Go Back   Tech Support Forum > Microsoft Support > BSOD, App Crashes And Hangs

User Tag List

Frequent BSODs over the past few hours

This is a discussion on Frequent BSODs over the past few hours within the BSOD, App Crashes And Hangs forums, part of the Tech Support Forum category. Code: Windows 7 x64 (Original OS) OEM Hardware is about 5-6 years old OS installation is less than a year


Closed Thread
 
Thread Tools Search this Thread
Old 03-22-2015, 10:02 PM   #1
Registered Member
 
Join Date: Jun 2013
Posts: 6
OS: Windows 7



Code:
Windows 7 x64 (Original OS)
OEM
Hardware is about 5-6 years old
OS installation is less than a year old
This is the third time I've re-installed the OS

AMD Athlon II P360 Dual-Core @ 2.3GHz
ATI Mobility Radeon HD 4250

Laptop - HP Pavilion G6 (Don't have the exact model number, as the label has worn off)
As stated in the thread title, I've had a number of BSODs over the last couple of hours. The only activity has been downloading Steam games and web browsing. The laptop itself has been on its last legs for a while now, so I'm not surprised by this, but it will be a few months before I can get a new system and I'd like to have reasonable stability until then. Note that as I type this it has been a fairly long while since the last BSOD and the error is one I've had before in isolated crashes, so it may just be the laptop throwing a fit as it likes to do every month or so. I'll update the post if I see any more crashes in the next couple of days.

I assume this is covered in the attached files, but in case it isn't, this was the report given at the last restart:

Code:
Problem signature:
  Problem Event Name:    BlueScreen
  OS Version:    6.1.7601.2.1.0.768.3
  Locale ID:    1033

Additional information about the problem:
  BCCode:    d1
  BCP1:    0000000000000044
  BCP2:    0000000000000002
  BCP3:    0000000000000000
  BCP4:    FFFFF880068E78C1
  OS Version:    6_1_7601
  Service Pack:    1_0
  Product:    768_1
Many thanks in advance!
Attached Files
File Type: zip SysnativeFileCollectionApp.zip (1.15 MB, 246 views)
File Type: zip PERFMON.zip (139.3 KB, 60 views)
Phraustt is offline  
Sponsored Links
Advertisement
 
Old 03-22-2015, 10:12 PM   #2
Administrator
Manager, Microsoft Support
Acting Manager, Security
BSOD Kernel Dump Expert
Microsoft Windows Insider MVP
 
jcgriff2's Avatar

Microsoft Most Valuable Professional
 
Join Date: Sep 2007
Location: New Jersey Shore
Posts: 34,338
OS: Windows 10, 8.1 + Windbg :)



Hi -

Update your Atheros AR9285 802.11b/g WiFi Adapter driver. It pre-dates Windows 7 -
Code:
athrx.sys    Tue Jun 09 14:06:49 2009 (4A2EA4B9)
http://sysnative.com/drivers/driver.php?id=athrx.sys

Also, system reports show only 2 Windows Updates installed. There should be in excess of 200.

Regards. . .

jcgriff2

`

Code:


Microsoft (R) Windows Debugger Version 6.3.9600.16384 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Users\PalmDesert\AppData\Local\Temp\Temp1_SysnativeFileCollectionApp.zip\032215-22074-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available


************* Symbol Path validation summary **************
Response                         Time (ms)     Location
Deferred                                       SRV*c:\symbols*https://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*c:\symbols*https://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7601.17514.amd64fre.win7sp1_rtm.101119-1850
Machine Name:
Kernel base = 0xfffff800`02c68000 PsLoadedModuleList = 0xfffff800`02eade90
Debug session time: Sun Mar 22 21:59:51.190 2015 (UTC - 4:00)
System Uptime: 2 days 21:33:43.371
Loading Kernel Symbols
...............................................................
................................................................
......................
Loading User Symbols
Loading unloaded module list
...........................
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck D1, {44, 2, 0, fffff880068a48c1}

*** WARNING: Unable to verify timestamp for athrx.sys
*** ERROR: Module load completed but symbols could not be loaded for athrx.sys
Processing initial command '!analyze -v;r;kv;lmtn;lmtsmn;.bugcheck'
Probably caused by : athrx.sys ( athrx+5c8c1 )

Followup: MachineOwner
---------

1: kd> !analyze -v;r;kv;lmtn;lmtsmn;.bugcheck
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 0000000000000044, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffff880068a48c1, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002f190e8
GetUlongFromAddress: unable to read from fffff80002f19198
 0000000000000044 Nonpaged pool

CURRENT_IRQL:  2

FAULTING_IP: 
athrx+5c8c1
fffff880`068a48c1 ??              ???

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT

BUGCHECK_STR:  0xD1

PROCESS_NAME:  System

ANALYSIS_VERSION: 6.3.9600.16384 (debuggers(dbg).130821-1623) amd64fre

TRAP_FRAME:  fffff8800a511380 -- (.trap 0xfffff8800a511380)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffffa8005c56488
rdx=fffffa8005c56488 rsi=0000000000000000 rdi=0000000000000000
rip=fffff880068a48c1 rsp=fffff8800a511510 rbp=0000000000000000
 r8=0000000000000000  r9=fffffa800741ba18 r10=fffffa8005424340
r11=fffffa8005c56488 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz na pe nc
athrx+0x5c8c1:
fffff880`068a48c1 ??              ???
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff80002ce7be9 to fffff80002ce8640

STACK_TEXT:  
fffff880`0a511238 fffff800`02ce7be9 : 00000000`0000000a 00000000`00000044 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
fffff880`0a511240 fffff800`02ce6860 : fffffa80`03c82470 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
fffff880`0a511380 fffff880`068a48c1 : fffffa80`05c56488 00000000`00000000 00000000`00000000 fffffa80`05fb5030 : nt!KiPageFault+0x260
fffff880`0a511510 fffffa80`05c56488 : 00000000`00000000 00000000`00000000 fffffa80`05fb5030 fffffa80`0000001a : athrx+0x5c8c1
fffff880`0a511518 00000000`00000000 : 00000000`00000000 fffffa80`05fb5030 fffffa80`0000001a fffffa80`03ea47b0 : 0xfffffa80`05c56488


STACK_COMMAND:  kb

FOLLOWUP_IP: 
athrx+5c8c1
fffff880`068a48c1 ??              ???

SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  athrx+5c8c1

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: athrx

IMAGE_NAME:  athrx.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4a2ea4b9

FAILURE_BUCKET_ID:  X64_0xD1_athrx+5c8c1

BUCKET_ID:  X64_0xD1_athrx+5c8c1

ANALYSIS_SOURCE:  KM

FAILURE_ID_HASH_STRING:  km:x64_0xd1_athrx+5c8c1

FAILURE_ID_HASH:  {819c2890-2965-3d1b-12d4-14bdcf2667ad}

Followup: MachineOwner
---------

rax=fffff8800a511340 rbx=0000000000000000 rcx=000000000000000a
rdx=0000000000000044 rsi=0000000000000000 rdi=fffffa800741ba98
rip=fffff80002ce8640 rsp=fffff8800a511238 rbp=fffff8800a511400
 r8=0000000000000002  r9=0000000000000000 r10=fffff880068a48c1
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=fffffa80050ae758 r15=fffff88006849980
iopl=0         nv up ei ng nz na pe nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00200282
nt!KeBugCheckEx:
fffff800`02ce8640 48894c2408      mov     qword ptr [rsp+8],rcx ss:0018:fffff880`0a511240=000000000000000a
Child-SP          RetAddr           : Args to Child                                                           : Call Site
fffff880`0a511238 fffff800`02ce7be9 : 00000000`0000000a 00000000`00000044 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
fffff880`0a511240 fffff800`02ce6860 : fffffa80`03c82470 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69
fffff880`0a511380 fffff880`068a48c1 : fffffa80`05c56488 00000000`00000000 00000000`00000000 fffffa80`05fb5030 : nt!KiPageFault+0x260 (TrapFrame @ fffff880`0a511380)
fffff880`0a511510 fffffa80`05c56488 : 00000000`00000000 00000000`00000000 fffffa80`05fb5030 fffffa80`0000001a : athrx+0x5c8c1
fffff880`0a511518 00000000`00000000 : 00000000`00000000 fffffa80`05fb5030 fffffa80`0000001a fffffa80`03ea47b0 : 0xfffffa80`05c56488
start             end                 module name
fffff800`00bd0000 fffff800`00bda000   kdcom    kdcom.dll    Mon Jul 13 21:31:07 2009 (4A5BDFDB)
fffff800`02c1f000 fffff800`02c68000   hal      hal.dll      Sat Nov 20 08:00:25 2010 (4CE7C669)
fffff800`02c68000 fffff800`03252000   nt       ntkrnlmp.exe Sat Nov 20 04:30:02 2010 (4CE7951A)
fffff880`00c00000 fffff880`00c2f000   ndiswan  ndiswan.sys  Sat Nov 20 05:52:32 2010 (4CE7A870)
fffff880`00c35000 fffff880`00c42000   mcupdate mcupdate.dll Mon Jul 13 21:29:09 2009 (4A5BDF65)
fffff880`00c42000 fffff880`00c56000   PSHED    PSHED.dll    Mon Jul 13 21:32:23 2009 (4A5BE027)
fffff880`00c56000 fffff880`00cb4000   CLFS     CLFS.SYS     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`00cb4000 fffff880`00d74000   CI       CI.dll       Sat Nov 20 08:12:36 2010 (4CE7C944)
fffff880`00d74000 fffff880`00dd0000   volmgrx  volmgrx.sys  Sat Nov 20 04:20:43 2010 (4CE792EB)
fffff880`00dd0000 fffff880`00dfa000   ataport  ataport.SYS  Sat Nov 20 04:19:15 2010 (4CE79293)
fffff880`00e00000 fffff880`00e0b000   amdxata  amdxata.sys  Fri Mar 19 12:18:18 2010 (4BA3A3CA)
fffff880`00e17000 fffff880`00ebb000   Wdf01000 Wdf01000.sys Mon Jul 13 19:22:07 2009 (4A5BC19F)
fffff880`00ebb000 fffff880`00eca000   WDFLDR   WDFLDR.SYS   Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`00eca000 fffff880`00f21000   ACPI     ACPI.sys     Sat Nov 20 04:19:16 2010 (4CE79294)
fffff880`00f21000 fffff880`00f2a000   WMILIB   WMILIB.SYS   Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`00f2a000 fffff880`00f34000   msisadrv msisadrv.sys Mon Jul 13 19:19:26 2009 (4A5BC0FE)
fffff880`00f34000 fffff880`00f67000   pci      pci.sys      Sat Nov 20 04:19:11 2010 (4CE7928F)
fffff880`00f67000 fffff880`00f74000   vdrvroot vdrvroot.sys Mon Jul 13 20:01:31 2009 (4A5BCADB)
fffff880`00f74000 fffff880`00f89000   partmgr  partmgr.sys  Sat Nov 20 04:20:00 2010 (4CE792C0)
fffff880`00f89000 fffff880`00f92000   compbatt compbatt.sys Mon Jul 13 19:31:02 2009 (4A5BC3B6)
fffff880`00f92000 fffff880`00f9e000   BATTC    BATTC.SYS    Mon Jul 13 19:31:01 2009 (4A5BC3B5)
fffff880`00f9e000 fffff880`00fb3000   volmgr   volmgr.sys   Sat Nov 20 04:19:28 2010 (4CE792A0)
fffff880`00fb3000 fffff880`00fba000   pciide   pciide.sys   Mon Jul 13 19:19:49 2009 (4A5BC115)
fffff880`00fba000 fffff880`00fca000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`00fca000 fffff880`00fe4000   mountmgr mountmgr.sys Sat Nov 20 04:19:21 2010 (4CE79299)
fffff880`00fe4000 fffff880`00fed000   atapi    atapi.sys    Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00fed000 fffff880`00ff8000   msahci   msahci.sys   Sat Nov 20 05:33:58 2010 (4CE7A416)
fffff880`01016000 fffff880`01062000   fltmgr   fltmgr.sys   Sat Nov 20 04:19:24 2010 (4CE7929C)
fffff880`01062000 fffff880`01076000   fileinfo fileinfo.sys Mon Jul 13 19:34:25 2009 (4A5BC481)
fffff880`01076000 fffff880`010d4000   msrpc    msrpc.sys    Sat Nov 20 04:21:56 2010 (4CE79334)
fffff880`010d4000 fffff880`01146000   cng      cng.sys      Sat Nov 20 05:08:45 2010 (4CE79E2D)
fffff880`01146000 fffff880`01151000   Msfs     Msfs.SYS     Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`01151000 fffff880`01162000   Npfs     Npfs.SYS     Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`01162000 fffff880`01184000   tdx      tdx.sys      Sat Nov 20 04:21:54 2010 (4CE79332)
fffff880`01184000 fffff880`01191000   TDI      TDI.SYS      Sat Nov 20 04:22:06 2010 (4CE7933E)
fffff880`01191000 fffff880`011b7000   tunnel   tunnel.sys   Sat Nov 20 05:51:50 2010 (4CE7A846)
fffff880`011b7000 fffff880`011c0000   wmiacpi  wmiacpi.sys  Mon Jul 13 19:31:02 2009 (4A5BC3B6)
fffff880`011c0000 fffff880`011d5000   amdppm   amdppm.sys   Mon Jul 13 19:19:25 2009 (4A5BC0FD)
fffff880`011d5000 fffff880`011f9000   rasl2tp  rasl2tp.sys  Sat Nov 20 05:52:34 2010 (4CE7A872)
fffff880`01200000 fffff880`01209000   rdprefmp rdprefmp.sys Mon Jul 13 20:16:35 2009 (4A5BCE63)
fffff880`0120c000 fffff880`013af000   Ntfs     Ntfs.sys     Sat Nov 20 04:20:57 2010 (4CE792F9)
fffff880`013af000 fffff880`013ca000   ksecdd   ksecdd.sys   Sat Nov 20 04:21:15 2010 (4CE7930B)
fffff880`013ca000 fffff880`013db000   pcw      pcw.sys      Mon Jul 13 19:19:27 2009 (4A5BC0FF)
fffff880`013db000 fffff880`013e5000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 19:19:45 2009 (4A5BC111)
fffff880`013e5000 fffff880`013f5000   watchdog watchdog.sys Mon Jul 13 19:37:35 2009 (4A5BC53F)
fffff880`013f5000 fffff880`013fe000   rdpencdd rdpencdd.sys Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`01400000 fffff880`01425000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:38:51 2009 (4A5BC58B)
fffff880`0142c000 fffff880`0151f000   ndis     ndis.sys     Sat Nov 20 04:23:30 2010 (4CE79392)
fffff880`0151f000 fffff880`0157f000   NETIO    NETIO.SYS    Sat Nov 20 04:23:13 2010 (4CE79381)
fffff880`0157f000 fffff880`015aa000   ksecpkg  ksecpkg.sys  Sat Nov 20 05:10:34 2010 (4CE79E9A)
fffff880`015aa000 fffff880`015f2000   dtsoftbus01 dtsoftbus01.sys Fri Feb 21 04:49:36 2014 (53072130)
fffff880`015f2000 fffff880`015fb000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`01600000 fffff880`0162a000   cdrom    cdrom.sys    Sat Nov 20 04:19:20 2010 (4CE79298)
fffff880`01630000 fffff880`01834000   tcpip    tcpip.sys    Sat Nov 20 04:25:52 2010 (4CE79420)
fffff880`01834000 fffff880`0187e000   fwpkclnt fwpkclnt.sys Sat Nov 20 04:21:37 2010 (4CE79321)
fffff880`0187e000 fffff880`018ca000   volsnap  volsnap.sys  Sat Nov 20 04:20:08 2010 (4CE792C8)
fffff880`018ca000 fffff880`018d2000   spldr    spldr.sys    Mon May 11 12:56:27 2009 (4A0858BB)
fffff880`018d2000 fffff880`0190c000   rdyboost rdyboost.sys Sat Nov 20 04:43:10 2010 (4CE7982E)
fffff880`0190c000 fffff880`0191e000   mup      mup.sys      Mon Jul 13 19:23:45 2009 (4A5BC201)
fffff880`0191e000 fffff880`01927000   hwpolicy hwpolicy.sys Sat Nov 20 04:18:54 2010 (4CE7927E)
fffff880`01927000 fffff880`01961000   fvevol   fvevol.sys   Sat Nov 20 04:24:06 2010 (4CE793B6)
fffff880`01961000 fffff880`01977000   disk     disk.sys     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`01977000 fffff880`019a7000   CLASSPNP CLASSPNP.SYS Sat Nov 20 04:19:23 2010 (4CE7929B)
fffff880`019a7000 fffff880`019b5000   crashdmp crashdmp.sys Mon Jul 13 20:01:01 2009 (4A5BCABD)
fffff880`019b5000 fffff880`019c8000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
fffff880`019c8000 fffff880`019d4000   Dxapi    Dxapi.sys    Mon Jul 13 19:38:28 2009 (4A5BC574)
