See if you can find
CheckSUR.log
in the CBS folder where cbs.log lives. This should have been created by KB947821.
What does a Process Explorer log look like now?
Multiple IRP Complete Requests BSOD's
Started by
BellSprout
, Nov 03 2017 08:25 AM
Best Answer BellSprout , 05 November 2017 - 06:58 AM
I've went ahead and just upgraded to windows 10 to start clean. Did a PC reset and everything is faster than it ever was. I'm even able to rock Avast / Malwarebytes together again lol.... Go to the full post »
#17
Posted 03 November 2017 - 07:01 PM
BellSprout
- Topic Starter
-
- Member
-
- 28 posts
Member
Attached. The one line that bothers me is the "Hardware Interrupts and DPCs".
Edit - Actually. Also noticed a "wmpnetwk.exe" that seems to take up 10.00+ of the CPU at times.
Attached Files
-
CheckSUR.log 35.73KB
295 downloads
-
Process Explorer.TXT 11KB
289 downloads
Edited by BellSprout, 03 November 2017 - 07:05 PM.
#18
Posted 03 November 2017 - 07:19 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
For your wmpnetwk.exe it's a service you can turn off.
https://www.groovypo...-is-it-running/
There were a lot of Avast errors in CheckSUR plus it's taking up a log of CPU in Process Explorer now so probably best to download a new copy, uninstall the old, reboot and then install the new.
Then rerun KB947821 and post the new CheckSUR log
We are also seeing a lot of Interrupts in Process Explorer.
Let's try Latency Monitor:
Go to
http://www.resplendence.com/downloads
Scroll down to
System Monitoring Tools
and then find
LatencyMon 6.51
Click on Download free home edition
Save it then right click and Run As Admin. It will install and then start the program.
It will tell you to click on the Start button but there isn't one.
Instead click on the green arrowhead (looks like a Play button). Let it run for a bit then click on Drivers.
File, Export View, Save it to your Desktop so you can find it easily. The default name is drivers.txt.
Open Drivers.txt and copy and paste the text into a Reply.
#19
Posted 03 November 2017 - 08:09 PM
BellSprout
- Topic Starter
-
- Member
-
- 28 posts
Member
Had another Multiple IRP Request BSOD so it took a little longer than expected.
Uninstalled / Reinstalled Avast. Reinstalled Windows Hotfix KB947821. Checksur.txt / Drivers.txt attached.
Drivers.txt
Driver file Description ISR count DPC count Highest execution (ms) Total execution (ms) Image base Image size Company Product Version Path
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
iusb3xhc.sys Intel® USB 3.0 eXtensible Host Controller Driver 0 24047 0.205717 1016.231449 0xFFFFF880'10517000 806912 Intel Corporation USB 3.0 Device Driver 1.0.8.251 (iusb3drv.20130222-0432) C:\Windows\system32\drivers\iusb3xhc.sys
nvlddmkm.sys NVIDIA Windows Kernel Mode Driver, Version 388.13 0 16888 0.203332 339.096466 0xFFFFF880'0F4C9000 17096704 NVIDIA Corporation NVIDIA Windows Kernel Mode Driver, Version 388.13 23.21.13.8813 C:\Windows\system32\drivers\nvlddmkm.sys
ataport.SYS ATAPI Driver Extension 6027 6582 0.142970 231.257338 0xFFFFF880'00DD2000 172032 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\ataport.sys
tcpip.sys TCP/IP Driver 0 697 0.122736 12.017263 0xFFFFF880'01802000 2080768 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\tcpip.sys
dxgkrnl.sys DirectX Graphics Kernel 9453 2471 0.121431 432.867887 0xFFFFF880'048BD000 1003520 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23809 (win7sp1_ldr.170516-0600) C:\Windows\system32\drivers\dxgkrnl.sys
ndis.sys NDIS 6.20 driver 0 2100 0.117241 26.471766 0xFFFFF880'01600000 995328 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\ndis.sys
afd.sys Ancillary Function Driver for WinSock 0 13345 0.116376 138.360591 0xFFFFF880'0445C000 561152 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\afd.sys
Wdf01000.sys Kernel Mode Driver Framework Runtime 0 11389 0.088548 56.710780 0xFFFFF880'00E86000 794624 Microsoft Corporation Microsoft® Windows® Operating System 1.11.9200.16384 (win8_rtm.120725-1247) C:\Windows\system32\drivers\wdf01000.sys
ntoskrnl.exe NT Kernel & System 0 30732 0.073767 111.637729 0xFFFFF800'03609000 6184960 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23915 (win7sp1_ldr.170913-0600) C:\Windows\system32\ntoskrnl.exe
rspLLL64.sys Resplendence Latency Monitoring and Auxiliary Kernel Library 0 64991 0.073288 47.450084 0xFFFFF880'0B5C4000 45056 Resplendence Software Projects Sp. LatMon 6.50 built by: WinDDK C:\Windows\system32\drivers\rsplll64.sys
HDAudBus.sys High Definition Audio Bus Driver 1768 1768 0.051465 31.194378 0xFFFFF880'04800000 147456 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\hdaudbus.sys
NETIO.SYS Network I/O Subsystem 0 513 0.039528 1.844726 0xFFFFF880'0178B000 397312 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23821 (win7sp1_ldr.170529-1924) C:\Windows\system32\drivers\netio.sys
USBPORT.SYS USB 1.1 & 2.0 Port Driver 9561 216 0.032999 37.902308 0xFFFFF880'04866000 356352 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23913 (win7sp1_ldr.170907-0600) C:\Windows\system32\drivers\usbport.sys
CLASSPNP.SYS SCSI Class System Dll 0 81 0.029990 0.415677 0xFFFFF880'01A15000 196608 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\drivers\classpnp.sys
netbt.sys MBT Transport driver 0 44 0.025682 0.896044 0xFFFFF880'01C00000 282624 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23889 (win7sp1_ldr.170810-1615) C:\Windows\system32\drivers\netbt.sys
ACPI.sys ACPI Driver for NT 47 0 0.017153 0.498444 0xFFFFF880'00F58000 356352 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\acpi.sys
usbccgp.sys USB Common Class Generic Parent Driver 0 84 0.012590 0.543952 0xFFFFF880'04F98000 118784 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23913 (win7sp1_ldr.170907-0600) C:\Windows\system32\drivers\usbccgp.sys
hal.dll Hardware Abstraction Layer DLL 13067 0 0.010781 24.224110 0xFFFFF800'03BEF000 299008 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\hal.dll
tunnel.sys Microsoft Tunnel Interface Driver 0 221 0.010506 0.492096 0xFFFFF880'0470F000 155648 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\tunnel.sys
luafv.sys LUA File Virtualization Filter Driver 0 18 0.010022 0.039866 0xFFFFF880'04E1B000 143360 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\luafv.sys
srv.sys Server driver 0 100 0.009405 0.199414 0xFFFFF880'082A3000 610304 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\srv.sys
aswSP.sys Avast self protection module 0 1 0.006968 0.006968 0xFFFFF880'01D4E000 729088 AVAST Software Avast Antivirus 17.7.3647.0 C:\Windows\system32\drivers\aswsp.sys
