|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
 |
|
|
LinkBack | Thread Tools |
09-26-2008, 11:11 AM
|
#1 (permalink) |
|
Registered User
Join Date: Sep 2008
Posts: 2
OS: Vista HP
|
Vista Bsod
hi everyone :)
I have a very annoying bluescreen. After some time, it just stops, i get a irq_less_or_not_equal ( Probably caused by : ntkrnlpa.exe ( nt+b5703 ) ) Not sure if its a driver problem or not, since im not that good at reading minidump files. Can u please help me? Specs: Vista HP Athlon X2 5600+ ASRock ALive XFire eSATA2 Rev 3 ( newest Bios ) ( RD480 ) GeIL Ultra 2x1GB Kit, DDR2-800, CL4-4-4-12 @ 2V Radeon 3870 ( newest drivers ) Onboard sound ( removed audigy 2 because of bad driver support -> no use ) 2x Western Digital Caviar SE16, 7200rpm, 16MB, 500GB, SATA-II Raid 0 thank u very much Last edited by SpaceFrog; 09-26-2008 at 11:12 AM. |
|
     
|
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
09-26-2008, 12:34 PM
|
#2 (permalink) |
|
Registered User
Join Date: Sep 2008
Posts: 2
OS: Vista HP
|
Re: Vista Bsod
just wanted to add
cant be heat, cpu is @ 35C ( speedfan ) Aux 34C +12V 7.23V AVcc 3.34V C&Q is activated drivers are updated ( ( ati 4in1 Drivers, newest catalyst ) do i need a cpu driver? ( dont think so ) windows updates should be ok, its on auto 
Last edited by SpaceFrog; 09-26-2008 at 12:45 PM. |
|
|
|
|
09-26-2008, 04:14 PM
|
#3 (permalink) |
|
Moderator, Microsoft Supp
Join Date: Sep 2007
Location: The Great State of New Jersey - away from the gross corruption of the Riverside County, CA, SO office. SHAMEFUL !
Posts: 10,114
OS: Windows 7, Vista Ultimate
|
Re: Vista Bsod
Hi. . .
I ran the mini kernel dump and found a bugcheck of 0x0000000a (0xbbbe1bb8, 0x0000001b, 0x00000000, 0x81f03703), with the probable cause listed as the Microsoft NT Kernel module ntkrpamp.exe. The process running at the time of the crash was hl.exe, which has something to do with Half Life for games...? I have never been much of a gamer (my choice), so could you please tell me what the purpose of this module is relating to games and security? I read some items on it, but the opinions and functions seem to vary. A bugcheck of 0x0000000a = 0xa = IRQL_NOT_LESS_OR_EQUAL and indicates that a Vista or a kernel-mode driver accessed paged memory (or bad memory) improperly - when the IRQL is too high. This bugcheck usually occurs after the installation of a faulty device driver, system service, or BIOS. There is not much more that I can obtain from the current dump file. It would be wise to run the driver verifier in the hope of it flagging a driver and/or additional information to future dumps to help identify the culprit, assuming that it is a driver. I can tell you that I doubt highly that the NT Kernel module is at fault. The real cause is hiding under its expansive memory address range. To run the verifier, bring up an Elevated command prompt - START | type cmd.exe | right-click on cmd.exe uptop under programs | Run as Administrator | type verifier & hit enter - the Verifier screen will appear | do the following: Code:
1. Select 2nd option - Create custom settings (for code developers) 2. Select 2nd option - Select individual settings from a full list. 3. Check the boxes• Special Pool • Pool Tracking • Force IRQL checking4. Select last option - Select driver names from a list 5. Click on the Provider heading - sorts list by Provider 6. Check ALL boxes where Microsoft is not the Provider 7. Click on Finish 8. Re-boot Regards. . . jcgriff2 . dbug output Code:
Microsoft (R) Windows Debugger Version 6.9.0003.113 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [A:\D\#Dumps\SpaceFrog_Vista_09-26-08\Mini092608-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows Server 2008 Kernel Version 6001 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6001.18063.x86fre.vistasp1_gdr.080425-1930
Kernel base = 0x81e4e000 PsLoadedModuleList = 0x81f65c70
Debug session time: Fri Sep 26 12:40:41.331 2008 (GMT-4)
System Uptime: 0 days 1:17:35.389
Loading Kernel Symbols
...........................................................................................................................................
Loading User Symbols
Loading unloaded module list
..........
