Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Help me !!! Blue Screen

14 Apr 2011   #1
trylg

Windows 7 Pro K 32
 
 
Help me !!! Blue Screen

가끔 미래에셋 프로그램 (Maps plus)를 실행시키면 블루스크린이 발생합니다. 도와주세요

Sometimes my PC accur blue-screen when running the "Maps plus" program.
Maps plus program is a stock program.
Help me please.


My System SpecsSystem Spec
.
14 Apr 2011   #2
zigzag3143

Win 8 Release candidate 8400
 
 

Quote   Quote: Originally Posted by trylg View Post
가끔 미래에셋 프로그램 (Maps plus)를 실행시키면 블루스크린이 발생합니다. 도와주세요

Sometimes my PC accur blue-screen when running the "Maps plus" program.
Maps plus program is a stock program.
Help me please.
these were caused by ProMDefense.sys. I am unable to find any reliable information on it so it may be local to that app or may be malware

Code:
 
Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.
 
 
Loading Dump File [C:\Users\K\Desktop\Windows_NT6_BSOD_jcgriff2\041411-39873-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
 
Symbol search path is: SRV*C:\Symbols*http://msdl.microsoft.com/download/symbols;srv*e:\symbols
*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17514.x86fre.win7sp1_rtm.101119-1850
Machine Name:
Kernel base = 0x83007000 PsLoadedModuleList = 0x831475b0
Debug session time: Thu Apr 14 00:02:56.580 2011 (GMT-4)
System Uptime: 0 days 4:43:28.669
Loading Kernel Symbols
...............................................................
................................................................
.........................................
Loading User Symbols
Loading unloaded module list
.................
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************
 
Use !analyze -v to get detailed debugging information.
 
BugCheck A, {831a8b4a, ff, 0, 831a8b4a}
 
Unable to load image \??\C:\Windows\system32\drivers\ProMDefense.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ProMDefense.sys
*** ERROR: Module load completed but symbols could not be loaded for ProMDefense.sys
Probably caused by : ProMDefense.sys ( ProMDefense+586 )
 
Followup: MachineOwner
---------
 
1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************
 
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 831a8b4a, memory referenced
Arg2: 000000ff, IRQL
Arg3: 00000000, bitfield :
    bit 0 : value 0 = read operation, 1 = write operation
    bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: 831a8b4a, address which referenced memory
 
Debugging Details:
------------------
 
 
READ_ADDRESS: GetPointerFromAddress: unable to read from 83167700
Unable to read MiSystemVaType memory at 83147100
 831a8b4a 
 
CURRENT_IRQL:  0
 
FAULTING_IP: 
nt!MmGetSystemRoutineAddress+0
831a8b4a 8bff            mov     edi,edi
 
CUSTOMER_CRASH_COUNT:  1
 
DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT
 
BUGCHECK_STR:  0xA
 
PROCESS_NAME:  axis.exe
 
TRAP_FRAME:  8e744b48 -- (.trap 0xffffffff8e744b48)
ErrCode = 00000000
eax=8e744bc8 ebx=85132430 ecx=00000034 edx=8e744bc8 esi=83265130 edi=8e744bf8
eip=831a8b4a esp=8e744bbc ebp=8e744bd0 iopl=0         nv up di pl nz na po cy
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010003
nt!MmGetSystemRoutineAddress:
831a8b4a 8bff            mov     edi,edi
Resetting default scope
 
LAST_CONTROL_TRANSFER:  from 831a8b4a to 8303fc5b
 
FAILED_INSTRUCTION_ADDRESS: 
nt!MmGetSystemRoutineAddress+0
831a8b4a 8bff            mov     edi,edi
 
STACK_TEXT:  
8e744b48 831a8b4a badb0d00 8e744bc8 83410ba9 nt!KiTrap0E+0x2cf
8e744bb8 a0242586 8e744bc8 00000001 00360034 nt!MmGetSystemRoutineAddress
WARNING: Stack unwind information not available. Following frames may be wrong.
8e744bd0 a024273f 86092a40 85393038 00000000 ProMDefense+0x586
8e744bfc 83036047 86092a40 85132430 85132430 ProMDefense+0x73f
8e744c14 8320c9d5 85393038 85132430 851324a0 nt!IofCallDriver+0x63
8e744c34 8320edc8 86092a40 85393038 00000000 nt!IopSynchronousServiceTail+0x1f8
8e744cd0 83215d9d 86092a40 85132430 00000000 nt!IopXxxControlFile+0x6aa
8e744d04 8303c87a 000001bc 00000000 00000000 nt!NtDeviceIoControlFile+0x2a
8e744d04 777c70b4 000001bc 00000000 00000000 nt!KiFastCallEntry+0x12a
0012fab4 00000000 00000000 00000000 00000000 0x777c70b4
 
 
STACK_COMMAND:  kb
 
FOLLOWUP_IP: 
ProMDefense+586
a0242586 ??              ???
 
