BSOD System Service Exception Netio.sys

Fabfabian

New Member
Messages
2
Over the past week I have gotten two BSOD with them both saying something about System Service Exception Netio.sys and I was just looking to find out what is going on with my PC! I have attached the minidump folder but it has 9 dumps in it but only the most recent two are relevant (060115-51734-01.dmp and 052315-38296-01.dmp). Any help would be appreciated!
 

My Computer

System One

  • OS
    Windows 8.1 64-bit
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Hewlett-Packard
    CPU
    Intel Core i-7-3770 @ 3.40GHz (8 CPUs)
    Memory
    16384MB RAM
    Graphics Card(s)
    NVIDIA GeForce GT 640
    Screen Resolution
    1920x1080
    Hard Drives
    3TB hard drive
    Browser
    Google Chrome
Hi FabFabian & Welcome to the forums ^_^,

I have analysed your latest dump files and have provided an analysis for informative purposes :-

SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Hmmm... Pretty simple, an error occurred which caused the system to crash. Let's see the stack and see if we can find anything -

Code:
1: kd> knL
 # Child-SP          RetAddr           Call Site
00 ffffd001`d820a328 fffff801`081797e9 nt!KeBugCheckEx
01 ffffd001`d820a330 fffff801`081790fc nt!KiBugCheckDispatch+0x69
02 ffffd001`d820a470 fffff801`081751ed nt!KiSystemServiceHandler+0x7c
03 ffffd001`d820a4b0 fffff801`080e60a5 nt!RtlpExecuteHandlerForException+0xd
04 ffffd001`d820a4e0 fffff801`080ea45e nt!RtlDispatchException+0x1a5
05 ffffd001`d820abb0 fffff801`081798c2 nt!KiDispatchException+0x646
06 ffffd001`d820b2a0 fffff801`08178014 nt!KiExceptionDispatch+0xc2
07 ffffd001`d820b480 fffff800`a604ceec nt!KiPageFault+0x214
08 ffffd001`d820b610 fffff800`a672e9de NETIO!FwppCopyStreamDataToBuffer+0xa8
09 ffffd001`d820b660 fffff800`a6facc1c fwpkclnt!FwpsCopyStreamDataToBuffer0+0x3e
0a ffffd001`d820b690 ffffd001`d820b720 [COLOR=#ff0000][B][U]avgwfpa[/U][/B][/COLOR]+0x8c1c
0b ffffd001`d820b698 ffffd001`d820b690 0xffffd001`d820b720
0c ffffd001`d820b6a0 ffffdb7e`b05e5031 0xffffd001`d820b690
0d ffffd001`d820b6a8 7fffffff`fffffffc 0xffffdb7e`b05e5031
0e ffffd001`d820b6b0 ffffe000`3b8f58c0 0x7fffffff`fffffffc
0f ffffd001`d820b6b8 ffffe000`37ca1cc0 0xffffe000`3b8f58c0
10 ffffd001`d820b6c0 ffffe000`38bd8ac0 0xffffe000`37ca1cc0
11 ffffd001`d820b6c8 ffffe000`36e63990 0xffffe000`38bd8ac0
12 ffffd001`d820b6d0 00000000`00000000 0xffffe000`36e63990
We see that the AVG Antivirus Driver told the Kernel Mode IPsec driver to copy the data of the stream to the buffer which asked the Networking Driver of Windows (NETIO.sys) to do the same. But, this resulted in a page fault which ultimately caused the system to crash. Let's see what happened -
Code:
12 ffffd001`d820b6d0 00000000`00000000 0xffffe000`36e63990
1: kd> .cxr 0xffffd001d820abe0;r
rax=ffffd001d820b660 rbx=ffffd001d820b700 rcx=0000000000000000
rdx=0000000000000000 rsi=ffffd001d9247600 rdi=0000000000000000
rip=fffff800a604ceec rsp=ffffd001d820b610 rbp=0000000000003fd0
 r8=ffffd001d9247600  r9=0000000000003fd0 r10=ffffe0003178f750
r11=ffffd001d820b658 r12=0000000000000000 r13=0000000000000001
r14=0000000000000000 r15=0000000000003fd0
iopl=0         nv up ei pl nz na pe nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00010202
NETIO!FwppCopyStreamDataToBuffer+0xa8:
fffff800`a604ceec 488b3f          [B]mov[/B]     [B][COLOR=#ff0000]rdi[/COLOR][/B],qword ptr [[COLOR=#ff0000][B]rdi[/B][/COLOR]] ds:002b:[COLOR=#0000ff][B][U]00000000`00000000[/U][/B][/COLOR]=????????????????
We see that a MOVe instruction was executed which was to move the value 0 which is contained in the register RDI to the register RDI. That seems strange, doesn't it? Seems like the AVG Driver passed on some bad addresses.



Kindly remove AVG using this **TOOL** and enable Windows Defender. Once you have uninstalled AVG, monitor the system for crashes.


Let me know how it goes ^_^

-Pranav
 

My Computer

System One

  • OS
    Windows 8.1 Industry Pro B-)
    Computer type
    Laptop
    System Manufacturer/Model
    Toshiba
    CPU
    Core I5 2430M @ 2.4GHz
    Memory
    8 GB DDR3 @ 1600MHz Dual Channel ^_^
    Graphics Card(s)
    Intel HD 3000 B-)
    Screen Resolution
    1366x768
    Hard Drives
    Toshiba 500 GB
    Browser
    Google Chrome
    Antivirus
    Windows Defender & Common Sense!
Thanks for the really quick reply! After the Blue Screen today I actually did uninstall AVG because of some high disk usage problems so that step is already complete. I'll monitor it for a while and tell you how it goes. Thanks again for the quick response!
 

My Computer

System One

  • OS
    Windows 8.1 64-bit
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Hewlett-Packard
    CPU
    Intel Core i-7-3770 @ 3.40GHz (8 CPUs)
    Memory
    16384MB RAM
    Graphics Card(s)
    NVIDIA GeForce GT 640
    Screen Resolution
    1920x1080
    Hard Drives
    3TB hard drive
    Browser
    Google Chrome
Thanks for the really quick reply! After the Blue Screen today I actually did uninstall AVG because of some high disk usage problems so that step is already complete. I'll monitor it for a while and tell you how it goes. Thanks again for the quick response!
Hi FabFabian ^_^,

You are welcome :)

Let me know in case of any further troubles ^_^


-Pranav
 

My Computer

System One

  • OS
    Windows 8.1 Industry Pro B-)
    Computer type
    Laptop
    System Manufacturer/Model
    Toshiba
    CPU
    Core I5 2430M @ 2.4GHz
    Memory
    8 GB DDR3 @ 1600MHz Dual Channel ^_^
    Graphics Card(s)
    Intel HD 3000 B-)
    Screen Resolution
    1366x768
    Hard Drives
    Toshiba 500 GB
    Browser
    Google Chrome
    Antivirus
    Windows Defender & Common Sense!
Back
Top