cng.sys Kernel Cryptography, Next Generation 0 11 0.005318 0.040352 0xFFFFF880'016FB000 479232 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23600 (win7sp1_ldr.161119-0600) C:\Windows\system32\drivers\cng.sys
rdbss.sys Redirected Drive Buffering SubSystem Driver 0 19 0.004037 0.037661 0xFFFFF880'0459F000 331776 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\rdbss.sys
HTTP.sys HTTP Protocol Stack 0 33 0.002777 0.065584 0xFFFFF880'02E00000 819200 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\http.sys
fltmgr.sys Microsoft Filesystem Filter Manager 0 10 0.002375 0.009517 0xFFFFF880'01397000 311296 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\fltmgr.sys
srvnet.sys Server Network driver 0 6 0.001570 0.007961 0xFFFFF880'07119000 200704 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23913 (win7sp1_ldr.170907-0600) C:\Windows\system32\drivers\srvnet.sys
Ntfs.sys NT File System Driver 0 23 0.00150 0.023240 0xFFFFF880'01400000 1732608 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\ntfs.sys
ndistapi.sys NDIS 3.0 connection wrapper driver 0 0 0 0 0xFFFFF880'0F485000 49152 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\ndistapi.sys
ndiswan.sys MS PPP Framing Driver (Strong Encryption) 0 0 0 0 0xFFFFF880'0F491000 192512 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\drivers\ndiswan.sys
wfplwf.sys WFP NDIS 6.20 Lightweight Filter Driver 0 0 0 0 0xFFFFF880'044FF000 36864 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\wfplwf.sys
pacer.sys QoS Packet Scheduler 0 0 0 0 0xFFFFF880'04508000 155648 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\pacer.sys
RDPCDD.sys RDP Miniport 0 0 0 0 0xFFFFF880'04296000 36864 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\rdpcdd.sys
netbios.sys NetBIOS interface driver 0 0 0 0 0xFFFFF880'04544000 61440 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\netbios.sys
vwififlt.sys Virtual WiFi Filter Driver 0 0 0 0 0xFFFFF880'0452E000 90112 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\vwififlt.sys
Npfs.SYS NPFS Driver 0 0 0 0 0xFFFFF880'042BC000 69632 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\npfs.sys
Msfs.SYS Mailslot driver 0 0 0 0 0xFFFFF880'042B1000 45056 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\msfs.sys
tdx.sys TDI Translation Driver 0 0 0 0 0xFFFFF880'043D1000 139264 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23880 (win7sp1_ldr.170729-0600) C:\Windows\system32\drivers\tdx.sys
TDI.SYS TDI Wrapper 0 0 0 0 0xFFFFF880'043F3000 53248 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\drivers\tdi.sys
raspppoe.sys RAS PPPoE mini-port/call-manager driver 0 0 0 0 0xFFFFF880'04735000 110592 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\raspppoe.sys
aswRdr2.sys Avast WFP Redirect Driver 0 0 0 0 0xFFFFF880'044E5000 106496 AVAST Software Avast Antivirus 17.7.3647.0 built by: WinDDK C:\Windows\system32\drivers\aswrdr2.sys
rdprefmp.sys RDP Reflector Driver Miniport 0 0 0 0 0xFFFFF880'042A8000 36864 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\rdprefmp.sys
rdpencdd.sys RDP Encoder Miniport 0 0 0 0 0xFFFFF880'0429F000 36864 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\rdpencdd.sys
serial.sys Serial Device Driver 0 0 0 0 0xFFFFF880'04553000 118784 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\serial.sys
wmiacpi.sys Windows Management Interface for ACPI 0 0 0 0 0xFFFFF880'0F40C000 36864 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\wmiacpi.sys
dxgmms1.sys DirectX Graphics MMS 0 0 0 0 0xFFFFF880'049B2000 286720 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23809 (win7sp1_ldr.170516-0600) C:\Windows\system32\drivers\dxgmms1.sys
intelppm.sys Processor Device Driver 0 0 0 0 0xFFFFF880'0F415000 90112 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\intelppm.sys
blbdrive.sys BLB Drive Driver 0 0 0 0 0xFFFFF880'04443000 69632 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\blbdrive.sys
aswbidsdrivera.sys IDS Application Activity Monitor Driver. 0 0 0 0 0xFFFFF880'046BF000 327680 AVAST Software s.r.o. Avast 17.7.3.13578 C:\Windows\system32\drivers\aswbidsdrivera.sys
USBD.SYS Universal Serial Bus Driver 0 0 0 0 0xFFFFF880'04824000 8192 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23913 (win7sp1_ldr.170907-0600) C:\Windows\system32\drivers\usbd.sys
TeeDriverx64.sys Intel® Management Engine Interface 0 0 0 0 0xFFFFF880'04826000 188416 Intel Corporation Intel® Management Engine Interface 11.0.5.1189 C:\Windows\system32\drivers\teedriverx64.sys
usbehci.sys EHCI eUSB Miniport Driver 0 0 0 0 0xFFFFF880'04854000 73728 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23913 (win7sp1_ldr.170907-0600) C:\Windows\system32\drivers\usbehci.sys
serenum.sys Serial Port Enumerator 0 0 0 0 0xFFFFF880'0F400000 49152 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\serenum.sys
e2xw7x64.sys Killer e2400 PCI-E Gigabit Ethernet Controller 0 0 0 0 0xFFFFF880'105DC000 139264 Qualcomm Atheros, Inc. Killer e2400 PCI-E Gigabit Ethernet Controller 9.0.0.39 C:\Windows\system32\drivers\e2xw7x64.sys
dfsc.sys DFS Namespace Client Driver 0 0 0 0 0xFFFFF880'04424000 126976 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23542 (win7sp1_ldr.160908-0600) C:\Windows\system32\drivers\dfsc.sys
mssmbios.sys System Management BIOS Driver 0 0 0 0 0xFFFFF880'04400000 45056 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\mssmbios.sys
rasl2tp.sys RAS L2TP mini-port/call-manager driver 0 0 0 0 0xFFFFF880'0F461000 147456 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\drivers\rasl2tp.sys
nsiproxy.sys NSI Proxy 0 0 0 0 0xFFFFF880'045F0000 49152 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23889 (win7sp1_ldr.170810-1615) C:\Windows\system32\drivers\nsiproxy.sys
wanarp.sys MS Remote Access and Routing ARP Driver 0 0 0 0 0xFFFFF880'04570000 110592 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\drivers\wanarp.sys
termdd.sys Remote Desktop Server Driver 0 0 0 0 0xFFFFF880'0458B000 81920 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\drivers\termdd.sys
discache.sys System Indexer/Cache Driver 0 0 0 0 0xFFFFF880'04415000 61440 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\discache.sys
ISCTD.sys Intel® Smart Connect Technology Device Driver 0 0 0 0 0xFFFFF880'0F42B000 65536 ISCT Driver 1, 1, 0, 0 C:\Windows\system32\drivers\isctd.sys
CompositeBus.sys Multi-Transport Composite Bus Enumerator 0 0 0 0 0xFFFFF880'0F43B000 65536 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\drivers\compositebus.sys
