随机系统重新启动,Bug 检查3B 引用 mfehidk .sys 驱动程序
技术文章 ID:
KB90836
上次修改时间: 2022-12-01 12:32:26 Etc/GMT
上次修改时间: 2022-12-01 12:32:26 Etc/GMT
免责声明
本文内容源于英文。如果英文内容与其翻译内容之间存在差异,应始终以英文内容为准。本文部分内容是使用 Microsoft 的机器翻译技术进行翻译的。
了解不断适应的 XDR 生态系统如何为您的企业赋能。
Trellix 首席执行官 Bryan Palma 解释称,现在亟需能够不断学习的安全防护。
下载 Magic Quadrant 报告,该报告根据执行能力和愿景完成情况,对 19 家供应商进行了评估。
Gartner 报告称,“XDR 是一种新兴技术,可以提供增强的威胁防护、检测和响应。”
企业在 2022 年应警惕哪些网络安全威胁?
网络安全行业绝不是一潭死水,而是危机不断,现在便是接受这一全新安全防护理念,将其转化为自身优势,为企业赋能的最佳时机。
网络安全领域备受信赖的两大领导者携手打造弹性化的数字世界。
Trellix 首席执行官 Bryan Palma 解释称,现在亟需能够不断学习的安全防护。
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
随机系统重新启动,Bug 检查3B 引用 mfehidk .sys 驱动程序
技术文章 ID:
KB90836
上次修改时间: 2022-12-01 12:32:26 Etc/GMT 环境
Endpoint Security (ENS) 10.6.0 Microsoft Windows 服务器 2012 R2 问题
偶尔会发生错误检查3B 引用 An exception happened while executing a system service routine. Arguments: Arg1: 00000000c0000005, Exception code that caused the bugcheck Arg2: fffff801fcfa3e28, Address of the instruction which caused the bugcheck Arg3: ffffd00023df83a0, Address of the context record for the exception that caused the bugcheck Arg4: 0000000000000000, zero. Debugging Details: ------------------ DUMP_CLASS: 1 DUMP_QUALIFIER: 401 BUILD_VERSION_STRING: 9600.18589.amd64fre.winblue_ltsb.170204-0600 SYSTEM_MANUFACTURER: VMware, Inc. VIRTUAL_MACHINE: VMware SYSTEM_PRODUCT_NAME: VMware Virtual Platform SYSTEM_VERSION: None BIOS_VENDOR: Phoenix Technologies LTD BIOS_VERSION: 6.00 BIOS_DATE: 09/21/2015 BASEBOARD_MANUFACTURER: Intel Corporation BASEBOARD_PRODUCT: 440BX Desktop Reference Platform BASEBOARD_VERSION: None DUMP_TYPE: 1 BUGCHECK_P1: c0000005 BUGCHECK_P2: fffff801fcfa3e28 BUGCHECK_P3: ffffd00023df83a0 BUGCHECK_P4: 0 EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%p referenced memory at 0x%p. The memory could not be %s. FAULTING_IP: fltmgr!FltpGetNextCallbackNodeForInstance+78 fffff801`fcfa3e28 8b4728 mov eax,dword ptr [rdi+28h] CONTEXT: ffffd00023df83a0 -- (.cxr 0xffffd00023df83a0) rax=ffffe000ee0a2c80 rbx=ffffe000f61c48e8 rcx=0000000000000011 rdx=0000000000000001 rsi=0000000000000000 rdi=0000000000000000 rip=fffff801fcfa3e28 rsp=ffffd00023df8dd0 rbp=ffffd00023df8e00 r8=0000000000000000 r9=0000000063664d46 r10=fffff801fcfc16c0 r11=ffffc001ca551a60 r12=ffffe000f61c4880 r13=0000000000000016 r14=ffffe000ee0a2c80 r15=ffffe000f61c47f0 iopl=0 nv up ei pl nz ac po cy cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010217 fltmgr!FltpGetNextCallbackNodeForInstance+0x78: fffff801`fcfa3e28 8b4728 mov eax,dword ptr [rdi+28h] ds:002b:00000000`00000028=???????? Resetting default scope CPU_COUNT: 2 CPU_MHZ: 7ce CPU_VENDOR: GenuineIntel CPU_FAMILY: 6 CPU_MODEL: 4f CPU_STEPPING: 1 CPU_MICROCODE: 6,4f,1,0 (F,M,S,R) SIG: B00002A'00000000 (cache) B00002A'00000000 (init) DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT BUGCHECK_STR: 0x3B PROCESS_NAME: mcshield.exe CURRENT_IRQL: 0 ANALYSIS_SESSION_HOST: 5CG70874YK850 ANALYSIS_SESSION_TIME: 08-16-2018 15:02:15.0752 ANALYSIS_VERSION: 10.0.16299.91 amd64fre