请使用手机微信扫码安全登录

切换账号密码登录

绑定手机号

应国家法规对于账号实名的要求,请您在进行下一步操作前,需要先完成手机绑定 (若绑定失败,请重新登录绑定)。了解更多

不绑定绑定手机号

360官网 | 360商城

推荐论坛版块活动360粉丝商城众测粉丝轰趴馆常见问题

360Hvm64.sys导致蓝屏,求大佬救命

2021-9-10 14:49 | 复制链接
1 781
在正常使用完准备关机时,突然出现蓝屏,蓝屏提示为:KERNEL_SECURITY_CHECK_FAILURE (139),微软那边说需要卸载360,但用习惯了,实在不想删,求大佬救命

dump文件: Minidump.zip (1.98 MB)





第一次蓝屏的dump文件内容:

Microsoft (R) Windows Debugger Version 10.0.19041.685 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [D:\BaiduNetdiskDownload\Minidump\Minidump\082921-13984-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: srv*
Executable search path is:
Windows 10 Kernel Version 19041 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 19041.1.amd64fre.vb_release.191206-1406
Machine Name:
Kernel base = 0xfffff807`7c600000 PsLoadedModuleList = 0xfffff807`7d22a190
Debug session time: Sun Aug 29 07:57:34.972 2021 (UTC + 8:00)
System Uptime: 0 days 21:28:27.579
Loading Kernel Symbols
...............................................................
................................................................
................................................................
..................................................
Loading User Symbols
Loading unloaded module list
...................
For analysis of this file, run !analyze -v
1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure.  The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 000000000000001d, Type of memory safety violation
Arg2: fffffd058e45ef10, Address of the trap frame for the exception that caused the bugcheck
Arg3: fffffd058e45ee68, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved

Debugging Details:
------------------

*** WARNING: Unable to verify timestamp for 360Hvm64.sys
*** WARNING: Unable to verify timestamp for win32k.sys

KEY_VALUES_STRING: 1

    Key  : Analysis.CPU.Sec
    Value: 3

    Key  : Analysis.DebugAnalysisProvider.CPP
    Value: Create: 8007007e on DESKTOP-5JF7T7G

    Key  : Analysis.DebugData
    Value: CreateObject

    Key  : Analysis.DebugModel
    Value: CreateObject

    Key  : Analysis.Elapsed.Sec
    Value: 6

    Key  : Analysis.Memory.CommitPeak.Mb
    Value: 112

    Key  : Analysis.System
    Value: CreateObject


BUGCHECK_CODE:  139

BUGCHECK_P1: 1d

BUGCHECK_P2: fffffd058e45ef10

BUGCHECK_P3: fffffd058e45ee68

BUGCHECK_P4: 0

TRAP_FRAME:  fffffd058e45ef10 -- (.trap 0xfffffd058e45ef10)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffff8077d212400 rbx=0000000000000000 rcx=000000000000001d
rdx=fffff8077d2124c0 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8077ca3d919 rsp=fffffd058e45f0a8 rbp=000000000000000f
r8=fffff8077d2124c0  r9=0000000000000000 r10=fffff8077d212400
r11=fffff8077d231360 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up di ng nz na pe cy
nt!RtlRbRemoveNode+0x1b2529:
fffff807`7ca3d919 cd29            int     29h
Resetting default scope

EXCEPTION_RECORD:  fffffd058e45ee68 -- (.exr 0xfffffd058e45ee68)
ExceptionAddress: fffff8077ca3d919 (nt!RtlRbRemoveNode+0x00000000001b2529)
   ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
  ExceptionFlags: 00000001
NumberParameters: 1
   Parameter[0]: 000000000000001d
Subcode: 0x1d FAST_FAIL_INVALID_BALANCED_TREE

BLACKBOXBSD: 1 (!blackboxbsd)


BLACKBOXNTFS: 1 (!blackboxntfs)


BLACKBOXPNP: 1 (!blackboxpnp)


