WARNING: Unable to verify timestamp for SYMEVENT.SYS
*** ERROR: Module load completed but symbols could not be loaded for SYMEVENT.SYS
PROCESS_NAME:  WerFault.exe
BUGCHECK_STR:  0xF4_WerFault.exe
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
Bugcheck code 000000F4
Arguments 00000003 86e87ab8 86e87c24 82a67dd0
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16617.x86fre.win7_gdr.100618-1621
Debug session time: Sun Oct  3 16:36:38.168 2010 (UTC - 4:00)
System Uptime: 0 days 0:03:51.988
*** WARNING: Unable to verify timestamp for SYMEVENT.SYS
*** ERROR: Module load completed but symbols could not be loaded for SYMEVENT.SYS
PROCESS_NAME:  WerFault.exe
BUGCHECK_STR:  0xF4_WerFault.exe
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
Bugcheck code 000000F4
Arguments 00000003 86c64aa0 86c64c0c 82a31dd0
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16617.x86fre.win7_gdr.100618-1621
Debug session time: Sun Oct  3 16:31:59.674 2010 (UTC - 4:00)
System Uptime: 0 days 23:57:33.487
*** WARNING: Unable to verify timestamp for SYMEVENT.SYS
*** ERROR: Module load completed but symbols could not be loaded for SYMEVENT.SYS
PROCESS_NAME:  WerFault.exe
BUGCHECK_STR:  0xF4_WerFault.exe
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
Bugcheck code 000000F4
Arguments 00000003 86ea1cf8 86ea1e64 82a77dd0
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16617.x86fre.win7_gdr.100618-1621
Debug session time: Sat Oct  2 16:33:35.807 2010 (UTC - 4:00)
System Uptime: 0 days 22:19:12.433
*** WARNING: Unable to verify timestamp for SYMEVENT.SYS
*** ERROR: Module load completed but symbols could not be loaded for SYMEVENT.SYS
PROCESS_NAME:  WerFault.exe
BUGCHECK_STR:  0xF4_WerFault.exe
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
Bugcheck code 000000F4
Arguments 00000003 86a6ca08 86a6cb74 82a3edd0
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16617.x86fre.win7_gdr.100618-1621
Debug session time: Fri Oct  1 18:13:34.060 2010 (UTC - 4:00)
System Uptime: 0 days 0:03:39.851
*** WARNING: Unable to verify timestamp for SYMEVENT.SYS
*** ERROR: Module load completed but symbols could not be loaded for SYMEVENT.SYS
PROCESS_NAME:  WerFault.exe
BUGCHECK_STR:  0xF4_WerFault.exe
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
Bugcheck code 000000F4
Arguments 00000003 86b0ccf8 86b0ce64 82a63dd0
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16617.x86fre.win7_gdr.100618-1621
Debug session time: Fri Oct  1 18:09:05.089 2010 (UTC - 4:00)
System Uptime: 0 days 0:03:36.824
*** WARNING: Unable to verify timestamp for SYMEVENT.SYS
*** ERROR: Module load completed but symbols could not be loaded for SYMEVENT.SYS
PROCESS_NAME:  WerFault.exe
BUGCHECK_STR:  0xF4_WerFault.exe
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
Bugcheck code 000000F4
Arguments 00000003 86d4dc48 86d4ddb4 82a33dd0
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
Built by: 7600.16617.x86fre.win7_gdr.100618-1621
Debug session time: Fri Oct  1 18:04:39.604 2010 (UTC - 4:00)
System Uptime: 0 days 0:04:11.503
*** WARNING: Unable to verify timestamp for SYMEVENT.SYS
*** ERROR: Module load completed but symbols could not be loaded for SYMEVENT.SYS
PROCESS_NAME:  WerFault.exe
BUGCHECK_STR:  0xF4_WerFault.exe
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
Bugcheck code 000000F4
Arguments 00000003 86a599f0 86a59b5c 82a73dd0
ииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииииии``
    As you'll see in the following stuff, SYMEVENT.SYS is the only 3rd party driver involved in the stack text of the BSOD memory dump. As such it's the primary suspect (since we assume that Windows is OK until proven otherwise - and that Windows has the System File Checker to ensure that it's drivers aren't corrupted. The "nt" is the kernel (core) of the OS. Most often referred to as ntoskrnl.exe, it's actually one of several different drivers that are installed depending on the system architecture (in this case, on your system, it's ntkrpamp.exe).

    Code:
    Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\FUBAR\_jcgriff2_\dbug\__Kernel__\100610-31481-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.x86fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0x8280d000 PsLoadedModuleList = 0x82955810
Debug session time: Wed Oct  6 17:14:48.739 2010 (UTC - 4:00)
System Uptime: 0 days 0:03:06.108
Loading Kernel Symbols
...............................................................
................................................................
..................................
Loading User Symbols
Loading unloaded module list
....
0: kd> !analyze -v;r;kv;lmtn;lmtsmn;.bugcheck;.logclose;q
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

CRITICAL_OBJECT_TERMINATION (f4)
A process or thread crucial to system operation has unexpectedly exited or been
terminated.
Several processes and threads are necessary for the operation of the
system; when they are terminated (for any reason), the system can no
longer function.
Arguments:
Arg1: 00000003, Process
Arg2: 86c9d1c0, Terminating object
Arg3: 86c9d32c, Process image file name
Arg4: 82a35dd0, Explanatory message (ascii)

Debugging Details:
------------------

*** WARNING: Unable to verify timestamp for SYMEVENT.SYS
*** ERROR: Module load completed but symbols could not be loaded for SYMEVENT.SYS

PROCESS_OBJECT: 86c9d1c0

DEBUG_FLR_IMAGE_TIMESTAMP:  0

MODULE_NAME: wininit

FAULTING_MODULE: 00000000 

PROCESS_NAME:  WerFault.exe

BUGCHECK_STR:  0xF4_WerFault.exe

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from 82ae90d7 to 828e9d10

STACK_TEXT:  
9d25fc18 82ae90d7 000000f4 00000003 86c9d1c0 nt!KeBugCheckEx+0x1e
9d25fc3c 82a6ced2 82a35dd0 86c9d32c 86c9d430 nt!PspCatchCriticalBreak+0x71
9d25fc6c 82a6ed6f 86c9d1c0 85213730 000000ff nt!PspTerminateAllThreads+0x2d
9d25fca0 903d7449 00000084 000000ff 861d2a40 nt!NtTerminateProcess+0x1a2
WARNING: Stack unwind information not available. Following frames may be wrong.
9d25fd24 8285044a 00000084 000000ff 0024e394 SYMEVENT+0x14449
9d25fd24 0024f118 00000084 000000ff 0024e394 nt!KiFastCallEntry+0x12a
9d25fd94 00000000 779a64f4 0000001b 00000246 0x24f118