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck A, {bbbe1bb8, 1b, 0, 81f03703}
Probably caused by : ntkrpamp.exe ( nt!EtwpCCSwapTrace+3b1 )
Followup: MachineOwner
---------
0: kd> !analyze -v;r;kv;lmtn
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: bbbe1bb8, memory referenced
Arg2: 0000001b, IRQL
Arg3: 00000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: 81f03703, address which referenced memory
Debugging Details:
------------------
READ_ADDRESS: GetPointerFromAddress: unable to read from 81f85868
Unable to read MiSystemVaType memory at 81f65420
bbbe1bb8
CURRENT_IRQL: 1b
FAULTING_IP:
nt!EtwpCCSwapTrace+3b1
81f03703 8b45d8 mov eax,dword ptr [ebp-28h]
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xA
PROCESS_NAME: hl.exe
TRAP_FRAME: 9bbe1b18 -- (.trap 0xffffffff9bbe1b18)
ErrCode = 00000000
eax=8404b086 ebx=001d8800 ecx=00000000 edx=00000002 esi=00000004 edi=8404b008
eip=81f03703 esp=9bbe1b8c ebp=bbbe1be0 iopl=0 nv up ei ng nz ac po cy
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010293
nt!EtwpCCSwapTrace+0x3b1:
81f03703 8b45d8 mov eax,dword ptr [ebp-28h] ss:0010:bbbe1bb8=????????
Resetting default scope
LAST_CONTROL_TRANSFER: from 81f03703 to 81ea8d84
STACK_TEXT:
9bbe1b18 81f03703 badb0d00 00000002 81f05b87 nt!KiTrap0E+0x2ac
9bbe1ba0 81f03215 0000000f 85f1dd78 00000000 nt!EtwpCCSwapTrace+0x3b1
9bbe1bbc 81e26f85 001d9a8e 05696496 00000000 nt!EtwTraceContextSwap+0x14a
9bbe1bd8 81e274f2 9bbe1c2c 81f03215 0000000f hal!HalpGetPmTimerPerfCounterValue+0x29
9bbe1c10 81e2230c e017bce5 00000004 00000206 hal!HalpPmTimerQueryPerformanceCounter+0x42
9bbe1d18 81e2230c 00000102 0593fe00 81e6df80 hal!HalpDispatchSoftwareInterrupt+0x5e
9bbe1d50 81ea5a7a 000001bc 00000000 9bbe1d14 hal!HalpDispatchSoftwareInterrupt+0x5e
9bbe1d50 76e79a94 000001bc 00000000 9bbe1d14 nt!KiFastCallEntry+0x12a
WARNING: Frame IP not in any known module. Following frames may be wrong.
0593fe5c 00000000 00000000 00000000 00000000 0x76e79a94
STACK_COMMAND: kb
FOLLOWUP_IP:
nt!EtwpCCSwapTrace+3b1
81f03703 8b45d8 mov eax,dword ptr [ebp-28h]
SYMBOL_STACK_INDEX: 1
SYMBOL_NAME: nt!EtwpCCSwapTrace+3b1
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrpamp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 4812bd71
FAILURE_BUCKET_ID: 0xA_nt!EtwpCCSwapTrace+3b1
BUCKET_ID: 0xA_nt!EtwpCCSwapTrace+3b1
Followup: MachineOwner
---------
eax=81f46920 ebx=0000001b ecx=81f4e1f8 edx=00000348 esi=81f4693c edi=9bbe1790
eip=81ea8d84 esp=9bbe1b00 ebp=9bbe1b18 iopl=0 nv up ei pl nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000202
nt!KiTrap0E+0x2ac:
81ea8d84 833d64ccf78100 cmp dword ptr [nt!KiFreezeFlag (81f7cc64)],0 ds:0023:81f7cc64=????????
ChildEBP RetAddr Args to Child
9bbe1b18 81f03703 badb0d00 00000002 81f05b87 nt!KiTrap0E+0x2ac (FPO: [0,0] TrapFrame @ 9bbe1b18)
9bbe1ba0 81f03215 0000000f 85f1dd78 00000000 nt!EtwpCCSwapTrace+0x3b1
9bbe1bbc 81e26f85 001d9a8e 05696496 00000000 nt!EtwTraceContextSwap+0x14a
9bbe1bd8 81e274f2 9bbe1c2c 81f03215 0000000f hal!HalpGetPmTimerPerfCounterValue+0x29 (FPO: [Non-Fpo])
9bbe1c10 81e2230c e017bce5 00000004 00000206 hal!HalpPmTimerQueryPerformanceCounter+0x42 (FPO: [Non-Fpo])
9bbe1d18 81e2230c 00000102 0593fe00 81e6df80 hal!HalpDispatchSoftwareInterrupt+0x5e (FPO: [Non-Fpo])
9bbe1d50 81ea5a7a 000001bc 00000000 9bbe1d14 hal!HalpDispatchSoftwareInterrupt+0x5e (FPO: [Non-Fpo])
9bbe1d50 76e79a94 000001bc 00000000 9bbe1d14 nt!KiFastCallEntry+0x12a (FPO: [0,3] TrapFrame @ 9bbe1d64)
WARNING: Frame IP not in any known module. Following frames may be wrong.
