Zum Inhalt springen

Empfohlene Beiträge

Geschrieben

nabend!

ich hoffe, jemand kann mir mal weiterhelfen:

ich habe seit ca. 2 wochen immer häufiger systemabstürze mit bluescreens.v mit dem windebugger hab ich folgendes ergebnis aus der memory.dmp rausgezogen.

kann mir vielleicht jemand das ergebnis interpretieren? liegt wohl an der NETIO.sys, was auch immer das sein mag. beim googlen hab ich auch die spur gefunden, dass das problem von zonealarm verursacht sein könnte. haltet ihr das für wahrscheinlich? der pc ist ca 6 monate alt und za ist seit anfang an drauf. abstürze hab ich erst seit ca. 2 wochen....

mir fällt auch nicht ein, ob ich etwas installiert oder deinstalliert habe, was dieses problem verursachen könnte.......

hier mal das debuggingergebnis


Microsoft (R) Windows Debugger  Version 6.4.0007.2

Copyright (c) Microsoft Corporation. All rights reserved.



Loading Dump File [C:\Windows\MEMORY.DMP]

Kernel Summary Dump File: Only kernel address space is available


Symbol search path is: SRV*C:\Symbols*http://msdl.microsoft.com/download/symbols

Executable search path is: 

Windows Longhorn Kernel Version 7600 MP (4 procs) Free x64

Product: WinNt, suite: TerminalServer SingleUserTS

Built by: 7600.16617.amd64fre.win7_gdr.100618-1621

Kernel base = 0xfffff800`02c4e000 PsLoadedModuleList = 0xfffff800`02e8be50

Debug session time: Thu Feb  3 22:02:19.057 2011 (GMT+1)

System Uptime: 0 days 11:45:02.212

Loading Kernel Symbols

...........................................................................................................................................................................

Loading unloaded module list

.........................

Loading User Symbols

*******************************************************************************

*                                                                             *

*                        Bugcheck Analysis                                    *

*                                                                             *

*******************************************************************************


Use !analyze -v to get detailed debugging information.


BugCheck 7F, {8, 80050031, 6f8, fffff80002c86ec8}


*** ERROR: Module load completed but symbols could not be loaded for avgtdia.sys

*** ERROR: Module load completed but symbols could not be loaded for vsdatant.sys

Probably caused by : NETIO.SYS ( NETIO!CompareSecurityContexts+6a )


Followup: MachineOwner

---------


0: kd> .reload

Loading Kernel Symbols

...........................................................................................................................................................................

Loading unloaded module list

.........................

Loading User Symbols

0: kd> !analyze -v

*******************************************************************************

*                                                                             *

*                        Bugcheck Analysis                                    *

*                                                                             *

*******************************************************************************


UNEXPECTED_KERNEL_MODE_TRAP (7f)

This means a trap occurred in kernel mode, and it's a trap of a kind

that the kernel isn't allowed to have/catch (bound trap) or that

is always instant death (double fault).  The first number in the

bugcheck params is the number of the trap (8 = double fault, etc)

Consult an Intel x86 family manual to learn more about what these

traps are. Here is a *portion* of those codes:

If kv shows a taskGate

        use .tss on the part before the colon, then kv.

Else if kv shows a trapframe

        use .trap on that value

Else

        .trap on the appropriate frame will show where the trap was taken

        (on x86, this will be the ebp that goes with the procedure KiTrap)

Endif

kb will then show the corrected stack.

Arguments:

Arg1: 0000000000000008, EXCEPTION_DOUBLE_FAULT

Arg2: 0000000080050031

Arg3: 00000000000006f8

Arg4: fffff80002c86ec8


Debugging Details:

------------------


*** ERROR: Module load completed but symbols could not be loaded for avgtdia.sys

*** ERROR: Module load completed but symbols could not be loaded for vsdatant.sys


OVERLAPPED_MODULE:  


