Connecting to a pcAnywhere host could yield a stop error DRIVER_CORRUPTED_EXPOOL (c5)
| Article:TECH111055 | | | Created: 2009-01-20 | | | Updated: 2012-09-18 | | | Article URL http://www.symantec.com/docs/TECH111055 |
| NOTE: If you are experiencing this particular known issue, we recommend that you Subscribe to receive email notification each time this article is updated. Subscribers will be the first to learn about any releases, status changes, workarounds or decisions made. |
Problem
Symptoms
When working with the pcAnywhere host installed on a Windows system a Blue Screen Of Death (BSOD) memory dump could be observed.
Cause
There was a buffer overrun problem in the Kernel mode awechomd.sys mirror driver component. This has been seen more frequently on windows 2008 sp1 systems but is not limited to this OS. In the awechomd.sys component we were allocating the N bytes of memory and zeroing the N+DELTA of memory. It was zeroing the memory of the next subsequent block which was allocated by another system driver component. This can cause corruption of the system driver pool and cause a BSOD .
Solution
This problem is already fixed in pcAnywhere 12.5 Build 463 (SP2). 12.5 Build 486 (SP3)
There is a regression in pcAnywhere 12.5.5 Build 1086 (sp4) and the updated driver attached below needs to be applied.
However, if you must continue using pcAnywhere 12.5 build 442 (SP1), apply the updated driver attached below.
Symantec ALWAYS recommends backing up any files or folders before making any changes.
For 32 bit operating System :
1. Close all open Symantec pcAnywhere 12.5 application windows
2. In Windows Explorer navigate to the
3. Copy the "awechomd.sys" file from the 32-bit folder that is included in the following MirrorDriver_BSOD.zip to the
4. Restart the machine
OR
For 64 bit operating System :
1. Close all open Symantec pcAnywhere 12.5 application windows
2. In Windows Explorer navigate to the
3. Copy the "awechomd.sys" file from the 64-bit folder that is included in the following MirrorDriver_BSOD.zipfile to the
4. Restart the machine
| Value | 1839742 1865846 |
Legacy ID
2009102010034860
Article URL http://www.symantec.com/docs/TECH111055
Terms of use for this information are found in Legal Notices
Thank you.