360Hvm64.sys导致蓝屏
使用Windbg查看蓝屏dmp文件Microsoft (R) Windows Debugger Version 10.0.19041.5609 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File
Mini Kernel Dump File: Only registers and stack trace are available
************* Path validation summary **************
Response Time (ms) Location
Deferred
Symbol search path is
Executable search path is:
Windows 10 Kernel Version 19041 MP (16 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 19041.1.amd64fre.vb_release.191206-1406
Machine Name:
Kernel base = 0xfffff806`61e00000 PsLoadedModuleList = 0xfffff806`62a2a930
Debug session time: Sun Dec 21 23:23:21.916 2025 (UTC + 8:00)
System Uptime: 0 days 0:25:12.685
Loading Kernel Symbols
...............................................................
................................................................
................................................................
.................................
Loading User Symbols
Loading unloaded module list
.....................
For analysis of this file, run !analyze -v
8: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
ATTEMPTED_WRITE_TO_READONLY_MEMORY (be)
An attempt was made to write to readonly memory.The guilty driver is on the
stack trace (and is typically the current instruction pointer).
When possible, the guilty driver's name (Unicode string) is printed on
the bugcheck screen and saved in KiBugCheckDriver.
Arguments:
Arg1: fffff8066be0af9d, Virtual address for the attempted write.
Arg2: 090000040cb80121, PTE contents.
Arg3: ffff8d89001487b0, (reserved)
Arg4: 000000000000000b, (reserved)
Debugging Details:
------------------
*** WARNING: Unable to verify timestamp for 360Hvm64.sys
KEY_VALUES_STRING: 1
Key: Analysis.CPU.Sec
Value: 3
Key: Analysis.DebugAnalysisProvider.CPP
Value: Create: 8007007e on DESKTOP-2QRH2K5
Key: Analysis.DebugData
Value: CreateObject
Key: Analysis.DebugModel
Value: CreateObject
Key: Analysis.Elapsed.Sec
Value: 25
Key: Analysis.Memory.CommitPeak.Mb
Value: 82
Key: Analysis.System
Value: CreateObject
BUGCHECK_CODE:be
BUGCHECK_P1: fffff8066be0af9d
BUGCHECK_P2: 90000040cb80121
BUGCHECK_P3: ffff8d89001487b0
BUGCHECK_P4: b
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXPNP: 1 (!blackboxpnp)
BLACKBOXWINLOGON: 1
CUSTOMER_CRASH_COUNT:1
PROCESS_NAME:PNXClientHost.exe
TRAP_FRAME:ffff8d89001487b0 -- (.trap 0xffff8d89001487b0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000000 rbx=0000000000000000 rcx=0000000000000011
rdx=ffff8d89001489d0 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8066be0ae72 rsp=ffff8d8900148940 rbp=ffff8d8900148b00
r8=ffff8d8900148a70r9=ffff8d89001489f0 r10=0000000000000000
r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl zr na po nc
360Hvm64+0xae72:
fffff806`6be0ae72 f0834718ff lock add dword ptr ,0FFFFFFFFh ds:00000000`00000018=????????
Resetting default scope
STACK_TEXT:
ffff8d89`00148508 fffff806`62248c59 : 00000000`000000be fffff806`6be0af9d 09000004`0cb80121 ffff8d89`001487b0 : nt!KeBugCheckEx
ffff8d89`00148510 fffff806`6200d450 : 00000000`00000000 00000000`00000003 ffff8d89`00148830 00000000`00000000 : nt!MiSystemFault+0x1b71d9
ffff8d89`00148610 fffff806`6220d66d : 00000000`00000000 00000000`00000000 00000000`00000000 fffff806`620cb16e : nt!MmAccessFault+0x400
ffff8d89`001487b0 fffff806`6be0ae72 : 00000000`00000000 00000000`00000000 00000000`77566d4d ffff8d89`00148998 : nt!KiPageFault+0x36d
ffff8d89`00148940 00000000`00000000 : 00000000`00000000 00000000`77566d4d ffff8d89`00148998 00000000`77104660 : 360Hvm64+0xae72
SYMBOL_NAME:360Hvm64+ae72
MODULE_NAME: 360Hvm64
IMAGE_NAME:360Hvm64.sys
STACK_COMMAND:.thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET:ae72
FAILURE_BUCKET_ID:0xBE_360Hvm64!unknown_function
OS_VERSION:10.0.19041.1
BUILDLAB_STR:vb_release
OSPLATFORM_TYPE:x64
OSNAME:Windows 10
FAILURE_ID_HASH:{6a5bb82a-2dcf-a9b2-e07b-b4ed901a5685}
Followup: MachineOwner
---------
8: kd> lmvm 360Hvm64
Browse full module list
start end module name
fffff806`6be00000 fffff806`6befe000 360Hvm64 T (no symbols)
Loaded symbol image file: 360Hvm64.sys
Image path: \SystemRoot\System32\Drivers\360Hvm64.sys
Image name: 360Hvm64.sys
Browse all global symbolsfunctionsdata
Timestamp: Mon Jul 14 14:40:56 2025 (6874A678)
CheckSum: 00075FA4
ImageSize: 000FE000
Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
Information from resource tables:
通过360AI云盘分享的文件:蓝屏dmp文件
360AI云盘无需下载,在线播放视频,畅享超清原画、极速播放
链接:
surl_yNKaPr6wN8t
(提取码:cfed)
复制这段内容打开「360AI云盘APP」即可获取 感谢您的反馈,我们同步技术去分析
页:
[1]