New
#11
yet another different BSOD
I have no idea what's going on!
I have a new (3rd) BSOD in a row!
Should I format my PC and that's it?
Attached is the new BSOD + pc report
Thank you again!!!
BSOD - wdf01000.sys - PLEASE HELP!
-
-
New #12
Update:
Intel USB 3.0 driver (check in Intel Driver & Support Assistant https://downloadmirror.intel.com/284...-Installer.exe)
-
New #13
OK. did everything! Worked for a while, no everytime I suspend my AVG antivirus, I get a new BSOD!
Can you please check the attached details about this please and tell me what's wrong and what I need to do with this?
Thank you so much for your support...
-
New #14
The DRIVER_VERIFIER_DETECTED_VIOLATION bug check has a value of 0x000000C4. This is the general bug check code for fatal errors found by Driver Verifier.
1st parameter = 0x62 - The driver is unloading without first freeing its pool allocations. A bug check with this parameter occurs only when the Pool Tracking option of Driver Verifier is active.
Disable Driver Verifier, and if blue screens continue, then uninstall and reinstall the AVG anti-virusCode:Microsoft (R) Windows Debugger Version 10.0.18362.1 AMD64 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [F:\072619-220928-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available ************* Path validation summary ************** Response Time (ms) Location Deferred SRV* Symbol search path is: SRV* Executable search path is: Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Built by: 7601.24441.amd64fre.win7sp1_ldr.190418-1735 Machine Name: Kernel base = 0xfffff800`0341d000 PsLoadedModuleList = 0xfffff800`03656c90 Debug session time: Fri Jul 26 13:36:49.645 2019 (UTC + 2:00) System Uptime: 0 days 3:16:03.769 Loading Kernel Symbols ............................................................... ................................................................ .................................................... Loading User Symbols Loading unloaded module list ............. For analysis of this file, run !analyze -v 3: kd> !analyze ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck C4, {62, fffffa8011bcebe8, fffffa8011bce8c0, e0} *** WARNING: Unable to verify timestamp for avgStm.sys GetUlongPtrFromAddress: unable to read from fffff800036ba300 Probably caused by : avgStm.sys Followup: MachineOwner --------- 3: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* DRIVER_VERIFIER_DETECTED_VIOLATION (c4) A device driver attempting to corrupt the system has been caught. This is because the driver was specified in the registry as being suspect (by the administrator) and the kernel has enabled substantial checking of this driver. If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will be among the most commonly seen crashes. Arguments: Arg1: 0000000000000062, A driver has forgotten to free its pool allocations prior to unloading. Arg2: fffffa8011bcebe8, name of the driver having the issue. Arg3: fffffa8011bce8c0, verifier internal structure with driver information. Arg4: 00000000000000e0, total # of (paged+nonpaged) allocations that weren't freed. Type !verifier 3 drivername.sys for info on the allocations that were leaked that caused the bugcheck. Debugging Details: ------------------ KEY_VALUES_STRING: 1 PROCESSES_ANALYSIS: 1 SERVICE_ANALYSIS: 1 STACKHASH_ANALYSIS: 1 TIMELINE_ANALYSIS: 1 DUMP_CLASS: 1 DUMP_QUALIFIER: 400 BUILD_VERSION_STRING: 7601.24441.amd64fre.win7sp1_ldr.190418-1735 DUMP_TYPE: 2 BUGCHECK_P1: 62 BUGCHECK_P2: fffffa8011bcebe8 BUGCHECK_P3: fffffa8011bce8c0 BUGCHECK_P4: e0 BUGCHECK_STR: 0xc4_62 IMAGE_NAME: avgStm.sys DEBUG_FLR_IMAGE_TIMESTAMP: 5d0b0634 MODULE_NAME: avgStm FAULTING_MODULE: fffff8800913e000 avgStm VERIFIER_DRIVER_ENTRY: dt nt!_MI_VERIFIER_DRIVER_ENTRY fffffa8011bce8c0 Symbol nt!