none
求助 windows蓝屏重起 错误代码0x100000d1 (0x00000008, 0x00000002, 0x00000000, 0xf702ec10) RRS feed

  • 问题

  •  

    rt windows蓝屏重起 错误代码0x100000d1 (0x00000008, 0x00000002, 0x00000000, 0xf702ec10) 请各位大虾帮忙解决
    2008年12月17日 14:43

答案

全部回复

  • 驱动不兼容或杀毒软件冲突

    你把蓝屏代码后面的一句话贴出来啊,还有描述你之前操作。
    2008年12月17日 19:39
    版主
  • 谢谢斑竹.由于蓝屏太快,后面的话我没看清楚,我在事件查看器里面找到的代码,在蓝屏之前我开启的程序只有qq和用迅雷bt下载,我的杀毒软件是卡巴7,还有360卫士和天网防火墙.

     

    事件类型: 信息
    事件来源: Save Dump
    事件种类: 无
    事件 ID: 1001
    日期:  2008-12-17
    事件:  21:26:48
    用户:  N/A
    计算机: 
    描述:
    计算机已经从检测错误后重新启动。检测错误: 0x100000d1 (0x00000008, 0x00000002, 0x00000000, 0xf702ec10)。 已将转储的数据保存在: C:\WINDOWS\Minidump\Mini121708-02.dmp。

    有关更多信息,请参阅在 http://go.microsoft.com/fwlink/events.asp 的帮助和支持中心。

    2008年12月18日 4:43
  • ------------------------------------------------------------

    首先下载windebug

     

    http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx

    说下debug方法
    1.
    我的电脑,属性->高级->启动,最下面的内存调试选最后一项的全部,确定后重新启动
    2.
    蓝屏后不要急着重启,系统会保存整个内存内容,然后会自动重启
    3. 找到C:\WINDOWS\Minidump\Mini121708-02.dmp
    4.
    下载安装windwos debug tools, 我这有下载地址,或微软网站
    http://public.hshh.org/SysTools/debug/dbg_x86_6.6.07.5.exe
    5.
    安装后创建一个临时目录,例如 c:\temp
    6.
    启动 windbg
    7. windbg
    界面: file->symbol file path (ctrl+s) 输入:
    SRV*c:\temp*http://msdl.microsoft.com/download/symbols
    然后确定
    8. windbg
    界面: file->open crash dump(ctrl+d),打开C:\WINDOWS\Minidump\Mini121708-02.dmp
    9. 打开后,等待提示
    当出现 Use !analyze -v to get detailed debugging information. 字样后,在下面输入框
    !analyze -v
    10.
    等待分析完毕,可以知道什么导致的出错
    11. windbg
    使用中需要网上下载调试内容,这个速度嘛,取决于你的网络了。

    -----------------------------------------------------------------------

    你把敲!analyze -v的信息发上来!

     

     

    2008年12月18日 5:07
  • 太谢谢了,东西我帖上来了

     

    Use !analyze -v to get detailed debugging information.

    BugCheck 100000D1, {8, 2, 0, f702ec10}

    Unable to load image e100b325.sys, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for e100b325.sys
    *** ERROR: Module load completed but symbols could not be loaded for e100b325.sys
    Probably caused by : klim5.sys ( klim5+2a94 )

    Followup: MachineOwner
    ---------

    0: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high.  This is usually
    caused by drivers using improper addresses.
    If kernel debugger is available get stack backtrace.
    Arguments:
    Arg1: 00000008, memory referenced
    Arg2: 00000002, IRQL
    Arg3: 00000000, value 0 = read operation, 1 = write operation
    Arg4: f702ec10, address which referenced memory

    Debugging Details:
    ------------------


    READ_ADDRESS:  00000008

    CURRENT_IRQL:  2

    FAULTING_IP:
    NDIS!ndisMSendCompleteX+71
    f702ec10 8b7808          mov     edi,dword ptr [eax+8]

