本帖最后由 a3223351 于 2016-5-26 18:27 编辑
前两天同事电脑老是突然蓝屏,
系统是Windows7 64位,杀毒软件为毒霸
我简单分析了一下蓝屏代码0x0000007A
根据网上的资料
错误名称 0x0000007A:KERNEL_DATA_INPAGE_ERROR
故障分析 0x0000007A错误表示虚拟内存中的某些内核数据无法被读入内存。这个错误一般是因为内存发生故障,虚拟内存页面文件存在坏簇,计算机遭到了病毒、木马、间谍软件、广告软件、流氓软件等恶意程序的攻击等原因引起的。 如果遇到0x0000007A错误,建议首先执行磁盘扫描程序对所有的磁盘驱动器进行全面检测,看看磁盘驱动器是否存在磁盘错误或文件错误;其次请执行安全防护类软件对计算机进行全面检查,看看计算机是否遭到了病毒、木马、间谍软件、广告软件、流氓软件等恶意程序的攻击。
做了以下措施:用驱动人生升级了部分驱动,检测了硬盘分区,
杀毒软件换成360卫士,也用了360卫士的蓝屏修复,还有360全盘扫面杀毒。
结果无效,还是会蓝屏,主要是我自己也没找到问题根源,所以现在求助卡饭,看看坛友能否帮忙看看?
蓝屏文件在最下面。
另外用windebug查到的信息是
Probably caused by : ntoskrnl.exe ( nt+70380 )
[mw_shl_code=css,true]
Loading Dump File [C:\Program Files (x86)\WiseUCEnt\DATA\115871\Downloads\052616-25724-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Machine Name:
Kernel base = 0xfffff800`0401e000 PsLoadedModuleList = 0xfffff800`04260730
Debug session time: Thu May 26 11:10:16.831 2016 (UTC + 8:00)
System Uptime: 0 days 2:20:14.000
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
...............................................................
................................................................
.........................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 7A, {fffff6fb800083f8, ffffffffc00000c0, 9d824880, fffff7000107fff8}
*** WARNING: Unable to verify timestamp for mssmbios.sys
*** ERROR: Module load completed but symbols could not be loaded for mssmbios.sys
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
Probably caused by : ntoskrnl.exe ( nt+70380 )
Followup: MachineOwner
---------[/mw_shl_code]
|
发表于 2016-5-26 13:59:10
楼主