fffff880`019df000 fffff880`019e8000   Null     Null.SYS     Mon Jul 13 19:19:37 2009 (4A5BC109)
fffff880`019e8000 fffff880`019ef000   Beep     Beep.SYS     Mon Jul 13 20:00:13 2009 (4A5BCA8D)
fffff880`019ef000 fffff880`019fd000   vga      vga.sys      Mon Jul 13 19:38:47 2009 (4A5BC587)
fffff880`02866000 fffff880`02883000   usbccgp  usbccgp.sys  Sat Nov 20 05:44:03 2010 (4CE7A673)
fffff880`02883000 fffff880`02884f00   USBD     USBD.SYS     Mon Jul 13 20:06:23 2009 (4A5BCBFF)
fffff880`02885000 fffff880`028b2280   usbvideo usbvideo.sys Sat Nov 20 05:44:34 2010 (4CE7A692)
fffff880`028b3000 fffff880`028c1000   monitor  monitor.sys  Mon Jul 13 19:38:52 2009 (4A5BC58C)
fffff880`028c1000 fffff880`028e4000   luafv    luafv.sys    Mon Jul 13 19:26:13 2009 (4A5BC295)
fffff880`028e4000 fffff880`02905000   WudfPf   WudfPf.sys   Sat Nov 20 05:42:44 2010 (4CE7A624)
fffff880`02905000 fffff880`0291a000   lltdio   lltdio.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`0291a000 fffff880`0296d000   nwifi    nwifi.sys    Mon Jul 13 20:07:23 2009 (4A5BCC3B)
fffff880`0296d000 fffff880`02980000   ndisuio  ndisuio.sys  Sat Nov 20 05:50:08 2010 (4CE7A7E0)
fffff880`02980000 fffff880`02998000   rspndr   rspndr.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`02c00000 fffff880`02c0f000   netbios  netbios.sys  Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff880`02c0f000 fffff880`02c2a000   wanarp   wanarp.sys   Sat Nov 20 05:52:36 2010 (4CE7A874)
fffff880`02c2a000 fffff880`02c3e000   termdd   termdd.sys   Sat Nov 20 06:03:40 2010 (4CE7AB0C)
fffff880`02c3e000 fffff880`02c8f000   rdbss    rdbss.sys    Sat Nov 20 04:27:51 2010 (4CE79497)
fffff880`02c8f000 fffff880`02c9b000   nsiproxy nsiproxy.sys Mon Jul 13 19:21:02 2009 (4A5BC15E)
fffff880`02c9b000 fffff880`02ca6000   mssmbios mssmbios.sys Mon Jul 13 19:31:10 2009 (4A5BC3BE)
fffff880`02ca6000 fffff880`02cb5000   discache discache.sys Mon Jul 13 19:37:18 2009 (4A5BC52E)
fffff880`02cb5000 fffff880`02cd3000   dfsc     dfsc.sys     Sat Nov 20 04:26:31 2010 (4CE79447)
fffff880`02cd3000 fffff880`02ce4000   blbdrive blbdrive.sys Mon Jul 13 19:35:59 2009 (4A5BC4DF)
fffff880`02ceb000 fffff880`02d74000   afd      afd.sys      Sat Nov 20 04:23:27 2010 (4CE7938F)
fffff880`02d74000 fffff880`02db9000   netbt    netbt.sys    Sat Nov 20 04:23:18 2010 (4CE79386)
fffff880`02db9000 fffff880`02dc2000   wfplwf   wfplwf.sys   Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff880`02dc2000 fffff880`02de8000   pacer    pacer.sys    Sat Nov 20 05:52:18 2010 (4CE7A862)
fffff880`02de8000 fffff880`02dfe000   vwififlt vwififlt.sys Mon Jul 13 20:07:22 2009 (4A5BCC3A)
fffff880`03400000 fffff880`0344d000   mrxsmb10 mrxsmb10.sys Sat Nov 20 04:26:53 2010 (4CE7945D)
fffff880`0344d000 fffff880`03471000   mrxsmb20 mrxsmb20.sys Sat Nov 20 04:26:47 2010 (4CE79457)
fffff880`03471000 fffff880`034a2000   AODDriver2 AODDriver2.sys Tue Mar 06 04:55:00 2012 (4F55DEF4)
fffff880`034bf000 fffff880`03588000   HTTP     HTTP.sys     Sat Nov 20 04:24:30 2010 (4CE793CE)
fffff880`03588000 fffff880`035a6000   bowser   bowser.sys   Mon Jul 13 19:23:50 2009 (4A5BC206)
fffff880`035a6000 fffff880`035be000   mpsdrv   mpsdrv.sys   Mon Jul 13 20:08:25 2009 (4A5BCC79)
fffff880`035be000 fffff880`035eb000   mrxsmb   mrxsmb.sys   Sat Nov 20 04:27:41 2010 (4CE7948D)
fffff880`0546a000 fffff880`05510000   peauth   peauth.sys   Mon Jul 13 21:01:19 2009 (4A5BD8DF)
fffff880`05510000 fffff880`0551b000   secdrv   secdrv.SYS   Wed Sep 13 09:18:38 2006 (4508052E)
fffff880`0551b000 fffff880`0554c000   srvnet   srvnet.sys   Sat Nov 20 04:27:20 2010 (4CE79478)
fffff880`0554c000 fffff880`0555e000   tcpipreg tcpipreg.sys Sat Nov 20 05:51:48 2010 (4CE7A844)
fffff880`0555e000 fffff880`055c9000   srv2     srv2.sys     Sat Nov 20 04:27:43 2010 (4CE7948F)
fffff880`06400000 fffff880`064f4000   dxgkrnl  dxgkrnl.sys  Sat Nov 20 04:50:50 2010 (4CE799FA)
fffff880`064f4000 fffff880`064ff000   dump_msahci dump_msahci.sys Sat Nov 20 05:33:58 2010 (4CE7A416)
fffff880`064ff000 fffff880`0655e000   atikmpag atikmpag.sys Mon Apr 29 22:48:15 2013 (517F30EF)
fffff880`0655e000 fffff880`065a4000   dxgmms1  dxgmms1.sys  Sat Nov 20 04:49:53 2010 (4CE799C1)
fffff880`065a4000 fffff880`065fa000   USBPORT  USBPORT.SYS  Sat Nov 20 05:44:00 2010 (4CE7A670)
fffff880`06800000 fffff880`0680f000   mouclass mouclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`0680f000 fffff880`06813500   CmBatt   CmBatt.sys   Mon Jul 13 19:31:03 2009 (4A5BC3B7)
fffff880`06814000 fffff880`06824000   CompositeBus CompositeBus.sys Sat Nov 20 05:33:17 2010 (4CE7A3ED)
fffff880`06824000 fffff880`0683a000   AgileVpn AgileVpn.sys Mon Jul 13 20:10:24 2009 (4A5BCCF0)
fffff880`0683a000 fffff880`06846000   ndistapi ndistapi.sys Mon Jul 13 20:10:00 2009 (4A5BCCD8)
fffff880`06848000 fffff880`069a0000   athrx    athrx.sys    Tue Jun 09 14:06:49 2009 (4A2EA4B9)
fffff880`069a0000 fffff880`069ad000   vwifibus vwifibus.sys Mon Jul 13 20:07:21 2009 (4A5BCC39)
fffff880`069ad000 fffff880`069b3c00   GEARAspiWDM GEARAspiWDM.sys Thu May 03 15:56:17 2012 (4FA2E2E1)
fffff880`069b4000 fffff880`069bf000   usbohci  usbohci.sys  Mon Jul 13 20:06:30 2009 (4A5BCC06)
fffff880`069bf000 fffff880`069d0000   usbehci  usbehci.sys  Sat Nov 20 05:43:54 2010 (4CE7A66A)
fffff880`069d0000 fffff880`069ee000   i8042prt i8042prt.sys Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`069ee000 fffff880`069fd000   kbdclass kbdclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`06c00000 fffff880`06c15000   NDProxy  NDProxy.SYS  Sat Nov 20 05:52:20 2010 (4CE7A864)
fffff880`06c15000 fffff880`06c30000   AtihdW76 AtihdW76.sys Fri May 11 04:25:40 2012 (4FACCD04)
fffff880`06c30000 fffff880`06c6d000   portcls  portcls.sys  Mon Jul 13 20:06:27 2009 (4A5BCC03)
fffff880`06c6d000 fffff880`06c8f000   drmk     drmk.sys     Mon Jul 13 21:01:25 2009 (4A5BD8E5)
fffff880`06c8f000 fffff880`06c94200   ksthunk  ksthunk.sys  Mon Jul 13 20:00:19 2009 (4A5BCA93)
fffff880`06c95000 fffff880`06cf1000   HdAudio  HdAudio.sys  Sat Nov 20 05:44:23 2010 (4CE7A687)
fffff880`06cf8000 fffff880`06d19000   raspptp  raspptp.sys  Sat Nov 20 05:52:31 2010 (4CE7A86F)
fffff880`06d19000 fffff880`06d33000   rassstp  rassstp.sys  Mon Jul 13 20:10:25 2009 (4A5BCCF1)
fffff880`06d33000 fffff880`06d34480   swenum   swenum.sys   Mon Jul 13 20:00:18 2009 (4A5BCA92)
fffff880`06d35000 fffff880`06d78000   ks       ks.sys       Sat Nov 20 05:33:23 2010 (4CE7A3F3)
fffff880`06d78000 fffff880`06d8c000   amdiox64 amdiox64.sys Thu Feb 18 10:17:53 2010 (4B7D5A21)
fffff880`06d8c000 fffff880`06d8fd80   LGBusEnum LGBusEnum.sys Mon Nov 23 20:36:48 2009 (4B0B38B0)
fffff880`06d90000 fffff880`06da2000   umbus    umbus.sys    Sat Nov 20 05:44:37 2010 (4CE7A695)
fffff880`06da2000 fffff880`06dfc000   usbhub   usbhub.sys   Sat Nov 20 05:44:30 2010 (4CE7A68E)
fffff880`07200000 fffff880`0720c000   dump_pciidex dump_pciidex.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`0720d000 fffff880`07dc0000   atikmdag atikmdag.sys Mon Apr 29 22:07:09 2013 (517F274D)
fffff880`07dc0000 fffff880`07de4000   HDAudBus HDAudBus.sys Sat Nov 20 05:43:42 2010 (4CE7A65E)
fffff880`07de4000 fffff880`07dff000   raspppoe raspppoe.sys Mon Jul 13 20:10:17 2009 (4A5BCCE9)
fffff880`07e56000 fffff880`07eef000   srv      srv.sys      Sat Nov 20 04:28:05 2010 (4CE794A5)
fffff880`07f2d000 fffff880`07f46000   HIDCLASS HIDCLASS.SYS Sat Nov 20 05:43:49 2010 (4CE7A665)
fffff880`07f5b000 fffff880`07f68000   mouhid   mouhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff880`07f68000 fffff880`07f76000   kbdhid   kbdhid.sys   Sat Nov 20 05:33:25 2010 (4CE7A3F5)
fffff880`07f76000 fffff880`07f78480   LGVirHid LGVirHid.sys Mon Nov 23 20:36:48 2009 (4B0B38B0)
fffff880`07f8b000 fffff880`07f93080   HIDPARSE HIDPARSE.SYS Mon Jul 13 20:06:17 2009 (4A5BCBF9)
fffff960`00040000 fffff960`00350000   win32k   win32k.sys   Sat Nov 20 04:52:51 2010 (4CE79A73)
fffff960`00560000 fffff960`0056a000   TSDDD    TSDDD.dll    Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff960`00760000 fffff960`00787000   cdd      cdd.dll      Sat Nov 20 07:55:34 2010 (4CE7C546)
fffff960`00800000 fffff960`00861000   ATMFD    ATMFD.DLL    Sat Nov 20 04:49:28 2010 (4CE799A8)