BUGCHECK_STR:  0x7f_8


DEFAULT_BUCKET_ID:  DRIVER_FAULT


CURRENT_IRQL:  2


LAST_CONTROL_TRANSFER:  from fffff80002cbdca9 to fffff80002cbe740


STACK_TEXT:  

fffff800`00ba4d28 fffff800`02cbdca9 : 00000000`0000007f 00000000`00000008 00000000`80050031 00000000`000006f8 : nt!KeBugCheckEx

fffff800`00ba4d30 fffff800`02cbc172 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiBugCheckDispatch+0x69

fffff800`00ba4e70 fffff800`02c86ec8 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiDoubleFaultAbort+0xb2

fffff880`03c31f80 fffff880`0178dc5a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!SeAccessCheckFromState+0x60

fffff880`03c32670 fffff880`0178b94f : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : NETIO!CompareSecurityContexts+0x6a

fffff880`03c326e0 fffff880`0178d9b5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : NETIO!MatchValues+0xef

fffff880`03c32730 fffff880`0178d845 : fffffa80`0737a5c0 fffffa80`03bc71a0 fffff880`03c32958 fffff880`03c33090 : NETIO!FilterMatch+0x95

fffff880`03c32780 fffff880`0178eccb : 00000000`00000000 00000000`00000000 fffff880`03c33090 fffff880`03c32940 : NETIO!IndexListClassify+0x69

fffff880`03c32800 fffff880`0183d417 : fffff880`03c32cd8 fffff880`03c32cd8 fffff880`03c33a10 fffffa80`0972dd50 : NETIO!KfdClassify+0xa4e

fffff880`03c32b70 fffff880`0183683e : fffff880`01945690 00000000`00000000 fffffa80`0446e6b0 00000000`00000000 : tcpip!WfpAleClassify+0x57

fffff880`03c32bb0 fffff880`01835cd5 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : tcpip!WfpAlepAuthorizeSend+0x94e

fffff880`03c332c0 fffff880`01839886 : 00000000`00000000 00000000`00000000 00000000`00000011 00000000`00000000 : tcpip!WfpAleAuthorizeSend+0x325

fffff880`03c33590 fffff880`0183c5e4 : 00000000`00000000 fffff880`03c339c8 fffff880`03c339d0 00000000`00000000 : tcpip!WfpAleConnectAcceptIndicate+0x106

fffff880`03c33680 fffff880`01835019 : 00000000`00000006 fffff800`02d81c2b 00000000`00000001 00000000`00000008 : tcpip!ProcessALEForTransportPacket+0x664

fffff880`03c338f0 fffff880`01863ef6 : 00000000`00000000 fffffa80`03a90002 fffffa80`06e48900 fffffa80`06d28900 : tcpip!WfpProcessOutTransportStackIndication+0x329

fffff880`03c33ac0 fffff880`018691ee : fffffa80`06e47a10 fffff880`01789804 fffff880`0196b9a0 fffffa80`0446e6b0 : tcpip!IppSendDatagramsCommon+0x526

fffff880`03c33d90 fffff880`01833db8 : fffffa80`0446e6b0 fffffa80`0972dd50 fffffa80`0972dd50 fffffa80`06e47a10 : tcpip!IpNlpSendDatagrams+0x3e

fffff880`03c33dd0 fffff880`0183432d : fffffa80`041a2080 fffffa80`06e241a0 fffff880`03c34720 00000000`00000000 : tcpip!UdpSendMessagesOnPathCreation+0x688

fffff880`03c34150 fffff880`01833fb5 : fffff880`03c34680 fffffa80`04468900 fffffa80`00000001 fffffa80`041e1b80 : tcpip!UdpSendMessages+0x35d

fffff880`03c34540 fffff800`02ccde5a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : tcpip!UdpTlProviderSendMessagesCalloutRoutine+0x15

fffff880`03c34570 fffff880`01834578 : fffff880`01833fa0 fffff880`03c34680 00000000`00000002 00000000`00000000 : nt!KeExpandKernelStackAndCalloutEx+0xda

fffff880`03c34650 fffff880`01bc5f45 : fffffa80`04abf170 fffffa80`07756b50 fffffa80`0462b010 fffffa80`0552c80e : tcpip!UdpTlProviderSendMessages+0x78