SYMBOL_STACK_INDEX:  2
 
SYMBOL_NAME:  ProMDefense+586
 
FOLLOWUP_NAME:  MachineOwner
 
MODULE_NAME: ProMDefense
 
IMAGE_NAME:  ProMDefense.sys
 
DEBUG_FLR_IMAGE_TIMESTAMP:  4b9d8fd7
 
FAILURE_BUCKET_ID:  0xA_CODE_AV_BAD_IP_ProMDefense+586
 
BUCKET_ID:  0xA_CODE_AV_BAD_IP_ProMDefense+586
 
Followup: MachineOwner
---------
 
1: kd> lmvm ProMDefense
start    end        module name
a0242000 a0243c80   ProMDefense T (no symbols)           
    Loaded symbol image file: ProMDefense.sys
    Image path: \??\C:\Windows\system32\drivers\ProMDefense.sys
    Image name: ProMDefense.sys
    Timestamp:        Sun Mar 14 21:39:35 2010 (4B9D8FD7)
    CheckSum:         0000E029
    ImageSize:        00001C80
    Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4
My System SpecsSystem Spec
14 Apr 2011   #3
DeanP

Win 7 Pro x64 SP1 OS X Snow Leopard 10.6.7
 
 

ProMDefense.sys = Malware
Download Malwarebytes in Safe Mode with Networking and run virus scans from there.

These drivers need updating,
Code:
95c0b000 95d1b000   athr     athr.sys     Wed Jun 10 06:04:52 2009 (4A2EA444)
9541d000 95a05000   atikmdag atikmdag.sys Tue Dec 02 10:01:46 2008 (493450BA)
9d5ad000 9d5b4000   SSPORT   SSPORT.sys   Wed Nov 22 17:41:42 2006 (4563D506)
95e1d000 95e4a980   SynTP    SynTP.sys    Sat Oct 27 09:58:09 2007 (472254E1)
95d25000 95d75000   yk62x86  yk62x86.sys  Tue Feb 24 03:44:18 2009 (49A2B642)
Quote:
How To Find Drivers:
- search Google for the name of the driver
- compare the Google results with what's installed on your system to figure out which device/program it belongs to
- visit the web site of the manufacturer of the hardware/program to get the latest drivers (DON'T use Windows Update or the Update driver function of Device Manager).
- if there are difficulties in locating them, post back with questions and someone will try and help you locate the appropriate program.
- The most common drivers are listed on this page: Driver Reference
- Driver manufacturer links are on this page: http://www.carrona.org/drvrdown.html

Regards. . .
Dean
Code:
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\Dean\Desktop\Windows_NT6_BSOD_jcgriff2\041411-39873-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17514.x86fre.win7sp1_rtm.101119-1850
Machine Name:
Kernel base = 0x83007000 PsLoadedModuleList = 0x831475b0
Debug session time: Thu Apr 14 16:02:56.580 2011 (UTC + 12:00)
System Uptime: 0 days 4:43:28.669
Loading Kernel Symbols
...............................................................
................................................................
.........................................
Loading User Symbols
Loading unloaded module list
.................
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck A, {831a8b4a, ff, 0, 831a8b4a}

Unable to load image \??\C:\Windows\system32\drivers\ProMDefense.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ProMDefense.sys
*** ERROR: Module load completed but symbols could not be loaded for ProMDefense.sys
Probably caused by : ProMDefense.sys ( ProMDefense+586 )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 831a8b4a, memory referenced
Arg2: 000000ff, IRQL
Arg3: 00000000, bitfield :
    bit 0 : value 0 = read operation, 1 = write operation
    bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: 831a8b4a, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS: GetPointerFromAddress: unable to read from 83167700
Unable to read MiSystemVaType memory at 83147100
 831a8b4a 

CURRENT_IRQL:  0

FAULTING_IP: 
nt!MmGetSystemRoutineAddress+0
831a8b4a 8bff            mov     edi,edi

