Page 2 of 5 FirstFirst 1234 ... LastLast
Results 16 to 30 of 72
  1. #16
    5 Star Lounger
    Join Date
    Jan 2010
    Location
    Birkirkara, Malta
    Posts
    1,147
    Thanks
    180
    Thanked 7 Times in 7 Posts
    satrow, thanks again.
    OS Dual Boot Win 7 Pro 64 Bit-SP1 & IE11 & Win 8.1 Pro 64 Bit & IE11-Intel Core i7 2600K Processor LGA1155-Asus P867 Pro Motherboard-GTX550 Ti DirectCU Graphics Card-Memory 8GB

    Roy Whitethread

  2. #17
    5 Star Lounger
    Join Date
    Jan 2010
    Location
    Birkirkara, Malta
    Posts
    1,147
    Thanks
    180
    Thanked 7 Times in 7 Posts
    satrow, I followed your last instruction and rebooted, but when I entered the command verifier /querysettings all the settings I had previously enabled were disabled. I then ran verifier again, following the instructions in the sysnative link, and then when I entered verifier /query a list of drivers was shown. Does this mean DV has finished its task, and if so what else should I try, if anything?

    Please advise.

    Thanks and regards, Roy
    OS Dual Boot Win 7 Pro 64 Bit-SP1 & IE11 & Win 8.1 Pro 64 Bit & IE11-Intel Core i7 2600K Processor LGA1155-Asus P867 Pro Motherboard-GTX550 Ti DirectCU Graphics Card-Memory 8GB

    Roy Whitethread

  3. #18
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 207 Times in 181 Posts
    So, DV was disabled and then re-enabled + rebooted? If so, just allow it one more session, if no crash, then you can turn it off and reboot to Windows normally.

  4. #19
    5 Star Lounger
    Join Date
    Jan 2010
    Location
    Birkirkara, Malta
    Posts
    1,147
    Thanks
    180
    Thanked 7 Times in 7 Posts
    Minidump 070814-15163-01.zipsatrow, I just had another BSOD-the minidump zip file is attached and I await your further advice.

    Thanks and regards, Roy
    OS Dual Boot Win 7 Pro 64 Bit-SP1 & IE11 & Win 8.1 Pro 64 Bit & IE11-Intel Core i7 2600K Processor LGA1155-Asus P867 Pro Motherboard-GTX550 Ti DirectCU Graphics Card-Memory 8GB

    Roy Whitethread

  5. #20
    5 Star Lounger
    Join Date
    Jan 2010
    Location
    Birkirkara, Malta
    Posts
    1,147
    Thanks
    180
    Thanked 7 Times in 7 Posts
    I thought the problem might have been related to a faulty driver for my usb attached external hard drive, which is divided into 2 partitions, so when I rebooted it was with that drive switched off. Things then seemed to be working normally, and I had to be away from my computer for 3 hours or so today, and when I returned everything still seemed normal. However, when I connected to the internet for the first time today I got an immediate BSOD.

    The BSOD read as follows:

    "A device driver attempting to corrupt the system has been caught. The faulty driver currently on the kernel stack must be replaced with a working version.

    After various STOP codes the BSOD referred to aswSP.sys-Address FFFFF8800422854F-base at FFFFF88004200000. Date stamp 53b44384."

    I searched with the Everything app and deleted aswSP.sys files which were dated 4 July, but ignored others dating back to April and May. The files I deleted related to the Avast internet security self protection module, and to my knowledge no changes were made to the Avast program in July.

    I ran sfc /scannow, and no integrity violations were found.

    All actions referred to above were taken in Safe Mode with networking, and I am writing this post in that mode.

    I could not start Windows Live Mail-is that normal in Safe Mode with networking?

    Please advise further.

    Thanks and regards, Roy
    OS Dual Boot Win 7 Pro 64 Bit-SP1 & IE11 & Win 8.1 Pro 64 Bit & IE11-Intel Core i7 2600K Processor LGA1155-Asus P867 Pro Motherboard-GTX550 Ti DirectCU Graphics Card-Memory 8GB

    Roy Whitethread

  6. #21
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 207 Times in 181 Posts
    Thanks for the extra info, Roy.

    The driver flagged this time was dated the 2nd of July: aswSP.sys Wed Jul 2 18:38:12 2014 (53B44384), your crash history pre-dates this so it's not the only cause

    Given that both BSODs strongly suggest some security problem, I'm not going to suggest any 'fix' until I've had someone else look these over - stay tuned.

  7. #22
    New Lounger jcgriff2's Avatar
    Join Date
    Jul 2014
    Location
    New Jersey Shore
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hi -

    As satrow mentioned, the VERIFIER_ENABLED dump flagged Avast driver -
    Code:
    aswSP.sys    Wed Jul 02 13:38:12 2014 (53B44384)
    http://sysnative.com/drivers/driver.php?id=aswSP.SYS

    Please remove Avast with Avast removal tool - http://kb.eset.com/esetkb/index?page=content&id=SOLN146

    Install MSE for now - http://windows.microsoft.com/en-us/w...tials-download

    Update your SUPERAntiSpyware program installation -
    Code:
    SASDIFSV64.SYS Thu Jul 21 19:03:00 2011 (4E28B024)
    SASKUTIL64.SYS Tue Jul 12 17:00:01 2011 (4E1CB5D1)
    http://sysnative.com/drivers/driver.php?id=SASKUTIL64.SYS
    http://sysnative.com/drivers/driver.php?id=SASDIFSV64.SYS

    Remove Elby and any other virtual devices for now (you can reinstall after BSODs are solved) -
    Code:
    ElbyCDIO.sys Mon Mar 04 04:21:51 2013 (513467AF)
    http://sysnative.com/drivers/driver.php?id=ElbyCDIO.sys

    Virtual drives are known to cause (or contribute) to BSODs in Vista, Windows 7, 8, 8.1.

    Regards. . .

    jcgriff2

    Code:
    
    Microsoft (R) Windows Debugger Version 6.3.9600.16384 AMD64
    Copyright (c) Microsoft Corporation. All rights reserved.
    
    
    Loading Dump File [C:\Users\PalmDesert\SysnativeBSODApps\070814-15163-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available
    
    
    ************* Symbol Path validation summary **************
    Response                         Time (ms)     Location
    Deferred                                       SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
    Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
    Executable search path is: 
    Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 7601.18409.amd64fre.win7sp1_gdr.140303-2144
    Machine Name:
    Kernel base = 0xfffff800`03050000 PsLoadedModuleList = 0xfffff800`03293890
    Debug session time: Mon Jul  7 18:03:08.611 2014 (UTC - 4:00)
    System Uptime: 0 days 1:06:33.470
    Loading Kernel Symbols
    .Processing initial command '!analyze -v;r;kv;lmtn;lmtsmn;.bugcheck'
    ..............................................................
    ................................................................
    ......................................
    Loading User Symbols
    Loading unloaded module list
    ......
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    Use !analyze -v to get detailed debugging information.
    
    BugCheck C4, {0, 0, 1, 0}
    
    *** WARNING: Unable to verify timestamp for aswSP.sys
    *** ERROR: Module load completed but symbols could not be loaded for aswSP.sys
    Probably caused by : aswSP.sys ( aswSP+3501e )
    
    Followup: MachineOwner
    ---------
    
    0: kd> !analyze -v;r;kv;lmtn;lmtsmn;.bugcheck
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
    A device driver attempting to corrupt the system has been caught.  This is
    because the driver was specified in the registry as being suspect (by the
    administrator) and the kernel has enabled substantial checking of this driver.
    If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
    be among the most commonly seen crashes.
    Arguments:
    Arg1: 0000000000000000, caller is trying to allocate zero bytes
    Arg2: 0000000000000000, current IRQL
    Arg3: 0000000000000001, pool type
    Arg4: 0000000000000000, number of bytes
    
    Debugging Details:
    ------------------
    
    
    BUGCHECK_STR:  0xc4_0
    
    CURRENT_IRQL:  0
    
    CUSTOMER_CRASH_COUNT:  1
    
    DEFAULT_BUCKET_ID:  VERIFIER_ENABLED_VISTA_MINIDUMP
    
    PROCESS_NAME:  iexplore.exe
    
    ANALYSIS_VERSION: 6.3.9600.16384 (debuggers(dbg).130821-1623) amd64fre
    
    LAST_CONTROL_TRANSFER:  from fffff800035524ec to fffff800030c5bc0
    
    STACK_TEXT:  
    fffff880`0b11a408 fffff800`035524ec : 00000000`000000c4 00000000`00000000 00000000`00000000 00000000`00000001 : nt!KeBugCheckEx
    fffff880`0b11a410 fffff800`03552f2b : 0000007f`fffffff8 fffff880`0b11b341 00000000`00000000 00000000`00000000 : nt!VerifierBugCheckIfAppropriate+0x3c
    fffff880`0b11a450 fffff800`03563ba8 : 00000000`6e557641 00000000`00000081 fffff880`0b11a4b8 fffff880`80000000 : nt!ExAllocatePoolSanityChecks+0xcb
    fffff880`0b11a490 fffff800`0356401d : 00000000`00000000 00000000`00000000 00000000`6e557641 00000000`00000000 : nt!VeAllocatePoolWithTagPriority+0x88
    fffff880`0b11a500 fffff880`0403501e : ffffffff`8000134c 00000000`00000010 00000000`00000000 00000000`00000000 : nt!VerifierExAllocatePoolEx+0x1d
    fffff880`0b11a540 ffffffff`8000134c : 00000000`00000010 00000000`00000000 00000000`00000000 fffff880`0b11a5a0 : aswSP+0x3501e
    fffff880`0b11a548 00000000`00000010 : 00000000`00000000 00000000`00000000 fffff880`0b11a5a0 fffff880`0b11a5b0 : 0xffffffff`8000134c
    fffff880`0b11a550 00000000`00000000 : 00000000`00000000 fffff880`0b11a5a0 fffff880`0b11a5b0 fffffa80`00000010 : 0x10
    
    
    STACK_COMMAND:  kb
    
    FOLLOWUP_IP: 
    aswSP+3501e
    fffff880`0403501e ??              ???
    
