求助 windows蓝屏重起 错误代码0x100000d1 (0x00000008, 0x00000002, 0x00000000, 0xf702ec10)

全部回复

• 

  

  0

  登录进行投票

  驱动不兼容或杀毒软件冲突

  你把蓝屏代码后面的一句话贴出来啊，还有描述你之前操作。

  2008年12月17日 19:39

  回复

  |

  引用

  版主
• 

  

  0

  登录进行投票

  谢谢斑竹.由于蓝屏太快,后面的话我没看清楚,我在事件查看器里面找到的代码,在蓝屏之前我开启的程序只有qq和用迅雷bt下载,我的杀毒软件是卡巴7,还有360卫士和天网防火墙.

   

  事件类型: 信息
  事件来源: Save Dump
  事件种类: 无
  事件 ID: 1001
  日期:  2008-12-17
  事件:  21:26:48
  用户:  N/A
  计算机: 
  描述:
  计算机已经从检测错误后重新启动。检测错误: 0x100000d1 (0x00000008, 0x00000002, 0x00000000, 0xf702ec10)。 已将转储的数据保存在: C:\WINDOWS\Minidump\Mini121708-02.dmp。

  有关更多信息，请参阅在 http://go.microsoft.com/fwlink/events.asp 的帮助和支持中心。
  

  2008年12月18日 4:43

  回复

  |

  引用
• 

  

  0

  登录进行投票

  ------------------------------------------------------------

  首先下载windebug

   

  http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx

  说下debug方法
  1. 我的电脑，属性->高级->启动，最下面的内存调试选最后一项的全部，确定后重新启动
  2. 蓝屏后不要急着重启，系统会保存整个内存内容，然后会自动重启
  3. 找到C:\WINDOWS\Minidump\Mini121708-02.dmp
  4. 下载安装windwos 的 debug tools, 我这有下载地址，或微软网站
  http://public.hshh.org/SysTools/debug/dbg_x86_6.6.07.5.exe
  5. 安装后创建一个临时目录，例如 c:\temp
  6. 启动 windbg
  7. windbg界面: file->symbol file path (ctrl+s) 输入:
  SRV*c:\temp*http://msdl.microsoft.com/download/symbols
  然后确定
  8. windbg界面: file->open crash dump(ctrl+d)，打开C:\WINDOWS\Minidump\Mini121708-02.dmp
  9. 打开后，等待提示
  当出现 Use !analyze -v to get detailed debugging information. 字样后，在下面输入框
  !analyze -v
  10. 等待分析完毕，可以知道什么导致的出错
  11. windbg使用中需要网上下载调试内容，这个速度嘛，取决于你的网络了。

  -----------------------------------------------------------------------

  你把敲!analyze -v的信息发上来！

   

   

  2008年12月18日 5:07

  回复

  |

  引用
• 

  

  0

  登录进行投票

  太谢谢了,东西我帖上来了

   

  Use !analyze -v to get detailed debugging information.

  BugCheck 100000D1, {8, 2, 0, f702ec10}

  Unable to load image e100b325.sys, Win32 error 0n2
  *** WARNING: Unable to verify timestamp for e100b325.sys
  *** ERROR: Module load completed but symbols could not be loaded for e100b325.sys
  Probably caused by : klim5.sys ( klim5+2a94 )

  Followup: MachineOwner
  ---------

  0: kd> !analyze -v
  *******************************************************************************
  *                                                                             *
  *                        Bugcheck Analysis                                    *
  *                                                                             *
  *******************************************************************************

  DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
  An attempt was made to access a pageable (or completely invalid) address at an
  interrupt request level (IRQL) that is too high.  This is usually
  caused by drivers using improper addresses.
  If kernel debugger is available get stack backtrace.
  Arguments:
  Arg1: 00000008, memory referenced
  Arg2: 00000002, IRQL
  Arg3: 00000000, value 0 = read operation, 1 = write operation
  Arg4: f702ec10, address which referenced memory

  Debugging Details:
  ------------------

  
  READ_ADDRESS:  00000008

  CURRENT_IRQL:  2

  FAULTING_IP:
  NDIS!ndisMSendCompleteX+71
  f702ec10 8b7808          mov     edi,dword ptr [eax+8]

