我有时会在启动 vpn 客户端时收到“内核安全检查失败”BSOD,或者在启动 Kaspersky 17 时偶尔收到,但在玩要求高的游戏时从未收到,在浏览时也从未收到。今天在 Windows 事件中,我发现错误是内核电源。是的,我更换了 PSU(改为 CORSAIR CS850M),但症状是这样吗?Nvidia 驱动程序已更新,温度也很好。
崩溃转储分析:
Crash dump directory: C:\Windows\Minidump
Crash dumps are enabled on your computer.
On Fri 05-05-2017 06:11:40 PM your computer crashed
crash dump file: C:\Windows\Minidump\050517-18734-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x14A510)
Bugcheck code: 0x139 (0x3, 0xFFFF8001B2C60C40, 0xFFFF8001B2C60B98, 0x0)
Error: KERNEL_SECURITY_CHECK_FAILURE
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: The kernel has detected the corruption of a critical data structure.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.
On Fri 05-05-2017 06:11:40 PM your computer crashed
crash dump file: C:\Windows\memory.dmp
This was probably caused by the following module: klim6.sys (klim6+0x2C72)
Bugcheck code: 0x139 (0x3, 0xFFFF8001B2C60C40, 0xFFFF8001B2C60B98, 0x0)
Error: KERNEL_SECURITY_CHECK_FAILURE
file path: C:\Windows\system32\drivers\klim6.sys
product: System Interceptors PDK
company: AO Kaspersky Lab
description: Packet Network Filter [fre_win8_x64]
Bug check description: The kernel has detected the corruption of a critical data structure.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: klim6.sys (Packet Network Filter [fre_win8_x64], AO Kaspersky Lab).
Google query: AO Kaspersky Lab KERNEL_SECURITY_CHECK_FAILURE
On Tue 25-04-2017 07:16:37 PM your computer crashed
crash dump file: C:\Windows\Minidump\042517-20718-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x14A510)
Bugcheck code: 0x139 (0x3, 0xFFFFF803B5680C60, 0xFFFFF803B5680BB8, 0x0)
Error: KERNEL_SECURITY_CHECK_FAILURE
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: The kernel has detected the corruption of a critical data structure.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.
On Sun 09-04-2017 09:38:25 PM your computer crashed
crash dump file: C:\Windows\Minidump\040917-19890-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x14A510)
Bugcheck code: 0x139 (0x3, 0xFFFFB201D3745BB0, 0xFFFFB201D3745B08, 0x0)
Error: KERNEL_SECURITY_CHECK_FAILURE
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: The kernel has detected the corruption of a critical data structure.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.
On Sun 09-04-2017 12:43:02 PM your computer crashed
crash dump file: C:\Windows\Minidump\040917-20453-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x14A510)
Bugcheck code: 0x139 (0x3, 0xFFFFD501E42B5370, 0xFFFFD501E42B52C8, 0x0)
Error: KERNEL_SECURITY_CHECK_FAILURE
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: The kernel has detected the corruption of a critical data structure.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.
--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------
12 crash dumps have been found and analyzed. Only 5 are included in this report. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:
klim6.sys (Packet Network Filter [fre_win8_x64], AO Kaspersky Lab)
If no updates for these drivers are available, try searching with Google on the names of these drivers in combination with the errors that have been reported for these drivers. Include the brand and model name of your computer as well in the query. This often yields interesting results from discussions on the web by users who have been experiencing similar problems.
答案1
使用 Windbg 分析转储,表明您应该将卡巴斯基防病毒套件更新到最新版本。您的版本是 2016 年的klim6.sys,kneps.sys可能会导致:
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_SECURITY_CHECK_FAILURE (139)
A kernel component has corrupted a critical data structure. The corruption
could potentially allow a malicious user to gain control of this machine.
Arguments:
Arg1: 0000000000000003, A LIST_ENTRY has been corrupted (i.e. double remove).
Arg2: ffffd48003f37bb0, Address of the trap frame for the exception that caused the bugcheck
Arg3: ffffd48003f37b08, Address of the exception record for the exception that caused the bugcheck
Arg4: 0000000000000000, Reserved
Debugging Details:
------------------
*** WARNING: Unable to verify timestamp for klim6.sys
*** ERROR: Module load completed but symbols could not be loaded for klim6.sys
*** WARNING: Unable to verify timestamp for kneps.sys
*** ERROR: Module load completed but symbols could not be loaded for kneps.sys
EXCEPTION_CODE_STR: c0000409
EXCEPTION_PARAMETER1: 0000000000000003
DEFAULT_BUCKET_ID: FAIL_FAST_LIST_ENTRY_CORRUPT
STACK_TEXT:
00 nt!KeBugCheckEx
01 nt!KiBugCheckDispatch
02 nt!KiFastFailDispatch
03 nt!KiRaiseSecurityCheckFailure
04 klim6
05 0x0
06 kneps
07 0x0
09 0x0
0a kneps
0b 0x0
0c kneps
0d 0x0
0f 0x0
10 kneps
11 kneps
12 0x0
13 0x0
14 kneps
15 0x0
18 0x0
19 kneps
1a 0x0
1b kneps
1c 0x0
Image path: \SystemRoot\system32\DRIVERS\klim6.sys
Image name: klim6.sys
Browse all global symbols functions data
Timestamp: Tue Aug 23 12:42:09 2016 (57BC2881)
CheckSum: 00011AA6
Image path: \SystemRoot\system32\DRIVERS\kneps.sys
Image name: kneps.sys
Browse all global symbols functions data
Timestamp: Mon May 16 15:33:56 2016
所以去卡巴斯基页面和下载最新版本。