127.0.0.1 Geschrieben 3. Februar 2011 Teilen Geschrieben 3. Februar 2011 nabend! ich hoffe, jemand kann mir mal weiterhelfen: ich habe seit ca. 2 wochen immer häufiger systemabstürze mit bluescreens.v mit dem windebugger hab ich folgendes ergebnis aus der memory.dmp rausgezogen. kann mir vielleicht jemand das ergebnis interpretieren? liegt wohl an der NETIO.sys, was auch immer das sein mag. beim googlen hab ich auch die spur gefunden, dass das problem von zonealarm verursacht sein könnte. haltet ihr das für wahrscheinlich? der pc ist ca 6 monate alt und za ist seit anfang an drauf. abstürze hab ich erst seit ca. 2 wochen.... mir fällt auch nicht ein, ob ich etwas installiert oder deinstalliert habe, was dieses problem verursachen könnte....... hier mal das debuggingergebnis Microsoft (R) Windows Debugger Version 6.4.0007.2 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C:\Windows\MEMORY.DMP] Kernel Summary Dump File: Only kernel address space is available Symbol search path is: SRV*C:\Symbols*http://msdl.microsoft.com/download/symbols Executable search path is: Windows Longhorn Kernel Version 7600 MP (4 procs) Free x64 Product: WinNt, suite: TerminalServer SingleUserTS Built by: 7600.16617.amd64fre.win7_gdr.100618-1621 Kernel base = 0xfffff800`02c4e000 PsLoadedModuleList = 0xfffff800`02e8be50 Debug session time: Thu Feb 3 22:02:19.057 2011 (GMT+1) System Uptime: 0 days 11:45:02.212 Loading Kernel Symbols ........................................................................................................................................................................... Loading unloaded module list ......................... Loading User Symbols ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 7F, {8, 80050031, 6f8, fffff80002c86ec8} *** ERROR: Module load completed but symbols could not be loaded for avgtdia.sys *** ERROR: Module load completed but symbols could not be loaded for vsdatant.sys Probably caused by : NETIO.SYS ( NETIO!CompareSecurityContexts+6a ) Followup: MachineOwner --------- 0: kd> .reload Loading Kernel Symbols ........................................................................................................................................................................... Loading unloaded module list ......................... Loading User Symbols 0: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* UNEXPECTED_KERNEL_MODE_TRAP (7f) This means a trap occurred in kernel mode, and it's a trap of a kind that the kernel isn't allowed to have/catch (bound trap) or that is always instant death (double fault). The first number in the bugcheck params is the number of the trap (8 = double fault, etc) Consult an Intel x86 family manual to learn more about what these traps are. Here is a *portion* of those codes: If kv shows a taskGate use .tss on the part before the colon, then kv. Else if kv shows a trapframe use .trap on that value Else .trap on the appropriate frame will show where the trap was taken (on x86, this will be the ebp that goes with the procedure KiTrap) Endif kb will then show the corrected stack. Arguments: Arg1: 0000000000000008, EXCEPTION_DOUBLE_FAULT Arg2: 0000000080050031 Arg3: 00000000000006f8 Arg4: fffff80002c86ec8 Debugging Details: ------------------ *** ERROR: Module load completed but symbols could not be loaded for avgtdia.sys *** ERROR: Module load completed but symbols could not be loaded for vsdatant.sys OVERLAPPED_MODULE: BUGCHECK_STR: 0x7f_8 DEFAULT_BUCKET_ID: DRIVER_FAULT CURRENT_IRQL: 2 LAST_CONTROL_TRANSFER: from fffff80002cbdca9 to fffff80002cbe740 STACK_TEXT: fffff800`00ba4d28 fffff800`02cbdca9 : 00000000`0000007f 00000000`00000008 00000000`80050031 00000000`000006f8 : nt!KeBugCheckEx fffff800`00ba4d30 fffff800`02cbc172 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69 fffff800`00ba4e70 fffff800`02c86ec8 