    SYMBOL_STACK_INDEX:  5
    
    SYMBOL_NAME:  aswSP+3501e
    
    FOLLOWUP_NAME:  MachineOwner
    
    MODULE_NAME: aswSP
    
    IMAGE_NAME:  aswSP.sys
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  53b44384
    
    FAILURE_BUCKET_ID:  X64_0xc4_0_VRF_aswSP+3501e
    
    BUCKET_ID:  X64_0xc4_0_VRF_aswSP+3501e
    
    ANALYSIS_SOURCE:  KM
    
    FAILURE_ID_HASH_STRING:  km:x64_0xc4_0_vrf_aswsp+3501e
    
    FAILURE_ID_HASH:  {e8d58a6d-653e-4c59-c32a-fa3f050ba644}
    
    Followup: MachineOwner
    ---------
    
    rax=0000000000000000 rbx=00000000000000c4 rcx=00000000000000c4
    rdx=0000000000000000 rsi=00000000000000c4 rdi=0000000000000000
    rip=fffff800030c5bc0 rsp=fffff8800b11a408 rbp=0000000000000000
     r8=0000000000000000  r9=0000000000000001 r10=fffff8000359fc58
    r11=0000000000000006 r12=0000000000000000 r13=0000000000000020
    r14=fffff8800403501e r15=0000000000000002
    iopl=0         nv up ei pl nz na pe nc
    cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00000202
    nt!KeBugCheckEx:
    fffff800`030c5bc0 48894c2408      mov     qword ptr [rsp+8],rcx ss:0018:fffff880`0b11a410=00000000000000c4
    Child-SP          RetAddr           : Args to Child                                                           : Call Site
    fffff880`0b11a408 fffff800`035524ec : 00000000`000000c4 00000000`00000000 00000000`00000000 00000000`00000001 : nt!KeBugCheckEx
    fffff880`0b11a410 fffff800`03552f2b : 0000007f`fffffff8 fffff880`0b11b341 00000000`00000000 00000000`00000000 : nt!VerifierBugCheckIfAppropriate+0x3c
    fffff880`0b11a450 fffff800`03563ba8 : 00000000`6e557641 00000000`00000081 fffff880`0b11a4b8 fffff880`80000000 : nt!ExAllocatePoolSanityChecks+0xcb
    fffff880`0b11a490 fffff800`0356401d : 00000000`00000000 00000000`00000000 00000000`6e557641 00000000`00000000 : nt!VeAllocatePoolWithTagPriority+0x88
    fffff880`0b11a500 fffff880`0403501e : ffffffff`8000134c 00000000`00000010 00000000`00000000 00000000`00000000 : nt!VerifierExAllocatePoolEx+0x1d
    fffff880`0b11a540 ffffffff`8000134c : 00000000`00000010 00000000`00000000 00000000`00000000 fffff880`0b11a5a0 : aswSP+0x3501e
    fffff880`0b11a548 00000000`00000010 : 00000000`00000000 00000000`00000000 fffff880`0b11a5a0 fffff880`0b11a5b0 : 0xffffffff`8000134c
    fffff880`0b11a550 00000000`00000000 : 00000000`00000000 fffff880`0b11a5a0 fffff880`0b11a5b0 fffffa80`00000010 : 0x10
    start             end                 module name
    fffff800`00bc6000 fffff800`00bd0000   kdcom    kdcom.dll    Sat Feb 05 11:52:49 2011 (4D4D8061)
    fffff800`03007000 fffff800`03050000   hal      hal.dll      Sat Nov 20 08:00:25 2010 (4CE7C669)
    fffff800`03050000 fffff800`03635000   nt       ntkrnlmp.exe Tue Mar 04 03:38:19 2014 (531590FB)
    fffff880`00c00000 fffff880`00c39000   aswVmm   aswVmm.sys   Thu Jun 26 07:35:49 2014 (53AC0595)
    fffff880`00c4a000 fffff880`00c99000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Sat Nov 20 08:03:51 2010 (4CE7C737)
    fffff880`00c99000 fffff880`00cad000   PSHED    PSHED.dll    Mon Jul 13 21:32:23 2009 (4A5BE027)
    fffff880`00cad000 fffff880`00d0b000   CLFS     CLFS.SYS     Mon Jul 13 19:19:57 2009 (4A5BC11D)
    fffff880`00d0b000 fffff880`00dcb000   CI       CI.dll       Sat Nov 20 08:12:36 2010 (4CE7C944)
    fffff880`00e00000 fffff880`00e57000   ACPI     ACPI.sys     Sat Nov 20 04:19:16 2010 (4CE79294)
    fffff880`00e57000 fffff880`00e60000   WMILIB   WMILIB.SYS   Mon Jul 13 19:19:51 2009 (4A5BC117)
    fffff880`00e60000 fffff880`00e6a000   msisadrv msisadrv.sys Mon Jul 13 19:19:26 2009 (4A5BC0FE)
    fffff880`00e6a000 fffff880`00e9d000   pci      pci.sys      Sat Nov 20 04:19:11 2010 (4CE7928F)
    fffff880`00e9d000 fffff880`00eaa000   vdrvroot vdrvroot.sys Mon Jul 13 20:01:31 2009 (4A5BCADB)
    fffff880`00eaa000 fffff880`00ebf000   partmgr  partmgr.sys  Sat Mar 17 01:06:09 2012 (4F641BC1)
    fffff880`00ebf000 fffff880`00ed4000   volmgr   volmgr.sys   Sat Nov 20 04:19:28 2010 (4CE792A0)
    fffff880`00ed4000 fffff880`00ef6000   tdx      tdx.sys      Sat Nov 20 04:21:54 2010 (4CE79332)
    fffff880`00efc000 fffff880`00fbe000   Wdf01000 Wdf01000.sys Fri Jun 21 23:13:05 2013 (51C51641)
    fffff880`00fbe000 fffff880`00fce000   WDFLDR   WDFLDR.SYS   Wed Jul 25 22:29:04 2012 (5010AB70)
    fffff880`00fce000 fffff880`00ff8000   cdrom    cdrom.sys    Sat Nov 20 04:19:20 2010 (4CE79298)
    fffff880`01000000 fffff880`0105e000   msrpc    msrpc.sys    Sat Nov 20 04:21:56 2010 (4CE79334)
    fffff880`0105e000 fffff880`0106d000   discache discache.sys Mon Jul 13 19:37:18 2009 (4A5BC52E)
    fffff880`01070000 fffff880`010cc000   volmgrx  volmgrx.sys  Sat Nov 20 04:20:43 2010 (4CE792EB)
    fffff880`010cc000 fffff880`010d3000   pciide   pciide.sys   Mon Jul 13 19:19:49 2009 (4A5BC115)
    fffff880`010d3000 fffff880`010e3000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:19:48 2009 (4A5BC114)
    fffff880`010e3000 fffff880`010fd000   mountmgr mountmgr.sys Sat Nov 20 04:19:21 2010 (4CE79299)
    fffff880`010fd000 fffff880`01106000   atapi    atapi.sys    Mon Jul 13 19:19:47 2009 (4A5BC113)
    fffff880`01106000 fffff880`01130000   ataport  ataport.SYS  Sun Aug 04 21:02:45 2013 (51FEF9B5)
    fffff880`01130000 fffff880`0113b000   msahci   msahci.sys   Sat Nov 20 05:33:58 2010 (4CE7A416)
    fffff880`0113b000 fffff880`01146000   amdxata  amdxata.sys  Fri Mar 19 12:18:18 2010 (4BA3A3CA)
    fffff880`01146000 fffff880`01192000   fltmgr   fltmgr.sys   Sat Nov 20 04:19:24 2010 (4CE7929C)
    fffff880`01192000 fffff880`011a6000   fileinfo fileinfo.sys Mon Jul 13 19:34:25 2009 (4A5BC481)
    fffff880`011a6000 fffff880`011d6000   CLASSPNP CLASSPNP.SYS Sat Nov 20 04:19:23 2010 (4CE7929B)
    fffff880`011d6000 fffff880`011e9000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
    fffff880`011e9000 fffff880`011fa000   Npfs     Npfs.SYS     Mon Jul 13 19:19:48 2009 (4A5BC114)
    fffff880`01200000 fffff880`0120c000   ElbyCDIO ElbyCDIO.sys Mon Mar 04 04:21:51 2013 (513467AF)
    fffff880`0120d000 fffff880`013b6000   Ntfs     Ntfs.sys     Thu Jan 23 20:14:50 2014 (52E1BE8A)
    fffff880`013b6000 fffff880`013d1000   ksecdd   ksecdd.sys   Fri Apr 11 21:08:30 2014 (5348920E)
    fffff880`013d1000 fffff880`013e4000   aswRvrt  aswRvrt.sys  Thu Jun 26 07:35:39 2014 (53AC058B)
    fffff880`013e4000 fffff880`013f0000   dump_dumpata dump_dumpata.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