    CUSTOMER_CRASH_COUNT:  2

    DEFAULT_BUCKET_ID:  DRIVER_FAULT

    BUGCHECK_STR:  0xD1

    PROCESS_NAME:  Idle

    LAST_CONTROL_TRANSFER:  from f7889a94 to f702ec10

    STACK_TEXT: 
    80552348 f7889a94 898e6ad0 88c7f4e0 00000000 NDIS!ndisMSendCompleteX+0x71
    WARNING: Stack unwind information not available. Following frames may be wrong.
    80552364 f702ec2c 89776b08 88f92f30 00000000 klim5+0x2a94
    80552388 f57a26ba 89a0b9d8 88f92f30 00000000 NDIS!ndisMSendCompleteX+0x8d
    805523c4 f57a2fdd 01ffc000 01fffb60 00000020 e100b325+0x186ba
    805523ec f5794a36 00000000 89a0b9d8 897a53f0 e100b325+0x18fdd
    80552410 f7031e99 007a5008 8055d0c0 ffdff9c0 e100b325+0xaa36
    80552428 80546e7f 897a5404 897a53f0 00000000 NDIS!ndisMDpcX+0x21
    80552450 80546d64 00000000 0000000e 00000000 nt!KiRetireDpcList+0x61
    80552454 00000000 0000000e 00000000 00000000 nt!KiIdleLoop+0x28


    STACK_COMMAND:  kb

    FOLLOWUP_IP:
    klim5+2a94
    f7889a94 ??              ???

    SYMBOL_STACK_INDEX:  1

    SYMBOL_NAME:  klim5+2a94

    FOLLOWUP_NAME:  MachineOwner

    MODULE_NAME: klim5

    IMAGE_NAME:  klim5.sys

    DEBUG_FLR_IMAGE_TIMESTAMP:  461384b8

    FAILURE_BUCKET_ID:  0xD1_klim5+2a94

    BUCKET_ID:  0xD1_klim5+2a94

    Followup: MachineOwner
    ---------

    2008年12月18日 7:58
  • klim5.sys,卡巴斯基引起的。请参考下列方法,禁用 Kaspersky Anti-Virus NDIS Filter:

     

     http://forum.livetome.cn/thread-6535-1-2.html

    2008年12月18日 12:21
    版主
  •  

    谢谢
    2008年12月19日 9:36
  • 我有同樣問題,windbg check:

    DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high.  This is usually
    caused by drivers using improper addresses.
    If kernel debugger is available get stack backtrace.
    Arguments:
    Arg1: 00000010, memory referenced
    Arg2: 00000007, IRQL
    Arg3: 00000000, value 0 = read operation, 1 = write operation
    Arg4: f7469d26, address which referenced memory

    Debugging Details:
    ------------------


    READ_ADDRESS:  00000010

    CURRENT_IRQL:  7

    FAULTING_IP:
    atapi!IdeGetSrbData+12
    f7469d26 8b4010          mov     eax,dword ptr [eax+10h]

    CUSTOMER_CRASH_COUNT:  1

    DEFAULT_BUCKET_ID:  DRIVER_FAULT

    BUGCHECK_STR:  0xD1

    PROCESS_NAME:  war3.exe

    LAST_CONTROL_TRANSFER:  from f746d889 to f7469d26

    STACK_TEXT:  
    f79fae04 f746d889 00000000 8676df58 f79fae48 atapi!IdeGetSrbData+0x12
    f79fae14 f74667b2 8676df58 00000004 8676e918 atapi!IdeLogBmStatus+0xf
    f79fae48 f7469696 5073e370 8676eb7c f79faefc atapi!AtapiInterrupt+0x102
    f79fae5c 805466a5 8676e918 8673e030 00010007 atapi!IdePortInterrupt+0x18
    f79fae5c f673979b 8676e918 8673e030 00010007 nt!KiInterruptDispatch+0x45
    WARNING: Stack unwind information not available. Following frames may be wrong.
    f79faef0 85cac82c 00000040 85cac730 f674bb93 cmaudio+0x1779b
    f79faefc f674bb93 85bea810 85bd5010 85bea80c 0x85cac82c
    f79fafcc 80546e7f 861f8fbc 861f8e88 861f8e88 cmaudio+0x29b93
    f79faff4 805469eb b96cdd44 00000000 00000000 nt!KiRetireDpcList+0x61
    f79faff8 b96cdd44 00000000 00000000 00000000 nt!KiDispatchInterrupt+0x2b
    805469eb 00000000 00000009 0081850f bb830000 0xb96cdd44


    STACK_COMMAND:  kb

    FOLLOWUP_IP:
    atapi!IdeGetSrbData+12
    f7469d26 8b4010          mov     eax,dword ptr [eax+10h]