  CUSTOMER_CRASH_COUNT:  2

  DEFAULT_BUCKET_ID:  DRIVER_FAULT

  BUGCHECK_STR:  0xD1

  PROCESS_NAME:  Idle

  LAST_CONTROL_TRANSFER:  from f7889a94 to f702ec10

  STACK_TEXT: 
  80552348 f7889a94 898e6ad0 88c7f4e0 00000000 NDIS!ndisMSendCompleteX+0x71
  WARNING: Stack unwind information not available. Following frames may be wrong.
  80552364 f702ec2c 89776b08 88f92f30 00000000 klim5+0x2a94
  80552388 f57a26ba 89a0b9d8 88f92f30 00000000 NDIS!ndisMSendCompleteX+0x8d
  805523c4 f57a2fdd 01ffc000 01fffb60 00000020 e100b325+0x186ba
  805523ec f5794a36 00000000 89a0b9d8 897a53f0 e100b325+0x18fdd
  80552410 f7031e99 007a5008 8055d0c0 ffdff9c0 e100b325+0xaa36
  80552428 80546e7f 897a5404 897a53f0 00000000 NDIS!ndisMDpcX+0x21
  80552450 80546d64 00000000 0000000e 00000000 nt!KiRetireDpcList+0x61
  80552454 00000000 0000000e 00000000 00000000 nt!KiIdleLoop+0x28

  
  STACK_COMMAND:  kb

  FOLLOWUP_IP:
  klim5+2a94
  f7889a94 ??              ???

  SYMBOL_STACK_INDEX:  1

  SYMBOL_NAME:  klim5+2a94

  FOLLOWUP_NAME:  MachineOwner

  MODULE_NAME: klim5

  IMAGE_NAME:  klim5.sys

  DEBUG_FLR_IMAGE_TIMESTAMP:  461384b8

  FAILURE_BUCKET_ID:  0xD1_klim5+2a94

  BUCKET_ID:  0xD1_klim5+2a94

  Followup: MachineOwner
  ---------
  

  2008年12月18日 7:58

  回复

  |

  引用
• 

  

  0

  登录进行投票

  klim5.sys，卡巴斯基引起的。请参考下列方法，禁用 Kaspersky Anti-Virus NDIS Filter：

   

   http://forum.livetome.cn/thread-6535-1-2.html

  2008年12月18日 12:21

  回复

  |

  引用

  版主
• 

  

  0

  登录进行投票

   

  谢谢

  2008年12月19日 9:36

  回复

  |

  引用
• 

  

  0

  登录进行投票

  我有同樣問題,windbg check:
  

  DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
  An attempt was made to access a pageable (or completely invalid) address at an
  interrupt request level (IRQL) that is too high.  This is usually
  caused by drivers using improper addresses.
  If kernel debugger is available get stack backtrace.
  Arguments:
  Arg1: 00000010, memory referenced
  Arg2: 00000007, IRQL
  Arg3: 00000000, value 0 = read operation, 1 = write operation
  Arg4: f7469d26, address which referenced memory
  
  Debugging Details:
  ------------------
  
  
  READ_ADDRESS:  00000010
  
  CURRENT_IRQL:  7
  
  FAULTING_IP:
  atapi!IdeGetSrbData+12
  f7469d26 8b4010          mov     eax,dword ptr [eax+10h]
  
  CUSTOMER_CRASH_COUNT:  1
  
  DEFAULT_BUCKET_ID:  DRIVER_FAULT
  
  BUGCHECK_STR:  0xD1
  
  PROCESS_NAME:  war3.exe
  
  LAST_CONTROL_TRANSFER:  from f746d889 to f7469d26
  
  STACK_TEXT:  
  f79fae04 f746d889 00000000 8676df58 f79fae48 atapi!IdeGetSrbData+0x12
  f79fae14 f74667b2 8676df58 00000004 8676e918 atapi!IdeLogBmStatus+0xf
  f79fae48 f7469696 5073e370 8676eb7c f79faefc atapi!AtapiInterrupt+0x102
  f79fae5c 805466a5 8676e918 8673e030 00010007 atapi!IdePortInterrupt+0x18
  f79fae5c f673979b 8676e918 8673e030 00010007 nt!KiInterruptDispatch+0x45
  WARNING: Stack unwind information not available. Following frames may be wrong.
  f79faef0 85cac82c 00000040 85cac730 f674bb93 cmaudio+0x1779b
  f79faefc f674bb93 85bea810 85bd5010 85bea80c 0x85cac82c
  f79fafcc 80546e7f 861f8fbc 861f8e88 861f8e88 cmaudio+0x29b93
  f79faff4 805469eb b96cdd44 00000000 00000000 nt!KiRetireDpcList+0x61
  f79faff8 b96cdd44 00000000 00000000 00000000 nt!KiDispatchInterrupt+0x2b
  805469eb 00000000 00000009 0081850f bb830000 0xb96cdd44
  
  
  STACK_COMMAND:  kb
  
  FOLLOWUP_IP:
  atapi!IdeGetSrbData+12
  f7469d26 8b4010          mov     eax,dword ptr [eax+10h]
  
  SYMBOL_STACK_INDEX:  0
  
  SYMBOL_NAME:  atapi!IdeGetSrbData+12
  
  FOLLOWUP_NAME:  MachineOwner
  
  MODULE_NAME: atapi
  
  IMAGE_NAME:  atapi.sys
  
  DEBUG_FLR_IMAGE_TIMESTAMP:  4802539d
  
  FAILURE_BUCKET_ID:  0xD1_atapi!IdeGetSrbData+12
  
  BUCKET_ID:  0xD1_atapi!IdeGetSrbData+12
  
  Followup: MachineOwner
  ---------
  
  0: kd> !analyze -v
  

   

  2009年1月11日 12:59

  回复

  |

  引用
• 

  

  0

  登录进行投票

  麻烦大哥帮看看我的啊   谢谢
  
  Microsoft (R) Windows Debugger  Version 6.6.0007.5
  Copyright (c) Microsoft Corporation. All rights reserved.
  