STACK_COMMAND:  kb

FOLLOWUP_NAME:  MachineOwner

IMAGE_NAME:  wininit.exe

FAILURE_BUCKET_ID:  0xF4_WerFault.exe_IMAGE_wininit.exe

BUCKET_ID:  0xF4_WerFault.exe_IMAGE_wininit.exe

Followup: MachineOwner
---------

eax=8294417c ebx=86c9d100 ecx=00000000 edx=00000000 esi=82936d20 edi=00000000
eip=828e9d10 esp=9d25fc00 ebp=9d25fc18 iopl=0         nv up ei pl nz na po nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00000202
nt!KeBugCheckEx+0x1e:
828e9d10 cc              int     3
ChildEBP RetAddr  Args to Child              
9d25fc18 82ae90d7 000000f4 00000003 86c9d1c0 nt!KeBugCheckEx+0x1e
9d25fc3c 82a6ced2 82a35dd0 86c9d32c 86c9d430 nt!PspCatchCriticalBreak+0x71
9d25fc6c 82a6ed6f 86c9d1c0 85213730 000000ff nt!PspTerminateAllThreads+0x2d
9d25fca0 903d7449 00000084 000000ff 861d2a40 nt!NtTerminateProcess+0x1a2
WARNING: Stack unwind information not available. Following frames may be wrong.
9d25fd24 8285044a 00000084 000000ff 0024e394 SYMEVENT+0x14449
9d25fd24 0024f118 00000084 000000ff 0024e394 nt!KiFastCallEntry+0x12a (FPO: [0,3] TrapFrame @ 9d25fd24)
9d25fd94 00000000 779a64f4 0000001b 00000246 0x24f118
start    end        module name
80b9d000 80ba5000   kdcom    kdcom.dll    Mon Jul 13 21:08:58 2009 (4A5BDAAA)
8280d000 82c1d000   nt       ntkrpamp.exe Fri Jun 18 23:55:24 2010 (4C1C3FAC)
82c1d000 82c54000   hal      halmacpi.dll Mon Jul 13 19:11:03 2009 (4A5BBF07)
82e06000 82e7e000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 21:06:41 2009 (4A5BDA21)
82e7e000 82e8f000   PSHED    PSHED.dll    Mon Jul 13 21:09:36 2009 (4A5BDAD0)
82e8f000 82e97000   BOOTVID  BOOTVID.dll  Mon Jul 13 21:04:34 2009 (4A5BD9A2)
82e97000 82ed9000   CLFS     CLFS.SYS     Mon Jul 13 19:11:10 2009 (4A5BBF0E)
82ed9000 82f84000   CI       CI.dll       Mon Jul 13 21:09:28 2009 (4A5BDAC8)
82f84000 82ff5000   Wdf01000 Wdf01000.sys Mon Jul 13 19:11:36 2009 (4A5BBF28)
8aa00000 8aa0e000   Npfs     Npfs.SYS     Mon Jul 13 19:11:31 2009 (4A5BBF23)
8aa0e000 8aa25000   tdx      tdx.sys      Mon Jul 13 19:12:10 2009 (4A5BBF4A)
8aa25000 8aa30000   TDI      TDI.SYS      Mon Jul 13 19:12:12 2009 (4A5BBF4C)
8aa30000 8aa3e000   WDFLDR   WDFLDR.SYS   Mon Jul 13 19:11:25 2009 (4A5BBF1D)
8aa3e000 8aa86000   ACPI     ACPI.sys     Mon Jul 13 19:11:11 2009 (4A5BBF0F)
8aa86000 8aa8f000   WMILIB   WMILIB.SYS   Mon Jul 13 19:11:22 2009 (4A5BBF1A)
8aa8f000 8aa97000   msisadrv msisadrv.sys Mon Jul 13 19:11:09 2009 (4A5BBF0D)
8aa97000 8aac1000   pci      pci.sys      Mon Jul 13 19:11:16 2009 (4A5BBF14)
8aac1000 8aacc000   vdrvroot vdrvroot.sys Mon Jul 13 19:46:19 2009 (4A5BC74B)
8aacc000 8aadd000   partmgr  partmgr.sys  Mon Jul 13 19:11:35 2009 (4A5BBF27)
8aadd000 8aaed000   volmgr   volmgr.sys   Mon Jul 13 19:11:25 2009 (4A5BBF1D)
8aaed000 8ab38000   volmgrx  volmgrx.sys  Mon Jul 13 19:11:41 2009 (4A5BBF2D)
8ab38000 8ab3f000   pciide   pciide.sys   Mon Jul 13 19:11:19 2009 (4A5BBF17)
8ab3f000 8ab4d000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:11:15 2009 (4A5BBF13)
8ab4d000 8ab63000   mountmgr mountmgr.sys Mon Jul 13 19:11:27 2009 (4A5BBF1F)
8ab63000 8ab6c000   atapi    atapi.sys    Mon Jul 13 19:11:15 2009 (4A5BBF13)
8ab6c000 8ab8f000   ataport  ataport.SYS  Mon Jul 13 19:11:18 2009 (4A5BBF16)
8ab8f000 8ab98000   amdxata  amdxata.sys  Tue May 19 13:57:35 2009 (4A12F30F)
8ab98000 8abcc000   fltmgr   fltmgr.sys   Mon Jul 13 19:11:13 2009 (4A5BBF11)
8abcc000 8abdd000   fileinfo fileinfo.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
8abdd000 8abfe000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:25:49 2009 (4A5BC27D)
8ac00000 8ac1f000   cdrom    cdrom.sys    Mon Jul 13 19:11:24 2009 (4A5BBF1C)
8ac1f000 8ac2c000   watchdog watchdog.sys Mon Jul 13 19:24:10 2009 (4A5BC21A)
8ac2c000 8ac34000   rdpencdd rdpencdd.sys Mon Jul 13 20:01:39 2009 (4A5BCAE3)
8ac3a000 8ad69000   Ntfs     Ntfs.sys     Mon Jul 13 19:12:05 2009 (4A5BBF45)
8ad69000 8ad94000   msrpc    msrpc.sys    Mon Jul 13 19:11:59 2009 (4A5BBF3F)
8ad94000 8ada7000   ksecdd   ksecdd.sys   Mon Jul 13 19:11:56 2009 (4A5BBF3C)
8ada7000 8adcc000   CLASSPNP CLASSPNP.SYS Mon Jul 13 19:11:20 2009 (4A5BBF18)
8ade8000 8adf0000   rdprefmp rdprefmp.sys Mon Jul 13 20:01:41 2009 (4A5BCAE5)
8adf0000 8adfb000   Msfs     Msfs.SYS     Mon Jul 13 19:11:26 2009 (4A5BBF1E)
8ae16000 8ae73000   cng      cng.sys      Mon Jul 13 19:32:55 2009 (4A5BC427)
8ae73000 8ae81000   pcw      pcw.sys      Mon Jul 13 19:11:10 2009 (4A5BBF0E)
8ae81000 8ae8a000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 19:11:14 2009 (4A5BBF12)
8ae8a000 8af41000   ndis     ndis.sys     Mon Jul 13 19:12:24 2009 (4A5BBF58)
8af41000 8af7f000   NETIO    NETIO.SYS    Mon Jul 13 19:12:35 2009 (4A5BBF63)
