Dzisiaj podjąłem próbę przeskanowania pojedynczego folderu. Efekt zakończył się kolejnym BSOD.
Kod:
Microsoft (R) Windows Debugger Version 6.2.9200.20512 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C: \Windows\Minidump\071015-34788-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: symsrv*symsrv.dll*c: \symb*http: //msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 7601.18869.amd64fre.win7sp1_gdr.150525-0603
Machine Name:
Kernel base = 0xfffff800`02e0b000 PsLoadedModuleList = 0xfffff800`03052730
Debug session time: Fri Jul 10 09: 23: 20.738 2015 (UTC + 2: 00)
System Uptime: 0 days 8: 53: 43.455
Loading Kernel Symbols
...............................................................
Loading User Symbols
Loading unloaded module list
.....................
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck BE, {fffff8a006dfb000, 199e2820, fffff88009fa74b0, e}
*** WARNING: Unable to verify timestamp for AsDsm.sys
*** ERROR: Module load completed but symbols could not be loaded for AsDsm.sys
Probably caused by : AsDsm.sys ( AsDsm+23d2 )
Followup: MachineOwner
---------
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
ATTEMPTED_WRITE_TO_READONLY_MEMORY (be)
An attempt was made to write to readonly memory. The guilty driver is on the
stack trace (and is typically the current instruction pointer).
When possible, the guilty driver's name (Unicode string) is printed on
the bugcheck screen and saved in KiBugCheckDriver.
Arguments:
Arg1: fffff8a006dfb000, Virtual address for the attempted write.
Arg2: 00000000199e2820, PTE contents.
Arg3: fffff88009fa74b0, (reserved)
Arg4: 000000000000000e, (reserved)
Debugging Details:
------------------
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT
BUGCHECK_STR: 0xBE
PROCESS_NAME: ArcaMainSV.exe
CURRENT_IRQL: 0
TRAP_FRAME: fffff88009fa74b0 -- (.trap 0xfffff88009fa74b0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=006b00530020002d rbx=0000000000000000 rcx=fffff8a006dfb010
rdx=000001dffd4b58e4 rsi=0000000000000000 rdi=0000000000000000
rip=fffff880011d63d2 rsp=fffff88009fa7648 rbp=fffffa80042af014
r8=000000000000190e r9=0000000000000001 r10=0077006f006e0061
r11=fffff8a006df9730 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na pe nc
AsDsm+0x23d2:
fffff880`011d63d2 ? ?
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff80002e1a689 to fffff80002e7f8c0
STACK_TEXT:
fffff880`09fa7348 fffff800`02e1a689 : 00000000`000000be fffff8a0`06dfb000 00000000`199e2820 fffff880`09fa74b0 : nt!KeBugCheckEx
fffff880`09fa7350 fffff800`02e7d9ee : 00000000`00000001 fffff8a0`06dfb000 00000000`00000000 fffff8a0`1164e1f0 : nt! ? : FNODOBFM: `string'+0x4184f
fffff880`09fa74b0 fffff880`011d63d2 : fffff880`011d5724 fffffa80`04c9eea0 fffff8a0`1164e1f0 fffffa80`04fc88c0 : nt!KiPageFault+0x16e
fffff880`09fa7648 fffff880`011d5724 : fffffa80`04c9eea0 fffff8a0`1164e1f0 fffffa80`04fc88c0 fffff8a0`1164e1f0 : AsDsm+0x23d2
fffff880`09fa7650 fffffa80`04c9eea0 : fffff8a0`1164e1f0 fffffa80`04fc88c0 fffff8a0`1164e1f0 fffff880`011d8140 : AsDsm+0x1724
fffff880`09fa7658 fffff8a0`1164e1f0 : fffffa80`04fc88c0 fffff8a0`1164e1f0 fffff880`011d8140 fffff880`09fa76b0 : 0xfffffa80`04c9eea0
fffff880`09fa7660 fffffa80`04fc88c0 : fffff8a0`1164e1f0 fffff880`011d8140 fffff880`09fa76b0 fffff880`011d81c0 : 0xfffff8a0`1164e1f0
fffff880`09fa7668 fffff8a0`1164e1f0 : fffff880`011d8140 fffff880`09fa76b0 fffff880`011d81c0 fffffa80`04c9eea0 : 0xfffffa80`04fc88c0