    SYMBOL_STACK_INDEX:  0

    SYMBOL_NAME:  atapi!IdeGetSrbData+12

    FOLLOWUP_NAME:  MachineOwner

    MODULE_NAME: atapi

    IMAGE_NAME:  atapi.sys

    DEBUG_FLR_IMAGE_TIMESTAMP:  4802539d

    FAILURE_BUCKET_ID:  0xD1_atapi!IdeGetSrbData+12

    BUCKET_ID:  0xD1_atapi!IdeGetSrbData+12

    Followup: MachineOwner
    ---------

    0: kd> !analyze -v

     

    2009年1月11日 12:59
  • 麻烦大哥帮看看我的啊   谢谢

    Microsoft (R) Windows Debugger  Version 6.6.0007.5
    Copyright (c) Microsoft Corporation. All rights reserved.


    Loading Dump File [C:\WINDOWS\Minidump\Mini042609-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available

    Symbol search path is: SRV*c:\temp*http://msdl.microsoft.com/download/symbols
    Executable search path is:
    Windows XP Kernel Version 2600 (Service Pack 2) MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 2600.xpsp_sp2_qfe.090206-1239
    Kernel base = 0x804d8000 PsLoadedModuleList = 0x8055d720
    Debug session time: Sun Apr 26 13:33:59.062 2009 (GMT+8)
    System Uptime: 0 days 3:46:36.880
    Loading Kernel Symbols
    ........................................................................................................................................
    Loading User Symbols
    Loading unloaded module list
    ..........................
    Unable to load image TF0003.sys, Win32 error 2
    *** ERROR: Module load completed but symbols could not be loaded for TF0003.sys
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    Use !analyze -v to get detailed debugging information.

    BugCheck 100000D1, {f7bf3c70, 0, 8053b434, 0}

    Unable to load image sptd.sys, Win32 error 2
    *** WARNING: Unable to verify timestamp for sptd.sys
    *** ERROR: Module load completed but symbols could not be loaded for sptd.sys
    Probably caused by : TF0003.sys ( TF0003+8f8 )

    Followup: MachineOwner
    ---------

    0: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high.  This is usually
    caused by drivers using improper addresses.
    If kernel debugger is available get stack backtrace.
    Arguments:
    Arg1: f7bf3c70, memory referenced
    Arg2: 00000000, IRQL
    Arg3: 8053b434, value 0 = read operation, 1 = write operation
    Arg4: 00000000, address which referenced memory

    Debugging Details:
    ------------------


    WRITE_ADDRESS:  f7bf3c70

    CURRENT_IRQL:  0

    FAULTING_IP:
    +0
    00000000 ??              ???

    CUSTOMER_CRASH_COUNT:  1

    DEFAULT_BUCKET_ID:  DRIVER_FAULT

    BUGCHECK_STR:  0xD1

    PROCESS_NAME:  avp.exe

    LAST_CONTROL_TRANSFER:  from f5a9bee5 to f7b038f8

    STACK_TEXT: 
    WARNING: Stack unwind information not available. Following frames may be wrong.
    f79eae38 f5a9bee5 8675ecb8 829b92f0 86bd0028 TF0003+0x8f8
    f79eaea0 f5a9cb57 82e420d0 00000000 86bd07d8 USBPORT!USBPORT_CompleteTransfer+0x373
    f79eaed0 f5a9d754 026e6f44 86bd00e0 86bd00e0 USBPORT!USBPORT_DoneTransfer+0x137
    f79eaf08 f5a9ef6a 86bd0028 8054789c 86bd0230 USBPORT!USBPORT_FlushDoneTransferList+0x16c
    f79eaf34 f5aacfb0 86bd0028 8054789c 86bd0028 USBPORT!USBPORT_DpcWorker+0x224
    f79eaf70 f5aad128 86bd0028 00000001 865ba834 USBPORT!USBPORT_IsrDpcWorker+0x37e
    f79eaf8c f73cfd54 86bd064c 6b755044 00000000 USBPORT!USBPORT_IsrDpc+0x166
    f79eafcc 80546c4f 86bd064c 86bd0028 00000000 sptd+0x11d54
    f79eaff4 805467bb bac5ed44 00000000 00000000 nt!KiRetireDpcList+0x61
    f79eaff8 bac5ed44 00000000 00000000 00000000 nt!KiDispatchInterrupt+0x2b
    805467bb 00000000 00000009 0081850f bb830000 0xbac5ed44


