none
下载BT时经常会蓝屏 RRS feed

  • 问题

  • 这是WinDbg的信息麻烦看一下

     


    Microsoft (R) Windows Debugger Version 6.10.0003.233 X86
    Copyright (c) Microsoft Corporation. All rights reserved.


    Loading Dump File [C:\WINDOWS\Minidump\Mini010609-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available

    Symbol search path is: SRV*c:\temp*http://msdl.microsoft.com/download/symbols
    Executable search path is:
    Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 2600.xpsp_sp3_gdr.080814-1236
    Machine Name:
    Kernel base = 0x804d8000 PsLoadedModuleList = 0x8055e720
    Debug session time: Tue Jan  6 16:13:46.125 2009 (GMT+8)
    System Uptime: 0 days 3:01:00.817
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    .............
    Loading User Symbols
    Loading unloaded module list
    ...................
    Unable to load image TF0003.sys, Win32 error 0n2
    *** ERROR: Module load completed but symbols could not be loaded for TF0003.sys
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    Use !analyze -v to get detailed debugging information.

    BugCheck 100000D1, {a93ecf68, 2, 0, ba5e48f8}

    Unable to load image sptd.sys, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for sptd.sys
    *** ERROR: Module load completed but symbols could not be loaded for sptd.sys
    Probably caused by : TF0003.sys ( TF0003+8f8 )

    Followup: MachineOwner
    ---------

    1: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high.  This is usually
    caused by drivers using improper addresses.
    If kernel debugger is available get stack backtrace.
    Arguments:
    Arg1: a93ecf68, memory referenced
    Arg2: 00000002, IRQL
    Arg3: 00000000, value 0 = read operation, 1 = write operation
    Arg4: ba5e48f8, address which referenced memory

    Debugging Details:
    ------------------


    READ_ADDRESS:  a93ecf68

    CURRENT_IRQL:  2

    FAULTING_IP:
    TF0003+8f8
    ba5e48f8 8b08            mov     ecx,dword ptr [eax]

    CUSTOMER_CRASH_COUNT:  1

    DEFAULT_BUCKET_ID:  DRIVER_FAULT

    BUGCHECK_STR:  0xD1

    PROCESS_NAME:  WebThunder.exe

    LAST_CONTROL_TRANSFER:  from b9c490d5 to ba5e48f8

    STACK_TEXT: 
    WARNING: Stack unwind information not available. Following frames may be wrong.
    ba4dbe38 b9c490d5 896249c8 8719a420 8a607028 TF0003+0x8f8
    ba4dbea0 b9c49d47 870fa428 00000000 8a6077d8 USBPORT!USBPORT_CompleteTransfer+0x373
    ba4dbed0 b9c4a944 026e6f44 8a6070e0 8a6070e0 USBPORT!USBPORT_DoneTransfer+0x137
    ba4dbf08 b9c4c13a 8a607028 80547acc 8a607230 USBPORT!USBPORT_FlushDoneTransferList+0x16c
    ba4dbf34 b9c5a24b 8a607028 80547acc 8a607028 USBPORT!USBPORT_DpcWorker+0x224
    ba4dbf70 b9c5a3c2 8a607028 00000001 8a6e152c USBPORT!USBPORT_IsrDpcWorker+0x38f
    ba4dbf8c b9eb8d54 8a60764c 6b755044 00000000 USBPORT!USBPORT_IsrDpc+0x166
    ba4dbfcc 80546e7f 8a60764c 8a607028 00000000 sptd+0x11d54
    ba4dbff4 805469eb aa42db54 00000000 00000000 nt!KiRetireDpcList+0x61
    ba4dbff8 aa42db54 00000000 00000000 00000000 nt!KiDispatchInterrupt+0x2b
    805469eb 00000000 00000009 0081850f bb830000 0xaa42db54


    STACK_COMMAND:  kb

    FOLLOWUP_IP:
    TF0003+8f8
    ba5e48f8 8b08            mov     ecx,dword ptr [eax]

    SYMBOL_STACK_INDEX:  0

    SYMBOL_NAME:  TF0003+8f8

    FOLLOWUP_NAME:  MachineOwner

    MODULE_NAME: TF0003

    IMAGE_NAME:  TF0003.sys

    DEBUG_FLR_IMAGE_TIMESTAMP:  464c0880

    FAILURE_BUCKET_ID:  0xD1_TF0003+8f8

    BUCKET_ID:  0xD1_TF0003+8f8

    Followup: MachineOwner
    ---------

    问题TF0003.sys是怎么回事?为什么下载BT就会蓝屏?

    2009年1月6日 9:29

答案

  • 2次蓝屏都在不用的位置,应该是你机器中某些软件冲突。

    web迅雷也不是很稳定。

    建议你下载BT使用BitComet来下载。或者你使用迅雷(非WEB版)

    然后运行MSCONFIG》启动》全部禁用》重启之后再下载BT,看看是否还蓝屏。

     

    2009年1月7日 3:38
    版主
  • 把讯雷卸载了试试,看看是否还蓝屏。
    建议使用官方的BT客户端。不要用Web讯雷。
    2009年1月7日 8:04

全部回复

  • 问题出在sptd.sys和TF0003.sys2个文件上面

    sptd.sys是Daemon Tools的一个驱动文件,建议你删除这个软件再看看是否蓝屏。

    TF0003.sys没有资料,估计是驱动级别的恶意软件或也可能Daemon Tools的一个文件,你扫描下病毒,恶意软件看看。

    2009年1月6日 9:54
    版主
  •  

    可能是软件不兼容造成,尝试卸载手柄驱动程序。

    2009年1月6日 10:51
  •  


    Microsoft (R) Windows Debugger Version 6.10.0003.233 X86
    Copyright (c) Microsoft Corporation. All rights reserved.


    Loading Dump File [C:\WINDOWS\Minidump\Mini010609-02.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available

    Symbol search path is: SRV*c:\temp*http://msdl.microsoft.com/download/symbols
    Executable search path is:
    Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 2600.xpsp_sp3_gdr.080814-1236
    Machine Name:
    Kernel base = 0x804d8000 PsLoadedModuleList = 0x8055e720
    Debug session time: Tue Jan  6 18:12:58.953 2009 (GMT+8)
    System Uptime: 0 days 0:55:21.649
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    ..........
    Loading User Symbols
    Loading unloaded module list
    .................
    Unable to load image NVENETFD.sys, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for NVENETFD.sys
    *** ERROR: Module load completed but symbols could not be loaded for NVENETFD.sys
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    Use !analyze -v to get detailed debugging information.

    BugCheck 1000000A, {8ab4085c, 2, 0, 8050a24a}

    *** WARNING: Unable to verify timestamp for NVNRM.SYS
    *** ERROR: Module load completed but symbols could not be loaded for NVNRM.SYS
    Probably caused by : NVENETFD.sys ( NVENETFD+46dc )

    Followup: MachineOwner
    ---------

    1: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    IRQL_NOT_LESS_OR_EQUAL (a)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high.  This is usually
    caused by drivers using improper addresses.
    If a kernel debugger is available get the stack backtrace.
    Arguments:
    Arg1: 8ab4085c, memory referenced
    Arg2: 00000002, IRQL
    Arg3: 00000000, bitfield :
     bit 0 : value 0 = read operation, 1 = write operation
     bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
    Arg4: 8050a24a, address which referenced memory

    Debugging Details:
    ------------------


    READ_ADDRESS:  8ab4085c

    CURRENT_IRQL:  2

    FAULTING_IP:
    nt!MmMapLockedPagesSpecifyCache+214
    8050a24a 8b530c          mov     edx,dword ptr [ebx+0Ch]

    CUSTOMER_CRASH_COUNT:  2

    DEFAULT_BUCKET_ID:  DRIVER_FAULT

    BUGCHECK_STR:  0xA

    PROCESS_NAME:  Idle

    LAST_CONTROL_TRANSFER:  from ba22c6dc to 8050a24a

    STACK_TEXT: 
    ba4d7c88 ba22c6dc 8a141748 1f000000 00000001 nt!MmMapLockedPagesSpecifyCache+0x214
    WARNING: Stack unwind information not available. Following frames may be wrong.
    ba4d7cb4 b9b6bead 8a500000 8a365b48 000001e3 NVENETFD+0x46dc
    ba4d7cf4 b9b6cc3e b9bd4990 ba4d7d28 8a4ee77c NVNRM+0xfead
    ba4d7d28 80546e7f 8a4ee5ec 00000000 00000000 NVNRM+0x10c3e
    ba4d7d50 80546d64 00000000 0000000e 4ba22050 nt!KiRetireDpcList+0x61
    ba4d7d54 00000000 0000000e 4ba22050 50281140 nt!KiIdleLoop+0x28


    STACK_COMMAND:  kb

    FOLLOWUP_IP:
    NVENETFD+46dc
    ba22c6dc ??              ???

    SYMBOL_STACK_INDEX:  1

    SYMBOL_NAME:  NVENETFD+46dc

    FOLLOWUP_NAME:  MachineOwner

    MODULE_NAME: NVENETFD

    IMAGE_NAME:  NVENETFD.sys

    DEBUG_FLR_IMAGE_TIMESTAMP:  463be0da

    FAILURE_BUCKET_ID:  0xA_NVENETFD+46dc

    BUCKET_ID:  0xA_NVENETFD+46dc

    Followup: MachineOwner
    ---------

     

    再一次地蓝屏了,这是网卡问题?
    2009年1月6日 10:53
  •  

    尝试重新安装主板驱动。

    2009年1月6日 11:04
  •  

    你们的方法试过了,还是在下载BT的时候出现蓝屏啊,还有其它方法吗?

    2009年1月6日 15:00
  • WebThunder.exe是迅雷。联系迅雷技术支持以解决这个问题。
    2009年1月6日 16:44
  •  笨笨ONE 写:

    问题出在sptd.sys和TF0003.sys2个文件上面

    sptd.sys是Daemon Tools的一个驱动文件,建议你删除这个软件再看看是否蓝屏。

    TF0003.sys没有资料,估计是驱动级别的恶意软件或也可能Daemon Tools的一个文件,你扫描下病毒,恶意软件看看。

    spyd.sys是windows symbols不能加载!不能说是他引起的!意思就是symbols无法分析这个文件!

    2009年1月7日 3:29
  •  Suteki1 写:

     


    Microsoft (R) Windows Debugger Version 6.10.0003.233 X86
    Copyright (c) Microsoft Corporation. All rights reserved.


    Loading Dump File [C:\WINDOWS\Minidump\Mini010609-02.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available

    Symbol search path is: SRV*c:\temp*http://msdl.microsoft.com/download/symbols
    Executable search path is:
    Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 2600.xpsp_sp3_gdr.080814-1236
    Machine Name:
    Kernel base = 0x804d8000 PsLoadedModuleList = 0x8055e720
    Debug session time: Tue Jan  6 18:12:58.953 2009 (GMT+8)
    System Uptime: 0 days 0:55:21.649
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    ..........
    Loading User Symbols
    Loading unloaded module list
    .................
    Unable to load image NVENETFD.sys, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for NVENETFD.sys
    *** ERROR: Module load completed but symbols could not be loaded for NVENETFD.sys
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    Use !analyze -v to get detailed debugging information.

    BugCheck 1000000A, {8ab4085c, 2, 0, 8050a24a}

    *** WARNING: Unable to verify timestamp for NVNRM.SYS
    *** ERROR: Module load completed but symbols could not be loaded for NVNRM.SYS
    Probably caused by : NVENETFD.sys ( NVENETFD+46dc )

    Followup: MachineOwner
    ---------

    1: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    IRQL_NOT_LESS_OR_EQUAL (a)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high.  This is usually
    caused by drivers using improper addresses.
    If a kernel debugger is available get the stack backtrace.
    Arguments:
    Arg1: 8ab4085c, memory referenced
    Arg2: 00000002, IRQL
    Arg3: 00000000, bitfield :
     bit 0 : value 0 = read operation, 1 = write operation
     bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
    Arg4: 8050a24a, address which referenced memory

    Debugging Details:
    ------------------


    READ_ADDRESS:  8ab4085c

    CURRENT_IRQL:  2

    FAULTING_IP:
    nt!MmMapLockedPagesSpecifyCache+214
    8050a24a 8b530c          mov     edx,dword ptr [ebx+0Ch]

    CUSTOMER_CRASH_COUNT:  2

    DEFAULT_BUCKET_ID:  DRIVER_FAULT

    BUGCHECK_STR:  0xA

    PROCESS_NAME:  Idle

    LAST_CONTROL_TRANSFER:  from ba22c6dc to 8050a24a

    STACK_TEXT: 
    ba4d7c88 ba22c6dc 8a141748 1f000000 00000001 nt!MmMapLockedPagesSpecifyCache+0x214
    WARNING: Stack unwind information not available. Following frames may be wrong.
    ba4d7cb4 b9b6bead 8a500000 8a365b48 000001e3 NVENETFD+0x46dc
    ba4d7cf4 b9b6cc3e b9bd4990 ba4d7d28 8a4ee77c NVNRM+0xfead
    ba4d7d28 80546e7f 8a4ee5ec 00000000 00000000 NVNRM+0x10c3e
    ba4d7d50 80546d64 00000000 0000000e 4ba22050 nt!KiRetireDpcList+0x61
    ba4d7d54 00000000 0000000e 4ba22050 50281140 nt!KiIdleLoop+0x28


    STACK_COMMAND:  kb

    FOLLOWUP_IP:
    NVENETFD+46dc
    ba22c6dc ??              ???

    SYMBOL_STACK_INDEX:  1

    SYMBOL_NAME:  NVENETFD+46dc

    FOLLOWUP_NAME:  MachineOwner

    MODULE_NAME: NVENETFD

    IMAGE_NAME:  NVENETFD.sys

    DEBUG_FLR_IMAGE_TIMESTAMP:  463be0da

    FAILURE_BUCKET_ID:  0xA_NVENETFD+46dc

    BUCKET_ID:  0xA_NVENETFD+46dc

    Followup: MachineOwner
    ---------

     

    再一次地蓝屏了,这是网卡问题?

    NVENETFD.sys是NVIDIA nForce Networking Controller Driver

    估计可能是 NVENETFD.sys引起的!

    2009年1月7日 3:31
  •  谢依村 写:
     笨笨ONE 写:

    问题出在sptd.sys和TF0003.sys2个文件上面

    sptd.sys是Daemon Tools的一个驱动文件,建议你删除这个软件再看看是否蓝屏。

    TF0003.sys没有资料,估计是驱动级别的恶意软件或也可能Daemon Tools的一个文件,你扫描下病毒,恶意软件看看。

    spyd.sys是windows symbols不能加载!不能说是他引起的!意思就是symbols无法分析这个文件!

    spyd.sys=sptd.sys?
    2009年1月7日 3:33
    版主
  •  Suteki1 写:

    这是WinDbg的信息麻烦看一下

     


    Microsoft (R) Windows Debugger Version 6.10.0003.233 X86
    Copyright (c) Microsoft Corporation. All rights reserved.


    Loading Dump File [C:\WINDOWS\Minidump\Mini010609-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available

    Symbol search path is: SRV*c:\temp*http://msdl.microsoft.com/download/symbols
    Executable search path is:
    Windows XP Kernel Version 2600 (Service Pack 3) MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 2600.xpsp_sp3_gdr.080814-1236
    Machine Name:
    Kernel base = 0x804d8000 PsLoadedModuleList = 0x8055e720
    Debug session time: Tue Jan  6 16:13:46.125 2009 (GMT+8)
    System Uptime: 0 days 3:01:00.817
    Loading Kernel Symbols
    ...............................................................
    ................................................................
    .............
    Loading User Symbols
    Loading unloaded module list
    ...................
    Unable to load image TF0003.sys, Win32 error 0n2
    *** ERROR: Module load completed but symbols could not be loaded for TF0003.sys
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    Use !analyze -v to get detailed debugging information.

    BugCheck 100000D1, {a93ecf68, 2, 0, ba5e48f8}

    Unable to load image sptd.sys, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for sptd.sys
    *** ERROR: Module load completed but symbols could not be loaded for sptd.sys
    Probably caused by : TF0003.sys ( TF0003+8f8 )

    Followup: MachineOwner
    ---------

    1: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high.  This is usually
    caused by drivers using improper addresses.
    If kernel debugger is available get stack backtrace.
    Arguments:
    Arg1: a93ecf68, memory referenced
    Arg2: 00000002, IRQL
    Arg3: 00000000, value 0 = read operation, 1 = write operation
    Arg4: ba5e48f8, address which referenced memory

    Debugging Details:
    ------------------


    READ_ADDRESS:  a93ecf68

    CURRENT_IRQL:  2

    FAULTING_IP:
    TF0003+8f8
    ba5e48f8 8b08            mov     ecx,dword ptr [eax]

    CUSTOMER_CRASH_COUNT:  1

    DEFAULT_BUCKET_ID:  DRIVER_FAULT

    BUGCHECK_STR:  0xD1

    PROCESS_NAME:  WebThunder.exe

    LAST_CONTROL_TRANSFER:  from b9c490d5 to ba5e48f8

    STACK_TEXT: 
    WARNING: Stack unwind information not available. Following frames may be wrong.
    ba4dbe38 b9c490d5 896249c8 8719a420 8a607028 TF0003+0x8f8
    ba4dbea0 b9c49d47 870fa428 00000000 8a6077d8 USBPORT!USBPORT_CompleteTransfer+0x373
    ba4dbed0 b9c4a944 026e6f44 8a6070e0 8a6070e0 USBPORT!USBPORT_DoneTransfer+0x137
    ba4dbf08 b9c4c13a 8a607028 80547acc 8a607230 USBPORT!USBPORT_FlushDoneTransferList+0x16c
    ba4dbf34 b9c5a24b 8a607028 80547acc 8a607028 USBPORT!USBPORT_DpcWorker+0x224
    ba4dbf70 b9c5a3c2 8a607028 00000001 8a6e152c USBPORT!USBPORT_IsrDpcWorker+0x38f
    ba4dbf8c b9eb8d54 8a60764c 6b755044 00000000 USBPORT!USBPORT_IsrDpc+0x166
    ba4dbfcc 80546e7f 8a60764c 8a607028 00000000 sptd+0x11d54
    ba4dbff4 805469eb aa42db54 00000000 00000000 nt!KiRetireDpcList+0x61
    ba4dbff8 aa42db54 00000000 00000000 00000000 nt!KiDispatchInterrupt+0x2b
    805469eb 00000000 00000009 0081850f bb830000 0xaa42db54


    STACK_COMMAND:  kb

    FOLLOWUP_IP:
    TF0003+8f8
    ba5e48f8 8b08            mov     ecx,dword ptr [eax]

    SYMBOL_STACK_INDEX:  0

    SYMBOL_NAME:  TF0003+8f8

    FOLLOWUP_NAME:  MachineOwner

    MODULE_NAME: TF0003

    IMAGE_NAME:  TF0003.sys

    DEBUG_FLR_IMAGE_TIMESTAMP:  464c0880

    FAILURE_BUCKET_ID:  0xD1_TF0003+8f8

    BUCKET_ID:  0xD1_TF0003+8f8

    Followup: MachineOwner
    ---------

    问题TF0003.sys是怎么回事?为什么下载BT就会蓝屏?

    TF0003.sys好像是一个什么usb的东西的驱动支持!

    2009年1月7日 3:34
  •  笨笨ONE 写:
     谢依村 写:
     笨笨ONE 写:

    问题出在sptd.sys和TF0003.sys2个文件上面

    sptd.sys是Daemon Tools的一个驱动文件,建议你删除这个软件再看看是否蓝屏。

    TF0003.sys没有资料,估计是驱动级别的恶意软件或也可能Daemon Tools的一个文件,你扫描下病毒,恶意软件看看。

    spyd.sys是windows symbols不能加载!不能说是他引起的!意思就是symbols无法分析这个文件!

    spyd.sys=sptd.sys?

    纠正下写错了是sptd.sys!

     

    不要看这里Unable to load image sptd.sys, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for sptd.sys
    *** ERROR: Module load completed but symbols could not be loaded for sptd.sys
    这里只能说明是symbols无法解析这个文件,

    2009年1月7日 3:37
  • 2次蓝屏都在不用的位置,应该是你机器中某些软件冲突。

    web迅雷也不是很稳定。

    建议你下载BT使用BitComet来下载。或者你使用迅雷(非WEB版)

    然后运行MSCONFIG》启动》全部禁用》重启之后再下载BT,看看是否还蓝屏。

     

    2009年1月7日 3:38
    版主
  • 把讯雷卸载了试试,看看是否还蓝屏。
    建议使用官方的BT客户端。不要用Web讯雷。
    2009年1月7日 8:04
  • TF0003.sys引起的蓝屏故障以完美解决,造成这个问题的罪魁祸首是北通手柄驱动。楼主用的是老版本的驱动,就肯定会出现这个问题,尤其是机器闲置或者下载文件的时候。解决办法是完全卸载手柄驱动,保证系统内不再包含TF0003名称的文件,去北通官方下载最新的C036手柄控制器驱动。
    2009年9月11日 10:57
  • 以上那么多的分析都是徒劳的,其实就是驱动引起的。
    2009年9月11日 10:58