8af7f000 8afa4000   ksecpkg  ksecpkg.sys  Thu Dec 10 23:04:22 2009 (4B21C4C6)
8afa4000 8afb4000   mup      mup.sys      Mon Jul 13 19:14:14 2009 (4A5BBFC6)
8afb4000 8afe6000   fvevol   fvevol.sys   Fri Sep 25 22:24:21 2009 (4ABD7B55)
8afe6000 8aff7000   disk     disk.sys     Mon Jul 13 19:11:28 2009 (4A5BBF20)
8aff7000 8afff000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:01:40 2009 (4A5BCAE4)
8b000000 8b149000   tcpip    tcpip.sys    Sun Jun 13 23:36:59 2010 (4C15A3DB)
8b149000 8b17a000   fwpkclnt fwpkclnt.sys Mon Jul 13 19:12:03 2009 (4A5BBF43)
8b17a000 8b182380   vmstorfl vmstorfl.sys Mon Jul 13 19:28:44 2009 (4A5BC32C)
8b183000 8b1c2000   volsnap  volsnap.sys  Mon Jul 13 19:11:34 2009 (4A5BBF26)
8b1c2000 8b1ca000   spldr    spldr.sys    Mon May 11 12:13:47 2009 (4A084EBB)
8b1ca000 8b1f7000   rdyboost rdyboost.sys Mon Jul 13 19:22:02 2009 (4A5BC19A)
8b1f7000 8b1ff000   hwpolicy hwpolicy.sys Mon Jul 13 19:11:01 2009 (4A5BBF05)
90200000 90209080   SRTSPX   SRTSPX.SYS   Mon Aug 10 23:20:44 2009 (4A80E38C)
9020a000 90211000   Null     Null.SYS     Mon Jul 13 19:11:12 2009 (4A5BBF10)
90211000 90218000   Beep     Beep.SYS     Mon Jul 13 19:45:00 2009 (4A5BC6FC)
90218000 90224000   vga      vga.sys      Mon Jul 13 19:25:50 2009 (4A5BC27E)
9022b000 90275000   SRTSP    SRTSP.SYS    Mon Aug 10 23:20:28 2009 (4A80E37C)
90275000 903c2200   NAVEX15  NAVEX15.SYS  Wed Sep 15 06:29:29 2010 (4C90A009)
903c3000 903e8000   SYMEVENT SYMEVENT.SYS Wed Jun 24 16:14:58 2009 (4A428942)
903e8000 903fb600   NAVENG   NAVENG.SYS   Wed Sep 15 06:21:19 2010 (4C909E1F)
90a1c000 90a48480   SYMTDI   SYMTDI.SYS   Wed Jun 17 17:11:02 2009 (4A395BE6)
90a49000 90a57000   wpsdrvnt wpsdrvnt.sys Thu Sep 17 20:35:48 2009 (4AB2D5E4)
90a57000 90ab1000   afd      afd.sys      Mon Jul 13 19:12:34 2009 (4A5BBF62)
90ab1000 90ae3000   netbt    netbt.sys    Mon Jul 13 19:12:18 2009 (4A5BBF52)
90ae3000 90aea000   wfplwf   wfplwf.sys   Mon Jul 13 19:53:51 2009 (4A5BC90F)
90aea000 90b09000   pacer    pacer.sys    Mon Jul 13 19:53:58 2009 (4A5BC916)
90b09000 90b17000   netbios  netbios.sys  Mon Jul 13 19:53:54 2009 (4A5BC912)
90b17000 90b31000   serial   serial.sys   Mon Jul 13 19:45:33 2009 (4A5BC71D)
90b31000 90b44000   wanarp   wanarp.sys   Mon Jul 13 19:55:02 2009 (4A5BC956)
90b44000 90b7f000   vmm      vmm.sys      Tue Feb 12 06:37:59 2008 (47B18517)
90b7f000 90b8f000   termdd   termdd.sys   Mon Jul 13 20:01:35 2009 (4A5BCADF)
90b8f000 90bac000   SysPlant SysPlant.sys Thu Sep 17 20:34:42 2009 (4AB2D5A2)
90bac000 90bbe000   intelppm intelppm.sys Mon Jul 13 19:11:03 2009 (4A5BBF07)
90bbe000 90bc8000   serenum  serenum.sys  Mon Jul 13 19:45:27 2009 (4A5BC717)
90bc8000 90bf4000   e1k6032  e1k6032.sys  Tue Oct 21 15:47:28 2008 (48FE31D0)
90bf4000 90bff000   usbuhci  usbuhci.sys  Mon Jul 13 19:51:10 2009 (4A5BC86E)
95000000 9506a000   SPBBCDrv SPBBCDrv.sys Sat Aug 08 21:37:14 2009 (4A7E284A)
9506a000 950ab000   rdbss    rdbss.sys    Mon Jul 13 19:14:26 2009 (4A5BBFD2)
950ab000 950b5000   nsiproxy nsiproxy.sys Mon Jul 13 19:12:08 2009 (4A5BBF48)
950b5000 950bf000   mssmbios mssmbios.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD)
950bf000 9511d000   eeCtrl   eeCtrl.sys   Fri May 21 17:44:53 2010 (4BF6FED5)
9511d000 9513a000   EraserUtilRebootDrv EraserUtilRebootDrv.sys Fri May 21 17:44:53 2010 (4BF6FED5)
9513a000 95146000   discache discache.sys Mon Jul 13 19:24:04 2009 (4A5BC214)
95146000 951aa000   csc      csc.sys      Mon Jul 13 19:15:08 2009 (4A5BBFFC)
951aa000 951c2000   dfsc     dfsc.sys     Mon Jul 13 19:14:16 2009 (4A5BBFC8)
951c2000 951d0000   blbdrive blbdrive.sys Mon Jul 13 19:23:04 2009 (4A5BC1D8)
951d0000 951f1000   tunnel   tunnel.sys   Mon Jul 13 19:54:03 2009 (4A5BC91B)
951f1000 951fa000   wmiacpi  wmiacpi.sys  Mon Jul 13 19:19:16 2009 (4A5BC0F4)
96200000 96221000   srvnet   srvnet.sys   Mon Jun 21 22:47:09 2010 (4C20242D)
96221000 9622e000   tcpipreg tcpipreg.sys Mon Jul 13 19:54:14 2009 (4A5BC926)
9622f000 962b4000   HTTP     HTTP.sys     Mon Jul 13 19:12:53 2009 (4A5BBF75)
962b4000 962cd000   bowser   bowser.sys   Mon Jul 13 19:14:21 2009 (4A5BBFCD)
962cd000 962df000   mpsdrv   mpsdrv.sys   Mon Jul 13 19:52:52 2009 (4A5BC8D4)
962df000 96302000   mrxsmb   mrxsmb.sys   Sat Feb 27 02:32:02 2010 (4B88CA72)
96302000 9633d000   mrxsmb10 mrxsmb10.sys Sat Feb 27 02:32:21 2010 (4B88CA85)
9633d000 96358000   mrxsmb20 mrxsmb20.sys Sat Feb 27 02:32:11 2010 (4B88CA7B)
96358000 9635f000   parvdm   parvdm.sys   Mon Jul 13 19:45:29 2009 (4A5BC719)
9635f000 963f6000   peauth   peauth.sys   Mon Jul 13 20:35:44 2009 (4A5BD2E0)
963f6000 96400000   secdrv   secdrv.SYS   Wed Sep 13 09:18:32 2006 (45080528)