0593fe5c 00000000 00000000 00000000 00000000 0x76e79a94
start end module name
80404000 8040c000 kdcom kdcom.dll Sat Jan 19 02:31:53 2008 (4791A769)
8040c000 8041d000 PSHED PSHED.dll Sat Jan 19 02:31:21 2008 (4791A749)
8041d000 80425000 BOOTVID BOOTVID.dll Sat Jan 19 02:27:15 2008 (4791A653)
80425000 80466000 CLFS CLFS.SYS Sat Jan 19 00:28:01 2008 (47918A61)
80466000 80546000 CI CI.dll Fri Feb 22 00:00:56 2008 (47BE5708)
80546000 805c2000 Wdf01000 Wdf01000.sys Sat Jan 19 00:52:21 2008 (47919015)
805c2000 805cf000 WDFLDR WDFLDR.SYS Sat Jan 19 00:52:19 2008 (47919013)
805cf000 805dd000 Npfs Npfs.SYS Sat Jan 19 00:28:09 2008 (47918A69)
805dd000 805f3000 tdx tdx.sys Sat Jan 19 00:55:58 2008 (479190EE)
80600000 80609000 rasacd rasacd.sys Sat Jan 19 00:56:31 2008 (4791910F)
8060d000 8070d000 sptd sptd.sys Wed Mar 05 19:32:57 2008 (47CF3BB9)
8070d000 80716000 WMILIB WMILIB.SYS Sat Jan 19 00:53:08 2008 (47919044)
80716000 8073c000 SCSIPORT SCSIPORT.SYS Sat Jan 19 00:49:44 2008 (47918F78)
8073c000 80782000 acpi acpi.sys Sat Jan 19 00:32:48 2008 (47918B80)
80782000 8078a000 msisadrv msisadrv.sys Sat Jan 19 00:32:51 2008 (47918B83)
8078a000 807b1000 pci pci.sys Sat Jan 19 00:32:57 2008 (47918B89)
807b1000 807c0000 partmgr partmgr.sys Sat Jan 19 00:49:54 2008 (47918F82)
807c0000 807cf000 volmgr volmgr.sys Sat Jan 19 00:49:51 2008 (47918F7F)
807cf000 807f0000 VIDEOPRT VIDEOPRT.SYS Sat Jan 19 00:52:10 2008 (4791900A)
807f0000 807fb000 Msfs Msfs.SYS unavailable (00000000)
81e1b000 81e4e000 hal halmacpi.dll Sat Jan 19 00:27:20 2008 (47918A38)
81e4e000 82207000 nt ntkrpamp.exe Sat Apr 26 01:28:17 2008 (4812BD71)
82c00000 82c08000 rdpencdd rdpencdd.sys Sat Jan 19 01:01:09 2008 (47919225)
82c0c000 82c56000 volmgrx volmgrx.sys Sat Jan 19 00:50:00 2008 (47918F88)
82c56000 82c5d000 pciide pciide.sys Sat Jan 19 00:49:42 2008 (47918F76)
82c5d000 82c6b000 PCIIDEX PCIIDEX.SYS Sat Jan 19 00:49:40 2008 (47918F74)
82c6b000 82c7b000 mountmgr mountmgr.sys Sat Jan 19 00:49:13 2008 (47918F59)
82c7b000 82c83000 atapi atapi.sys Sat Jan 19 00:49:40 2008 (47918F74)
82c83000 82ca1000 ataport ataport.SYS Sat Jan 19 00:49:40 2008 (47918F74)
82ca1000 82cd3000 fltmgr fltmgr.sys Sat Jan 19 00:28:10 2008 (47918A6A)
82cd3000 82ce3000 fileinfo fileinfo.sys Sat Jan 19 00:34:27 2008 (47918BE3)
82ce3000 82d54000 ksecdd ksecdd.sys Sat Jan 19 00:41:20 2008 (47918D80)
82d54000 82df3000 dxgkrnl dxgkrnl.sys Fri Aug 01 21:01:19 2008 (4893B1DF)
82df3000 82dff000 vga vga.sys Sat Jan 19 00:52:06 2008 (47919006)
82e05000 82f10000 ndis ndis.sys Sat Jan 19 00:55:51 2008 (479190E7)
82f10000 82f3b000 msrpc msrpc.sys unavailable (00000000)
82f3b000 82f75000 NETIO NETIO.SYS Sat Jan 19 00:56:19 2008 (47919103)
82f75000 82f8d000 cdrom cdrom.sys Sat Jan 19 00:49:50 2008 (47918F7E)
82f8d000 82fa5000 parport parport.sys Sat Jan 19 00:49:32 2008 (47918F6C)
82fa5000 82fb8000 i8042prt i8042prt.sys Sat Jan 19 00:49:17 2008 (47918F5D)