    fffff880`01400000 fffff880`0144c000   volsnap  volsnap.sys  Sat Nov 20 04:20:08 2010 (4CE792C8)
    fffff880`0144c000 fffff880`0145e000   mup      mup.sys      Mon Jul 13 19:23:45 2009 (4A5BC201)
    fffff880`0145e000 fffff880`01498000   fvevol   fvevol.sys   Wed Jan 23 22:11:24 2013 (5100A65C)
    fffff880`01499000 fffff880`0150b000   cng      cng.sys      Wed Aug 01 11:48:07 2012 (50194FB7)
    fffff880`0150b000 fffff880`0151c000   pcw      pcw.sys      Mon Jul 13 19:19:27 2009 (4A5BC0FF)
    fffff880`0151c000 fffff880`01526000   Fs_Rec   Fs_Rec.sys   Wed Feb 29 22:41:06 2012 (4F4EEFD2)
    fffff880`01526000 fffff880`0156f000   fwpkclnt fwpkclnt.sys Fri Apr 04 21:23:21 2014 (533F5B09)
    fffff880`0156f000 fffff880`015df000   aswNdisFlt aswNdisFlt.sys Thu Jun 26 07:36:26 2014 (53AC05BA)
    fffff880`015df000 fffff880`015f5000   disk     disk.sys     Mon Jul 13 19:19:57 2009 (4A5BC11D)
    fffff880`01600000 fffff880`01660000   NETIO    NETIO.SYS    Tue Nov 26 05:21:01 2013 (5294760D)
    fffff880`01660000 fffff880`0168c000   ksecpkg  ksecpkg.sys  Fri Apr 11 21:24:10 2014 (534895BA)
    fffff880`0168c000 fffff880`0169c000   vmstorfl vmstorfl.sys Sat Nov 20 04:57:30 2010 (4CE79B8A)
    fffff880`0169c000 fffff880`016a4000   spldr    spldr.sys    Mon May 11 12:56:27 2009 (4A0858BB)
    fffff880`016a4000 fffff880`016ba000   NBVol    NBVol.sys    Mon Nov 21 20:22:00 2011 (4ECAF938)
    fffff880`016ba000 fffff880`016c3000   NBVolUp  NBVolUp.sys  Mon Nov 21 20:25:20 2011 (4ECAFA00)
    fffff880`016c3000 fffff880`016cc000   hwpolicy hwpolicy.sys Sat Nov 20 04:18:54 2010 (4CE7927E)
    fffff880`016d3000 fffff880`017c5000   ndis     ndis.sys     Wed Aug 22 11:11:46 2012 (5034F6B2)
    fffff880`017c5000 fffff880`017ff000   rdyboost rdyboost.sys Sat Nov 20 04:43:10 2010 (4CE7982E)
    fffff880`01801000 fffff880`01a00000   tcpip    tcpip.sys    Fri Apr 04 21:26:44 2014 (533F5BD4)
    fffff880`02400000 fffff880`02422000   aswMonFlt aswMonFlt.sys Thu Jun 26 07:32:51 2014 (53AC04E3)
    fffff880`02422000 fffff880`0243b000   aswStm   aswStm.sys   Thu Jun 26 07:47:09 2014 (53AC083D)
    fffff880`0243b000 fffff880`02450000   lltdio   lltdio.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
    fffff880`02450000 fffff880`02468000   rspndr   rspndr.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
    fffff880`02495000 fffff880`02936d00   lvuvc64  lvuvc64.sys  Wed Jan 18 01:41:08 2012 (4F166984)
    fffff880`02937000 fffff880`02951d00   usbaudio usbaudio.sys Fri Jul 12 06:40:58 2013 (51DFDD3A)
    fffff880`02952000 fffff880`029a5a80   lvrs64   lvrs64.sys   Wed Jan 18 01:40:36 2012 (4F166964)
    fffff880`029a6000 fffff880`029b4000   monitor  monitor.sys  Mon Jul 13 19:38:52 2009 (4A5BC58C)
    fffff880`029b4000 fffff880`029c5000   usbscan  usbscan.sys  Wed Jul 03 00:40:12 2013 (51D3AB2C)
    fffff880`029c5000 fffff880`029d1000   usbprint usbprint.sys Mon Jul 13 20:38:18 2009 (4A5BD37A)
    fffff880`029d1000 fffff880`029f4000   luafv    luafv.sys    Mon Jul 13 19:26:13 2009 (4A5BC295)
    fffff880`04000000 fffff880`0406e000   aswSP    aswSP.sys    Wed Jul 02 13:38:12 2014 (53B44384)
    fffff880`0406e000 fffff880`04077000   Null     Null.SYS     Mon Jul 13 19:19:37 2009 (4A5BC109)
    fffff880`04077000 fffff880`0407e000   Beep     Beep.SYS     Mon Jul 13 20:00:13 2009 (4A5BCA8D)
    fffff880`0407e000 fffff880`04088000   aswKbd   aswKbd.sys   Thu Jun 26 07:34:01 2014 (53AC0529)
    fffff880`04088000 fffff880`04096000   vga      vga.sys      Mon Jul 13 19:38:47 2009 (4A5BC587)
    fffff880`04096000 fffff880`04198000   aswSnx   aswSnx.sys   Thu Jun 26 07:34:44 2014 (53AC0554)
    fffff880`04198000 fffff880`041bd000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:38:51 2009 (4A5BC58B)
    fffff880`041bd000 fffff880`041cd000   watchdog watchdog.sys Mon Jul 13 19:37:35 2009 (4A5BC53F)
    fffff880`041cd000 fffff880`041d6000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:16:34 2009 (4A5BCE62)
    fffff880`041d6000 fffff880`041df000   rdpencdd rdpencdd.sys Mon Jul 13 20:16:34 2009 (4A5BCE62)
    fffff880`041df000 fffff880`041e8000   rdprefmp rdprefmp.sys Mon Jul 13 20:16:35 2009 (4A5BCE63)
    fffff880`041e8000 fffff880`041f3000   Msfs     Msfs.SYS     Mon Jul 13 19:19:47 2009 (4A5BC113)
    fffff880`041f3000 fffff880`04200000   TDI      TDI.SYS      Sat Nov 20 04:22:06 2010 (4CE7933E)
    fffff880`04200000 fffff880`04224000   rasl2tp  rasl2tp.sys  Sat Nov 20 05:52:34 2010 (4CE7A872)
    fffff880`04224000 fffff880`04230000   ndistapi ndistapi.sys Mon Jul 13 20:10:00 2009 (4A5BCCD8)
    fffff880`04230000 fffff880`0425f000   ndiswan  ndiswan.sys  Sat Nov 20 05:52:32 2010 (4CE7A870)
    fffff880`0425f000 fffff880`0427a000   raspppoe raspppoe.sys Mon Jul 13 20:10:17 2009 (4A5BCCE9)
    fffff880`0427a000 fffff880`0429b000   raspptp  raspptp.sys  Sat Nov 20 05:52:31 2010 (4CE7A86F)
    fffff880`0429b000 fffff880`042b5000   rassstp  rassstp.sys  Mon Jul 13 20:10:25 2009 (4A5BCCF1)
    fffff880`042b5000 fffff880`042c0000   rdpbus   rdpbus.sys   Mon Jul 13 20:17:46 2009 (4A5BCEAA)
    fffff880`042c0000 fffff880`042cf000   kbdclass kbdclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
    fffff880`042cf000 fffff880`04339000   asmtxhci asmtxhci.sys Fri Aug 16 15:28:42 2013 (520E7D6A)
    fffff880`04339000 fffff880`04377000   1394ohci 1394ohci.sys Sat Nov 20 05:44:56 2010 (4CE7A6A8)
    fffff880`04377000 fffff880`04383000   serenum  serenum.sys  Mon Jul 13 20:00:33 2009 (4A5BCAA1)
    fffff880`04383000 fffff880`043aa000   AnyDVD   AnyDVD.sys   Thu Apr 24 17:13:59 2014 (53597E97)
    fffff880`043aa000 fffff880`043b3000   wmiacpi  wmiacpi.sys  Mon Jul 13 19:31:02 2009 (4A5BC3B6)
    fffff880`043b3000 fffff880`043c9000   intelppm intelppm.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD)
    fffff880`043c9000 fffff880`043d9000   CompositeBus CompositeBus.sys Sat Nov 20 05:33:17 2010 (4CE7A3ED)
    fffff880`043d9000 fffff880`043ef000   AgileVpn AgileVpn.sys Mon Jul 13 20:10:24 2009 (4A5BCCF0)
    fffff880`043ef000 fffff880`043fe000   mouclass mouclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
    fffff880`043fe000 fffff880`043ff480   swenum   swenum.sys   Mon Jul 13 20:00:18 2009 (4A5BCA92)
    fffff880`04400000 fffff880`04426000   pacer    pacer.sys    Sat Nov 20 05:52:18 2010 (4CE7A862)
    fffff880`04426000 fffff880`04435000   netbios  netbios.sys  Mon Jul 13 20:09:26 2009 (4A5BCCB6)
