My error

[symbolum]

Thanks for your help

 

[yowanvista]

BSODs seemed to be caused by your AVG security software, please remove it and install MSE

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000007E, {c0000005, 82ce7cbd, 8af27b50, 8af27730}

Probably caused by : ntkrpamp.exe ( nt!RtlImageNtHeaderEx+4a )


SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003.  This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG.  This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG.  This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 82ce7cbd, The address that the exception occurred at
Arg3: 8af27b50, Exception Record Address
Arg4: 8af27730, Context Record Address

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
nt!RtlImageNtHeaderEx+4a
82ce7cbd 663902          cmp     word ptr [edx],ax

EXCEPTION_RECORD:  8af27b50 -- (.exr 0xffffffff8af27b50)
ExceptionAddress: 82ce7cbd (nt!RtlImageNtHeaderEx+0x0000004a)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 00000000
   Parameter[1]: 7ffa0000
Attempt to read from address 7ffa0000

CONTEXT:  8af27730 -- (.cxr 0xffffffff8af27730)
eax=00005a4d ebx=85ab5bec ecx=00000000 edx=7ffa0000 esi=00000000 edi=8af27c2c
eip=82ce7cbd esp=8af27c18 ebp=8af27c18 iopl=0         nv up ei pl zr na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010246
nt!RtlImageNtHeaderEx+0x4a:
82ce7cbd 663902          cmp     word ptr [edx],ax        ds:0023:7ffa0000=????
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  AVGIDSMonitor.

CURRENT_IRQL:  0

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1:  00000000

EXCEPTION_PARAMETER2:  7ffa0000

READ_ADDRESS: GetPointerFromAddress: unable to read from 82db0718
Unable to read MiSystemVaType memory at 82d901a0
 7ffa0000 

FOLLOWUP_IP: 
nt!RtlImageNtHeaderEx+4a
82ce7cbd 663902          cmp     word ptr [edx],ax

BUGCHECK_STR:  0x7E

LAST_CONTROL_TRANSFER:  from 82ceea54 to 82ce7cbd

STACK_TEXT:  
8af27c18 82ceea54 00000000 00000000 85ab5bb8 nt!RtlImageNtHeaderEx+0x4a
8af27c50 82c8263d 00000000 8af27cc8 00000018 nt!RtlImageNtHeader+0x1a
8af27d00 82cc3aab 800012c4 00000000 852cf798 nt!ZwOpenProcess+0x11
8af27d50 82e4ff5e 00000001 abd0dee9 00000000 nt!ExpWorkerThread+0x10d
8af27d90 82cf7219 82cc399e 00000001 00000000 nt!PspSystemThreadStartup+0x9e
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19


SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!RtlImageNtHeaderEx+4a

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrpamp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4ce78a09

STACK_COMMAND:  .cxr 0xffffffff8af27730 ; kb

FAILURE_BUCKET_ID:  0x7E_nt!RtlImageNtHeaderEx+4a

BUCKET_ID:  0x7E_nt!RtlImageNtHeaderEx+4a

Followup: MachineOwner
---------

 

[symbolum]

I did unistall avg and install avast but during scan it crash again

 

[yowanvista]

I did unistall avg and install avast but during scan it crash again

Please install MSE, other AVs tend to cause BSODs in Win7.
If crashes still occur with MSE upload the latest dump files

 

[symbolum]

S.O. continue to crash also without any AV installed: pls help me, i dont want format thanks.

Firma problema:
Nome evento problema: BlueScreen
Versione SO: 6.1.7601.2.1.0.256.1
ID impostazioni locali: 1040

Ulteriori informazioni sul problema:
BCCode: 1000008e
BCP1: C0000005
BCP2: 82E37F3E
BCP3: ACC17864
BCP4: 00000000
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1

File che contribuiscono alla descrizione del problema:
C:\Windows\Minidump\032211-54927-01.dmp
C:\Users\toni\AppData\Local\Temp\WER-118342-0.sysdata.xml

Leggere l'informativa sulla privacy online:
Windows 7 Privacy Statement - Microsoft Windows

Se l'informativa sulla privacy online non è disponibile, leggere quella offline:
C:\Windows\system32\it-IT\erofflps.txt

 

[yowanvista]

I narrowed the issue to sptd.sys

Please remove any CD virtualization programs such as Daemon Tools and Alcohol 120%. They use a driver, found in your dmp, sptd.sys, that caused BSODs. Use this SPTD uninstaller when you're done: DuplexSecure - Downloads
You can use MagicDisc as an alternative.

