Hi, Last month my computer gets a lot of BSOD, I drilled down on this and found this: avast, please fix this
It crash with same error at least 3 time per week
Avast: 23.8.6078 (build 23.8.8416.791)
************* Path validation summary **************
Response Time (ms) Location
Deferred srvC:\MyServerSymbolshttps://msdl.microsoft.com/download/symbols
Symbol search path is: srvC:\MyServerSymbolshttps://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 10 Kernel Version 22621 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Edition build lab: 22621.1928.amd64fre.ni_release_svc_prod3.230622-0951
Kernel base = 0xfffff80312200000 PsLoadedModuleList = 0xfffff803
12e130e0
Debug session time: Sun Aug 13 13:09:15.315 2023 (UTC - 6:00)
System Uptime: 4 days 21:55:11.143
Loading Kernel Symbols
…
…
…
…
Loading User Symbols
PEB is paged out (Peb.Ldr = 00000005897e9018). Type ".hh dbgerr001" for details Loading unloaded module list .................................................. For analysis of this file, run !analyze -v nt!KeBugCheckEx: fffff803
12631250 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:ffffee09`7c9e2dc0=0000000000000135
1: kd> !analyze -v
-
*
-
Bugcheck Analysis *
-
*
REGISTRY_FILTER_DRIVER_EXCEPTION (135)
This BugCheck is caused by an unhandled exception in a registry filtering driver.
This BugCheck indicates that a registry filtering driver didn’t handle exception inside
its notification routine. One can identify the driver by the 3rd parameter.
Arguments:
Arg1: ffffffffc0000005, ExceptionCode
Arg2: ffffee097c9e3670, Address of the context record for the exception that caused the BugCheck
Arg3: fffff8031e6900e0, The driver’s callback routine address
Arg4: ffffc58d8ab36e60, Internal
Debugging Details:
KEY_VALUES_STRING: 1
Key : Analysis.CPU.mSec
Value: 13437
Key : Analysis.Elapsed.mSec
Value: 23610
Key : Analysis.IO.Other.Mb
Value: 0
Key : Analysis.IO.Read.Mb
Value: 0
Key : Analysis.IO.Write.Mb
Value: 0
Key : Analysis.Init.CPU.mSec
Value: 1078
Key : Analysis.Init.Elapsed.mSec
Value: 4735
Key : Analysis.Memory.CommitPeak.Mb
Value: 96
Key : Bugcheck.Code.KiBugCheckData
Value: 0x135
Key : Bugcheck.Code.LegacyAPI
Value: 0x135
Key : Dump.Attributes.AsUlong
Value: 1800
Key : Dump.Attributes.DiagDataWrittenToHeader
Value: 1
Key : Dump.Attributes.ErrorCode
Value: 0
Key : Dump.Attributes.LastLine
Value: Dump completed successfully.
Key : Dump.Attributes.ProgressPercentage
Value: 100
Key : Failure.Bucket
Value: AV_aswArPot!ARPOT2IDP_SET_CALLBACK
Key : Failure.Hash
Value: {8ff7db7f-56bf-dd92-baaf-7b871e77b969}
Key : Hypervisor.Enlightenments.ValueHex
Value: 1417cf94
Key : Hypervisor.Flags.AnyHypervisorPresent
Value: 1
Key : Hypervisor.Flags.ApicEnlightened
Value: 1
Key : Hypervisor.Flags.ApicVirtualizationAvailable
Value: 0
Key : Hypervisor.Flags.AsyncMemoryHint
Value: 0
Key : Hypervisor.Flags.CoreSchedulerRequested
Value: 0
Key : Hypervisor.Flags.CpuManager
Value: 1
Key : Hypervisor.Flags.DeprecateAutoEoi
Value: 0
Key : Hypervisor.Flags.DynamicCpuDisabled
Value: 1
Key : Hypervisor.Flags.Epf
Value: 0
Key : Hypervisor.Flags.ExtendedProcessorMasks
Value: 1
Key : Hypervisor.Flags.HardwareMbecAvailable
Value: 1
Key : Hypervisor.Flags.MaxBankNumber
Value: 0
Key : Hypervisor.Flags.MemoryZeroingControl
Value: 1
Key : Hypervisor.Flags.NoExtendedRangeFlush
Value: 0
Key : Hypervisor.Flags.NoNonArchCoreSharing
Value: 1
Key : Hypervisor.Flags.Phase0InitDone
Value: 1
Key : Hypervisor.Flags.PowerSchedulerQos
Value: 0
Key : Hypervisor.Flags.RootScheduler
Value: 0
Key : Hypervisor.Flags.SynicAvailable
Value: 1
Key : Hypervisor.Flags.UseQpcBias
Value: 0
Key : Hypervisor.Flags.Value
Value: 5116143
Key : Hypervisor.Flags.ValueHex
Value: 4e10ef
Key : Hypervisor.Flags.VpAssistPage
Value: 1
Key : Hypervisor.Flags.VsmAvailable
Value: 1
Key : Hypervisor.RootFlags.AccessStats
Value: 1
Key : Hypervisor.RootFlags.CrashdumpEnlightened
Value: 1