HWiNFO64A.SYS HWiNFO AMD64 Kernel Driver 0 0 0 0 0xFFFFF880'0440B000 40960 REALiX™ HWiNFO AMD64 Kernel Driver 8.98 c:\windows\system32\drivers\hwinfo64a.sys
AgileVpn.sys RAS Agile Vpn Miniport Call Manager 0 0 0 0 0xFFFFF880'0F44B000 90112 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\agilevpn.sys
atapi.sys ATAPI IDE Miniport Driver 0 0 0 0 0xFFFFF880'00E5B000 36864 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\atapi.sys
msahci.sys MS AHCI 1.0 Standard Driver 0 0 0 0 0xFFFFF880'00E64000 45056 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\drivers\msahci.sys
PCIIDEX.SYS PCI IDE Bus Driver Extension 0 0 0 0 0xFFFFF880'00E6F000 65536 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\pciidex.sys
volmgr.sys Volume Manager Driver 0 0 0 0 0xFFFFF880'00E2C000 86016 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\drivers\volmgr.sys
volmgrx.sys Volume Manager Extension Driver 0 0 0 0 0xFFFFF880'00C00000 376832 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\volmgrx.sys
mountmgr.sys Mount Point Manager 0 0 0 0 0xFFFFF880'00E41000 106496 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.18933 (win7sp1_gdr.150715-0600) C:\Windows\system32\drivers\mountmgr.sys
fileinfo.sys FileInfo Filter Driver 0 0 0 0 0xFFFFF880'013E3000 81920 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\fileinfo.sys
msrpc.sys Kernel Remote Procedure Call Provider 0 0 0 0 0xFFFFF880'01000000 385024 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\drivers\msrpc.sys
ksecdd.sys Kernel Security Support Provider Interface 0 0 0 0 0xFFFFF880'015A7000 110592 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23915 (win7sp1_ldr.170913-0600) C:\Windows\system32\drivers\ksecdd.sys
iaStorA.sys Intel Rapid Storage Technology driver - x64 0 0 0 0 0xFFFFF880'0105E000 2924544 Intel Corporation Intel Rapid Storage Technology driver 11.5.4.1001 C:\Windows\system32\drivers\iastora.sys
storport.sys Microsoft Storage Port Driver 0 0 0 0 0xFFFFF880'01328000 409600 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.18386 (win7sp1_gdr.140203-1432) C:\Windows\system32\drivers\storport.sys
amdxata.sys Storage Filter Driver 0 0 0 0 0xFFFFF880'0138C000 45056 Advanced Micro Devices Storage Filter Driver 1.1.2.5 (NT.091202-1659) C:\Windows\system32\drivers\amdxata.sys
CLFS.SYS Common Log File System Driver 0 0 0 0 0xFFFFF880'00CFE000 389120 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\clfs.sys
CI.dll Code Integrity Module 0 0 0 0 0xFFFFF880'00D5D000 479232 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23915 (win7sp1_ldr.170913-0600) C:\Windows\system32\ci.dll
WDFLDR.SYS Kernel Mode Driver Framework Loader 0 0 0 0 0xFFFFF880'00F48000 65536 Microsoft Corporation Microsoft® Windows® Operating System 1.11.9200.16384 (win8_rtm.120725-1247) C:\Windows\system32\drivers\wdfldr.sys
kdcom.dll Serial Kernel Debugger 0 0 0 0 0xFFFFF800'00BBC000 40960 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17556 (win7sp1_gdr.110204-2120) C:\Windows\system32\kdcom.dll
mcupdate_GenuineIntel.dll Intel Microcode Update Library 0 0 0 0 0xFFFFF880'00C6C000 516096 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.18848 (win7sp1_gdr.150509-0603) C:\Windows\system32\mcupdate_genuineintel.dll
PSHED.dll Platform Specific Hardware Error Driver 0 0 0 0 0xFFFFF880'00CEA000 81920 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\pshed.dll
vdrvroot.sys Virtual Drive Root Enumerator 0 0 0 0 0xFFFFF880'00E00000 53248 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\vdrvroot.sys
iusb3hcs.sys Intel® USB 3.0 Host Controller Switch Driver 0 0 0 0 0xFFFFF880'00E0D000 40960 Intel Corporation USB 3.0 Host Controller Switch Driver 1.0.8.251 built by: WinDDK C:\Windows\system32\drivers\iusb3hcs.sys
partmgr.sys Partition Management Driver 0 0 0 0 0xFFFFF880'00E17000 86016 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\partmgr.sys
WMILIB.SYS WMILIB WMI support library Dll 0 0 0 0 0xFFFFF880'00FAF000 36864 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\wmilib.sys
msisadrv.sys ISA Driver 0 0 0 0 0xFFFFF880'00FB8000 40960 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\msisadrv.sys
pci.sys NT Plug and Play PCI Enumerator 0 0 0 0 0xFFFFF880'00FC2000 208896 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\pci.sys
pcw.sys Performance Counters for Windows Driver 0 0 0 0 0xFFFFF880'01770000 69632 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\pcw.sys
aswbidsha.sys Application Activity Monitor Helper Driver 0 0 0 0 0xFFFFF880'01CBD000 192512 AVAST Software s.r.o. Avast 17.7.3.13578 C:\Windows\system32\drivers\aswbidsha.sys
cdrom.sys SCSI CD-ROM Driver 0 0 0 0 0xFFFFF880'01D24000 172032 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\cdrom.sys
aswSnx.sys Avast Virtualization Driver 0 0 0 0 0xFFFFF880'042D8000 1019904 AVAST Software Avast Antivirus 17.7.3660.241 C:\Windows\system32\drivers\aswsnx.sys
disk.sys PnP Disk Driver 0 0 0 0 0xFFFFF880'01A00000 86016 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\disk.sys
aswbuniva.sys Universal Driver 0 0 0 0 0xFFFFF880'01A45000 57344 AVAST Software s.r.o. Avast 17.7.3.13578 C:\Windows\system32\drivers\aswbuniva.sys
aswbloga.sys Logging Driver 0 0 0 0 0xFFFFF880'01C6D000 327680 AVAST Software s.r.o. Avast 17.7.3.13578 C:\Windows\system32\drivers\aswbloga.sys
vga.sys VGA/Super VGA Video Driver 0 0 0 0 0xFFFFF880'04253000 57344 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\vga.sys
VIDEOPRT.SYS Video Port Driver 0 0 0 0 0xFFFFF880'04261000 151552 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\videoprt.sys
watchdog.sys Watchdog Driver 0 0 0 0 0xFFFFF880'04286000 65536 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\watchdog.sys
ks.sys Kernel CSA Library 0 0 0 0 0xFFFFF880'04200000 274432 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\drivers\ks.sys
Null.SYS NULL Driver 0 0 0 0 0xFFFFF880'04243000 36864 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\null.sys
Beep.SYS BEEP Driver 0 0 0 0 0xFFFFF880'0424C000 28672 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\beep.sys
aswRvrt.sys Avast Revert 0 0 0 0 0xFFFFF880'01AA7000 77824 AVAST Software Avast Antivirus 17.7.3647.0 C:\Windows\system32\drivers\aswrvrt.sys
aswVmm.sys Avast VM Monitor 0 0 0 0 0xFFFFF880'01ABA000 356352 AVAST Software Avast Antivirus 17.7.3647.0 C:\Windows\system32\drivers\aswvmm.sys
volsnap.sys Volume Shadow Copy Driver 0 0 0 0 0xFFFFF880'01B11000 311296 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\volsnap.sys