96400000 96439000   dxgmms1  dxgmms1.sys  Mon Jul 13 19:25:25 2009 (4A5BC265)
9643d000 9693a000   igdkmd32 igdkmd32.sys Wed May 06 14:13:40 2009 (4A01D354)
9693a000 969f1000   dxgkrnl  dxgkrnl.sys  Thu Oct 01 20:48:33 2009 (4AC54DE1)
969f1000 969faf80   HECI     HECI.sys     Tue Jun 23 16:28:10 2009 (4A413ADA)
9a400000 9a427a80   WpsHelper WpsHelper.sys Thu Sep 02 21:14:42 2010 (4C804C02)
9a42a000 9a475000   USBPORT  USBPORT.SYS  Mon Jul 13 19:51:13 2009 (4A5BC871)
9a475000 9a484000   usbehci  usbehci.sys  Mon Jul 13 19:51:14 2009 (4A5BC872)
9a484000 9a4a3000   HDAudBus HDAudBus.sys Mon Jul 13 19:50:55 2009 (4A5BC85F)
9a4a3000 9a4bb000   parport  parport.sys  Mon Jul 13 19:45:34 2009 (4A5BC71E)
9a4bb000 9a4cc000   VMNetSrv VMNetSrv.sys Wed Jan 16 06:51:44 2008 (478DEFD0)
9a4cc000 9a4d9000   CompositeBus CompositeBus.sys Mon Jul 13 19:45:26 2009 (4A5BC716)
9a4d9000 9a4eb000   AgileVpn AgileVpn.sys Mon Jul 13 19:55:00 2009 (4A5BC954)
9a4eb000 9a503000   rasl2tp  rasl2tp.sys  Mon Jul 13 19:54:33 2009 (4A5BC939)
9a503000 9a50e000   ndistapi ndistapi.sys Mon Jul 13 19:54:24 2009 (4A5BC930)
9a50e000 9a530000   ndiswan  ndiswan.sys  Mon Jul 13 19:54:34 2009 (4A5BC93A)
9a530000 9a548000   raspppoe raspppoe.sys Mon Jul 13 19:54:53 2009 (4A5BC94D)
9a548000 9a55f000   raspptp  raspptp.sys  Mon Jul 13 19:54:47 2009 (4A5BC947)
9a55f000 9a576000   rassstp  rassstp.sys  Mon Jul 13 19:54:57 2009 (4A5BC951)
9a576000 9a580000   rdpbus   rdpbus.sys   Mon Jul 13 20:02:40 2009 (4A5BCB20)
9a580000 9a58d000   kbdclass kbdclass.sys Mon Jul 13 19:11:15 2009 (4A5BBF13)
9a58d000 9a59a000   mouclass mouclass.sys Mon Jul 13 19:11:15 2009 (4A5BBF13)
9a59a000 9a5b8000   teefer2  teefer2.sys  Wed May 13 15:25:46 2009 (4A0B1EBA)
9a5b8000 9a5b9380   swenum   swenum.sys   Mon Jul 13 19:45:08 2009 (4A5BC704)
9a5ba000 9a5ee000   ks       ks.sys       Mon Jul 13 19:45:13 2009 (4A5BC709)
9a5ee000 9a5fc000   umbus    umbus.sys    Mon Jul 13 19:51:38 2009 (4A5BC88A)
9a627000 9a66b000   usbhub   usbhub.sys   Mon Jul 13 19:52:06 2009 (4A5BC8A6)
9a66b000 9a67c000   NDProxy  NDProxy.SYS  Mon Jul 13 19:54:27 2009 (4A5BC933)
9a67c000 9a6cc000   HdAudio  HdAudio.sys  Mon Jul 13 19:51:46 2009 (4A5BC892)
9a6cc000 9a6fb000   portcls  portcls.sys  Mon Jul 13 19:51:00 2009 (4A5BC864)
9a6fb000 9a714000   drmk     drmk.sys     Mon Jul 13 20:36:05 2009 (4A5BD2F5)
9a714000 9a71e000   Dxapi    Dxapi.sys    Mon Jul 13 19:25:25 2009 (4A5BC265)
9a71e000 9a72b000   crashdmp crashdmp.sys Mon Jul 13 19:45:50 2009 (4A5BC72E)
9a72b000 9a736000   dump_dumpata dump_dumpata.sys Mon Jul 13 19:11:16 2009 (4A5BBF14)
9a736000 9a73f000   dump_atapi dump_atapi.sys Mon Jul 13 19:11:15 2009 (4A5BBF13)
9a73f000 9a750000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:12:47 2009 (4A5BBF6F)
9a750000 9a75b000   monitor  monitor.sys  Mon Jul 13 19:25:58 2009 (4A5BC286)
9a75b000 9a766000   hidusb   hidusb.sys   Mon Jul 13 19:51:04 2009 (4A5BC868)
9a766000 9a779000   HIDCLASS HIDCLASS.SYS Mon Jul 13 19:51:01 2009 (4A5BC865)
9a779000 9a77f480   HIDPARSE HIDPARSE.SYS Mon Jul 13 19:50:59 2009 (4A5BC863)
9a780000 9a781700   USBD     USBD.SYS     Mon Jul 13 19:51:05 2009 (4A5BC869)
9a782000 9a78e000   kbdhid   kbdhid.sys   Mon Jul 13 19:45:09 2009 (4A5BC705)
9a78e000 9a799000   mouhid   mouhid.sys   Mon Jul 13 19:45:08 2009 (4A5BC704)
9a799000 9a7b4000   luafv    luafv.sys    Mon Jul 13 19:15:44 2009 (4A5BC020)
9a7b4000 9a7ce000   WudfPf   WudfPf.sys   Mon Jul 13 19:50:13 2009 (4A5BC835)
9a7ce000 9a7de000   lltdio   lltdio.sys   Mon Jul 13 19:53:18 2009 (4A5BC8EE)
9a7de000 9a7f1000   rspndr   rspndr.sys   Mon Jul 13 19:53:20 2009 (4A5BC8F0)
9ac60000 9aeaa000   win32k   win32k.sys   Sat Jun 19 00:06:50 2010 (4C1C425A)
9aec0000 9aec9000   TSDDD    TSDDD.dll    Mon Jul 13 20:01:40 2009 (4A5BCAE4)
9aef0000 9af0e000   cdd      cdd.dll      unavailable (00000000)
9d02e000 9d07d000   srv2     srv2.sys     Mon Jun 21 22:47:19 2010 (4C202437)
9d07d000 9d0ce000   srv      srv.sys      Mon Jun 21 22:47:32 2010 (4C202444)
9d0ce000 9d0f3000   rdpdr    rdpdr.sys    Mon Jul 13 20:02:56 2009 (4A5BCB30)
9d0f3000 9d0fd000   tdtcp    tdtcp.sys    Mon Jul 13 20:01:37 2009 (4A5BCAE1)
9d0fd000 9d10a000   tssecsrv tssecsrv.sys Mon Jul 13 20:01:50 2009 (4A5BCAEE)
9d10a000 9d13b000   RDPWD    RDPWD.SYS    Mon Jul 13 20:01:50 2009 (4A5BCAEE)
9d13b000 9d13fd00   SYMREDRV SYMREDRV.SYS Wed Jun 17 17:11:33 2009 (4A395C05)
9d140000 9d161000   mrxdav   mrxdav.sys   Mon Jul 13 19:14:25 2009 (4A5BBFD1)
9d161000 9d164a00   prepdrv  prepdrv.sys  Fri Sep 18 03:57:51 2009 (4AB33D7F)
9d165000 9d1cf000   spsys    spsys.sys    Mon May 11 12:37:10 2009 (4A085436)