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0xA

PROCESS_NAME:  axis.exe

TRAP_FRAME:  8e744b48 -- (.trap 0xffffffff8e744b48)
ErrCode = 00000000
eax=8e744bc8 ebx=85132430 ecx=00000034 edx=8e744bc8 esi=83265130 edi=8e744bf8
eip=831a8b4a esp=8e744bbc ebp=8e744bd0 iopl=0         nv up di pl nz na po cy
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010003
nt!MmGetSystemRoutineAddress:
831a8b4a 8bff            mov     edi,edi
Resetting default scope

LAST_CONTROL_TRANSFER:  from 831a8b4a to 8303fc5b

FAILED_INSTRUCTION_ADDRESS: 
nt!MmGetSystemRoutineAddress+0
831a8b4a 8bff            mov     edi,edi

STACK_TEXT:  
8e744b48 831a8b4a badb0d00 8e744bc8 83410ba9 nt!KiTrap0E+0x2cf
8e744bb8 a0242586 8e744bc8 00000001 00360034 nt!MmGetSystemRoutineAddress
WARNING: Stack unwind information not available. Following frames may be wrong.
8e744bd0 a024273f 86092a40 85393038 00000000 ProMDefense+0x586
8e744bfc 83036047 86092a40 85132430 85132430 ProMDefense+0x73f
8e744c14 8320c9d5 85393038 85132430 851324a0 nt!IofCallDriver+0x63
8e744c34 8320edc8 86092a40 85393038 00000000 nt!IopSynchronousServiceTail+0x1f8
8e744cd0 83215d9d 86092a40 85132430 00000000 nt!IopXxxControlFile+0x6aa
8e744d04 8303c87a 000001bc 00000000 00000000 nt!NtDeviceIoControlFile+0x2a
8e744d04 777c70b4 000001bc 00000000 00000000 nt!KiFastCallEntry+0x12a
0012fab4 00000000 00000000 00000000 00000000 0x777c70b4


STACK_COMMAND:  kb

FOLLOWUP_IP: 
ProMDefense+586
a0242586 ??              ???

SYMBOL_STACK_INDEX:  2

SYMBOL_NAME:  ProMDefense+586

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: ProMDefense

IMAGE_NAME:  ProMDefense.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4b9d8fd7