fffff880`03c346d0 fffff880`01bc5ff2 : 00000000`00000002 fffffa80`055cc690 fffffa80`04ce8c30 00000000`00000008 : tdx!TdxSendDatagramTransportAddress+0x2f5

fffff880`03c347b0 fffff880`02e3f57f : fffffa80`04ce8ad0 fffff800`02cce488 fffffa80`00000000 00000000`00000000 : tdx!TdxTdiDispatchInternalDeviceControl+0x52

fffff880`03c347e0 fffff880`02e3fc41 : 00000000`00000000 00000000`0000004a fffffa80`06e6edc0 fffffa80`0804e410 : avgtdia+0x457f

fffff880`03c34810 fffff880`02e9e542 : fffffa80`0552c620 fffffa80`06e6edc0 00000000`00000000 fffffa80`04ce8ad0 : avgtdia+0x4c41

fffff880`03c34840 fffff880`02e9ef61 : fffffa80`0552c7d8 fffffa80`0552c7d8 fffffa80`03e5d390 fffff880`03c34940 : netbt!TdiSendDatagram+0x187

fffff880`03c348b0 fffff880`02eab329 : fffffa80`03e24860 fffffa80`0552c620 00000000`00000021 00000000`0000004a : netbt!UdpSendDatagram+0x1b1

fffff880`03c34940 fffff880`02eab0e6 : 00000000`00000000 00000000`00000000 00000000`00000032 fffff880`02ec0089 : netbt!UdpSendResponse+0x4e0

fffff880`03c349c0 fffff880`02e9fbe7 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : netbt!QueryFromNet+0xb11

fffff880`03c34af0 fffff880`02e9db47 : 00000000`00000032 fffff880`059346aa 00000000`00000032 fffffa80`0462b002 : netbt!NameSrvHndlrNotOs+0xca

fffff880`03c34b30 fffff880`01bc4325 : fffffa80`06e4d290 fffffa80`03f60002 fffff880`03c34e38 fffffa80`06e4d290 : netbt!TdiRcvNameSrvHandler+0x367

fffff880`03c34bd0 fffff880`0183f395 : fffffa80`03f68600 00000000`00000000 fffffa80`03f68600 fffffa80`03f68600 : tdx!TdxEventReceiveMessagesTransportAddress+0x315

fffff880`03c34dc0 fffff880`0183f8a4 : fffffa80`00000000 fffffa80`03f68600 00000000`00000000 fffff880`059346a2 : tcpip!UdpDeliverDatagrams+0x155

fffff880`03c34f50 fffff880`0185d727 : fffffa80`04af5820 fffff880`00000000 fffffa80`06166680 00000000`00000000 : tcpip!UdpReceiveDatagrams+0x324

fffff880`03c35040 fffff880`0185d799 : fffff880`03c351c0 fffff880`0196b9a0 fffff880`03c351d0 fffffa80`04aa4960 : tcpip!IppDeliverListToProtocol+0xf7

fffff880`03c35100 fffff880`0185dc90 : fffff880`0196b9a0 fffffa80`05896160 00000000`00000011 fffff880`03c351c0 : tcpip!IppProcessDeliverList+0x59

fffff880`03c35170 fffff880`0185cb21 : 00000000`ff00a8c0 fffffa80`04c19138 fffff880`0196b9a0 00000000`0581dd01 : tcpip!IppReceiveHeaderBatch+0x231

fffff880`03c35250 fffff880`01934542 : fffffa80`060d4e30 00000000`00000000 fffffa80`0581dd01 00000000`00000001 : tcpip!IpFlcReceivePackets+0x651

fffff880`03c35450 fffff880`01634afa : fffffa80`042a9302 fffffa80`042a93d0 00000000`00000002 00000000`00000000 : tcpip!IppInspectInjectReceive+0xf2

fffff880`03c35490 fffff880`02f8137f : fffffa80`06eb29d0 fffffa80`0581dd00 00000000`00000000 00000000`00000000 : fwpkclnt!FwpsInjectTransportReceiveAsync0+0x256