Fs_Rec.sys File System Recognizer Driver 0 0 0 0 0xFFFFF880'01781000 40960 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17787 (win7sp1_gdr.120229-1502) C:\Windows\system32\drivers\fs_rec.sys
ksecpkg.sys Kernel Security Support Provider Interface Packages 0 0 0 0 0xFFFFF880'015C2000 176128 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23915 (win7sp1_ldr.170913-0600) C:\Windows\system32\drivers\ksecpkg.sys
fwpkclnt.sys FWP/IPsec Kernel-Mode API 0 0 0 0 0xFFFFF880'01A5E000 299008 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23821 (win7sp1_ldr.170529-1924) C:\Windows\system32\drivers\fwpkclnt.sys
iaStorF.sys Intel Rapid Storage Technology Filter driver - x64 0 0 0 0 0xFFFFF880'01BB1000 45056 Intel Corporation Intel Rapid Storage Technology Filter driver 11.5.4.1001 C:\Windows\system32\drivers\iastorf.sys
hwpolicy.sys Hardware Policy Driver 0 0 0 0 0xFFFFF880'01BBC000 36864 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\drivers\hwpolicy.sys
fvevol.sys BitLocker Drive Encryption Driver 0 0 0 0 0xFFFFF880'01BC5000 237568 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\fvevol.sys
spldr.sys loader for security processor 0 0 0 0 0xFFFFF880'01B5D000 32768 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7127.0 (fbl_security_bugfix(sepbld-s).090511-0943) C:\Windows\system32\drivers\spldr.sys
rdyboost.sys ReadyBoost Driver 0 1 0.00050 0.00050 0xFFFFF880'01B65000 237568 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\drivers\rdyboost.sys
mup.sys Multiple UNC Provider Driver 0 0 0 0 0xFFFFF880'01B9F000 73728 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\mup.sys
sechost.dll Host for SCM/SDDL/LSA Lookup APIs 0 0 0 0 0x000007FE'FE280000 126976 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\sechost.dll
msctf.dll MSCTF Server DLL 0 0 0 0 0x000007FE'FE170000 1085440 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\msctf.dll
difxapi.dll Driver Install Frameworks for API library module 0 0 0 0 0x000007FE'FE0F0000 524288 Microsoft Corporation Driver Install Frameworks API (DIFxAPI) 2.1 C:\Windows\system32\difxapi.dll
shell32.dll Windows Shell Common Dll 0 0 0 0 0x000007FE'FE520000 14196736 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\shell32.dll
shlwapi.dll Shell Light-weight Utility Library 0 0 0 0 0x000007FE'FE4A0000 462848 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\shlwapi.dll
ole32.dll Microsoft OLE for Windows 0 0 0 0 0x000007FE'FE2A0000 2080768 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23889 (win7sp1_ldr.170810-1615) C:\Windows\system32\ole32.dll
comdlg32.dll Common Dialogs DLL 0 0 0 0 0x000007FE'FE050000 618496 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\comdlg32.dll
Wldap32.dll Win32 LDAP API DLL 0 0 0 0 0x000007FE'FDD00000 335872 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\wldap32.dll
advapi32.dll Advanced Windows 32 Base API 0 0 0 0 0x000007FE'FDC20000 897024 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23915 (win7sp1_ldr.170913-0600) C:\Windows\system32\advapi32.dll
iertutil.dll Run time utility for Internet Explorer 0 0 0 0 0x000007FE'FD950000 2928640 Microsoft Corporation Internet Explorer 11.00.9600.18817 (winblue_ltsb.170907-0600) C:\Windows\system32\iertutil.dll
setupapi.dll Windows Setup API 0 0 0 0 0x000007FE'FDE70000 1929216 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\setupapi.dll
oleaut32.dll 0 0 0 0 0x000007FE'FDD90000 892928 Microsoft Corporation 6.1.7601.23775 C:\Windows\system32\oleaut32.dll
imm32.dll Multi-User Windows IMM32 API Client DLL 0 0 0 0 0x000007FE'FDD60000 188416 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\imm32.dll
msvcrt.dll Windows NT CRT DLL 0 0 0 0 0x000007FE'FF2B0000 651264 Microsoft Corporation Microsoft® Windows® Operating System 7.0.7601.17744 (win7sp1_gdr.111215-1535) C:\Windows\system32\msvcrt.dll
kbdhid.sys HID Keyboard Filter Driver 0 0 0 0 0xFFFFF880'0B552000 57344 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\kbdhid.sys
rzudd.sys Razer Rzudd Engine 0 0 0 0 0xFFFFF880'0B560000 208896 Razer Inc Razer Rzudd Engine 1.0.38.0 C:\Windows\system32\drivers\rzudd.sys
mouhid.sys HID Mouse Filter Driver 0 0 0 0 0xFFFFF880'0B5A0000 53248 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\mouhid.sys
rzendpt.sys Razer RzEndPt 0 0 0 0 0xFFFFF880'0B49B000 61440 Razer Inc Razer RzEndPt 1.0.38.0 C:\Windows\system32\drivers\rzendpt.sys
hidusb.sys USB Miniport Driver for Input Devices 0 0 0 0 0xFFFFF880'0B4AA000 57344 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\drivers\hidusb.sys
HIDCLASS.SYS Hid Class Library 0 0 0 0 0xFFFFF880'0B4B8000 102400 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.18199 (win7sp1_gdr.130702-1534) C:\Windows\system32\drivers\hidclass.sys
ntdll.dll NT Layer DLL 0 0 0 0 0x770F0000 1744896 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\ntdll.dll
user32.dll Multi-User Windows USER API Client DLL 0 0 0 0 0x76FF0000 1024000 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\user32.dll
lpk.dll Language Pack 0 0 0 0 0x000007FE'FF3F0000 57344 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23807 (win7sp1_ldr.170512-0600) C:\Windows\system32\lpk.dll
clbcatq.dll COM+ Configuration Catalog 0 0 0 0 0x000007FE'FF350000 626688 Microsoft Corporation Microsoft® Windows® Operating System 2001.12.8530.16385 (win7_rtm.090713-1255) C:\Windows\system32\clbcatq.dll
smss.exe Windows Session Manager 0 0 0 0 0x479D0000 131072 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\smss.exe
apisetschema.dll ApiSet Schema DLL 0 0 0 0 0x000007FE'FF410000 327680 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23915 (win7sp1_ldr.170913-0600) C:\Windows\system32\apisetschema.dll
autochk.exe Auto Check Utility 0 0 0 0 0xFF840000 790528 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\autochk.exe
api-ms-win-downlevel-user32-l1-1-0.dll ApiSet Stub DLL 0 0 0 0 0x000007FE'FCF10000 16384 Microsoft Corporation Microsoft® Windows® Operating System 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
comctl32.dll User Experience Controls Library 0 0 0 0 0x000007FE'FCE70000 655360 Microsoft Corporation Microsoft® Windows® Operating System 6.10 (win7_rtm.090713-1255) C:\Windows\system32\comctl32.dll
api-ms-win-downlevel-ole32-l1-1-0.dll ApiSet Stub DLL 0 0 0 0 0x000007FE'FCE60000 16384 Microsoft Corporation Microsoft® Windows® Operating System 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
api-ms-win-downlevel-shlwapi-l1-1-0.dll ApiSet Stub DLL 0 0 0 0 0x000007FE'FCF70000 16384 Microsoft Corporation Microsoft® Windows® Operating System 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
