BSOD pravdepodobne zpusobene Avastem

Non-English Boards Česky/Slovensky
1

Dobry den,
pouzivam Avast Premier v Windows 10. V poslednim tydnu se mi zacly objevovat nahodne BSOD, vetsinou pri surfovani po internetu.
V event logu je k videni hlaska: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x0000003b (0x00000000c0000005, 0xfffff80236470ce0, 0xffff860157756010, 0x0000000000000000). Výpis byl uložen do: C:\WINDOWS\MEMORY.DMP. ID hlášení: f420290c-420c-41b5-8d02-1298311305bc

Po analyze minidumpu mam pocit, ze problem je spojen s ovladacem aswbidsdrivera.sys, ktery je zrejme soucasti Avastu.

Microsoft (R) Windows Debugger Version 10.0.15063.468 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.

Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.

************* Symbol Path validation summary **************
Response Time (ms) Location
OK C:\Program Files (x86)\Windows Kits\10\Symbols
Symbol search path is: C:\Program Files (x86)\Windows Kits\10\Symbols
Executable search path is:
Windows 10 Kernel Version 16299 MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 16299.15.amd64fre.rs3_release.170928-1534
Machine Name:
Kernel base = 0xfffff80236003000 PsLoadedModuleList = 0xfffff80236364fb0
Debug session time: Thu Nov 23 15:35:28.798 2017 (UTC + 1:00)
System Uptime: 0 days 0:17:10.518
Loading Kernel Symbols




Loading User Symbols
PEB is paged out (Peb.Ldr = 00000000`0083d018). Type “.hh dbgerr001” for details
Loading unloaded module list

  •                                                                         *

  •                    Bugcheck Analysis                                    *

  •                                                                         *

Use !analyze -v to get detailed debugging information.

BugCheck 3B, {c0000005, fffff80236470ce0, ffff860157756010, 0}

*** ERROR: Module load completed but symbols could not be loaded for aswbidsdrivera.sys
*** ERROR: Module load completed but symbols could not be loaded for aswMonFlt.sys
Probably caused by : aswbidsdrivera.sys ( aswbidsdrivera+279b6 )

Followup: MachineOwner

0: kd> !analyze -v

  •                                                                         *

  •                    Bugcheck Analysis                                    *

  •                                                                         *

SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff80236470ce0, Address of the instruction which caused the bugcheck
Arg3: ffff860157756010, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.

Debugging Details:

DUMP_CLASS: 1

DUMP_QUALIFIER: 401

BUILD_VERSION_STRING: 16299.15.amd64fre.rs3_release.170928-1534

SYSTEM_MANUFACTURER: HP

SYSTEM_PRODUCT_NAME: HP Pavilion Desktop PC 570-p0XX

SYSTEM_SKU: 1JU85EA#BCM

BIOS_VENDOR: AMI

BIOS_VERSION: F.14

BIOS_DATE: 05/22/2017

BASEBOARD_MANUFACTURER: HP

BASEBOARD_PRODUCT: 82F2

BASEBOARD_VERSION: A01

DUMP_TYPE: 1

BUGCHECK_P1: c0000005

BUGCHECK_P2: fffff80236470ce0

BUGCHECK_P3: ffff860157756010

BUGCHECK_P4: 0

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 -

FAULTING_IP:
nt!RtlCompareUnicodeString+50
fffff802`36470ce0 440fb710 movzx r10d,word ptr [rax]

CONTEXT: ffff860157756010 – (.cxr 0xffff860157756010)
rax=000600000005b8bc rbx=000600000005b976 rcx=000000000000005d
rdx=ffffca0c167c3268 rsi=0000000000005302 rdi=fff9ca0c167679bc
rip=fffff80236470ce0 rsp=ffff860157756a08 rbp=000000000000005d
r8=ffffca0c167c3201 r9=0000000000000001 r10=0000000000001001
r11=0000000000000000 r12=0000000000000548 r13=0000000000000000
r14=ffff860157756ab0 r15=ffff860157756ba8
iopl=0 nv up ei ng nz ac pe nc
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010292
nt!RtlCompareUnicodeString+0x50:
fffff80236470ce0 440fb710 movzx r10d,word ptr [rax] ds:002b:000600000005b8bc=???
Resetting default scope

CPU_COUNT: 4

CPU_MHZ: bb8

CPU_VENDOR: GenuineIntel

CPU_FAMILY: 6

CPU_MODEL: 9e

CPU_STEPPING: 9

CPU_MICROCODE: 6,9e,9,0 (F,M,S,R) SIG: 5E’00000000 (cache) 5E’00000000 (init)

DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT

BUGCHECK_STR: 0x3B

PROCESS_NAME: iexplore.exe

CURRENT_IRQL: 0

ANALYSIS_SESSION_HOST: TONDA-W10

ANALYSIS_SESSION_TIME: 11-23-2017 17:06:03.0203

ANALYSIS_VERSION: 10.0.15063.468 amd64fre

LAST_CONTROL_TRANSFER: from fffff8070d4879b6 to fffff80236470ce0

STACK_TEXT:
ffff860157756a08 fffff8070d4879b6 : ffffca0c167c3240 ffffca0c167d4b58 ffffa48fa53c6108 0000000000000001 : nt!RtlCompareUnicodeString+0x50
ffff860157756a10 fffff802360d9d66 : 0000004700490046 fffff802360a73b6 ffffa48faefb2310 ffffa48fac596e50 : aswbidsdrivera+0x279b6
ffff860157756a40 fffff80236108527 : ffffa48fa53c6108 00000000c0000225 000000000000000d ffffca0c16678110 : nt!FindNodeOrParent+0x42
ffff860157756a70 fffff8070d48a500 : ffffa48fa53c6010 ffffa48faefd3800 0000000000003170 fffff80200000384 : nt!RtlDeleteElementGenericTable+0x17
ffff860157756aa0 fffff8070d46f179 : ffff860157756ba8 ffff860157756bf0 0000000000000000 ffff860157756bf0 : aswbidsdrivera+0x2a500
ffff860157756af0 fffff8070d470937 : ffffa48f00000000 0000000000002438 0000000000001e50 ffff860157756ea0 : aswbidsdrivera+0xf179
ffff860157756e70 fffff8070e71245e : 0000000000000000 0000000000000000 ffff860157757100 fffff8070c2316f0 : aswbidsdrivera+0x10937
ffff860157756ef0 fffff8070e73033b : 0000000000000002 ffff860157756fc0 ffff860157757148 fffff8070a201209 : aswMonFlt+0x245e
ffff860157756f60 fffff8070a2068ba : 0000000000000000 ffffa48fa52f58f0 ffffa48fa52f55f0 ffffa48fa52f57f0 : aswMonFlt+0x2033b
ffff8601577570f0 fffff8070a206076 : ffffa48faefd3800 0000000000000000 ffffa48fa5732600 0000000000000000 : FLTMGR!FltpPerformPostCallbacks+0x47a
ffff8601577571d0 fffff8070a208639 : ffffa48faf0567b0 ffffa48fa52f55f0 ffffa48fa52f5608 ffffa48faf056be0 : FLTMGR!FltpPassThroughCompletionWorker+0x76
ffff860157757240 fffff8070a23b57f : ffff8601577572f0 0000000000000000 ffffa48faefd3800 fffff802364ccda4 : FLTMGR!FltpLegacyProcessingAfterPreCallbacksCompleted+0x239
ffff8601577572b0 fffff8023603b8d9 : ffffa48faed1cb00 0000000000000005 ffffa48faf056c28 ffffa48fa4deba00 : FLTMGR!FltpCreate+0x2cf
ffff860157757360 fffff802364cd7b2 : 0000000000000005 ffff860157757660 ffffa48faefd3840 0000000000000989 : nt!IofCallDriver+0x59
ffff8601577573a0 fffff80236505987 : fffff802364ccf90 fffff802364ccf90 ffff860100000000 ffffa48fa4deac40 : nt!IopParseDevice+0x822
ffff860157757560 fffff802364fd060 : ffffa48faeecdb01 ffff8601577577b8 0000000000000040 ffffa48fa38baf20 : nt!ObpLookupObjectName+0x5b7
ffff860157757720 fffff802364f9fc1 : 0000000000000001 0000000000000000 0000000000000001 0000000000000028 : nt!ObOpenObjectByNameEx+0x1e0
ffff860157757860 fffff802364f7749 : 000000003254e618 0000000000000000 000000003254eee0 000000003254e630 : nt!IopCreateFile+0x391
ffff860157757900 fffff80236172553 : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : nt!NtCreateFile+0x79
ffff860157757990 00007ff9185008e4 : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : nt!KiSystemServiceCopyEnd+0x13
000000003254e5a8 0000000000000000 : 0000000000000000 0000000000000000 0000000000000000 0000000000000000 : 0x00007ff9`185008e4

THREAD_SHA1_HASH_MOD_FUNC: b218283fec3d1c7e0f40ba1cdcefa6c3b9ed6d60

THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 5526be3dd46078cabb8dc8f12da6605a1300be90

THREAD_SHA1_HASH_MOD: a00435d86f9f9c314d75a27b03f4336237869b40

FOLLOWUP_IP:
aswbidsdrivera+279b6
fffff807`0d4879b6 8bc8 mov ecx,eax

FAULT_INSTR_CODE: c085c88b

SYMBOL_STACK_INDEX: 1

SYMBOL_NAME: aswbidsdrivera+279b6

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: aswbidsdrivera

IMAGE_NAME: aswbidsdrivera.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 59e4674d

STACK_COMMAND: .cxr 0xffff860157756010 ; kb

BUCKET_ID_FUNC_OFFSET: 279b6

FAILURE_BUCKET_ID: 0x3B_aswbidsdrivera!unknown_function

BUCKET_ID: 0x3B_aswbidsdrivera!unknown_function

PRIMARY_PROBLEM_CLASS: 0x3B_aswbidsdrivera!unknown_function

TARGET_TIME: 2017-11-23T14:35:28.000Z

OSBUILD: 16299

OSSERVICEPACK: 0

SERVICEPACK_NUMBER: 0

OS_REVISION: 0

SUITE_MASK: 784

PRODUCT_TYPE: 1

OSPLATFORM_TYPE: x64

OSNAME: Windows 10

OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS Personal

OS_LOCALE:

USER_LCID: 0

OSBUILD_TIMESTAMP: 2017-10-25 05:06:03

BUILDDATESTAMP_STR: 170928-1534

BUILDLAB_STR: rs3_release

BUILDOSVER_STR: 10.0.16299.15.amd64fre.rs3_release.170928-1534

ANALYSIS_SESSION_ELAPSED_TIME: 4a3

ANALYSIS_SOURCE: KM

FAILURE_ID_HASH_STRING: km:0x3b_aswbidsdrivera!unknown_function

FAILURE_ID_HASH: {d481b7f8-08bd-c543-8179-a2879fceae5d}

Followup: MachineOwner