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDoubleFaultAbort+0xb2 fffff880`03c31f80 fffff880`0178dc5a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!SeAccessCheckFromState+0x60 fffff880`03c32670 fffff880`0178b94f : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : NETIO!CompareSecurityContexts+0x6a fffff880`03c326e0 fffff880`0178d9b5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : NETIO!MatchValues+0xef fffff880`03c32730 fffff880`0178d845 : fffffa80`0737a5c0 fffffa80`03bc71a0 fffff880`03c32958 fffff880`03c33090 : NETIO!FilterMatch+0x95 fffff880`03c32780 fffff880`0178eccb : 00000000`00000000 00000000`00000000 fffff880`03c33090 fffff880`03c32940 : NETIO!IndexListClassify+0x69 fffff880`03c32800 fffff880`0183d417 : fffff880`03c32cd8 fffff880`03c32cd8 fffff880`03c33a10 fffffa80`0972dd50 : NETIO!KfdClassify+0xa4e fffff880`03c32b70 fffff880`0183683e : fffff880`01945690 00000000`00000000 fffffa80`0446e6b0 00000000`00000000 : tcpip!WfpAleClassify+0x57 fffff880`03c32bb0 fffff880`01835cd5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : tcpip!WfpAlepAuthorizeSend+0x94e fffff880`03c332c0 fffff880`01839886 : 00000000`00000000 00000000`00000000 00000000`00000011 00000000`00000000 : tcpip!WfpAleAuthorizeSend+0x325 fffff880`03c33590 fffff880`0183c5e4 : 00000000`00000000 fffff880`03c339c8 fffff880`03c339d0 00000000`00000000 : tcpip!WfpAleConnectAcceptIndicate+0x106 fffff880`03c33680 fffff880`01835019 : 00000000`00000006 fffff800`02d81c2b 00000000`00000001 00000000`00000008 : tcpip!ProcessALEForTransportPacket+0x664 fffff880`03c338f0 fffff880`01863ef6 : 00000000`00000000 fffffa80`03a90002 fffffa80`06e48900 fffffa80`06d28900 : tcpip!WfpProcessOutTransportStackIndication+0x329 fffff880`03c33ac0 fffff880`018691ee : fffffa80`06e47a10 fffff880`01789804 fffff880`0196b9a0 fffffa80`0446e6b0 : tcpip!IppSendDatagramsCommon+0x526 fffff880`03c33d90 fffff880`01833db8 : fffffa80`0446e6b0 fffffa80`0972dd50 fffffa80`0972dd50 fffffa80`06e47a10 : tcpip!IpNlpSendDatagrams+0x3e fffff880`03c33dd0 fffff880`0183432d : fffffa80`041a2080 fffffa80`06e241a0 fffff880`03c34720 00000000`00000000 : tcpip!UdpSendMessagesOnPathCreation+0x688 fffff880`03c34150 fffff880`01833fb5 : fffff880`03c34680 fffffa80`04468900 fffffa80`00000001 fffffa80`041e1b80 : tcpip!UdpSendMessages+0x35d fffff880`03c34540 fffff800`02ccde5a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : tcpip!UdpTlProviderSendMessagesCalloutRoutine+0x15 fffff880`03c34570 fffff880`01834578 : fffff880`01833fa0 fffff880`03c34680 00000000`00000002 00000000`00000000 : nt!KeExpandKernelStackAndCalloutEx+0xda fffff880`03c34650 fffff880`01bc5f45 : fffffa80`04abf170 fffffa80`07756b50 fffffa80`0462b010 fffffa80`0552c80e : tcpip!UdpTlProviderSendMessages+0x78 fffff880`03c346d0 fffff880`01bc5ff2 : 00000000`00000002 fffffa80`055cc690 fffffa80`04ce8c30 00000000`00000008 : tdx!TdxSendDatagramTransportAddress+0x2f5 fffff880`03c347b0 fffff880`02e3f57f : fffffa80`04ce8ad0 fffff800`02cce488 fffffa80`00000000 00000000`00000000 : tdx!TdxTdiDispatchInternalDeviceControl+0x52 fffff880`03c347e0 fffff880`02e3fc41 : 00000000`00000000 00000000`0000004a fffffa80`06e6edc0 fffffa80`0804e410 : avgtdia+0x457f fffff880`03c34810 fffff880`02e9e542 : fffffa80`0552c620 fffffa80`06e6edc0 00000000`00000000 fffffa80`04ce8ad0 : avgtdia+0x4c41 fffff880`03c34840 fffff880`02e9ef61 : fffffa80`0552c7d8 fffffa80`0552c7d8 fffffa80`03e5d390 fffff880`03c34940 : netbt!TdiSendDatagram+0x187 fffff880`03c348b0 fffff880`02eab329 : fffffa80`03e24860 fffffa80`0552c620 00000000`00000021 00000000`0000004a : netbt!UdpSendDatagram+0x1b1 fffff880`03c34940 fffff880`02eab0e6 : 00000000`00000000 00000000`00000000 00000000`00000032 fffff880`02ec0089 : netbt!UdpSendResponse+0x4e0 fffff880`03c349c0 fffff880`02e9fbe7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : netbt!QueryFromNet+0xb11 fffff880`03c34af0 fffff880`02e9db47 : 