Unloaded modules:
8ae00000 8ae0d000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000D000
8adcc000 8add7000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000B000
8ae0d000 8ae16000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00009000
8add7000 8ade8000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00011000
start    end        module name
8aa3e000 8aa86000   ACPI     ACPI.sys     Mon Jul 13 19:11:11 2009 (4A5BBF0F)
90a57000 90ab1000   afd      afd.sys      Mon Jul 13 19:12:34 2009 (4A5BBF62)
9a4d9000 9a4eb000   AgileVpn AgileVpn.sys Mon Jul 13 19:55:00 2009 (4A5BC954)
8ab8f000 8ab98000   amdxata  amdxata.sys  Tue May 19 13:57:35 2009 (4A12F30F)
8ab63000 8ab6c000   atapi    atapi.sys    Mon Jul 13 19:11:15 2009 (4A5BBF13)
8ab6c000 8ab8f000   ataport  ataport.SYS  Mon Jul 13 19:11:18 2009 (4A5BBF16)
90211000 90218000   Beep     Beep.SYS     Mon Jul 13 19:45:00 2009 (4A5BC6FC)
951c2000 951d0000   blbdrive blbdrive.sys Mon Jul 13 19:23:04 2009 (4A5BC1D8)
82e8f000 82e97000   BOOTVID  BOOTVID.dll  Mon Jul 13 21:04:34 2009 (4A5BD9A2)
962b4000 962cd000   bowser   bowser.sys   Mon Jul 13 19:14:21 2009 (4A5BBFCD)
9aef0000 9af0e000   cdd      cdd.dll      unavailable (00000000)
8ac00000 8ac1f000   cdrom    cdrom.sys    Mon Jul 13 19:11:24 2009 (4A5BBF1C)
82ed9000 82f84000   CI       CI.dll       Mon Jul 13 21:09:28 2009 (4A5BDAC8)
8ada7000 8adcc000   CLASSPNP CLASSPNP.SYS Mon Jul 13 19:11:20 2009 (4A5BBF18)
82e97000 82ed9000   CLFS     CLFS.SYS     Mon Jul 13 19:11:10 2009 (4A5BBF0E)
8ae16000 8ae73000   cng      cng.sys      Mon Jul 13 19:32:55 2009 (4A5BC427)
9a4cc000 9a4d9000   CompositeBus CompositeBus.sys Mon Jul 13 19:45:26 2009 (4A5BC716)
9a71e000 9a72b000   crashdmp crashdmp.sys Mon Jul 13 19:45:50 2009 (4A5BC72E)
95146000 951aa000   csc      csc.sys      Mon Jul 13 19:15:08 2009 (4A5BBFFC)
951aa000 951c2000   dfsc     dfsc.sys     Mon Jul 13 19:14:16 2009 (4A5BBFC8)
9513a000 95146000   discache discache.sys Mon Jul 13 19:24:04 2009 (4A5BC214)
8afe6000 8aff7000   disk     disk.sys     Mon Jul 13 19:11:28 2009 (4A5BBF20)
9a6fb000 9a714000   drmk     drmk.sys     Mon Jul 13 20:36:05 2009 (4A5BD2F5)
9a736000 9a73f000   dump_atapi dump_atapi.sys Mon Jul 13 19:11:15 2009 (4A5BBF13)
9a72b000 9a736000   dump_dumpata dump_dumpata.sys Mon Jul 13 19:11:16 2009 (4A5BBF14)
9a73f000 9a750000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:12:47 2009 (4A5BBF6F)
9a714000 9a71e000   Dxapi    Dxapi.sys    Mon Jul 13 19:25:25 2009 (4A5BC265)
9693a000 969f1000   dxgkrnl  dxgkrnl.sys  Thu Oct 01 20:48:33 2009 (4AC54DE1)
96400000 96439000   dxgmms1  dxgmms1.sys  Mon Jul 13 19:25:25 2009 (4A5BC265)
90bc8000 90bf4000   e1k6032  e1k6032.sys  Tue Oct 21 15:47:28 2008 (48FE31D0)
950bf000 9511d000   eeCtrl   eeCtrl.sys   Fri May 21 17:44:53 2010 (4BF6FED5)
9511d000 9513a000   EraserUtilRebootDrv EraserUtilRebootDrv.sys Fri May 21 17:44:53 2010 (4BF6FED5)
8abcc000 8abdd000   fileinfo fileinfo.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
8ab98000 8abcc000   fltmgr   fltmgr.sys   Mon Jul 13 19:11:13 2009 (4A5BBF11)
8ae81000 8ae8a000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 19:11:14 2009 (4A5BBF12)
8afb4000 8afe6000   fvevol   fvevol.sys   Fri Sep 25 22:24:21 2009 (4ABD7B55)
8b149000 8b17a000   fwpkclnt fwpkclnt.sys Mon Jul 13 19:12:03 2009 (4A5BBF43)
82c1d000 82c54000   hal      halmacpi.dll Mon Jul 13 19:11:03 2009 (4A5BBF07)
9a484000 9a4a3000   HDAudBus HDAudBus.sys Mon Jul 13 19:50:55 2009 (4A5BC85F)
9a67c000 9a6cc000   HdAudio  HdAudio.sys  Mon Jul 13 19:51:46 2009 (4A5BC892)
969f1000 969faf80   HECI     HECI.sys     Tue Jun 23 16:28:10 2009 (4A413ADA)
9a766000 9a779000   HIDCLASS HIDCLASS.SYS Mon Jul 13 19:51:01 2009 (4A5BC865)
9a779000 9a77f480   HIDPARSE HIDPARSE.SYS Mon Jul 13 19:50:59 2009 (4A5BC863)
9a75b000 9a766000   hidusb   hidusb.sys   Mon Jul 13 19:51:04 2009 (4A5BC868)
9622f000 962b4000   HTTP     HTTP.sys     Mon Jul 13 19:12:53 2009 (4A5BBF75)
8b1f7000 8b1ff000   hwpolicy hwpolicy.sys Mon Jul 13 19:11:01 2009 (4A5BBF05)
9643d000 9693a000   igdkmd32 igdkmd32.sys Wed May 06 14:13:40 2009 (4A01D354)
90bac000 90bbe000   intelppm intelppm.sys Mon Jul 13 19:11:03 2009 (4A5BBF07)
9a580000 9a58d000   kbdclass kbdclass.sys Mon Jul 13 19:11:15 2009 (4A5BBF13)
9a782000 9a78e000   kbdhid   kbdhid.sys   Mon Jul 13 19:45:09 2009 (4A5BC705)
80b9d000 80ba5000   kdcom    kdcom.dll    Mon Jul 13 21:08:58 2009 (4A5BDAAA)
