BSOD - bad_pool_header


  1. Posts : 3
    Windows 7 Professional 32bit
       #1

    SOLVED: BSOD - bad_pool_header


    Hi all,

    I've been having bsod's intermittently, it'd be greatly appreciated if we could discern the cause. Thanks

    Setup:
    Windows 7 Professional 32bit (Full retail (ASM student) clean install on fresh partition)
    Dual boot with old xp partition
    My hardware is around 3 years old but still going strong.
    4GB Ballistix ddr2800 ram is recent upgrade (from 2GB Corsairs)
    Windows 7 ... I installed it whenever the student release came out, I didn't use it for a while as Windows XP was doing great.

    EDIT: Solution Ballistix RAM was the problem, replaced ram and system is fine.
    Last edited by FluX; 11 Dec 2010 at 02:08.
      My Computer


  2. Posts : 11,990
    Windows 7 Ultimate 32 bit
       #2

    Hi and welcome to the forum. Sorry you are having problems. I looked at your latest three dumps. All indicate memory corruption and driver problems.
    Error code C2, BAD_POOL_CALLER. Usual causes: Device driver, ?Memory.

    Error code F7, DRIVER_OVERRAN_STACK_BUFFER. Usual causes: Device driver, Malware.

    Error code 19, BAD_POOL_HEADER. Usual causes: Device driver.
    You are going to have to troubleshoot by a process of elimination since the dumps do not give us a specific cause. To begin this process, uninstall Avira. Avira is known to cause BSOD's on some Win 7 systems. Your version includes an obsolete driver. Download and install Microsoft Security Essentials in its place. One you get your system stable, you can try Avira again, an updated version; but I do not recommend doing so.

    Next uninstall Spybot. Many third party security programs cause conflicts with Win 7. You can try Spybot again once your system is stable. I see you are using Malwarebytes. MBAM works well with Win 7 and is a really good tool.

    Outdated drivers can and do cause BSOD's. You have some outdated drivers and some are XP drivers. You need to update or eliminate these drivers. Software designed for XP and not updated for Win 7 is not going to run on Win 7 except in the XP mode.
    ANIO.SYS Mon May 05 06:18:54 2003 - unknown driver from Alpha Networks (likely to be a software driver installed with a D-Link device). OEM - none at EPON,GPON,xDSL,MiniPCI Module,USB Wireless Adapter,IP-STB,High Definition Media Player, BT Box, IP Cam - Alpha Networks Inc.. This is an XP driver. I cannot find what software/hardware it is associated with. Rename this driver. See note below.

    avgio.sys Thu Feb 22 09:57:32 2007 - Avira AntiVir. Avira AntiVir Personal - Free Antivirus.

    CVPNDRVA.sys Thu Jun 19 20:07:47 2008 - Cisco Systems VPN Client. Cisco Systems, Inc. Update this driver or upgrade the software/hardware it belongs to.

    dne2000.sys Fri Mar 28 20:29:38 2008 - Citrix Deterministic Network Enhancer Miniport or Cisco Systems VPN Client. Cisco Systems, Inc. Update, upgrade, or uninstall.

    giveio.sys Wed Apr 03 22:33:25 1996
    - ADC Analyzer/SwiftForth/Disspy - ?SpeedFan?. Info only (½ way down page) - I/O Port Programming with Delphi and NT. Unistall this software. It is horribly obsolete.

    hamachi.sys Thu Feb 19 05:36:27 2009 - LogMeIn Hamachi Virtual Network interface driver. https://secure.logmein.com/US/support/hamachi2/. Update the driver or uninstall LogMeIn.

    iaStorV.sys Wed Apr 08 12:54:58 2009 - Intel Matrix Storage Manager driver (base). http://downloadcenter.intel.com/Default.aspx. Update this driver.
    How to find drivers -
    - I have listed links to most of the drivers in the code box above. Please use the links there to see what info I've found about those drivers.
    - search Google for the name of the driver
    - compare the Google results with what's installed on your system to figure out which device/program it belongs to
    - visit the web site of the manufacturer of the hardware/program to get the latest drivers (DON'T use Windows Update or the Update driver function of Device Manager).
    - if there are difficulties in locating them, post back with questions and someone will try and help you locate the appropriate program.


    - - The most common drivers are listed on this page: Driver Reference
    - - Driver manufacturer links are on this page: Drivers and Downloads
    - - To remove any left over driver remnants, especially from graphics cards, use driver sweeper Guru3D - Driver Sweeper

    Intel Driver Utility: Intel® Driver Update Utility
    Follow all of the above suggestions. You have a lot of outdated stuff on your system. Then run your system and see how it does. Please update us and let us know. After you have taken the above steps, if you get another BSOD, upload it and we will go from there. If you need help with the drivers, please post.
    Code:
    Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 7600.16617.x86fre.win7_gdr.100618-1621
    Machine Name:
    Kernel base = 0x82e19000 PsLoadedModuleList = 0x82f61810
    Debug session time: Sun Nov 14 02:53:35.445 2010 (GMT-5)
    System Uptime: 0 days 1:47:11.021
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    ..........................................................
    Loading User Symbols
    Loading unloaded module list
    ........
    1: kd> !Analyze
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck C2, {7, 1097, 770077, c3517580}
    
    GetPointerFromAddress: unable to read from 82f81718
    Unable to read MiSystemVaType memory at 82f61160
    *** WARNING: Unable to verify timestamp for vpcnfltr.sys
    *** ERROR: Module load completed but symbols could not be loaded for vpcnfltr.sys
    *** WARNING: Unable to verify timestamp for iaStorV.sys
    *** ERROR: Module load completed but symbols could not be loaded for iaStorV.sys
    *** WARNING: Unable to verify timestamp for amdxata.sys
    *** ERROR: Module load completed but symbols could not be loaded for amdxata.sys
    *** WARNING: Unable to verify timestamp for ksecpkg.sys
    *** ERROR: Module load completed but symbols could not be loaded for ksecpkg.sys
    *** WARNING: Unable to verify timestamp for fvevol.sys
    *** ERROR: Module load completed but symbols could not be loaded for fvevol.sys
    *** WARNING: Unable to verify timestamp for spldr.sys
    *** ERROR: Module load completed but symbols could not be loaded for spldr.sys
    *** WARNING: Unable to verify timestamp for speedfan.sys
    *** ERROR: Module load completed but symbols could not be loaded for speedfan.sys
    *** WARNING: Unable to verify timestamp for giveio.sys
    *** ERROR: Module load completed but symbols could not be loaded for giveio.sys
    *** WARNING: Unable to verify timestamp for netr28u.sys
    *** ERROR: Module load completed but symbols could not be loaded for netr28u.sys
    *** WARNING: Unable to verify timestamp for LUsbFilt.Sys
    *** ERROR: Module load completed but symbols could not be loaded for LUsbFilt.Sys
    *** WARNING: Unable to verify timestamp for LHidFilt.Sys
    *** ERROR: Module load completed but symbols could not be loaded for LHidFilt.Sys
    *** WARNING: Unable to verify timestamp for LMouFilt.Sys
    *** ERROR: Module load completed but symbols could not be loaded for LMouFilt.Sys
    *** WARNING: Unable to verify timestamp for avgntflt.sys
    *** ERROR: Module load completed but symbols could not be loaded for avgntflt.sys
    *** WARNING: Unable to verify timestamp for RAMDiskVE.sys
    *** ERROR: Module load completed but symbols could not be loaded for RAMDiskVE.sys
    *** WARNING: Unable to verify timestamp for dne2000.sys
    *** ERROR: Module load completed but symbols could not be loaded for dne2000.sys
    *** WARNING: Unable to verify timestamp for bridge.sys
    *** ERROR: Module load completed but symbols could not be loaded for bridge.sys
    *** WARNING: Unable to verify timestamp for hamachi.sys
    *** ERROR: Module load completed but symbols could not be loaded for hamachi.sys
    *** WARNING: Unable to verify timestamp for VClone.sys
    *** ERROR: Module load completed but symbols could not be loaded for VClone.sys
    *** WARNING: Unable to verify timestamp for VBoxNetFlt.sys
    *** ERROR: Module load completed but symbols could not be loaded for VBoxNetFlt.sys
    *** WARNING: Unable to verify timestamp for vpcvmm.sys
    *** ERROR: Module load completed but symbols could not be loaded for vpcvmm.sys
    *** WARNING: Unable to verify timestamp for VBoxUSBMon.sys
    *** ERROR: Module load completed but symbols could not be loaded for VBoxUSBMon.sys
    *** WARNING: Unable to verify timestamp for VBoxDrv.sys
    *** ERROR: Module load completed but symbols could not be loaded for VBoxDrv.sys
    *** WARNING: Unable to verify timestamp for truecrypt.sys
    *** ERROR: Module load completed but symbols could not be loaded for truecrypt.sys
    *** WARNING: Unable to verify timestamp for ssmdrv.sys
    *** ERROR: Module load completed but symbols could not be loaded for ssmdrv.sys
    *** WARNING: Unable to verify timestamp for ElbyCDIO.sys
    *** ERROR: Module load completed but symbols could not be loaded for ElbyCDIO.sys
    *** WARNING: Unable to verify timestamp for avipbb.sys
    *** ERROR: Module load completed but symbols could not be loaded for avipbb.sys
    *** WARNING: Unable to verify timestamp for avgio.sys
    *** ERROR: Module load completed but symbols could not be loaded for avgio.sys
    *** WARNING: Unable to verify timestamp for AsIO.sys
    *** ERROR: Module load completed but symbols could not be loaded for AsIO.sys
    *** WARNING: Unable to verify timestamp for ks.sys
    *** ERROR: Module load completed but symbols could not be loaded for ks.sys
    *** WARNING: Unable to verify timestamp for vpcusb.sys
    *** ERROR: Module load completed but symbols could not be loaded for vpcusb.sys
    *** WARNING: Unable to verify timestamp for vpchbus.sys
    *** ERROR: Module load completed but symbols could not be loaded for vpchbus.sys
    *** WARNING: Unable to verify timestamp for drmk.sys
    *** ERROR: Module load completed but symbols could not be loaded for drmk.sys
    *** WARNING: Unable to verify timestamp for GEARAspiWDM.sys
    *** ERROR: Module load completed but symbols could not be loaded for GEARAspiWDM.sys
    *** WARNING: Unable to verify timestamp for nvlddmkm.sys
    *** ERROR: Module load completed but symbols could not be loaded for nvlddmkm.sys
    *** WARNING: Unable to verify timestamp for nvBridge.kmd
    *** ERROR: Module load completed but symbols could not be loaded for nvBridge.kmd
    *** WARNING: Unable to verify timestamp for dxgkrnl.sys
    *** ERROR: Module load completed but symbols could not be loaded for dxgkrnl.sys
    *** WARNING: Unable to verify timestamp for ASACPI.sys
    *** ERROR: Module load completed but symbols could not be loaded for ASACPI.sys
    *** WARNING: Unable to verify timestamp for win32k.sys
    *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
    *** WARNING: Unable to verify timestamp for TSDDD.dll
    *** ERROR: Module load completed but symbols could not be loaded for TSDDD.dll
    *** WARNING: Unable to verify timestamp for cdd.dll
    *** ERROR: Module load completed but symbols could not be loaded for cdd.dll
    *** WARNING: Unable to verify timestamp for ANIO.SYS
    *** ERROR: Module load completed but symbols could not be loaded for ANIO.SYS
    *** WARNING: Unable to verify timestamp for cpuz134_x32.sys
    *** ERROR: Module load completed but symbols could not be loaded for cpuz134_x32.sys
    *** WARNING: Unable to verify timestamp for CVPNDRVA.sys
    *** ERROR: Module load completed but symbols could not be loaded for CVPNDRVA.sys
    *** WARNING: Unable to verify timestamp for npf.sys
    *** ERROR: Module load completed but symbols could not be loaded for npf.sys
    *** WARNING: Unable to verify timestamp for peauth.sys
    *** ERROR: Module load completed but symbols could not be loaded for peauth.sys
    *** WARNING: Unable to verify timestamp for secdrv.SYS
    *** ERROR: Module load completed but symbols could not be loaded for secdrv.SYS
    *** WARNING: Unable to verify timestamp for SbieDrv.sys
    *** ERROR: Module load completed but symbols could not be loaded for SbieDrv.sys
    GetPointerFromAddress: unable to read from 82f81718
    Unable to read MiSystemVaType memory at 82f61160
    Probably caused by : ntkrpamp.exe ( nt!ExFreePoolWithTag+1b1 )
    
    Followup: MachineOwner
    ---------
    
    1: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    BAD_POOL_CALLER (c2)
    The current thread is making a bad pool request.  Typically this is at a bad IRQL level or double freeing the same allocation, etc.
    Arguments:
    Arg1: 00000007, Attempt to free pool which was already freed
    Arg2: 00001097, (reserved)
    Arg3: 00770077, Memory contents of the pool block
    Arg4: c3517580, Address of the block of pool being deallocated
    
    Debugging Details:
    ------------------
    
    GetPointerFromAddress: unable to read from 82f81718
    Unable to read MiSystemVaType memory at 82f61160
    GetPointerFromAddress: unable to read from 82f81718
    Unable to read MiSystemVaType memory at 82f61160
    
    POOL_ADDRESS: GetPointerFromAddress: unable to read from 82f81718
    Unable to read MiSystemVaType memory at 82f61160
     c3517580 
    
    BUGCHECK_STR:  0xc2_7
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    
    PROCESS_NAME:  System
    
    CURRENT_IRQL:  0
    
    LAST_CONTROL_TRANSFER:  from 8303190d to 82f381b6
    
    STACK_TEXT:  
    8e327c64 8303190d c3517580 00000000 8e327cc4 nt!ExFreePoolWithTag+0x1b1
    8e327c78 83031a85 8e327ccc 8e327cc4 8ac4e524 nt!CmpCleanUpKcbValueCache+0x3e
    8e327c8c 830b4151 00000000 82f800e0 85a1dd48 nt!CmpCleanUpKcbCacheWithLock+0x25
    8e327d00 82e86f3b 00000000 00000000 85a1dd48 nt!CmpDelayCloseWorker+0x229
    8e327d50 830276d3 00000001 a23682c0 00000000 nt!ExpWorkerThread+0x10d
    8e327d90 82ed90f9 82e86e2e 00000001 00000000 nt!PspSystemThreadStartup+0x9e
    00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19
    