FAILURE_BUCKET_ID:  0xA_CODE_AV_BAD_IP_ProMDefense+586

BUCKET_ID:  0xA_CODE_AV_BAD_IP_ProMDefense+586

Followup: MachineOwner
---------

1: kd> lmtsmn
start    end        module name
88e23000 88e6b000   ACPI     ACPI.sys     Sat Nov 20 21:37:52 2010 (4CE788E0)
916cd000 91727000   afd      afd.sys      Sat Nov 20 21:40:00 2010 (4CE78960)
95e67000 95e79000   AgileVpn AgileVpn.sys Tue Jul 14 11:55:00 2009 (4A5BC954)
9d680000 9d685800   AHAWKENT AHAWKENT.sys Mon Feb 14 19:58:10 2011 (4D58D282)
9d670000 9d67b480   AhnFlt2K AhnFlt2K.sys Wed Dec 22 17:51:24 2010 (4D1183CC)
9d67c000 9d67f500   AhnRec2K AhnRec2K.sys Sat Dec 18 23:43:21 2010 (4D0C9049)
8971d000 89728780   AhnRghNt AhnRghNt.sys Wed Oct 13 23:52:23 2010 (4CB58F67)
a027b000 a03dcb00   AhnSZE   AhnSZE.sys   Tue Apr 05 12:38:49 2011 (4D9A6499)
88fc3000 88fcc000   amdxata  amdxata.sys  Sat Mar 20 05:19:01 2010 (4BA3A3F5)
91790000 9179e000   amonlwlh amonlwlh.sys Tue Apr 20 20:08:59 2010 (4BCD611B)
916b5000 916cd000   AMonTDLH AMonTDLH.sys Wed Jun 09 19:28:51 2010 (4C0F42B3)
a01f4000 a01fd000   asyncmac asyncmac.sys Tue Jul 14 11:54:46 2009 (4A5BC946)
a01d6000 a01f3600   ASZFltNt ASZFltNt.sys Tue Aug 17 23:26:06 2010 (4C6A71CE)
a01fd000 a0221000   ATamptNt ATamptNt.sys Wed Oct 06 13:16:38 2010 (4CABBFE6)
88f97000 88fa0000   atapi    atapi.sys    Tue Jul 14 11:11:15 2009 (4A5BBF13)
88fa0000 88fc3000   ataport  ataport.SYS  Sat Nov 20 21:38:00 2010 (4CE788E8)
95c0b000 95d1b000   athr     athr.sys     Wed Jun 10 06:04:52 2009 (4A2EA444)
9541d000 95a05000   atikmdag atikmdag.sys Tue Dec 02 10:01:46 2008 (493450BA)
82b70000 82bbd000   ATMFD    ATMFD.DLL    Sat Feb 19 17:34:53 2011 (4D5F486D)
88eca000 88ed5000   BATTC    BATTC.SYS    Tue Jul 14 11:19:15 2009 (4A5BC0F3)
91620000 91627000   Beep     Beep.SYS     Tue Jul 14 11:45:00 2009 (4A5BC6FC)
917f0000 917fe000   blbdrive blbdrive.sys Tue Jul 14 11:23:04 2009 (4A5BC1D8)
88caf000 88cb7000   BOOTVID  BOOTVID.dll  Tue Jul 14 13:04:34 2009 (4A5BD9A2)
9d42f000 9d448000   bowser   bowser.sys   Wed Feb 23 17:47:32 2011 (4D649164)
82b50000 82b6e000   cdd      cdd.dll      Sun Nov 21 00:56:35 2010 (4CE7B773)
9d663000 9d666200   CdmDrvNt CdmDrvNt.sys Wed Jul 22 06:03:50 2009 (4A660306)
896da000 896f9000   cdrom    cdrom.sys    Sat Nov 20 21:38:09 2010 (4CE788F1)
88cf9000 88da4000   CI       CI.dll       Sun Nov 21 01:05:17 2010 (4CE7B97D)
89683000 896a8000   CLASSPNP CLASSPNP.SYS Tue Jul 14 11:11:20 2009 (4A5BBF18)
88cb7000 88cf9000   CLFS     CLFS.SYS     Tue Jul 14 11:11:10 2009 (4A5BBF0E)
89412000 89415700   CmBatt   CmBatt.sys   Tue Jul 14 11:19:18 2009 (4A5BC0F6)
89170000 891cd000   cng      cng.sys      Tue Jul 14 11:32:55 2009 (4A5BC427)
88ec2000 88eca000   compbatt compbatt.sys Tue Jul 14 11:19:18 2009 (4A5BC0F6)
95e5a000 95e67000   CompositeBus CompositeBus.sys Sat Nov 20 22:50:21 2010 (4CE799DD)
95b3d000 95b4a000   crashdmp crashdmp.sys Tue Jul 14 11:45:50 2009 (4A5BC72E)
8976a000 897ce000   csc      csc.sys      Sat Nov 20 21:44:32 2010 (4CE78A70)
91400000 91418000   dfsc     dfsc.sys     Sat Nov 20 21:42:32 2010 (4CE789F8)
917e4000 917f0000   discache discache.sys Tue Jul 14 11:24:04 2009 (4A5BC214)
89672000 89683000   disk     disk.sys     Tue Jul 14 11:11:28 2009 (4A5BBF20)
95b24000 95b3d000   drmk     drmk.sys     Tue Jul 14 12:36:05 2009 (4A5BD2F5)
