虚拟机，安装了windows2008，最近频繁蓝屏0x00000109，请帮忙看下原因，谢谢！

Tutte le risposte

• 

  

  0

  Registrati per votare

  0x00000109 CRITICAL_STRUCTURE_CORRUPTION 表明内核检测到关键的内核代码或数据损坏，内存条不兼容或已损坏，驱动程序及相关软件存在兼容问题。
  宿主机运行是否一切正常？虚拟机运行其它操作系统是否也一切正常？这台虚拟机是在做过什么修改后出现问题的？

  ---

  Alexis Zhang

  http://mvp.microsoft.com/zh-cn/mvp/Jie%20Zhang-4000545
  http://blogs.itecn.net/blogs/alexis

  推荐以 NNTP Bridge 桥接新闻组方式访问论坛。

  本帖是回复帖，原帖作者是楼上的 <jianbo.wang>；

  | BugCheck 109, {a3a039d904abf545, b3b7465f572a354f, 5c0000082, 7}
  | Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )

  martedì 27 febbraio 2018 12:55

  Risposta

  |

  Citazione
• 

  

  0

  Registrati per votare

  感谢回答，宿主机目前是好的，上面运行的虚拟机暂时也没有报错，这台虚拟机是windows2008，中过一次挖矿病毒，不过目前已经处理，还有什么能进一步检测的工具吗？

  mercoledì 28 febbraio 2018 00:50

  Risposta

  |

  Citazione
• 

  

  0

  Registrati per votare

  那就在确保已经清除病毒的情况下再观察一段时间看看吧。

  ---

  Alexis Zhang

  http://mvp.microsoft.com/zh-cn/mvp/Jie%20Zhang-4000545
  http://blogs.itecn.net/blogs/alexis

  推荐以 NNTP Bridge 桥接新闻组方式访问论坛。

  本帖是回复帖，原帖作者是楼上的 <jianbo.wang>；

  | 感谢回答，宿主机目前是好的，上面运行的虚拟机暂时也没有报错，这台虚拟机是windows2008，中过一次挖矿病毒，不过目前已经处理，还有什么能进一步检测的工具吗？

  giovedì 1 marzo 2018 13:23

  Risposta

  |

  Citazione
• 

  

  0

  Registrati per votare

  病毒已经杀了，之后，出现了几次蓝屏，您能看出来，除了内存可能有问题，还缺少什么系统文件吗？

  sabato 3 marzo 2018 00:57

  Risposta

  |

  Citazione
• 

  

  0

  Registrati per votare

  看不出来。如果后面几次蓝屏故障代码或 WinDBG 分析信息有变化，请贴出来看一看。

  内存方面可以用 Windows 内存检测工具测试一下稳定性。

  ---

  Alexis Zhang

  http://mvp.microsoft.com/zh-cn/mvp/Jie%20Zhang-4000545
  http://blogs.itecn.net/blogs/alexis

  推荐以 NNTP Bridge 桥接新闻组方式访问论坛。

  本帖是回复帖，原帖作者是楼上的 <jianbo.wang>；

  | 病毒已经杀了，之后，出现了几次蓝屏，您能看出来，除了内存可能有问题，还缺少什么系统文件吗？
  |

  domenica 4 marzo 2018 11:09

  Risposta

  |

  Citazione
• 

  

  0

  Registrati per votare

  似乎没再蓝过，不过现在再执行工具，直接这个回显了。

  
  Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
  Copyright (c) Microsoft Corporation. All rights reserved.

  
  Loading Dump File [C:\Windows\MEMORY.DMP]
  Kernel Summary Dump File: Only kernel address space is available

  Symbol search path is: SRV*c:\temp*http://msdl.microsoft.com/download/symbols
  Executable search path is:
  Windows 7 Kernel Version 7601 (Service Pack 1) MP (32 procs) Free x64
  Product: Server, suite: Enterprise TerminalServer SingleUserTS
  Built by: 7601.17514.amd64fre.win7sp1_rtm.101119-1850
  Machine Name:
  Kernel base = 0xfffff800`01608000 PsLoadedModuleList = 0xfffff800`0184de90
  Debug session time: Mon Feb 26 11:42:25.233 2018 (UTC + 8:00)
  System Uptime: 0 days 5:41:02.139
  Loading Kernel Symbols
  ...............................................................
  ................................................................
  ...............
  Loading User Symbols

  Loading unloaded module list
  .........
  The context is partially valid. Only x86 user-mode context is available.
  The wow64exts extension must be loaded to access 32-bit state.
  .load wow64exts will do this if you haven't loaded it already.
  *******************************************************************************
  *                                                                             *
  *                        Bugcheck Analysis                                    *
  *                                                                             *
  *******************************************************************************

  Use !analyze -v to get detailed debugging information.