00000000`00000032 fffff880`059346aa 00000000`00000032 fffffa80`0462b002 : netbt!NameSrvHndlrNotOs+0xca fffff880`03c34b30 fffff880`01bc4325 : fffffa80`06e4d290 fffffa80`03f60002 fffff880`03c34e38 fffffa80`06e4d290 : netbt!TdiRcvNameSrvHandler+0x367 fffff880`03c34bd0 fffff880`0183f395 : fffffa80`03f68600 00000000`00000000 fffffa80`03f68600 fffffa80`03f68600 : tdx!TdxEventReceiveMessagesTransportAddress+0x315 fffff880`03c34dc0 fffff880`0183f8a4 : fffffa80`00000000 fffffa80`03f68600 00000000`00000000 fffff880`059346a2 : tcpip!UdpDeliverDatagrams+0x155 fffff880`03c34f50 fffff880`0185d727 : fffffa80`04af5820 fffff880`00000000 fffffa80`06166680 00000000`00000000 : tcpip!UdpReceiveDatagrams+0x324 fffff880`03c35040 fffff880`0185d799 : fffff880`03c351c0 fffff880`0196b9a0 fffff880`03c351d0 fffffa80`04aa4960 : tcpip!IppDeliverListToProtocol+0xf7 fffff880`03c35100 fffff880`0185dc90 : fffff880`0196b9a0 fffffa80`05896160 00000000`00000011 fffff880`03c351c0 : tcpip!IppProcessDeliverList+0x59 fffff880`03c35170 fffff880`0185cb21 : 00000000`ff00a8c0 fffffa80`04c19138 fffff880`0196b9a0 00000000`0581dd01 : tcpip!IppReceiveHeaderBatch+0x231 fffff880`03c35250 fffff880`01934542 : fffffa80`060d4e30 00000000`00000000 fffffa80`0581dd01 00000000`00000001 : tcpip!IpFlcReceivePackets+0x651 fffff880`03c35450 fffff880`01634afa : fffffa80`042a9302 fffffa80`042a93d0 00000000`00000002 00000000`00000000 : tcpip!IppInspectInjectReceive+0xf2 fffff880`03c35490 fffff880`02f8137f : fffffa80`06eb29d0 fffffa80`0581dd00 00000000`00000000 00000000`00000000 : fwpkclnt!FwpsInjectTransportReceiveAsync0+0x256 fffff880`03c35540 fffff880`02f8059c : fffffa80`0581dd00 fffffa80`055ecdc0 fffffa80`0959ebf8 fffffa80`0959eac0 : vsdatant+0x1637f fffff880`03c355d0 fffff880`02f79ca1 : fffffa80`0581dd00 fffffa80`0581dd00 fffff880`03c35e00 fffffa80`0581ddf8 : vsdatant+0x1559c fffff880`03c356d0 fffff880`017a457f : fffff880`03c35db8 fffff880`03c35ed0 fffffa80`05dfca10 fffffa80`07096e40 : vsdatant+0xeca1 fffff880`03c35800 fffff880`0178d619 : 00000000`00000018 fffff880`03c35db8 fffffa80`041e1bd8 fffffa80`05dfca10 : NETIO! ?? ::FNODOBFM::`string'+0x7267 fffff880`03c35920 fffff880`0178ebb1 : 00000000`00000018 fffff880`03c35db8 fffff880`03c35ed0 fffff880`00000000 : NETIO!ArbitrateAndEnforce+0x2a9 fffff880`03c359f0 fffff880`018fefbb : fffff880`03c36408 fffff880`03c35db8 fffff880`00000000 fffffa80`05dfca10 : NETIO!KfdClassify+0x934 fffff880`03c35d60 fffff880`01802d10 : 00000000`00000000 fffffa80`0446e6b0 fffffa80`041e1ce0 00000000`00000000 : tcpip!WFPDatagramDataShimV4+0x49b fffff880`03c360c0 fffff880`0187e73d : fffff880`03c36518 fffff880`0169628a fffffa80`04ab09a0 fffffa80`05dfca10 : tcpip! ?? ::FNODOBFM::`string'+0x2b43f fffff880`03c36330 fffff880`0183e050 : fffffa80`0446e6b0 00000000`00000000 00000000`00000002 00000000`00000000 : tcpip!ProcessAleForNonTcpIn+0x1ad FOLLOWUP_IP: NETIO!CompareSecurityContexts+6a fffff880`0178dc5a 448b442470 mov r8d,[rsp+0x70] SYMBOL_STACK_INDEX: 4 FOLLOWUP_NAME: MachineOwner SYMBOL_NAME: NETIO!CompareSecurityContexts+6a MODULE_NAME: NETIO IMAGE_NAME: NETIO.SYS DEBUG_FLR_IMAGE_TIMESTAMP: 4bbe946f STACK_COMMAND: kb FAILURE_BUCKET_ID: X64_0x7f_8_NETIO!CompareSecurityContexts+6a BUCKET_ID: X64_0x7f_8_NETIO!CompareSecurityContexts+6a Followup: MachineOwner --------- Zitieren Link zu diesem Kommentar Auf anderen Seiten teilen Mehr Optionen zum Teilen...
127.0.0.1 Geschrieben 3. Februar 2011 Autor Teilen Geschrieben 3. Februar 2011 ich habe beim durchlesen auch gesehen, dass da was mit avgtdia.sys steht. ich benutze avg antivir. für das programm gilt das selbe wie für zonealarm. Zitieren Link zu diesem Kommentar Auf anderen Seiten teilen Mehr Optionen zum Teilen...
Empfohlene Beiträge
Dein Kommentar
Du kannst jetzt schreiben und Dich später registrieren. Wenn Du ein Konto hast, melde Dich jetzt an, um unter Deinem Benutzernamen zu schreiben.