95ff7000 96000000   dump_atapi dump_atapi.sys Tue Jul 14 11:11:15 2009 (4A5BBF13)
95c00000 95c0b000   dump_dumpata dump_dumpata.sys Tue Jul 14 11:11:16 2009 (4A5BBF14)
95b4a000 95b5b000   dump_dumpfve dump_dumpfve.sys Tue Jul 14 11:12:47 2009 (4A5BBF6F)
95b5b000 95b65000   Dxapi    Dxapi.sys    Tue Jul 14 11:25:25 2009 (4A5BC265)
95a05000 95abc000   dxgkrnl  dxgkrnl.sys  Sat Nov 20 22:08:14 2010 (4CE78FFE)
95abc000 95af5000   dxgmms1  dxgmms1.sys  Thu Feb 03 16:45:05 2011 (4D4A24C1)
896a8000 896d2000   fastfat  fastfat.SYS  Tue Jul 14 11:14:01 2009 (4A5BBFB9)
88c00000 88c11000   fileinfo fileinfo.sys Tue Jul 14 11:21:51 2009 (4A5BC18F)
88fcc000 89000000   fltmgr   fltmgr.sys   Tue Jul 14 11:11:13 2009 (4A5BBF11)
891db000 891e4000   Fs_Rec   Fs_Rec.sys   unavailable (00000000)
9d667000 9d66ff00   FsUsbExDisk FsUsbExDisk.SYS Fri May 28 13:03:10 2010 (4BFF164E)
89640000 89672000   fvevol   fvevol.sys   Sat Nov 20 21:40:22 2010 (4CE78976)
8957a000 895ab000   fwpkclnt fwpkclnt.sys Sat Nov 20 21:39:08 2010 (4CE7892C)
8340b000 83442000   hal      halmacpi.dll Sat Nov 20 21:37:38 2010 (4CE788D2)
95dd9000 95df8000   HDAudBus HDAudBus.sys Sat Nov 20 22:59:28 2010 (4CE79C00)
95fa7000 95ff7000   HdAudio  HdAudio.sys  Sat Nov 20 23:00:19 2010 (4CE79C33)
95bab000 95bbe000   HIDCLASS HIDCLASS.SYS Sat Nov 20 22:59:37 2010 (4CE79C09)
95bbe000 95bc4480   HIDPARSE HIDPARSE.SYS Tue Jul 14 11:50:59 2009 (4A5BC863)
95ba0000 95bab000   hidusb   hidusb.sys   Sat Nov 20 22:59:38 2010 (4CE79C0A)
89367000 893ec000   HTTP     HTTP.sys     Sat Nov 20 21:40:17 2010 (4CE78971)
89638000 89640000   hwpolicy hwpolicy.sys Sat Nov 20 21:37:35 2010 (4CE788CF)
95df8000 95e10000   i8042prt i8042prt.sys Tue Jul 14 11:11:23 2009 (4A5BBF1B)
89400000 89412000   intelppm intelppm.sys Tue Jul 14 11:11:03 2009 (4A5BBF07)
a03dd000 a03fe7a0   ISFWEnt  ISFWEnt.sys  Wed Jul 29 16:17:45 2009 (4A6FCD69)
a0221000 a0241700   ISIPSEnt ISIPSEnt.sys Wed Mar 31 14:57:50 2010 (4BB2AC1E)
95e10000 95e1d000   kbdclass kbdclass.sys Tue Jul 14 11:11:15 2009 (4A5BBF13)
80b97000 80b9f000   kdcom    kdcom.dll    Tue Jul 14 13:08:58 2009 (4A5BDAAA)
95bf2000 95bfa000   kmdfmemio kmdfmemio.sys Tue Nov 14 13:11:52 2006 (455909C8)
95f10000 95f44000   ks       ks.sys       Sat Nov 20 22:50:17 2010 (4CE799D9)
8915d000 89170000   ksecdd   ksecdd.sys   Sat Nov 20 21:38:54 2010 (4CE7891E)
892d9000 892fe000   ksecpkg  ksecpkg.sys  Tue Jul 14 11:34:00 2009 (4A5BC468)
897ef000 897ff000   lltdio   lltdio.sys   Tue Jul 14 11:53:18 2009 (4A5BC8EE)
95400000 9541b000   luafv    luafv.sys    Tue Jul 14 11:15:44 2009 (4A5BC020)
88c19000 88c9e000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Sun Nov 21 01:00:54 2010 (4CE7B876)
95be7000 95bf2000   monitor  monitor.sys  Tue Jul 14 11:25:58 2009 (4A5BC286)
95e4d000 95e5a000   mouclass mouclass.sys Tue Jul 14 11:11:15 2009 (4A5BBF13)
95bdc000 95be7000   mouhid   mouhid.sys   Tue Jul 14 11:45:08 2009 (4A5BC704)
88f45000 88f5b000   mountmgr mountmgr.sys Sat Nov 20 21:38:09 2010 (4CE788F1)
9d448000 9d45a000   mpsdrv   mpsdrv.sys   Tue Jul 14 11:52:52 2009 (4A5BC8D4)
9d45a000 9d47d000   mrxsmb   mrxsmb.sys   Wed Feb 23 17:47:34 2011 (4D649166)
9d47d000 9d4b8000   mrxsmb10 mrxsmb10.sys Wed Feb 23 17:47:43 2011 (4D64916F)
9d4b8000 9d4d3000   mrxsmb20 mrxsmb20.sys Wed Feb 23 17:47:39 2011 (4D64916B)
91679000 91684000   Msfs     Msfs.SYS     Tue Jul 14 11:11:26 2009 (4A5BBF1E)