Key : Hypervisor.RootFlags.CreateVirtualProcessor
Value: 1
Key : Hypervisor.RootFlags.DisableHyperthreading
Value: 0
Key : Hypervisor.RootFlags.HostTimelineSync
Value: 1
Key : Hypervisor.RootFlags.HypervisorDebuggingEnabled
Value: 0
Key : Hypervisor.RootFlags.IsHyperV
Value: 1
Key : Hypervisor.RootFlags.LivedumpEnlightened
Value: 1
Key : Hypervisor.RootFlags.MapDeviceInterrupt
Value: 1
Key : Hypervisor.RootFlags.MceEnlightened
Value: 1
Key : Hypervisor.RootFlags.Nested
Value: 0
Key : Hypervisor.RootFlags.StartLogicalProcessor
Value: 1
Key : Hypervisor.RootFlags.Value
Value: 1015
Key : Hypervisor.RootFlags.ValueHex
Value: 3f7
Key : SecureKernel.HalpHvciEnabled
Value: 1
Key : WER.OS.Branch
Value: ni_release_svc_prod3
Key : WER.OS.Version
Value: 10.0.22621.1928
BUGCHECK_CODE: 135
BUGCHECK_P1: ffffffffc0000005
BUGCHECK_P2: ffffee097c9e3670
BUGCHECK_P3: fffff8031e6900e0
BUGCHECK_P4: ffffc58d8ab36e60
FILE_IN_CAB: MEMORY.DMP
TAG_NOT_DEFINED_202b: *** Unknown TAG in analysis list 202b
DUMP_FILE_ATTRIBUTES: 0x1800
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
PROCESS_NAME: lsass.exe
STACK_TEXT:
ffffee097c9e2db8 fffff803
12c12690 : 0000000000000135 ffffffff
c0000005 ffffee097c9e3670 fffff803
1e6900e0 : nt!KeBugCheckEx
ffffee097c9e2dc0 fffff803
12a9f3d9 : ffffee097c9e4098 fffff803
1e6a9163 ffffee097c9e3430 fffff803
128c9975 : nt!CmpCallbackFatalFilter+0x24
ffffee097c9e2e00 fffff803
125f0911 : ffffee0900000003 ffffee09
7c9e3e58 ffffee097c9de000 ffffee09
7c9e5000 : nt!CmpCallCallBacksEx$filt$0+0x19
ffffee097c9e2e30 fffff803
1263c4bf : ffffee097c9e3e58 ffffee09
7c9e3430 ffffee097c9e3e00 fffff803
128c9975 : nt!_C_specific_handler+0xa1
ffffee097c9e2ea0 fffff803
1246e8b3 : ffffee097c9e44c0 ffffee09
7c9e3e58 fffff803128c9975 fffff803
12312860 : nt!RtlpExecuteHandlerForException+0xf
ffffee097c9e2ed0 fffff803
12522e5e : 0000000067766001 ffffee09
7c9e3f00 ffffee097c9e3f00 ffffee09
7c9e3670 : nt!RtlDispatchException+0x2f3
ffffee097c9e3640 fffff803
126469fc : ffffee0900000001 00000000
00989680 0000000000000000 ffffc58d
3b038d40 : nt!KiDispatchException+0x1ae
ffffee097c9e3d20 fffff803
12641364 : fffff180c5b14fe8 00000000
00000040 ffff8801eded9b30 00000000
0480f000 : nt!KiExceptionDispatch+0x13c
ffffee097c9e3f00 fffff803
1e6a9163 : fffff8031e681b0a ffffd883
91f888b0 0000018b00000000 ffffee09
7c9e4200 : nt!KiSegmentNotPresentFault+0x364
ffffee097c9e4098 fffff803
1e681b0a : ffffd88391f888b0 0000018b
00000000 ffffee097c9e4200 0000018b
629fe001 : aswArPot!ARPOT2IDP_SET_CALLBACK+0xbe13
ffffee097c9e40a0 fffff803
1e688b90 : ffffee097c9e4140 0000018b
629fd000 fffff80300000002 01d9ce19
a6dccd95 : aswArPot+0x1b0a
ffffee097c9e4100 fffff803
1e68a5aa : ffffc58d58402050 ffffee09
7c9e4310 ffffee097c9e4308 ffffee09
7c9e4340 : aswArPot+0x8b90
ffffee097c9e42c0 fffff803
1e690229 : ffffee097c9e4500 00000000
00002ea4 ffffc58d7f6d5670 ffffee09
7c9e4880 : aswArPot+0xa5aa
ffffee097c9e44c0 fffff803
128c9975 : 0000000000000000 00000000
00000001 ffffee097c9e4880 ffffee09
7c9e4880 : aswArPot+0x10229
ffffee097c9e4640 fffff803
128b4108 : 0000000500000001 ffffee09
7c9e4880 0000000000000000 00000000
00501801 : nt!CmpCallCallBacksEx+0x235
ffffee097c9e4770 fffff803
12646826 : 0000000000000000 fffff803
12805f57 0000000000000000 00000000
00000000 : nt!NtSetValueKey+0x5f8
ffffee097c9e4970 00007ffa
2a20f944 : 0000000000000000 00000000
00000000 0000000000000000 00000000
00000000 : nt!KiSystemServiceExitPico+0x43b
0000000589f7b7f8 00000000
00000000 : 0000000000000000 00000000
00000000 0000000000000000 00000000
00000000 : 0x00007ffa`2a20f944
SYMBOL_NAME: aswArPot!ARPOT2IDP_SET_CALLBACK+be13
MODULE_NAME: aswArPot
IMAGE_NAME: aswArPot.sys
STACK_COMMAND: .cxr; .ecxr ; kb
BUCKET_ID_FUNC_OFFSET: be13
FAILURE_BUCKET_ID: AV_aswArPot!ARPOT2IDP_SET_CALLBACK
OS_VERSION: 10.0.22621.1928
BUILDLAB_STR: ni_release_svc_prod3
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {8ff7db7f-56bf-dd92-baaf-7b871e77b969}
Followup: MachineOwner