    
    STACK_COMMAND:  kb
    
    FOLLOWUP_IP: 
    nt!ExFreePoolWithTag+1b1
    82f381b6 cc              int     3
    
    SYMBOL_STACK_INDEX:  0
    
    SYMBOL_NAME:  nt!ExFreePoolWithTag+1b1
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: nt
    
    IMAGE_NAME:  ntkrpamp.exe
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c3fac
    
    FAILURE_BUCKET_ID:  0xc2_7_nt!ExFreePoolWithTag+1b1
    
    BUCKET_ID:  0xc2_7_nt!ExFreePoolWithTag+1b1
    
    Followup: MachineOwner
    ---------
    
    Debug session time: Sat Nov 27 02:16:11.930 2010 (GMT-5)
    System Uptime: 12 days 7:53:34.919
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    ...........................................................
    Loading User Symbols
    Loading unloaded module list
    .............................................
    0: kd> !Analyze
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck F7, {f0e4adb8, 930c11bb, 6cf3ee44, 0}
    
    *** WARNING: Unable to verify timestamp for cdd.dll
    *** ERROR: Module load completed but symbols could not be loaded for cdd.dll
    Probably caused by : dxgkrnl.sys ( dxgkrnl+12337 )
    
    Followup: MachineOwner
    ---------
    
    0: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    DRIVER_OVERRAN_STACK_BUFFER (f7)
    A driver has overrun a stack-based buffer.  This overrun could potentially
    allow a malicious user to gain control of this machine.
    DESCRIPTION
    A driver overran a stack-based buffer (or local variable) in a way that would
    have overwritten the function's return address and jumped back to an arbitrary
    address when the function returned.  This is the classic "buffer overrun"
    hacking attack and the system has been brought down to prevent a malicious user
    from gaining complete control of it.
    Do a kb to get a stack backtrace -- the last routine on the stack before the
    buffer overrun handlers and bugcheck call is the one that overran its local
    variable(s).
    Arguments:
    Arg1: f0e4adb8, Actual security check cookie from the stack
    Arg2: 930c11bb, Expected security check cookie
    Arg3: 6cf3ee44, Complement of the expected security check cookie
    Arg4: 00000000, zero
    
    Debugging Details:
    ------------------
    
    
    DEFAULT_BUCKET_ID:  GS_FALSE_POSITIVE_MISSING_GSFRAME
    
    SECURITY_COOKIE:  Expected 930c11bb found f0e4adb8
    
    CUSTOMER_CRASH_COUNT:  1
    
    BUGCHECK_STR:  0xF7
    
    PROCESS_NAME:  csrss.exe
    
    CURRENT_IRQL:  0
    
    LAST_CONTROL_TRANSFER:  from 930b9337 to 82ef7d10
    
    STACK_TEXT:  
    a35fa990 930b9337 000000f7 f0e4adb8 930c11bb nt!KeBugCheckEx+0x1e
    WARNING: Stack unwind information not available. Following frames may be wrong.
    a35fa9b0 930deb50 040005e4 00000000 00000771 dxgkrnl+0x12337
    a35faabc 9b7651f2 40001500 00000003 00000000 dxgkrnl+0x37b50
    a35fad30 9b7622ce 00000000 2e6d7764 00657865 cdd+0x51f2
    a35fad50 830296d3 fe1f4010 8f5a2e5c 00000000 cdd+0x22ce
    a35fad90 82edb0f9 9b764934 fe1f4010 00000000 nt!PspSystemThreadStartup+0x9e
    00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19
    
    
    STACK_COMMAND:  kb
    
    FOLLOWUP_IP: 
    dxgkrnl+12337
    930b9337 ??              ???
    
    SYMBOL_STACK_INDEX:  1
    
    SYMBOL_NAME:  dxgkrnl+12337
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: dxgkrnl
    
    IMAGE_NAME:  dxgkrnl.sys
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  4ac54de1
    