LAST_CONTROL_TRANSFER: from fffff801fcfca8fd to fffff801fcfa3e28 STACK_TEXT: ffffd000`23df8dd0 fffff801`fcfca8fd : ffffe000`f419c270 ffffd000`23df8e60 ffffe000`ee94aad0 ffffd000`23df8f40 : fltmgr!FltpGetNextCallbackNodeForInstance+0x78 ffffd000`23df8e20 fffff801`fcfcabe1 : ffffe000`ee94aad0 ffffd000`23df92b0 ffffe000`f419c200 00000001`00140011 : fltmgr!TargetedIOCtrlGenerateECP+0x165 ffffd000`23df8e90 fffff801`fcfcaec8 : 00000000`00000160 ffffd000`23df9138 ffffd000`23df9270 ffffd000`23df92b0 : fltmgr!FltpCreateFile+0xdd ffffd000`23df8f90 fffff801`fd134f4e : ffffe000`ee94aad0 00000000`00000160 ffffd000`23df9270 ffffd000`23df92b0 : fltmgr!FltCreateFileEx2+0xd0 ffffd000`23df90b0 fffff801`fd13757d : ffffc001`c7b06800 00000000`00000000 ffffd000`23df9368 ffffd000`23df9370 : mfehidk+0x78f4e ffffd000`23df91f0 fffff801`fd0eccfb : 00000000`00000000 ffffe000`f391b3d8 00000000`00000000 00000000`0000002a : mfehidk+0x7b57d ffffd000`23df92b0 fffff801`fd0ea824 : ffffe000`ee98c000 00000000`00000000 00000000`00000000 ffffe000`ee084380 : mfehidk+0x30cfb ffffd000`23df9460 fffff801`fe31c761 : ffffe000`f391b3d8 00000000`00000000 00000000`00000000 fffff801`00000800 : mfehidk+0x2e824 ffffd000`23df9530 fffff801`fe31c564 : ffffe000`f198fd60 ffffffff`ffffffff 00000000`00120181 ffffe000`f24e7c08 : mfencbdc+0x3c761 ffffd000`23df96a0 fffff801`fe2e6cd5 : 00000000`00000000 ffffe000`f198fd60 ffffe000`f391b3c0 00000000`c000a1c4 : mfencbdc+0x3c564 ffffd000`23df9710 fffff801`fe33b74a : 00000000`00000000 00000000`00000000 ffffe000`f4356680 00000000`00000000 : mfencbdc+0x6cd5 ffffd000`23df9790 fffff801`2c929b2b : 00000000`00000002 ffffd000`23df9891 ffffe000`f198fd60 ffffe000`f24e6900 : mfencbdc+0x5b74a ffffd000`23df9810 fffff801`2c92aa66 : ffffe000`f198fd05 ffffd000`23df9b80 ffffe000`f2ff6c00 ffffe000`f198fd60 : nt!IopSynchronousServiceTail+0x32b ffffd000`23df98e0 fffff801`2c8faac2 : ffffd000`23df9a38 00000000`00000964 00000000`00000000 000000c4`82ed8450 : nt!IopXxxControlFile+0xd86 ffffd000`23df9a20 fffff801`2c5e8ab3 : ffffe000`f41ae080 fffff801`001f0003 000000c4`82ed8398 000000c4`00000001 : nt!NtDeviceIoControlFile+0x56 ffffd000`23df9a90 00007ff9`22d1072a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13 000000c4`82ed8348 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ff9`22d1072a THREAD_SHA1_HASH_MOD_FUNC: e55abea43685c9e4cac5cc937e620a54936d1fbc THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 6d7512cf71b14fb85b7391e6846f8b4077fe8f7b THREAD_SHA1_HASH_MOD: 13c7797a3cff740f8a291e133da14c64d3fd0e12 FOLLOWUP_IP: mfehidk+78f4e fffff801`fd134f4e 440fb68c24b8010000 movzx r9d,byte ptr [rsp+1B8h] FAULT_INSTR_CODE: 8cb60f44 SYMBOL_STACK_INDEX: 4 SYMBOL_NAME: mfehidk+78f4e FOLLOWUP_NAME: MachineOwner MODULE_NAME: mfehidk IMAGE_NAME: mfehidk.sys 解决方案
此问题已在 Endpoint Security 10.6.1 解决, 可从 产品下载站点获取该版本。
注意: 您需要有效的授权号才能访问。有关产品下载网站以及某些产品的备用位置的详细信息,请参阅 KB56057-如何下载 Enterprise 产品更新和文档。 更新是累积性的;技术支持建议您安装最新的版本。 免责声明本文内容源于英文。如果英文内容与其翻译内容之间存在差异,应始终以英文内容为准。本文部分内容是使用 Microsoft 的机器翻译技术进行翻译的。
|
|