This forum thread needs a solution.
Kudos0

Norton Security causing BSOD on Windows 11

Posted: 18-Jan-2022 | 8:02AM · 3 Replies ·

Below is the output from Windbg of the dump.  It happens about once a day.

Microsoft (R) Windows Debugger Version 10.0.22473.1005 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\MEMORY.DMP]
Kernel Bitmap Dump File: Kernel address space is available, User address space may not be available.

Dump completed successfully, progress percentage: 100

Symbol search path is: srv*
Executable search path is: 
Windows 10 Kernel Version 22000 MP (48 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Edition build lab: 22000.1.amd64fre.co_release.210604-1628
Machine Name:
Kernel base = 0xfffff800`1c200000 PsLoadedModuleList = 0xfffff800`1ce29640
Debug session time: Sun Jan 16 11:13:06.587 2022 (UTC - 8:00)
System Uptime: 0 days 17:44:17.354
Loading Kernel Symbols
...............................................................
................................................................
................................................................
.......................
Loading User Symbols
PEB is paged out (Peb.Ldr = 00000094`d594a018).  Type ".hh dbgerr001" for details
Loading unloaded module list
.............
For analysis of this file, run !analyze -v
nt!KeBugCheckEx:
fffff800`1c615b00 48894c2408      mov     qword ptr [rsp+8],rcx ss:0018:fffffe09`c1ad9930=0000000000000001
windbg> .hh dbgerr001
15: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

APC_INDEX_MISMATCH (1)
This is a kernel internal error. The most common reason to see this
BugCheck is when a filesystem or a driver has a mismatched number of
calls to disable and re-enable APCs. The key data item is the
Thread->CombinedApcDisable field. This consists of two separate 16-bit
fields, the SpecialApcDisable and the KernelApcDisable. A negative value
of either indicates that a driver has disabled special or normal APCs
(respectively) without re-enabling them; a positive value indicates that
a driver has enabled special or normal APCs (respectively) too many times.
Arguments:
Arg1: 00007ff818e23444, Address of system call function or worker routine
Arg2: 0000000000000000, Thread->ApcStateIndex
Arg3: 0000000000000001, (Thread->SpecialApcDisable << 16) | Thread->KernelApcDisable
Arg4: fffffe09c1ad9b60, Call type (0 - system call, 1 - worker routine)

Debugging Details:
------------------


KEY_VALUES_STRING: 1

    Key  : Analysis.CPU.mSec
    Value: 2921

    Key  : Analysis.DebugAnalysisManager
    Value: Create

    Key  : Analysis.Elapsed.mSec
    Value: 4895

    Key  : Analysis.Init.CPU.mSec
    Value: 1140

    Key  : Analysis.Init.Elapsed.mSec
    Value: 241295

    Key  : Analysis.Memory.CommitPeak.Mb
    Value: 105

    Key  : WER.OS.Branch
    Value: co_release

    Key  : WER.OS.Timestamp
    Value: 2021-06-04T16:28:00Z

    Key  : WER.OS.Version
    Value: 10.0.22000.1


FILE_IN_CAB:  MEMORY.DMP

DUMP_FILE_ATTRIBUTES: 0x1000

BUGCHECK_CODE:  1

BUGCHECK_P1: 7ff818e23444

BUGCHECK_P2: 0

BUGCHECK_P3: 1

BUGCHECK_P4: fffffe09c1ad9b60

PROCESS_NAME:  NortonSecurity.exe

STACK_TEXT:  
fffffe09`c1ad9928 fffff800`1c6286a9     : 00000000`00000001 00007ff8`18e23444 00000000`00000000 00000000`00000001 : nt!KeBugCheckEx
fffffe09`c1ad9930 fffff800`1c62856b     : ffffe404`c84db080 00000094`d727e128 fffffe09`c1ad9a88 00000000`00000001 : nt!KiBugCheckDispatch+0x69
fffffe09`c1ad9a70 00007ff8`18e23444     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceExitPico+0x238
00000094`d727e088 00000000`00000000     : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff8`18e23444


SYMBOL_NAME:  nt!KiSystemServiceExitPico+238

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

STACK_COMMAND:  .cxr; .ecxr ; kb

BUCKET_ID_FUNC_OFFSET:  238

FAILURE_BUCKET_ID:  0x1_SysCallNum_7_nt!KiSystemServiceExitPico

OS_VERSION:  10.0.22000.1

BUILDLAB_STR:  co_release

OSPLATFORM_TYPE:  x64

OSNAME:  Windows 10

FAILURE_ID_HASH:  {631892f3-6847-078e-1632-db0253856f1e}

Followup:     MachineOwner
---------

Replies

Kudos1 Stats

Re: Norton Security causing BSOD on Windows 11

Posted: 18-Jan-2022 | 8:31AM · Permalink

Are you using a Windows 11 insider version? If so, those are not supported by Norton, and you may see unexpected behaviour.

Norton has been updated to work with the currently released version of Windows 11.

Kudos0

Re: Norton Security causing BSOD on Windows 11

Posted: 19-Jan-2022 | 2:07PM · Permalink

Hi,

I have sent you a private message requesting additional information. Could you please check your inbox when you get a chance? Thanks. 

-Gayathri

Gayathri R | Norton Forums Global Community Administrator | NortonLifeLock
Kudos0

Re: Norton Security causing BSOD on Windows 11

Posted: 19-Jan-2022 | 3:18PM · Permalink

PJTraveler. What GPU is on the system and what is the driver version you are using?

SA

MS Certified Professional / Windows 11 Home 22H2 x 64 build 22621.1265 - Windows 10 Pro x 64 version 22H2 / build 19045.2673 / Norton Security Ultra - Norton 360 Deluxe ver. 22.23.1.21 / Opera GX LVL4 (core: 96.0.4693.59) 64 bit-Early Access w/Norton Chrome Extensions

This thread is closed from further comment. Please visit the forum to start a new thread.