Unloaded modules:
fffff880`07f94000 fffff880`07fa9000   LGSHidFilt.S
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00015000
fffff880`07f79000 fffff880`07f87000   hidusb.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`07f46000 fffff880`07f5b000   LGSHidFilt.S
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00015000
fffff880`07f1f000 fffff880`07f2d000   hidusb.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`07eef000 fffff880`07f04000   LGSHidFilt.S
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00015000
fffff880`07e2b000 fffff880`07e44000   HIDCLASS.SYS
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00019000
fffff880`07e1d000 fffff880`07e2b000   hidusb.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`07f04000 fffff880`07f11000   mouhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000D000
fffff880`07f11000 fffff880`07f1f000   kbdhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`07e1b000 fffff880`07e1d000   MSPQM.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00002000
fffff880`07feb000 fffff880`08000000   LGSHidFilt.S
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00015000
fffff880`07fd2000 fffff880`07feb000   HIDCLASS.SYS
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00019000
fffff880`07fc4000 fffff880`07fd2000   hidusb.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`07e00000 fffff880`07e0d000   mouhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000D000
fffff880`07e0d000 fffff880`07e1b000   kbdhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`07f94000 fffff880`07fa9000   LGSHidFilt.S
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00015000
fffff880`07f72000 fffff880`07f8b000   HIDCLASS.SYS
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00019000
fffff880`07f64000 fffff880`07f72000   hidusb.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`07fa9000 fffff880`07fb6000   mouhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000D000
fffff880`07fb6000 fffff880`07fc4000   kbdhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`07f62000 fffff880`07f64000   MSPQM.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00002000
fffff880`07f60000 fffff880`07f62000   MSPQM.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00002000
fffff880`07eef000 fffff880`07f60000   spsys.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00071000
fffff880`019a7000 fffff880`019b5000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`019b5000 fffff880`019c1000   dump_pciidex
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000C000
fffff880`019c1000 fffff880`019cc000   dump_msahci.
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000B000
fffff880`019cc000 fffff880`019df000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00013000
start             end                 module name
fffff880`00eca000 fffff880`00f21000   ACPI     ACPI.sys     Sat Nov 20 04:19:16 2010 (4CE79294)
fffff880`02ceb000 fffff880`02d74000   afd      afd.sys      Sat Nov 20 04:23:27 2010 (4CE7938F)
fffff880`06824000 fffff880`0683a000   AgileVpn AgileVpn.sys Mon Jul 13 20:10:24 2009 (4A5BCCF0)
fffff880`06d78000 fffff880`06d8c000   amdiox64 amdiox64.sys Thu Feb 18 10:17:53 2010 (4B7D5A21)
fffff880`011c0000 fffff880`011d5000   amdppm   amdppm.sys   Mon Jul 13 19:19:25 2009 (4A5BC0FD)
fffff880`00e00000 fffff880`00e0b000   amdxata  amdxata.sys  Fri Mar 19 12:18:18 2010 (4BA3A3CA)
fffff880`03471000 fffff880`034a2000   AODDriver2 AODDriver2.sys Tue Mar 06 04:55:00 2012 (4F55DEF4)
fffff880`00fe4000 fffff880`00fed000   atapi    atapi.sys    Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00dd0000 fffff880`00dfa000   ataport  ataport.SYS  Sat Nov 20 04:19:15 2010 (4CE79293)
fffff880`06848000 fffff880`069a0000   athrx    athrx.sys    Tue Jun 09 14:06:49 2009 (4A2EA4B9)
fffff880`06c15000 fffff880`06c30000   AtihdW76 AtihdW76.sys Fri May 11 04:25:40 2012 (4FACCD04)
fffff880`0720d000 fffff880`07dc0000   atikmdag atikmdag.sys Mon Apr 29 22:07:09 2013 (517F274D)
fffff880`064ff000 fffff880`0655e000   atikmpag atikmpag.sys Mon Apr 29 22:48:15 2013 (517F30EF)
fffff960`00800000 fffff960`00861000   ATMFD    ATMFD.DLL    Sat Nov 20 04:49:28 2010 (4CE799A8)
fffff880`00f92000 fffff880`00f9e000   BATTC    BATTC.SYS    Mon Jul 13 19:31:01 2009 (4A5BC3B5)
fffff880`019e8000 fffff880`019ef000   Beep     Beep.SYS     Mon Jul 13 20:00:13 2009 (4A5BCA8D)
fffff880`02cd3000 fffff880`02ce4000   blbdrive blbdrive.sys Mon Jul 13 19:35:59 2009 (4A5BC4DF)
fffff880`03588000 fffff880`035a6000   bowser   bowser.sys   Mon Jul 13 19:23:50 2009 (4A5BC206)
fffff960`00760000 fffff960`00787000   cdd      cdd.dll      Sat Nov 20 07:55:34 2010 (4CE7C546)
fffff880`01600000 fffff880`0162a000   cdrom    cdrom.sys    Sat Nov 20 04:19:20 2010 (4CE79298)
fffff880`00cb4000 fffff880`00d74000   CI       CI.dll       Sat Nov 20 08:12:36 2010 (4CE7C944)
fffff880`01977000 fffff880`019a7000   CLASSPNP CLASSPNP.SYS Sat Nov 20 04:19:23 2010 (4CE7929B)
fffff880`00c56000 fffff880`00cb4000   CLFS     CLFS.SYS     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`0680f000 fffff880`06813500   CmBatt   CmBatt.sys   Mon Jul 13 19:31:03 2009 (4A5BC3B7)
fffff880`010d4000 fffff880`01146000   cng      cng.sys      Sat Nov 20 05:08:45 2010 (4CE79E2D)
fffff880`00f89000 fffff880`00f92000   compbatt compbatt.sys Mon Jul 13 19:31:02 2009 (4A5BC3B6)
fffff880`06814000 fffff880`06824000   CompositeBus CompositeBus.sys Sat Nov 20 05:33:17 2010 (4CE7A3ED)
fffff880`019a7000 fffff880`019b5000   crashdmp crashdmp.sys Mon Jul 13 20:01:01 2009 (4A5BCABD)
fffff880`02cb5000 fffff880`02cd3000   dfsc     dfsc.sys     Sat Nov 20 04:26:31 2010 (4CE79447)
fffff880`02ca6000 fffff880`02cb5000   discache discache.sys Mon Jul 13 19:37:18 2009 (4A5BC52E)
fffff880`01961000 fffff880`01977000   disk     disk.sys     Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`06c6d000 fffff880`06c8f000   drmk     drmk.sys     Mon Jul 13 21:01:25 2009 (4A5BD8E5)
fffff880`015aa000 fffff880`015f2000   dtsoftbus01 dtsoftbus01.sys Fri Feb 21 04:49:36 2014 (53072130)
fffff880`019b5000 fffff880`019c8000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
fffff880`064f4000 fffff880`064ff000   dump_msahci dump_msahci.sys Sat Nov 20 05:33:58 2010 (4CE7A416)
fffff880`07200000 fffff880`0720c000   dump_pciidex dump_pciidex.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`019c8000 fffff880`019d4000   Dxapi    Dxapi.sys    Mon Jul 13 19:38:28 2009 (4A5BC574)
fffff880`06400000 fffff880`064f4000   dxgkrnl  dxgkrnl.sys  Sat Nov 20 04:50:50 2010 (4CE799FA)
fffff880`0655e000 fffff880`065a4000   dxgmms1  dxgmms1.sys  Sat Nov 20 04:49:53 2010 (4CE799C1)
fffff880`01062000 fffff880`01076000   fileinfo fileinfo.sys Mon Jul 13 19:34:25 2009 (4A5BC481)
fffff880`01016000 fffff880`01062000   fltmgr   fltmgr.sys   Sat Nov 20 04:19:24 2010 (4CE7929C)
fffff880`013db000 fffff880`013e5000   Fs_Rec   Fs_Rec.sys   Mon Jul 13 19:19:45 2009 (4A5BC111)
fffff880`01927000 fffff880`01961000   fvevol   fvevol.sys   Sat Nov 20 04:24:06 2010 (4CE793B6)
fffff880`01834000 fffff880`0187e000   fwpkclnt fwpkclnt.sys Sat Nov 20 04:21:37 2010 (4CE79321)
fffff880`069ad000 fffff880`069b3c00   GEARAspiWDM GEARAspiWDM.sys Thu May 03 15:56:17 2012 (4FA2E2E1)
fffff800`02c1f000 fffff800`02c68000   hal      hal.dll      Sat Nov 20 08:00:25 2010 (4CE7C669)
fffff880`07dc0000 fffff880`07de4000   HDAudBus HDAudBus.sys Sat Nov 20 05:43:42 2010 (4CE7A65E)
fffff880`06c95000 fffff880`06cf1000   HdAudio  HdAudio.sys  Sat Nov 20 05:44:23 2010 (4CE7A687)
fffff880`07f2d000 fffff880`07f46000   HIDCLASS HIDCLASS.SYS Sat Nov 20 05:43:49 2010 (4CE7A665)
fffff880`07f8b000 fffff880`07f93080   HIDPARSE HIDPARSE.SYS Mon Jul 13 20:06:17 2009 (4A5BCBF9)
fffff880`034bf000 fffff880`03588000   HTTP     HTTP.sys     Sat Nov 20 04:24:30 2010 (4CE793CE)
fffff880`0191e000 fffff880`01927000   hwpolicy hwpolicy.sys Sat Nov 20 04:18:54 2010 (4CE7927E)
fffff880`069d0000 fffff880`069ee000   i8042prt i8042prt.sys Mon Jul 13 19:19:57 2009 (4A5BC11D)
fffff880`069ee000 fffff880`069fd000   kbdclass kbdclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`07f68000 fffff880`07f76000   kbdhid   kbdhid.sys   Sat Nov 20 05:33:25 2010 (4CE7A3F5)
fffff800`00bd0000 fffff800`00bda000   kdcom    kdcom.dll    Mon Jul 13 21:31:07 2009 (4A5BDFDB)
fffff880`06d35000 fffff880`06d78000   ks       ks.sys       Sat Nov 20 05:33:23 2010 (4CE7A3F3)
fffff880`013af000 fffff880`013ca000   ksecdd   ksecdd.sys   Sat Nov 20 04:21:15 2010 (4CE7930B)
fffff880`0157f000 fffff880`015aa000   ksecpkg  ksecpkg.sys  Sat Nov 20 05:10:34 2010 (4CE79E9A)
fffff880`06c8f000 fffff880`06c94200   ksthunk  ksthunk.sys  Mon Jul 13 20:00:19 2009 (4A5BCA93)