88e74000 88e7c000   msisadrv msisadrv.sys Tue Jul 14 11:11:09 2009 (4A5BBF0D)
89132000 8915d000   msrpc    msrpc.sys    unavailable (00000000)
917da000 917e4000   mssmbios mssmbios.sys Tue Jul 14 11:19:25 2009 (4A5BC0FD)
89628000 89638000   mup      mup.sys      Tue Jul 14 11:14:14 2009 (4A5BBFC6)
891e4000 8929b000   ndis     ndis.sys     Sat Nov 20 21:39:19 2010 (4CE78937)
95e91000 95e9c000   ndistapi ndistapi.sys Tue Jul 14 11:54:24 2009 (4A5BC930)
89344000 89354000   ndisuio  ndisuio.sys  Sat Nov 20 23:06:36 2010 (4CE79DAC)
95e9c000 95ebe000   ndiswan  ndiswan.sys  Sat Nov 20 23:07:48 2010 (4CE79DF4)
95f96000 95fa7000   NDProxy  NDProxy.SYS  Sat Nov 20 23:07:39 2010 (4CE79DEB)
9179e000 917ac000   netbios  netbios.sys  Tue Jul 14 11:53:54 2009 (4A5BC912)
91727000 91759000   netbt    netbt.sys    Sat Nov 20 21:39:22 2010 (4CE7893A)
8929b000 892d9000   NETIO    NETIO.SYS    Sat Nov 20 21:40:03 2010 (4CE78963)
91684000 91692000   Npfs     Npfs.SYS     Tue Jul 14 11:11:31 2009 (4A5BBF23)
917d0000 917da000   nsiproxy nsiproxy.sys Tue Jul 14 11:12:08 2009 (4A5BBF48)
83007000 8340b000   nt       ntkrnlmp.exe Sat Nov 20 21:42:46 2010 (4CE78A06)
89003000 89132000   Ntfs     Ntfs.sys     Sat Nov 20 21:39:08 2010 (4CE7892C)
91619000 91620000   Null     Null.SYS     unavailable (00000000)
892fe000 89344000   nwifi    nwifi.sys    Tue Jul 14 11:51:59 2009 (4A5BC89F)
91760000 9177f000   pacer    pacer.sys    Tue Jul 14 11:53:58 2009 (4A5BC916)
88eb1000 88ec2000   partmgr  partmgr.sys  Sat Nov 20 21:38:14 2010 (4CE788F6)
88e7c000 88ea6000   pci      pci.sys      Sat Nov 20 21:37:57 2010 (4CE788E5)
88f30000 88f37000   pciide   pciide.sys   Tue Jul 14 11:11:19 2009 (4A5BBF17)
88f37000 88f45000   PCIIDEX  PCIIDEX.SYS  Tue Jul 14 11:11:15 2009 (4A5BBF13)
891cd000 891db000   pcw      pcw.sys      Tue Jul 14 11:11:10 2009 (4A5BBF0E)
9d4eb000 9d582000   peauth   peauth.sys   Tue Jul 14 12:35:44 2009 (4A5BD2E0)
95af5000 95b24000   portcls  portcls.sys  Tue Jul 14 11:51:00 2009 (4A5BC864)
a0242000 a0243c80   ProMDefense ProMDefense.sys Mon Mar 15 14:39:35 2010 (4B9D8FD7)
88c9e000 88caf000   PSHED    PSHED.dll    Tue Jul 14 13:09:36 2009 (4A5BDAD0)
95e79000 95e91000   rasl2tp  rasl2tp.sys  Tue Jul 14 11:54:33 2009 (4A5BC939)
95ebe000 95ed6000   raspppoe raspppoe.sys Tue Jul 14 11:54:53 2009 (4A5BC94D)
95ed6000 95eed000   raspptp  raspptp.sys  Tue Jul 14 11:54:47 2009 (4A5BC947)
95eed000 95f04000   rassstp  rassstp.sys  Tue Jul 14 11:54:57 2009 (4A5BC951)
89729000 8976a000   rdbss    rdbss.sys    Sat Nov 20 21:42:44 2010 (4CE78A04)
95f04000 95f0e000   rdpbus   rdpbus.sys   Tue Jul 14 12:02:40 2009 (4A5BCB20)
91661000 91669000   RDPCDD   RDPCDD.sys   Sat Nov 20 23:22:19 2010 (4CE7A15B)
91669000 91671000   rdpencdd rdpencdd.sys Tue Jul 14 12:01:39 2009 (4A5BCAE3)
91671000 91679000   rdprefmp rdprefmp.sys Tue Jul 14 12:01:41 2009 (4A5BCAE5)
895fb000 89628000   rdyboost rdyboost.sys Sat Nov 20 22:00:07 2010 (4CE78E17)
89354000 89367000   rspndr   rspndr.sys   Tue Jul 14 11:53:20 2009 (4A5BC8F0)
9d582000 9d58c000   secdrv   secdrv.SYS   Thu Sep 14 01:18:32 2006 (45080528)
895f3000 895fb000   spldr    spldr.sys    Tue May 12 04:13:47 2009 (4A084EBB)
9d611000 9d663000   srv      srv.sys      Wed Feb 23 17:48:14 2011 (4D64918E)
9d5c1000 9d611000   srv2     srv2.sys     Wed Feb 23 17:47:58 2011 (4D64917E)