    FAILURE_BUCKET_ID:  0xF7_MISSING_GSFRAME_dxgkrnl+12337
    
    BUCKET_ID:  0xF7_MISSING_GSFRAME_dxgkrnl+12337
    
    Followup: MachineOwner
    ---------
    
    0: kd> lmtsmn
    start    end        module name
    91c4a000 91c76000   1394ohci 1394ohci.sys Mon Jul 13 19:51:59 2009 (4A5BC89F)
    8be80000 8bec8000   ACPI     ACPI.sys     Mon Jul 13 19:11:11 2009 (4A5BBF0F)
    8bfa5000 8bfff000   afd      afd.sys      Mon Jul 13 19:12:34 2009 (4A5BBF62)
    91ce7000 91cf9000   AgileVpn AgileVpn.sys Mon Jul 13 19:55:00 2009 (4A5BC954)
    8c131000 8c13a000   amdxata  amdxata.sys  Tue May 19 13:57:35 2009 (4A12F30F)
    9a1b5000 9a1bbde0   ANIO     ANIO.SYS     Mon May 05 06:18:54 2003 (3EB63A8E)
    9261f000 926206c0   ASACPI   ASACPI.sys   Wed Jul 15 23:28:28 2009 (4A5E9E5C)
    90dff000 90dfffa0   AsIO     AsIO.sys     Mon Aug 03 03:02:32 2009 (4A768B88)
    a1d96000 a1d9f000   asyncmac asyncmac.sys Mon Jul 13 19:54:46 2009 (4A5BC946)
    8c0fb000 8c104000   atapi    atapi.sys    Mon Jul 13 19:11:15 2009 (4A5BBF13)
    8c104000 8c127000   ataport  ataport.SYS  Mon Jul 13 19:11:18 2009 (4A5BBF16)
    9b400000 9b44d000   ATMFD    ATMFD.DLL    unavailable (00000000)
    a1dad000 a1dc2000   avgntflt avgntflt.sys Thu Nov 11 10:54:47 2010 (4CDC11C7)
    90dda000 90dfd000   avipbb   avipbb.sys   Thu May 27 10:11:26 2010 (4BFE7D8E)
    8c437000 8c43e000   Beep     Beep.SYS     Mon Jul 13 19:45:00 2009 (4A5BC6FC)
    90dcc000 90dda000   blbdrive blbdrive.sys Mon Jul 13 19:23:04 2009 (4A5BC1D8)
    8bca1000 8bca9000   BOOTVID  BOOTVID.dll  Mon Jul 13 21:04:34 2009 (4A5BD9A2)
    9a0f9000 9a112000   bowser   bowser.sys   Mon Jul 13 19:14:21 2009 (4A5BBFCD)
    91cf9000 91d11000   bridge   bridge.sys   Mon Jul 13 20:35:44 2009 (4A5BD2E0)
    9b760000 9b77e000   cdd      cdd.dll      unavailable (00000000)
    9658a000 965a9000   cdrom    cdrom.sys    Mon Jul 13 19:11:24 2009 (4A5BBF1C)
    8bceb000 8bd96000   CI       CI.dll       Mon Jul 13 21:09:28 2009 (4A5BDAC8)
    8c5b3000 8c5d8000   CLASSPNP CLASSPNP.SYS Mon Jul 13 19:11:20 2009 (4A5BBF18)
    8bca9000 8bceb000   CLFS     CLFS.SYS     Mon Jul 13 19:11:10 2009 (4A5BBF0E)
    8c36d000 8c3ca000   cng      cng.sys      Mon Jul 13 19:32:55 2009 (4A5BC427)
    91cb0000 91cbd000   CompositeBus CompositeBus.sys Mon Jul 13 19:45:26 2009 (4A5BC716)
    9a1fc000 9a1ff580   cpuz134_x32 cpuz134_x32.sys Fri Jul 09 07:18:04 2010 (4C37056C)
    965af000 965bc000   crashdmp crashdmp.sys Mon Jul 13 19:45:50 2009 (4A5BC72E)
    90d50000 90db4000   csc      csc.sys      Mon Jul 13 19:15:08 2009 (4A5BBFFC)
    a1403000 a1493000   CVPNDRVA CVPNDRVA.sys Thu Jun 19 20:07:47 2008 (485AF4D3)
    90db4000 90dcc000   dfsc     dfsc.sys     Mon Jul 13 19:14:16 2009 (4A5BBFC8)
    90d44000 90d50000   discache discache.sys Mon Jul 13 19:24:04 2009 (4A5BC214)
    8c5a2000 8c5b3000   disk     disk.sys     Mon Jul 13 19:11:28 2009 (4A5BBF20)
    91cc9000 91ce6480   dne2000  dne2000.sys  Fri Mar 28 20:29:38 2008 (47ED8D72)
    96571000 9658a000   drmk     drmk.sys     Mon Jul 13 20:36:05 2009 (4A5BD2F5)
    965c7000 965d0000   dump_atapi dump_atapi.sys Mon Jul 13 19:11:15 2009 (4A5BBF13)
    965bc000 965c7000   dump_dumpata dump_dumpata.sys Mon Jul 13 19:11:16 2009 (4A5BBF14)
    965d0000 965e1000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:12:47 2009 (4A5BBF6F)
    965e1000 965eb000   Dxapi    Dxapi.sys    Mon Jul 13 19:25:25 2009 (4A5BC265)
    930a7000 9315e000   dxgkrnl  dxgkrnl.sys  Thu Oct 01 20:48:33 2009 (4AC54DE1)
    9315e000 93197000   dxgmms1  dxgmms1.sys  Mon Jul 13 19:25:25 2009 (4A5BC265)
    90d3f000 90d43900   ElbyCDIO ElbyCDIO.sys Thu Dec 17 17:25:11 2009 (4B2AAFC7)
    a1d02000 a1d2c000   fastfat  fastfat.SYS  Mon Jul 13 19:14:01 2009 (4A5BBFB9)
    91c76000 91c81000   fdc      fdc.sys      Mon Jul 13 19:45:45 2009 (4A5BC729)
    8c16e000 8c17f000   fileinfo fileinfo.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
    964d7000 964e1000   flpydisk flpydisk.sys Mon Jul 13 19:45:45 2009 (4A5BC729)
    8c13a000 8c16e000   fltmgr   fltmgr.sys   Mon Jul 13 19:11:13 2009 (4A5BBF11)
    8c3d8000 8c3e1000   Fs_Rec   Fs_Rec.sys   unavailable (00000000)
    8c570000 8c5a2000   fvevol   fvevol.sys   Fri Sep 25 22:24:21 2009 (4ABD7B55)
    8c787000 8c7b8000   fwpkclnt fwpkclnt.sys Mon Jul 13 19:12:03 2009 (4A5BBF43)
    965a9000 965ae280   GEARAspiWDM GEARAspiWDM.sys Mon May 18 08:16:53 2009 (4A1151B5)
    8c637000 8c637680   giveio   giveio.sys   Wed Apr 03 22:33:25 1996 (316334F5)
    8322b000 83262000   hal      halmacpi.dll Mon Jul 13 19:11:03 2009 (4A5BBF07)
    92621000 92625c00   hamachi  hamachi.sys  Thu Feb 19 05:36:27 2009 (499D362B)
    92600000 9261f000   HDAudBus HDAudBus.sys Mon Jul 13 19:50:55 2009 (4A5BC85F)
    964f2000 96542000   HdAudio  HdAudio.sys  Mon Jul 13 19:51:46 2009 (4A5BC892)
    81f3c000 81f4f000   HIDCLASS HIDCLASS.SYS Mon Jul 13 19:51:01 2009 (4A5BC865)
    81f4f000 81f55480   HIDPARSE HIDPARSE.SYS Mon Jul 13 19:50:59 2009 (4A5BC863)
    81f31000 81f3c000   hidusb   hidusb.sys   Mon Jul 13 19:51:04 2009 (4A5BC868)
    9a074000 9a0f9000   HTTP     HTTP.sys     Mon Jul 13 19:12:53 2009 (4A5BBF75)
    8c568000 8c570000   hwpolicy hwpolicy.sys Mon Jul 13 19:11:01 2009 (4A5BBF05)
    8c020000 8c0fb000   iaStorV  iaStorV.sys  Wed Apr 08 12:54:58 2009 (49DCD6E2)
    91c38000 91c4a000   intelppm intelppm.sys Mon Jul 13 19:11:03 2009 (4A5BBF07)
    91ca3000 91cb0000   kbdclass kbdclass.sys Mon Jul 13 19:11:15 2009 (4A5BBF13)
    81f71000 81f7d000   kbdhid   kbdhid.sys   Mon Jul 13 19:45:09 2009 (4A5BC705)
    80bb6000 80bbe000   kdcom    kdcom.dll    Mon Jul 13 21:08:58 2009 (4A5BDAAA)
    91c00000 91c34000   ks       ks.sys       Wed Mar 03 22:57:52 2010 (4B8F2FC0)
    8c35a000 8c36d000   ksecdd   ksecdd.sys   Mon Jul 13 19:11:56 2009 (4A5BBF3C)
    8c533000 8c558000   ksecpkg  ksecpkg.sys  Thu Dec 10 23:04:22 2009 (4B21C4C6)
    81f56000 81f5dd80   LHidFilt LHidFilt.Sys Thu Mar 18 04:50:19 2010 (4BA1E94B)
    81fd2000 81fe2000   lltdio   lltdio.sys   Mon Jul 13 19:53:18 2009 (4A5BC8EE)
    81f69000 81f70780   LMouFilt LMouFilt.Sys Thu Mar 18 04:50:27 2010 (4BA1E953)
    81f88000 81fa3000   luafv    luafv.sys    Mon Jul 13 19:15:44 2009 (4A5BC020)
    81f2b000 81f30580   LUsbFilt LUsbFilt.Sys Thu Mar 18 04:50:32 2010 (4BA1E958)
    8bc18000 8bc90000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 21:06:41 2009 (4A5BDA21)
    965eb000 965f6000   monitor  monitor.sys  Mon Jul 13 19:25:58 2009 (4A5BC286)
    91da6000 91db3000   mouclass mouclass.sys Mon Jul 13 19:11:15 2009 (4A5BBF13)
    81f5e000 81f69000   mouhid   mouhid.sys   Mon Jul 13 19:45:08 2009 (4A5BC704)
    8bf8f000 8bfa5000   mountmgr mountmgr.sys Mon Jul 13 19:11:27 2009 (4A5BBF1F)
    9a112000 9a124000   mpsdrv   mpsdrv.sys   Mon Jul 13 19:52:52 2009 (4A5BC8D4)
    9a124000 9a147000   mrxsmb   mrxsmb.sys   Sat Feb 27 02:32:02 2010 (4B88CA72)
    9a147000 9a182000   mrxsmb10 mrxsmb10.sys Sat Feb 27 02:32:21 2010 (4B88CA85)
    9a182000 9a19d000   mrxsmb20 mrxsmb20.sys Sat Feb 27 02:32:11 2010 (4B88CA7B)
    8c127000 8c131000   msahci   msahci.sys   Mon Jul 13 19:45:50 2009 (4A5BC72E)
    8c1a0000 8c1ab000   Msfs     Msfs.SYS     Mon Jul 13 19:11:26 2009 (4A5BBF1E)
    8bed1000 8bed9000   msisadrv msisadrv.sys Mon Jul 13 19:11:09 2009 (4A5BBF0D)
    8c32f000 8c35a000   msrpc    msrpc.sys    unavailable (00000000)
    90d35000 90d3f000   mssmbios mssmbios.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD)
    8c558000 8c568000   mup      mup.sys      Mon Jul 13 19:14:14 2009 (4A5BBFC6)
    8c43e000 8c4f5000   ndis     ndis.sys     Mon Jul 13 19:12:24 2009 (4A5BBF58)
    91d29000 91d34000   ndistapi ndistapi.sys Mon Jul 13 19:54:24 2009 (4A5BC930)
    9a051000 9a061000   ndisuio  ndisuio.sys  Mon Jul 13 19:53:51 2009 (4A5BC90F)
    91d34000 91d56000   ndiswan  ndiswan.sys  Mon Jul 13 19:54:34 2009 (4A5BC93A)
    964e1000 964f2000   NDProxy  NDProxy.SYS  Mon Jul 13 19:54:27 2009 (4A5BC933)
    8c011000 8c01f000   netbios  netbios.sys  Mon Jul 13 19:53:54 2009 (4A5BC912)
    8bd96000 8bdc8000   netbt    netbt.sys    Mon Jul 13 19:12:18 2009 (4A5BBF52)
    8c4f5000 8c533000   NETIO    NETIO.SYS    Mon Jul 13 19:12:35 2009 (4A5BBF63)
    81e33000 81ef3000   netr28u  netr28u.sys  Wed Aug 05 09:59:27 2009 (4A79903F)
    a1493000 a14a2000   npf      npf.sys      Tue Oct 20 13:57:28 2009 (4ADDFA08)
    8c1ab000 8c1b9000   Npfs     Npfs.SYS     Mon Jul 13 19:11:31 2009 (4A5BBF23)
    90d2b000 90d35000   nsiproxy nsiproxy.sys Mon Jul 13 19:12:08 2009 (4A5BBF48)
    82e1b000 8322b000   nt       ntkrpamp.exe Fri Jun 18 23:55:24 2010 (4C1C3FAC)
    8c200000 8c32f000   Ntfs     Ntfs.sys     Mon Jul 13 19:12:05 2009 (4A5BBF45)
    8c430000 8c437000   Null     Null.SYS     unavailable (00000000)
    930a5000 930a6040   nvBridge nvBridge.kmd Fri Jul 09 17:10:11 2010 (4C379033)
    92627000 930a4dc0   nvlddmkm nvlddmkm.sys Fri Jul 09 17:15:14 2010 (4C379162)
    9a00b000 9a051000   nwifi    nwifi.sys    Mon Jul 13 19:51:59 2009 (4A5BC89F)
    a1d9f000 a1da9000   nx6000   nx6000.sys   Wed Jan 27 18:36:05 2010 (4B60CDE5)
    8c1db000 8c1fa000   pacer    pacer.sys    Mon Jul 13 19:53:58 2009 (4A5BC916)
    8bf0e000 8bf1f000   partmgr  partmgr.sys  Mon Jul 13 19:11:35 2009 (4A5BBF27)
    8bed9000 8bf03000   pci      pci.sys      Mon Jul 13 19:11:16 2009 (4A5BBF14)
    8bf7a000 8bf81000   pciide   pciide.sys   Mon Jul 13 19:11:19 2009 (4A5BBF17)
    8bf81000 8bf8f000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:11:15 2009 (4A5BBF13)
    8c3ca000 8c3d8000   pcw      pcw.sys      Mon Jul 13 19:11:10 2009 (4A5BBF0E)
    a14a2000 a1539000   peauth   peauth.sys   Mon Jul 13 20:35:44 2009 (4A5BD2E0)
    96542000 96571000   portcls  portcls.sys  Mon Jul 13 19:51:00 2009 (4A5BC864)
    8bc90000 8bca1000   PSHED    PSHED.dll    Mon Jul 13 21:09:36 2009 (4A5BDAD0)
    91d11000 91d29000   rasl2tp  rasl2tp.sys  Mon Jul 13 19:54:33 2009 (4A5BC939)
    91d56000 91d6e000   raspppoe raspppoe.sys Mon Jul 13 19:54:53 2009 (4A5BC94D)
    91d6e000 91d85000   raspptp  raspptp.sys  Mon Jul 13 19:54:47 2009 (4A5BC947)
    91d85000 91d9c000   rassstp  rassstp.sys  Mon Jul 13 19:54:57 2009 (4A5BC951)
    90cea000 90d2b000   rdbss    rdbss.sys    Mon Jul 13 19:14:26 2009 (4A5BBFD2)
    91d9c000 91da6000   rdpbus   rdpbus.sys   Mon Jul 13 20:02:40 2009 (4A5BCB20)
    8c3e1000 8c3e9000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:01:40 2009 (4A5BCAE4)
    a1c8d000 a1cb2000   rdpdr    rdpdr.sys    Mon Jul 13 20:02:56 2009 (4A5BCB30)
    8c3e9000 8c3f1000   rdpencdd rdpencdd.sys Mon Jul 13 20:01:39 2009 (4A5BCAE3)
    8c3f1000 8c3f9000   rdprefmp rdprefmp.sys Mon Jul 13 20:01:41 2009 (4A5BCAE5)
    a1cc9000 a1cfa000   RDPWD    RDPWD.SYS    Mon Jul 13 20:01:50 2009 (4A5BCAEE)
    8c60a000 8c637000   rdyboost rdyboost.sys Mon Jul 13 19:22:02 2009 (4A5BC19A)
    9a061000 9a074000   rspndr   rspndr.sys   Mon Jul 13 19:53:20 2009 (4A5BC8F0)
    a1543000 a1564000   SbieDrv  SbieDrv.sys  Sun Oct 17 18:40:57 2010 (4CBB7B79)
    91dbe000 91de4000   SCSIPORT SCSIPORT.SYS Mon Jul 13 19:45:55 2009 (4A5BC733)
    a1539000 a1543000   secdrv   secdrv.SYS   Wed Sep 13 09:18:32 2006 (45080528)
    91c81000 91c8b000   serenum  serenum.sys  Mon Jul 13 19:45:27 2009 (4A5BC717)
    8bdd8000 8bdf2000   serial   serial.sys   Mon Jul 13 19:45:33 2009 (4A5BC71D)
    8c608000 8c609480   speedfan speedfan.sys Sun Sep 24 09:28:47 2006 (4516880F)
    8c600000 8c608000   spldr    spldr.sys    Mon May 11 12:13:47 2009 (4A084EBB)
    a1c3c000 a1c8d000   srv      srv.sys      Thu Aug 26 23:31:26 2010 (4C77318E)
    a1592000 a15e1000   srv2     srv2.sys     Thu Aug 26 23:30:45 2010 (4C773165)
    a1564000 a1585000   srvnet   srvnet.sys   Thu Aug 26 23:30:39 2010 (4C77315F)
    90ce4000 90ce9a00   ssmdrv   ssmdrv.sys   Tue May 05 06:05:18 2009 (4A000F5E)
    931fc000 931fd380   swenum   swenum.sys   Mon Jul 13 19:45:08 2009 (4A5BC704)
    8c63e000 8c787000   tcpip    tcpip.sys    Sun Jun 13 23:36:59 2010 (4C15A3DB)
    a1585000 a1592000   tcpipreg tcpipreg.sys Mon Jul 13 19:54:14 2009 (4A5BC926)
    8c1d0000 8c1db000   TDI      TDI.SYS      Mon Jul 13 19:12:12 2009 (4A5BBF4C)
    a1cb2000 a1cbc000   tdtcp    tdtcp.sys    Mon Jul 13 20:01:37 2009 (4A5BCAE1)
    8c1b9000 8c1d0000   tdx      tdx.sys      Mon Jul 13 19:12:10 2009 (4A5BBF4A)
    90cd4000 90ce4000   termdd   termdd.sys   Mon Jul 13 20:01:35 2009 (4A5BCADF)
    90c9d000 90cd3980   truecrypt truecrypt.sys Sun Sep 05 10:23:03 2010 (4C83A7C7)
    9b6d0000 9b6d9000   TSDDD    TSDDD.dll    unavailable (00000000)
    a1cbc000 a1cc9000   tssecsrv tssecsrv.sys Mon Jul 13 20:01:50 2009 (4A5BCAEE)
    90c00000 90c21000   tunnel   tunnel.sys   Mon Jul 13 19:54:03 2009 (4A5BC91B)
    9a1bc000 9a1fc000   udfs     udfs.sys     Mon Jul 13 19:14:09 2009 (4A5BBFC1)
    8bdf2000 8be00000   umbus    umbus.sys    Mon Jul 13 19:51:38 2009 (4A5BC88A)
    81f14000 81f2b000   usbccgp  usbccgp.sys  Mon Jul 13 19:51:31 2009 (4A5BC883)
    9645b000 9645c700   USBD     USBD.SYS     Mon Jul 13 19:51:05 2009 (4A5BC869)
    931ed000 931fc000   usbehci  usbehci.sys  Mon Jul 13 19:51:14 2009 (4A5BC872)
    96493000 964d7000   usbhub   usbhub.sys   Mon Jul 13 19:52:06 2009 (4A5BC8A6)
    931a2000 931ed000   USBPORT  USBPORT.SYS  Mon Jul 13 19:51:13 2009 (4A5BC871)
    81f7d000 81f88000   usbprint usbprint.sys Mon Jul 13 20:17:06 2009 (4A5BCE82)
    9644e000 9645b000   usbrpm   usbrpm.sys   Mon Jul 13 20:14:30 2009 (4A5BCDE6)
    93197000 931a2000   usbuhci  usbuhci.sys  Mon Jul 13 19:51:10 2009 (4A5BC86E)
    90c7b000 90c9c540   VBoxDrv  VBoxDrv.sys  Thu Aug 05 08:07:59 2010 (4C5AA99F)
    91de4000 91dfd8c0   VBoxNetFlt VBoxNetFlt.sys Thu Aug 05 08:07:59 2010 (4C5AA99F)
    90c72000 90c7a9c0   VBoxUSBMon VBoxUSBMon.sys Thu Aug 05 08:08:00 2010 (4C5AA9A0)
    91db3000 91dbe000   VClone   VClone.sys   Sun Aug 09 17:25:56 2009 (4A7F3EE4)
    8bf03000 8bf0e000   vdrvroot vdrvroot.sys Mon Jul 13 19:46:19 2009 (4A5BC74B)
    8c411000 8c41d000   vga      vga.sys      Mon Jul 13 19:25:50 2009 (4A5BC27E)
    8c17f000 8c1a0000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:25:49 2009 (4A5BC27D)
    8c7b8000 8c7c1000   vmstorfl vmstorfl.sys unavailable (00000000)
    8bf1f000 8bf2f000   volmgr   volmgr.sys   Mon Jul 13 19:11:25 2009 (4A5BBF1D)
    8bf2f000 8bf7a000   volmgrx  volmgrx.sys  Mon Jul 13 19:11:41 2009 (4A5BBF2D)
    8c7c1000 8c800000   volsnap  volsnap.sys  Mon Jul 13 19:11:34 2009 (4A5BBF26)
    9645d000 96493000   vpchbus  vpchbus.sys  Tue Sep 22 21:18:06 2009 (4AB9774E)
    8bdc8000 8bdd8000   vpcnfltr vpcnfltr.sys Tue Sep 22 21:18:04 2009 (4AB9774C)
    96436000 9644e000   vpcusb   vpcusb.sys   Tue Sep 22 21:18:08 2009 (4AB97750)
    90c2b000 90c71880   vpcvmm   vpcvmm.sys   Thu Dec 31 01:47:17 2009 (4B3C48F5)
    81ef3000 81efd000   vwifibus vwifibus.sys Mon Jul 13 19:52:02 2009 (4A5BC8A2)
    8c000000 8c011000   vwififlt vwififlt.sys Mon Jul 13 19:52:03 2009 (4A5BC8A3)
    8bc00000 8bc13000   wanarp   wanarp.sys   Mon Jul 13 19:55:02 2009 (4A5BC956)
    8c41d000 8c42a000   watchdog watchdog.sys Mon Jul 13 19:24:10 2009 (4A5BC21A)
    8be01000 8be72000   Wdf01000 Wdf01000.sys Mon Jul 13 19:11:36 2009 (4A5BBF28)
    8be72000 8be80000   WDFLDR   WDFLDR.SYS   Mon Jul 13 19:11:25 2009 (4A5BBF1D)
    8c5f9000 8c600000   wfplwf   wfplwf.sys   Mon Jul 13 19:53:51 2009 (4A5BC90F)
    9b470000 9b6bb000   win32k   win32k.sys   Tue Aug 31 22:34:29 2010 (4C7DBBB5)
    8bec8000 8bed1000   WMILIB   WMILIB.SYS   Mon Jul 13 19:11:22 2009 (4A5BBF1A)
    81fb8000 81fd2000   WudfPf   WudfPf.sys   Mon Jul 13 19:50:13 2009 (4A5BC835)
    