82fb8000 82fd2000 serial serial.sys Sat Jan 19 00:49:34 2008 (47918F6E)
82fd2000 82ff7000 drmk drmk.sys Sat Jan 19 01:53:02 2008 (47919E4E)
82ff7000 83000000 Fs_Rec Fs_Rec.SYS unavailable (00000000)
87e00000 87e0a000 serenum serenum.sys Sat Jan 19 00:49:29 2008 (47918F69)
87e0d000 87ef4000 tcpip tcpip.sys Sat Apr 26 02:00:17 2008 (4812C4F1)
87ef4000 87f0f000 fwpkclnt fwpkclnt.sys Sat Jan 19 00:55:44 2008 (479190E0)
87f0f000 87f3c000 ahcix86s ahcix86s.sys Mon Apr 16 06:16:33 2007 (46234D01)
87f3c000 87f7d000 storport storport.sys Sat Jan 19 00:49:49 2008 (47918F7D)
87faa000 87fba000 amdk8 amdk8.sys Sat Jan 19 00:27:20 2008 (47918A38)
87fba000 87ff8000 USBPORT USBPORT.SYS Sat Jan 19 00:53:23 2008 (47919053)
87ff8000 88000000 RDPCDD RDPCDD.sys Sat Jan 19 01:01:08 2008 (47919224)
88000000 88009000 tunmp tunmp.sys Sat Jan 19 00:55:40 2008 (479190DC)
8800a000 88119000 Ntfs Ntfs.sys Sat Jan 19 00:28:54 2008 (47918A96)
88119000 88152000 volsnap volsnap.sys Sat Jan 19 00:50:10 2008 (47918F92)
88152000 8815a000 spldr spldr.sys Thu Jun 21 20:29:17 2007 (467B17DD)
8815a000 8815b480 speedfan speedfan.sys Sun Sep 24 09:28:47 2006 (4516880F)
8815c000 8816b000 mup mup.sys Sat Jan 19 00:28:20 2008 (47918A74)
8816b000 8816b680 giveio giveio.sys Wed Apr 03 22:33:25 1996 (316334F5)
8816c000 88193000 ecache ecache.sys Sat Jan 19 00:50:47 2008 (47918FB7)
88193000 881a4000 disk disk.sys Sat Jan 19 00:49:47 2008 (47918F7B)
881a4000 881c5000 CLASSPNP CLASSPNP.SYS Sat Jan 19 00:49:36 2008 (47918F70)
881c5000 881cd000 AtiPcie AtiPcie.sys Mon Oct 30 14:22:24 2006 (454642E0)
881cd000 881d6000 crcdisk crcdisk.sys Thu Nov 02 04:52:27 2006 (4549B1CB)
881ed000 881f8000 tunnel tunnel.sys Sat Jan 19 00:55:50 2008 (479190E6)
881f8000 881ff000 Beep Beep.SYS Sat Jan 19 00:49:10 2008 (47918F56)
8dc05000 8dc3c000 aws8k90a aws8k90a.SYS Sun Jul 20 20:16:38 2008 (4883D566)
8dc3c000 8dc6a000 msiscsi msiscsi.sys Sat Jan 19 00:50:44 2008 (47918FB4)
8dc6a000 8dc75000 TDI TDI.SYS Sat Jan 19 00:57:10 2008 (47919136)
8dc75000 8dc8c000 rasl2tp rasl2tp.sys Sat Jan 19 00:56:33 2008 (47919111)
8dc8c000 8dc97000 ndistapi ndistapi.sys Sat Jan 19 00:56:24 2008 (47919108)
8dc97000 8dcba000 ndiswan ndiswan.sys Sat Jan 19 00:56:32 2008 (47919110)
8dcba000 8dcc9000 raspppoe raspppoe.sys Sat Jan 19 00:56:33 2008 (47919111)
8dcc9000 8dcdd000 raspptp raspptp.sys Sat Jan 19 00:56:34 2008 (47919112)
8dcdd000 8dcf2000 rassstp rassstp.sys Sat Jan 19 00:56:43 2008 (4791911B)
8dcf2000 8dd02000 termdd termdd.sys Sat Jan 19 01:01:06 2008 (47919222)
8dd02000 8dd03380 swenum swenum.sys Sat Jan 19 00:49:20 2008 (47918F60)
8dd04000 8dd2e000 ks ks.sys Sat Jan 19 00:49:21 2008 (47918F61)
8dd2e000 8dd30800 mfpvbus mfpvbus.sys Fri Oct 20 04:57:10 2006 (45388F66)
8dd31000 8dd3b000 mssmbios mssmbios.sys Sat Jan 19 00:32:55 2008 (47918B87)
8dd3b000 8dd48000 umbus umbus.sys Sat Jan 19 00:53:40 2008 (47919064)
