win7 32 蓝屏。

网络安全

NO.1

Loading Kernel Symbols
...............................................................
................................................................
.............................
Loading User Symbols
Loading unloaded module list
.........
Unable to load image 360netmon.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for 360netmon.sys
*** ERROR: Module load completed but symbols could not be loaded for 360netmon.sys
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000000A, {b2e080e4, 2, 0, 842d6ca4}

Probably caused by : 360netmon.sys ( 360netmon+3591 )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: b2e080e4, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, bitfield :
        bit 0 : value 0 = read operation, 1 = write operation
        bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: 842d6ca4, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS: GetPointerFromAddress: unable to read from 84384718
Unable to read MiSystemVaType memory at 84364160
b2e080e4

CURRENT_IRQL:  2

FAULTING_IP:
nt!PsGetProcessId+8
842d6ca4 8b80b4000000    mov     eax,dword ptr [eax+0B4h]

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0xA

PROCESS_NAME:  QvodTerminal.e

LAST_CONTROL_TRANSFER:  from 902e0591 to 842d6ca4

STACK_TEXT:  
9dd2573c 902e0591 b2e08030 0dfc368a 86aa1870 nt!PsGetProcessId+0x8
WARNING: Stack unwind information not available. Following frames may be wrong.
9dd25778 902df5d0 b2e08030 0dfc3632 8736ff58 360netmon+0x3591
9dd257c0 842584bc 87b12ad0 86aa17b8 86aa1940 360netmon+0x25d0
9dd257d8 9034da0e 0de1c817 9dd2589c 00000001 nt!IofCallDriver+0x63
902f9d80 8838d9e8 00000000 00000000 00000000 afd!AfdFastConnectionSend+0x2a6
902f9d94 00000000 00000000 902f9d00 8755dc6c 0x8838d9e8


STACK_COMMAND:  kb

FOLLOWUP_IP:
360netmon+3591
902e0591 ??              ???

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  360netmon+3591

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: 360netmon

IMAGE_NAME:  360netmon.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4f2787de

FAILURE_BUCKET_ID:  0xA_360netmon+3591

BUCKET_ID:  0xA_360netmon+3591

Followup: MachineOwner
---------

0: kd> lmvm 360netmon
start    end        module name
902dd000 90306000   360netmon T (no symbols)           
    Loaded symbol image file: 360netmon.sys
    Image path: 360netmon.sys
    Image name: 360netmon.sys
    Timestamp:        Tue Jan 31 14:19:10 2012 (4F2787DE)
    CheckSum:         00015F01
    ImageSize:        00029000
    Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4

360主动防御

收到 谢谢.

网络安全

NO2. 今天蓝的。

Symbol search path is: SRV*D:\MyLocalSymbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7600 MP (4 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16905.x86fre.win7_gdr.111025-1503
Machine Name:
Kernel base = 0x84406000 PsLoadedModuleList = 0x8454e810
Debug session time: Fri Aug 17 14:54:29.806 2012 (UTC + 8:00)
System Uptime: 0 days 0:00:14.258
Loading Kernel Symbols
...............................................................
................................................................
..............
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000008E, {c0000005, 84525bae, 8bd3baf4, 0}

Probably caused by : rdyboost.sys ( rdyboost!SmAlloc+13 )

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003.  This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG.  This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG.  This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 84525bae, The address that the exception occurred at
Arg3: 8bd3baf4, Trap Frame
Arg4: 00000000

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - 0x%08lx

FAULTING_IP:
nt!ExAllocatePoolWithTag+3
84525bae 8bec            mov     ebp,esp

TRAP_FRAME:  8bd3baf4 -- (.trap 0xffffffff8bd3baf4)
ErrCode = 00000000
eax=00000001 ebx=00000001 ecx=8a61c0b4 edx=00000000 esi=00000001 edi=00000001
eip=84525bae esp=8bd3bb68 ebp=8bd3bb7c iopl=0         nv up ei pl nz na po nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010202
nt!ExAllocatePoolWithTag+0x3:
84525bae 8bec            mov     ebp,esp
Resetting default scope