    Unloaded modules:
    a1d2c000 a1d50000   usbvideo.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1d50000 a1d64000   usbaudio.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1dc2000 a1de6000   usbvideo.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1c00000 a1c14000   usbaudio.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1c14000 a1c1b000   drmkaud.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1de8000 a1deb000   MSKSSRV.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1ded000 a1def000   MSPQM.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1deb000 a1ded000   MSTEE.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1de6000 a1de8000   MSPCLOCK.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1d2c000 a1d96000   spsys.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1d2c000 a1d96000   spsys.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1d2c000 a1d96000   spsys.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1c21000 a1c2f000   usbaapl.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1c00000 a1c21000   WUDFRd.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1dd0000 a1de7000   USBSTOR.SYS
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1dc2000 a1dd0000   usbaapl.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    90dfd000 90dff000   avgio.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    81fa3000 81fb8000   avgntflt.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1d9f000 a1dad000   usbaapl.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1d2c000 a1d96000   spsys.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1d2c000 a1d96000   spsys.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1db6000 a1dd7000   WUDFRd.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1d9f000 a1db6000   USBSTOR.SYS
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1d2c000 a1d96000   spsys.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1d2c000 a1d96000   spsys.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1d64000 a1d85000   WUDFRd.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1d4d000 a1d64000   USBSTOR.SYS
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1d2c000 a1d4d000   WUDFRd.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1c21000 a1c2a000   WinUsb.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1c00000 a1c21000   WUDFRd.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1ddf000 a1df6000   USBSTOR.SYS
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1dbe000 a1ddf000   WUDFRd.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1da7000 a1dbe000   USBSTOR.SYS
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1d9f000 a1da7000   mbamswissarm
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    81efd000 81f14000   USBSTOR.SYS
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1cfa000 a1d02000   mbamswissarm
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1d2c000 a1d96000   spsys.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    9a19d000 9a1b5000   parport.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    8c5d8000 8c5e5000   crashdmp.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    8c5e5000 8c5f0000   dump_ataport
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    8c5f0000 8c5f9000   dump_atapi.s
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    8c400000 8c411000   dump_dumpfve
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    91c8b000 91ca3000   i8042prt.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    91cbd000 91cc9000   RAMDiskVE.sy
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    8c411000 8c430000   cdrom.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    
    Debug session time: Tue Nov 30 09:40:42.423 2010 (GMT-5)
    System Uptime: 0 days 11:41:17.675
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    .............................................................
    Loading User Symbols
    Loading unloaded module list
    ....................
    0: kd> !Analyze
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck 19, {3, 8643e120, 8643e120, 8643a120}
    
    Probably caused by : Pool_Corruption ( nt!ExDeferredFreePool+336 )
    
    Followup: Pool_corruption
    ---------
    
    0: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    BAD_POOL_HEADER (19)
    The pool is already corrupt at the time of the current request.
    This may or may not be due to the caller.
    The internal pool links must be walked to figure out a possible cause of
    the problem, and then special pool applied to the suspect tags or the driver
    verifier to a suspect driver.
    Arguments:
    Arg1: 00000003, the pool freelist is corrupt.
    Arg2: 8643e120, the pool entry being checked.
    Arg3: 8643e120, the read back flink freelist value (should be the same as 2).
    Arg4: 8643a120, the read back blink freelist value (should be the same as 2).
    
    Debugging Details:
    ------------------
    
    
    BUGCHECK_STR:  0x19_3
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    
    PROCESS_NAME:  wmpnscfg.exe
    
    CURRENT_IRQL:  2
    
    LAST_CONTROL_TRANSFER:  from 82f268aa to 82f27996
    
    STACK_TEXT:  
    b08b2ba8 82f268aa 82f3c8c0 00000000 85aee348 nt!ExDeferredFreePool+0x336
    b08b2c10 82eac32d 85f43908 00000000 8615d558 nt!ExFreePoolWithTag+0x8a4
    b08b2c40 8304fdae 83bd4628 85aee348 40010004 nt!MmCleanProcessAddressSpace+0x311
    b08b2cb4 830841e1 00000000 87e5ac70 00000001 nt!PspExitThread+0x683
    b08b2ccc 82eaf133 87e5ac70 b08b2cf8 b08b2d04 nt!PsExitSpecialApc+0x22
    b08b2d1c 82e4a504 00000001 00000000 b08b2d34 nt!KiDeliverApc+0x28b
    b08b2d1c 76f164f4 00000001 00000000 b08b2d34 nt!KiServiceExit+0x64
    WARNING: Frame IP not in any known module. Following frames may be wrong.
    0006f6f0 00000000 00000000 00000000 00000000 0x76f164f4
    
    
    STACK_COMMAND:  kb
    
    FOLLOWUP_IP: 
    nt!ExDeferredFreePool+336
    82f27996 cc              int     3
    
    SYMBOL_STACK_INDEX:  0
    
    SYMBOL_NAME:  nt!ExDeferredFreePool+336
    
    FOLLOWUP_NAME:  Pool_corruption
    
    IMAGE_NAME:  Pool_Corruption
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  0
    