9d58c000 9d5ad000   srvnet   srvnet.sys   Wed Feb 23 17:47:53 2011 (4D649179)
9d5ad000 9d5b4000   SSPORT   SSPORT.sys   Wed Nov 22 17:41:42 2006 (4563D506)
95f0e000 95f0f380   swenum   swenum.sys   Tue Jul 14 11:45:08 2009 (4A5BC704)
95e1d000 95e4a980   SynTP    SynTP.sys    Sat Oct 27 09:58:09 2007 (472254E1)
89430000 8957a000   tcpip    tcpip.sys    Sat Nov 20 21:41:36 2010 (4CE789C0)
9d5b4000 9d5c1000   tcpipreg tcpipreg.sys Sat Nov 20 23:07:13 2010 (4CE79DD1)
916a9000 916b5000   TDI      TDI.SYS      Sat Nov 20 21:39:18 2010 (4CE78936)
91692000 916a9000   tdx      tdx.sys      Sat Nov 20 21:39:17 2010 (4CE78935)
917bf000 917d0000   termdd   termdd.sys   Sat Nov 20 23:21:10 2010 (4CE7A116)
9d686000 9d691e80   TfFRegNt TfFRegNt.sys Mon Feb 14 19:59:54 2011 (4D58D2EA)
82b20000 82b29000   TSDDD    TSDDD.dll    unavailable (00000000)
897ce000 897ef000   tunnel   tunnel.sys   Sat Nov 20 23:06:40 2010 (4CE79DB0)
95f44000 95f52000   umbus    umbus.sys    Sat Nov 20 23:00:23 2010 (4CE79C37)
95b65000 95b7c000   usbccgp  usbccgp.sys  Sat Nov 20 23:00:08 2010 (4CE79C28)
95e4b000 95e4c700   USBD     USBD.SYS     Tue Jul 14 11:51:05 2009 (4A5BC869)
95dca000 95dd9000   usbehci  usbehci.sys  Tue Jul 14 11:51:14 2009 (4A5BC872)
95f52000 95f96000   usbhub   usbhub.sys   Sat Nov 20 23:00:34 2010 (4CE79C42)
95d75000 95d7f000   usbohci  usbohci.sys  Tue Jul 14 11:51:14 2009 (4A5BC872)
95d7f000 95dca000   USBPORT  USBPORT.SYS  Tue Jul 14 11:51:13 2009 (4A5BC871)
95bc5000 95bdc000   USBSTOR  USBSTOR.SYS  Sat Nov 20 22:59:48 2010 (4CE79C14)
95b7c000 95b9fc00   usbvideo usbvideo.sys Sat Nov 20 23:00:20 2010 (4CE79C34)
a0000000 a01d5e00   v3engine v3engine.sys Tue Apr 05 12:37:12 2011 (4D9A6438)
a0253000 a027a600   V3Flt2K  V3Flt2K.sys  Fri Apr 30 20:59:17 2010 (4BDA9BE5)
88ea6000 88eb1000   vdrvroot vdrvroot.sys Tue Jul 14 11:46:19 2009 (4A5BC74B)
91627000 91633000   vga      vga.sys      Tue Jul 14 11:25:50 2009 (4A5BC27E)
91633000 91654000   VIDEOPRT VIDEOPRT.SYS Tue Jul 14 11:25:49 2009 (4A5BC27D)
88f5b000 88f84180   vmbus    vmbus.sys    Sat Nov 20 22:14:58 2010 (4CE79192)
895ab000 895b4000   vmstorfl vmstorfl.sys unavailable (00000000)
88ed5000 88ee5000   volmgr   volmgr.sys   Sat Nov 20 21:38:06 2010 (4CE788EE)
88ee5000 88f30000   volmgrx  volmgrx.sys  Tue Jul 14 11:11:41 2009 (4A5BBF2D)
895b4000 895f3000   volsnap  volsnap.sys  Sat Nov 20 21:38:13 2010 (4CE788F5)
95d1b000 95d25000   vwifibus vwifibus.sys Tue Jul 14 11:52:02 2009 (4A5BC8A2)
9177f000 91790000   vwififlt vwififlt.sys Tue Jul 14 11:52:03 2009 (4A5BC8A3)
917ac000 917bf000   wanarp   wanarp.sys   Sat Nov 20 23:07:45 2010 (4CE79DF1)
91654000 91661000   watchdog watchdog.sys Tue Jul 14 11:24:10 2009 (4A5BC21A)
88da4000 88e15000   Wdf01000 Wdf01000.sys Tue Jul 14 11:11:36 2009 (4A5BBF28)
88e15000 88e23000   WDFLDR   WDFLDR.SYS   Tue Jul 14 11:11:25 2009 (4A5BBF1D)
91759000 91760000   wfplwf   wfplwf.sys   Tue Jul 14 11:53:51 2009 (4A5BC90F)
828c0000 82b0e000   win32k   win32k.sys   Thu Mar 03 16:42:10 2011 (4D6F0E12)
88f85000 88f97000   winhv    winhv.sys    Sat Nov 20 21:38:15 2010 (4CE788F7)
88e6b000 88e74000   WMILIB   WMILIB.SYS   Tue Jul 14 11:11:22 2009 (4A5BBF1A)
89416000 89430000   WudfPf   WudfPf.sys   Sat Nov 20 22:58:55 2010 (4CE79BDF)
95d25000 95d75000   yk62x86  yk62x86.sys  Tue Feb 24 03:44:18 2009 (49A2B642)

