Category Archives: Windows Vista

Microsoft, SBS 2008, Service Pack 2, Service Pack 2, Service Pack 2, Service Pack 2, Small Business Server 2008, Windows, Windows Server 2008, Windows Vista

Ntfs.sys – Pre Service Pack 3 Revision History for Windows Server 2008 SP2, Windows Vista SP2 and Windows Small Business Server 2008 (SBS 2008)

Ntfs.sys – Pre Service Pack 3 Revision History for Windows Server 2008 SP2, Windows Vista SP2 and Windows Small Business Server 2008 (SBS 2008)

04-Apr-2012 – 6.0.6002.22833 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/2698155 – An application does not read or access a file correctly in Windows Server 2008 R2, Windows Server 2008, Windows 7, or Windows Vista

03-Mar-2013 – 6.0.6002.23070 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/2840149 – MS13-036: Description of the security update for the Windows file system kernel-mode driver (ntfs.sys): April 9, 2013

03-Mar-2013 – 6.0.6002.18799 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/2840149 – MS13-036: Description of the security update for the Windows file system kernel-mode driver (ntfs.sys): April 9, 2013

05-Apr-2012 – 6.0.6002.22833 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/2698155 – On-demand antivirus scans do not work as expected in Windows Vista, in Windows 7, in Windows Server 2008, or in Windows Server 2008 R2

05-Mar-2012 – 6.0.6002.22811 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/967351 – A heavily fragmented file in an NTFS volume may not grow beyond a certain size

27-Feb-2012 – 6.0.6002.22804 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/2673320 – Computer stops responding when you perform a file operation on a directory in Windows Vista SP2 or in Windows Server 2008 SP2

24-May-2011 – 6.0.6002.22650 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/2550862 – FSExtend tool fails to extend a LUN in Windows Server 2008

28-Apr-2011 – 6.0.6002.22632 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/2535094 – Server stops responding when you lock or unlock files on a network by using the SMB2 protocol in Windows Vista or in Windows Server 2008

18-Mar-2011 – 6.0.6002.22616 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/2525064 – Ntfs.sys driver takes a long time to mount a large volume in Windows Vista or in Windows Server 2008

10-Dec-2010 – 6.0.6002.22544 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/2471430 – You cannot restore large files in the NTFS file system when all the data streams that have sparse attributes are deleted in Windows Server 2008 or in Windows Vista

13-Sep-2010 – 6.0.6002.22486 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/980382 – The computer stops responding when you rename a folder in Windows Server 2008, in Windows Vista, in Windows 7 and in Windows Server 2008 R2

07-Jul-2010 – 6.0.6002.22441 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/981891 – Disk Manager reports incorrect disk usage a while after the operating system starts in Windows Server 2008 or in Windows Vista

19-Mar-2010 – 6.0.6002.22368 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/981166 – Some data is corrupted when cached and noncached I/O operations occur by using the same NTFS file handle

11-Mar-2010 – 6.0.6002.22360 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/976538 – File corruption may occur if you run a program that uses a file system filter driver in Windows 7, Windows Server 2008 R2, Windows Vista, or Windows Server 2008

08-Dec-2009 – 6.0.6002.22283 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/977675 – A computer that is running Windows Vista or Windows Server 2008 stops responding at a black screen early in the startup process

14-Oct-2009 – 6.0.6002.22245 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/975663 – Stop error message on a computer that is running Windows Server 2008 SP2 or Windows Vista SP2: “0x00000024 NTFS_FILE_SYSTEM”

17-Aug-2009 – 6.0.6002.22201 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/974646/EN-US – A computer that is running Windows Server 2008 SP2 or Windows Vista SP2 stops responding when an application uses the NTFS sparse files

14-Aug-2009 – 6.0.6002.22200 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/974127 – An ERROR_ACCESS_DENIED error is returned in Windows Server 2003, in Windows Vista, or in Windows Server 2008 when you call the DeviceIoControl function together with the FSCTL_LOCK_VOLUME control code

15-Jun-2009 – 6.0.6002.22152 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/972135 – Backups fail and Event ID 12293 is logged on a computer that is running Windows Vista or Windows Server 2008

19-May-2009 – 6.0.6002.22138 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/971279 – The first attempt to eject a removable cartridge disk drive fails on a computer that is running Windows Vista or Windows Server 2008

