Hello,
I'm French so sorry for my communication,
My new computer with Vista 64 meet recently some reboot problems. I installed recently special software :
Virtual PC, VMWare, Daemon Tools, NCP Secure Client (a VPN client), kaspersky internet security is always my security program for a long time (avp.exe on the dump...)
There are 9 dump files but it is almost the same.
I need all the programs I talked about, so I ask you to have the culprit.
Thanks for helping. If you need more informations I will bring it.
Edit : I uninstalled and reinstalled Kaspersky, no more BSOD yet... Strange, I hope it will stay good.
I'm French so sorry for my communication,
My new computer with Vista 64 meet recently some reboot problems. I installed recently special software :
Virtual PC, VMWare, Daemon Tools, NCP Secure Client (a VPN client), kaspersky internet security is always my security program for a long time (avp.exe on the dump...)
There are 9 dump files but it is almost the same.
One of them (by windbg) said:*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck D1, {3b8, 2, 0, fffffa6000faa09f}
Unable to load image \SystemRoot\system32\DRIVERS\ncplelhp.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ncplelhp.sys
*** ERROR: Module load completed but symbols could not be loaded for ncplelhp.sys
Probably caused by : ncplelhp.sys ( ncplelhp+15872 )
Followup: MachineOwner
---------
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: 00000000000003b8, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, value 0 = read operation, 1 = write operation
Arg4: fffffa6000faa09f, address which referenced memory
Debugging Details:
------------------
READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002683080
00000000000003b8
CURRENT_IRQL: 2
FAULTING_IP:
ndis!ndisMSendCompleteNetBufferListsInternal+8f
fffffa60`00faa09f 488b8fb8030000 mov rcx,qword ptr [rdi+3B8h]
CUSTOMER_CRASH_COUNT: 6
DEFAULT_BUCKET_ID: COMMON_SYSTEM_FAULT
BUGCHECK_STR: 0xD1
PROCESS_NAME: avp.exe
TRAP_FRAME: fffffa6005978a00 -- (.trap 0xfffffa6005978a00)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffffa6000e5e110 rbx=0000000000000000 rcx=fffffa6000f670e0
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffffa6000faa09f rsp=fffffa6005978b90 rbp=0000000000000000
r8=0000000000000000 r9=0000000000000000 r10=fffffa8005014cb0
r11=0000000000000002 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
ndis!ndisMSendCompleteNetBufferListsInternal+0x8f:
fffffa60`00faa09f 488b8fb8030000 mov rcx,qword ptr [rdi+3B8h] ds:d6a0:00000000`000003b8=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff800024af0ee to fffff800024af350
STACK_TEXT:
fffffa60`059788b8 fffff800`024af0ee : 00000000`0000000a 00000000`000003b8 00000000`00000002 00000000`00000000 : nt!KeBugCheckEx
fffffa60`059788c0 fffff800`024adfcb : 00000000`00000000 fffff800`024b1e75 00000000`00000000 fffffa80`041931a0 : nt!KiBugCheckDispatch+0x6e
fffffa60`05978a00 fffffa60`00faa09f : fffffa80`04c9a0ac fffffa60`02a51798 fffffa80`04e458f4 fffffa80`04e2dc04 : nt!KiPageFault+0x20b
fffffa60`05978b90 fffffa60`00faa1ac : fffffa80`041931a0 00000000`00000000 fffffa80`041931a0 fffffa60`00cdb817 : ndis!ndisMSendCompleteNetBufferListsInternal+0x8f
fffffa60`05978c00 fffffa60`02a4b872 : fffffa80`041931a0 00000000`00000000 fffffa80`037bd6a0 00000000`00000000 : ndis!NdisMSendNetBufferListsComplete+0x7c
fffffa60`05978c40 fffffa80`041931a0 : 00000000`00000000 fffffa80`037bd6a0 00000000`00000000 00000000`00000000 : ncplelhp+0x15872
fffffa60`05978c48 00000000`00000000 : fffffa80`037bd6a0 00000000`00000000 00000000`00000000 fffffa60`02a4a200 : 0xfffffa80`041931a0
STACK_COMMAND: kb
FOLLOWUP_IP:
ncplelhp+15872
fffffa60`02a4b872 ?? ???
SYMBOL_STACK_INDEX: 5
SYMBOL_NAME: ncplelhp+15872
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: ncplelhp
IMAGE_NAME: ncplelhp.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 491848a3
FAILURE_BUCKET_ID: X64_0xD1_ncplelhp+15872
BUCKET_ID: X64_0xD1_ncplelhp+15872
Followup: MachineOwner
---------
I need all the programs I talked about, so I ask you to have the culprit.
Thanks for helping. If you need more informations I will bring it.
Edit : I uninstalled and reinstalled Kaspersky, no more BSOD yet... Strange, I hope it will stay good.