fffff880`03c35540 fffff880`02f8059c : fffffa80`0581dd00 fffffa80`055ecdc0 fffffa80`0959ebf8 fffffa80`0959eac0 : vsdatant+0x1637f

fffff880`03c355d0 fffff880`02f79ca1 : fffffa80`0581dd00 fffffa80`0581dd00 fffff880`03c35e00 fffffa80`0581ddf8 : vsdatant+0x1559c

fffff880`03c356d0 fffff880`017a457f : fffff880`03c35db8 fffff880`03c35ed0 fffffa80`05dfca10 fffffa80`07096e40 : vsdatant+0xeca1

fffff880`03c35800 fffff880`0178d619 : 00000000`00000018 fffff880`03c35db8 fffffa80`041e1bd8 fffffa80`05dfca10 : NETIO! ?? ::FNODOBFM::`string'+0x7267

fffff880`03c35920 fffff880`0178ebb1 : 00000000`00000018 fffff880`03c35db8 fffff880`03c35ed0 fffff880`00000000 : NETIO!ArbitrateAndEnforce+0x2a9

fffff880`03c359f0 fffff880`018fefbb : fffff880`03c36408 fffff880`03c35db8 fffff880`00000000 fffffa80`05dfca10 : NETIO!KfdClassify+0x934

fffff880`03c35d60 fffff880`01802d10 : 00000000`00000000 fffffa80`0446e6b0 fffffa80`041e1ce0 00000000`00000000 : tcpip!WFPDatagramDataShimV4+0x49b

fffff880`03c360c0 fffff880`0187e73d : fffff880`03c36518 fffff880`0169628a fffffa80`04ab09a0 fffffa80`05dfca10 : tcpip! ?? ::FNODOBFM::`string'+0x2b43f

fffff880`03c36330 fffff880`0183e050 : fffffa80`0446e6b0 00000000`00000000 00000000`00000002 00000000`00000000 : tcpip!ProcessAleForNonTcpIn+0x1ad



FOLLOWUP_IP: 

NETIO!CompareSecurityContexts+6a

fffff880`0178dc5a 448b442470       mov     r8d,[rsp+0x70]


SYMBOL_STACK_INDEX:  4


FOLLOWUP_NAME:  MachineOwner


SYMBOL_NAME:  NETIO!CompareSecurityContexts+6a


MODULE_NAME:  NETIO


IMAGE_NAME:  NETIO.SYS


DEBUG_FLR_IMAGE_TIMESTAMP:  4bbe946f


STACK_COMMAND:  kb


FAILURE_BUCKET_ID:  X64_0x7f_8_NETIO!CompareSecurityContexts+6a


BUCKET_ID:  X64_0x7f_8_NETIO!CompareSecurityContexts+6a


Followup: MachineOwner

---------


Dein Kommentar

Du kannst jetzt schreiben und Dich später registrieren. Wenn Du ein Konto hast, melde Dich jetzt an, um unter Deinem Benutzernamen zu schreiben.

Gast
Auf dieses Thema antworten...

×   Du hast formatierten Text eingefügt.   Formatierung wiederherstellen

  Nur 75 Emojis sind erlaubt.

×   Dein Link wurde automatisch eingebettet.   Einbetten rückgängig machen und als Link darstellen

×   Dein vorheriger Inhalt wurde wiederhergestellt.   Editor leeren

×   Du kannst Bilder nicht direkt einfügen. Lade Bilder hoch oder lade sie von einer URL.

Fachinformatiker.de, 2024 by SE Internet Services

fidelogo_small.png

Schicke uns eine Nachricht!

Fachinformatiker.de ist die größte IT-Community
rund um Ausbildung, Job, Weiterbildung für IT-Fachkräfte.

Fachinformatiker.de App

Download on the App Store
Get it on Google Play

Kontakt

Hier werben?
Oder sende eine E-Mail an

Social media u. feeds

Jobboard für Fachinformatiker und IT-Fachkräfte

×
×
  • Neu erstellen...