Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: BSOD , possible Avast AV issue

05 Mar 2012   #1
TaterTot

Windows 7 Pro SP1 64 bit
 
 
BSOD , possible Avast AV issue

Hi,

My dump file is pretty large and I'm trying to figure this out using Windbg. I set the symbols path and opened the crash dump. First off I don't understand the "triage" errors but from what I read it only effect user-mode. So possibly the debug is okay. Not sure though what I'm looking at. Perhaps someone has some better insight or advice.

bsod output report and health report attached as requested

This is a new install of Windows 7 Pro. Windbg as follows.
Thank you,
TT


Microsoft (R) Windows Debugger Version 6.2.8229.0 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available

Symbol search path is: SRV*C:\SymCache*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17640.amd64fre.win7sp1_gdr.110622-1506
Machine Name:
Kernel base = 0xfffff800`03011000 PsLoadedModuleList = 0xfffff800`03256670
Debug session time: Mon Mar 5 13:42:20.170 2012 (UTC - 7:00)
System Uptime: 0 days 4:03:07.824
Loading Kernel Symbols
...............................................................
................................................................
...............................................
Loading User Symbols
PEB is paged out (Peb.Ldr = 00000000`7efdf018). Type ".hh dbgerr001" for details
Loading unloaded module list
..................................................
TRIAGER: Could not open triage file : C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\triage\oca.ini, error 2
TRIAGER: Could not open triage file : C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\winxp\triage.ini, error 2
TRIAGER: Could not open triage file : C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\triage\user.ini, error 2
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 24, {c08a5, 0, 0, 0}

TRIAGER: Could not open triage file : C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\triage\modclass.ini, error 2
Probably caused by : Ntfs.sys ( Ntfs!NtfsPagingFileIo+155 )

Followup: MachineOwner
---------

windbg> .hh dbgerr001
2: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

NTFS_FILE_SYSTEM (24)
If you see NtfsExceptionFilter on the stack then the 2nd and 3rd
parameters are the exception record and context record. Do a .cxr
on the 3rd parameter and then kb to obtain a more informative stack
trace.
Arguments:
Arg1: 00000000000c08a5
Arg2: 0000000000000000
Arg3: 0000000000000000
Arg4: 0000000000000000

Debugging Details:
------------------

TRIAGER: Could not open triage file : C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\triage\modclass.ini, error 2

DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT

BUGCHECK_STR: 0x24

PROCESS_NAME: avast.setup

CURRENT_IRQL: 0

LAST_CONTROL_TRANSFER: from fffff880012541d5 to fffff8000308dc40

STACK_TEXT:
fffff880`0d71ce78 fffff880`012541d5 : 00000000`00000024 00000000`000c08a5 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx
fffff880`0d71ce80 fffff880`01253e28 : 00000001`00000000 00000000`00000000 00000000`00000000 00000fa8`003ea000 : Ntfs!NtfsPagingFileIo+0x155
fffff880`0d71cf80 fffff880`01052bcf : fffffa80`0acf3b90 fffffa80`0acf37f0 fffffa80`04c34bb0 00000000`00000000 : Ntfs! ?? ::FNODOBFM::`string'+0x8ba9
fffff880`0d71d030 fffff880`010516df : fffffa80`04964900 fffffa80`06d5b000 fffffa80`04964900 fffffa80`0acf37f0 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff880`0d71d0c0 fffff800`030b5bc5 : fffffa80`0acf3810 fffffa80`04a2b070 fffffa80`0455c0d0 fffff880`02f63180 : fltmgr!FltpDispatch+0xcf
fffff880`0d71d120 fffff800`030b5699 : 00000000`00000000 00000000`00000000 fffffa80`0455c010 fffffa80`0455c010 : nt!IoPageRead+0x255
fffff880`0d71d1b0 fffff800`0309bf59 : 00000000`00000000 00000000`00000000 ffffffff`ffffffff 00000000`00000000 : nt!MiIssueHardFault+0x255
fffff880`0d71d280 fffff800`030a44f0 : 00000000`00000000 fffff980`241c0000 00000000`00000000 fffffa80`06d5b060 : nt!MmAccessFault+0x1399
fffff880`0d71d3e0 fffff800`0307cc1e : fffff980`241c0000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!MmCheckCachedPageStates+0x910
fffff880`0d71d590 fffff800`03377e10 : fffffa80`00000000 00000000`00000000 fffffa80`04db2ae0 00000000`0176caf8 : nt!CcFetchDataForRead+0x10e
fffff880`0d71d5f0 fffff880`0125c730 : fffff8a0`00000001 fffff880`00000005 fffffa80`00040000 fffff880`012af001 : nt!CcCopyRead+0x180
fffff880`0d71d6b0 fffff880`0125cda3 : 00000000`00000000 fffff8a0`09c7ec70 fffff880`0d71d8e0 fffff880`0d71d7d8 : Ntfs!NtfsCachedRead+0x180
fffff880`0d71d710 fffff880`0125ea68 : fffffa80`080c5940 fffffa80`06936a50 fffff880`0d71d801 fffffa80`03fa6600 : Ntfs!NtfsCommonRead+0x583
fffff880`0d71d8b0 fffff880`01052bcf : fffffa80`06936df0 fffffa80`06936a50 fffffa80`03fa66c0 00000000`00000001 : Ntfs!NtfsFsdRead+0x1b8
fffff880`0d71d960 fffff880`010516df : fffffa80`04964900 00000000`00000001 fffffa80`04964900 fffffa80`06936a50 : fltmgr!FltpLegacyProcessingAfterPreCallbacksCompleted+0x24f
fffff880`0d71d9f0 fffff800`0339621b : 00000000`00000000 fffffa80`04db2ae0 00000000`00000001 fffffa80`06936a50 : fltmgr!FltpDispatch+0xcf
fffff880`0d71da50 fffff800`03377b63 : fffffa80`04db2ae0 fffffa80`04db2ae0 fffffa80`04db2ae0 fffff880`02f63180 : nt!IopSynchronousServiceTail+0xfb
fffff880`0d71dac0 fffff800`0308ced3 : 00000000`00000380 00000000`00000000 00000000`00000000 00000000`00000000 : nt!NtReadFile+0x631
fffff880`0d71dbb0 00000000`746f2e09 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0024e648 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x746f2e09