fffff880`06d8c000 fffff880`06d8fd80   LGBusEnum LGBusEnum.sys Mon Nov 23 20:36:48 2009 (4B0B38B0)
fffff880`07f76000 fffff880`07f78480   LGVirHid LGVirHid.sys Mon Nov 23 20:36:48 2009 (4B0B38B0)
fffff880`02905000 fffff880`0291a000   lltdio   lltdio.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`028c1000 fffff880`028e4000   luafv    luafv.sys    Mon Jul 13 19:26:13 2009 (4A5BC295)
fffff880`00c35000 fffff880`00c42000   mcupdate mcupdate.dll Mon Jul 13 21:29:09 2009 (4A5BDF65)
fffff880`028b3000 fffff880`028c1000   monitor  monitor.sys  Mon Jul 13 19:38:52 2009 (4A5BC58C)
fffff880`06800000 fffff880`0680f000   mouclass mouclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
fffff880`07f5b000 fffff880`07f68000   mouhid   mouhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
fffff880`00fca000 fffff880`00fe4000   mountmgr mountmgr.sys Sat Nov 20 04:19:21 2010 (4CE79299)
fffff880`035a6000 fffff880`035be000   mpsdrv   mpsdrv.sys   Mon Jul 13 20:08:25 2009 (4A5BCC79)
fffff880`035be000 fffff880`035eb000   mrxsmb   mrxsmb.sys   Sat Nov 20 04:27:41 2010 (4CE7948D)
fffff880`03400000 fffff880`0344d000   mrxsmb10 mrxsmb10.sys Sat Nov 20 04:26:53 2010 (4CE7945D)
fffff880`0344d000 fffff880`03471000   mrxsmb20 mrxsmb20.sys Sat Nov 20 04:26:47 2010 (4CE79457)
fffff880`00fed000 fffff880`00ff8000   msahci   msahci.sys   Sat Nov 20 05:33:58 2010 (4CE7A416)
fffff880`01146000 fffff880`01151000   Msfs     Msfs.SYS     Mon Jul 13 19:19:47 2009 (4A5BC113)
fffff880`00f2a000 fffff880`00f34000   msisadrv msisadrv.sys Mon Jul 13 19:19:26 2009 (4A5BC0FE)
fffff880`01076000 fffff880`010d4000   msrpc    msrpc.sys    Sat Nov 20 04:21:56 2010 (4CE79334)
fffff880`02c9b000 fffff880`02ca6000   mssmbios mssmbios.sys Mon Jul 13 19:31:10 2009 (4A5BC3BE)
fffff880`0190c000 fffff880`0191e000   mup      mup.sys      Mon Jul 13 19:23:45 2009 (4A5BC201)
fffff880`0142c000 fffff880`0151f000   ndis     ndis.sys     Sat Nov 20 04:23:30 2010 (4CE79392)
fffff880`0683a000 fffff880`06846000   ndistapi ndistapi.sys Mon Jul 13 20:10:00 2009 (4A5BCCD8)
fffff880`0296d000 fffff880`02980000   ndisuio  ndisuio.sys  Sat Nov 20 05:50:08 2010 (4CE7A7E0)
fffff880`00c00000 fffff880`00c2f000   ndiswan  ndiswan.sys  Sat Nov 20 05:52:32 2010 (4CE7A870)
fffff880`06c00000 fffff880`06c15000   NDProxy  NDProxy.SYS  Sat Nov 20 05:52:20 2010 (4CE7A864)
fffff880`02c00000 fffff880`02c0f000   netbios  netbios.sys  Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff880`02d74000 fffff880`02db9000   netbt    netbt.sys    Sat Nov 20 04:23:18 2010 (4CE79386)
fffff880`0151f000 fffff880`0157f000   NETIO    NETIO.SYS    Sat Nov 20 04:23:13 2010 (4CE79381)
fffff880`01151000 fffff880`01162000   Npfs     Npfs.SYS     Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`02c8f000 fffff880`02c9b000   nsiproxy nsiproxy.sys Mon Jul 13 19:21:02 2009 (4A5BC15E)
fffff800`02c68000 fffff800`03252000   nt       ntkrnlmp.exe Sat Nov 20 04:30:02 2010 (4CE7951A)
fffff880`0120c000 fffff880`013af000   Ntfs     Ntfs.sys     Sat Nov 20 04:20:57 2010 (4CE792F9)
fffff880`019df000 fffff880`019e8000   Null     Null.SYS     Mon Jul 13 19:19:37 2009 (4A5BC109)
fffff880`0291a000 fffff880`0296d000   nwifi    nwifi.sys    Mon Jul 13 20:07:23 2009 (4A5BCC3B)
fffff880`02dc2000 fffff880`02de8000   pacer    pacer.sys    Sat Nov 20 05:52:18 2010 (4CE7A862)
fffff880`00f74000 fffff880`00f89000   partmgr  partmgr.sys  Sat Nov 20 04:20:00 2010 (4CE792C0)
fffff880`00f34000 fffff880`00f67000   pci      pci.sys      Sat Nov 20 04:19:11 2010 (4CE7928F)
fffff880`00fb3000 fffff880`00fba000   pciide   pciide.sys   Mon Jul 13 19:19:49 2009 (4A5BC115)
fffff880`00fba000 fffff880`00fca000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:19:48 2009 (4A5BC114)
fffff880`013ca000 fffff880`013db000   pcw      pcw.sys      Mon Jul 13 19:19:27 2009 (4A5BC0FF)
fffff880`0546a000 fffff880`05510000   peauth   peauth.sys   Mon Jul 13 21:01:19 2009 (4A5BD8DF)
fffff880`06c30000 fffff880`06c6d000   portcls  portcls.sys  Mon Jul 13 20:06:27 2009 (4A5BCC03)
fffff880`00c42000 fffff880`00c56000   PSHED    PSHED.dll    Mon Jul 13 21:32:23 2009 (4A5BE027)
fffff880`011d5000 fffff880`011f9000   rasl2tp  rasl2tp.sys  Sat Nov 20 05:52:34 2010 (4CE7A872)
fffff880`07de4000 fffff880`07dff000   raspppoe raspppoe.sys Mon Jul 13 20:10:17 2009 (4A5BCCE9)
fffff880`06cf8000 fffff880`06d19000   raspptp  raspptp.sys  Sat Nov 20 05:52:31 2010 (4CE7A86F)
fffff880`06d19000 fffff880`06d33000   rassstp  rassstp.sys  Mon Jul 13 20:10:25 2009 (4A5BCCF1)
fffff880`02c3e000 fffff880`02c8f000   rdbss    rdbss.sys    Sat Nov 20 04:27:51 2010 (4CE79497)
fffff880`015f2000 fffff880`015fb000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`013f5000 fffff880`013fe000   rdpencdd rdpencdd.sys Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`01200000 fffff880`01209000   rdprefmp rdprefmp.sys Mon Jul 13 20:16:35 2009 (4A5BCE63)
fffff880`018d2000 fffff880`0190c000   rdyboost rdyboost.sys Sat Nov 20 04:43:10 2010 (4CE7982E)
fffff880`02980000 fffff880`02998000   rspndr   rspndr.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
fffff880`05510000 fffff880`0551b000   secdrv   secdrv.SYS   Wed Sep 13 09:18:38 2006 (4508052E)
fffff880`018ca000 fffff880`018d2000   spldr    spldr.sys    Mon May 11 12:56:27 2009 (4A0858BB)
fffff880`07e56000 fffff880`07eef000   srv      srv.sys      Sat Nov 20 04:28:05 2010 (4CE794A5)
fffff880`0555e000 fffff880`055c9000   srv2     srv2.sys     Sat Nov 20 04:27:43 2010 (4CE7948F)
fffff880`0551b000 fffff880`0554c000   srvnet   srvnet.sys   Sat Nov 20 04:27:20 2010 (4CE79478)
fffff880`06d33000 fffff880`06d34480   swenum   swenum.sys   Mon Jul 13 20:00:18 2009 (4A5BCA92)
fffff880`01630000 fffff880`01834000   tcpip    tcpip.sys    Sat Nov 20 04:25:52 2010 (4CE79420)
fffff880`0554c000 fffff880`0555e000   tcpipreg tcpipreg.sys Sat Nov 20 05:51:48 2010 (4CE7A844)
fffff880`01184000 fffff880`01191000   TDI      TDI.SYS      Sat Nov 20 04:22:06 2010 (4CE7933E)
fffff880`01162000 fffff880`01184000   tdx      tdx.sys      Sat Nov 20 04:21:54 2010 (4CE79332)
fffff880`02c2a000 fffff880`02c3e000   termdd   termdd.sys   Sat Nov 20 06:03:40 2010 (4CE7AB0C)
fffff960`00560000 fffff960`0056a000   TSDDD    TSDDD.dll    Mon Jul 13 20:16:34 2009 (4A5BCE62)
fffff880`01191000 fffff880`011b7000   tunnel   tunnel.sys   Sat Nov 20 05:51:50 2010 (4CE7A846)
fffff880`06d90000 fffff880`06da2000   umbus    umbus.sys    Sat Nov 20 05:44:37 2010 (4CE7A695)
fffff880`02866000 fffff880`02883000   usbccgp  usbccgp.sys  Sat Nov 20 05:44:03 2010 (4CE7A673)
fffff880`02883000 fffff880`02884f00   USBD     USBD.SYS     Mon Jul 13 20:06:23 2009 (4A5BCBFF)
fffff880`069bf000 fffff880`069d0000   usbehci  usbehci.sys  Sat Nov 20 05:43:54 2010 (4CE7A66A)
fffff880`06da2000 fffff880`06dfc000   usbhub   usbhub.sys   Sat Nov 20 05:44:30 2010 (4CE7A68E)
fffff880`069b4000 fffff880`069bf000   usbohci  usbohci.sys  Mon Jul 13 20:06:30 2009 (4A5BCC06)
fffff880`065a4000 fffff880`065fa000   USBPORT  USBPORT.SYS  Sat Nov 20 05:44:00 2010 (4CE7A670)
fffff880`02885000 fffff880`028b2280   usbvideo usbvideo.sys Sat Nov 20 05:44:34 2010 (4CE7A692)
fffff880`00f67000 fffff880`00f74000   vdrvroot vdrvroot.sys Mon Jul 13 20:01:31 2009 (4A5BCADB)
fffff880`019ef000 fffff880`019fd000   vga      vga.sys      Mon Jul 13 19:38:47 2009 (4A5BC587)
fffff880`01400000 fffff880`01425000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:38:51 2009 (4A5BC58B)
fffff880`00f9e000 fffff880`00fb3000   volmgr   volmgr.sys   Sat Nov 20 04:19:28 2010 (4CE792A0)
fffff880`00d74000 fffff880`00dd0000   volmgrx  volmgrx.sys  Sat Nov 20 04:20:43 2010 (4CE792EB)
fffff880`0187e000 fffff880`018ca000   volsnap  volsnap.sys  Sat Nov 20 04:20:08 2010 (4CE792C8)
fffff880`069a0000 fffff880`069ad000   vwifibus vwifibus.sys Mon Jul 13 20:07:21 2009 (4A5BCC39)
fffff880`02de8000 fffff880`02dfe000   vwififlt vwififlt.sys Mon Jul 13 20:07:22 2009 (4A5BCC3A)
fffff880`02c0f000 fffff880`02c2a000   wanarp   wanarp.sys   Sat Nov 20 05:52:36 2010 (4CE7A874)
fffff880`013e5000 fffff880`013f5000   watchdog watchdog.sys Mon Jul 13 19:37:35 2009 (4A5BC53F)
fffff880`00e17000 fffff880`00ebb000   Wdf01000 Wdf01000.sys Mon Jul 13 19:22:07 2009 (4A5BC19F)
fffff880`00ebb000 fffff880`00eca000   WDFLDR   WDFLDR.SYS   Mon Jul 13 19:19:54 2009 (4A5BC11A)
fffff880`02db9000 fffff880`02dc2000   wfplwf   wfplwf.sys   Mon Jul 13 20:09:26 2009 (4A5BCCB6)
fffff960`00040000 fffff960`00350000   win32k   win32k.sys   Sat Nov 20 04:52:51 2010 (4CE79A73)
fffff880`011b7000 fffff880`011c0000   wmiacpi  wmiacpi.sys  Mon Jul 13 19:31:02 2009 (4A5BC3B6)
fffff880`00f21000 fffff880`00f2a000   WMILIB   WMILIB.SYS   Mon Jul 13 19:19:51 2009 (4A5BC117)
fffff880`028e4000 fffff880`02905000   WudfPf   WudfPf.sys   Sat Nov 20 05:42:44 2010 (4CE7A624)