    MODULE_NAME: Pool_Corruption
    
    FAILURE_BUCKET_ID:  0x19_3_nt!ExDeferredFreePool+336
    
    BUCKET_ID:  0x19_3_nt!ExDeferredFreePool+336
    
    Followup: Pool_corruption
    ---------
    
    0: kd> lmtsmn
    start    end        module name
    926b7000 926e3000   1394ohci 1394ohci.sys Mon Jul 13 19:51:59 2009 (4A5BC89F)
    8be33000 8be7b000   ACPI     ACPI.sys     Mon Jul 13 19:11:11 2009 (4A5BBF0F)
    8bf58000 8bfb2000   afd      afd.sys      Mon Jul 13 19:12:34 2009 (4A5BBF62)
    92732000 92744000   AgileVpn AgileVpn.sys Mon Jul 13 19:55:00 2009 (4A5BC954)
    8c13d000 8c146000   amdxata  amdxata.sys  Tue May 19 13:57:35 2009 (4A12F30F)
    a10b0000 a10b6de0   ANIO     ANIO.SYS     Mon May 05 06:18:54 2003 (3EB63A8E)
    93ff3000 93ff46c0   ASACPI   ASACPI.sys   Wed Jul 15 23:28:28 2009 (4A5E9E5C)
    92664000 92664fa0   AsIO     AsIO.sys     Mon Aug 03 03:02:32 2009 (4A768B88)
    aef45000 aef4e000   asyncmac asyncmac.sys Mon Jul 13 19:54:46 2009 (4A5BC946)
    8c107000 8c110000   atapi    atapi.sys    Mon Jul 13 19:11:15 2009 (4A5BBF13)
    8c110000 8c133000   ataport  ataport.SYS  Mon Jul 13 19:11:18 2009 (4A5BBF16)
    92662000 92663800   avgio    avgio.sys    Thu Feb 22 09:57:32 2007 (45DDAF5C)
    908a2000 908b7000   avgntflt avgntflt.sys Thu Nov 11 10:54:47 2010 (4CDC11C7)
    9263f000 92662000   avipbb   avipbb.sys   Thu May 27 10:11:26 2010 (4BFE7D8E)
    8c5f6000 8c5fd000   Beep     Beep.SYS     Mon Jul 13 19:45:00 2009 (4A5BC6FC)
    91a18000 91a26000   blbdrive blbdrive.sys Mon Jul 13 19:23:04 2009 (4A5BC1D8)
    8bc8e000 8bc96000   BOOTVID  BOOTVID.dll  Mon Jul 13 21:04:34 2009 (4A5BD9A2)
    909cf000 909e8000   bowser   bowser.sys   Mon Jul 13 19:14:21 2009 (4A5BBFCD)
    92744000 9275c000   bridge   bridge.sys   Mon Jul 13 20:35:44 2009 (4A5BD2E0)
    9c950000 9c96e000   cdd      cdd.dll      Mon Jul 13 21:04:18 2009 (4A5BD992)
    95600000 9561f000   cdrom    cdrom.sys    Mon Jul 13 19:11:24 2009 (4A5BBF1C)
    8bcd8000 8bd83000   CI       CI.dll       Mon Jul 13 21:09:28 2009 (4A5BDAC8)
    8c59e000 8c5c3000   CLASSPNP CLASSPNP.SYS Mon Jul 13 19:11:20 2009 (4A5BBF18)
    8bc96000 8bcd8000   CLFS     CLFS.SYS     Mon Jul 13 19:11:10 2009 (4A5BBF0E)
    8c386000 8c3e3000   cng      cng.sys      Mon Jul 13 19:32:55 2009 (4A5BC427)
    926fb000 92708000   CompositeBus CompositeBus.sys Mon Jul 13 19:45:26 2009 (4A5BC716)
    a10b7000 a10ba580   cpuz134_x32 cpuz134_x32.sys Fri Jul 09 07:18:04 2010 (4C37056C)
    90854000 90861000   crashdmp crashdmp.sys Mon Jul 13 19:45:50 2009 (4A5BC72E)
    91b85000 91be9000   csc      csc.sys      Mon Jul 13 19:15:08 2009 (4A5BBFFC)
    a10bb000 a114b000   CVPNDRVA CVPNDRVA.sys Thu Jun 19 20:07:47 2008 (485AF4D3)
    91a00000 91a18000   dfsc     dfsc.sys     Mon Jul 13 19:14:16 2009 (4A5BBFC8)
    91b79000 91b85000   discache discache.sys Mon Jul 13 19:24:04 2009 (4A5BC214)
    8c58d000 8c59e000   disk     disk.sys     Mon Jul 13 19:11:28 2009 (4A5BBF20)
    92714000 92731480   dne2000  dne2000.sys  Fri Mar 28 20:29:38 2008 (47ED8D72)
    957d0000 957e9000   drmk     drmk.sys     Mon Jul 13 20:36:05 2009 (4A5BD2F5)
    90861000 9086c000   dump_dumpata dump_dumpata.sys Mon Jul 13 19:11:16 2009 (4A5BBF14)
    90876000 90887000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:12:47 2009 (4A5BBF6F)
    9086c000 90876000   dump_msahci dump_msahci.sys Mon Jul 13 19:45:50 2009 (4A5BC72E)
    95625000 9562f000   Dxapi    Dxapi.sys    Mon Jul 13 19:25:25 2009 (4A5BC265)
    93e93000 93f4a000   dxgkrnl  dxgkrnl.sys  Thu Oct 01 20:48:33 2009 (4AC54DE1)
    93f4a000 93f83000   dxgmms1  dxgmms1.sys  Mon Jul 13 19:25:25 2009 (4A5BC265)
    91b74000 91b78900   ElbyCDIO ElbyCDIO.sys Thu Dec 17 17:25:11 2009 (4B2AAFC7)
    aef4e000 aef78000   fastfat  fastfat.SYS  Mon Jul 13 19:14:01 2009 (4A5BBFB9)
    93fe8000 93ff3000   fdc      fdc.sys      Mon Jul 13 19:45:45 2009 (4A5BC729)
    8c17a000 8c18b000   fileinfo fileinfo.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
    95736000 95740000   flpydisk flpydisk.sys Mon Jul 13 19:45:45 2009 (4A5BC729)
    8c146000 8c17a000   fltmgr   fltmgr.sys   Mon Jul 13 19:11:13 2009 (4A5BBF11)
    8c3f1000 8c3fa000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 19:11:14 2009 (4A5BBF12)
    8c55b000 8c58d000   fvevol   fvevol.sys   Fri Sep 25 22:24:21 2009 (4ABD7B55)
    8c779000 8c7aa000   fwpkclnt fwpkclnt.sys Mon Jul 13 19:12:03 2009 (4A5BBF43)
    9561f000 95624280   GEARAspiWDM GEARAspiWDM.sys Mon May 18 08:16:53 2009 (4A1151B5)
    8c62d000 8c62d680   giveio   giveio.sys   Wed Apr 03 22:33:25 1996 (316334F5)
    83217000 8324e000   hal      halmacpi.dll Mon Jul 13 19:11:03 2009 (4A5BBF07)
    9340d000 93411c00   hamachi  hamachi.sys  Thu Feb 19 05:36:27 2009 (499D362B)
    92698000 926b7000   HDAudBus HDAudBus.sys Mon Jul 13 19:50:55 2009 (4A5BC85F)
    95751000 957a1000   HdAudio  HdAudio.sys  Mon Jul 13 19:51:46 2009 (4A5BC892)
    91be9000 91bfc000   HIDCLASS HIDCLASS.SYS Mon Jul 13 19:51:01 2009 (4A5BC865)
    9562f000 95635480   HIDPARSE HIDPARSE.SYS Mon Jul 13 19:50:59 2009 (4A5BC863)
    92708000 92713000   hidusb   hidusb.sys   Mon Jul 13 19:51:04 2009 (4A5BC868)
    9094a000 909cf000   HTTP     HTTP.sys     Mon Jul 13 19:12:53 2009 (4A5BBF75)
    8c553000 8c55b000   hwpolicy hwpolicy.sys Mon Jul 13 19:11:01 2009 (4A5BBF05)
    8c02c000 8c107000   iaStorV  iaStorV.sys  Wed Apr 08 12:54:58 2009 (49DCD6E2)
    92686000 92698000   intelppm intelppm.sys Mon Jul 13 19:11:03 2009 (4A5BBF07)
    93400000 9340d000   kbdclass kbdclass.sys Mon Jul 13 19:11:15 2009 (4A5BBF13)
    90848000 90854000   kbdhid   kbdhid.sys   Mon Jul 13 19:45:09 2009 (4A5BC705)
    80bbb000 80bc3000   kdcom    kdcom.dll    Mon Jul 13 21:08:58 2009 (4A5BDAAA)
    95653000 95687000   ks       ks.sys       Wed Mar 03 22:57:52 2010 (4B8F2FC0)
    8c373000 8c386000   ksecdd   ksecdd.sys   Mon Jul 13 19:11:56 2009 (4A5BBF3C)
    8c51e000 8c543000   ksecpkg  ksecpkg.sys  Thu Dec 10 23:04:22 2009 (4B21C4C6)
    8c5c3000 8c5cad80   LHidFilt LHidFilt.Sys Thu Mar 18 04:50:19 2010 (4BA1E94B)
    908d1000 908e1000   lltdio   lltdio.sys   Mon Jul 13 19:53:18 2009 (4A5BC8EE)
    8c5d6000 8c5dd780   LMouFilt LMouFilt.Sys Thu Mar 18 04:50:27 2010 (4BA1E953)
    90887000 908a2000   luafv    luafv.sys    Mon Jul 13 19:15:44 2009 (4A5BC020)
    957f7000 957fc580   LUsbFilt LUsbFilt.Sys Thu Mar 18 04:50:32 2010 (4BA1E958)
    8bc05000 8bc7d000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 21:06:41 2009 (4A5BDA21)
    92631000 9263c000   monitor  monitor.sys  Mon Jul 13 19:25:58 2009 (4A5BC286)
    927f1000 927fe000   mouclass mouclass.sys Mon Jul 13 19:11:15 2009 (4A5BBF13)
    8c5cb000 8c5d6000   mouhid   mouhid.sys   Mon Jul 13 19:45:08 2009 (4A5BC704)
    8bf42000 8bf58000   mountmgr mountmgr.sys Mon Jul 13 19:11:27 2009 (4A5BBF1F)
    909e8000 909fa000   mpsdrv   mpsdrv.sys   Mon Jul 13 19:52:52 2009 (4A5BC8D4)
    a101f000 a1042000   mrxsmb   mrxsmb.sys   Sat Feb 27 02:32:02 2010 (4B88CA72)
    a1042000 a107d000   mrxsmb10 mrxsmb10.sys Sat Feb 27 02:32:21 2010 (4B88CA85)
    a107d000 a1098000   mrxsmb20 mrxsmb20.sys Sat Feb 27 02:32:11 2010 (4B88CA7B)
    8c133000 8c13d000   msahci   msahci.sys   Mon Jul 13 19:45:50 2009 (4A5BC72E)
    8c1ac000 8c1b7000   Msfs     Msfs.SYS     Mon Jul 13 19:11:26 2009 (4A5BBF1E)
    8be84000 8be8c000   msisadrv msisadrv.sys Mon Jul 13 19:11:09 2009 (4A5BBF0D)
    8c348000 8c373000   msrpc    msrpc.sys    Mon Jul 13 19:11:59 2009 (4A5BBF3F)
    91b6a000 91b74000   mssmbios mssmbios.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD)
    8c543000 8c553000   mup      mup.sys      Mon Jul 13 19:14:14 2009 (4A5BBFC6)
    8c429000 8c4e0000   ndis     ndis.sys     Mon Jul 13 19:12:24 2009 (4A5BBF58)
    92774000 9277f000   ndistapi ndistapi.sys Mon Jul 13 19:54:24 2009 (4A5BC930)
    90927000 90937000   ndisuio  ndisuio.sys  Mon Jul 13 19:53:51 2009 (4A5BC90F)
    9277f000 927a1000   ndiswan  ndiswan.sys  Mon Jul 13 19:54:34 2009 (4A5BC93A)
    95740000 95751000   NDProxy  NDProxy.SYS  Mon Jul 13 19:54:27 2009 (4A5BC933)
    8be00000 8be0e000   netbios  netbios.sys  Mon Jul 13 19:53:54 2009 (4A5BC912)
    8bfb2000 8bfe4000   netbt    netbt.sys    Mon Jul 13 19:12:18 2009 (4A5BBF52)
    8c4e0000 8c51e000   NETIO    NETIO.SYS    Mon Jul 13 19:12:35 2009 (4A5BBF63)
    aee11000 aeed1000   netr28u  netr28u.sys  Wed Aug 05 09:59:27 2009 (4A79903F)
    a114b000 a115a000   npf      npf.sys      Tue Oct 20 13:57:28 2009 (4ADDFA08)
    8c1b7000 8c1c5000   Npfs     Npfs.SYS     Mon Jul 13 19:11:31 2009 (4A5BBF23)
    91b60000 91b6a000   nsiproxy nsiproxy.sys Mon Jul 13 19:12:08 2009 (4A5BBF48)
    82e07000 83217000   nt       ntkrpamp.exe Fri Jun 18 23:55:24 2010 (4C1C3FAC)
    8c219000 8c348000   Ntfs     Ntfs.sys     Mon Jul 13 19:12:05 2009 (4A5BBF45)
    8c41f000 8c426000   Null     Null.SYS     Mon Jul 13 19:11:12 2009 (4A5BBF10)
    93e91000 93e92040   nvBridge nvBridge.kmd Fri Jul 09 17:10:11 2010 (4C379033)
    93413000 93e90dc0   nvlddmkm nvlddmkm.sys Fri Jul 09 17:15:14 2010 (4C379162)
    908e1000 90927000   nwifi    nwifi.sys    Mon Jul 13 19:51:59 2009 (4A5BC89F)
    8c5de000 8c5e8000   nx6000   nx6000.sys   Wed Jan 27 18:36:05 2010 (4B60CDE5)
    8c000000 8c01f000   pacer    pacer.sys    Mon Jul 13 19:53:58 2009 (4A5BC916)
    8bec1000 8bed2000   partmgr  partmgr.sys  Mon Jul 13 19:11:35 2009 (4A5BBF27)
    8be8c000 8beb6000   pci      pci.sys      Mon Jul 13 19:11:16 2009 (4A5BBF14)
    8bf2d000 8bf34000   pciide   pciide.sys   Mon Jul 13 19:11:19 2009 (4A5BBF17)
    8bf34000 8bf42000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:11:15 2009 (4A5BBF13)
    8c3e3000 8c3f1000   pcw      pcw.sys      Mon Jul 13 19:11:10 2009 (4A5BBF0E)
    a115a000 a11f1000   peauth   peauth.sys   Mon Jul 13 20:35:44 2009 (4A5BD2E0)
    957a1000 957d0000   portcls  portcls.sys  Mon Jul 13 19:51:00 2009 (4A5BC864)
    8bc7d000 8bc8e000   PSHED    PSHED.dll    Mon Jul 13 21:09:36 2009 (4A5BDAD0)
    9275c000 92774000   rasl2tp  rasl2tp.sys  Mon Jul 13 19:54:33 2009 (4A5BC939)
    927a1000 927b9000   raspppoe raspppoe.sys Mon Jul 13 19:54:53 2009 (4A5BC94D)
    927b9000 927d0000   raspptp  raspptp.sys  Mon Jul 13 19:54:47 2009 (4A5BC947)
    927d0000 927e7000   rassstp  rassstp.sys  Mon Jul 13 19:54:57 2009 (4A5BC951)
    91b1f000 91b60000   rdbss    rdbss.sys    Mon Jul 13 19:14:26 2009 (4A5BBFD2)
    927e7000 927f1000   rdpbus   rdpbus.sys   Mon Jul 13 20:02:40 2009 (4A5BCB20)
    8c200000 8c208000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:01:40 2009 (4A5BCAE4)
    a14f4000 a1519000   rdpdr    rdpdr.sys    Mon Jul 13 20:02:56 2009 (4A5BCB30)
    8c208000 8c210000   rdpencdd rdpencdd.sys Mon Jul 13 20:01:39 2009 (4A5BCAE3)
    8c210000 8c218000   rdprefmp rdprefmp.sys Mon Jul 13 20:01:41 2009 (4A5BCAE5)
    aefc0000 aeff1000   RDPWD    RDPWD.SYS    Mon Jul 13 20:01:50 2009 (4A5BCAEE)
    8c600000 8c62d000   rdyboost rdyboost.sys Mon Jul 13 19:22:02 2009 (4A5BC19A)
    90937000 9094a000   rspndr   rspndr.sys   Mon Jul 13 19:53:20 2009 (4A5BC8F0)
    a1426000 a1447000   SbieDrv  SbieDrv.sys  Sun Oct 17 18:40:57 2010 (4CBB7B79)
    9260b000 92631000   SCSIPORT SCSIPORT.SYS Mon Jul 13 19:45:55 2009 (4A5BC733)
    a11f1000 a11fb000   secdrv   secdrv.SYS   Wed Sep 13 09:18:32 2006 (45080528)
    93ff5000 93fff000   serenum  serenum.sys  Mon Jul 13 19:45:27 2009 (4A5BC717)
    91a33000 91a4d000   serial   serial.sys   Mon Jul 13 19:45:33 2009 (4A5BC71D)
    8c7fa000 8c7fb480   speedfan speedfan.sys Sun Sep 24 09:28:47 2006 (4516880F)
    8c7f2000 8c7fa000   spldr    spldr.sys    Mon May 11 12:13:47 2009 (4A084EBB)
    a14a3000 a14f4000   srv      srv.sys      Thu Aug 26 23:31:26 2010 (4C77318E)
    a1454000 a14a3000   srv2     srv2.sys     Thu Aug 26 23:30:45 2010 (4C773165)
    a1405000 a1426000   srvnet   srvnet.sys   Thu Aug 26 23:30:39 2010 (4C77315F)
    91b19000 91b1ea00   ssmdrv   ssmdrv.sys   Tue May 05 06:05:18 2009 (4A000F5E)
    95651000 95652380   swenum   swenum.sys   Mon Jul 13 19:45:08 2009 (4A5BC704)
    8c630000 8c779000   tcpip    tcpip.sys    Sun Jun 13 23:36:59 2010 (4C15A3DB)
    a1447000 a1454000   tcpipreg tcpipreg.sys Mon Jul 13 19:54:14 2009 (4A5BC926)
    8c1dc000 8c1e7000   TDI      TDI.SYS      Mon Jul 13 19:12:12 2009 (4A5BBF4C)
    aefa9000 aefb3000   tdtcp    tdtcp.sys    Mon Jul 13 20:01:37 2009 (4A5BCAE1)
    8c1c5000 8c1dc000   tdx      tdx.sys      Mon Jul 13 19:12:10 2009 (4A5BBF4A)
    91b09000 91b19000   termdd   termdd.sys   Mon Jul 13 20:01:35 2009 (4A5BCADF)
    91ad2000 91b08980   truecrypt truecrypt.sys Sun Sep 05 10:23:03 2010 (4C83A7C7)
    9c920000 9c929000   TSDDD    TSDDD.dll    unavailable (00000000)
    aefb3000 aefc0000   tssecsrv tssecsrv.sys Mon Jul 13 20:01:50 2009 (4A5BCAEE)
    92665000 92686000   tunnel   tunnel.sys   Mon Jul 13 19:54:03 2009 (4A5BC91B)
    95687000 95695000   umbus    umbus.sys    Mon Jul 13 19:51:38 2009 (4A5BC88A)
    957e9000 957f7000   usbaapl  usbaapl.sys  Wed Mar 31 23:20:11 2010 (4BB410EB)
    aeeff000 aef12b00   usbaudio usbaudio.sys Mon Jul 13 19:51:23 2009 (4A5BC87B)
    926e3000 926fa000   usbccgp  usbccgp.sys  Mon Jul 13 19:51:31 2009 (4A5BC883)
    956ba000 956bb700   USBD     USBD.SYS     Mon Jul 13 19:51:05 2009 (4A5BC869)
    93fd9000 93fe8000   usbehci  usbehci.sys  Mon Jul 13 19:51:14 2009 (4A5BC872)
    956f2000 95736000   usbhub   usbhub.sys   Mon Jul 13 19:52:06 2009 (4A5BC8A6)
    93f8e000 93fd9000   USBPORT  USBPORT.SYS  Mon Jul 13 19:51:13 2009 (4A5BC871)
    91a26000 91a31000   usbprint usbprint.sys Mon Jul 13 20:17:06 2009 (4A5BCE82)
    956ad000 956ba000   usbrpm   usbrpm.sys   Mon Jul 13 20:14:30 2009 (4A5BCDE6)
    93f83000 93f8e000   usbuhci  usbuhci.sys  Mon Jul 13 19:51:10 2009 (4A5BC86E)
    aeedb000 aeefeb80   usbvideo usbvideo.sys Wed Mar 03 23:04:40 2010 (4B8F3158)
    91ab0000 91ad1540   VBoxDrv  VBoxDrv.sys  Thu Aug 05 08:07:59 2010 (4C5AA99F)
    95637000 956508c0   VBoxNetFlt VBoxNetFlt.sys Thu Aug 05 08:07:59 2010 (4C5AA99F)
    91aa7000 91aaf9c0   VBoxUSBMon VBoxUSBMon.sys Thu Aug 05 08:08:00 2010 (4C5AA9A0)
    92600000 9260b000   VClone   VClone.sys   Sun Aug 09 17:25:56 2009 (4A7F3EE4)
    8beb6000 8bec1000   vdrvroot vdrvroot.sys Mon Jul 13 19:46:19 2009 (4A5BC74B)
    8c400000 8c40c000   vga      vga.sys      Mon Jul 13 19:25:50 2009 (4A5BC27E)
    8c18b000 8c1ac000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:25:49 2009 (4A5BC27D)
    8c7aa000 8c7b2380   vmstorfl vmstorfl.sys Mon Jul 13 19:28:44 2009 (4A5BC32C)
    8bed2000 8bee2000   volmgr   volmgr.sys   Mon Jul 13 19:11:25 2009 (4A5BBF1D)
    8bee2000 8bf2d000   volmgrx  volmgrx.sys  Mon Jul 13 19:11:41 2009 (4A5BBF2D)
    8c7b3000 8c7f2000   volsnap  volsnap.sys  Mon Jul 13 19:11:34 2009 (4A5BBF26)
    956bc000 956f2000   vpchbus  vpchbus.sys  Tue Sep 22 21:18:06 2009 (4AB9774E)
    8bfe4000 8bff4000   vpcnfltr vpcnfltr.sys Tue Sep 22 21:18:04 2009 (4AB9774C)
    95695000 956ad000   vpcusb   vpcusb.sys   Tue Sep 22 21:18:08 2009 (4AB97750)
    91a60000 91aa6880   vpcvmm   vpcvmm.sys   Thu Dec 31 01:47:17 2009 (4B3C48F5)
    aeed1000 aeedb000   vwifibus vwifibus.sys Mon Jul 13 19:52:02 2009 (4A5BC8A2)
    8c1ee000 8c1ff000   vwififlt vwififlt.sys Mon Jul 13 19:52:03 2009 (4A5BC8A3)
    91a4d000 91a60000   wanarp   wanarp.sys   Mon Jul 13 19:55:02 2009 (4A5BC956)
    8c40c000 8c419000   watchdog watchdog.sys Mon Jul 13 19:24:10 2009 (4A5BC21A)
    8bd83000 8bdf4000   Wdf01000 Wdf01000.sys Mon Jul 13 19:11:36 2009 (4A5BBF28)
    8be25000 8be33000   WDFLDR   WDFLDR.SYS   Mon Jul 13 19:11:25 2009 (4A5BBF1D)
    8c1e7000 8c1ee000   wfplwf   wfplwf.sys   Mon Jul 13 19:53:51 2009 (4A5BC90F)
    9c6c0000 9c90b000   win32k   win32k.sys   Tue Aug 31 22:34:29 2010 (4C7DBBB5)
    8be7b000 8be84000   WMILIB   WMILIB.SYS   Mon Jul 13 19:11:22 2009 (4A5BBF1A)
    908b7000 908d1000   WudfPf   WudfPf.sys   Mon Jul 13 19:50:13 2009 (4A5BC835)
    
    Unloaded modules:
    aef13000 aef1d000   tdtcp.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    aef1d000 aef2a000   tssecsrv.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    aef78000 aefa9000   RDPWD.SYS
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1523000 a1530000   tssecsrv.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1519000 a1523000   tdtcp.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1530000 a1561000   RDPWD.SYS
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    aeedb000 aeeff000   usbvideo.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    aeeff000 aef13000   usbaudio.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    90810000 90834000   usbvideo.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    90834000 90848000   usbaudio.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    aef78000 aefe2000   spsys.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    aeedb000 aef45000   spsys.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    a1098000 a10b0000   parport.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    8c5c3000 8c5d0000   crashdmp.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    8c5d0000 8c5db000   dump_pciidex
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    8c5db000 8c5e5000   dump_msahci.
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    8c5e5000 8c5f6000   dump_dumpfve
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    926e3000 926fb000   i8042prt.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    92708000 92714000   RAMDiskVE.sy
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    8c400000 8c41f000   cdrom.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    Last edited by CarlTR6; 30 Nov 2010 at 12:40.
      My Computer


  3. Posts : 3
    Windows 7 Professional 32bit
    Thread Starter
       #3

    Thanks for the suggestions, they didn't seem to work. I have since moved to my SSD with a clean install of windows 7 32bit professional. I am still getting the BSOD's but they are not the bad_pool_header, I think the problem might be my new memory or the ramdisk app. I'll post the results here.