9a5ba000 9a5ee000   ks       ks.sys       Mon Jul 13 19:45:13 2009 (4A5BC709)
8ad94000 8ada7000   ksecdd   ksecdd.sys   Mon Jul 13 19:11:56 2009 (4A5BBF3C)
8af7f000 8afa4000   ksecpkg  ksecpkg.sys  Thu Dec 10 23:04:22 2009 (4B21C4C6)
9a7ce000 9a7de000   lltdio   lltdio.sys   Mon Jul 13 19:53:18 2009 (4A5BC8EE)
9a799000 9a7b4000   luafv    luafv.sys    Mon Jul 13 19:15:44 2009 (4A5BC020)
82e06000 82e7e000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 21:06:41 2009 (4A5BDA21)
9a750000 9a75b000   monitor  monitor.sys  Mon Jul 13 19:25:58 2009 (4A5BC286)
9a58d000 9a59a000   mouclass mouclass.sys Mon Jul 13 19:11:15 2009 (4A5BBF13)
9a78e000 9a799000   mouhid   mouhid.sys   Mon Jul 13 19:45:08 2009 (4A5BC704)
8ab4d000 8ab63000   mountmgr mountmgr.sys Mon Jul 13 19:11:27 2009 (4A5BBF1F)
962cd000 962df000   mpsdrv   mpsdrv.sys   Mon Jul 13 19:52:52 2009 (4A5BC8D4)
9d140000 9d161000   mrxdav   mrxdav.sys   Mon Jul 13 19:14:25 2009 (4A5BBFD1)
962df000 96302000   mrxsmb   mrxsmb.sys   Sat Feb 27 02:32:02 2010 (4B88CA72)
96302000 9633d000   mrxsmb10 mrxsmb10.sys Sat Feb 27 02:32:21 2010 (4B88CA85)
9633d000 96358000   mrxsmb20 mrxsmb20.sys Sat Feb 27 02:32:11 2010 (4B88CA7B)
8adf0000 8adfb000   Msfs     Msfs.SYS     Mon Jul 13 19:11:26 2009 (4A5BBF1E)
8aa8f000 8aa97000   msisadrv msisadrv.sys Mon Jul 13 19:11:09 2009 (4A5BBF0D)
8ad69000 8ad94000   msrpc    msrpc.sys    Mon Jul 13 19:11:59 2009 (4A5BBF3F)
950b5000 950bf000   mssmbios mssmbios.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD)
8afa4000 8afb4000   mup      mup.sys      Mon Jul 13 19:14:14 2009 (4A5BBFC6)
903e8000 903fb600   NAVENG   NAVENG.SYS   Wed Sep 15 06:21:19 2010 (4C909E1F)
90275000 903c2200   NAVEX15  NAVEX15.SYS  Wed Sep 15 06:29:29 2010 (4C90A009)
8ae8a000 8af41000   ndis     ndis.sys     Mon Jul 13 19:12:24 2009 (4A5BBF58)
9a503000 9a50e000   ndistapi ndistapi.sys Mon Jul 13 19:54:24 2009 (4A5BC930)
9a50e000 9a530000   ndiswan  ndiswan.sys  Mon Jul 13 19:54:34 2009 (4A5BC93A)
9a66b000 9a67c000   NDProxy  NDProxy.SYS  Mon Jul 13 19:54:27 2009 (4A5BC933)
90b09000 90b17000   netbios  netbios.sys  Mon Jul 13 19:53:54 2009 (4A5BC912)
90ab1000 90ae3000   netbt    netbt.sys    Mon Jul 13 19:12:18 2009 (4A5BBF52)
8af41000 8af7f000   NETIO    NETIO.SYS    Mon Jul 13 19:12:35 2009 (4A5BBF63)
8aa00000 8aa0e000   Npfs     Npfs.SYS     Mon Jul 13 19:11:31 2009 (4A5BBF23)
950ab000 950b5000   nsiproxy nsiproxy.sys Mon Jul 13 19:12:08 2009 (4A5BBF48)
8280d000 82c1d000   nt       ntkrpamp.exe Fri Jun 18 23:55:24 2010 (4C1C3FAC)
8ac3a000 8ad69000   Ntfs     Ntfs.sys     Mon Jul 13 19:12:05 2009 (4A5BBF45)
9020a000 90211000   Null     Null.SYS     Mon Jul 13 19:11:12 2009 (4A5BBF10)
90aea000 90b09000   pacer    pacer.sys    Mon Jul 13 19:53:58 2009 (4A5BC916)
9a4a3000 9a4bb000   parport  parport.sys  Mon Jul 13 19:45:34 2009 (4A5BC71E)
8aacc000 8aadd000   partmgr  partmgr.sys  Mon Jul 13 19:11:35 2009 (4A5BBF27)
96358000 9635f000   parvdm   parvdm.sys   Mon Jul 13 19:45:29 2009 (4A5BC719)
8aa97000 8aac1000   pci      pci.sys      Mon Jul 13 19:11:16 2009 (4A5BBF14)
8ab38000 8ab3f000   pciide   pciide.sys   Mon Jul 13 19:11:19 2009 (4A5BBF17)
8ab3f000 8ab4d000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:11:15 2009 (4A5BBF13)
8ae73000 8ae81000   pcw      pcw.sys      Mon Jul 13 19:11:10 2009 (4A5BBF0E)
9635f000 963f6000   peauth   peauth.sys   Mon Jul 13 20:35:44 2009 (4A5BD2E0)
9a6cc000 9a6fb000   portcls  portcls.sys  Mon Jul 13 19:51:00 2009 (4A5BC864)
9d161000 9d164a00   prepdrv  prepdrv.sys  Fri Sep 18 03:57:51 2009 (4AB33D7F)
82e7e000 82e8f000   PSHED    PSHED.dll    Mon Jul 13 21:09:36 2009 (4A5BDAD0)
9a4eb000 9a503000   rasl2tp  rasl2tp.sys  Mon Jul 13 19:54:33 2009 (4A5BC939)
9a530000 9a548000   raspppoe raspppoe.sys Mon Jul 13 19:54:53 2009 (4A5BC94D)
9a548000 9a55f000   raspptp  raspptp.sys  Mon Jul 13 19:54:47 2009 (4A5BC947)
9a55f000 9a576000   rassstp  rassstp.sys  Mon Jul 13 19:54:57 2009 (4A5BC951)
9506a000 950ab000   rdbss    rdbss.sys    Mon Jul 13 19:14:26 2009 (4A5BBFD2)
9a576000 9a580000   rdpbus   rdpbus.sys   Mon Jul 13 20:02:40 2009 (4A5BCB20)
8aff7000 8afff000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:01:40 2009 (4A5BCAE4)
9d0ce000 9d0f3000   rdpdr    rdpdr.sys    Mon Jul 13 20:02:56 2009 (4A5BCB30)
8ac2c000 8ac34000   rdpencdd rdpencdd.sys Mon Jul 13 20:01:39 2009 (4A5BCAE3)