You should also remove a software known as Y'z Shadow since it was involved in most crsahes

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck A, {ac007a10, 2, 1, 82c758dc}
[COLOR=Red]
[/COLOR]Unable to load image \SystemRoot\System32\Drivers\[B][COLOR=Red]sptd.sys[/COLOR][/B], Win32 error 0n2
*** WARNING: Unable to verify timestamp for [B][COLOR=Red]sptd.sys[/COLOR][/B]
*** ERROR: Module load completed but symbols could not be loaded for [B][COLOR=Red]sptd.sys[/COLOR][/B]
Probably caused by : ataport.SYS ( ataport!IdepFreeSenseBuffer+24 )
**************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: ac007a10, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000001, bitfield :
    bit 0 : value 0 = read operation, 1 = write operation
    bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: 82c758dc, address which referenced memory

Debugging Details:
------------------


WRITE_ADDRESS: GetPointerFromAddress: unable to read from 82da6718
Unable to read MiSystemVaType memory at 82d861a0
 ac007a10 

CURRENT_IRQL:  2

FAULTING_IP: 
nt!memcpy+11c
82c758dc 89448ff0        mov     dword ptr [edi+ecx*4-10h],eax

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0xA

PROCESS_NAME:  YzShadow.exe

TRAP_FRAME:  8078ad9c -- (.trap 0xffffffff8078ad9c)
ErrCode = 00000002
eax=4f000000 ebx=85f9a0e8 ecx=00000004 edx=00000002 esi=85fc4000 edi=ac007a10
eip=82c758dc esp=8078ae10 ebp=8078ae18 iopl=0         nv up ei ng nz ac pe cy
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010297
nt!memcpy+0x11c:
82c758dc 89448ff0        mov     dword ptr [edi+ecx*4-10h],eax ds:0023:ac007a10=????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from 82c758dc to 82c7d5cb

STACK_TEXT:  
8078ad9c 82c758dc badb0d00 00000002 88827030 nt!KiTrap0E+0x2cf
8078ae18 836f1a98 ac007a10 85fc4000 00000012 nt!memcpy+0x11c
8078ae30 836fa258 852c10e0 854d5698 854d5698 ataport!IdepFreeSenseBuffer+0x24
8078aea8 836fa677 852c10e0 854d5698 85289008 ataport!IdeProcessCompletedRequests+0x84
8078aefc 834a5894 852c109c 852c1028 00000000 ataport!IdePortCompletionDpc+0xab
WARNING: Stack unwind information not available. Following frames may be wrong.
8078af48 82cb41b5 852c109c 852c1028 00000000 sptd+0x11894
8078afa4 82cb4018 82d67d20 b3aa3630 00000000 nt!KiExecuteAllDpcs+0xf9
8078aff4 82cb37dc b1d4eb80 00000000 00000000 nt!KiRetireDpcList+0xd5
8078aff8 b1d4eb80 00000000 00000000 00000000 nt!KiDispatchInterrupt+0x2c
82cb37dc 00000000 0000001a 00d6850f bb830000 0xb1d4eb80


STACK_COMMAND:  kb

FOLLOWUP_IP: 
ataport!IdepFreeSenseBuffer+24
836f1a98 83c40c          add     esp,0Ch

SYMBOL_STACK_INDEX:  2

SYMBOL_NAME:  ataport!IdepFreeSenseBuffer+24

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: ataport

IMAGE_NAME:  ataport.SYS

DEBUG_FLR_IMAGE_TIMESTAMP:  4ce788e8

FAILURE_BUCKET_ID:  0xA_ataport!IdepFreeSenseBuffer+24

BUCKET_ID:  0xA_ataport!IdepFreeSenseBuffer+24

Followup: MachineOwner
---------