fffff880`09fa7670 fffff880`011d8140 : fffff880`09fa76b0 fffff880`011d81c0 fffffa80`04c9eea0 fffffa80`045ade60 : 0xfffff8a0`1164e1f0
fffff880`09fa7678 fffff880`09fa76b0 : fffff880`011d81c0 fffffa80`04c9eea0 fffffa80`045ade60 fffffa80`04fc88c0 : AsDsm+0x4140
fffff880`09fa7680 fffff880`011d81c0 : fffffa80`04c9eea0 fffffa80`045ade60 fffffa80`04fc88c0 fffffa80`04fc8a10 : 0xfffff880`09fa76b0
fffff880`09fa7688 fffffa80`04c9eea0 : fffffa80`045ade60 fffffa80`04fc88c0 fffffa80`04fc8a10 fffff880`011db9ff : AsDsm+0x41c0
fffff880`09fa7690 fffffa80`045ade60 : fffffa80`04fc88c0 fffffa80`04fc8a10 fffff880`011db9ff fffff8a0`1164e101 : 0xfffffa80`04c9eea0
fffff880`09fa7698 fffffa80`04fc88c0 : fffffa80`04fc8a10 fffff880`011db9ff fffff8a0`1164e101 fffffa80`06137260 : 0xfffffa80`045ade60
fffff880`09fa76a0 fffffa80`04fc8a10 : fffff880`011db9ff fffff8a0`1164e101 fffffa80`06137260 fffffa80`06137690 : 0xfffffa80`04fc88c0
fffff880`09fa76a8 fffff880`011db9ff : fffff8a0`1164e101 fffffa80`06137260 fffffa80`06137690 fffff8a0`06df9730 : 0xfffffa80`04fc8a10
fffff880`09fa76b0 fffff8a0`1164e101 : fffffa80`06137260 fffffa80`06137690 fffff8a0`06df9730 fffff880`09fa7710 : AsDsm+0x79ff
fffff880`09fa76b8 fffffa80`06137260 : fffffa80`06137690 fffff8a0`06df9730 fffff880`09fa7710 fffff800`02e9667f : 0xfffff8a0`1164e101
fffff880`09fa76c0 fffffa80`06137690 : fffff8a0`06df9730 fffff880`09fa7710 fffff800`02e9667f 00000000`00000000 : 0xfffffa80`06137260
fffff880`09fa76c8 fffff8a0`06df9730 : fffff880`09fa7710 fffff800`02e9667f 00000000`00000000 fffffa80`06137260 : 0xfffffa80`06137690
fffff880`09fa76d0 fffff880`09fa7710 : fffff800`02e9667f 00000000`00000000 fffffa80`06137260 fffffa80`0bd721e0 : 0xfffff8a0`06df9730
fffff880`09fa76d8 fffff800`02e9667f : 00000000`00000000 fffffa80`06137260 fffffa80`0bd721e0 fffffa80`045adef8 : 0xfffff880`09fa7710
fffff880`09fa76e0 fffff800`0317db4b : 00000000`00001568 00000000`00000005 00000000`00000040 fffffa80`045adef8 : nt!RtlCopyUnicodeString+0x3f
fffff880`09fa7710 fffff800`03179b5e : fffffa80`04ca19d0 00000000`00000000 fffffa80`0b23db10 00000000`00000001 : nt!IopParseDevice+0x14e2
fffff880`09fa7870 fffff800`0317a646 : 00000000`00000000 fffff880`09fa79f0 00000000`00000040 fffffa80`03ce08a0 : nt!ObpLookupObjectName+0x784
fffff880`09fa7970 fffff800`0317bf4c : fffffa80`04a81060 00000000`00000000 fffffa80`04a81001 ffffffff`ffffffff : nt!ObOpenObjectByName+0x306
fffff880`09fa7a40 fffff800`03187574 : 00000000`0449db18 fffff8a0`80100080 00000000`0449db68 00000000`0449db28 : nt!IopCreateFile+0x2bc
fffff880`09fa7ae0 fffff800`02e7eb53 : ffffffff`ffffffff 0000007f`ffffffff fffffa80`00000000 00000980`00000000 : nt!NtCreateFile+0x78
fffff880`09fa7b70 00000000`77c3e10a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0449da98 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x77c3e10a
STACK_COMMAND: kb
FOLLOWUP_IP:
AsDsm+23d2
fffff880`011d63d2 ? ?
SYMBOL_STACK_INDEX: 3
SYMBOL_NAME: AsDsm+23d2
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: AsDsm
IMAGE_NAME: AsDsm.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 49950fc2
FAILURE_BUCKET_ID: X64_0xBE_AsDsm+23d2
BUCKET_ID: X64_0xBE_AsDsm+23d2
Followup: MachineOwner
---------
Problem z BSOD rozwiązany.
Natchnął mnie dostani plik dmp (
AsDsm.sys) i artykuł na stronie
http://support.kaspersky.com/pl/7123, gdyż kiedyś miałem Kaspersky i ten sam problem.
Problemem był zainstalowany ASUS Data Security Manager.
Po jego odinstalowaniu Arcabit działa bez problemu i nie powoduje BSOD.
Pozdrawiam,
Demo72