    EDIT: uploaded the new files.
      My Computer


  4. Posts : 11,990
    Windows 7 Ultimate 32 bit
       #4

    I have looked at your four most recent dumps; your most recent is bad_pool_header.
    Error code 19, BAD_POOL_HEADER. Usual causes: Device driver.

    Error code D1, DRIVER_IRQL_NOT_LESS_OR_EQUAL. Usual causes: Device driver.

    Error code 24, NTFS_FILE_SYSTEM. Usual causes: Disk corruption, insufficient physical memory, Device driver, Indexing, Resident antivirus, backup, defrag programs, Disk/Drive failing/failure.

    Error code A, IRQL_NOT_LESS_OR_EQUAL. Usual causes: Kernel mode driver, System Service, BIOS, Windows, Virus scanner, Backup tool, compatibility.
    I find an almost guaranteed BSOD maker loaded on your system. This is an XP driver and it will not work with Win 7.
    Code:
    ASACPI.sys   Thu Aug 12 22:52:52 2004
    The 2004 version of this driver is a known BSOD cause. It is an XP driver and will not work with Win 7.
    Please visit this link: ASUSTeK Computer Inc.-Support- download_item_mkt
    Scroll down to the Utilities category, then scroll down to the "ATK0110 driver for WindowsXP/Vista/Windows 7 32&64-bit " (it's about the 8th item down).
    Download and install it.
    Go to C:\Windows\System32\drivers to check and make sure that the ASACPI.sys file is date stamped from 2009 or 2010 (NOT 2004).

    I find this out of date driver loaded on your system.
    iaStor.sys Thu Jun 04 21:42:33 2009 - Intel Storage drivers. http://downloadcenter.intel.com/Default.aspx. Update this driver.
    I suggest that you uninstall RAMDisk. Once you know your system is stable, you can re-install it and try it again. Because of error code 24, I recommend that you run CheckDisk.
    Run CHKDSK /R /F from an elevated (Run as adminstrator) Command Prompt. Please do this for each hard drive on your system.
    When it tells you it can't do it right now - and asks you if you'd like to do it at the next reboot - answer Y (for Yes) and press Enter. Then reboot and let the test run. It may take a while for it to run, but keep an occasional eye on it to see if it generates any errors. See "CHKDSK LogFile" below in order to check the results of the test.

    Elevated Command Prompt:
    Go to Start and type in "cmd.exe" (without the quotes)
    At the top of the Search Box, right click on Cmd.exe and select "Run as administrator"

    CHKDSK LogFile:
    Go to Start and type in "eventvwr.msc" (without the quotes) and press Enter
    Expand the Windows logs heading, then select the Application log file entry.
    Double click on the Source column header.
    Scroll down the list until you find the Chkdsk entry (wininit for Windows 7).

    Copy/paste the results into your next post.


    Code:
    Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 7600.16617.x86fre.win7_gdr.100618-1621
    Machine Name:
    Kernel base = 0x82a06000 PsLoadedModuleList = 0x82b4e810
    Debug session time: Sat Dec  4 07:02:29.930 2010 (GMT-5)
    System Uptime: 0 days 13:42:22.506
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    .........................
    Loading User Symbols
    Loading unloaded module list
    .......
    0: kd> !Analyze
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck 19, {20, 85bd7a92, 85bd8522, 69520404}
    
    GetPointerFromAddress: unable to read from 82b6e718
    Unable to read MiSystemVaType memory at 82b4e160
    Probably caused by : ntkrpamp.exe ( nt!ExFreePoolWithTag+1b1 )
    
    Followup: MachineOwner
    ---------
    
    0: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    BAD_POOL_HEADER (19)
    The pool is already corrupt at the time of the current request.
    This may or may not be due to the caller.
    The internal pool links must be walked to figure out a possible cause of
    the problem, and then special pool applied to the suspect tags or the driver
    verifier to a suspect driver.
    Arguments:
    Arg1: 00000020, a pool block header size is corrupt.
    Arg2: 85bd7a92, The pool entry we were looking for within the page.
    Arg3: 85bd8522, The next pool entry.
    Arg4: 69520404, (reserved)
    
    Debugging Details:
    ------------------
    
    GetPointerFromAddress: unable to read from 82b6e718
    Unable to read MiSystemVaType memory at 82b4e160
    
    BUGCHECK_STR:  0x19_20
    
    POOL_ADDRESS: GetPointerFromAddress: unable to read from 82b6e718
    Unable to read MiSystemVaType memory at 82b4e160
     85bd7a92 
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    
    PROCESS_NAME:  System
    
    CURRENT_IRQL:  0
    
    LAST_CONTROL_TRANSFER:  from 82aac9c4 to 82b251b6
    
    STACK_TEXT:  
    8db0babc 82aac9c4 85bd7a9a 00000000 85be6400 nt!ExFreePoolWithTag+0x1b1
    8db0bae0 8ba36a69 85be6424 82a4051c 85be6400 nt!ExDeleteResourceLite+0xfb
    8db0baf4 8ba28c0c 85be6400 8db0bb18 8bacdc4b Ntfs!NtfsFreeNonpagedDataFcb+0x16
    8db0bb00 8bacdc4b 8ba5c300 85be6400 855b9350 Ntfs!ExFreeToNPagedLookasideList+0x1e
    8db0bb18 8bacabc8 85be6400 00000000 8696b240 Ntfs!NtfsDeleteNonpagedFcb+0x3c
    8db0bb40 8ba36174 855b9350 8db0bb70 8db0bb7a Ntfs!NtfsDeleteFcb+0xd5
    8db0bb94 8bab215d 855b9350 8696b0d8 aef0b008 Ntfs!NtfsTeardownFromLcb+0x24f
    8db0bbe4 8ba2ebec 855b9350 aef0b0f8 01f0b2a0 Ntfs!NtfsTeardownStructures+0xf3
    8db0bc0c 8baae55b 855b9350 aef0b0f8 aef0b2a0 Ntfs!NtfsDecrementCloseCounts+0xaf
    8db0bc6c 8bacd4c3 855b9350 aef0b0f8 aef0b008 Ntfs!NtfsCommonClose+0x4f2
    8db0bd00 82a73f3b 00000000 00000000 851c1a70 Ntfs!NtfsFspClose+0x118
    8db0bd50 82c146d3 00000000 a18cc16f 00000000 nt!ExpWorkerThread+0x10d
    8db0bd90 82ac60f9 82a73e2e 00000000 00000000 nt!PspSystemThreadStartup+0x9e
    00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19
    
    
    STACK_COMMAND:  kb
    
    FOLLOWUP_IP: 
    nt!ExFreePoolWithTag+1b1
    82b251b6 cc              int     3
    
    SYMBOL_STACK_INDEX:  0
    
    SYMBOL_NAME:  nt!ExFreePoolWithTag+1b1
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: nt
    
    IMAGE_NAME:  ntkrpamp.exe
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c3fac
    