  
  Loading Dump File [C:\WINDOWS\Minidump\Mini042609-01.dmp]
  Mini Kernel Dump File: Only registers and stack trace are available
  
  Symbol search path is: SRV*c:\temp*http://msdl.microsoft.com/download/symbols
  Executable search path is:
  Windows XP Kernel Version 2600 (Service Pack 2) MP (2 procs) Free x86 compatible
  Product: WinNt, suite: TerminalServer SingleUserTS
  Built by: 2600.xpsp_sp2_qfe.090206-1239
  Kernel base = 0x804d8000 PsLoadedModuleList = 0x8055d720
  Debug session time: Sun Apr 26 13:33:59.062 2009 (GMT+8)
  System Uptime: 0 days 3:46:36.880
  Loading Kernel Symbols
  ........................................................................................................................................
  Loading User Symbols
  Loading unloaded module list
  ..........................
  Unable to load image TF0003.sys, Win32 error 2
  *** ERROR: Module load completed but symbols could not be loaded for TF0003.sys
  *******************************************************************************
  *                                                                             *
  *                        Bugcheck Analysis                                    *
  *                                                                             *
  *******************************************************************************
  
  Use !analyze -v to get detailed debugging information.
  
  BugCheck 100000D1, {f7bf3c70, 0, 8053b434, 0}
  
  Unable to load image sptd.sys, Win32 error 2
  *** WARNING: Unable to verify timestamp for sptd.sys
  *** ERROR: Module load completed but symbols could not be loaded for sptd.sys
  Probably caused by : TF0003.sys ( TF0003+8f8 )
  
  Followup: MachineOwner
  ---------
  
  0: kd> !analyze -v
  *******************************************************************************
  *                                                                             *
  *                        Bugcheck Analysis                                    *
  *                                                                             *
  *******************************************************************************
  
  DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
  An attempt was made to access a pageable (or completely invalid) address at an
  interrupt request level (IRQL) that is too high.  This is usually
  caused by drivers using improper addresses.
  If kernel debugger is available get stack backtrace.
  Arguments:
  Arg1: f7bf3c70, memory referenced
  Arg2: 00000000, IRQL
  Arg3: 8053b434, value 0 = read operation, 1 = write operation
  Arg4: 00000000, address which referenced memory
  
  Debugging Details:
  ------------------
  
  
  WRITE_ADDRESS:  f7bf3c70
  
  CURRENT_IRQL:  0
  
  FAULTING_IP:
  +0
  00000000 ??              ???
  
  CUSTOMER_CRASH_COUNT:  1
  
  DEFAULT_BUCKET_ID:  DRIVER_FAULT
  
  BUGCHECK_STR:  0xD1
  
  PROCESS_NAME:  avp.exe
  
  LAST_CONTROL_TRANSFER:  from f5a9bee5 to f7b038f8
  
  STACK_TEXT: 
  WARNING: Stack unwind information not available. Following frames may be wrong.
  f79eae38 f5a9bee5 8675ecb8 829b92f0 86bd0028 TF0003+0x8f8
  f79eaea0 f5a9cb57 82e420d0 00000000 86bd07d8 USBPORT!USBPORT_CompleteTransfer+0x373
  f79eaed0 f5a9d754 026e6f44 86bd00e0 86bd00e0 USBPORT!USBPORT_DoneTransfer+0x137
  f79eaf08 f5a9ef6a 86bd0028 8054789c 86bd0230 USBPORT!USBPORT_FlushDoneTransferList+0x16c
  f79eaf34 f5aacfb0 86bd0028 8054789c 86bd0028 USBPORT!USBPORT_DpcWorker+0x224
  f79eaf70 f5aad128 86bd0028 00000001 865ba834 USBPORT!USBPORT_IsrDpcWorker+0x37e
  f79eaf8c f73cfd54 86bd064c 6b755044 00000000 USBPORT!USBPORT_IsrDpc+0x166
  f79eafcc 80546c4f 86bd064c 86bd0028 00000000 sptd+0x11d54
  f79eaff4 805467bb bac5ed44 00000000 00000000 nt!KiRetireDpcList+0x61
  f79eaff8 bac5ed44 00000000 00000000 00000000 nt!KiDispatchInterrupt+0x2b
  805467bb 00000000 00000009 0081850f bb830000 0xbac5ed44
  