_MI_VERIFIER_DRIVER_ENTRY not found. CPU_COUNT: 4 CPU_MHZ: cf0 CPU_VENDOR: GenuineIntel CPU_FAMILY: 6 CPU_MODEL: 5e CPU_STEPPING: 3 CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: VERIFIER_ENABLED_VISTA_MINIDUMP PROCESS_NAME: services.exe CURRENT_IRQL: 2 ANALYSIS_SESSION_HOST: MICHAL ANALYSIS_SESSION_TIME: 07-26-2019 15:54:11.0267 ANALYSIS_VERSION: 10.0.18362.1 amd64fre LAST_CONTROL_TRANSFER: from fffff800039174fc to fffff800034b0aa0 STACK_TEXT: fffff880`17a33308 fffff800`039174fc : 00000000`000000c4 00000000`00000062 fffffa80`11bcebe8 fffffa80`11bce8c0 : nt!KeBugCheckEx fffff880`17a33310 fffff800`0392668a : 00000000`00000001 00000000`00000000 fffff880`0913e000 00000000`00000001 : nt!VerifierBugCheckIfAppropriate+0x3c fffff880`17a33350 fffff800`0356cf40 : 00000000`00000000 00000000`00000000 fffff880`009aa180 00000000`00000000 : nt!VfPoolCheckForLeaks+0x4a fffff880`17a33390 fffff800`0380a2de : fffffa80`11bceb30 00000000`00000000 00000000`00000000 00000000`00000018 : nt!VfTargetDriversRemove+0x160 fffff880`17a33430 fffff800`0382f54b : 00000000`00000000 00000000`000e0082 00000000`00000000 00000000`00000001 : nt!VfDriverUnloadImage+0x2e fffff880`17a33460 fffff800`0382f9ed : 00000000`00000000 fffffa80`11bceb30 00000000`00000000 00000000`00010200 : nt!MiUnloadSystemImage+0x28b fffff880`17a334d0 fffff800`039011e1 : 00000000`00000000 fffff880`17a337f0 fffffa80`0d823de0 00000000`00000018 : nt!MmUnloadSystemImage+0x4d fffff880`17a33510 fffff800`0345c274 : 00000000`00000000 fffff880`17a337f0 fffffa80`0d823de0 fffffa80`11bce788 : nt!IopDeleteDriver+0x41 fffff880`17a33540 fffff800`0383b4ac : fffff880`17a337f0 00000000`00000000 00000000`c0000001 fffff880`00000000 : nt!ObfDereferenceObject+0xd4 fffff880`17a335a0 fffff800`034bead3 : fffffa80`18d63b50 00000000`00000000 fffff800`036bda01 00000000`00000000 : nt!IopUnloadDriver+0x45c fffff880`17a33770 fffff800`034b42b0 : fffff800`0383b1a5 00000000`027eeb00 00000000`00000001 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 fffff880`17a33908 fffff800`0383b1a5 : 00000000`027eeb00 00000000`00000001 00000000`00000000 00000000`00cada10 : nt!KiServiceLinkage fffff880`17a33910 fffff800`034bead3 : fffffa80`18d63b50 fffff880`17a33b60 00000000`00000000 00000000`00000000 : nt!IopUnloadDriver+0x155 fffff880`17a33ae0 00000000`773bb0fa : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 00000000`027eead8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x773bb0fa THREAD_SHA1_HASH_MOD_FUNC: 591646535b6c407bc45fa532f044222b581d75cc THREAD_SHA1_HASH_MOD_FUNC_OFFSET: ab4cd03d1732ae1098429d754ab04e1e5c6d7565 THREAD_SHA1_HASH_MOD: 7f608ac2fbce9034a3386b1d51652e4911d30234 FOLLOWUP_NAME: MachineOwner STACK_COMMAND: .thread ; .cxr ; kb FAILURE_BUCKET_ID: X64_0xc4_62_VRF_LEAKED_POOL_IMAGE_avgStm.sys BUCKET_ID: X64_0xc4_62_VRF_LEAKED_POOL_IMAGE_avgStm.sys PRIMARY_PROBLEM_CLASS: X64_0xc4_62_VRF_LEAKED_POOL_IMAGE_avgStm.sys TARGET_TIME: 2019-07-26T11:36:49.000Z OSBUILD: 7601 OSSERVICEPACK: 1000 SERVICEPACK_NUMBER: 0 OS_REVISION: 0 SUITE_MASK: 272 PRODUCT_TYPE: 1 OSPLATFORM_TYPE: x64 OSNAME: Windows 7 OSEDITION: Windows 7 WinNt (Service Pack 1) TerminalServer SingleUserTS OS_LOCALE: USER_LCID: 0 OSBUILD_TIMESTAMP: 2019-04-19 04:08:54 BUILDDATESTAMP_STR: 190418-1735 BUILDLAB_STR: win7sp1_ldr BUILDOSVER_STR: 6.1.7601.24441.amd64fre.win7sp1_ldr.190418-1735 ANALYSIS_SESSION_ELAPSED_TIME: 756 ANALYSIS_SOURCE: KM FAILURE_ID_HASH_STRING: km:x64_0xc4_62_vrf_leaked_pool_image_avgstm.sys FAILURE_ID_HASH: {c341edbd-a105-4ab9-c966-527e399cd25f} Followup: MachineOwner --------- 3: kd> .load pde ========================================================================================= PDE v11.3 - Copyright 2017 Andrew Richards ========================================================================================= 3: kd> !dpx Start memory scan : 0xfffff88017a33308 ($csp) End memory scan : 0xfffff88017a34000 (Kernel Stack Base) rsp : 0xfffff88017a33308 : 0xfffff800039174fc : nt!VerifierBugCheckIfAppropriate+0x3c *** WARNING: Unable to verify timestamp for avgStm.sys rsi : 0xfffffa800e624050 : 0xfffff8800913e000 : avgStm r8 : 0xfffffa8011bcebe8 : !du "avgStm.sys" 0xfffff88017a33308 : 0xfffff800039174fc : nt!VerifierBugCheckIfAppropriate+0x3c 0xfffff88017a33320 : 0xfffffa8011bcebe8 : !du "avgStm.sys" 0xfffff88017a33338 : 0xfffff80003569e35 : nt!VfAvlLookupTreeNode+0xf5 0xfffff88017a33348 : 0xfffff8000392668a : nt!VfPoolCheckForLeaks+0x4a 0xfffff88017a33360 : 0xfffff8800913e000 : avgStm 0xfffff88017a33388 : 0xfffff8000356cf40 : nt!VfTargetDriversRemove+0x160 0xfffff88017a333d8 : 0xfffff800037f6c0e : nt!VfThunkCheckDriverUnloading+0x2e 0xfffff88017a33400 : 0xfffff8800913e000 : avgStm 0xfffff88017a33428 : 0xfffff8000380a2de : nt!VfDriverUnloadImage+0x2e 0xfffff88017a33458 : 0xfffff8000382f54b : nt!MiUnloadSystemImage+0x28b 0xfffff88017a334c8 : 0xfffff8000382f9ed : nt!MmUnloadSystemImage+0x4d 0xfffff88017a33508 : 0xfffff800039011e1 : nt!IopDeleteDriver+0x41 0xfffff88017a33538 : 0xfffff8000345c274 : nt!ObfDereferenceObject+0xd4 0xfffff88017a33598 : 0xfffff8000383b4ac : nt!IopUnloadDriver+0x45c 0xfffff88017a335e8 : 0xfffff8000372003a : nt!CmEnumerateValueKey+0x49a 0xfffff88017a335f0 : 0xfffff800036bd540 : nt!MmSystemPtesWs 0xfffff88017a33640 : 0xfffff88017a335e8 : 0xfffff8000372003a : nt!CmEnumerateValueKey+0x49a 0xfffff88017a336b8 : 0xfffff800034bcca5 : nt!KiPageFault+0x465 0xfffff88017a336c8 : 0xfffff80003722e94 : nt!PsReferenceImpersonationToken 0xfffff88017a33700 : 0xfffff8000385a200 : nt!IopLoadUnloadDriver 0xfffff88017a33768 : 0xfffff800034bead3 : nt!KiSystemServiceCopyEnd+0x13 0xfffff88017a33780 : 0xfffff800036bda01 : nt!MmFreePageListHead+0x1 0xfffff88017a33798 : 0xfffff800034a8f01 : nt!MiMakeTransitionPte+0x1d 0xfffff88017a337b0 : 0xfffff80003640880 : nt!MiSpecialPool 0xfffff88017a337c8 : 0xfffff8000359d426 : nt!MmAllocateSpecialPool+0x7b6 0xfffff88017a337f8 : 0xfffff80003729b8f : nt!SePrivilegedServiceAuditAlarm+0x47 0xfffff88017a33828 : 0xfffff80003640888 : nt!MiSpecialPool+0x8 0xfffff88017a338d8 : 0xfffff800034b42b0 : nt!KiServiceLinkage 0xfffff88017a338f0 : 0xfffff88017a33908 : 0xfffff8000383b1a5 : nt!IopUnloadDriver+0x155 0xfffff88017a33908 : 0xfffff8000383b1a5 : nt!IopUnloadDriver+0x155 0xfffff88017a33938 : 0xfffff800034bcca5 : nt!KiPageFault+0x465 0xfffff88017a33948 : 0xfffff8000383b610 : nt!NtUnloadDriver 0xfffff88017a33a10 : 0xfffff8000383b610 : nt!NtUnloadDriver 0xfffff88017a33a58 : 0xfffff80003719326 : nt!ExMapHandleToPointer+0x26 0xfffff88017a33a88 : 0xfffff800037164f4 : nt!ObpCloseHandle+0x94 0xfffff88017a33aa8 : 0xfffff8000383b610 : nt!NtUnloadDriver 0xfffff88017a33ad8 : 0xfffff800034bead3 : nt!KiSystemServiceCopyEnd+0x13 0xfffff88017a33ae0 : 0xfffffa8018d63b50 : Trap @ fffff88017a33ae0 3: kd> lmvm avgStm Browse full module list start end module name fffff880`0913e000 fffff880`09175000 avgStm T (no symbols) Loaded symbol image file: avgStm.sys Image path: \SystemRoot\system32\drivers\avgStm.sys Image name: avgStm.sys Browse all global symbols functions data Timestamp: Wed Jun 19 21:06:12 2019 (5D0B0634) CheckSum: 0003C441 ImageSize: 00037000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4 Information from resource tables:
-
New #15
Thank you so much!!! You are incredible!
-
New #16
After several months of no problems what so ever due to your amazing help,
my computer decided to crash once again with a brand new BSOD... :-(
Can you help me once more please?
Thank you so much...
-
New #17
I don't see new crash dumps. Make sure that you don't have problems with your disk and logging crash dumps is enabled and correctly set.
Quote
Related Discussions