8ade8000 8adf0000   rdprefmp rdprefmp.sys Mon Jul 13 20:01:41 2009 (4A5BCAE5)
9d10a000 9d13b000   RDPWD    RDPWD.SYS    Mon Jul 13 20:01:50 2009 (4A5BCAEE)
8b1ca000 8b1f7000   rdyboost rdyboost.sys Mon Jul 13 19:22:02 2009 (4A5BC19A)
9a7de000 9a7f1000   rspndr   rspndr.sys   Mon Jul 13 19:53:20 2009 (4A5BC8F0)
963f6000 96400000   secdrv   secdrv.SYS   Wed Sep 13 09:18:32 2006 (45080528)
90bbe000 90bc8000   serenum  serenum.sys  Mon Jul 13 19:45:27 2009 (4A5BC717)
90b17000 90b31000   serial   serial.sys   Mon Jul 13 19:45:33 2009 (4A5BC71D)
95000000 9506a000   SPBBCDrv SPBBCDrv.sys Sat Aug 08 21:37:14 2009 (4A7E284A)
8b1c2000 8b1ca000   spldr    spldr.sys    Mon May 11 12:13:47 2009 (4A084EBB)
9d165000 9d1cf000   spsys    spsys.sys    Mon May 11 12:37:10 2009 (4A085436)
9022b000 90275000   SRTSP    SRTSP.SYS    Mon Aug 10 23:20:28 2009 (4A80E37C)
90200000 90209080   SRTSPX   SRTSPX.SYS   Mon Aug 10 23:20:44 2009 (4A80E38C)
9d07d000 9d0ce000   srv      srv.sys      Mon Jun 21 22:47:32 2010 (4C202444)
9d02e000 9d07d000   srv2     srv2.sys     Mon Jun 21 22:47:19 2010 (4C202437)
96200000 96221000   srvnet   srvnet.sys   Mon Jun 21 22:47:09 2010 (4C20242D)
9a5b8000 9a5b9380   swenum   swenum.sys   Mon Jul 13 19:45:08 2009 (4A5BC704)
903c3000 903e8000   SYMEVENT SYMEVENT.SYS Wed Jun 24 16:14:58 2009 (4A428942)
9d13b000 9d13fd00   SYMREDRV SYMREDRV.SYS Wed Jun 17 17:11:33 2009 (4A395C05)
90a1c000 90a48480   SYMTDI   SYMTDI.SYS   Wed Jun 17 17:11:02 2009 (4A395BE6)
90b8f000 90bac000   SysPlant SysPlant.sys Thu Sep 17 20:34:42 2009 (4AB2D5A2)
8b000000 8b149000   tcpip    tcpip.sys    Sun Jun 13 23:36:59 2010 (4C15A3DB)
96221000 9622e000   tcpipreg tcpipreg.sys Mon Jul 13 19:54:14 2009 (4A5BC926)
8aa25000 8aa30000   TDI      TDI.SYS      Mon Jul 13 19:12:12 2009 (4A5BBF4C)
9d0f3000 9d0fd000   tdtcp    tdtcp.sys    Mon Jul 13 20:01:37 2009 (4A5BCAE1)
8aa0e000 8aa25000   tdx      tdx.sys      Mon Jul 13 19:12:10 2009 (4A5BBF4A)
9a59a000 9a5b8000   teefer2  teefer2.sys  Wed May 13 15:25:46 2009 (4A0B1EBA)
90b7f000 90b8f000   termdd   termdd.sys   Mon Jul 13 20:01:35 2009 (4A5BCADF)
9aec0000 9aec9000   TSDDD    TSDDD.dll    Mon Jul 13 20:01:40 2009 (4A5BCAE4)
9d0fd000 9d10a000   tssecsrv tssecsrv.sys Mon Jul 13 20:01:50 2009 (4A5BCAEE)
951d0000 951f1000   tunnel   tunnel.sys   Mon Jul 13 19:54:03 2009 (4A5BC91B)
9a5ee000 9a5fc000   umbus    umbus.sys    Mon Jul 13 19:51:38 2009 (4A5BC88A)
9a780000 9a781700   USBD     USBD.SYS     Mon Jul 13 19:51:05 2009 (4A5BC869)
9a475000 9a484000   usbehci  usbehci.sys  Mon Jul 13 19:51:14 2009 (4A5BC872)
9a627000 9a66b000   usbhub   usbhub.sys   Mon Jul 13 19:52:06 2009 (4A5BC8A6)
9a42a000 9a475000   USBPORT  USBPORT.SYS  Mon Jul 13 19:51:13 2009 (4A5BC871)
90bf4000 90bff000   usbuhci  usbuhci.sys  Mon Jul 13 19:51:10 2009 (4A5BC86E)
8aac1000 8aacc000   vdrvroot vdrvroot.sys Mon Jul 13 19:46:19 2009 (4A5BC74B)
90218000 90224000   vga      vga.sys      Mon Jul 13 19:25:50 2009 (4A5BC27E)
8abdd000 8abfe000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:25:49 2009 (4A5BC27D)
90b44000 90b7f000   vmm      vmm.sys      Tue Feb 12 06:37:59 2008 (47B18517)
9a4bb000 9a4cc000   VMNetSrv VMNetSrv.sys Wed Jan 16 06:51:44 2008 (478DEFD0)
8b17a000 8b182380   vmstorfl vmstorfl.sys Mon Jul 13 19:28:44 2009 (4A5BC32C)
8aadd000 8aaed000   volmgr   volmgr.sys   Mon Jul 13 19:11:25 2009 (4A5BBF1D)
8aaed000 8ab38000   volmgrx  volmgrx.sys  Mon Jul 13 19:11:41 2009 (4A5BBF2D)
8b183000 8b1c2000   volsnap  volsnap.sys  Mon Jul 13 19:11:34 2009 (4A5BBF26)
90b31000 90b44000   wanarp   wanarp.sys   Mon Jul 13 19:55:02 2009 (4A5BC956)
8ac1f000 8ac2c000   watchdog watchdog.sys Mon Jul 13 19:24:10 2009 (4A5BC21A)
82f84000 82ff5000   Wdf01000 Wdf01000.sys Mon Jul 13 19:11:36 2009 (4A5BBF28)
8aa30000 8aa3e000   WDFLDR   WDFLDR.SYS   Mon Jul 13 19:11:25 2009 (4A5BBF1D)
90ae3000 90aea000   wfplwf   wfplwf.sys   Mon Jul 13 19:53:51 2009 (4A5BC90F)
9ac60000 9aeaa000   win32k   win32k.sys   Sat Jun 19 00:06:50 2010 (4C1C425A)
951f1000 951fa000   wmiacpi  wmiacpi.sys  Mon Jul 13 19:19:16 2009 (4A5BC0F4)
8aa86000 8aa8f000   WMILIB   WMILIB.SYS   Mon Jul 13 19:11:22 2009 (4A5BBF1A)
90a49000 90a57000   wpsdrvnt wpsdrvnt.sys Thu Sep 17 20:35:48 2009 (4AB2D5E4)
9a400000 9a427a80   WpsHelper WpsHelper.sys Thu Sep 02 21:14:42 2010 (4C804C02)
9a7b4000 9a7ce000   WudfPf   WudfPf.sys   Mon Jul 13 19:50:13 2009 (4A5BC835)

