My work computer recently crashed again with another BSOD.
Checked Event Viewer and found:
Log Name: System Source: Microsoft-Windows-WER-SystemErrorReporting Event ID: 1001 Level: Error Keywords: Classic Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x000000c2 (0x0000000000000007, 0x000000000000109b, 0x0000000000000000, 0xfffffa800cd9d010). A dump was saved in: C:\Windows\MEMORY.DMP.
Examined the memory dump with WinDbg (x64).
Checked for details about the crash with:
!analyze -v
Part of the result:
BAD_POOL_CALLER (c2) The current thread is making a bad pool request. Typically this is at a bad IRQL level or double freeing the same allocation, etc. Arguments: Arg1: 0000000000000007, Attempt to free pool which was already freed Arg2: 000000000000109b, (reserved) Arg3: 0000000000000000, Memory contents of the pool block Arg4: fffffa800cd9d010, Address of the block of pool being deallocated Debugging Details: ------------------ POOL_ADDRESS: fffffa800cd9d010 Nonpaged pool BUGCHECK_STR: 0xc2_7 DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT PROCESS_NAME: vlc.exe CURRENT_IRQL: 2 MODULE_NAME: avgtdia IMAGE_NAME: avgtdia.sys
Examined the call stack with:
kp
Result:
Child-SP RetAddr Call Site fffff880`0db9b1f8 fffff800`031c3bf9 nt!KeBugCheckEx fffff880`0db9b200 fffff880`01f729c5 nt!ExAllocatePoolWithTag+0x1951 fffff880`0db9b2b0 fffff880`04272775 avgtdia+0xb9c5 fffff880`0db9b330 fffff880`042407bb afd! ?? ::GFJBLGFE::`string'+0xd64c fffff880`0db9b550 fffff800`033b028e afd!AfdFastIoDeviceControl+0x7ab fffff880`0db9b8c0 fffff800`033b0896 nt!IopXxxControlFile+0x6be fffff880`0db9ba00 fffff800`0308c693 nt!NtDeviceIoControlFile+0x56 fffff880`0db9ba70 00000000`73b12e09 nt!KiSystemServiceCopyEnd+0x13 00000000`045af0f8 00000000`00000000 0x73b12e09
The driver avgtdia.sys seemed to cause the crash.
Examined information about the avgtdia driver with:
lm v m avgtdia
Result:
start end module name fffff880`01f67000 fffff880`01fad000 avgtdia (no symbols) Loaded symbol image file: avgtdia.sys Image path: \SystemRoot\system32\DRIVERS\avgtdia.sys Image name: avgtdia.sys Timestamp: Wed Jul 27 15:24:36 2016 (5798B614) CheckSum: 00053AED ImageSize: 00046000 Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
Discovered that avgtdia.sys was: AVG Network connection watcher
This made me suspect that other BSOD crashes were also caused by AVG Internet Security:
Examining PFN_LIST_CORRUPT (4e) and PAGE_FAULT_IN_NONPAGED_AREA (50) BSOD
I decided to uninstall AVG Internet Security using: AVG Remover
Installed replacement: Avira Antivirus
I used to experience 2 BSOD crashes per week on this computer.
After uninstalling AVG Internet Security, the computer has been running for 1 week without any crashes…
I hope that the root cause has been identified and that the computer will finally be stable and reliable.
Conclusion
Common causes for computer stability problems are failing hard disks, defective memory and buggy drivers.
It seems that some antivirus products can also cause stability problems, possibly combined with specific drivers or other system level software.