STACK_COMMAND: kb

FOLLOWUP_IP:
Ntfs!NtfsPagingFileIo+155
fffff880`012541d5 cc int 3

SYMBOL_STACK_INDEX: 1

SYMBOL_NAME: Ntfs!NtfsPagingFileIo+155

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: Ntfs

IMAGE_NAME: Ntfs.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 4d79997b

FAILURE_BUCKET_ID: X64_0x24_Ntfs!NtfsPagingFileIo+155

BUCKET_ID: X64_0x24_Ntfs!NtfsPagingFileIo+155

Followup: MachineOwner


My System SpecsSystem Spec
.
05 Mar 2012   #2
zigzag3143

Win 8 Release candidate 8400
 
 

Two issues



!-Avast

Avast can be a contributing cause of BSOD'S . Please remove and replace with Microsoft Security Essentials AT LEAST TO TEST


http://files.avast.com/files/eng/aswclear5.exe

Microsoft Security Essentials - Free Antivirus for Windows



2-asacpi.sys



Asacpi.sys

The pre 2009 version of this driver is a known BSOD cause.
Quote:
Please visit this link: Asus tek computer inc. -support- drivers and download p7p55d le

ASUSTeK Computer Inc. -Support- Drivers and Download P7P55D LE
ASUSTeK Computer Inc. - Motherboards- ASUS P5K-VM

Scroll down to the utilities category, then scroll down to the "atk0110 driver for windowsxp/vista/windows 7 32&64-bit" (it's about the 12th item down).

Download and install it.

Go to c:\windows\system32\drivers to check and make sure that the asacpi.sys file is date stamped from 2009 or 2010 (not before).
My System SpecsSystem Spec
06 Mar 2012   #3
TaterTot

Windows 7 Pro SP1 64 bit
 
 

Thanks for the quick help. I went ahead and ran the asus driver. The one on the system was from 2005. I think I'll see how things behave over the next few days with the updated driver before getting rid of Avast.
My System SpecsSystem Spec
.

10 Mar 2012   #4
TaterTot

Windows 7 Pro SP1 64 bit
 
 

The system has been running without blue screens however it is now freezing up regularly. Nothing but a reset will bring it back. Any suggestions since there is no report generated when this happens ?

TIA
TT
My System SpecsSystem Spec
10 Mar 2012   #5
TaterTot

Windows 7 Pro SP1 64 bit
 
 

I am also noticing some odd messages in my event log around my ATI driver -The card seems to be working fine but perhaps I need to reinstall the drivers and CCC ?

