I use OllyDbg debugger from time to time. The most wonderful debugger I ever seen: it’s light, powerful and does not require installation … This evening I got a few BSOD’s on my Windows XP SP2 after running OllyDbg. So I started the investigations.
Analyzing minidump using WinDbg showed that system went down because of csrss.exe crash. This actually does not answer the question: why exactly OllyDbg causes BSODing. Debugging OllyDbg using WinDbg I found the function where the system dies:
ntdll!KiUserApcDispatcher: 7c90eac0 8d7c2410 lea edi,[esp+10h] 7c90eac4 58 pop eax 7c90eac5 ffd0 call eax 7c90eac7 6a01 push 1 7c90eac9 57 push edi 7c90eaca e84aebffff call ntdll!ZwContinue (7c90d619)
Done! Once I realized it’s connected with kernel I remembered that recently I installed Kaspersky Antivirus…Uninstalling antivirus solved the problem.