  
  STACK_COMMAND:  kb
  
  FOLLOWUP_IP:
  TF0003+8f8
  f7b038f8 8b08            mov     ecx,dword ptr [eax]
  
  SYMBOL_STACK_INDEX:  0
  
  FOLLOWUP_NAME:  MachineOwner
  
  MODULE_NAME: TF0003
  
  IMAGE_NAME:  TF0003.sys
  
  DEBUG_FLR_IMAGE_TIMESTAMP:  464c0880
  
  SYMBOL_NAME:  TF0003+8f8
  
  FAILURE_BUCKET_ID:  0xD1_W_TF0003+8f8
  
  BUCKET_ID:  0xD1_W_TF0003+8f8
  
  Followup: MachineOwner
  ---------
  
  

  2009年4月26日 8:14

  回复

  |

  引用
• 

  

  0

  登录进行投票

  北通手柄驱动问题！

  ---

  Microsoft Certified Systems Engineer 如果您觉得对您有帮助，请在“是否有帮助”点“是”；如果你觉得回复很满意，请“标记为已解答”

  2009年4月27日 5:35

  回复

  |

  引用
• 

  

  0

  登录进行投票

  请使用正版魔兽争霸光盘运行游戏！

  ---

  Microsoft Certified Systems Engineer 如果您觉得对您有帮助，请在“是否有帮助”点“是”；如果你觉得回复很满意，请“标记为已解答”

  2009年4月27日 5:37

  回复

  |

  引用
• 

  

  0

  登录进行投票

  麻烦帮忙看下我的问题我把bug解析数据贴下面看着应该是live声卡驱动出的问题,就是不知道怎么解决!
  *******************************************************************************
  *                                                                             *
  *                        Bugcheck Analysis                                    *
  *                                                                             *
  *******************************************************************************

  DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
  An attempt was made to access a pageable (or completely invalid) address at an
  interrupt request level (IRQL) that is too high.  This is usually
  caused by drivers using improper addresses.
  If kernel debugger is available get stack backtrace.
  Arguments:
  Arg1: 00000004, memory referenced
  Arg2: 00000002, IRQL
  Arg3: 00000000, value 0 = read operation, 1 = write operation
  Arg4: 897313ed, address which referenced memory

  Debugging Details:
  ------------------

  
  READ_ADDRESS:  00000004

  CURRENT_IRQL:  2

  FAULTING_IP:
  +ffffffff897313ed
  897313ed 3b7204          cmp     esi,dword ptr [edx+4]

  CUSTOMER_CRASH_COUNT:  1

  DEFAULT_BUCKET_ID:  DRIVER_FAULT

  BUGCHECK_STR:  0xD1

  PROCESS_NAME:  Idle

  LAST_CONTROL_TRANSFER:  from b97e76fb to 897313ed

  STACK_TEXT: 
  WARNING: Frame IP not in any known module. Following frames may be wrong.
  805523a4 b97e76fb 89704a0c 00000010 00000000 0x897313ed
  805523e4 b97eb9ee 00000010 8a2982b8 00000000 emu10k1m!CEFXParamSetNotifySink::Unadvise+0xe5
  80552418 b97d8b9a 00000000 00000000 00000000 emu10k1m!crTimerGetCurrentTime+0x21c
  80552428 80546e7f 89c4260c 00000000 89c425fc emu10k1m!osDPCforISR+0xe
  80552440 8055ce60 ffdffc50 00000000 8055ce60 nt!KiRetireDpcList+0x61
  80552450 80546d64 00000000 0000000e 00000000 nt!KiIdleThread0
  80552454 00000000 0000000e 00000000 00000000 nt!KiIdleLoop+0x28

  
  STACK_COMMAND:  kb

  FOLLOWUP_IP:
  emu10k1m!CEFXParamSetNotifySink::Unadvise+e5
  b97e76fb 8d45e0          lea     eax,[ebp-20h]

  SYMBOL_STACK_INDEX:  1

  SYMBOL_NAME:  emu10k1m!CEFXParamSetNotifySink::Unadvise+e5

  FOLLOWUP_NAME:  MachineOwner

  MODULE_NAME: emu10k1m

  IMAGE_NAME:  emu10k1m.sys

  DEBUG_FLR_IMAGE_TIMESTAMP:  3b6b5fb2

  FAILURE_BUCKET_ID:  0xD1_emu10k1m!CEFXParamSetNotifySink::Unadvise+e5

  BUCKET_ID:  0xD1_emu10k1m!CEFXParamSetNotifySink::Unadvise+e5

  Followup: MachineOwner
  ---------

   

  2009年5月8日 17:29

  回复

  |

  引用