Log Name: ACEEventLog
Source: ACEEventLogSource
Date: 3/10/2012 7:47:27 PM
Event ID: 0
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: Owner-PC
Description:
0000000035: 2012-03-10 19:47:27:899 FAILED:ADL_Display_SLSGrid_Caps and return value is: -1
Error Called by: ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsAdapter_N::CheckSLSSupported processID:04152 threadID ) domainNameCCC.exe ) assemblyNameCLI.Caste.Graphics.Runtime, Version=3.5.4356.39830, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="ACEEventLogSource" />
<EventID Qualifiers="0">0</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-03-11T02:47:27.000000000Z" />
<EventRecordID>1924</EventRecordID>
<Channel>ACEEventLog</Channel>
<Computer>Owner-PC</Computer>
<Security />
</System>
<EventData>
<Data>0000000035: 2012-03-10 19:47:27:899 FAILED:ADL_Display_SLSGrid_Caps and return value is: -1
Error Called by: ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsAdapter_N::CheckSLSSupported processID:04152 threadID ) domainNameCCC.exe ) assemblyNameCLI.Caste.Graphics.Runtime, Version=3.5.4356.39830, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------
</Data>
</EventData>
</Event>

Log Name: ACEEventLog
Source: ACEEventLogSource
Date: 3/10/2012 7:47:27 PM
Event ID: 0
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: Owner-PC
Description:
0000000036: 2012-03-10 19:47:27:993 FAILED:ADL_Display_DpMstInfo_Get with status:-8For Adapter Index :1
Error Called by: ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsAdapter_N::RefreshDisplaysManagerAdapter processID:04152 threadID ) domainNameCCC.exe ) assemblyNameCLI.Caste.Graphics.Runtime, Version=3.5.4356.39830, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="ACEEventLogSource" />
<EventID Qualifiers="0">0</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-03-11T02:47:27.000000000Z" />
<EventRecordID>1925</EventRecordID>
<Channel>ACEEventLog</Channel>
<Computer>Owner-PC</Computer>
<Security />
</System>
<EventData>
<Data>0000000036: 2012-03-10 19:47:27:993 FAILED:ADL_Display_DpMstInfo_Get with status:-8For Adapter Index :1
Error Called by: ATI.ACE.CLI.Caste.Graphics.Runtime.RT_GraphicsAdapter_N::RefreshDisplaysManagerAdapter processID:04152 threadID ) domainNameCCC.exe ) assemblyNameCLI.Caste.Graphics.Runtime, Version=3.5.4356.39830, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------
</Data>
</EventData>
</Event>

Log Name: ACEEventLog
Source: ACEEventLogSource
Date: 3/10/2012 7:47:28 PM
Event ID: 0
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: Owner-PC
Description:
0000000037: 2012-03-10 19:47:28:220 _IDEMDeviceDFP2Settings_0812.GetDFP2ITCFlag failed with status 2
Error Called by: ATI.ACE.CLI.Aspect.DeviceDFP.Graphics.Runtime.RT_DeviceDFP::PrivateRefresh processID:04152 threadID ) domainNameCCC.exe ) assemblyNameCLI.Aspect.DeviceDFP.Graphics.Runtime, Version=3.5.4356.39850, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="ACEEventLogSource" />
<EventID Qualifiers="0">0</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-03-11T02:47:28.000000000Z" />
<EventRecordID>1926</EventRecordID>
<Channel>ACEEventLog</Channel>
<Computer>Owner-PC</Computer>
<Security />
</System>
<EventData>
<Data>0000000037: 2012-03-10 19:47:28:220 _IDEMDeviceDFP2Settings_0812.GetDFP2ITCFlag failed with status 2
Error Called by: ATI.ACE.CLI.Aspect.DeviceDFP.Graphics.Runtime.RT_DeviceDFP::PrivateRefresh processID:04152 threadID ) domainNameCCC.exe ) assemblyNameCLI.Aspect.DeviceDFP.Graphics.Runtime, Version=3.5.4356.39850, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------
</Data>
</EventData>
</Event>