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x8E

PROCESS_NAME:  MPSVC2.exe

CURRENT_IRQL:  0

LAST_CONTROL_TRANSFER:  from 8a60fca7 to 84525bae

STACK_TEXT:  
8bd3bb68 8a60fca7 00000000 00000020 69576d73 nt!ExAllocatePoolWithTag+0x3
8bd3bb7c 8a613aa2 00000020 69576d73 8bd3bc20 rdyboost!SmAlloc+0x13
8bd3bbf0 8a61409b 8a61c0b0 8bd3bc18 88159680 rdyboost!SMKM_STORE_MGR<SMD_TRAITS>::SmPageRead+0x150
8bd3bc24 8a60283e 8a61c0b0 872b63b8 8817b008 rdyboost!SmdReadFromStore+0xad
8bd3bc9c 8a60c88b 872b63b8 00001000 872b6300 rdyboost!SmdRBDispatchReadWrite+0x1de
8bd3bcb8 844424bc 872b63b8 8817b008 00000000 rdyboost!SmdDispatchReadWrite+0xb1
8bd3bcd0 8a7b7996 872b8528 8bd3bd28 8819d030 nt!IofCallDriver+0x63
8bd3bce4 8a7b99b1 872b85e0 872b8528 8817b008 volsnap!VolSnapReadFilter+0x12e
8bd3bcf8 844424bc 872b8528 8817b008 8bd47358 volsnap!VolSnapRead+0x1b
8bd3bd10 8a25f91c 8bd472b8 8bd3bd34 8447627e nt!IofCallDriver+0x63
8bd3bd1c 8447627e 8bd47358 000007b0 ffffffff Ntfs!NtfsStorageDriverCallout+0x14
8bd3bd1c 84476375 8bd47358 000007b0 ffffffff nt!KiSwapKernelStackAndExit+0x15a
8bd472c8 00000000 00000000 00000000 00000000 nt!KiSwitchKernelStackAndCallout+0x31


STACK_COMMAND:  kb

FOLLOWUP_IP:
rdyboost!SmAlloc+13
8a60fca7 5d              pop     ebp

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  rdyboost!SmAlloc+13

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: rdyboost

IMAGE_NAME:  rdyboost.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4a5bc19a

FAILURE_BUCKET_ID:  0x8E_rdyboost!SmAlloc+13

BUCKET_ID:  0x8E_rdyboost!SmAlloc+13

Followup: MachineOwner
---------

0: kd> lmvm rdyboost
start    end        module name
8a600000 8a62d000   rdyboost   (pdb symbols)          d:\mylocalsymbols\rdyboost.pdb\792FB6B1CC734F009B6BE210780710AC1\rdyboost.pdb
    Loaded symbol image file: rdyboost.sys
    Mapped memory image file: d:\mylocalsymbols\rdyboost.sys\4A5BC19A2d000\rdyboost.sys
    Image path: rdyboost.sys
    Image name: rdyboost.sys
    Timestamp:        Tue Jul 14 07:22:02 2009 (4A5BC19A)
    CheckSum:         0002E815
    ImageSize:        0002D000
    File version:     6.1.7600.16385
    Product version:  6.1.7600.16385
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        3.7 Driver
    File date:        00000000.00000000
    Translations:     0000.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     rdyboost.sys
    OriginalFilename: rdyboost.sys
    ProductVersion:   6.1.7600.16385
    FileVersion:      6.1.7600.16385 (win7_rtm.090713-1255)
    FileDescription:  ReadyBoost Driver
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
0: kd> .trap 0xffffffff8bd3baf4
ErrCode = 00000000
eax=00000001 ebx=00000001 ecx=8a61c0b4 edx=00000000 esi=00000001 edi=00000001
eip=84525bae esp=8bd3bb68 ebp=8bd3bb7c iopl=0         nv up ei pl nz na po nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010202
nt!ExAllocatePoolWithTag+0x3:
84525bae 8bec            mov     ebp,esp

22667999

试试电脑门诊啊

360主动防御

第一个显示360netmon蓝屏的问题 线上版本已经解决了. 升级老版本正在进行中.

拎起一只小萝莉

360主动防御 发表于 2012-8-17 15:21
收到 谢谢.

好啊、终于找到你了

下载保护什么时候支持opera？