Unloaded modules:
fffff880`07f94000 fffff880`07fa9000   LGSHidFilt.S
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00015000
fffff880`07f79000 fffff880`07f87000   hidusb.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`07f46000 fffff880`07f5b000   LGSHidFilt.S
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00015000
fffff880`07f1f000 fffff880`07f2d000   hidusb.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`07eef000 fffff880`07f04000   LGSHidFilt.S
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00015000
fffff880`07e2b000 fffff880`07e44000   HIDCLASS.SYS
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00019000
fffff880`07e1d000 fffff880`07e2b000   hidusb.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`07f04000 fffff880`07f11000   mouhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000D000
fffff880`07f11000 fffff880`07f1f000   kbdhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`07e1b000 fffff880`07e1d000   MSPQM.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00002000
fffff880`07feb000 fffff880`08000000   LGSHidFilt.S
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00015000
fffff880`07fd2000 fffff880`07feb000   HIDCLASS.SYS
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00019000
fffff880`07fc4000 fffff880`07fd2000   hidusb.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`07e00000 fffff880`07e0d000   mouhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000D000
fffff880`07e0d000 fffff880`07e1b000   kbdhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`07f94000 fffff880`07fa9000   LGSHidFilt.S
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00015000
fffff880`07f72000 fffff880`07f8b000   HIDCLASS.SYS
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00019000
fffff880`07f64000 fffff880`07f72000   hidusb.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`07fa9000 fffff880`07fb6000   mouhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000D000
fffff880`07fb6000 fffff880`07fc4000   kbdhid.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`07f62000 fffff880`07f64000   MSPQM.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00002000
fffff880`07f60000 fffff880`07f62000   MSPQM.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00002000
fffff880`07eef000 fffff880`07f60000   spsys.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00071000
fffff880`019a7000 fffff880`019b5000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`019b5000 fffff880`019c1000   dump_pciidex
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000C000
fffff880`019c1000 fffff880`019cc000   dump_msahci.
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000B000
fffff880`019cc000 fffff880`019df000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00013000
Bugcheck code 000000D1
Arguments 00000000`00000044 00000000`00000002 00000000`00000000 fffff880`068a48c1

