BSOD...蓝屏了

显示全部楼层 · 发表于 2012-7-12 23:13:57

本帖最后由 hopetobe 于 2012-7-13 00:14 编辑

新装的系统win7 sp1 32bit，两天各蓝屏一次，初步怀疑是360的问题，安装版本 8.6，其它安全软件，ESET Smart Security 5.2（已经排除360安全卫士所在的文件夹）。发生情景貌似一次是开机联网后不久，一次是使用软件管家下载软件后不久。
附件，两次蓝屏的mimidump

请官人帮忙分析解决。

显示全部楼层 · 发表于 2012-7-13 00:18:39

都与 ESET Smart Security 的驱动 epfw.sys 有关

显示全部楼层 · 发表于 2012-7-13 01:10:57

本帖最后由 hopetobe 于 2012-7-13 01:30 编辑

怎么样了发表于 2012-7-13 00:18
都与 ESET Smart Security 的驱动 epfw.sys 有关

DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: ae20a000, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, value 0 = read operation, 1 = write operation
Arg4: 8d1c19c4, address which referenced memory

Debugging Details:
------------------

TRIAGER: Could not open triage file : e:\dump_analysis\program\triage\modclass.ini, error 2

READ_ADDRESS: GetPointerFromAddress: unable to read from 841ba848
Unable to read MiSystemVaType memory at 84199e20
ae20a000

CURRENT_IRQL:  2

FAULTING_IP:
+0
8d1c19c4 8a10          mov    dl,byte ptr [eax]

DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT

BUGCHECK_STR:  0xD1

PROCESS_NAME:  360Tray.exe

TRAP_FRAME:  b1c6eba4 -- (.trap 0xffffffffb1c6eba4)
ErrCode = 00000000
eax=ae20a000 ebx=ae209fb2 ecx=00000000 edx=0000003e esi=0000004e edi=00000026
eip=8d1c19c4 esp=b1c6ec18 ebp=b1c6ec94 iopl=0       nv up ei ng nz na pe cy
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000          efl=00010287
8d1c19c4 8a10          mov    dl,byte ptr [eax]       ds:0023:ae20a000=??
Resetting default scope

LAST_CONTROL_TRANSFER:  from 8d1c19c4 to 8409265b

STACK_TEXT:
b1c6eba4 8d1c19c4 badb0d00 0000003e b1c6ebec nt!KiTrap0E+0x2cf
WARNING: Frame IP not in any known module. Following frames may be wrong.
b1c6ec94 8d1c68ad ae209fb2 0000004e 00000001 0x8d1c19c4
b1c6ed34 8a213a94 ae209fce 868c5500 00000032 0x8d1c68ad
b1c6ed54 8a20a82b ae305de0 00000000 ae20a000 ndis!RtlCopyMdlToBuffer+0x6d
b1c6ed7c 00000000 00000001 b1c6edb8 00000001 ndis!NdisGetDataBuffer+0x6a

STACK_COMMAND:  kb

FOLLOWUP_IP:
ndis!RtlCopyMdlToBuffer+6d
8a213a94 017d10       add    dword ptr [ebp+10h],edi

SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  ndis!RtlCopyMdlToBuffer+6d

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: ndis

IMAGE_NAME:  ndis.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4ce78937

FAILURE_BUCKET_ID:  0xD1_ndis!RtlCopyMdlToBuffer+6d

BUCKET_ID:  0xD1_ndis!RtlCopyMdlToBuffer+6d

Followup: MachineOwner

Dump里面没有直接列出epfw.sys,不过Ndis.sys与network相关，能不能解释一下，这其中的冲突在哪里，有没有共存的解决办法？单ESS未见蓝屏……

显示全部楼层 · 发表于 2012-7-13 02:02:41

hopetobe 发表于 2012-7-13 01:10
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely inva ...

这不是冲突，应该是ESET的bug，卸载它即可

显示全部楼层 · 发表于 2012-7-13 09:42:11

MJ回答好干脆利落

显示全部楼层 · 发表于 2012-7-13 09:56:20

360一般不会有问题的

显示全部楼层 · 发表于 2012-7-14 09:02:54

BootLoader 发表于 2012-7-13 02:02
这不是冲突，应该是ESET的bug，卸载它即可

MJ干净利落，威武

[问题反馈] BSOD...蓝屏了

本帖子中包含更多资源