api-ms-win-downlevel-version-l1-1-0.dll ApiSet Stub DLL 0 0 0 0 0x000007FE'FCF60000 16384 Microsoft Corporation Microsoft® Windows® Operating System 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
wintrust.dll Microsoft Trust Verification APIs 0 0 0 0 0x000007FE'FCF20000 241664 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23769 (win7sp1_ldr.170412-0600) C:\Windows\system32\wintrust.dll
devobj.dll Device Information Set DLL 0 0 0 0 0x000007FE'FCE40000 106496 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\devobj.dll
profapi.dll User Profile Basic API 0 0 0 0 0x000007FE'FCDF0000 61440 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\profapi.dll
msasn1.dll ASN.1 Runtime APIs 0 0 0 0 0x000007FE'FCDE0000 61440 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\msasn1.dll
normaliz.dll Unicode Normalization DLL 0 0 0 0 0x75FE0000 12288 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\syswow64\normaliz.dll
userenv.dll Userenv 0 0 0 0 0x000007FE'FCE20000 122880 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\userenv.dll
api-ms-win-downlevel-advapi32-l1-1-0.dll ApiSet Stub DLL 0 0 0 0 0x000007FE'FCE10000 20480 Microsoft Corporation Microsoft® Windows® Operating System 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
api-ms-win-downlevel-normaliz-l1-1-0.dll ApiSet Stub DLL 0 0 0 0 0x000007FE'FCE00000 12288 Microsoft Corporation Microsoft® Windows® Operating System 6.2.9200.16492 (win8_gdr_oobssr.130113-0015) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
cfgmgr32.dll Configuration Manager DLL 0 0 0 0 0x000007FE'FCF80000 221184 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\cfgmgr32.dll
nsi.dll NSI User-mode interface DLL 0 0 0 0 0x000007FE'FD800000 32768 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23889 (win7sp1_ldr.170810-1615) C:\Windows\system32\nsi.dll
wininet.dll Internet Extensions for Win32 0 0 0 0 0x000007FE'FD4D0000 3280896 Microsoft Corporation Internet Explorer 11.00.9600.18817 (winblue_ltsb.170907-0600) C:\Windows\system32\wininet.dll
ws2_32.dll Windows Socket 2.0 32-Bit DLL 0 0 0 0 0x000007FE'FD480000 315392 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\ws2_32.dll
normaliz.dll Unicode Normalization DLL 0 0 0 0 0x772C0000 12288 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\normaliz.dll
gdi32.dll GDI Client DLL 0 0 0 0 0x000007FE'FD8E0000 421888 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23914 (win7sp1_ldr.170908-0600) C:\Windows\system32\gdi32.dll
usp10.dll Uniscribe Unicode script processor 0 0 0 0 0x000007FE'FD810000 831488 Microsoft Corporation Microsoft® Uniscribe Unicode script processor 1.0626.7601.23894 (win7sp1_ldr.170816-0600) C:\Windows\system32\usp10.dll
psapi.dll Process Status Helper 0 0 0 0 0x772B0000 28672 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\psapi.dll
kernel32.dll Windows NT BASE API Client DLL 0 0 0 0 0x76ED0000 1175552 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.18015 (win7sp1_gdr.121129-1432) C:\Windows\system32\kernel32.dll
crypt32.dll Crypto API32 0 0 0 0 0x000007FE'FD030000 1495040 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23769 (win7sp1_ldr.170412-0600) C:\Windows\system32\crypt32.dll
KernelBase.dll Windows NT BASE API Client DLL 0 0 0 0 0x000007FE'FCFC0000 434176 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.18015 (win7sp1_gdr.121129-1432) C:\Windows\system32\kernelbase.dll
rpcrt4.dll Remote Procedure Call Runtime 0 0 0 0 0x000007FE'FD350000 1232896 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\rpcrt4.dll
imagehlp.dll Windows NT Image Helper 0 0 0 0 0x000007FE'FD330000 102400 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.18288 (win7sp1_gdr.131018-1533) C:\Windows\system32\imagehlp.dll
urlmon.dll OLE32 Extensions for Win32 0 0 0 0 0x000007FE'FD1A0000 1593344 Microsoft Corporation Internet Explorer 11.00.9600.18817 (winblue_ltsb.170907-0600) C:\Windows\system32\urlmon.dll
win32k.sys Multi-User Win32 Driver 0 0 0 0 0xFFFFF960'000D0000 3305472 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\win32k.sys
Dxapi.sys DirectX API Driver 0 0 0 0 0xFFFFF880'05FF1000 49152 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\dxapi.sys
crashdmp.sys Crash Dump Driver 0 0 0 0 0xFFFFF880'05A00000 57344 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\crashdmp.sys
iusb3hub.sys Intel® USB 3.0 Hub Driver 0 0 0 0 0xFFFFF880'04F04000 380928 Intel Corporation USB 3.0 Device Driver 1.0.8.251 (iusb3drv.20130222-0432) C:\Windows\system32\drivers\iusb3hub.sys
RTKVHD64.sys Realtek® High Definition Audio Function Driver 0 0 0 0 0xFFFFF880'05A1E000 6049792 Realtek Semiconductor Corp. Realtek® High Definition Audio Function Driver 6.0.1.8186 built by: WinDDK C:\Windows\system32\drivers\rtkvhd64.sys
MBfilt64.sys Creative Audio Driver 0 0 0 0 0xFFFFF880'05FE3000 57344 Creative Technology Ltd. 6.10.00.0008 C:\Windows\system32\drivers\mbfilt64.sys
dump_dumpata.sys 0 0 0 0 0xFFFFF880'05A0E000 49152 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\dump_dumpata.sys
xusb21.sys Windows Common Controller 0 0 0 0 0xFFFFF880'04FB5000 69632 Microsoft Corporation Windows Common Controller Driver 9.18.1015.0 (XUSB_MAIN(dxblder).090408-0727) C:\Windows\system32\drivers\xusb21.sys
HIDPARSE.SYS Hid Parsing Library 0 0 0 0 0xFFFFF880'04FED000 36864 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.18199 (win7sp1_gdr.130702-1534) C:\Windows\system32\drivers\hidparse.sys
imsevent.sys Intel Mouse Class Upper Filter Driver 0 0 0 0 0xFFFFF880'04E40000 45056 Intel Mouse Class Upper Filter Driver 1, 0, 8, 0 C:\Windows\system32\drivers\imsevent.sys
dump_msahci.sys 0 0 0 0 0xFFFFF880'04F61000 45056 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\dump_msahci.sys
dump_dumpfve.sys 0 0 0 0 0xFFFFF880'04F6C000 77824 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\dump_dumpfve.sys
ax88179_178a.sys ASIX AX88179/178a Network Driver 0 0 0 0 0xFFFFF880'04F7F000 102400 ASIX Electronics Corp. ASIX AX88179/178a USB 3.0/2.0 to Gigabit Ethernet Adapter 1.14.11.0 built by: WinDDK C:\Windows\system32\drivers\ax88179_178a.sys
nvhda64v.sys NVIDIA HDMI Audio Driver 0 0 0 0 0xFFFFF880'04ECD000 225280 NVIDIA Corporation NVIDIA HDMI Audio Driver 1.3.35.1 C:\Windows\system32\drivers\nvhda64v.sys
mouclass.sys Mouse Class Driver 0 0 0 0 0xFFFFF880'0479A000 61440 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\mouclass.sys
swenum.sys Plug and Play Software Device Enumerator 0 0 0 0 0xFFFFF880'049F8000 8192 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\swenum.sys