8dd48000 8dd7c000 usbhub usbhub.sys Sat Jan 19 00:53:40 2008 (47919064)
8dd7c000 8ddbb000 HdAudio HdAudio.sys Wed Nov 01 21:43:11 2006 (45494D2F)
8ddbb000 8dde8000 portcls portcls.sys Sat Jan 19 00:53:17 2008 (4791904D)
8dde8000 8ddf9000 NDProxy NDProxy.SYS Sat Jan 19 00:56:28 2008 (4791910C)
8ddf9000 8de00000 Null Null.SYS unavailable (00000000)
8e000000 8e00b000 mouclass mouclass.sys Sat Jan 19 00:49:14 2008 (47918F5A)
8e00b000 8e5ae000 atikmdag atikmdag.sys Fri Aug 01 01:00:10 2008 (4892985A)
8e5ae000 8e5bb000 watchdog watchdog.sys Sat Jan 19 00:35:29 2008 (47918C21)
8e5bb000 8e5cd000 HDAudBus HDAudBus.sys Tue Nov 27 18:18:41 2007 (474CA5D1)
8e5cd000 8e5dc000 Rtlh86 Rtlh86.sys Tue Sep 26 07:20:27 2006 (45190CFB)
8e5dc000 8e5e6000 usbohci usbohci.sys Sat Jan 19 00:53:21 2008 (47919051)
8e5e6000 8e5f5000 usbehci usbehci.sys Sat Jan 19 00:53:21 2008 (47919051)
8e5f5000 8e600000 kbdclass kbdclass.sys Sat Jan 19 00:49:14 2008 (47918F5A)
8e806000 8e81a000 smb smb.sys Sat Jan 19 00:55:27 2008 (479190CF)
8e81a000 8e862000 afd afd.sys Sat Jan 19 00:57:00 2008 (4791912C)
8e862000 8e894000 netbt netbt.sys Sat Jan 19 00:55:33 2008 (479190D5)
8e894000 8e8aa000 pacer pacer.sys Fri Apr 04 21:21:42 2008 (47F6D426)
8e8aa000 8e8b8000 netbios netbios.sys Sat Jan 19 00:55:45 2008 (479190E1)
8e8b8000 8e8cb000 wanarp wanarp.sys Sat Jan 19 00:56:31 2008 (4791910F)
8e8cb000 8e907000 rdbss rdbss.sys Sat Jan 19 00:28:34 2008 (47918A82)
8e907000 8e911000 nsiproxy nsiproxy.sys Sat Jan 19 00:55:50 2008 (479190E6)
8e911000 8e928000 dfsc dfsc.sys Sat Jan 19 00:28:20 2008 (47918A74)
8e928000 8e931000 hidusb hidusb.sys Sat Jan 19 00:53:17 2008 (4791904D)
8e931000 8e941000 HIDCLASS HIDCLASS.SYS Sat Jan 19 00:53:16 2008 (4791904C)
8e941000 8e947380 HIDPARSE HIDPARSE.SYS Sat Jan 19 00:53:16 2008 (4791904C)
8e948000 8e949700 USBD USBD.SYS Sat Jan 19 00:53:17 2008 (4791904D)
8e94a000 8e952000 mouhid mouhid.sys Sat Jan 19 00:49:16 2008 (47918F5C)
8e952000 8e968000 cdfs cdfs.sys Sat Jan 19 00:28:02 2008 (47918A62)
8e968000 8e975000 crashdmp crashdmp.sys Sat Jan 19 00:49:43 2008 (47918F77)
8e975000 8e97f000 dump_diskdump dump_diskdump.sys Sat Jan 19 00:49:43 2008 (47918F77)
8e97f000 8e9ac000 dump_ahcix86s dump_ahcix86s.sys Mon Apr 16 06:16:33 2007 (46234D01)
8e9ac000 8e9b6000 Dxapi Dxapi.sys Sat Jan 19 00:36:12 2008 (47918C4C)
8e9b6000 8e9c5000 monitor monitor.sys Sat Jan 19 00:52:19 2008 (47919013)
8e9c5000 8e9e0000 luafv luafv.sys Sat Jan 19 00:30:35 2008 (47918AFB)
940f0000 942f1000 win32k win32k.sys Thu Feb 28 23:21:37 2008 (47C78851)
94310000 94319000 TSDDD TSDDD.dll unavailable (00000000)
94330000 9433e000 cdd cdd.dll Fri Aug 01 23:26:17 2008 (4893D3D9)
96c0e000 96cbd000 spsys spsys.sys Thu Jun 21 20:33:02 2007 (467B18BE)
96cbd000 96ccd000 lltdio lltdio.sys Sat Jan 19 00:55:03 2008 (479190B7)
96ccd000 96ce0000 rspndr rspndr.sys Sat Jan 19 00:55:03 2008 (479190B7)