    FAILURE_BUCKET_ID:  0x19_20_nt!ExFreePoolWithTag+1b1
    
    BUCKET_ID:  0x19_20_nt!ExFreePoolWithTag+1b1
    
    Followup: MachineOwner
    ---------
    
    0: kd> lmtsmn
    start    end        module name
    92068000 92094000   1394ohci 1394ohci.sys Mon Jul 13 19:51:59 2009 (4A5BC89F)
    8b6ba000 8b702000   ACPI     ACPI.sys     Mon Jul 13 19:11:11 2009 (4A5BBF0F)
    8b978000 8b9d2000   afd      afd.sys      Mon Jul 13 19:12:34 2009 (4A5BBF62)
    9212a000 9213c000   AgileVpn AgileVpn.sys Mon Jul 13 19:55:00 2009 (4A5BC954)
    8b92a000 8b933000   amdxata  amdxata.sys  Tue May 19 13:57:35 2009 (4A12F30F)
    920e0000 920e1420   ASACPI   ASACPI.sys   Thu Aug 12 22:52:52 2004 (411C2D04)
    a08fd000 a0906000   asyncmac asyncmac.sys Mon Jul 13 19:54:46 2009 (4A5BC946)
    8b8f4000 8b8fd000   atapi    atapi.sys    Mon Jul 13 19:11:15 2009 (4A5BBF13)
    8b8fd000 8b920000   ataport  ataport.SYS  Mon Jul 13 19:11:18 2009 (4A5BBF16)
    9154a000 91551000   Beep     Beep.SYS     Mon Jul 13 19:45:00 2009 (4A5BC6FC)
    916a0000 916ae000   blbdrive blbdrive.sys Mon Jul 13 19:23:04 2009 (4A5BC1D8)
    8b4a0000 8b4a8000   BOOTVID  BOOTVID.dll  Mon Jul 13 21:04:34 2009 (4A5BD9A2)
    9b4b6000 9b4cf000   bowser   bowser.sys   Mon Jul 13 19:14:21 2009 (4A5BBFCD)
    98800000 9881e000   cdd      cdd.dll      unavailable (00000000)
    8b4ea000 8b595000   CI       CI.dll       Mon Jul 13 21:09:28 2009 (4A5BDAC8)
    8bd8e000 8bdb3000   CLASSPNP CLASSPNP.SYS Mon Jul 13 19:11:20 2009 (4A5BBF18)
    8b4a8000 8b4ea000   CLFS     CLFS.SYS     Mon Jul 13 19:11:10 2009 (4A5BBF0E)
    8bb89000 8bbe6000   cng      cng.sys      Mon Jul 13 19:32:55 2009 (4A5BC427)
    92111000 9211e000   CompositeBus CompositeBus.sys Mon Jul 13 19:45:26 2009 (4A5BC716)
    93767000 93774000   crashdmp crashdmp.sys Mon Jul 13 19:45:50 2009 (4A5BC72E)
    91624000 91688000   csc      csc.sys      Mon Jul 13 19:15:08 2009 (4A5BBFFC)
    91688000 916a0000   dfsc     dfsc.sys     Mon Jul 13 19:14:16 2009 (4A5BBFC8)
    8b9d2000 8b9de000   discache discache.sys Mon Jul 13 19:24:04 2009 (4A5BC214)
    8be08000 8be19000   disk     disk.sys     Mon Jul 13 19:11:28 2009 (4A5BBF20)
    9371a000 93733000   drmk     drmk.sys     Mon Jul 13 20:36:05 2009 (4A5BD2F5)
    93774000 93785000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:12:47 2009 (4A5BBF6F)
    9140e000 914e8000   dump_iaStor dump_iaStor.sys Thu Jun 04 21:42:33 2009 (4A287809)
    9375d000 93767000   Dxapi    Dxapi.sys    Mon Jul 13 19:25:25 2009 (4A5BC265)
    916e1000 91798000   dxgkrnl  dxgkrnl.sys  Thu Oct 01 20:48:33 2009 (4AC54DE1)
    92c00000 92c39000   dxgmms1  dxgmms1.sys  Mon Jul 13 19:25:25 2009 (4A5BC265)
    93733000 9375d000   fastfat  fastfat.SYS  Mon Jul 13 19:14:01 2009 (4A5BBFB9)
    920d5000 920e0000   fdc      fdc.sys      Mon Jul 13 19:45:45 2009 (4A5BC729)
    8b967000 8b978000   fileinfo fileinfo.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
    93680000 9368a000   flpydisk flpydisk.sys Mon Jul 13 19:45:45 2009 (4A5BC729)
    8b933000 8b967000   fltmgr   fltmgr.sys   Mon Jul 13 19:11:13 2009 (4A5BBF11)
    8bbf4000 8bbfd000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 19:11:14 2009 (4A5BBF12)
    8bd5c000 8bd8e000   fvevol   fvevol.sys   Fri Sep 25 22:24:21 2009 (4ABD7B55)
    8bf6f000 8bfa0000   fwpkclnt fwpkclnt.sys Mon Jul 13 19:12:03 2009 (4A5BBF43)
    82e16000 82e4d000   hal      halmacpi.dll Mon Jul 13 19:11:03 2009 (4A5BBF07)
    91600000 9161f000   HDAudBus HDAudBus.sys Mon Jul 13 19:50:55 2009 (4A5BC85F)
    9369b000 936eb000   HdAudio  HdAudio.sys  Mon Jul 13 19:51:46 2009 (4A5BC892)
    81f47000 81f5a000   HIDCLASS HIDCLASS.SYS Mon Jul 13 19:51:01 2009 (4A5BC865)
    81f5a000 81f60480   HIDPARSE HIDPARSE.SYS Mon Jul 13 19:50:59 2009 (4A5BC863)
    81f3c000 81f47000   hidusb   hidusb.sys   Mon Jul 13 19:51:04 2009 (4A5BC868)
    9b431000 9b4b6000   HTTP     HTTP.sys     Mon Jul 13 19:12:53 2009 (4A5BBF75)
    8be00000 8be08000   hwpolicy hwpolicy.sys Mon Jul 13 19:11:01 2009 (4A5BBF05)
    8b81a000 8b8f4000   iaStor   iaStor.sys   Thu Jun 04 21:42:33 2009 (4A287809)
    916cf000 916e1000   intelppm intelppm.sys Mon Jul 13 19:11:03 2009 (4A5BBF07)
    92104000 92111000   kbdclass kbdclass.sys Mon Jul 13 19:11:15 2009 (4A5BBF13)
    81fe5000 81ff1000   kbdhid   kbdhid.sys   Mon Jul 13 19:45:09 2009 (4A5BC705)
    80b9b000 80ba3000   kdcom    kdcom.dll    Mon Jul 13 21:08:58 2009 (4A5BDAAA)
    8b600000 8b634000   ks       ks.sys       Wed Mar 03 22:57:52 2010 (4B8F2FC0)
    8bb76000 8bb89000   ksecdd   ksecdd.sys   Mon Jul 13 19:11:56 2009 (4A5BBF3C)
    8bd0a000 8bd2f000   ksecpkg  ksecpkg.sys  Thu Dec 10 23:04:22 2009 (4B21C4C6)
    81f6c000 81f7c000   lltdio   lltdio.sys   Mon Jul 13 19:53:18 2009 (4A5BC8EE)
    81eee000 81f09000   luafv    luafv.sys    Mon Jul 13 19:15:44 2009 (4A5BC020)
    8b417000 8b48f000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Mon Jul 13 21:06:41 2009 (4A5BDA21)
    93785000 93790000   monitor  monitor.sys  Mon Jul 13 19:25:58 2009 (4A5BC286)
    921d1000 921de000   mouclass mouclass.sys Mon Jul 13 19:11:15 2009 (4A5BBF13)
    81f61000 81f6c000   mouhid   mouhid.sys   Mon Jul 13 19:45:08 2009 (4A5BC704)
    8b7c9000 8b7df000   mountmgr mountmgr.sys Mon Jul 13 19:11:27 2009 (4A5BBF1F)
    91520000 91543000   MpFilter MpFilter.sys Sat Mar 20 00:03:26 2010 (4BA4490E)
    a088a000 a0892e00   MpNWMon  MpNWMon.sys  Sat Mar 20 00:03:24 2010 (4BA4490C)
    9b4cf000 9b4e1000   mpsdrv   mpsdrv.sys   Mon Jul 13 19:52:52 2009 (4A5BC8D4)
    9b4e1000 9b504000   mrxsmb   mrxsmb.sys   Sat Feb 27 02:32:02 2010 (4B88CA72)
    9b504000 9b53f000   mrxsmb10 mrxsmb10.sys Sat Feb 27 02:32:21 2010 (4B88CA85)
    9b53f000 9b55a000   mrxsmb20 mrxsmb20.sys Sat Feb 27 02:32:11 2010 (4B88CA7B)
    8b920000 8b92a000   msahci   msahci.sys   Mon Jul 13 19:45:50 2009 (4A5BC72E)
    915a3000 915ae000   Msfs     Msfs.SYS     Mon Jul 13 19:11:26 2009 (4A5BBF1E)
    8b70b000 8b713000   msisadrv msisadrv.sys Mon Jul 13 19:11:09 2009 (4A5BBF0D)
    8bb4b000 8bb76000   msrpc    msrpc.sys    Mon Jul 13 19:11:59 2009 (4A5BBF3F)
    8ba10000 8ba1a000   mssmbios mssmbios.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD)
    8bff0000 8c000000   mup      mup.sys      Mon Jul 13 19:14:14 2009 (4A5BBFC6)
    8bc15000 8bccc000   ndis     ndis.sys     Mon Jul 13 19:12:24 2009 (4A5BBF58)
    92154000 9215f000   ndistapi ndistapi.sys Mon Jul 13 19:54:24 2009 (4A5BC930)
    81fc2000 81fd2000   ndisuio  ndisuio.sys  Mon Jul 13 19:53:51 2009 (4A5BC90F)
    9215f000 92181000   ndiswan  ndiswan.sys  Mon Jul 13 19:54:34 2009 (4A5BC93A)
    9368a000 9369b000   NDProxy  NDProxy.SYS  Mon Jul 13 19:54:27 2009 (4A5BC933)
    91400000 9140e000   netbios  netbios.sys  Mon Jul 13 19:53:54 2009 (4A5BC912)
    8bdb3000 8bde5000   netbt    netbt.sys    Mon Jul 13 19:12:18 2009 (4A5BBF52)
    8bccc000 8bd0a000   NETIO    NETIO.SYS    Mon Jul 13 19:12:35 2009 (4A5BBF63)
    81e24000 81ee4000   netr28u  netr28u.sys  Wed Aug 05 09:59:27 2009 (4A79903F)
    915ae000 915bc000   Npfs     Npfs.SYS     Mon Jul 13 19:11:31 2009 (4A5BBF23)
    915f6000 91600000   nsiproxy nsiproxy.sys Mon Jul 13 19:12:08 2009 (4A5BBF48)
    82a06000 82e16000   nt       ntkrpamp.exe Fri Jun 18 23:55:24 2010 (4C1C3FAC)
    8ba1c000 8bb4b000   Ntfs     Ntfs.sys     Mon Jul 13 19:12:05 2009 (4A5BBF45)
    91543000 9154a000   Null     Null.SYS     Mon Jul 13 19:11:12 2009 (4A5BBF10)
    935db000 935dc040   nvBridge nvBridge.kmd Sat Oct 16 13:04:23 2010 (4CB9DB17)
    92c3e000 935da5a0   nvlddmkm nvlddmkm.sys Sat Oct 16 13:07:56 2010 (4CB9DBEC)
    81f7c000 81fc2000   nwifi    nwifi.sys    Mon Jul 13 19:51:59 2009 (4A5BC89F)
    91501000 91520000   pacer    pacer.sys    Mon Jul 13 19:53:58 2009 (4A5BC916)
    8b748000 8b759000   partmgr  partmgr.sys  Mon Jul 13 19:11:35 2009 (4A5BBF27)
    8b713000 8b73d000   pci      pci.sys      Mon Jul 13 19:11:16 2009 (4A5BBF14)
    8b7b4000 8b7bb000   pciide   pciide.sys   Mon Jul 13 19:11:19 2009 (4A5BBF17)
    8b7bb000 8b7c9000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:11:15 2009 (4A5BBF13)
    8bbe6000 8bbf4000   pcw      pcw.sys      Mon Jul 13 19:11:10 2009 (4A5BBF0E)
    9b55a000 9b5f1000   peauth   peauth.sys   Mon Jul 13 20:35:44 2009 (4A5BD2E0)
    936eb000 9371a000   portcls  portcls.sys  Mon Jul 13 19:51:00 2009 (4A5BC864)
    8b48f000 8b4a0000   PSHED    PSHED.dll    Mon Jul 13 21:09:36 2009 (4A5BDAD0)
    9211e000 92129e00   RAMDiskVE RAMDiskVE.sys Thu Nov 11 08:10:05 2010 (4CDBEB2D)
    9213c000 92154000   rasl2tp  rasl2tp.sys  Mon Jul 13 19:54:33 2009 (4A5BC939)
    92181000 92199000   raspppoe raspppoe.sys Mon Jul 13 19:54:53 2009 (4A5BC94D)
    92199000 921b0000   raspptp  raspptp.sys  Mon Jul 13 19:54:47 2009 (4A5BC947)
    921b0000 921c7000   rassstp  rassstp.sys  Mon Jul 13 19:54:57 2009 (4A5BC951)
    8b595000 8b5d6000   rdbss    rdbss.sys    Mon Jul 13 19:14:26 2009 (4A5BBFD2)
    921c7000 921d1000   rdpbus   rdpbus.sys   Mon Jul 13 20:02:40 2009 (4A5BCB20)
    9158b000 91593000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:01:40 2009 (4A5BCAE4)
    91593000 9159b000   rdpencdd rdpencdd.sys Mon Jul 13 20:01:39 2009 (4A5BCAE3)
    9159b000 915a3000   rdprefmp rdprefmp.sys Mon Jul 13 20:01:41 2009 (4A5BCAE5)
    8bd2f000 8bd5c000   rdyboost rdyboost.sys Mon Jul 13 19:22:02 2009 (4A5BC19A)
    81fd2000 81fe5000   rspndr   rspndr.sys   Mon Jul 13 19:53:20 2009 (4A5BC8F0)
    92094000 920d5000   Rt86win7 Rt86win7.sys Tue Jan 12 01:37:10 2010 (4B4C1896)
    9b5f1000 9b5fb000   secdrv   secdrv.SYS   Wed Sep 13 09:18:32 2006 (45080528)
    920e2000 920ec000   serenum  serenum.sys  Mon Jul 13 19:45:27 2009 (4A5BC717)
    8bde5000 8bdff000   serial   serial.sys   Mon Jul 13 19:45:33 2009 (4A5BC71D)
    8bfe8000 8bff0000   spldr    spldr.sys    Mon May 11 12:13:47 2009 (4A084EBB)
    a0839000 a088a000   srv      srv.sys      Thu Aug 26 23:31:26 2010 (4C77318E)
    93790000 937df000   srv2     srv2.sys     Thu Aug 26 23:30:45 2010 (4C773165)
    9b400000 9b421000   srvnet   srvnet.sys   Thu Aug 26 23:30:39 2010 (4C77315F)
    921de000 921df380   swenum   swenum.sys   Mon Jul 13 19:45:08 2009 (4A5BC704)
    8be26000 8bf6f000   tcpip    tcpip.sys    Sun Jun 13 23:36:59 2010 (4C15A3DB)
    9b421000 9b42e000   tcpipreg tcpipreg.sys Mon Jul 13 19:54:14 2009 (4A5BC926)
    915d3000 915de000   TDI      TDI.SYS      Mon Jul 13 19:12:12 2009 (4A5BBF4C)
    915bc000 915d3000   tdx      tdx.sys      Mon Jul 13 19:12:10 2009 (4A5BBF4A)
    8ba00000 8ba10000   termdd   termdd.sys   Mon Jul 13 20:01:35 2009 (4A5BCADF)
    98bc0000 98bc9000   TSDDD    TSDDD.dll    unavailable (00000000)
    916ae000 916cf000   tunnel   tunnel.sys   Mon Jul 13 19:54:03 2009 (4A5BC91B)
    921e0000 921ee000   umbus    umbus.sys    Mon Jul 13 19:51:38 2009 (4A5BC88A)
    81f23000 81f3a000   usbccgp  usbccgp.sys  Mon Jul 13 19:51:31 2009 (4A5BC883)
    81f3a000 81f3b700   USBD     USBD.SYS     Mon Jul 13 19:51:05 2009 (4A5BC869)
    935e8000 935f7000   usbehci  usbehci.sys  Mon Jul 13 19:51:14 2009 (4A5BC872)
    9363c000 93680000   usbhub   usbhub.sys   Mon Jul 13 19:52:06 2009 (4A5BC8A6)
    91798000 917e3000   USBPORT  USBPORT.SYS  Mon Jul 13 19:51:13 2009 (4A5BC871)
    81ff1000 81ffc000   usbprint usbprint.sys Mon Jul 13 20:17:06 2009 (4A5BCE82)
    935dd000 935e8000   usbuhci  usbuhci.sys  Mon Jul 13 19:51:10 2009 (4A5BC86E)
    8b73d000 8b748000   vdrvroot vdrvroot.sys Mon Jul 13 19:46:19 2009 (4A5BC74B)
    91551000 9155d000   vga      vga.sys      Mon Jul 13 19:25:50 2009 (4A5BC27E)
    9155d000 9157e000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:25:49 2009 (4A5BC27D)
    8bfa0000 8bfa8380   vmstorfl vmstorfl.sys Mon Jul 13 19:28:44 2009 (4A5BC32C)
    8b759000 8b769000   volmgr   volmgr.sys   Mon Jul 13 19:11:25 2009 (4A5BBF1D)
    8b769000 8b7b4000   volmgrx  volmgrx.sys  Mon Jul 13 19:11:41 2009 (4A5BBF2D)
    8bfa9000 8bfe8000   volsnap  volsnap.sys  Mon Jul 13 19:11:34 2009 (4A5BBF26)
    81ee4000 81eee000   vwifibus vwifibus.sys Mon Jul 13 19:52:02 2009 (4A5BC8A2)
    915e5000 915f6000   vwififlt vwififlt.sys Mon Jul 13 19:52:03 2009 (4A5BC8A3)
    8bc00000 8bc13000   wanarp   wanarp.sys   Mon Jul 13 19:55:02 2009 (4A5BC956)
    9157e000 9158b000   watchdog watchdog.sys Mon Jul 13 19:24:10 2009 (4A5BC21A)
    8b63b000 8b6ac000   Wdf01000 Wdf01000.sys Mon Jul 13 19:11:36 2009 (4A5BBF28)
    8b6ac000 8b6ba000   WDFLDR   WDFLDR.SYS   Mon Jul 13 19:11:25 2009 (4A5BBF1D)
    915de000 915e5000   wfplwf   wfplwf.sys   Mon Jul 13 19:53:51 2009 (4A5BC90F)
    98960000 98bab000   win32k   win32k.sys   unavailable (00000000)
    8b702000 8b70b000   WMILIB   WMILIB.SYS   Mon Jul 13 19:11:22 2009 (4A5BBF1A)
    81f09000 81f23000   WudfPf   WudfPf.sys   Mon Jul 13 19:50:13 2009 (4A5BC835)
    92017000 92068000   yk62x86  yk62x86.sys  Mon Sep 28 02:33:34 2009 (4AC058BE)
    
    Unloaded modules:
    a0893000 a08fd000   spsys.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    9b55a000 9b572000   parport.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    8be19000 8be26000   crashdmp.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    91416000 914f0000   dump_iaStor.
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    914f0000 91501000   dump_dumpfve
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    920ec000 92104000   i8042prt.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    91501000 91520000   cdrom.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
    