umbus.sys User-Mode Bus Enumerator 0 0 0 0 0xFFFFF880'047A9000 73728 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\umbus.sys
raspptp.sys Peer-to-Peer Tunneling Protocol 0 0 0 0 0xFFFFF880'04750000 135168 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\drivers\raspptp.sys
rassstp.sys RAS SSTP Miniport Call Manager 0 0 0 0 0xFFFFF880'04771000 106496 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\rassstp.sys
kbdclass.sys Keyboard Class Driver 0 0 0 0 0xFFFFF880'0478B000 61440 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\drivers\kbdclass.sys
nvvad64v.sys NVIDIA Virtual Audio Driver 0 0 0 0 0xFFFFF880'047BB000 57344 NVIDIA Corporation NVIDIA Virtual Audio Driver 4.02.2 built by: WinDDK C:\Windows\system32\drivers\nvvad64v.sys
nvvhci.sys Virtual USB Host Controller driver 0 0 0 0 0xFFFFF880'0465F000 61440 NVIDIA Corporation Virtual USB Host Controller driver 2.02.0.5 C:\Windows\system32\drivers\nvvhci.sys
usbhub.sys Default Hub Driver for USB 0 0 0 0 0xFFFFF880'04E5E000 368640 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23913 (win7sp1_ldr.170907-0600) C:\Windows\system32\drivers\usbhub.sys
NDProxy.SYS NDIS Proxy 0 0 0 0 0xFFFFF880'04EB8000 86016 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.17514 (win7sp1_rtm.101119-1850) C:\Windows\system32\drivers\ndproxy.sys
portcls.sys Port Class (Class Driver for Port/Miniport Devices) 0 0 0 0 0xFFFFF880'04600000 249856 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\portcls.sys
drmk.sys Microsoft Trusted Audio Drivers 0 0 0 0 0xFFFFF880'0463D000 139264 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.19091 (win7sp1_gdr.151208-0600) C:\Windows\system32\drivers\drmk.sys
ksthunk.sys Kernel Streaming WOW Thunk Service 0 0 0 0 0xFFFFF880'049FA000 24576 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\ksthunk.sys
peauth.sys Protected Environment Authentication and Authorization Export Driver 0 0 0 0 0xFFFFF880'07048000 696320 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23471 (win7sp1_ldr.160614-0600) C:\Windows\system32\drivers\peauth.sys
rzpmgrk.sys Razer Overlay Support 0 0 0 0 0xFFFFF880'070F2000 32768 Razer, Inc. RZPMGRK 1.0.2.8001 c:\windows\system32\drivers\rzpmgrk.sys
rzpnk.sys Razer Overlay Support 0 0 0 0 0xFFFFF880'070FA000 126976 Razer, Inc. Rzpnk 1.0.12.10155 c:\windows\system32\drivers\rzpnk.sys
mrxsmb.sys Windows NT SMB Minirdr 0 0 0 0 0xFFFFF880'02F7E000 184320 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23915 (win7sp1_ldr.170913-0600) C:\Windows\system32\drivers\mrxsmb.sys
mrxsmb10.sys Longhorn SMB Downlevel SubRdr 0 0 0 0 0xFFFFF880'02FAB000 319488 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23915 (win7sp1_ldr.170913-0600) C:\Windows\system32\drivers\mrxsmb10.sys
mrxsmb20.sys Longhorn SMB 2.0 Redirector 0 0 0 0 0xFFFFF880'01C45000 147456 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23915 (win7sp1_ldr.170913-0600) C:\Windows\system32\drivers\mrxsmb20.sys
tcpipreg.sys TCP/IP Registry Compatibility Driver 0 0 0 0 0xFFFFF880'0714A000 73728 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23496 (win7sp1_ldr.160707-0600) C:\Windows\system32\drivers\tcpipreg.sys
WPRO_41_2001.sys 0 0 0 0 0xFFFFF880'08378000 49152 4.2.0.140 C:\Windows\system32\drivers\wpro_41_2001.sys
usbaudio.sys USB Audio Class Driver 0 0 0 0 0xFFFFF880'08384000 110592 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.18208 (win7sp1_gdr.130711-2203) C:\Windows\system32\drivers\usbaudio.sys
asyncmac.sys MS Remote Access serial network driver 0 0 0 0 0xFFFFF880'0B490000 45056 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\asyncmac.sys
TSSFSFD.SYS Windows VISTA/7 x64 FileSystem Filter 0 0 0 0 0xFFFFF880'0715C000 131072 TSS - www.trinity-ss.com TSSFilter for Windows VISTA/7 x64 1, 2, 13, 0 c:\windows\syswow64\drivers\tssfsfd.sys
srv2.sys Smb 2.0 Server driver 0 0 0 0 0xFFFFF880'0717C000 425984 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23913 (win7sp1_ldr.170907-0600) C:\Windows\system32\drivers\srv2.sys
mbamswissarmy.sys Malwarebytes SwissArmy 0 0 0 0 0xFFFFF880'08338000 262144 Malwarebytes Malwarebytes SwissArmy 4.2.0.140 C:\Windows\system32\drivers\mbamswissarmy.sys
mpsdrv.sys Microsoft Protection Service Driver 0 0 0 0 0xFFFFF880'02EE5000 98304 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\mpsdrv.sys
cdd.dll Canonical Display Driver 0 0 0 0 0xFFFFF960'00630000 159744 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23809 (win7sp1_ldr.170516-0600) C:\Windows\system32\cdd.dll
ATMFD.DLL Windows NT OpenType/Type 1 Font Driver 0 0 0 0 0xFFFFF960'008F0000 405504 Adobe Systems Incorporated Adobe Type Manager 5.1 Build 252 C:\Windows\system32\atmfd.dll
aswMonFlt.sys Avast File System Minifilter for Windows 2003/Vista 0 0 0 0 0xFFFFF880'04679000 163840 AVAST Software Avast Antivirus 17.7.3647.0 C:\Windows\system32\drivers\aswmonflt.sys
ikbevent.sys Intel Keyboard Class Upper Filter Driver 0 0 0 0 0xFFFFF880'0466E000 45056 Intel Keyboard Class Upper Filter Driver 1, 0, 7, 0 C:\Windows\system32\drivers\ikbevent.sys
monitor.sys Monitor Driver 0 0 0 0 0xFFFFF880'04E0D000 57344 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\monitor.sys
TSDDD.dll Framebuffer Display Driver 0 0 0 0 0xFFFFF960'00490000 40960 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\tsddd.dll
CYMON.SYS 0 0 0 0 0xFFFFF880'047C9000 151552 CypherTec Inc. 1.3.4.15 c:\windows\system32\drivers\cymon.sys
ndisuio.sys NDIS User mode I/O driver 0 0 0 0 0xFFFFF880'02F53000 77824 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\ndisuio.sys
rspndr.sys Link-Layer Topology Responder Driver for NDIS 6 0 0 0 0 0xFFFFF880'02F66000 98304 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\rspndr.sys
bowser.sys NT Lan Manager Datagram Receiver Driver 0 0 0 0 0xFFFFF880'02EC8000 118784 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7601.23567 (win7sp1_ldr.161005-0600) C:\Windows\system32\drivers\bowser.sys
aswStm.sys Stream Filter 0 0 0 0 0xFFFFF880'01CEC000 200704 AVAST Software Avast Antivirus 17.7.3647.0 C:\Windows\system32\drivers\aswstm.sys
lltdio.sys Link-Layer Topology Mapper I/O Driver 0 0 0 0 0xFFFFF880'046A1000 86016 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\lltdio.sys
nwifi.sys NativeWiFi Miniport Driver 0 0 0 0 0xFFFFF880'02EFF000 344064 Microsoft Corporation Microsoft® Windows® Operating System 6.1.7600.16385 (win7_rtm.090713-1255) C:\Windows\system32\drivers\nwifi.sys
Attached Files
-
CheckSUR.log 35.79KB
265 downloads
-
Drivers.txt 93.63KB
284 downloads
Edited by BellSprout, 03 November 2017 - 08:10 PM.