Unloaded modules:
8ae00000 8ae0d000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000D000
8adcc000 8add7000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000B000
8ae0d000 8ae16000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00009000
8add7000 8ade8000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00011000
Bugcheck code 000000F4
Arguments 00000003 86c9d1c0 86c9d32c 82a35dd0
      My Computer
    Quote Quote

  4. EvoBora
    Posts : 2
    Windows 7 32bit Proffessional
    Thread Starter
       New #3

    Wow good job I couldn't even find that. You are absolutely right though. Today we moved the systems out of the Symantec groups and it fixed the problem. I knew it was one of the two but couldn't find any evidence.

    This has been solved.. Thanks for the help.
      My Computer
    Quote Quote

  6. usasma
    Posts : 5,705
    Win7 x64 + x86
       New #4

    Thanks for letting us know!
      My Computer
    Quote Quote

  7. makotosym
    Posts : 2
    Windows Ultimate x86 & x64
       New #5

    EvoBora, usasma

    Do you guys still have dumps for this incident? it appears as though from reading the thread that they were posted at some point allowing usasma to analyze them but were removed at a later time...

    i am curious to see if its similar to something i am analyzing myself.
      My Computer
    Quote Quote

  8. usasma
    Posts : 5,705
    Win7 x64 + x86
       New #6

    EvoBora removed the BSOD collection reports for their own reasons. I'd have to suggest contacting them for a copy if they're that critical to your work.

    As for the dumps, what specific thing do you need? This is a series of 14 STOP 0xF4 dumps that all blameSYMEVENT.SYS dated Wed Jun 24 16:14:58 2009 (4A428942).

    Additionally, I posted a complete dump file analysis of one of the dumps later in that same post. That should contain all the information that's needed for comparison. If it doesn't, what information do you need?
      My Computer
    Quote Quote

 

  Related Discussions
BSOD Battlefield Bad Company
in BSOD Help and Support

Hi there, I recently had a batch of dump files looked at on this forum. It seemed that Daemon Tools may have been causing a BSOD. Anyway, the problem is back but it can't be Daemon Tools as I've removed it. I've updated, and re-installed the latest drivers for my Radeon 5870 several times so...
Bad Company 2 BSOD!!!
in BSOD Help and Support

I recently just buy this game , I am able to ran the game. Play it for 10-15 min.. then it crash into blue screen!!!! 30 min is the max! chainw0: Problem signature: Problem Event Name: BlueScreen OS Version: 6.1.7600.2.0.0.256.48 Locale ID: 1033 Additional information about the...
Lately, I've heard some people say that the Unix code is more secure than the Windows code and that the Windows code has many holes and bugs in it. Before, I always thought Unix systems (for example, Mac) were less likely to get infected by viruses only because they had a lower market share....
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 й Designer Media Ltd
All times are GMT -5. The time now is 16:27.
Find Us