Unloaded modules:
9d6d7000 9d6f9000   ISFWEnt.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00022000
9d6b6000 9d6d7000   ISIPSEnt.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00021000
9d692000 9d6b6000   ATamptNt.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00024000
9141b000 915f1000   v3engine.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  001D6000
915f1000 91619000   V3Flt2K.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00028000
9d6f9000 9d717000   ASZFltNt.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0001E000
a0028000 a018a000   AhnSZE.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00162000
a0215000 a0231000   MfIPSEnt.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0001C000
a0231000 a0253000   Mkd2kfNt.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00022000
a01fd000 a0215000   MfFWEnt.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00018000
a018a000 a01f4000   spsys.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0006A000
896f9000 8971d000   ATamptNt.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00024000
9d4d3000 9d4eb000   parport.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00018000
896a8000 896b5000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000D000
896b5000 896c0000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000B000
896c0000 896c9000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00009000
896c9000 896da000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00011000
My System SpecsSystem Spec
.

14 Apr 2011   #4
SmurofNeves

Seven ultimate 32bit
 
 

I'd add to update all possible drivers and do the common updates for the machine, you could also try and clean your RAM with a rubber just remember to touch the metal parts of the casing beforehand to avoid static. This is Malware so overall take the advice and get the Malwarebytes and do the update before running it... What anti-virus are you using.?
My System SpecsSystem Spec
14 Apr 2011   #5
SmurofNeves

Seven ultimate 32bit
 
 

Have you tried running the EXE in compatibility for Vista or any other OS.
My System SpecsSystem Spec
Reply

 Help me !!! Blue Screen




Thread Tools




Similar help and support threads
Thread Forum
Unable to start - black screen or empty blue screen w cursor??
Hello, My laptop will not boot. I end up with an empty black screen or a blue screen with no icons, just a cursor. I get choices for 'normal startup' or ' repair' but not safe mode. Any help appreciated.
General Discussion
Geforce 7300 LE - Blue screen of death - Multiple lines down screen.
Today I booted my computer up to be promoted with a black screen, I gave it a good half an hour before forcing it to shutdown, to which when I booted it back up. Was then promoted with a blue screen about the video card not being able to lead, that happened twice. I then booted it into safe...
Graphic Cards
Blue Screen Error but no actual blue screen pops up
While using my laptop, usually when trying to open some "windows" application such as task manager, wireless networks, documents, media player, windows updater etc. my laptop freezes or doesn't allow me to click on anything except the minus button on all my windows and the start button. I'll try to...
BSOD Help and Support
Blue Screen out of the Blue, Was working fine for 9+ hours then c...
Well i had my computer on all day since i woke up @ 8 in the morning gaming and what not. It had finally crashed on me while i was playing dirt 2 a couple of mins ago. I had fixed all my previouse blue screen problems by not using any AMD OverDrive Settings for my Radeon HD 4850. My specs...
BSOD Help and Support
Help with blue screen auto reboot, Stop: 0x0000007B error screen
Hello, I have an HP Pavilion g series laptop (running win7) that is in a continuous restarting loop. This happened after the computer auto updated (windows update). I do not know what was updated, but now every time the laptop starts up it seems to be in a continuous rebooting loop after the...
BSOD Help and Support


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 18:05.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App