96ce0000 96d4b000 HTTP HTTP.sys Sat Jan 19 00:55:21 2008 (479190C9)
96d4b000 96d68000 srvnet srvnet.sys Sat Jan 19 00:29:11 2008 (47918AA7)
96d68000 96d81000 bowser bowser.sys Sat Jan 19 00:28:26 2008 (47918A7A)
96d81000 96d96000 mpsdrv mpsdrv.sys Sat Jan 19 00:54:45 2008 (479190A5)
96d96000 96db6000 mrxdav mrxdav.sys Sat Jan 19 00:28:44 2008 (47918A8C)
96db6000 96dd5000 mrxsmb mrxsmb.sys Sat Jan 19 00:28:33 2008 (47918A81)
96dd5000 96de1000 tssecsrv tssecsrv.sys Sat Jan 19 01:01:15 2008 (4791922B)
98406000 9843f000 mrxsmb10 mrxsmb10.sys Thu May 08 15:21:54 2008 (482352D2)
9843f000 98457000 mrxsmb20 mrxsmb20.sys Sat Jan 19 00:28:35 2008 (47918A83)
98457000 9847e000 srv2 srv2.sys Sat Jan 19 00:29:14 2008 (47918AAA)
9847e000 984ca000 srv srv.sys Sat Jan 19 00:29:25 2008 (47918AB5)
984ca000 984d3000 asyncmac asyncmac.sys Sat Jan 19 00:56:29 2008 (4791910D)
984d3000 984db880 mfpec mfpec.sys Sun May 06 23:44:14 2007 (463EA08E)
984dc000 984e3000 parvdm parvdm.sys unavailable (00000000)
984e3000 985c1000 peauth peauth.sys Mon Oct 23 04:55:32 2006 (453C8384)
985c1000 985cb000 secdrv secdrv.SYS Wed Sep 13 09:18:32 2006 (45080528)
985cb000 985d7000 tcpipreg tcpipreg.sys Sat Jan 19 00:56:07 2008 (479190F7)
985d7000 985f4000 000 000.fcl Thu Oct 04 22:45:19 2007 (4705A53F)
985f4000 985ff000 tdtcp tdtcp.sys Sat Jan 19 01:01:08 2008 (47919224)
a0c0b000 a0c3e000 RDPWD RDPWD.SYS Sat Jan 19 01:01:16 2008 (4791922C)
Unloaded modules:
a0c46000 a0c4e000 drmkaud.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
a0c42000 a0c44000 MSTEE.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
a0c44000 a0c46000 MSPQM.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
a0c40000 a0c42000 MSKSSRV.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
a0c3e000 a0c40000 MSPCLOCK.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
8e9e9000 8e9f1000 drmkaud.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
8e9e0000 8e9e9000 mfpec.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
881d6000 881e3000 crashdmp.sys
Timestamp: unavailable (00000000)
Checksum: 00000000
881e3000 881ed000 dump_storpor
Timestamp: unavailable (00000000)
Checksum: 00000000
87f7d000 87faa000 dump_ahcix86
Timestamp: unavailable (00000000)
Checksum: 00000000
0: kd> lmv
start end module name
80404000 8040c000 kdcom (deferred)
Mapped memory image file: c:\symbols\kdcom.dll\4791A7698000\kdcom.dll
Image path: kdcom.dll
Image name: kdcom.dll
Timestamp: Sat Jan 19 02:31:53 2008 (4791A769)
CheckSum: 000103E9
ImageSize: 00008000
File version: 6.0.6001.18000
Product version: 6.0.6001.18000
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.A Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: kdcom.dll
OriginalFilename: kdcom.dll
ProductVersion: 6.0.6001.18000
FileVersion: 6.0.6001.18000 (longhorn_rtm.080118-1840)
FileDescription: Kernel Debugger HW Extension DLL
LegalCopyright: © Microsoft Corporation. All rights reserved.