    fffff880`04435000 fffff880`04452000   serial   serial.sys   Mon Jul 13 20:00:40 2009 (4A5BCAA8)
    fffff880`04452000 fffff880`0446d000   wanarp   wanarp.sys   Sat Nov 20 05:52:36 2010 (4CE7A874)
    fffff880`0446d000 fffff880`04481000   termdd   termdd.sys   Sat Nov 20 06:03:40 2010 (4CE7AB0C)
    fffff880`04481000 fffff880`0448b000   SASKUTIL64 SASKUTIL64.SYS Tue Jul 12 17:00:01 2011 (4E1CB5D1)
    fffff880`0448b000 fffff880`04495000   SASDIFSV64 SASDIFSV64.SYS Thu Jul 21 19:03:00 2011 (4E28B024)
    fffff880`04495000 fffff880`044e6000   rdbss    rdbss.sys    Sat Nov 20 04:27:51 2010 (4CE79497)
    fffff880`044e6000 fffff880`044f2000   nsiproxy nsiproxy.sys Mon Jul 13 19:21:02 2009 (4A5BC15E)
    fffff880`044f9000 fffff880`04582000   afd      afd.sys      Fri Sep 27 21:09:07 2013 (52462C33)
    fffff880`04582000 fffff880`0459c000   aswRdr2  aswRdr2.sys  Thu Jun 26 07:33:28 2014 (53AC0508)
    fffff880`0459c000 fffff880`045e1000   netbt    netbt.sys    Sat Nov 20 04:23:18 2010 (4CE79386)
    fffff880`045e1000 fffff880`045ea000   wfplwf   wfplwf.sys   Mon Jul 13 20:09:26 2009 (4A5BCCB6)
    fffff880`045ea000 fffff880`045f5000   mssmbios mssmbios.sys Mon Jul 13 19:31:10 2009 (4A5BC3BE)
    fffff880`045f5000 fffff880`04600000   dump_msahci dump_msahci.sys Sat Nov 20 05:33:58 2010 (4CE7A416)
    fffff880`04803000 fffff880`04886000   csc      csc.sys      Sat Nov 20 04:27:12 2010 (4CE79470)
    fffff880`04886000 fffff880`048a4000   dfsc     dfsc.sys     Sat Nov 20 04:26:31 2010 (4CE79447)
    fffff880`048a4000 fffff880`048b5000   blbdrive blbdrive.sys Mon Jul 13 19:35:59 2009 (4A5BC4DF)
    fffff880`048b5000 fffff880`048db000   tunnel   tunnel.sys   Sat Nov 20 05:51:50 2010 (4CE7A846)
    fffff880`048db000 fffff880`04957000   e1c62x64 e1c62x64.sys Wed Aug 21 05:27:22 2013 (521487FA)
    fffff880`04957000 fffff880`049ad000   USBPORT  USBPORT.SYS  Tue Nov 26 20:41:11 2013 (52954DB7)
    fffff880`049ad000 fffff880`049f0000   ks       ks.sys       Sat Nov 20 05:33:23 2010 (4CE7A3F3)
    fffff880`049f0000 fffff880`049fe000   crashdmp crashdmp.sys Mon Jul 13 20:01:01 2009 (4A5BCABD)
    fffff880`05000000 fffff880`0500c000   Dxapi    Dxapi.sys    Mon Jul 13 19:38:28 2009 (4A5BC574)
    fffff880`0500c000 fffff880`05019000   mouhid   mouhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
    fffff880`05021000 fffff880`0507b000   usbhub   usbhub.sys   Tue Nov 26 20:41:36 2013 (52954DD0)
    fffff880`0507b000 fffff880`05090000   NDProxy  NDProxy.SYS  Sat Nov 20 05:52:20 2010 (4CE7A864)
    fffff880`05090000 fffff880`050ec000   HdAudio  HdAudio.sys  Sat Nov 20 05:44:23 2010 (4CE7A687)
    fffff880`050ec000 fffff880`05129000   portcls  portcls.sys  Thu Oct 03 21:36:02 2013 (524E1B82)
    fffff880`05129000 fffff880`0514b000   drmk     drmk.sys     Thu Oct 03 22:16:30 2013 (524E24FE)
    fffff880`0514b000 fffff880`05150200   ksthunk  ksthunk.sys  Mon Jul 13 20:00:19 2009 (4A5BCA93)
    fffff880`05151000 fffff880`0516e000   usbccgp  usbccgp.sys  Tue Nov 26 20:41:15 2013 (52954DBB)
    fffff880`0516e000 fffff880`0517c000   hidusb   hidusb.sys   Sat Nov 20 05:43:49 2010 (4CE7A665)
    fffff880`0517c000 fffff880`05195000   HIDCLASS HIDCLASS.SYS Wed Jul 03 00:05:05 2013 (51D3A2F1)
    fffff880`05195000 fffff880`051a3000   kbdhid   kbdhid.sys   Sat Nov 20 05:33:25 2010 (4CE7A3F5)
    fffff880`051a3000 fffff880`051dc000   keyscrambler keyscrambler.sys Fri May 31 10:52:52 2013 (51A8B944)
    fffff880`051dc000 fffff880`051f7000   USBSTOR  USBSTOR.SYS  Thu Mar 10 23:37:16 2011 (4D79A6FC)
    fffff880`05600000 fffff880`05608080   HIDPARSE HIDPARSE.SYS Wed Jul 03 00:05:04 2013 (51D3A2F0)
    fffff880`0560d000 fffff880`059d2900   RTKVHD64 RTKVHD64.sys Wed May 14 06:28:52 2014 (53734564)
    fffff880`059d3000 fffff880`059f8000   asmthub3 asmthub3.sys Fri Aug 16 15:28:54 2013 (520E7D76)
    fffff880`059f8000 fffff880`059f9e80   USBD     USBD.SYS     Tue Nov 26 20:41:03 2013 (52954DAF)
    fffff880`06600000 fffff880`06624000   mrxsmb20 mrxsmb20.sys Tue Apr 26 22:39:37 2011 (4DB781E9)
    fffff880`06624000 fffff880`0662e000   aswHwid  aswHwid.sys  Thu Jun 26 07:31:26 2014 (53AC048E)
    fffff880`06683000 fffff880`0674c000   HTTP     HTTP.sys     Sat Nov 20 04:24:30 2010 (4CE793CE)
    fffff880`0674c000 fffff880`0676a000   bowser   bowser.sys   Tue Feb 22 23:55:04 2011 (4D649328)
    fffff880`0676a000 fffff880`06782000   mpsdrv   mpsdrv.sys   Mon Jul 13 20:08:25 2009 (4A5BCC79)
    fffff880`06782000 fffff880`067af000   mrxsmb   mrxsmb.sys   Tue Apr 26 22:40:38 2011 (4DB78226)
    fffff880`067af000 fffff880`067fd000   mrxsmb10 mrxsmb10.sys Fri Jul 08 22:46:28 2011 (4E17C104)
    fffff880`09600000 fffff880`09669000   srv2     srv2.sys     Thu Apr 28 23:05:46 2011 (4DBA2B0A)
    fffff880`096b5000 fffff880`0975b000   peauth   peauth.sys   Mon Jul 13 21:01:19 2009 (4A5BD8DF)
    fffff880`0975b000 fffff880`09766000   secdrv   secdrv.SYS   Wed Sep 13 09:18:38 2006 (4508052E)
    fffff880`09766000 fffff880`09797000   srvnet   srvnet.sys   Thu Apr 28 23:05:35 2011 (4DBA2AFF)
    fffff880`09797000 fffff880`097a9000   tcpipreg tcpipreg.sys Wed Oct 03 12:07:26 2012 (506C62BE)
    fffff880`09c81000 fffff880`09d19000   srv      srv.sys      Thu Apr 28 23:06:06 2011 (4DBA2B1E)
    fffff880`0afea000 fffff880`0aff3000   psi_mf   psi_mf.sys   Wed Sep 01 03:53:14 2010 (4C7E066A)
    fffff880`0aff3000 fffff880`0affe000   asyncmac asyncmac.sys Mon Jul 13 20:10:13 2009 (4A5BCCE5)
    fffff880`0f000000 fffff880`0f046000   dxgmms1  dxgmms1.sys  Tue Apr 09 23:27:15 2013 (5164DC13)
    fffff880`0f046000 fffff880`0f06a000   HDAudBus HDAudBus.sys Sat Nov 20 05:43:42 2010 (4CE7A65E)
    fffff880`0f071000 fffff880`0fcd5000   nvlddmkm nvlddmkm.sys Mon May 19 19:08:44 2014 (537A8EFC)
    fffff880`0fcd5000 fffff880`0fdc9000   dxgkrnl  dxgkrnl.sys  Thu Aug 01 03:58:53 2013 (51FA153D)
    fffff880`0fdc9000 fffff880`0fdda000   HECIx64  HECIx64.sys  Tue Oct 19 19:33:43 2010 (4CBE2AD7)
    fffff880`0fdda000 fffff880`0fdec000   usbehci  usbehci.sys  Tue Nov 26 20:41:11 2013 (52954DB7)
    fffff880`0fdec000 fffff880`0fdfe000   umbus    umbus.sys    Sat Nov 20 05:44:37 2010 (4CE7A695)
    fffff960`00070000 fffff960`00387000   win32k   win32k.sys   Thu Feb 06 20:23:07 2014 (52F4357B)
    fffff960`004d0000 fffff960`004da000   TSDDD    TSDDD.dll    unavailable (00000000)
    fffff960`007a0000 fffff960`007c7000   cdd      cdd.dll      Thu Feb 03 06:25:25 2011 (4D4A90A5)
    