jcgriff2 is offline  
Old 03-23-2015, 06:43 AM   #3
Registered Member
 
Join Date: Mar 2008
Location: Toronto
Posts: 180
OS: win8.1, Win7, xp sp2+ all KB's except Net2,3, XML (kills webdav)


Send a message via Skype™ to sunnysky50m

Goto HP for latest drivers , although one is just the PCI card reader option

BSOD's on the ATIbtMon is a result of timeout response to kernel IO for this ATI monitor which may be caused by many things. In your case, I suspect .. way too many apps and services in background constantly scanning ports and registry values. ... BTW IO Bit had a free app once called XP Gamer to tweak all the crap off for Game more, ( perhaps now pay) tweak features that grossly affect game UX ( user experience)

The following services > win+R> (Run)> services.msc (enter) may be stopped and disabled.

Windows Search
Windows Update

or open CMD window > Win+R> cmd (enter)

and paste all this with right mouse
Quote:

net stop WSearch
net stop wuaserv


.
I would keep Windows Updates disabled as they just add bloat with slight security improvements, but MSVP will disagree. Best security is between your ears on downloads and web browsing, after reading up on recognizing Rogue downloads from Bleeping Computers.

I would even stop/ disable Windefend

Disable startups using ccleaner or (*sigh* msconfig) then disable CCleaner and Sidebar etc from autostart running.

Many ATI, Apple and other MS startups /services are not needed either.

But do this for now.
Make sure you are on ethernet , not Wifi with dropouts from multi-path.

A well tuned game machine in task manager under detailed processes should list under all users... less than 50... for Vista Win7/8/10 rather than 80~>100 and about half that for WinXP ( I've had as low as 16 in process list before running big Apps. )

G/L

Also set your paging file to auto if fixed on 16MB
sunnysky50m is offline  
Sponsored Links
Advertisement
 
Old 03-24-2015, 03:05 AM   #4
Administrator
Manager, Microsoft Support
Acting Manager, Security
BSOD Kernel Dump Expert
Microsoft Windows Insider MVP
 
jcgriff2's Avatar

Microsoft Most Valuable Professional
 
Join Date: Sep 2007
Location: New Jersey Shore
Posts: 34,338
OS: Windows 10, 8.1 + Windbg :)



Quote:
Originally Posted by sunnysky50m View Post

I would keep Windows Updates disabled as they just add bloat with slight security improvements, but MSVP will disagree.
The problem with that is that 3rd party drivers are being updated & are expecting the updated Microsoft Windows drivers.

Not applying Win Updts is asking for a slew of BSODs with 0xc5 exceptions, IMHO.
jcgriff2 is offline  
Old 03-25-2015, 06:53 PM   #5
Registered Member
 
Join Date: Mar 2008
Location: Toronto
Posts: 180
OS: win8.1, Win7, xp sp2+ all KB's except Net2,3, XML (kills webdav)


Send a message via Skype™ to sunnysky50m

I dont know of any such 3rd party dependencies on Windows updates whether User mode or not.

I find fully updated win7/8 x64 systems no more protected or stable than those with minimal updates (missing 200). BSODs may be malware but could also be crapware such as Scheduled Telemetry (ET Phone home) WUSA and Win SEARCH bloat.

I prefer to configure my machines to disable all animations, Win search/Index, WinDefender and WinUpdates off, with NO AV suite and just minimal browser addons like Ad-block ( the filter for crapware) or WOT for browsers and Heuristic EXE& Service install protection like Autostart ( mike Lin) or Winpatrol.. It doesn't stop everything that ADWcleaner can find but it helps user be aware of unexpected new startups.

But x000005's can be spurious from Registry shared access contention timeouts, soft RAM errors, excessive DPC rates ( Deferred Procedure Calls are an indicator of multi-task stack swaps) etc etc
sunnysky50m is offline  
Old 03-25-2015, 07:25 PM   #6
TSF Team, Emeritus
 
Patrick's Avatar

Microsoft Most Valuable Professional
 
Join Date: Apr 2012
Location: Ring 0
Posts: 4,349
OS: W8.1 x64



Quote:
I would keep Windows Updates disabled as they just add bloat with slight security improvements
This is the worst advice I've seen in months, sorry to say.

Why would you ever in your right mind disable updates, especially recommended security updates? Do you enjoy being vulnerable to extremely old EOP exploits that are patched?
Patrick is offline  
Old 03-25-2015, 11:27 PM   #7
Administrator
Manager, Microsoft Support
Acting Manager, Security
BSOD Kernel Dump Expert
Microsoft Windows Insider MVP
 
jcgriff2's Avatar

Microsoft Most Valuable Professional
 
Join Date: Sep 2007
Location: New Jersey Shore
Posts: 34,338
OS: Windows 10, 8.1 + Windbg :)



Quote:
Originally Posted by sunnysky50m View Post
I dont know of any such 3rd party dependencies on Windows updates whether User mode or not.
I can't name any with 100% certainty either.

I can only relate my findings and theories from processing 100,000s of mini kernel dump files over the last 7 years.

One example that I can give is that when Microsoft networking related drivers are updated (like tcpip.sys, netio.sys, etc...), it is not uncommon to see a rash of BSODs caused by out of date 3rd party networking drivers. that up until the time the W/U were installed, worked fine. The fix is to update the 3rd party networking driver (even though the Microsoft driver is usually named in the dump as the probable cause).

The reverse situation holds true as well. Updating 3rd party device drivers (like networking) but not applying Windows Updates can lead to very similar BSODs only in this case, the fix is to install the missing SPs/ Windows Updates.

When events as I have described in the networking driver example converge, the BSODs I see very often contain 0xc5 exceptions. The exact reason is unknown to me.

In your world, I suppose not updating 3rd party drivers + not applying Windows Updates would cancel each other out and equal no BSODs...? :)

I'm not here to tell you how to configure your system; rather I simply make suggestions based on experience. I fully believe that you should configure your system in a manner in which you are comfortable. It seems to me based on your posts that you are very familiar with your system and would know if something was wrong rather quickly (e.g., infection) and are capable of dealing with it. Most are not; hence one reason that I advise W/U installation.


Quote:
Originally Posted by sunnysky50m View Post
But x000005's can be spurious from Registry shared access contention timeouts, soft RAM errors, excessive DPC rates ( Deferred Procedure Calls are an indicator of multi-task stack swaps) etc etc
I am referring to exception code 0xc0000005 - memory access violation, aka "access denied" -
Code:
0xC0000005
STATUS_ACCESS_VIOLATION
 
The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
https://msdn.microsoft.com/en-us/lib...=PROT.10).aspx

I guess the items you mentioned could result in a 0xc5. I work with dozens of mini dumps per user and process them en masse (kd.exe + C++; not each one via Windbg) and therefore can't 100% prove the actual cause; just a guestimate based on what I've seen in 1,000s of similar dumps (patterns) over the years.
jcgriff2 is offline  
Old 03-26-2015, 01:09 AM   #8
Registered Member
 
Join Date: Mar 2008
Location: Toronto
Posts: 180
OS: win8.1, Win7, xp sp2+ all KB's except Net2,3, XML (kills webdav)


Send a message via Skype™ to sunnysky50m

Quote:
Originally Posted by Patrick View Post
This is the worst advice I've seen in months, sorry to say.

Why would you ever in your right mind disable updates, especially recommended security updates? Do you enjoy being vulnerable to extremely old EOP exploits that are patched?

This may tell you something of my experience, which is not a justification, just that I know what I am doing and feel the risk for ME is low with heuristic background scans.

I have been using MS software since DOS 1,0 and alerted Eugene Kaspersky in St. Petersburg by calling him in '99 about a root kit he had not heard of before. It rendered our IT mgr's main PC unbootable ( the one with all the NET passwords and setup parameters that wasn't backed up ! ) Interesting enough I got the same rootkit after I borrowed one of her floppies. But in her case she could not repair it after a week and in my case I repaired it in a few hours using Norton Disk Edit by changing the V attribute on the Windows Folder. Yes the V attribute is superhidden to define a file that only serves to give windows the Volume label. But if it was used on old Windows on any folder such as \Windows then like the Volume Label file, it becomes superhidden to the OS exec. So 1 byte killed the entire OS. I think I was using KAV 1.0 at the time.