8040c000 8041d000 PSHED (deferred)
Mapped memory image file: c:\symbols\PSHED.dll\4791A74911000\PSHED.dll
Image path: \SystemRoot\system32\PSHED.dll
Image name: PSHED.dll
Timestamp: Sat Jan 19 02:31:21 2008 (4791A749)
CheckSum: 00013A4A
ImageSize: 00011000
File version: 6.0.6001.18000
Product version: 6.0.6001.18000
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.7 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: pshed.dll
OriginalFilename: pshed.dll
ProductVersion: 6.0.6001.18000
FileVersion: 6.0.6001.18000 (longhorn_rtm.080118-1840)
FileDescription: Platform Specific Hardware Error Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
8041d000 80425000 BOOTVID (deferred)
Mapped memory image file: c:\symbols\BOOTVID.dll\4791A6538000\BOOTVID.dll
Image path: \SystemRoot\system32\BOOTVID.dll
Image name: BOOTVID.dll
Timestamp: Sat Jan 19 02:27:15 2008 (4791A653)
CheckSum: 00006DE9
ImageSize: 00008000
File version: 6.0.6001.18000
Product version: 6.0.6001.18000
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.4 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: bootvid.dll
OriginalFilename: bootvid.dll
ProductVersion: 6.0.6001.18000
FileVersion: 6.0.6001.18000 (longhorn_rtm.080118-1840)
FileDescription: VGA Boot Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
80425000 80466000 CLFS (deferred)
Mapped memory image file: c:\symbols\CLFS.SYS\47918A6141000\CLFS.SYS
Image path: \SystemRoot\system32\CLFS.SYS
Image name: CLFS.SYS
Timestamp: Sat Jan 19 00:28:01 2008 (47918A61)
CheckSum: 00045E7D
ImageSize: 00041000
File version: 6.0.6001.18000
Product version: 6.0.6001.18000
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.7 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: clfs.sys
OriginalFilename: Clfs.Sys
ProductVersion: 6.0.6001.18000
FileVersion: 6.0.6001.18000 (longhorn_rtm.080118-1840)
FileDescription: Common Log File System Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
80466000 80546000 CI (deferred)
Mapped memory image file: c:\symbols\CI.dll\47BE5708e0000\CI.dll
Image path: \SystemRoot\system32\CI.dll
Image name: CI.dll
Timestamp: Fri Feb 22 00:00:56 2008 (47BE5708)
CheckSum: 0009D7CF
ImageSize: 000E0000
File version: 6.0.6001.18023
Product version: 6.0.6001.18023
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.7 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: ci.dll
OriginalFilename: ci.dll
ProductVersion: 6.0.6001.18023
FileVersion: 6.0.6001.18023 (vistasp1_gdr.080221-1537)
FileDescription: Code Integrity Module
LegalCopyright: © Microsoft Corporation. All rights reserved.
80546000 805c2000 Wdf01000 (deferred)
Mapped memory image file: c:\symbols\Wdf01000.sys\479190157c000\Wdf01000.sys
Image path: \SystemRoot\system32\drivers\Wdf01000.sys
Image name: Wdf01000.sys
Timestamp: Sat Jan 19 00:52:21 2008 (47919015)
CheckSum: 000831D4
ImageSize: 0007C000
File version: 1.7.6001.0
Product version: 1.7.6001.0
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.7 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: wdf01000.sys
OriginalFilename: wdf01000.sys
ProductVersion: 1.7.6001.0
FileVersion: 1.7.6001.0 (longhorn_rtm.080118-1840)
FileDescription: WDF Dynamic
LegalCopyright: © Microsoft Corporation. All rights reserved.