    Unloaded modules:
    fffff880`09d19000 fffff880`09d8a000   spsys.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  00071000
    fffff880`0aa16000 fffff880`0afea000   iqvw64e.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  005D4000
    fffff880`013e4000 fffff880`013f2000   crashdmp.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  0000E000
    fffff880`013f2000 fffff880`013fe000   dump_pciidex
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  0000C000
    fffff880`015f5000 fffff880`01600000   dump_msahci.
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  0000B000
    fffff880`011d6000 fffff880`011e9000   dump_dumpfve
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  00013000
    start             end                 module name
    fffff880`04339000 fffff880`04377000   1394ohci 1394ohci.sys Sat Nov 20 05:44:56 2010 (4CE7A6A8)
    fffff880`00e00000 fffff880`00e57000   ACPI     ACPI.sys     Sat Nov 20 04:19:16 2010 (4CE79294)
    fffff880`044f9000 fffff880`04582000   afd      afd.sys      Fri Sep 27 21:09:07 2013 (52462C33)
    fffff880`043d9000 fffff880`043ef000   AgileVpn AgileVpn.sys Mon Jul 13 20:10:24 2009 (4A5BCCF0)
    fffff880`0113b000 fffff880`01146000   amdxata  amdxata.sys  Fri Mar 19 12:18:18 2010 (4BA3A3CA)
    fffff880`04383000 fffff880`043aa000   AnyDVD   AnyDVD.sys   Thu Apr 24 17:13:59 2014 (53597E97)
    fffff880`059d3000 fffff880`059f8000   asmthub3 asmthub3.sys Fri Aug 16 15:28:54 2013 (520E7D76)
    fffff880`042cf000 fffff880`04339000   asmtxhci asmtxhci.sys Fri Aug 16 15:28:42 2013 (520E7D6A)
    fffff880`06624000 fffff880`0662e000   aswHwid  aswHwid.sys  Thu Jun 26 07:31:26 2014 (53AC048E)
    fffff880`0407e000 fffff880`04088000   aswKbd   aswKbd.sys   Thu Jun 26 07:34:01 2014 (53AC0529)
    fffff880`02400000 fffff880`02422000   aswMonFlt aswMonFlt.sys Thu Jun 26 07:32:51 2014 (53AC04E3)
    fffff880`0156f000 fffff880`015df000   aswNdisFlt aswNdisFlt.sys Thu Jun 26 07:36:26 2014 (53AC05BA)
    fffff880`04582000 fffff880`0459c000   aswRdr2  aswRdr2.sys  Thu Jun 26 07:33:28 2014 (53AC0508)
    fffff880`013d1000 fffff880`013e4000   aswRvrt  aswRvrt.sys  Thu Jun 26 07:35:39 2014 (53AC058B)
    fffff880`04096000 fffff880`04198000   aswSnx   aswSnx.sys   Thu Jun 26 07:34:44 2014 (53AC0554)
    fffff880`04000000 fffff880`0406e000   aswSP    aswSP.sys    Wed Jul 02 13:38:12 2014 (53B44384)
    fffff880`02422000 fffff880`0243b000   aswStm   aswStm.sys   Thu Jun 26 07:47:09 2014 (53AC083D)
    fffff880`00c00000 fffff880`00c39000   aswVmm   aswVmm.sys   Thu Jun 26 07:35:49 2014 (53AC0595)
    fffff880`0aff3000 fffff880`0affe000   asyncmac asyncmac.sys Mon Jul 13 20:10:13 2009 (4A5BCCE5)
    fffff880`010fd000 fffff880`01106000   atapi    atapi.sys    Mon Jul 13 19:19:47 2009 (4A5BC113)
    fffff880`01106000 fffff880`01130000   ataport  ataport.SYS  Sun Aug 04 21:02:45 2013 (51FEF9B5)
    fffff880`04077000 fffff880`0407e000   Beep     Beep.SYS     Mon Jul 13 20:00:13 2009 (4A5BCA8D)
    fffff880`048a4000 fffff880`048b5000   blbdrive blbdrive.sys Mon Jul 13 19:35:59 2009 (4A5BC4DF)
    fffff880`0674c000 fffff880`0676a000   bowser   bowser.sys   Tue Feb 22 23:55:04 2011 (4D649328)
    fffff960`007a0000 fffff960`007c7000   cdd      cdd.dll      Thu Feb 03 06:25:25 2011 (4D4A90A5)
    fffff880`00fce000 fffff880`00ff8000   cdrom    cdrom.sys    Sat Nov 20 04:19:20 2010 (4CE79298)
    fffff880`00d0b000 fffff880`00dcb000   CI       CI.dll       Sat Nov 20 08:12:36 2010 (4CE7C944)
    fffff880`011a6000 fffff880`011d6000   CLASSPNP CLASSPNP.SYS Sat Nov 20 04:19:23 2010 (4CE7929B)
    fffff880`00cad000 fffff880`00d0b000   CLFS     CLFS.SYS     Mon Jul 13 19:19:57 2009 (4A5BC11D)
    fffff880`01499000 fffff880`0150b000   cng      cng.sys      Wed Aug 01 11:48:07 2012 (50194FB7)
    fffff880`043c9000 fffff880`043d9000   CompositeBus CompositeBus.sys Sat Nov 20 05:33:17 2010 (4CE7A3ED)
    fffff880`049f0000 fffff880`049fe000   crashdmp crashdmp.sys Mon Jul 13 20:01:01 2009 (4A5BCABD)
    fffff880`04803000 fffff880`04886000   csc      csc.sys      Sat Nov 20 04:27:12 2010 (4CE79470)
    fffff880`04886000 fffff880`048a4000   dfsc     dfsc.sys     Sat Nov 20 04:26:31 2010 (4CE79447)
    fffff880`0105e000 fffff880`0106d000   discache discache.sys Mon Jul 13 19:37:18 2009 (4A5BC52E)
    fffff880`015df000 fffff880`015f5000   disk     disk.sys     Mon Jul 13 19:19:57 2009 (4A5BC11D)
    fffff880`05129000 fffff880`0514b000   drmk     drmk.sys     Thu Oct 03 22:16:30 2013 (524E24FE)
    fffff880`013e4000 fffff880`013f0000   dump_dumpata dump_dumpata.sys Mon Jul 13 19:19:47 2009 (4A5BC113)
    fffff880`011d6000 fffff880`011e9000   dump_dumpfve dump_dumpfve.sys Mon Jul 13 19:21:51 2009 (4A5BC18F)
    fffff880`045f5000 fffff880`04600000   dump_msahci dump_msahci.sys Sat Nov 20 05:33:58 2010 (4CE7A416)
    fffff880`05000000 fffff880`0500c000   Dxapi    Dxapi.sys    Mon Jul 13 19:38:28 2009 (4A5BC574)
    fffff880`0fcd5000 fffff880`0fdc9000   dxgkrnl  dxgkrnl.sys  Thu Aug 01 03:58:53 2013 (51FA153D)
    fffff880`0f000000 fffff880`0f046000   dxgmms1  dxgmms1.sys  Tue Apr 09 23:27:15 2013 (5164DC13)
    fffff880`048db000 fffff880`04957000   e1c62x64 e1c62x64.sys Wed Aug 21 05:27:22 2013 (521487FA)
    fffff880`01200000 fffff880`0120c000   ElbyCDIO ElbyCDIO.sys Mon Mar 04 04:21:51 2013 (513467AF)
    fffff880`01192000 fffff880`011a6000   fileinfo fileinfo.sys Mon Jul 13 19:34:25 2009 (4A5BC481)
    fffff880`01146000 fffff880`01192000   fltmgr   fltmgr.sys   Sat Nov 20 04:19:24 2010 (4CE7929C)
    fffff880`0151c000 fffff880`01526000   Fs_Rec   Fs_Rec.sys   Wed Feb 29 22:41:06 2012 (4F4EEFD2)
    fffff880`0145e000 fffff880`01498000   fvevol   fvevol.sys   Wed Jan 23 22:11:24 2013 (5100A65C)
    fffff880`01526000 fffff880`0156f000   fwpkclnt fwpkclnt.sys Fri Apr 04 21:23:21 2014 (533F5B09)