#20
Posted 03 November 2017 - 08:27 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
CheckSUR log is just showing Avast errors so I'm not going to worry about it. I assume Avast is working OK? Tonight why don't you let it do a boot-time scan just to rule out any malware:
It takes like 6 hours so I usually let it run at night.
Click on the Avast ball. Then click on Protection, then on Antivirus, then on Other Scans then on Boot-time Scan. Click on Install Special Definitions. Click on Run on Next PC Reboot.
Reboot and let it run a scan. It may take hours.
Once it finishes it should load windows. Mute your speakers so it doesn't wake you up when Windows boots.
The drivers.txt file shows a lot of USB activity. What do you have plugged in to USB besides the mouse and keyboard?
When you reboot you will see the scan start. It will tell you where it saves its log. Usually it's C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location. This is a hidden location so you will need to tell Windows to let you see it:
http://www.howtogeek...-windows-vista/
Copy and paste the text from the log to a Reply when done.
Can I see another Process Explorer log?
Download BlueScreenView
http://www.nirsoft.n...creen_view.html
Double click on BlueScreenView.exe file to run the program.
When scanning is done, go Edit, Select All.
Go File, Save Selected Items, and save the report as BSOD.txt.
Open BSOD.txt in Notepad, copy all content, and paste it into your next reply.
1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
* System
4. Under 'Select type to list', select:
* Error
* Warning
Then use the 'Number of events' as follows:
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
Please post the Output log in your next reply then repeat but select Application. (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
#21
Posted 03 November 2017 - 08:41 PM
BellSprout
- Topic Starter
-
- Member
-
- 28 posts
Member
*Just wanted to say thanks for the hard work. You've been beasting it all day lol. Will go ahead and do the Avast scan.
The drivers.txt file shows a lot of USB activity. What do you have plugged in to USB besides the mouse and keyboard?
Lets see.
1. Mouse
2. Keyboard (takes up 2 USB ports)
3. Xbox 360 Aftershock Controller
4. Skully Candy Headset Transmitter
5. Logitech Webcam
Used to have a 1 to 2 usb connector ; disconnected it.
Process Explorer / BSOD / VEW (System) / Vew (Application) attached.
BSOD Results below.
==================================================
Dump File : 110317-7831-01.dmp
Crash Time : 2017/11/03 6:45:41 PM
Bug Check String : MULTIPLE_IRP_COMPLETE_REQUESTS
Bug Check Code : 0x00000044
Parameter 1 : fffff980`305ecee0
Parameter 2 : 00000000`00000346
Parameter 3 : 00000000`00000000
Parameter 4 : 00000000`00000000
Caused By Driver : fltmgr.sys
Caused By Address : fltmgr.sys+29000
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+70e00
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\110317-7831-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 407,976
Dump File Time : 2017/11/03 6:46:54 PM
==================================================
==================================================
Dump File : 110317-9391-01.dmp
Crash Time : 2017/11/03 4:27:35 PM
Bug Check String : MULTIPLE_IRP_COMPLETE_REQUESTS
Bug Check Code : 0x00000044
Parameter 1 : fffff980`25808ee0
Parameter 2 : 00000000`00000346
Parameter 3 : 00000000`00000000
Parameter 4 : 00000000`00000000
Caused By Driver : aswSP.sys
Caused By Address : aswSP.sys+c046
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+70e00
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\110317-9391-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 407,552
Dump File Time : 2017/11/03 4:28:04 PM
==================================================
==================================================
Dump File : 110317-8455-01.dmp
Crash Time : 2017/11/03 3:32:47 PM
Bug Check String : MULTIPLE_IRP_COMPLETE_REQUESTS
Bug Check Code : 0x00000044
Parameter 1 : fffff980`32bf6ee0
Parameter 2 : 00000000`00000346
Parameter 3 : 00000000`00000000
Parameter 4 : 00000000`00000000
Caused By Driver : aswSP.sys
Caused By Address : aswSP.sys+c046
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+70e00
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\110317-8455-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 407,520
Dump File Time : 2017/11/03 3:34:16 PM
==================================================
==================================================
Dump File : 110317-10233-01.dmp
Crash Time : 2017/11/03 3:02:08 PM
Bug Check String : NTFS_FILE_SYSTEM
Bug Check Code : 0x00000024
Parameter 1 : 00000000`001904fb
Parameter 2 : fffff880`05875958
Parameter 3 : fffff880`058751c0
Parameter 4 : fffff880`0146139c
Caused By Driver : Ntfs.sys
Caused By Address : Ntfs.sys+b39c
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+70e00
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\110317-10233-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 407,824
Dump File Time : 2017/11/03 3:02:36 PM
==================================================
==================================================
Dump File : 110217-10124-01.dmp
Crash Time : 2017/11/02 7:27:43 PM
Bug Check String : MULTIPLE_IRP_COMPLETE_REQUESTS
Bug Check Code : 0x00000044
Parameter 1 : fffff980`2f1b6ee0
Parameter 2 : 00000000`00000346
Parameter 3 : 00000000`00000000
Parameter 4 : 00000000`00000000
Caused By Driver : aswSP.sys
Caused By Address : aswSP.sys+c046
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+70e00
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\110217-10124-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 407,480
Dump File Time : 2017/11/02 7:28:12 PM
==================================================
==================================================
Dump File : 110217-9890-01.dmp
Crash Time : 2017/11/02 6:47:29 PM
Bug Check String : MULTIPLE_IRP_COMPLETE_REQUESTS
Bug Check Code : 0x00000044
Parameter 1 : fffff980`27d60ee0
Parameter 2 : 00000000`00000346
Parameter 3 : 00000000`00000000
Parameter 4 : 00000000`00000000
Caused By Driver : aswSP.sys
Caused By Address : aswSP.sys+c046
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+70e00
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\110217-9890-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 407,904
Dump File Time : 2017/11/02 6:47:59 PM
==================================================
==================================================
Dump File : 110117-5709-01.dmp
Crash Time : 2017/11/01 9:20:51 PM
Bug Check String : BAD_POOL_HEADER
Bug Check Code : 0x00000019
Parameter 1 : 00000000`00000021
Parameter 2 : fffffa80`0b01f000
Parameter 3 : 00000000`00004060
Parameter 4 : 00000000`00000000
Caused By Driver : farflt.sys
Caused By Address : farflt.sys+a980
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+70e00
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\110117-5709-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 407,880
Dump File Time : 2017/11/01 9:21:17 PM
==================================================
==================================================
Dump File : 073117-5257-01.dmp
Crash Time : 2017/07/31 5:37:14 PM
Bug Check String : BAD_POOL_HEADER
Bug Check Code : 0x00000019
Parameter 1 : 00000000`00000021
Parameter 2 : fffff900`c1f3d000
Parameter 3 : 00000000`00001240
Parameter 4 : 00000000`00000000
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+c7b91
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+70e40
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\073117-5257-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 407,720
Dump File Time : 2017/07/31 5:37:39 PM
==================================================
==================================================
Dump File : 061317-7815-01.dmp
Crash Time : 2017/06/13 5:47:55 PM
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x00000050
Parameter 1 : fffff8a0`a90e62a5
Parameter 2 : 00000000`00000000
Parameter 3 : fffff880`07b92d39
Parameter 4 : 00000000`00000005
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+6f4c0
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.23915 (win7sp1_ldr.170913-0600)
Processor : x64
Crash Address : ntoskrnl.exe+6f4c0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\061317-7815-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 407,744
Dump File Time : 2017/06/13 5:48:22 PM
==================================================
Attached Files
-
Process Explorer.TXT 10.89KB
273 downloads
-
BSOD.txt 16.73KB
274 downloads
-
VEW (system).txt 8.81KB
253 downloads
-
VEW (application).txt 17.61KB
296 downloads
Edited by BellSprout, 03 November 2017 - 08:43 PM.
#22
Posted 03 November 2017 - 09:40 PM
BellSprout
- Topic Starter
-
- Member
-
- 28 posts
Member
Avast just finished the boot time scan. Guess it helps to have an SSD.
Attached Files
-
aswBoot.txt 149bytes
264 downloads
#23
Posted 03 November 2017 - 09:52 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
Process Explorer log looks pretty good now. Is it any faster?
Your IRP error is probably caused by a driver but BSV shows several. See if whocrashed gives any more info: http://www.majorgeeks.com/files/details/whocrashed_free_home_edition.html Save it then right click and Run As admin.
Once it's up you will need to click on Analyze then scroll down to see what it says.
I am seeing:
Log: 'System' Date/Time: 04/11/2017 12:41:57 AM
Type: Error Category: 0
Event: 11 Source: atapi
The driver detected a controller error on \Device\Ide\IdePort0.
Usually a disk check will fix the problem but I'm not sure which disk this would be. Might even be an old DVD drive.
Figuring out which is which is a problem:
https://support.micr...n-event-message
If it is a drive then to run a disk check:
1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.
Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.
If in doubt, run the check on each drive.
Since the BSOD cause is skipping around and it doesn't appear to be heat related then the next most common problem is a memory chip going bad. Try running the memory test: https://www.howtogee...m-for-problems/
Bed time for me.
#24
Posted 03 November 2017 - 10:20 PM
BellSprout
- Topic Starter
-
- Member
-
- 28 posts
Member
Process Explorer log looks pretty good now. Is it any faster?
-Much faster than before.
Your IRP error is probably caused by a driver but BSV shows several. See if whocrashed gives any more info: http://www.majorgeeks.com/files/details/whocrashed_free_home_edition.html Save it then right click and Run As admin.
Once it's up you will need to click on Analyze then scroll down to see what it says.
-11 crash dumps have been found and analyzed. Only 5 are included in this report. 2 third party drivers have been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:
farflt.sys
aswsp.sys
If no updates for these drivers are available, try searching with Google on the names of these drivers in combination with the errors that have been reported for these drivers. Include the brand and model name of your computer as well in the query. This often yields interesting results from discussions on the web by users who have been experiencing similar problems.
Conclusion
11 crash dumps have been found and analyzed. Only 5 are included in this report. 2 third party drivers have been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:
farflt.sys
aswsp.sys
If no updates for these drivers are available, try searching with Google on the names of these drivers in combination with the errors that have been reported for these drivers. Include the brand and model name of your computer as well in the query. This often yields interesting results from discussions on the web by users who have been experiencing similar problems.
Read the topic general suggestions for troubleshooting system crashes for more information.
Note that it's not always possible to state with certainty whether a reported driver is responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.
--Memory Diagnostic Test--
-Came out negative. Memory is fine.
--Disk Check--
-Ran checks on both my C: and Y: drive.
I've currently uninstalled Avast after seeing the results from "WhoCrashed". Assuming Avast / Malwarebytes are conflicting somehow.
--Noticed that without any antivirus installed, my computer is pretty much back to normal. I tried using AVG when I uninstalled Avast, and Destiny 2 still ran slower. After uninstalling it though, my FPS finally returned to a consistent 60 FPS.
Edited by BellSprout, 04 November 2017 - 12:22 AM.
#25
Posted 04 November 2017 - 04:44 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
You might try Microsoft Security Essentials. Not the best A-V but better than going bare. Or perhaps Panda:
https://support.micr...ntials-download
https://www.pandasec...free-antivirus/
I use Avast & MBAM on my Win 7 and they don't have a problem. Make sure you have the latest version of MBAM. Have you checked with your PC or motherboard maker to see if you have the latest BIOS?
Let's see what alarms are still present:
Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
Reboot.
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
* System
4. Under 'Select type to list', select:
* Error
* Warning
Then use the 'Number of events' as follows:
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
Please post the Output log in your next reply then repeat but select Application. (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
#26
Posted 04 November 2017 - 09:39 AM
BellSprout
- Topic Starter
-
- Member
-
- 28 posts
Member
I use Avast & MBAM on my Win 7 and they don't have a problem. Make sure you have the latest version of MBAM. Have you checked with your PC or motherboard maker to see if you have the latest BIOS?
Pretty sure Avast / MBMA are updated. I've uninstalled / reinstalled both and made sure to check for updates. My BIOS is outdated and I've spent the last hour trying to MFLASH it properly. But having some USB detection issues when I try to update it. Will be working on it.
--Updated bios to the latest. Had some issues and had to clear CMOS (Thank god I had the Clear CMOS button). Will mess around in Destiny and see if it's stable.
-->Received more fps drops when running with Avast. After uninstalling, and using Bare Essentials, FPS maintained a more stable / playable FPS. Unsure why this happens.
VEW attachments added.
Attached Files
-
VEW (System).txt 2.63KB
247 downloads
-
Vew (Application).txt 1.93KB
325 downloads
Edited by BellSprout, 04 November 2017 - 11:03 AM.
#27
Posted 04 November 2017 - 01:56 PM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
I've got company this weekend so won't be on line until Sun PM
#28
Posted 04 November 2017 - 02:05 PM
BellSprout
- Topic Starter
-
- Member
-
- 28 posts
Member
I've got company this weekend so won't be on line until Sun PM
No worries. Go and enjoy the weekend lol.
-Did some testing with Avast. While using Procexp, I noticed that it uses up to 10.00-20.00 of the CPU when I start running Destiny 2. However, it eventually dipped down to a more reasonable CPU usage. I honestly think my latest FPS drops are probably due to Bungie at this point. The computer is running faster than before and I haven't had a blue screen. Will be leaving my computer on while I head out and see if it errors.
Edited by BellSprout, 04 November 2017 - 02:06 PM.
#29
Posted 04 November 2017 - 10:26 PM
BellSprout
- Topic Starter
-
- Member
-
- 28 posts
Member
Returned back. Had left my computer on for about 8 hours and no blue screen. Pretty much changed my computer from unusable to almost normal with your instructions, so very much appreciated. Don't know if you have any more advice or see anything else wrong with my computer. So if you see everything as okay, I'll go ahead and mark it solved.
--Nevermind, blue screened again. This time without saying the usual "Multiple IRP Complete Request" error.
---New Error. "Special Pool Detected Memory Corruption".
Edited by BellSprout, 04 November 2017 - 11:56 PM.
#30
Posted 05 November 2017 - 06:17 AM
RKinner
-
- Expert
-
- 24,625 posts
Malware Expert
Try
https://support.micr...rivers-for-adva
It has to start from an elevated command prompt. If I remember correctly it will reboot when it finds a bad driver.
Still have company so no time to read up on it.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