  BugCheck 109, {a3a039d904abf545, b3b7465f572a354f, 5c0000082, 7}

  Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )

  Followup: MachineOwner
  ---------

  16.31: kd:x86> analyze -v
  *** ERROR: Module load completed but symbols could not be loaded for BAPIDRV64.sys
  *** ERROR: Module load completed but symbols could not be loaded for DsArk64.sys
  *** ERROR: Module load completed but symbols could not be loaded for viostor.sys
  *** ERROR: Module load completed but symbols could not be loaded for 360AntiHacker64.sys
  *** ERROR: Module load completed but symbols could not be loaded for spldr.sys
  *** ERROR: Module load completed but symbols could not be loaded for 360reskit64.sys
  *** ERROR: Module load completed but symbols could not be loaded for 360Box64.sys
  *** ERROR: Module load completed but symbols could not be loaded for dump_viostor.sys
  *** ERROR: Module load completed but symbols could not be loaded for netkvm.sys
  *** ERROR: Module load completed but symbols could not be loaded for vioser.sys
  *** ERROR: Module load completed but symbols could not be loaded for balloon.sys
  *** ERROR: Module load completed but symbols could not be loaded for 360qpesv64.sys
  *** ERROR: Module load completed but symbols could not be loaded for 360netmon.sys
  *** ERROR: Module load completed but symbols could not be loaded for 360FsFlt.sys
  *** ERROR: Module load completed but symbols could not be loaded for 360AntiHijack64.sys
  *** ERROR: Module load completed but symbols could not be loaded for peauth.sys
  *** ERROR: Module load completed but symbols could not be loaded for secdrv.SYS
  *** ERROR: Symbol file could not be found.  Defaulted to export symbols for spsys.sys -
  *** ERROR: Module load completed but symbols could not be loaded for 360Sensor64.sys
  *** ERROR: Module load completed but symbols could not be loaded for 360AvFlt.sys
  Couldn't resolve error at 'nalyze -v'

  lunedì 5 marzo 2018 04:16

  Risposta

  |

  Citazione
• 

  

  0

  Registrati per votare

  Windows Server 系统还装 360 啊？最好把这破玩意儿卸载了。

  ---

  Alexis Zhang

  http://mvp.microsoft.com/zh-cn/mvp/Jie%20Zhang-4000545
  http://blogs.itecn.net/blogs/alexis

  推荐以 NNTP Bridge 桥接新闻组方式访问论坛。

  本帖是回复帖，原帖作者是楼上的 <jianbo.wang>；

  | 似乎没再蓝过，不过现在再执行工具，直接这个回显了。
  |

  lunedì 5 marzo 2018 12:06

  Risposta

  |

  Citazione
• 

  

  0

  Registrati per votare

  哈哈，我跟客户说下，谢谢。

  martedì 6 marzo 2018 01:00

  Risposta

  |

  Citazione
• 

  

  0

  Registrati per votare

  嗯嗯，卸载掉，还有其它什么管家大师助手的。电脑装了这些东西，得减一半寿命一半效率。

  ---

  Alexis Zhang

  http://mvp.microsoft.com/zh-cn/mvp/Jie%20Zhang-4000545
  http://blogs.itecn.net/blogs/alexis

  推荐以 NNTP Bridge 桥接新闻组方式访问论坛。

  本帖是回复帖，原帖作者是楼上的 <jianbo.wang>；

  | 哈哈，我跟客户说下，谢谢。
  |

  giovedì 8 marzo 2018 14:03

  Risposta

  |

  Citazione
• 

  

  0

  Registrati per votare

  请问，Windows服务器上需不需要安装杀毒软件和防木马软件？安装哪种杀毒软件防木马软件较好？

  venerdì 9 marzo 2018 00:19

  Risposta

  |

  Citazione
• 

  

  0

  Registrati per votare

  微软自家有 MSE（Microsoft Security Essentials）for Windows Server。

  ---

  Alexis Zhang

  http://mvp.microsoft.com/zh-cn/mvp/Jie%20Zhang-4000545
  http://blogs.itecn.net/blogs/alexis

  推荐以 NNTP Bridge 桥接新闻组方式访问论坛。

  本帖是回复帖，原帖作者是楼上的 "小油箱"

  | 请问，Windows服务器上需不需要安装杀毒软件和防木马软件？安装哪种杀毒软件防木马软件较好？
  |

  • Contrassegnato come risposta jianbo.wang giovedì 23 gennaio 2020 09:01

  domenica 11 marzo 2018 12:35

  Risposta

  |

  Citazione
• 

  

  0

  Registrati per votare

  感谢感谢

  giovedì 23 gennaio 2020 09:01

  Risposta

  |

  Citazione