    fffff800`03007000 fffff800`03050000   hal      hal.dll      Sat Nov 20 08:00:25 2010 (4CE7C669)
    fffff880`0f046000 fffff880`0f06a000   HDAudBus HDAudBus.sys Sat Nov 20 05:43:42 2010 (4CE7A65E)
    fffff880`05090000 fffff880`050ec000   HdAudio  HdAudio.sys  Sat Nov 20 05:44:23 2010 (4CE7A687)
    fffff880`0fdc9000 fffff880`0fdda000   HECIx64  HECIx64.sys  Tue Oct 19 19:33:43 2010 (4CBE2AD7)
    fffff880`0517c000 fffff880`05195000   HIDCLASS HIDCLASS.SYS Wed Jul 03 00:05:05 2013 (51D3A2F1)
    fffff880`05600000 fffff880`05608080   HIDPARSE HIDPARSE.SYS Wed Jul 03 00:05:04 2013 (51D3A2F0)
    fffff880`0516e000 fffff880`0517c000   hidusb   hidusb.sys   Sat Nov 20 05:43:49 2010 (4CE7A665)
    fffff880`06683000 fffff880`0674c000   HTTP     HTTP.sys     Sat Nov 20 04:24:30 2010 (4CE793CE)
    fffff880`016c3000 fffff880`016cc000   hwpolicy hwpolicy.sys Sat Nov 20 04:18:54 2010 (4CE7927E)
    fffff880`043b3000 fffff880`043c9000   intelppm intelppm.sys Mon Jul 13 19:19:25 2009 (4A5BC0FD)
    fffff880`042c0000 fffff880`042cf000   kbdclass kbdclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
    fffff880`05195000 fffff880`051a3000   kbdhid   kbdhid.sys   Sat Nov 20 05:33:25 2010 (4CE7A3F5)
    fffff800`00bc6000 fffff800`00bd0000   kdcom    kdcom.dll    Sat Feb 05 11:52:49 2011 (4D4D8061)
    fffff880`051a3000 fffff880`051dc000   keyscrambler keyscrambler.sys Fri May 31 10:52:52 2013 (51A8B944)
    fffff880`049ad000 fffff880`049f0000   ks       ks.sys       Sat Nov 20 05:33:23 2010 (4CE7A3F3)
    fffff880`013b6000 fffff880`013d1000   ksecdd   ksecdd.sys   Fri Apr 11 21:08:30 2014 (5348920E)
    fffff880`01660000 fffff880`0168c000   ksecpkg  ksecpkg.sys  Fri Apr 11 21:24:10 2014 (534895BA)
    fffff880`0514b000 fffff880`05150200   ksthunk  ksthunk.sys  Mon Jul 13 20:00:19 2009 (4A5BCA93)
    fffff880`0243b000 fffff880`02450000   lltdio   lltdio.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
    fffff880`029d1000 fffff880`029f4000   luafv    luafv.sys    Mon Jul 13 19:26:13 2009 (4A5BC295)
    fffff880`02952000 fffff880`029a5a80   lvrs64   lvrs64.sys   Wed Jan 18 01:40:36 2012 (4F166964)
    fffff880`02495000 fffff880`02936d00   lvuvc64  lvuvc64.sys  Wed Jan 18 01:41:08 2012 (4F166984)
    fffff880`00c4a000 fffff880`00c99000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Sat Nov 20 08:03:51 2010 (4CE7C737)
    fffff880`029a6000 fffff880`029b4000   monitor  monitor.sys  Mon Jul 13 19:38:52 2009 (4A5BC58C)
    fffff880`043ef000 fffff880`043fe000   mouclass mouclass.sys Mon Jul 13 19:19:50 2009 (4A5BC116)
    fffff880`0500c000 fffff880`05019000   mouhid   mouhid.sys   Mon Jul 13 20:00:20 2009 (4A5BCA94)
    fffff880`010e3000 fffff880`010fd000   mountmgr mountmgr.sys Sat Nov 20 04:19:21 2010 (4CE79299)
    fffff880`0676a000 fffff880`06782000   mpsdrv   mpsdrv.sys   Mon Jul 13 20:08:25 2009 (4A5BCC79)
    fffff880`06782000 fffff880`067af000   mrxsmb   mrxsmb.sys   Tue Apr 26 22:40:38 2011 (4DB78226)
    fffff880`067af000 fffff880`067fd000   mrxsmb10 mrxsmb10.sys Fri Jul 08 22:46:28 2011 (4E17C104)
    fffff880`06600000 fffff880`06624000   mrxsmb20 mrxsmb20.sys Tue Apr 26 22:39:37 2011 (4DB781E9)
    fffff880`01130000 fffff880`0113b000   msahci   msahci.sys   Sat Nov 20 05:33:58 2010 (4CE7A416)
    fffff880`041e8000 fffff880`041f3000   Msfs     Msfs.SYS     Mon Jul 13 19:19:47 2009 (4A5BC113)
    fffff880`00e60000 fffff880`00e6a000   msisadrv msisadrv.sys Mon Jul 13 19:19:26 2009 (4A5BC0FE)
    fffff880`01000000 fffff880`0105e000   msrpc    msrpc.sys    Sat Nov 20 04:21:56 2010 (4CE79334)
    fffff880`045ea000 fffff880`045f5000   mssmbios mssmbios.sys Mon Jul 13 19:31:10 2009 (4A5BC3BE)
    fffff880`0144c000 fffff880`0145e000   mup      mup.sys      Mon Jul 13 19:23:45 2009 (4A5BC201)
    fffff880`016a4000 fffff880`016ba000   NBVol    NBVol.sys    Mon Nov 21 20:22:00 2011 (4ECAF938)
    fffff880`016ba000 fffff880`016c3000   NBVolUp  NBVolUp.sys  Mon Nov 21 20:25:20 2011 (4ECAFA00)
    fffff880`016d3000 fffff880`017c5000   ndis     ndis.sys     Wed Aug 22 11:11:46 2012 (5034F6B2)
    fffff880`04224000 fffff880`04230000   ndistapi ndistapi.sys Mon Jul 13 20:10:00 2009 (4A5BCCD8)
    fffff880`04230000 fffff880`0425f000   ndiswan  ndiswan.sys  Sat Nov 20 05:52:32 2010 (4CE7A870)
    fffff880`0507b000 fffff880`05090000   NDProxy  NDProxy.SYS  Sat Nov 20 05:52:20 2010 (4CE7A864)
    fffff880`04426000 fffff880`04435000   netbios  netbios.sys  Mon Jul 13 20:09:26 2009 (4A5BCCB6)
    fffff880`0459c000 fffff880`045e1000   netbt    netbt.sys    Sat Nov 20 04:23:18 2010 (4CE79386)
    fffff880`01600000 fffff880`01660000   NETIO    NETIO.SYS    Tue Nov 26 05:21:01 2013 (5294760D)
    fffff880`011e9000 fffff880`011fa000   Npfs     Npfs.SYS     Mon Jul 13 19:19:48 2009 (4A5BC114)
    fffff880`044e6000 fffff880`044f2000   nsiproxy nsiproxy.sys Mon Jul 13 19:21:02 2009 (4A5BC15E)
    fffff800`03050000 fffff800`03635000   nt       ntkrnlmp.exe Tue Mar 04 03:38:19 2014 (531590FB)
    fffff880`0120d000 fffff880`013b6000   Ntfs     Ntfs.sys     Thu Jan 23 20:14:50 2014 (52E1BE8A)
    fffff880`0406e000 fffff880`04077000   Null     Null.SYS     Mon Jul 13 19:19:37 2009 (4A5BC109)
    fffff880`0f071000 fffff880`0fcd5000   nvlddmkm nvlddmkm.sys Mon May 19 19:08:44 2014 (537A8EFC)
    fffff880`04400000 fffff880`04426000   pacer    pacer.sys    Sat Nov 20 05:52:18 2010 (4CE7A862)
    fffff880`00eaa000 fffff880`00ebf000   partmgr  partmgr.sys  Sat Mar 17 01:06:09 2012 (4F641BC1)
    fffff880`00e6a000 fffff880`00e9d000   pci      pci.sys      Sat Nov 20 04:19:11 2010 (4CE7928F)
    fffff880`010cc000 fffff880`010d3000   pciide   pciide.sys   Mon Jul 13 19:19:49 2009 (4A5BC115)
    fffff880`010d3000 fffff880`010e3000   PCIIDEX  PCIIDEX.SYS  Mon Jul 13 19:19:48 2009 (4A5BC114)
    fffff880`0150b000 fffff880`0151c000   pcw      pcw.sys      Mon Jul 13 19:19:27 2009 (4A5BC0FF)
