Сервер 2019 1809 17763.914, на котором запущены службы удаленных рабочих столов, и применяются все обновления.
При перезагрузке брандмауэр Защитника Windows останавливается (даже если он настроен на автоматический запуск), и когда я вручную запускаю службу (через любую командную строку, службы Windows, диспетчер серверов, графический интерфейс защитника и т. Д.), Это BSOD с ошибкой " Критические процессы остановлены »
Любые внешние серверы не могут получить доступ к сайтам IIS, но могут получить к ним доступ через localhost.
Вот мини-дамп:
Microsoft (R) Windows Debugger Version 10.0.18362.1 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump\010220-4875-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: srv*
Executable search path is:
Windows 10 Kernel Version 17763 MP (4 procs) Free x64
Product: Server, suite: TerminalServer <20000>
Built by: 17763.1.amd64fre.rs5_release.180914-1434
Machine Name:
Kernel base = 0xfffff802`2321e000 PsLoadedModuleList = 0xfffff802`23637710
Debug session time: Thu Jan 2 13:07:01.479 2020 (UTC + 10:00)
System Uptime: 0 days 0:02:06.011
Loading Kernel Symbols
...............................................................
................................................................
.....................
Loading User Symbols
Loading unloaded module list
.......
For analysis of this file, run !analyze -v
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
CRITICAL_PROCESS_DIED (ef)
A critical system process died
Arguments:
Arg1: ffff9405b1bd1080, Process object or thread object
Arg2: 0000000000000000, If this is 0, a process died. If this is 1, a thread died.
Arg3: 0000000000000000
Arg4: 0000000000000000
Debugging Details:
------------------
KEY_VALUES_STRING: 1
PROCESSES_ANALYSIS: 1
SERVICE_ANALYSIS: 1
STACKHASH_ANALYSIS: 1
TIMELINE_ANALYSIS: 1
DUMP_CLASS: 1
DUMP_QUALIFIER: 400
BUILD_VERSION_STRING: 17763.1.amd64fre.rs5_release.180914-1434
SYSTEM_MANUFACTURER: Microsoft Corporation
VIRTUAL_MACHINE: HyperV
SYSTEM_PRODUCT_NAME: Virtual Machine
SYSTEM_SKU: None
SYSTEM_VERSION: Hyper-V UEFI Release v4.0
BIOS_VENDOR: Microsoft Corporation
BIOS_VERSION: Hyper-V UEFI Release v4.0
BIOS_DATE: 03/13/2019
BASEBOARD_MANUFACTURER: Microsoft Corporation
BASEBOARD_PRODUCT: Virtual Machine
BASEBOARD_VERSION: Hyper-V UEFI Release v4.0
DUMP_TYPE: 2
BUGCHECK_P1: ffff9405b1bd1080
BUGCHECK_P2: 0
BUGCHECK_P3: 0
BUGCHECK_P4: 0
PROCESS_NAME: svchost.exe
CRITICAL_PROCESS: svchost.exe
EXCEPTION_RECORD: ffff9405b1bd1640 -- (.exr 0xffff9405b1bd1640)
ExceptionAddress: 0000000000000000
ExceptionCode: 00000000
ExceptionFlags: 00000000
NumberParameters: 0
EXCEPTION_CODE: (NTSTATUS) 0xb0333080 - <Unable to get error code text>
ERROR_CODE: (NTSTATUS) 0xb0333080 - <Unable to get error code text>
CPU_COUNT: 4
CPU_MHZ: a6b
CPU_VENDOR: GenuineIntel
CPU_FAMILY: 6
CPU_MODEL: 1a
CPU_STEPPING: 5
CPU_MICROCODE: 6,1a,5,0 (F,M,S,R) SIG: FFFFFFFF'00000000 (cache) FFFFFFFF'00000000 (init)
BLACKBOXBSD: 1 (!blackboxbsd)
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT_SERVER
BUGCHECK_STR: 0xEF
CURRENT_IRQL: 0
ANALYSIS_SESSION_HOST: INFARMDC01-RDP
ANALYSIS_SESSION_TIME: 01-02-2020 14:26:35.0328
ANALYSIS_VERSION: 10.0.18362.1 amd64fre
LAST_CONTROL_TRANSFER: from fffff80223aa8e9d to fffff802233d4980
STACK_TEXT:
fffffc86`3c830048 fffff802`23aa8e9d : 00000000`000000ef ffff9405`b1bd1080 00000000`00000000 00000000`00000000 : nt!KeBugCheckEx
fffffc86`3c830050 fffff802`239ba837 : 00000000`00000001 fffff802`23278039 ffff9405`b1bd1080 fffff802`23270858 : nt!PspCatchCriticalBreak+0xfd
fffffc86`3c8300f0 fffff802`2385ca7c : ffff9405`00000000 00000000`00000000 ffff9405`b1bd1080 ffff9405`b1bd1358 : nt!PspTerminateAllThreads+0x15ef33
fffffc86`3c830160 fffff802`2381e1b9 : ffffffff`ffffffff fffffc86`3c830290 ffff9405`b1bd1080 fffff802`232be900 : nt!PspTerminateProcess+0xe0
fffffc86`3c8301a0 fffff802`233e5c05 : 00000000`00001278 ffff9405`b0333080 ffff9405`b1bd1080 fffffc86`3c8303e0 : nt!NtTerminateProcess+0xa9
fffffc86`3c830210 fffff802`233d8690 : fffff802`23405474 fffffc86`3c830b98 fffffc86`3c830b98 fffffc86`3c8303e0 : nt!KiSystemServiceCopyEnd+0x25