18-May-2009 – 6.0.6002.22138 – Ntfs.sys – x86/x64 – http://support.microsoft.com/kb/965497 – You receive the Stop error 0x00000050 and then the computer restarts automatically if the OpenFileById function opens a folder and then the handle returned is used to rename files on a computer that is running Windows Server 2008 or Windows Vista

Microsoft, SBS 2008, Service Pack 2, Service Pack 2, Service Pack 2, Service Pack 2, Small Business Server 2008, Windows, Windows Server 2008, Windows Vista

Netio.sys – Pre Service Pack 3 Revision History for Windows Server 2008 SP2, Windows Vista SP2 and Windows Small Business Server 2008 (SBS 2008)

Netio.sys – Pre Service Pack 3 Revision History for Windows Server 2008 SP2, Windows Vista SP2 and Windows Small Business Server 2008 (SBS 2008)

11-May-2012 – 6.0.6002.22856 – Netio.sys – x86/x64 – http://support.microsoft.com/kb/2712746 – “0x00000019” Stop error when you run an SNMP application on a computer that is running Windows Vista or Windows Server 2008

12-Jan-2012 – 6.0.6002.22776 – Netio.sys – x86/x64 – http://support.microsoft.com/kb/2664888 – Computer stops responding when you run an application that uses the Windows Filtering Platform API in Windows 7, Windows Server 2008 R2, Windows Server 2008, or Windows Vista

05-Apr-2010 – 6.0.6002.22377 – Netio.sys – x86/x64 – http://support.microsoft.com/kb/981889 – A Windows Filtering Platform (WFP) driver hotfix rollup package is available for Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2

22-Mar-2010 – 6.0.6002.22369 – Netio.sys – x86/x64 – http://support.microsoft.com/kb/979223 – A nonpaged pool memory leak occurs when you use a WFP callout driver in Windows Vista, Windows 7, Windows Server 2008, or in Windows Server 2008 R2

23-Oct-2009 – 6.0.6002.22250 – Netio.sys – x86/x64 – http://support.microsoft.com/kb/976759 – WFP drivers may cause a failure to disconnect the RDP connection to a multiprocessor computer that is running Windows Vista, Windows Server 2008, windows 7 or Windows Server 2008 R2

11.4.2, 11.4.2, 11.4.2, 11.4.2, 11.4.2, 11.4.2, 11.4.2, 11.4.2, 11.4.2, 11.4.2, 11.5.1, 11.5.1, 11.5.1, 11.5.1, 11.5.1, 11.5.1, 11.5.1, 11.5.1, 11.5.1, 11.5.1, 11.5.1, 11.5.2, 11.5.2, 11.5.2, 11.5.2, 11.5.2, 11.5.2, 11.5.2, 11.5.2, 11.5.2, 11.5.2, 11.5.2, 21, 22, 23, 330, 505, 510, 520, 530, 810, 820, 830, CSP1, CSP1, CSP1, CSP1, CSP1, CSP1, CSP1, CSP1, CSP1, CSP1, CSP1, CSP1, CSP1, CSP1, CSP2, CSP2, CSP2, CSP2, CSP2, CSP2, CSP2, CSP2, CSP2, CSP2, CSP2, CSP2, CSP2, CSP2, CSP3, CSP3, CSP3, CSP3, CSP3, CSP3, CSP3, CSP3, CSP3, CSP3, CSP3, CSP3, CSP3, CSP3, CSP4, CSP4, CSP4, CSP4, CSP4, CSP4, CSP4, CSP4, CSP4, CSP4, CSP4, CSP4, CSP4, CSP4, CSP5, CSP5, CSP5, CSP5, CSP5, CSP5, CSP5, CSP6, CSP6, CSP6, CSP6, CSP6, CSP6, CSP6, CSP7, CSP7, CSP7, CSP7, CSP7, CSP7, CSP7, CSP8, CSP8, CSP8, CSP8, CSP8, CSP8, CSP8, CSP9, CSP9, CSP9, CSP9, CSP9, CSP9, CSP9, CSP9, CSP9, CSP9, FireBox, Internet Explorer, Internet Explorer 8, Internet Explorer 9, Microsoft, SBS 2003, SBS 2008, SBS 2011, Service Pack 1, Service Pack 1, Service Pack 1, Service Pack 1, Service Pack 1, Service Pack 1, Service Pack 1, Service Pack 1, Service Pack 2, Service Pack 2, Service Pack 2, Service Pack 2, Service Pack 3, Service Pack 3, Small Business Server 2003, Small Business Server 2008, Small Business Server 2011, System Manager, Watchguard, Windows, Windows 2000, Windows 7, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Vista, Windows XP, WSM, XP Mode, XTM