    Debug session time: Fri Dec  3 09:56:00.233 2010 (GMT-5)
    System Uptime: 0 days 0:00:13.638
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    .......................
    Loading User Symbols
    Loading unloaded module list
    ......
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck D1, {aceb00bb, 2, 0, 8ba5e8c1}
    
    Unable to load image \SystemRoot\system32\DRIVERS\iaStor.sys, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for iaStor.sys
    *** ERROR: Module load completed but symbols could not be loaded for iaStor.sys
    Probably caused by : iaStor.sys ( iaStor+5e8c1 )
    
    Followup: MachineOwner
    ---------
    
    0: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high.  This is usually
    caused by drivers using improper addresses.
    If kernel debugger is available get stack backtrace.
    Arguments:
    Arg1: aceb00bb, memory referenced
    Arg2: 00000002, IRQL
    Arg3: 00000000, value 0 = read operation, 1 = write operation
    Arg4: 8ba5e8c1, address which referenced memory
    
    Debugging Details:
    ------------------
    
    
    READ_ADDRESS: GetPointerFromAddress: unable to read from 82bbe718
    Unable to read MiSystemVaType memory at 82b9e160
     aceb00bb 
    
    CURRENT_IRQL:  2
    
    FAULTING_IP: 
    iaStor+5e8c1
    8ba5e8c1 8a5006          mov     dl,byte ptr [eax+6]
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    
    BUGCHECK_STR:  0xD1
    
    PROCESS_NAME:  System
    
    TRAP_FRAME:  82b7c9b0 -- (.trap 0xffffffff82b7c9b0)
    ErrCode = 00000000
    eax=aceb00b5 ebx=860fac30 ecx=8610109c edx=00000000 esi=8610109c edi=aceb00b5
    eip=8ba5e8c1 esp=82b7ca24 ebp=82b7ca24 iopl=0         nv up ei ng nz ac po cy
    cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010293
    iaStor+0x5e8c1:
    8ba5e8c1 8a5006          mov     dl,byte ptr [eax+6]        ds:0023:aceb00bb=??
    Resetting default scope
    
    LAST_CONTROL_TRANSFER:  from 8ba5e8c1 to 82a9c82b
    
    STACK_TEXT:  
    82b7c9b0 8ba5e8c1 badb0d00 00000000 82ac2ba9 nt!KiTrap0E+0x2cf
    WARNING: Stack unwind information not available. Following frames may be wrong.
    82b7ca24 8ba5ee8e aceb00b5 860fcfa0 860fac30 iaStor+0x5e8c1
    82b7ca44 8ba08020 aceb00b5 82a93f48 aceb00b5 iaStor+0x5ee8e
    82b7caf4 8ba09595 860fac30 aceb00b5 82a93f48 iaStor+0x8020
    82b7cbc8 8ba098fc 860fac30 0000001e 82b81600 iaStor+0x9595
    82b7cc64 8ba269d9 860fac30 00000000 82b89304 iaStor+0x98fc
    82b7cc78 82abe3b5 8609c480 8609a020 00000000 iaStor+0x269d9
    82b7ccd4 82abe218 82b7fd20 82b89280 00000000 nt!KiExecuteAllDpcs+0xf9
    82b7cd20 82abe038 00000000 0000000e 00000000 nt!KiRetireDpcList+0xd5
    82b7cd24 00000000 0000000e 00000000 00000000 nt!KiIdleLoop+0x38
    
    
    STACK_COMMAND:  kb
    
    FOLLOWUP_IP: 
    iaStor+5e8c1
    8ba5e8c1 8a5006          mov     dl,byte ptr [eax+6]
    
    SYMBOL_STACK_INDEX:  1
    
    SYMBOL_NAME:  iaStor+5e8c1
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: iaStor
    
    IMAGE_NAME:  iaStor.sys
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  4b8f1b5b
    
    FAILURE_BUCKET_ID:  0xD1_iaStor+5e8c1
    
    BUCKET_ID:  0xD1_iaStor+5e8c1
    
    Followup: MachineOwner
    ---------
    
    Debug session time: Fri Dec  3 05:39:01.760 2010 (GMT-5)
    System Uptime: 0 days 15:20:27.337
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    ...........................
    Loading User Symbols
    Loading unloaded module list
    .........
    1: kd> !Analyze
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck 24, {1904fb, b50d65fc, b50d61e0, 8bc23b74}
    
    Probably caused by : Ntfs.sys ( Ntfs!NtfsReleasePagingResource+d )
    
    Followup: MachineOwner
    ---------
    
    1: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    NTFS_FILE_SYSTEM (24)
        If you see NtfsExceptionFilter on the stack then the 2nd and 3rd
        parameters are the exception record and context record. Do a .cxr
        on the 3rd parameter and then kb to obtain a more informative stack
        trace.
    Arguments:
    Arg1: 001904fb
    Arg2: b50d65fc
    Arg3: b50d61e0
    Arg4: 8bc23b74
    
    Debugging Details:
    ------------------
    
    
    EXCEPTION_RECORD:  b50d65fc -- (.exr 0xffffffffb50d65fc)
    ExceptionAddress: 8bc23b74 (Ntfs!NtfsReleasePagingResource+0x0000000d)
       ExceptionCode: c0000005 (Access violation)
      ExceptionFlags: 00000000
    NumberParameters: 2
       Parameter[0]: 00000000
       Parameter[1]: 00000008
    Attempt to read from address 00000008
    
    CONTEXT:  b50d61e0 -- (.cxr 0xffffffffb50d61e0)
    eax=00000008 ebx=00000000 ecx=00000702 edx=00000000 esi=88fda920 edi=88fda9d4
    eip=8bc23b74 esp=b50d66c4 ebp=b50d66c4 iopl=0         nv up ei pl nz na po nc
    cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010202
    Ntfs!NtfsReleasePagingResource+0xd:
    8bc23b74 663b08          cmp     cx,word ptr [eax]        ds:0023:00000008=????
    Resetting default scope
    
    CUSTOMER_CRASH_COUNT:  1
    
    PROCESS_NAME:  System
    
    CURRENT_IRQL:  0
    
    ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
    
    EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
    
    EXCEPTION_PARAMETER1:  00000000
    
    EXCEPTION_PARAMETER2:  00000008
    
    READ_ADDRESS: GetPointerFromAddress: unable to read from 82b86718
    Unable to read MiSystemVaType memory at 82b66160
     00000008 
    
    FOLLOWUP_IP: 
    Ntfs!NtfsReleasePagingResource+d
    8bc23b74 663b08          cmp     cx,word ptr [eax]
    
    FAULTING_IP: 
    Ntfs!NtfsReleasePagingResource+d
    8bc23b74 663b08          cmp     cx,word ptr [eax]
    
    BUGCHECK_STR:  0x24
    
    DEFAULT_BUCKET_ID:  NULL_CLASS_PTR_DEREFERENCE
    
    LAST_CONTROL_TRANSFER:  from 8bc23e73 to 8bc23b74
    
    STACK_TEXT:  
    b50d66c4 8bc23e73 00000000 00000008 88fda9c8 Ntfs!NtfsReleasePagingResource+0xd
    b50d66e0 8bc249ed 88fda920 00000001 b50d67bc Ntfs!NtfsCleanupIrpContext+0x36
    b50d6700 8bcaa5af 88fda920 00000000 00000000 Ntfs!NtfsExtendedCompleteRequestInternal+0x79
    b50d6758 8bcc94c3 88fda920 b78020f8 b7802008 Ntfs!NtfsCommonClose+0x546
    b50d67ec 8bc8951f 87cbc0d8 3ec802f5 85d3f4d0 Ntfs!NtfsFspClose+0x118
    b50d687c 8bc97fab 89628ee0 87cbc0d8 00000001 Ntfs!NtfsFlushVolume+0x74
    b50d6900 8bc9876b 89628ee0 85d3f4d0 3ec803e1 Ntfs!NtfsCommonFlushBuffers+0x1a9
    b50d6968 82a5a4bc 87cbc020 85d3f4d0 85d3f4d0 Ntfs!NtfsFsdFlushBuffers+0xf7
    b50d6980 8b9c520c 87cb7408 85d3f4d0 00000000 nt!IofCallDriver+0x63
    b50d69a4 8b9c53cb b50d69c4 87cb7408 00000000 fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x2aa
    b50d69dc 82a5a4bc 87cb7408 85d3f4d0 85d3f4d0 fltmgr!FltpDispatch+0xc5
    b50d69f4 82c5bf6e 85d3f4d0 8837c728 00000000 nt!IofCallDriver+0x63
    b50d6a14 82c3ceba 87cb7408 8837c728 00000000 nt!IopSynchronousServiceTail+0x1f8
    b50d6a80 82a6144a 85599a98 b50d6b40 b50d6d50 nt!NtFlushBuffersFile+0x1d7
    b50d6a80 82a5f361 85599a98 b50d6b40 b50d6d50 nt!KiFastCallEntry+0x12a
    b50d6b00 82d3d712 800008fc b50d6b40 00000000 nt!ZwFlushBuffersFile+0x11
    b50d6d50 82c2c6d3 a4b35ac0 9afbbda2 00000000 nt!PopFlushVolumeWorker+0x13c
    b50d6d90 82ade0f9 82d3d5d6 a4b35ac0 00000000 nt!PspSystemThreadStartup+0x9e
    00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19
    
    
    SYMBOL_STACK_INDEX:  0
    
    SYMBOL_NAME:  Ntfs!NtfsReleasePagingResource+d
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: Ntfs
    
    IMAGE_NAME:  Ntfs.sys
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bbf45
    
    STACK_COMMAND:  .cxr 0xffffffffb50d61e0 ; kb
    
    FAILURE_BUCKET_ID:  0x24_Ntfs!NtfsReleasePagingResource+d
    
    BUCKET_ID:  0x24_Ntfs!NtfsReleasePagingResource+d
    
    Followup: MachineOwner
    ---------
    
    Debug session time: Thu Dec  2 14:17:55.840 2010 (GMT-5)
    System Uptime: 0 days 3:26:10.401
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    ..........................
    Loading User Symbols
    Loading unloaded module list
    .......
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck A, {a88c2a00, 2, 0, 82aeef5d}
    
    Probably caused by : ntkrpamp.exe ( nt!KiDeliverApc+b5 )
    
    Followup: MachineOwner
    ---------
    
    0: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    IRQL_NOT_LESS_OR_EQUAL (a)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high.  This is usually
    caused by drivers using improper addresses.
    If a kernel debugger is available get the stack backtrace.
    Arguments:
    Arg1: a88c2a00, memory referenced
    Arg2: 00000002, IRQL
    Arg3: 00000000, bitfield :
        bit 0 : value 0 = read operation, 1 = write operation
        bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
    Arg4: 82aeef5d, address which referenced memory
    
    Debugging Details:
    ------------------
    
    
    READ_ADDRESS: GetPointerFromAddress: unable to read from 82baf718
    Unable to read MiSystemVaType memory at 82b8f160
     a88c2a00 
    
    CURRENT_IRQL:  2
    
    FAULTING_IP: 
    nt!KiDeliverApc+b5
    82aeef5d 8b4e14          mov     ecx,dword ptr [esi+14h]
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
    
    BUGCHECK_STR:  0xA
    
    PROCESS_NAME:  chrome.exe
    
    TRAP_FRAME:  9b057ac4 -- (.trap 0xffffffff9b057ac4)
    ErrCode = 00000000
    eax=a88c29f8 ebx=82a15b48 ecx=854e29f8 edx=00000000 esi=a88c29ec edi=854e29b8
    eip=82aeef5d esp=9b057b38 ebp=9b057b6c iopl=0         nv up ei pl nz na pe nc
    cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010206
    nt!KiDeliverApc+0xb5:
    82aeef5d 8b4e14          mov     ecx,dword ptr [esi+14h] ds:0023:a88c2a00=????????
    Resetting default scope
    
    LAST_CONTROL_TRANSFER:  from 82aeef5d to 82a8d82b
    
    STACK_TEXT:  
    9b057ac4 82aeef5d badb0d00 00000000 00000301 nt!KiTrap0E+0x2cf
    9b057b6c 82ab5b0d 00000000 00000000 00000000 nt!KiDeliverApc+0xb5
    9b057bb0 82ab4423 854e2a78 854e29b8 855f0118 nt!KiSwapThread+0x24e
    9b057bd8 82ab567d 854e29b8 854e2a78 00000000 nt!KiCommitThreadWait+0x1df
    9b057c38 82c7879d 855f0118 82af8f01 00000001 nt!KeRemoveQueueEx+0x4f8
    9b057c90 82ab8d06 855f0118 9b057cc8 9b057cf0 nt!IoRemoveIoCompletion+0x23
    9b057d24 82a8a44a 00000184 01a7fdbc 01a7fe68 nt!NtWaitForWorkViaWorkerFactory+0x1a1
    9b057d24 770d64f4 00000184 01a7fdbc 01a7fe68 nt!KiFastCallEntry+0x12a
    WARNING: Frame IP not in any known module. Following frames may be wrong.
    01a7fe68 00000000 00000000 00000000 00000000 0x770d64f4
    
    
    STACK_COMMAND:  kb
    
    FOLLOWUP_IP: 
    nt!KiDeliverApc+b5
    82aeef5d 8b4e14          mov     ecx,dword ptr [esi+14h]
    
    SYMBOL_STACK_INDEX:  1
    
    SYMBOL_NAME:  nt!KiDeliverApc+b5
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: nt
    
    IMAGE_NAME:  ntkrpamp.exe
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c3fac
    
    FAILURE_BUCKET_ID:  0xA_nt!KiDeliverApc+b5
    
    BUCKET_ID:  0xA_nt!KiDeliverApc+b5
    
    Followup: MachineOwner
    ---------
      My Computer


  5. Posts : 3
    Windows 7 Professional 32bit
    Thread Starter
       #5

    Thanks for the help. It turns out the bsod's were due to bad memory, the ram i recently got failed. After the latest BSOD i ran memtest and found errors in both sticks. I promptly switched back to my trusty 2GB reapers, and my desktop has been online for 4 days straight with no issue. Going to RMA these sticks and hopefully it'll work out better next time.

    Thanks so much again to all that helped.
      My Computer


  6. Posts : 11,990
    Windows 7 Ultimate 32 bit
       #6

    Thank you for reporting back and telling us the solution. That is good news. I am glad you found the problem and are running smoothly.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 20:36.
Find Us