fffffc86`3c8303a8 fffff802`23405474 : fffffc86`3c830b98 fffffc86`3c830b98 fffffc86`3c8303e0 00000000`00000000 : nt!KiServiceLinkage
fffffc86`3c8303b0 fffff802`233e65a4 : ffff9405`b1bd1640 fffff802`232b6456 00000000`00000000 00000000`00000001 : nt!KiDispatchException+0x1a7284
fffffc86`3c830a60 fffff802`233e498e : ffff9405`b0333080 00000000`00000000 00000264`faf68370 ffff9405`b1b14f01 : nt!KiFastFailDispatch+0xe4
fffffc86`3c830c40 00007ffd`f0fb4720 : 00007ffd`f10094ac 00000000`00000001 00000264`faf230d0 00000264`00000000 : nt!KiRaiseSecurityCheckFailure+0x30e
00000096`ba37f998 00007ffd`f10094ac : 00000000`00000001 00000264`faf230d0 00000264`00000000 00000000`00000120 : 0x00007ffd`f0fb4720
00000096`ba37f9a0 00000000`00000001 : 00000264`faf230d0 00000264`00000000 00000000`00000120 00000264`faf68370 : 0x00007ffd`f10094ac
00000096`ba37f9a8 00000264`faf230d0 : 00000264`00000000 00000000`00000120 00000264`faf68370 00007ffd`f0f9fae8 : 0x1
00000096`ba37f9b0 00000264`00000000 : 00000000`00000120 00000264`faf68370 00007ffd`f0f9fae8 00000000`00000024 : 0x00000264`faf230d0
00000096`ba37f9b8 00000000`00000120 : 00000264`faf68370 00007ffd`f0f9fae8 00000000`00000024 00000001`00000025 : 0x00000264`00000000
00000096`ba37f9c0 00000264`faf68370 : 00007ffd`f0f9fae8 00000000`00000024 00000001`00000025 00000264`faf23278 : 0x120
00000096`ba37f9c8 00007ffd`f0f9fae8 : 00000000`00000024 00000001`00000025 00000264`faf23278 00000096`ba37fd58 : 0x00000264`faf68370
00000096`ba37f9d0 00000000`00000024 : 00000001`00000025 00000264`faf23278 00000096`ba37fd58 00640072`00610068 : 0x00007ffd`f0f9fae8
00000096`ba37f9d8 00000001`00000025 : 00000264`faf23278 00000096`ba37fd58 00640072`00610068 006b0073`00690064 : 0x24
00000096`ba37f9e0 00000264`faf23278 : 00000096`ba37fd58 00640072`00610068 006b0073`00690064 00760065`0064005c : 0x00000001`00000025
00000096`ba37f9e8 00000096`ba37fd58 : 00640072`00610068 006b0073`00690064 00760065`0064005c 005c0065`00630069 : 0x00000264`faf23278
00000096`ba37f9f0 00640072`00610068 : 006b0073`00690064 00760065`0064005c 005c0065`00630069 00000000`00000000 : 0x00000096`ba37fd58
00000096`ba37f9f8 006b0073`00690064 : 00760065`0064005c 005c0065`00630069 00000000`00000000 00000000`00000000 : 0x00640072`00610068
00000096`ba37fa00 00760065`0064005c : 005c0065`00630069 00000000`00000000 00000000`00000000 00000000`00000000 : 0x006b0073`00690064
00000096`ba37fa08 005c0065`00630069 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00760065`0064005c
00000096`ba37fa10 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x005c0065`00630069
THREAD_SHA1_HASH_MOD_FUNC: 4eea4701cef87a9898dd276682cc304560e002d4
THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 2816b2618b7d0b5a47f6e8680612f55f8f11ceaa
THREAD_SHA1_HASH_MOD: bc100a5647b828107ac4e18055e00abcbe1ec406
FOLLOWUP_IP:
nt!PspCatchCriticalBreak+fd
fffff802`23aa8e9d cc int 3
FAULT_INSTR_CODE: ed8440cc
SYMBOL_STACK_INDEX: 1
SYMBOL_NAME: nt!PspCatchCriticalBreak+fd
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 0
IMAGE_VERSION: 10.0.17763.914
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID_FUNC_OFFSET: fd
FAILURE_BUCKET_ID: 0xEF_svchost.exe_BUGCHECK_CRITICAL_PROCESS_b0333080_nt!PspCatchCriticalBreak
BUCKET_ID: 0xEF_svchost.exe_BUGCHECK_CRITICAL_PROCESS_b0333080_nt!PspCatchCriticalBreak
PRIMARY_PROBLEM_CLASS: 0xEF_svchost.exe_BUGCHECK_CRITICAL_PROCESS_b0333080_nt!PspCatchCriticalBreak
TARGET_TIME: 2020-01-02T03:07:01.000Z
OSBUILD: 17763
OSSERVICEPACK: 914
SERVICEPACK_NUMBER: 0
OS_REVISION: 0
SUITE_MASK: 131088
PRODUCT_TYPE: 3
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
OSEDITION: Windows 10 Server TerminalServer
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: unknown_date
BUILDDATESTAMP_STR: 180914-1434
BUILDLAB_STR: rs5_release
BUILDOSVER_STR: 10.0.17763.1.amd64fre.rs5_release.180914-1434
ANALYSIS_SESSION_ELAPSED_TIME: 5af7
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0xef_svchost.exe_bugcheck_critical_process_b0333080_nt!pspcatchcriticalbreak
FAILURE_ID_HASH: {b3d28743-3e5f-4880-17a1-23fcf5396e9a}
Followup: MachineOwner
---------
Загрузка в безопасном режиме (сеть) и запуск службы брандмауэра также не увенчались успехом.
Есть идеи, где искать, чтобы брандмауэр снова заработал?