    fffff880`096b5000 fffff880`0975b000   peauth   peauth.sys   Mon Jul 13 21:01:19 2009 (4A5BD8DF)
    fffff880`050ec000 fffff880`05129000   portcls  portcls.sys  Thu Oct 03 21:36:02 2013 (524E1B82)
    fffff880`00c99000 fffff880`00cad000   PSHED    PSHED.dll    Mon Jul 13 21:32:23 2009 (4A5BE027)
    fffff880`0afea000 fffff880`0aff3000   psi_mf   psi_mf.sys   Wed Sep 01 03:53:14 2010 (4C7E066A)
    fffff880`04200000 fffff880`04224000   rasl2tp  rasl2tp.sys  Sat Nov 20 05:52:34 2010 (4CE7A872)
    fffff880`0425f000 fffff880`0427a000   raspppoe raspppoe.sys Mon Jul 13 20:10:17 2009 (4A5BCCE9)
    fffff880`0427a000 fffff880`0429b000   raspptp  raspptp.sys  Sat Nov 20 05:52:31 2010 (4CE7A86F)
    fffff880`0429b000 fffff880`042b5000   rassstp  rassstp.sys  Mon Jul 13 20:10:25 2009 (4A5BCCF1)
    fffff880`04495000 fffff880`044e6000   rdbss    rdbss.sys    Sat Nov 20 04:27:51 2010 (4CE79497)
    fffff880`042b5000 fffff880`042c0000   rdpbus   rdpbus.sys   Mon Jul 13 20:17:46 2009 (4A5BCEAA)
    fffff880`041cd000 fffff880`041d6000   RDPCDD   RDPCDD.sys   Mon Jul 13 20:16:34 2009 (4A5BCE62)
    fffff880`041d6000 fffff880`041df000   rdpencdd rdpencdd.sys Mon Jul 13 20:16:34 2009 (4A5BCE62)
    fffff880`041df000 fffff880`041e8000   rdprefmp rdprefmp.sys Mon Jul 13 20:16:35 2009 (4A5BCE63)
    fffff880`017c5000 fffff880`017ff000   rdyboost rdyboost.sys Sat Nov 20 04:43:10 2010 (4CE7982E)
    fffff880`02450000 fffff880`02468000   rspndr   rspndr.sys   Mon Jul 13 20:08:50 2009 (4A5BCC92)
    fffff880`0560d000 fffff880`059d2900   RTKVHD64 RTKVHD64.sys Wed May 14 06:28:52 2014 (53734564)
    fffff880`0448b000 fffff880`04495000   SASDIFSV64 SASDIFSV64.SYS Thu Jul 21 19:03:00 2011 (4E28B024)
    fffff880`04481000 fffff880`0448b000   SASKUTIL64 SASKUTIL64.SYS Tue Jul 12 17:00:01 2011 (4E1CB5D1)
    fffff880`0975b000 fffff880`09766000   secdrv   secdrv.SYS   Wed Sep 13 09:18:38 2006 (4508052E)
    fffff880`04377000 fffff880`04383000   serenum  serenum.sys  Mon Jul 13 20:00:33 2009 (4A5BCAA1)
    fffff880`04435000 fffff880`04452000   serial   serial.sys   Mon Jul 13 20:00:40 2009 (4A5BCAA8)
    fffff880`0169c000 fffff880`016a4000   spldr    spldr.sys    Mon May 11 12:56:27 2009 (4A0858BB)
    fffff880`09c81000 fffff880`09d19000   srv      srv.sys      Thu Apr 28 23:06:06 2011 (4DBA2B1E)
    fffff880`09600000 fffff880`09669000   srv2     srv2.sys     Thu Apr 28 23:05:46 2011 (4DBA2B0A)
    fffff880`09766000 fffff880`09797000   srvnet   srvnet.sys   Thu Apr 28 23:05:35 2011 (4DBA2AFF)
    fffff880`043fe000 fffff880`043ff480   swenum   swenum.sys   Mon Jul 13 20:00:18 2009 (4A5BCA92)
    fffff880`01801000 fffff880`01a00000   tcpip    tcpip.sys    Fri Apr 04 21:26:44 2014 (533F5BD4)
    fffff880`09797000 fffff880`097a9000   tcpipreg tcpipreg.sys Wed Oct 03 12:07:26 2012 (506C62BE)
    fffff880`041f3000 fffff880`04200000   TDI      TDI.SYS      Sat Nov 20 04:22:06 2010 (4CE7933E)
    fffff880`00ed4000 fffff880`00ef6000   tdx      tdx.sys      Sat Nov 20 04:21:54 2010 (4CE79332)
    fffff880`0446d000 fffff880`04481000   termdd   termdd.sys   Sat Nov 20 06:03:40 2010 (4CE7AB0C)
    fffff960`004d0000 fffff960`004da000   TSDDD    TSDDD.dll    unavailable (00000000)
    fffff880`048b5000 fffff880`048db000   tunnel   tunnel.sys   Sat Nov 20 05:51:50 2010 (4CE7A846)
    fffff880`0fdec000 fffff880`0fdfe000   umbus    umbus.sys    Sat Nov 20 05:44:37 2010 (4CE7A695)
    fffff880`02937000 fffff880`02951d00   usbaudio usbaudio.sys Fri Jul 12 06:40:58 2013 (51DFDD3A)
    fffff880`05151000 fffff880`0516e000   usbccgp  usbccgp.sys  Tue Nov 26 20:41:15 2013 (52954DBB)
    fffff880`059f8000 fffff880`059f9e80   USBD     USBD.SYS     Tue Nov 26 20:41:03 2013 (52954DAF)
    fffff880`0fdda000 fffff880`0fdec000   usbehci  usbehci.sys  Tue Nov 26 20:41:11 2013 (52954DB7)
    fffff880`05021000 fffff880`0507b000   usbhub   usbhub.sys   Tue Nov 26 20:41:36 2013 (52954DD0)
    fffff880`04957000 fffff880`049ad000   USBPORT  USBPORT.SYS  Tue Nov 26 20:41:11 2013 (52954DB7)
    fffff880`029c5000 fffff880`029d1000   usbprint usbprint.sys Mon Jul 13 20:38:18 2009 (4A5BD37A)
    fffff880`029b4000 fffff880`029c5000   usbscan  usbscan.sys  Wed Jul 03 00:40:12 2013 (51D3AB2C)
    fffff880`051dc000 fffff880`051f7000   USBSTOR  USBSTOR.SYS  Thu Mar 10 23:37:16 2011 (4D79A6FC)
    fffff880`00e9d000 fffff880`00eaa000   vdrvroot vdrvroot.sys Mon Jul 13 20:01:31 2009 (4A5BCADB)
    fffff880`04088000 fffff880`04096000   vga      vga.sys      Mon Jul 13 19:38:47 2009 (4A5BC587)
    fffff880`04198000 fffff880`041bd000   VIDEOPRT VIDEOPRT.SYS Mon Jul 13 19:38:51 2009 (4A5BC58B)
    fffff880`0168c000 fffff880`0169c000   vmstorfl vmstorfl.sys Sat Nov 20 04:57:30 2010 (4CE79B8A)
    fffff880`00ebf000 fffff880`00ed4000   volmgr   volmgr.sys   Sat Nov 20 04:19:28 2010 (4CE792A0)
    fffff880`01070000 fffff880`010cc000   volmgrx  volmgrx.sys  Sat Nov 20 04:20:43 2010 (4CE792EB)
    fffff880`01400000 fffff880`0144c000   volsnap  volsnap.sys  Sat Nov 20 04:20:08 2010 (4CE792C8)
    fffff880`04452000 fffff880`0446d000   wanarp   wanarp.sys   Sat Nov 20 05:52:36 2010 (4CE7A874)
    fffff880`041bd000 fffff880`041cd000   watchdog watchdog.sys Mon Jul 13 19:37:35 2009 (4A5BC53F)
    fffff880`00efc000 fffff880`00fbe000   Wdf01000 Wdf01000.sys Fri Jun 21 23:13:05 2013 (51C51641)
    fffff880`00fbe000 fffff880`00fce000   WDFLDR   WDFLDR.SYS   Wed Jul 25 22:29:04 2012 (5010AB70)
    fffff880`045e1000 fffff880`045ea000   wfplwf   wfplwf.sys   Mon Jul 13 20:09:26 2009 (4A5BCCB6)
    fffff960`00070000 fffff960`00387000   win32k   win32k.sys   Thu Feb 06 20:23:07 2014 (52F4357B)
    fffff880`043aa000 fffff880`043b3000   wmiacpi  wmiacpi.sys  Mon Jul 13 19:31:02 2009 (4A5BC3B6)
    fffff880`00e57000 fffff880`00e60000   WMILIB   WMILIB.SYS   Mon Jul 13 19:19:51 2009 (4A5BC117)
    