805c2000 805cf000 WDFLDR (deferred)
Mapped memory image file: c:\symbols\WDFLDR.SYS\47919013d000\WDFLDR.SYS
Image path: \SystemRoot\system32\drivers\WDFLDR.SYS
Image name: WDFLDR.SYS
Timestamp: Sat Jan 19 00:52:19 2008 (47919013)
CheckSum: 00014B62
ImageSize: 0000D000
File version: 1.7.6001.0
Product version: 1.7.6001.0
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.7 Driver
File date: 00000000.00000000
Translations: 0000.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: wdfldr.sys
OriginalFilename: wdfldr.sys
ProductVersion: 1.7.6001.0
FileVersion: 1.7.6001.0 (longhorn_rtm.080118-1840)
FileDescription: WDFLDR
LegalCopyright: © Microsoft Corporation. All rights reserved.
805cf000 805dd000 Npfs (deferred)
Mapped memory image file: c:\symbols\Npfs.SYS\47918A69e000\Npfs.SYS
Image path: \SystemRoot\System32\Drivers\Npfs.SYS
Image name: Npfs.SYS
Timestamp: Sat Jan 19 00:28:09 2008 (47918A69)
CheckSum: 0000FC89
ImageSize: 0000E000
File version: 6.0.6001.18000
Product version: 6.0.6001.18000
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.7 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: npfs.sys
OriginalFilename: npfs.sys
ProductVersion: 6.0.6001.18000
FileVersion: 6.0.6001.18000 (longhorn_rtm.080118-1840)
FileDescription: NPFS Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
805dd000 805f3000 tdx (deferred)
Mapped memory image file: c:\symbols\tdx.sys\479190EE16000\tdx.sys
Image path: \SystemRoot\system32\DRIVERS\tdx.sys
Image name: tdx.sys
Timestamp: Sat Jan 19 00:55:58 2008 (479190EE)
CheckSum: 0001391F
ImageSize: 00016000
File version: 6.0.6001.18000
Product version: 6.0.6001.18000
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.6 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: tdx.sys
OriginalFilename: tdx.sys
ProductVersion: 6.0.6001.18000
FileVersion: 6.0.6001.18000 (longhorn_rtm.080118-1840)
FileDescription: TDI Translation Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
80600000 80609000 rasacd (deferred)
Mapped memory image file: c:\symbols\rasacd.sys\4791910F9000\rasacd.sys
Image path: \SystemRoot\System32\DRIVERS\rasacd.sys
Image name: rasacd.sys
Timestamp: Sat Jan 19 00:56:31 2008 (4791910F)
CheckSum: 00005E0B
ImageSize: 00009000
File version: 6.0.6001.18000
Product version: 6.0.6001.18000
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.6 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: rasacd.sys
OriginalFilename: rasacd.sys
ProductVersion: 6.0.6001.18000
FileVersion: 6.0.6001.18000 (longhorn_rtm.080118-1840)
FileDescription: RAS Automatic Connection Driver
LegalCopyright: © Microsoft Corporation. All rights reserved.
8060d000 8070d000 sptd (deferred)
Image path: \SystemRoot\System32\Drivers\sptd.sys
Image name: sptd.sys
Timestamp: Wed Mar 05 19:32:57 2008 (47CF3BB9)
CheckSum: 000B4211
ImageSize: 00100000
Translations: 0000.04b0 0000.04e0 0409.04b0 0409.04e0
8070d000 80716000 WMILIB (deferred)
Mapped memory image file: c:\symbols\WMILIB.SYS\479190449000\WMILIB.SYS
Image path: \SystemRoot\System32\Drivers\WMILIB.SYS
Image name: WMILIB.SYS
Timestamp: Sat Jan 19 00:53:08 2008 (47919044)
CheckSum: 0000B6F9
ImageSize: 00009000
File version: 6.0.6001.18000
Product version: 6.0.6001.18000
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.7 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: WmiLib.sys
OriginalFilename: WmiLib.sys
ProductVersion: 6.0.6001.18000
FileVersion: 6.0.6001.18000 (longhorn_rtm.080118-1840)
FileDescription: WMILIB WMI support library Dll
LegalCopyright: © Microsoft Corporation. All rights reserved.
80716000 8073c000 SCSIPORT (deferred)
Mapped memory image file: c:\symbols\SCSIPORT.SYS\47918F7826000\SCSIPORT.SYS
Image path: \SystemRoot\System32\Drivers\SCSIPORT.SYS
Last edited by jcgriff2; 09-26-2008 at 04:46 PM. |
|
|
|
|
| Thread Tools | |
|
|