    STACK_COMMAND:  kb

    FOLLOWUP_IP:
    TF0003+8f8
    f7b038f8 8b08            mov     ecx,dword ptr [eax]

    SYMBOL_STACK_INDEX:  0

    FOLLOWUP_NAME:  MachineOwner

    MODULE_NAME: TF0003

    IMAGE_NAME:  TF0003.sys

    DEBUG_FLR_IMAGE_TIMESTAMP:  464c0880

    SYMBOL_NAME:  TF0003+8f8

    FAILURE_BUCKET_ID:  0xD1_W_TF0003+8f8

    BUCKET_ID:  0xD1_W_TF0003+8f8

    Followup: MachineOwner
    ---------

    2009年4月26日 8:14
  • 北通手柄驱动问题!


    Microsoft Certified Systems Engineer 如果您觉得对您有帮助,请在“是否有帮助”点“是”;如果你觉得回复很满意,请“标记为已解答”
    2009年4月27日 5:35
  • 请使用正版魔兽争霸光盘运行游戏!
    Microsoft Certified Systems Engineer 如果您觉得对您有帮助,请在“是否有帮助”点“是”;如果你觉得回复很满意,请“标记为已解答”
    2009年4月27日 5:37
  • 麻烦帮忙看下我的问题我把bug解析数据贴下面看着应该是live声卡驱动出的问题,就是不知道怎么解决!
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************

    DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high.  This is usually
    caused by drivers using improper addresses.
    If kernel debugger is available get stack backtrace.
    Arguments:
    Arg1: 00000004, memory referenced
    Arg2: 00000002, IRQL
    Arg3: 00000000, value 0 = read operation, 1 = write operation
    Arg4: 897313ed, address which referenced memory

    Debugging Details:
    ------------------


    READ_ADDRESS:  00000004

    CURRENT_IRQL:  2

    FAULTING_IP:
    +ffffffff897313ed
    897313ed 3b7204          cmp     esi,dword ptr [edx+4]

    CUSTOMER_CRASH_COUNT:  1

    DEFAULT_BUCKET_ID:  DRIVER_FAULT

    BUGCHECK_STR:  0xD1

    PROCESS_NAME:  Idle

    LAST_CONTROL_TRANSFER:  from b97e76fb to 897313ed

    STACK_TEXT: 
    WARNING: Frame IP not in any known module. Following frames may be wrong.
    805523a4 b97e76fb 89704a0c 00000010 00000000 0x897313ed
    805523e4 b97eb9ee 00000010 8a2982b8 00000000 emu10k1m!CEFXParamSetNotifySink::Unadvise+0xe5
    80552418 b97d8b9a 00000000 00000000 00000000 emu10k1m!crTimerGetCurrentTime+0x21c
    80552428 80546e7f 89c4260c 00000000 89c425fc emu10k1m!osDPCforISR+0xe
    80552440 8055ce60 ffdffc50 00000000 8055ce60 nt!KiRetireDpcList+0x61
    80552450 80546d64 00000000 0000000e 00000000 nt!KiIdleThread0
    80552454 00000000 0000000e 00000000 00000000 nt!KiIdleLoop+0x28


    STACK_COMMAND:  kb

    FOLLOWUP_IP:
    emu10k1m!CEFXParamSetNotifySink::Unadvise+e5
    b97e76fb 8d45e0          lea     eax,[ebp-20h]

    SYMBOL_STACK_INDEX:  1

    SYMBOL_NAME:  emu10k1m!CEFXParamSetNotifySink::Unadvise+e5

    FOLLOWUP_NAME:  MachineOwner

    MODULE_NAME: emu10k1m

    IMAGE_NAME:  emu10k1m.sys

    DEBUG_FLR_IMAGE_TIMESTAMP:  3b6b5fb2

    FAILURE_BUCKET_ID:  0xD1_emu10k1m!CEFXParamSetNotifySink::Unadvise+e5

    BUCKET_ID:  0xD1_emu10k1m!CEFXParamSetNotifySink::Unadvise+e5

    Followup: MachineOwner
    ---------

     

    2009年5月8日 17:29