    Unloaded modules:
    fffff880`09d19000 fffff880`09d8a000   spsys.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  00071000
    fffff880`0aa16000 fffff880`0afea000   iqvw64e.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  005D4000
    fffff880`013e4000 fffff880`013f2000   crashdmp.sys
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  0000E000
    fffff880`013f2000 fffff880`013fe000   dump_pciidex
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  0000C000
    fffff880`015f5000 fffff880`01600000   dump_msahci.
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  0000B000
    fffff880`011d6000 fffff880`011e9000   dump_dumpfve
        Timestamp: unavailable (00000000)
        Checksum:  00000000
        ImageSize:  00013000
    Bugcheck code 000000C4
    Arguments 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000

  8. #23
    5 Star Lounger
    Join Date
    Jan 2010
    Location
    Birkirkara, Malta
    Posts
    1,147
    Thanks
    180
    Thanked 7 Times in 7 Posts
    satrow and jcgriff22, thanks, sincerely, for all your help.

    After my last post I deleted 2 files relating to aswSP.sys, and then checked the status of avast internet security, and it reported "Everything is good". I then ran a scan with avast, followed by a boot time scan with that program, as a result of which I sent a couple of files to the avast virus chest.

    With regard to SUPER AntiSpyware, the only updates offered by the program were language updates, and I declined those, having already deleted all language files for that program apart from the English one.

    I ran scans with Malwarebytes and SUPER AntiSpyware, and the only items found were advertising cookies.

    Apart from the above, there have been no BSODs for about 24 hours now, and I have rebooted a few times, including after the latest Microsoft updates.

    In view of the above do you agree that I need take no further action?

    Please advise.

    Thanks and regards, Roy
    OS Dual Boot Win 7 Pro 64 Bit-SP1 & IE11 & Win 8.1 Pro 64 Bit & IE11-Intel Core i7 2600K Processor LGA1155-Asus P867 Pro Motherboard-GTX550 Ti DirectCU Graphics Card-Memory 8GB

    Roy Whitethread

  9. #24
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 207 Times in 181 Posts
    We need full details of the quarantined files, Roy, they may only be the tip of the iceberg as well written malware can be exceptionally difficult to detect.

    We can only advise you based on data collected, signs and symptoms described, together with our own accumulated data and experiences.

    The suggestion of removing/updating multiple software/drivers is because each of them has previously been implicated in BSODs; once they're removed/updated, we then have a clean baseline from which to proceed.

    Installing MSE will also trigger a scan which might produce further malware signs/files.

    Once the troubleshooting period is over, usually ~10 days or so free of BSODs, you can then undo any software changes and revert to your previous security setup, should you so wish.

    Whatever you decide, it's about time that Driver Verifier was turned off

  10. #25
    5 Star Lounger
    Join Date
    Jan 2010
    Location
    Birkirkara, Malta
    Posts
    1,147
    Thanks
    180
    Thanked 7 Times in 7 Posts
    satrow, thanks.

    I will remove avast with their removal tool, in safe mode, and install MSE for now, and will scan with MSE. With regard to Elby, the only files I can find (the same files are on my Win 7 and Win 8 partitions) are ElbyCDIO.dll and ElbyCDIO.sys. I will remove them from Win 7, as it's on that partition that the BSODs have occurred, but I am not sure whether that will have any effect on my Nero installation.

    Regarding the avast quarantined files, the problem is that they do not have a file extension, but just have numbers and dates, for example 00000001, so how do I upload them?

    Finally, Driver Verifier is off.

    Please advise further.

    Thanks and regards, Roy
    OS Dual Boot Win 7 Pro 64 Bit-SP1 & IE11 & Win 8.1 Pro 64 Bit & IE11-Intel Core i7 2600K Processor LGA1155-Asus P867 Pro Motherboard-GTX550 Ti DirectCU Graphics Card-Memory 8GB

    Roy Whitethread

  11. #26
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 207 Times in 181 Posts
    Open Avast and click on Statistics > Component Status (Your Stats tab) > double click Items stored in Virus Chest, there you will see the Item name and Original location, both useful details; from there, right click the individual files and select Properties, a screenshot for each file should be enough to give us further clues.

    Otherwise continue using it as normal, looking for any oddities; any scans that are run (MSE/MBAM?) please post the detailed results if they pick up anything.

  12. #27
    5 Star Lounger
    Join Date
    Jan 2010
    Location
    Birkirkara, Malta
    Posts
    1,147
    Thanks
    180
    Thanked 7 Times in 7 Posts
    satrow, thanks again.

    Screenshots of the Avast Virus Chest properties page for each file are attached, and I await your comments.

    I have deleted the 2 Elby files I mentioned previously from Win 7.

    I will now remove Avast and install MSE, and will let you know the result of the MSE scan.
    OS Dual Boot Win 7 Pro 64 Bit-SP1 & IE11 & Win 8.1 Pro 64 Bit & IE11-Intel Core i7 2600K Processor LGA1155-Asus P867 Pro Motherboard-GTX550 Ti DirectCU Graphics Card-Memory 8GB

    Roy Whitethread

  13. #28
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 207 Times in 181 Posts
    Hm, most of those files look like adware download wrappers, probably relatively innocuous; the 2nd and 3rd from the top may be a few steps above those in terms of potential danger - Flash is one of the most targeted software for installing really bad stuff via the back door. I'm not sure what the default MSE scan is post-install, see if you can change it to deep scan all drives.

  14. #29
    5 Star Lounger
    Join Date
    Jan 2010
    Location
    Birkirkara, Malta
    Posts
    1,147
    Thanks
    180
    Thanked 7 Times in 7 Posts
    satrow, I use uTorrent to download movie files, and I always watch out for files described as torrents, but which turn out to have a downloader.exe file extension. I never run a download, I always choose save as, and if the file does not have a .torrent extension I immediately cancel the download. I am surprised therefore that the Barefoot Contessa download.exe file got through the net, although I am pleased that Avast quarantined it.

    The default MSE scan post-install is a quick scan, and that found nothing, nor did the full scan I ran immediately after the quick scan.

    Do you think I can now uninstall MSE and reinstall Avast, and also restore the 2 Elby files?

    One thing I am concerned about is that the driver for my usb connected external hard drive probably needs replacing. When I switch that drive on I normally get 2 options windows opening (the drive is split into 2 partitions), and I choose to open the drives to view files. Sometimes however the options windows do not open and clicking the desktop shortcuts to either partition does not open them. I then have to switch the external drive off and on again before the partitions are recognized. Also, there have been a couple of instances where a torrent download is in progress, and I get an error message from uTorrent saying the download cannot be saved to the default location, which is a folder on one of the external drive partitions. I then have to switch the external drive off and on again and then get uTorrent to "force recheck" the download. I have no idea what download site to visit to get an updated driver. (I tried using Device Manager to check for updates to each of the usb items, but as I expected no updates were found). Do you have any ideas about this, and could this driver problem be related to the BSODs?

    Please advise further.

    Thanks and regards, Roy
    OS Dual Boot Win 7 Pro 64 Bit-SP1 & IE11 & Win 8.1 Pro 64 Bit & IE11-Intel Core i7 2600K Processor LGA1155-Asus P867 Pro Motherboard-GTX550 Ti DirectCU Graphics Card-Memory 8GB

    Roy Whitethread

  15. #30
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    2,138
    Thanks
    102
    Thanked 207 Times in 181 Posts
    Roy, you might find using Magnet links instead of torrents (pretty sure Magnet links are opened by uTorrent as part of the default install, otherwise try the Add Torrent from URL option and paste the Magnet link in) to be a safer alternative if you can find them; as always, take extreme care with downloads that may have been modified or are not from the originators.

    Clean scan results are always encouraging

    As said previously, we prefer to have ~10 days or so free of BSODs before giving the 'all clear' but it's your machine, your choice; if you want to return to your original security software sooner, it's up to you.

    A real USB external drive doesn't need any special drivers to enable access to it; I assume you have a WD with that awful 'Smartware' installed? If so, anything goes wrong with it and the chances of file recovery from it are almost nil - or extremely costly.

Page 2 of 5 FirstFirst 1234 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •