通过

腾讯反作弊系统导致系统蓝屏,系统自动修复后腾讯反作弊系统无法再跟随系统重启

ht z 0 信誉分
2026-04-05T09:16:53.86+00:00

在一次更新后我发现我在打开三角洲行动的时候的腾讯反作弊系统没有正常跟随系统启动,于是我卸载腾讯反作弊,重新安装。
但是我发现有时会在启动过程中报错:
Your device ran into a problem ande needs to restart.

We'll restart for you.

Stop code:KERNEL_MODE_HEAP_CORRUPTION(0x13A)

然后我使用Verifier勾选了腾讯反作弊相关的几个sys文件,并且尝试重启电脑,电脑再次发生报错。
然后我用windbug打开Dump 日志,内容如下:

ExtensionGallery settings after reading 'SOFTWARE\Microsoft\Debug Engine' registry:

ExtensionGallery ExtensionRepository: Implicit

************* Path validation summary **************

Response Time (ms) Location

Deferred srv*

************* Preparing the environment for Debugger Extensions Gallery repositories **************

ExtensionRepository : Implicit

UseExperimentalFeatureForNugetShare : true

AllowNugetExeUpdate : true

NonInteractiveNuget : true

AllowNugetMSCredentialProviderInstall : true

AllowParallelInitializationOfLocalRepositories : true

EnableRedirectToChakraJsProvider : false

-- Configuring repositories

  ----> Repository : LocalInstalled, Enabled: true

  ----> Repository : UserExtensions, Enabled: true

Preparing the environment for Debugger Extensions Gallery repositories completed, duration 0.000 seconds

************* Waiting for Debugger Extensions Gallery to Initialize **************

.

Waiting for Debugger Extensions Gallery to Initialize completed, duration 1.016 seconds

----> Repository : UserExtensions, Enabled: true, Packages count: 0

----> Repository : LocalInstalled, Enabled: true, Packages count: 46

Microsoft (R) Windows Debugger Version 10.0.29507.1001 AMD64

Copyright (c) Microsoft Corporation. All rights reserved.

Loading Dump File [C:\Windows\Minidump\040526-16437-01.dmp]

Mini Kernel Dump File: Only registers and stack trace are available

************* Path validation summary **************

Response Time (ms) Location

Deferred srv*

Symbol search path is: srv*

Executable search path is:

Windows 10 Kernel Version 26100 MP (24 procs) Free x64

Product: WinNt, suite: TerminalServer SingleUserTS Personal

Kernel base = 0xfffff806e9310000 PsLoadedModuleList = 0xfffff806ea205040

Debug session time: Sun Apr 5 16:58:34.590 2026 (UTC + 8:00)

System Uptime: 0 days 0:03:24.254

Loading Kernel Symbols

..

Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.

Run !sym noisy before .reload to track down problems loading symbols.

.............................................................

................................................................

................................................................

................................................................

.

Loading User Symbols

PEB is paged out (Peb.Ldr = 00000000`00241018). Type ".hh dbgerr001" for details

Loading unloaded module list

...........................

For analysis of this file, run !analyze -vnt!KeBugCheckEx:

fffff806e980b8c0 48894c2408 mov qword ptr [rsp+8],rcx ss:0018:fffffd8da40b8b80=000000000000001a

18: kd> !analyze -v

Loading Kernel Symbols

..

Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.

Run !sym noisy before .reload to track down problems loading symbols.

.............................................................

................................................................

................................................................

................................................................

.

Loading User Symbols

PEB is paged out (Peb.Ldr = 00000000`00241018). Type ".hh dbgerr001" for details

Loading unloaded module list

...........................

  •                                                                         *

  •                    Bugcheck Analysis                                    *

  •                                                                         *

MEMORY_MANAGEMENT (1a)

# Any other values for parameter 1 must be individually examined.

Arguments:

Arg1: 0000000000001233, The subtype of the BugCheck.

Arg2: 000000000011df26

Arg3: 0000000000000000

Arg4: 0000000000000000

Debugging Details:

*** WARNING: Unable to verify timestamp for ACE-BASE.sys

KEY_VALUES_STRING: 1

Key  : Analysis.CPU.mSec

Value: 9312

Key  : Analysis.Elapsed.mSec

Value: 153077

Key  : Analysis.IO.Other.Mb

Value: 0

Key  : Analysis.IO.Read.Mb

Value: 1

Key  : Analysis.IO.Write.Mb

Value: 7

Key  : Analysis.Init.CPU.mSec

Value: 1953

Key  : Analysis.Init.Elapsed.mSec

Value: 42427

Key  : Analysis.Memory.CommitPeak.Mb

Value: 144

Key  : Analysis.Version.DbgEng

Value: 10.0.29507.1001

Key  : Analysis.Version.Description

Value: 10.2511.5.1 amd64fre

Key  : Analysis.Version.Ext

Value: 1.2511.5.1

Key  : Bugcheck.Code.LegacyAPI

Value: 0x1a

Key  : Bugcheck.Code.TargetModel

Value: 0x1a

Key  : Dump.Attributes.AsUlong

Value: 0x21808

Key  : Dump.Attributes.DiagDataWrittenToHeader

Value: 1

Key  : Dump.Attributes.ErrorCode

Value: 0x0

Key  : Dump.Attributes.KernelGeneratedTriageDump

Value: 1

Key  : Dump.Attributes.LastLine

Value: Dump completed successfully.

Key  : Dump.Attributes.ProgressPercentage

Value: 0

Key  : Failure.Bucket

Value: 0x1a_1233_ACE_BASE!unknown_function

Key  : Failure.Hash

Value: {e33c2793-6bb5-62e1-4b15-2cf18af2992f}

Key  : Hypervisor.Enlightenments.ValueHex

Value: 0x7417df84

Key  : Hypervisor.Flags.AnyHypervisorPresent

Value: 1

Key  : Hypervisor.Flags.ApicEnlightened

Value: 0

Key  : Hypervisor.Flags.ApicVirtualizationAvailable

Value: 1

Key  : Hypervisor.Flags.AsyncMemoryHint

Value: 0

Key  : Hypervisor.Flags.CoreSchedulerRequested

Value: 0

Key  : Hypervisor.Flags.CpuManager

Value: 1

Key  : Hypervisor.Flags.DeprecateAutoEoi

Value: 1

Key  : Hypervisor.Flags.DynamicCpuDisabled

Value: 1

Key  : Hypervisor.Flags.Epf

Value: 0

Key  : Hypervisor.Flags.ExtendedProcessorMasks

Value: 1

Key  : Hypervisor.Flags.HardwareMbecAvailable

Value: 1

Key  : Hypervisor.Flags.MaxBankNumber

Value: 0

Key  : Hypervisor.Flags.MemoryZeroingControl

Value: 0

Key  : Hypervisor.Flags.NoExtendedRangeFlush

Value: 0

Key  : Hypervisor.Flags.NoNonArchCoreSharing

Value: 1

Key  : Hypervisor.Flags.Phase0InitDone

Value: 1

Key  : Hypervisor.Flags.PowerSchedulerQos

Value: 0

Key  : Hypervisor.Flags.RootScheduler

Value: 0

Key  : Hypervisor.Flags.SynicAvailable

Value: 1

Key  : Hypervisor.Flags.UseQpcBias

Value: 0

Key  : Hypervisor.Flags.Value

Value: 55185662

Key  : Hypervisor.Flags.ValueHex

Value: 0x34a10fe

Key  : Hypervisor.Flags.VpAssistPage

Value: 1

Key  : Hypervisor.Flags.VsmAvailable

Value: 1

Key  : Hypervisor.RootFlags.AccessStats

Value: 1

Key  : Hypervisor.RootFlags.CrashdumpEnlightened

Value: 1

Key  : Hypervisor.RootFlags.CreateVirtualProcessor

Value: 1

Key  : Hypervisor.RootFlags.DisableHyperthreading

Value: 0

Key  : Hypervisor.RootFlags.HostTimelineSync

Value: 1

Key  : Hypervisor.RootFlags.HypervisorDebuggingEnabled

Value: 0

Key  : Hypervisor.RootFlags.IsHyperV

Value: 1

Key  : Hypervisor.RootFlags.LivedumpEnlightened

Value: 1

Key  : Hypervisor.RootFlags.MapDeviceInterrupt

Value: 1

Key  : Hypervisor.RootFlags.MceEnlightened

Value: 1

Key  : Hypervisor.RootFlags.Nested

Value: 0

Key  : Hypervisor.RootFlags.StartLogicalProcessor

Value: 1

Key  : Hypervisor.RootFlags.Value

Value: 1015

Key  : Hypervisor.RootFlags.ValueHex

Value: 0x3f7

Key  : WER.System.BIOSRevision

Value: 1.28.0.0

BUGCHECK_CODE: 1a

BUGCHECK_P1: 1233

BUGCHECK_P2: 11df26

BUGCHECK_P3: 0

BUGCHECK_P4: 0

FILE_IN_CAB: 040526-16437-01.dmp

DUMP_FILE_ATTRIBUTES: 0x21808

Kernel Generated Triage Dump

FAULTING_THREAD: ffffd20b04de6080BLACKBOXBSD: 1 (!blackboxbsd)

BLACKBOXNTFS: 1 (!blackboxntfs)

BLACKBOXPNP: 1 (!blackboxpnp)

BLACKBOXWINLOGON: 1 (!blackboxwinlogon)

CUSTOMER_CRASH_COUNT: 1

PROCESS_NAME: DeltaForceClie

STACK_TEXT:

fffffd8da40b8b78 fffff806e969f04e : 000000000000001a 0000000000001233 000000000011df26 0000000000000000 : nt!KeBugCheckEx

fffffd8da40b8b80 fffff806e9801db0 : ffffd20ae08d9180 ffff48334863cf66 0000000000000000 0000000000000001 : nt!MiShowBadMapper+0x3fe

fffffd8da40b8cc0 fffff806e9522502 : fffffd8da40b8fb0 fffff80600000000 ffffd20a00000000 00000000000000a0 : nt!MiDecommitFreePagesTail+0x1b0

fffffd8da40b8d50 fffff806e9520fd4 : fffffd8da40b8ef0 0000000000000000 00000000000000a0 ffffd20aff4dd480 : nt!MiDecommitPagesTail+0x6e

fffffd8da40b8d80 fffff806e9726eaa : 0000000000000000 ffffd20a00000000 fffffd8d000000a0 ffffffffffffffff : nt!MiDeleteVaDirect+0x6b4

fffffd8da40b8ea0 fffff806e9726ccb : 0000000038fa6fff fffff806e9574b52 ffffd20b04de6080 0000000000000000 : nt!MiDeletePagablePteRange+0x1b6

fffffd8da40b9160 fffff806e9bf3a68 : 0000000000000000 fffffd8da40b9220 0000000000000000 ffffd20ae08d9000 : nt!MiDeleteVirtualAddresses+0x4b

fffffd8da40b91b0 fffff806e9bf366b : ffffd20aff4dd080 ffffd20b03816390 fffffd8d00000000 0000000000000000 : nt!MiDeleteVad+0x168

fffffd8da40b9260 fffff806e9bf325f : ffffffffffffffff fffff25800000008 ffffd20ae06f6420 0000000038fa6000 : nt!MiUnmapViewOfSection+0x2f7

fffffd8da40b9340 fffff806e99cdc55 : 0000000000000000 0000000000000000 ffffd20aff4dd080 0000000000000000 : nt!NtUnmapViewOfSection+0x7f

fffffd8da40b9390 fffff806e99bc100 : fffff8070bc81194 1408a26bc170d7b1 d7efa96b099c8916 fffffd8d00000000 : nt!KiSystemServiceCopyEnd+0x25

fffffd8da40b9528 fffff8070bc81194 : 1408a26bc170d7b1 d7efa96b099c8916 fffffd8d00000000 fffff80700000002 : nt!KiServiceLinkage

fffffd8da40b9530 1408a26bc170d7b1 : d7efa96b099c8916 fffffd8d00000000 fffff80700000002 fffff806e99b62d0 : ACE_BASE+0x81194

fffffd8da40b9538 d7efa96b099c8916 : fffffd8d00000000 fffff80700000002 fffff806e99b62d0 ffff86062120bd80 : 0x1408a26b`c170d7b1

fffffd8da40b9540 fffffd8d00000000 : fffff80700000002 fffff806e99b62d0 ffff86062120bd80 fffffd8da40b98a0 : 0xd7efa96b`099c8916

fffffd8da40b9548 fffff80700000002 : fffff806e99b62d0 ffff86062120bd80 fffffd8da40b98a0 fffff8070bc77685 : 0xfffffd8d`00000000

fffffd8da40b9550 fffff806e99b62cf : ffff86062120bd80 fffffd8da40b98a0 fffff8070bc77685 ffffffffffffffff : vmswitch!NvIopFreeWorkItem+0x5e

fffffd8da40b9558 ffff86062120bd80 : fffffd8da40b98a0 fffff8070bc77685 ffffffffffffffff 0000000038fa6000 : nt!ZwAccessCheckAndAuditAlarm+0x1f

fffffd8da40b9560 fffffd8da40b98a0 : fffff8070bc77685 ffffffffffffffff 0000000038fa6000 fffffd8da40b95c8 : 0xffff8606`2120bd80

fffffd8da40b9568 fffff8070bc77685 : ffffffffffffffff 0000000038fa6000 fffffd8da40b95c8 0000000000000000 : 0xfffffd8d`a40b98a0

fffffd8da40b9570 ffffffffffffffff : 0000000038fa6000 fffffd8da40b95c8 0000000000000000 0000000000000128 : ACE_BASE+0x77685

fffffd8da40b9578 0000000038fa6000 : fffffd8da40b95c8 0000000000000000 0000000000000128 fffffd8da40b95e0 : 0xffffffff`ffffffff

fffffd8da40b9580 fffffd8da40b95c8 : 0000000000000000 0000000000000128 fffffd8da40b95e0 fffffd8da40b95d8 : 0x38fa6000

fffffd8da40b9588 0000000000000000 : 0000000000000128 fffffd8da40b95e0 fffffd8da40b95d8 fffff80700000001 : 0xfffffd8d`a40b95c8

SYMBOL_NAME: ACE_BASE+81194

MODULE_NAME: ACE_BASEIMAGE_NAME: ACE-BASE.sys

STACK_COMMAND: .process /r /p 0xffffd20aff4dd080; .thread 0xffffd20b04de6080 ; kbBUCKET_ID_FUNC_OFFSET: 81194

FAILURE_BUCKET_ID: 0x1a_1233_ACE_BASE!unknown_function

OSPLATFORM_TYPE: x64

OSNAME: Windows 10

FAILURE_ID_HASH: {e33c2793-6bb5-62e1-4b15-2cf18af2992f}

Followup: MachineOwner

开发人员技术 | 通用 Windows 平台 (UWP)
0 个注释

你的答案

提问者可以将答案标记为“已接受”,审查方可以将答案标记为“已推荐”,这有助于用户了解答案是否解决了提问者的问题。