Ever since then, I have followed all of Mark Russinovich's tools and learnt how to fix problems and detect them with light heuristic apps.

I know there are many vulnerabilities out there, but I can usually fix them far easier than put up with latency of security bloat and Scheduled Tasks that make it more robust but also change things you dont want changed.

I dont advocate my methods to others but I'll defend them and enjoy the performance boost of my cutbacks & tweaks to the OS.

I think the best Security is awareness of Rogues, not bloated scanner apps and Service Updates for obscure vulnerabilities such as stack overflows exacerbated by bloated apps.

I do enjoy Win8.1 but it still does more in the background than I would like.

Recall when they disabled explorer folder auto-refresh because it adds too much latency? Get my point?

Metro is for newbies or touch screens and not hard core users that prefer keyboards to fingers and mice.
sunnysky50m is offline  
Old 03-26-2015, 01:30 AM   #9
Registered Member
 
Join Date: Mar 2008
Location: Toronto
Posts: 180
OS: win8.1, Win7, xp sp2+ all KB's except Net2,3, XML (kills webdav)


Send a message via Skype™ to sunnysky50m

I do however use the latest OEM hardware drivers, but often disable the useless ones like AMD's for Customer experience monitoring or 3D service pr MS Keyboard app that fails to recognise the wireless MS Keyboard which came with the MS driver updates.. then I decided to stop all updates on 8.1

I have about 150 Apps installed, half are portable and 10% are only frequently used and none are games except the odd browser game like Entanglement. Belarc says I am missing 53 updates and t will stay that way until I find a good performance or security reason.

I'd really like to delete all the active RT tasks, but that's when I have time.
Maybe Win10 will be leaner with merged RT & Desktop , but whenever something is added, there is a performance hit.

And why do we really need to have constant monitoring with Telemetry for problems often not solvable by Telemetry feedback. But may be good for most other people who dont multitask as much as I do with the automated fixes and Customer UX Feedback.

I still feel I only know about 0.001% of what is running under the hood even from routine procmon dumps etc.

But I have a good feel for what is normal and abnormal and that works for me and low latency UX is normal for my setup.
sunnysky50m is offline  
Old 03-26-2015, 08:57 AM   #10
TSF Team, Emeritus
 
Patrick's Avatar

Microsoft Most Valuable Professional
 
Join Date: Apr 2012
Location: Ring 0
Posts: 4,349
OS: W8.1 x64



Quote:
I have been using MS software since DOS 1,0 and alerted Eugene Kaspersky in St. Petersburg by calling him in '99 about a root kit he had not heard of before.
Lol, what was this rootkit?

Quote:
I know there are many vulnerabilities out there, but I can usually fix them far easier than put up with latency of security bloat and Scheduled Tasks that make it more robust but also change things you dont want changed.
It has nothing to do with you being able to fix the ramifications of the vulnerabilities, especially since if you had WU enabled in the first place, you wouldn't have to deal with the ramifications in the first place. I am in awe at the idea that you'd work for a company as a sysadmin and possibly have updates disabled in a corporate environment, let alone a home environment.

Talking security updates, most if not all of them are nothing more than OS bug fixes through code. No "bloat" is added, and your system is not miraculously slower. For example, https://technet.microsoft.com/librar...or=-2147217396 the 1/4 Stuxnet exploit that was an EOP using a shell vulnerability to execute a shortcut with its icon when displayed.

Quote:
I think the best Security is awareness of Rogues
You're on the right track, yes. Of course awareness is the best tool vs. all malware, but simply refusing to enable updates which prevent and fix exploits make your life 100% more difficult than it needs to be. You're deliberately putting yourself at risk for no reason other than personal vendetta and love for the use of the word "bloated", but you've yet to prove anything.

Quote:
obscure vulnerabilities
Obscure? So using the example I used earlier (Stuxnet), you'd call a vulnerability that affected millions of users worldwide.. obscure? That's a pretty big number, especially when if it hadn't propagated into the public net, its 4 vulnerabilities probably would've never been patched.

This is just one example out of thousands of vulnerabilities that have allowed malware to move forward, we see it everyday. This is the reason we have security updates and regular pushes in the first place.

Quote:
I do enjoy Win8.1 but it still does more in the background than I would like.
Like what, care to elaborate?
Patrick is offline  
Old 03-30-2015, 08:39 AM   #11
Registered Member
 
Join Date: Mar 2008
Location: Toronto
Posts: 180
OS: win8.1, Win7, xp sp2+ all KB's except Net2,3, XML (kills webdav)


Send a message via Skype™ to sunnysky50m

Are you aware of the -v attribute that is undocumented which can hide the volume label file and \Windows folders? I found this in 1999 on WinNT using Norton Diskedit. Later in 2005 Mark Russinovich called these Rootkits but he was referring to AD from SONY.


Bloat? you mean like Metro or all the services and apps used by WinRT?

When I recently added XP to Win8.1 in a dual boot ( not supported by M$) and compared CPU use , XP was 99 to 100% idle, Win8.1 was 90% idle and many Metro tasks were updating in the background, when because I prefer the desktop to Metro, I find is a waste of resources. I hope rather than just merge RT with desktop in Win10 they also include a kill switch for WinRT aka Metro.

If I had a touch screen, perhaps I could get used to WinRT, but why do I need to swipe many screens to view all my Apps, when I can organize them in easy droplists sorted by category from my taskbar at the top ( using a folder of links in the desktop toolbar)

One only has to interpret the ProcMon logs to see the efficacy of Windows or lack of it. Persistent Polling and looking for dll's in prioritized order of locations constantly instead of Fuzzy Logic to learn and be alerted of changes. Persistent polling of network settings, and persistent integrity tests. Some is good but it could be done a lot smarter with internal notifications rather than polling.

I agree that the many stack buffer overflow fixes in KB updates were important, but not all as critical, if one has some awareness of how to be protected without massive supervision and redundant file scans on access. Of course like any Virus risk and Inoculation risk, exposure, experience and awareness determines the best practise.

I have always tried to infect myself on PC's that don't matter to test my ability to detect and clean them and easy methods like sendto>Virustotal for appraisal.

To get back on-topic on BSOD and WAUSA.exe,

- Make sure 3rd party drivers are updated without exception.
-Create a new user account and turn off all unnecessary startups, animations and scanners.
- run Memtest86+ from bootable media past test 8 or overnight
- run stress tests on games and flip screens (Alt+Tab) to test if DWM is causing issues.
- try to identify a repeatable pattern to cause BSOD's
sunnysky50m is offline  
Old 03-30-2015, 03:30 PM   #12
Registered Member
 
Join Date: Jun 2013
Posts: 6
OS: Windows 7



I appreciate the responses.

I've done everything suggested here save for running Memtest, which I plan to do tonight. I haven't had a BSOD since posting the thread.

I suspect it may have had something to do with the game patcher I was running at the time. The BSODs started when I initially ran it and stopped when the patch finished. Is it possible the issue had anything to do with downloading and writing to disk large amounts of data?
Phraustt is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Frequent BSOD's while surfing the internet and gaming
Hey guys! I have a strange problem regarding BSOD's. Like the title says, I'm having random BSOD's while just surfing the net (watching videos on Youtube, checking my e-mail, etc.) and while playing certain games. I ran memtest86 for about 9-10 hours and it passed with no errors. About five...
Freedon_Nadd BSOD, App Crashes And Hangs 10 12-25-2012 10:16 PM
[SOLVED] Frequent BSoD's
Been having frequent Bluescreens since I completed this build. It's pretty much all new parts aside from the PSU/Chassis/HDD's OS: 7 SP1 x64 Retail Sys Age: A couple weeks Have reinstalled windows CPU: Intel Core i7 3820 GPU(s): EVGA GeForce 670 (x2) Mobo: Asus Rampage Extreme IV PSU:...
n4n0 BSOD, App Crashes And Hangs 17 12-02-2012 09:40 AM
HDD to record on.
Hi I was looking around for a low size HDD that'll be fast for recording with Fraps. On a game such as MW2 I get stable 70-90 FPS But as soon as i hit that Fraps hotkey, its an instant drop to 30-45fps and it feels terribly laggy. I was thinking of buying a new HDD to record onto, but before...
bhstr99 Hard Drive Support 9 04-03-2011 04:06 PM
Slow/Not responsive
My pc has lately as expected gone very slow and not as responsive. At the start-up especially. I have to wait a good 2mins before touching anything or things start to 'Not respond' and such. I was wondering if you guys could recommend me ANYTHING that I could do to speed up my pc significantly....
bhstr99 Windows 7 , Windows Vista Support 18 03-26-2011 04:38 PM
[SOLVED] Getting Continuous BSODs For Past 2 Days.. Help!!
I'm getting the driver_irql_not_less_or_equal BSOD for past 2 days.. before my computer was doing this every 10-14 days.. but for past 2 days its doing it very frequently.. I followed the instructions using verifier and zipped the minidumps.. attached here.. please help..!!
syy_fyy BSOD, App Crashes And Hangs 14 03-22-2011 06:24 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 05:19 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts