Security Software:
Code:
sdwinsec.exe c:\program files (x86)\spybot - search & destroy\sdwinsec.exe 3680 8 200 1380 3/21/2012 10:01 AM 1.0.0.12 1.10 MB (1,153,368 bytes) 9/6/2011 9:26 AM
sascore64.exe c:\program files\superantispyware\sascore64.exe 1944 8 200 1380 3/21/2012 10:01 AM 1.0.0.1066 137.38 KB (140,672 bytes) 8/11/2011 7:38 PM
superantispyware.exe c:\program files\superantispyware\superantispyware.exe 4956 8 200 1380 3/21/2012 10:02 AM 5.0.0.1146 4.56 MB (4,785,536 bytes) 10/17/2011 1:18 PM
tmas_oemon.exe c:\program files\trend micro\internet security\tmas_oe\tmas_oemon.exe 700 8 200 1380 3/21/2012 10:02 AM 5.5.0.1434 822.76 KB (842,504 bytes) 10/5/2010 11:46 AM
Possible out of date drivers:
Code:
fssfltr fffff880`05485000 fffff880`05498000 Mon Dec 08 18:35:34 2008 (493dcb66) 0001017c fssfltr.sys
sncduvc fffff880`03be1000 fffff880`03be9a80 Mon Dec 29 02:14:26 2008 (495894f2) 0000cf1b sncduvc.SYS
sxuptp fffff880`0549a000 fffff880`054e4000 Thu May 07 22:13:37 2009 (4a03b171) 0004c2aa sxuptp.sys
ATK64AMD fffff880`0b78a000 fffff880`0b792000 Tue May 12 19:04:54 2009 (4a0a1cb6) 000096a6 ATK64AMD.sys
lirsgt fffff880`071f3000 fffff880`07200000 Sun May 17 07:06:57 2009 (4a100bf1) 0000f1b4 lirsgt.sys
atksgt fffff880`071a4000 fffff880`071f3000 Sun May 17 07:36:34 2009 (4a1012e2) 0004fc56 atksgt.sys
snp2uvc fffff880`03a18000 fffff880`03bcf600 Wed May 20 02:11:05 2009 (4a13bb19) 001ba50a snp2uvc.sys
fssfltr.sys
sncduvc.SYS
sxuptp.sys
ATK64AMD.sys
lirsgt.sys
atksgt.sys
snp2uvc.sys
Code:
-
Loading Dump File [D:\Kingston\BSODDmpFiles\rzantarra\Windows_NT6_BSOD_jcgriff2\032112-29468-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7601.17727.amd64fre.win7sp1_gdr.111118-2330
Machine Name:
Kernel base = 0xfffff800`03c60000 PsLoadedModuleList = 0xfffff800`03ea4650
Debug session time: Wed Mar 21 07:58:06.304 2012 (UTC - 6:00)
System Uptime: 0 days 0:00:34.334
Loading Kernel Symbols
...............................................................
................................................................
............................................
Loading User Symbols
Loading unloaded module list
.....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 1E, {ffffffffc0000005, fffff80000b99700, 0, 0}
Unable to load image \SystemRoot\system32\DRIVERS\NETw5s64.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for NETw5s64.sys
*** ERROR: Module load completed but symbols could not be loaded for NETw5s64.sys
Probably caused by : NETw5s64.sys ( NETw5s64+d686 )
Followup: MachineOwner
---------
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff80000b99700, The address that the exception occurred at
Arg3: 0000000000000000, Parameter 0 of the exception
Arg4: 0000000000000000, Parameter 1 of the exception
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
FAULTING_IP:
+3539316264643139
fffff800`00b99700 28a6b90000f8 sub byte ptr [rsi-7FFFF47h],ah
EXCEPTION_PARAMETER1: 0000000000000000
EXCEPTION_PARAMETER2: 0000000000000000
READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80003f0e100
0000000000000000
ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
BUGCHECK_STR: 0x1E_c0000005
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
PROCESS_NAME: System
CURRENT_IRQL: 2
EXCEPTION_RECORD: fffff80000b9a628 -- (.exr 0xfffff80000b9a628)
ExceptionAddress: fffff8800167664f (ndis!NdisMAllocateNetBufferSGList+0x000000000000000f)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000000
Parameter[1]: ffffffffffffffff
Attempt to read from address ffffffffffffffff
TRAP_FRAME: fffff80000b9a6d0 -- (.trap 0xfffff80000b9a6d0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=00790053005c002a
rdx=fffffa800c9ec3d0 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8800167664f rsp=fffff80000b9a860 rbp=0000000000000002
r8=fffffa8008bfa350 r9=0000000000000001 r10=fffff8a00b251000
r11=0000000000000002 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na po nc
ndis!NdisMAllocateNetBufferSGList+0xf:
fffff880`0167664f 4c8b5908 mov r11,qword ptr [rcx+8] ds:1d40:00790053`005c0032=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff80003d6797b to fffff80003cdcd40
STACK_TEXT:
fffff800`00b99648 fffff800`03d6797b : 00000000`0000001e ffffffff`c0000005 fffff800`00b99700 00000000`00000000 : nt!KeBugCheckEx
fffff800`00b99650 fffff800`03d2fe2c : fffff800`00b99708 fffff800`00000000 fffff800`00b99900 00000000`00000000 : nt!KipFatalFilter+0x1b
fffff800`00b99690 fffff800`03d07fec : fffff800`00b99ff0 fffff800`00b99ff8 00000000`00000000 00000001`00000001 : nt! ?? ::FNODOBFM::`string'+0x83d
fffff800`00b996d0 fffff800`03d07a6d : fffff800`03e229d0 fffff800`00b9bdc0 00000000`00000000 fffff800`03c60000 : nt!_C_specific_handler+0x8c
fffff800`00b99740 fffff800`03d06845 : fffff800`03e229d0 fffff800`00b997b8 fffff800`00b9a628 fffff800`03c60000 : nt!RtlpExecuteHandlerForException+0xd
fffff800`00b99770 fffff800`03d177c1 : fffff800`00b9a628 fffff800`00b99e80 fffff800`00000000 00000000`00000002 : nt!RtlDispatchException+0x415
fffff800`00b99e50 fffff800`03cdc3c2 : fffff800`00b9a628 00000000`00000000 fffff800`00b9a6d0 00000000`00000000 : nt!KiDispatchException+0x135
fffff800`00b9a4f0 fffff800`03cdacca : fffffa80`0c5e1d50 00000000`00000020 fffffa80`08885640 00000000`000007ff : nt!KiExceptionDispatch+0xc2
fffff800`00b9a6d0 fffff880`0167664f : fffffa80`07f09010 fffffa80`07ef2ca0 fffff880`04c6d6a0 fffff880`04dad5ad : nt!KiGeneralProtectionFault+0x10a
fffff800`00b9a860 fffff880`04a88686 : 00000000`00020007 fffffa80`07fcba30 fffffa80`08bfa350 fffff800`00b9a940 : ndis!NdisMAllocateNetBufferSGList+0xf
fffff800`00b9a900 00000000`00020007 : fffffa80`07fcba30 fffffa80`08bfa350 fffff800`00b9a940 00000000`00000000 : NETw5s64+0xd686
fffff800`00b9a908 fffffa80`07fcba30 : fffffa80`08bfa350 fffff800`00b9a940 00000000`00000000 00000000`00000100 : 0x20007
fffff800`00b9a910 fffffa80`08bfa350 : fffff800`00b9a940 00000000`00000000 00000000`00000100 fffff8a0`0b251000 : 0xfffffa80`07fcba30
fffff800`00b9a918 fffff800`00b9a940 : 00000000`00000000 00000000`00000100 fffff8a0`0b251000 fffff880`04a8cebd : 0xfffffa80`08bfa350
fffff800`00b9a920 00000000`00000000 : 00000000`00000100 fffff8a0`0b251000 fffff880`04a8cebd 00000000`00000000 : 0xfffff800`00b9a940
STACK_COMMAND: kb
FOLLOWUP_IP:
NETw5s64+d686
fffff880`04a88686 ?? ???
SYMBOL_STACK_INDEX: a
SYMBOL_NAME: NETw5s64+d686
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: NETw5s64
IMAGE_NAME: NETw5s64.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4c04085e
FAILURE_BUCKET_ID: X64_0x1E_c0000005_NETw5s64+d686
BUCKET_ID: X64_0x1E_c0000005_NETw5s64+d686
Followup: MachineOwner
---------
-
Loading Dump File [D:\Kingston\BSODDmpFiles\rzantarra\Windows_NT6_BSOD_jcgriff2\032112-18267-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7601.17727.amd64fre.win7sp1_gdr.111118-2330
Machine Name:
Kernel base = 0xfffff800`03c53000 PsLoadedModuleList = 0xfffff800`03e97650
Debug session time: Wed Mar 21 07:50:51.733 2012 (UTC - 6:00)
System Uptime: 0 days 0:00:21.748
Loading Kernel Symbols
...............................................................
........................................
Loading User Symbols
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck A, {40, 2, 1, fffff80003cde2a8}
Unable to load image \SystemRoot\system32\DRIVERS\iaStor.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for iaStor.sys
*** ERROR: Module load completed but symbols could not be loaded for iaStor.sys
Probably caused by : iaStor.sys ( iaStor+4a98d )
Followup: MachineOwner
---------
5: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000000000000040, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff80003cde2a8, address which referenced memory
Debugging Details:
------------------
WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff80003f01100
0000000000000040
CURRENT_IRQL: 2
FAULTING_IP:
nt!KiTryUnwaitThread+28
fffff800`03cde2a8 f0480fba6b4000 lock bts qword ptr [rbx+40h],0
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xA
PROCESS_NAME: System
TRAP_FRAME: fffff880032b06c0 -- (.trap 0xfffff880032b06c0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=fffff88003288180
rdx=fffffa80063fcb10 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80003cde2a8 rsp=fffff880032b0850 rbp=0000000000000002
r8=0000000000000100 r9=0000000000000000 r10=fffffa80063fcb10
r11=fffff880032b0950 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
nt!KiTryUnwaitThread+0x28:
fffff800`03cde2a8 f0480fba6b4000 lock bts qword ptr [rbx+40h],0 ds:00000000`00000040=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff80003ccf2e9 to fffff80003ccfd40
STACK_TEXT:
fffff880`032b0578 fffff800`03ccf2e9 : 00000000`0000000a 00000000`00000040 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
fffff880`032b0580 fffff800`03ccdf60 : 00000000`00000000 fffffa80`06626530 fffffa80`06620790 00000000`00000000 : nt!KiBugCheckDispatch+0x69
fffff880`032b06c0 fffff800`03cde2a8 : fffffa80`00000000 00000000`00000000 fffffa80`063dcd80 fffff880`0107061b : nt!KiPageFault+0x260
fffff880`032b0850 fffff800`03cd4788 : fffffa80`063dcb08 00000000`00000002 00000000`00000000 fffff880`03288180 : nt!KiTryUnwaitThread+0x28
fffff880`032b08b0 fffff880`0106498d : fffffa80`00000000 00000000`00000000 00000000`00000000 fffffa80`063dcad0 : nt!KeSetEvent+0x446
fffff880`032b0920 fffffa80`00000000 : 00000000`00000000 00000000`00000000 fffffa80`063dcad0 00000000`00000001 : iaStor+0x4a98d
fffff880`032b0928 00000000`00000000 : 00000000`00000000 fffffa80`063dcad0 00000000`00000001 fffff880`010656ac : 0xfffffa80`00000000
STACK_COMMAND: kb
FOLLOWUP_IP:
iaStor+4a98d
fffff880`0106498d ?? ???
SYMBOL_STACK_INDEX: 5
SYMBOL_NAME: iaStor+4a98d
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: iaStor
IMAGE_NAME: iaStor.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4a7c1cc9
FAILURE_BUCKET_ID: X64_0xA_iaStor+4a98d
BUCKET_ID: X64_0xA_iaStor+4a98d
Followup: MachineOwner
---------
- Caused by NETw5s64.sys
- Due to the Intel storage controller driver...
I see a couple problems on your system:- Your intel drivers seem to be in disarray or corrupted. Intel® Driver Update Utility
Code:
Event[433]:
Log Name: Application
Source: Application Error
Date: 2012-03-19T23:39:43.000
Event ID: 1000
Task: Application Crashing Events
Level: Error
Opcode: Info
Keyword: Classic
User: N/A
User Name: N/A
Computer: Prime
Description:
Faulting application name: sysinfo.exe, version: 2.43.0.1419, time stamp: 0x2a425e19
Faulting module name: rtl70.bpl, version: 7.0.4.453, time stamp: 0x2a425e19
Exception code: 0xc0000005
Fault offset: 0x000068e8
Faulting process id: 0x2e0
Faulting application start time: 0x01cd064324003ff8
Faulting application path: C:\Program Files (x86)\Glary Utilities\sysinfo.exe
Faulting module path: C:\Program Files (x86)\Glary Utilities\rtl70.bpl
Report Id: 541fe5df-723e-11e1-8f28-20cf30697291
Are you using automated optimization utilities on your system? Glary Utilities - Free Utilities to Clean Registry, Fix PC Errors, Clean Privacy
Many of us on the forums actually do not recommend automated optimization tools for Windows 7. Windows 7 does a much better job of handling its own optimization than its predecessors did. We especially do not recommend registry cleaning as an "optimization" step because automated registry cleaning causes more harm to the registry than it actually repairs.
In the future, if you need help optimizing Windows 7, please post a thread in Performance & Maintenance - Windows 7 Forums or follow the tutorial enclosed in that forum to Optimize Windows 7.