none
BSOD after installing Sysmon RRS feed

  • Question

  • Hello,

    We began to deploy Sysmon(v11.0) to our Windows 10 workstations and some of them now regulary got Blue Screen. Not an expert in memory dump analysis,  but at least all dumps are identical, and always contain:

    PAGE_FAULT_IN_NONPAGED AREA (50)

    PROCESS_NAME: cleanmgr.exe

    nt!KeBugCheckEx
    nt!MiSystemFault
    nt!MmAccessFault
    nt!memcpy
    nt!IopCreateFile
    nt!IoCreateFileEx
    FLTMGR!FltpCreateFile
    FLTMGR!FltCreateFile
    SysmonDrv

    FAILURE_BUCKET_ID: AV_R_INVALID_SysmonDrv!unknown_function

    Any ideas? Thanks

    Friday, July 24, 2020 6:04 AM

All replies

  • Hi Marx.V

    Would you be willing to share the memory.dmp file with us? If so could you contact me offline at syssite@microsoft.com and I will arrange to collect it from you.

    MarkC(MSFT)

    Friday, July 24, 2020 7:15 AM