Log Name: ACEEventLog
Source: ACEEventLogSource
Date: 3/10/2012 7:47:28 PM
Event ID: 0
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: Owner-PC
Description:
0000000038: 2012-03-10 19:47:28:221 FAILED: ADL.ADL.ADL_DFP_AllowOnlyCETimings_Get
Error Called by: ATI.ACE.CLI.Aspect.DeviceDFP.Graphics.Runtime.RT_DeviceDFP::PrivateRefresh processID:04152 threadID ) domainNameCCC.exe ) assemblyNameCLI.Aspect.DeviceDFP.Graphics.Runtime, Version=3.5.4356.39850, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="ACEEventLogSource" />
<EventID Qualifiers="0">0</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-03-11T02:47:28.000000000Z" />
<EventRecordID>1927</EventRecordID>
<Channel>ACEEventLog</Channel>
<Computer>Owner-PC</Computer>
<Security />
</System>
<EventData>
<Data>0000000038: 2012-03-10 19:47:28:221 FAILED: ADL.ADL.ADL_DFP_AllowOnlyCETimings_Get
Error Called by: ATI.ACE.CLI.Aspect.DeviceDFP.Graphics.Runtime.RT_DeviceDFP::PrivateRefresh processID:04152 threadID ) domainNameCCC.exe ) assemblyNameCLI.Aspect.DeviceDFP.Graphics.Runtime, Version=3.5.4356.39850, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
------------------------------------------------------------------------------------------------------------------------
</Data>
</EventData>
</Event>

Log Name: ACEEventLog
Source: ACEEventLogSource
Date: 3/10/2012 7:47:30 PM
Event ID: 0
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: Owner-PC
Description:
0000000039: 2012-03-10 19:47:30:304 Exception <Saving Xml Document>: Access to the path 'C:\ProgramData\ATI\ACE\Profiles.xml' is denied.
Exception Called by: ATI.ACE.APM.Server.XmlDocumentSaver::SaverWorker processID:04152 threadID ) domainNameCCC.exe ) assemblyNameAPM.Server, Version=3.5.4356.39826, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
**************************************************************************************************** ********************

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="ACEEventLogSource" />
<EventID Qualifiers="0">0</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-03-11T02:47:30.000000000Z" />
<EventRecordID>1928</EventRecordID>
<Channel>ACEEventLog</Channel>
<Computer>Owner-PC</Computer>
<Security />
</System>
<EventData>
<Data>0000000039: 2012-03-10 19:47:30:304 Exception &lt;Saving Xml Document&gt;: Access to the path 'C:\ProgramData\ATI\ACE\Profiles.xml' is denied.
Exception Called by: ATI.ACE.APM.Server.XmlDocumentSaver::SaverWorker processID:04152 threadID ) domainNameCCC.exe ) assemblyNameAPM.Server, Version=3.5.4356.39826, Culture=neutral, PublicKeyToken=90ba9c70f846762e)
**************************************************************************************************** ********************
</Data>
</EventData>
</Event>
My System SpecsSystem Spec
Reply

 BSOD , possible Avast AV issue




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
BSOD while playing LoL, affected avast!, BSOD when reinstalling Win7
Hello guys. Problem started quite recently, I bought a new computer a month ago, and everything was cool until it started giving me MANY BSODs affter one intitial BSOD while playing League Of Legends. After a first crash, Windows asked during boot if i want to run a recovery utility, and each...
BSOD Help and Support
Win7 64 Home/P Bsod with Avast 8
I've have had a few issues with Avast since it was updated from Avast 7 to Avast 8. I previously had issues with Nod32 and Avast 8 in this thread: http://www.sevenforums.com/bsod-help-support/277797-bsod-during-nod32-scan-unknown-image-2.html I have used MSE and AVG, separately, without issues....
BSOD Help and Support
Avast! AV. Printer Canon iP1800 BSOD issue. Confirm, please?
Hello, Since having Win 7 as one of the OS's on my 64 bit desktop (one year), I have persistently experienced BSOD's (studied with no solution on other threads). Recently I reinstalled it clean (and backed it up with Linux PartImage) and it ran perfectly for two months. As part of my system...
BSOD Help and Support
BSOD Again! Also Makes Avast Unusable...
Hello everyone. Been BSOD free for about a week now but I seem to have had an error at start up. I shut down my computer last night and it was off all day. I started it up about 20 mins ago and it got to the "Loading Windows" screen then restarted and said that Windows failed to boot. Ran a...
BSOD Help and Support
7 64bit BSOD with Avast 5
new system seemed to be running fine loaded the new Avast 5 and had BSOD when Avast 5 went to update at bootup or just after update. I sent in 3 mini bumps....they said it was a hardware problem. Un-installed Avast 5 and went back to Avast 4.8 and have had no problems sence. One thing I have...
BSOD Help and Support
Can I use Avast with Norton 2010?Is Avast is light AV?
I m using Norton 2010 but thinking to take Extra security. So should i use Avast with it or MSE ???? Which one will be lighter & better ???????
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 09:24.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App