BLACKBOXWINLOGON: 1

CUSTOMER_CRASH_COUNT:  1

PROCESS_NAME:  svchost.exe

ERROR_CODE: (NTSTATUS) 0xc0000409 -<Unable to get error code text>

EXCEPTION_CODE_STR:  c0000409

EXCEPTION_PARAMETER1:  000000000000001d

EXCEPTION_STR:  0xc0000409

BAD_STACK_POINTER:  fffffd058e45ebe8

STACK_TEXT:  
fffffd05`8e45ebe8 fffff807`7ca09169 : 00000000`00000139 00000000`0000001d fffffd05`8e45ef10 fffffd05`8e45ee68 : nt!KeBugCheckEx
fffffd05`8e45ebf0 fffff807`7ca09590 : 00000000`00000000 ffffba80`0fd80180 ffffa101`200e4040 00000000`00000000 : nt!KiBugCheckDispatch+0x69
fffffd05`8e45ed30 fffff807`7ca07923 : ffff8c8d`360b5d10 00000000`00020000 00000000`00000000 00000000`00000000 : nt!KiFastFailDispatch+0xd0
fffffd05`8e45ef10 fffff807`7ca3d919 : 00000000`00000002 00000000`00000002 fffff807`7cb1b677 00000000`0000000f : nt!KiRaiseSecurityCheckFailure+0x323
fffffd05`8e45f0a8 fffff807`7cb1b677 : 00000000`0000000f 00000000`00000201 ffffffff`ffffffff 00000000`00000000 : nt!RtlRbRemoveNode+0x1b2529
fffffd05`8e45f0c0 fffff807`7cb19af1 : 00000000`00000002 00000000`00000200 00000000`00000201 0000017a`8c6047e4 : nt!KiSetVirtualHeteroClockIntervalRequest+0x83
fffffd05`8e45f0f0 fffff807`7cb191d7 : 00000000`00000002 00000000`00000200 00000000`00000201 ffffba80`0fd80180 : nt!KeUpdatePendingQosRequest+0x31
fffffd05`8e45f130 fffff807`7c9fe2eb : ffffba80`0fd80180 000fa4ef`bd9bbfff ffffa101`1d9ab080 ffffa101`1f857080 : nt!KeCheckAndApplyBamQos+0xd7
fffffd05`8e45f160 fffff807`7c9fdf56 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!SwapContext+0xbb
fffffd05`8e45f1a0 fffff807`7c80c970 : 00000000`0003168e 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSwapContext+0x76
fffffd05`8e45f2e0 fffff807`7c80be9f : ffff8c8d`43e9e5d0 fffff807`7cc2d91c fffffd05`8e45f4a0 00000000`ffff0002 : nt!KiSwapThread+0x500
fffffd05`8e45f390 fffff807`7c80b743 : 00000000`00000000 fffff807`00000000 ffffa101`3ecedc00 ffffa101`1f8571c0 : nt!KiCommitThreadWait+0x14f
fffffd05`8e45f430 fffff807`7c896983 : ffffa101`1f857508 00000000`00000011 ffffa101`1d26fd01 00000000`00000000 : nt!KeWaitForSingleObject+0x233
fffffd05`8e45f520 fffff807`7cc84876 : 00000000`00000000 ffffa101`1f857508 c8fc2c49`00000011 0000017a`8c624f38 : nt!AlpcpSignalAndWait+0x143
fffffd05`8e45f5c0 fffff807`7cc844db : fffffd05`8e45f6a0 0000017a`8c624f38 0000017a`91790770 00000000`7e000000 : nt!AlpcpReceiveSynchronousReply+0x56
fffffd05`8e45f620 fffff807`7cc82566 : ffffa101`21b8a070 fffff807`00020000 0000017a`91790770 0000017a`8c624f38 : nt!AlpcpProcessSynchronousRequest+0x37b
fffffd05`8e45f740 fffff807`96217156 : 00000000`00000000 fffffd05`8e45fa80 00000050`f0dfc578 fffffd05`8e45f9a8 : nt!NtAlpcSendWaitReceivePort+0x1d6
fffffd05`8e45f800 00000000`00000000 : fffffd05`8e45fa80 00000050`f0dfc578 fffffd05`8e45f9a8 0000017a`91790770 : 360Hvm64+0x17156


SYMBOL_NAME:  360Hvm64+17156

MODULE_NAME: 360Hvm64

IMAGE_NAME:  360Hvm64.sys

STACK_COMMAND:  .thread ; .cxr ; kb

BUCKET_ID_FUNC_OFFSET:  17156

FAILURE_BUCKET_ID:  0x139_1d_INVALID_BALANCED_TREE_STACKPTR_ERROR_360Hvm64!unknown_function

OS_VERSION:  10.0.19041.1

BUILDLAB_STR:  vb_release

OSPLATFORM_TYPE:  x64

OSNAME:  Windows 10

FAILURE_ID_HASH:  {d2a1590c-d87e-3717-9871-5142c0909462}

Followup:     MachineOwner
---------

回复 评分 收藏

共 1 个关于360Hvm64.sys导致蓝屏,求大佬救命的回复 最后回复于 2021-9-10 17:18

评论

直达楼层

沙发
大眼睛大大_大 产品答疑师 发表于 2021-9-10 17:18 | 只看该作者 | 私信
收到,我们看下是否和360有关
henry亨利_ LV4.上士 回复360fans1334165599:我也是这个蓝屏问题,之前问了好多次,说查看就没下闻 
2021-9-17 23:13回复
henry亨利_ LV4.上士 回复360fans1334165599:放心,他们是不会回复的,永远不会给你解决方案的 
2021-9-17 23:12回复
360fans1334165599 LV1.上等兵 请问蓝屏的文件分析有结果了吗? 
2021-9-13 14:30回复
返回列表
高级模式   
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

360fans1334165599 LV1.上等兵

粉丝:0 关注:0 积分:13

精华:0 金币:23 经验:13

最后登录时间:2022-4-7

360商城青铜会员

私信 加好友

最新活动

360云台摄像机9Pro写评论送大奖!

排行榜

热度排行 查看排行
今日 本周 本月 全部
    今日 本周 本月 全部

      内容推荐 热门推荐最新主帖

      扫码添加360客服号,涨知识的同时还有超多福利等你哦

      快速回复 返回顶部 返回列表