none
XP蓝屏 已用WINDBG导出错误信息 高人指点 RRS feed

  • 问题

  • 电脑经常蓝屏,前天换了系统,,以前的错误信息都没有了,刚刚又蓝屏了,我复制一下,希望达人指点

     

    Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
    Copyright (c) Microsoft Corporation. All rights reserved.


    Loading Dump File [C:\WINDOWS\Minidump\Mini060410-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available

    Symbol search path is: *** Invalid ***
    ****************************************************************************
    * Symbol loading may be unreliable without a symbol search path.           *
    * Use .symfix to have the debugger choose a symbol path.                   *
    * After setting your symbol path, use .reload to refresh symbol locations. *
    ****************************************************************************
    Executable search path is:
    *********************************************************************
    * Symbols can not be loaded because symbol path is not initialized. *
    *                                                                   *
    * The Symbol Path can be set by:                                    *
    *   using the _NT_SYMBOL_PATH environment variable.                 *
    *   using the -y <symbol_path> argument when starting the debugger. *
    *   using .sympath and .sympath+                                    *
    *********************************************************************
    Unable to load image ntoskrnl.exe, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for ntoskrnl.exe
    *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
    Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS
    Machine Name:
    Kernel base = 0x804d8000 PsLoadedModuleList = 0x8055e720
    Debug session time: Fri Jun  4 00:37:43.296 2010 (GMT+8)
    System Uptime: 0 days 2:51:55.946
    *********************************************************************
    * Symbols can not be loaded because symbol path is not initialized. *
    *                                                                   *
    * The Symbol Path can be set by:                                    *
    *   using the _NT_SYMBOL_PATH environment variable.                 *
    *   using the -y <symbol_path> argument when starting the debugger. *
    *   using .sympath and .sympath+                                    *
    *********************************************************************
    Unable to load image ntoskrnl.exe, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for ntoskrnl.exe
    *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
    Loading Kernel Symbols
    ...............................................................
    ..............................................................
    Loading User Symbols
    Loading unloaded module list
    ...........
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    Use !analyze -v to get detailed debugging information.

    BugCheck 10000050, {a8ed50e4, 0, 805bc550, 0}

    *** WARNING: Unable to verify timestamp for mssmbios.sys
    *** ERROR: Module load completed but symbols could not be loaded for mssmbios.sys
    ***** Kernel symbols are WRONG. Please fix symbols to do analysis.

    *** WARNING: Unable to verify timestamp for Hookport.sys
    *** ERROR: Module load completed but symbols could not be loaded for Hookport.sys
    *************************************************************************
    ***                                                                   ***
    ***                                                                   ***
    ***    Your debugger is not using the correct symbols                 ***
    ***                                                                   ***
    ***    In order for this command to work properly, your symbol path   ***
    ***    must point to .pdb files that have full type information.      ***
    ***                                                                   ***
    ***    Certain .pdb files (such as the public OS symbols) do not      ***
    ***    contain the required information.  Contact the group that      ***
    ***    provided you with these symbols if you need this command to    ***
    ***    work.                                                          ***
    ***                                                                   ***
    ***    Type referenced: nt!_KPRCB                                     ***
    ***                                                                   ***
    *************************************************************************
    *************************************************************************
    ***                                                                   ***
    ***                                                                   ***
    ***    Your debugger is not using the correct symbols                 ***
    ***                                                                   ***
    ***    In order for this command to work properly, your symbol path   ***
    ***    must point to .pdb files that have full type information.      ***
    ***                                                                   ***
    ***    Certain .pdb files (such as the public OS symbols) do not      ***
    ***    contain the required information.  Contact the group that      ***
    ***    provided you with these symbols if you need this command to    ***
    ***    work.                                                          ***
    ***                                                                   ***
    ***    Type referenced: nt!_KPRCB                                     ***
    ***                                                                   ***
    *************************************************************************
    *********************************************************************
    * Symbols can not be loaded because symbol path is not initialized. *
    *                                                                   *
    * The Symbol Path can be set by:                                    *
    *   using the _NT_SYMBOL_PATH environment variable.                 *
    *   using the -y <symbol_path> argument when starting the debugger. *
    *   using .sympath and .sympath+                                    *
    *********************************************************************
    *********************************************************************
    * Symbols can not be loaded because symbol path is not initialized. *
    *                                                                   *
    * The Symbol Path can be set by:                                    *
    *   using the _NT_SYMBOL_PATH environment variable.                 *
    *   using the -y <symbol_path> argument when starting the debugger. *
    *   using .sympath and .sympath+                                    *
    *********************************************************************
    Probably caused by : Hookport.sys ( Hookport+4829 )

    Followup: MachineOwner
    ---------

     

     

    2010年6月3日 17:21

答案

  • Hookport.sys是360安全卫士对系统进行挂钩操作的核心模块。其中主要方式对SSDT和shadowSSDT安装钩子函数。

    建议您先卸载或重新安装360安全卫士,看看是否能够解决问题


    共同努力,共同提高
    kaedei#live.cn My BLOG
    2010年6月4日 1:42

全部回复

  • Hookport.sys是360安全卫士对系统进行挂钩操作的核心模块。其中主要方式对SSDT和shadowSSDT安装钩子函数。

    建议您先卸载或重新安装360安全卫士,看看是否能够解决问题


    共同努力,共同提高
    kaedei#live.cn My BLOG
    2010年6月4日 1:42
  • 360 安全卫士组件 HOOKPORT.SYS 引发的软件兼容问题,尝试卸载 360。如果问题可以解决,请逐一排查 360 是否与其它软件有兼容问题。
     
    --
    Alexis Zhang
     
    https://mvp.support.microsoft.com/profile/jie
    http://blogs.itecn.net/blogs/alexis
    http://social.technet.microsoft.com/Forums/zh-CN/categories
     
    微软中文技术论坛
    Windows 系统组/微软硬件组 版主
     
    本帖是回复帖,原帖作者是楼上的 "蓝蓝的色"
     
    电脑经常蓝屏,前天换了系统,,以前的错误信息都没有了,刚刚又蓝屏了,我复制一下,希望达人指点
    Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
     
     
    2010年6月4日 9:50
    版主