Watchguard XTM Firewall and UTM Appliance – High CPU Usage in the GAV (gateway anti-virus) scand process causes lag and typing delay in Remote Desktop Sessions (RDP) and SIP or VoIP latency issues

Watchguard XTM Firewall and UTM Appliance – High CPU Usage in scand process causes lag and typing delay in Remote Desktop Sessions (RDP).  You may find that remote users report a lag with Remote Desktop Sessions, freezing sessions, black screen and random disconnections.  At around the same time users report these issues you may find that the CPU usage of the scand process on your Watchguard has increased to 100% and the majority of the activity is attributed to the scand process.  You may be able to recreate this issue by browsing websites that utilise lots of Adobe Flash or Media Content as GAV will need to scan all these elements of the web page.  Login to the Watchguard System Manager and then open Firebox System Manager click on Status Report and scroll down the report until you find the Process List (Screenshot Below).  This information will automatically update every 30 seconds so you can see the %CPU column will change and update every 30 seconds.  The top value system shows the overall CPU utilisation and if you look further down you can see which sub processes are actually occupying the CPU time and making up the overall system usage.  In the screenshot below we can see that system is showing 100 % CPU Usage and then further down we can see that the scand process is accounting for 90.99% of this.  When the CPU Usage reaches 100% on the Watchguard unit it may stop forwarding other traffic and this accounts for the lag and jitter we see within the Remote Desktop Session.  Other time sensitive traffic such as VoIP or SIP traffic may also be affected by this issue as the packets are delayed whilst the Firewall recovers from the resource exhaustion.  Users may also report that web pages are slow to load at the time these issues occur where the GAV process is still dealing with the other requests.

Resolution/Workaround:

You can try disabling the GAV (gateway antivirus) for the HTTP and FTP Proxy to ensure that this is the actual cause of your issues, if the problem subsides then you may need to consider updating the XTM OS to the latest release i.e. 11.5.2 and/or adjusting the GAV policy so that it does not scan some content i.e. Images/Text within websites.  You may also need to consider opening a support case with Watchguard to make them aware of this issue, if you have a large number of users then you may even need to consider upgrading your XTM appliance to a larger unit i.e. XTM 23 to XTM 505 or XTM 22 to XTM330 to provide additional processing power (CPU) and system resources to cope with the additional anti-virus scanning requirements.

Watchguard XTM High CPU Usage scand
Watchguard XTM High CPU Usage scand
Microsoft, SBS 2008, SBS 2011, Service Pack 1, Service Pack 1, Service Pack 1, Service Pack 1, Service Pack 2, Service Pack 2, Service Pack 2, Service Pack 2, Small Business Server 2008, Small Business Server 2011, Windows, Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Vista

[RESOLVED] 32 Bit Application or Game with the /LARGEADDRESSAWARE option running on a 64 Bit Version of Windows Vista, Windows Server 2008, Windows SBS 2008, Windows 7, Windows Server 2008 R2 or Windows SBS 2011 may generate an error message

When you run a 32 Bit Application or Game with the /LARGEADDRESSAWARE option on a 64 Bit Version of Windows you may receive one of the following errors

  • WSANO_DATA
  • ERROR_NO_DATA (232)
  • ERROR_NOACCESS (998)

These errors will occur if the application consumes large amounts of memory, the kernel denies read or write access to the address and returns an error to the application.

The Microsoft Knowledgebase article KB 2588507 provides a hotfix to address these issues http://support.microsoft.com/kb/2588507/en-gb

To apply this hotfix, you must be running one of the following 64 Bit operating systems:

  • Windows Vista Service Pack 2 (SP2)
  • Windows Server 2008 Service Pack 2 (SP2)
  • Windows 7 (RTM)
  • Windows 7 Service Pack 1 (SP1)
  • Windows Server 2008 R2 (RTM)
  • Windows Server 2008 R2 Service Pack 1 (SP1)