Hi daan16,
it seems that Teefer.sys causes your BSODs it belongs to software Sygate Personal Firewall or Sygate Teefer Driver or Sygate Personal Firewall Pro by Sygate Technologies (
www.sygate.com).
Try to look for a newer version of this Sysgate product or at least newer version of Teefer.sys driver.
Provided dumps were only minidumps from which Im not able to read Teefer version.
Output from windbg :
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: b9d7e91b, The address that the exception occurred at
Arg3: a3d72c58, Exception Record Address
Arg4: a3d72954, Context Record Address
Debugging Details:
------------------
KEY_VALUES_STRING: 1
STACKHASH_ANALYSIS: 1
TIMELINE_ANALYSIS: 1
DUMP_CLASS: 1
DUMP_QUALIFIER: 400
BUILD_VERSION_STRING: 2600.xpsp_sp3_qfe.130704-0421
SYSTEM_MANUFACTURER: System manufacturer
SYSTEM_PRODUCT_NAME: System Product Name
SYSTEM_SKU: To Be Filled By O.E.M.
SYSTEM_VERSION: System Version
BIOS_VENDOR: American Megatrends Inc.
BIOS_VERSION: 1101
BIOS_DATE: 03/16/2012
BASEBOARD_MANUFACTURER: ASUSTeK Computer INC.
BASEBOARD_PRODUCT: M5A87
BASEBOARD_VERSION: Rev X.0x
DUMP_TYPE: 2
BUGCHECK_P1: ffffffffc0000005
BUGCHECK_P2: ffffffffb9d7e91b
BUGCHECK_P3: ffffffffa3d72c58
BUGCHECK_P4: ffffffffa3d72954
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
FAULTING_IP:
NDIS!ndisMSendX+153
b9d7e91b 897708 mov dword ptr [edi+8],esi
EXCEPTION_RECORD: a3d72c58 -- (.exr 0xffffffffa3d72c58)
ExceptionAddress: b9d7e91b (NDIS!ndisMSendX+0x00000153)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 00000001
Parameter[1]: 00000008
Attempt to write to address 00000008
CONTEXT: a3d72954 -- (.cxr 0xffffffffa3d72954)
eax=00000000 ebx=8ab86618 ecx=00000002 edx=89a19008 esi=89a19008 edi=00000000
eip=b9d7e91b esp=a3d72d20 ebp=a3d72d34 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246
NDIS!ndisMSendX+0x153:
b9d7e91b 897708 mov dword ptr [edi+8],esi ds:0023:00000008=?
?
Resetting default scope
CPU_COUNT: 4
CPU_MHZ: e0f
CPU_VENDOR: AuthenticAMD
CPU_FAMILY: 15
CPU_MODEL: 1
CPU_STEPPING: 2
CUSTOMER_CRASH_COUNT: 3
PROCESS_NAME: SYSTEM
FOLLOWUP_IP:
Teefer+ad39
b9d23d39 ??
BUGCHECK_STR: 0x7E
WRITE_ADDRESS: Target machine operating system not supported
00000008
DEFAULT_BUCKET_ID: NULL_CLASS_PTR_DEREFERENCE
ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s.
EXCEPTION_CODE_STR: c0000005
EXCEPTION_PARAMETER1: 00000001
EXCEPTION_PARAMETER2: 00000008
ANALYSIS_SESSION_HOST: BRQA-003561
ANALYSIS_SESSION_TIME: 10-17-2018 09:03:48.0263
ANALYSIS_VERSION: 10.0.17763.1 x86fre
LAST_CONTROL_TRANSFER: from b9d23d39 to b9d7e91b
STACK_TEXT:
a3d72d34 b9d23d39 89a19008 895e5f30 b9d31b20 NDIS!ndisMSendX+0x153
WARNING: Stack unwind information not available. Following frames may be wrong.
a3d72d74 b9d23e33 895e5f30 8ae34000 00000139 Teefer+0xad39
a3d72dac 805cffee 8ae54000 00000000 00000000 Teefer+0xae33
a3d72ddc 8054620e b9d23d70 8ae54000 00000000 nt!PspSystemThreadStartup+0x34
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16
THREAD_SHA1_HASH_MOD_FUNC: ef2d5ecefd8974914f8f2c1fe86c6a02a393dc01
THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 1b1b681a870bf301ec513ebf1b8e55e9bca17bb8
THREAD_SHA1_HASH_MOD: e3fb8f4c586f7852035a4d20e600b2da49db12a1
SYMBOL_STACK_INDEX: 1
SYMBOL_NAME: Teefer+ad39
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: Teefer
IMAGE_NAME: Teefer.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4170768c
STACK_COMMAND: .cxr 0xffffffffa3d72954 ; kb
FAILURE_BUCKET_ID: 0x7E_Teefer+ad39
BUCKET_ID: 0x7E_Teefer+ad39
PRIMARY_PROBLEM_CLASS: 0x7E_Teefer+ad39
TARGET_TIME: 2018-10-14T16:43:44.000Z
OSBUILD: 2600
OSSERVICEPACK: 3000
SERVICEPACK_NUMBER: 3
OS_REVISION: 0
SUITE_MASK: 272
PRODUCT_TYPE: 1
OSPLATFORM_TYPE: x86
OSNAME: Windows XP
OSEDITION: Windows XP WinNt (Service Pack 3) TerminalServer SingleUserTS
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: 2013-07-04 04:08:15
BUILDOSVER_STR: 5.1.2600.xpsp_sp3_qfe.130704-0421
ANALYSIS_SESSION_ELAPSED_TIME: 136
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0x7e_teefer+ad39
FAILURE_ID_HASH: {8bb34e79-b559-53d8-6b83-afe8a00b3ef2}
Followup: MachineOwner
---------
Have a nice day !