我正在尝试使用远程访问修复一台存在 BOSD 问题的 WIn7 64B 电脑。因此我无法使用驱动程序验证程序。
到目前为止,我在小型转储上使用 windbg 得到了以下结果:
2: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000000000000000, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000001, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff800028e1c3f, address which referenced memory
Debugging Details:
------------------
*** WARNING: Unable to verify timestamp for fwwfp764.sys
*** ERROR: Module load completed but symbols could not be loaded for fwwfp764.sys
WRITE_ADDRESS: 0000000000000000 Nonpaged pool
CURRENT_IRQL: 2
FAULTING_IP:
nt!KeAcquireInStackQueuedSpinLockAtDpcLevel+4f
fffff800`028e1c3f 488713 xchg rdx,qword ptr [rbx]
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT
BUGCHECK_STR: 0xA
PROCESS_NAME: System
ANALYSIS_VERSION: 6.3.9600.17237 (debuggers(dbg).140716-0327) amd64fre
TRAP_FRAME: fffff880027674f0 -- (.trap 0xfffff880027674f0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffffa8004c73510 rbx=0000000000000000 rcx=0000000000000000
rdx=fffff880027676f0 rsi=0000000000000000 rdi=0000000000000000
rip=fffff800028e1c3f rsp=fffff88002767680 rbp=0000000000000004
r8=fffff880027676f0 r9=fffff8800178acb0 r10=0000000000000000
r11=0000000000000040 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na po nc
nt!KeAcquireInStackQueuedSpinLockAtDpcLevel+0x4f:
fffff800`028e1c3f 488713 xchg rdx,qword ptr [rbx] ds:00000000`00000000=????????????????
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff800028d8169 to fffff800028d8bc0
STACK_TEXT:
fffff880`027673a8 fffff800`028d8169 : 00000000`0000000a 00000000`00000000 00000000`00000002 00000000`00000001 : nt!KeBugCheckEx
fffff880`027673b0 fffff800`028d6de0 : 00000000`00000010 fffff880`027676e0 fffff880`00000003 00000000`00000000 : nt!KiBugCheckDispatch+0x69
fffff880`027674f0 fffff800`028e1c3f : 00000000`00000003 00000000`00000002 00000000`00000003 00000000`00000002 : nt!KiPageFault+0x260
fffff880`02767680 fffff880`0152c9c7 : 00000000`00000004 fffff880`02767960 00000000`00008900 fffffa80`0467d7c8 : nt!KeAcquireInStackQueuedSpinLockAtDpcLevel+0x4f
fffff880`027676d0 fffff880`016e608d : fffffa80`06a4ce10 fffffa80`04ee6320 fffff880`02767960 00000000`00008900 : NETIO!WfpExpireEntryLru+0x17
fffff880`02767720 fffff880`016ad7b7 : 00000000`00000004 00000000`00000030 00000000`00000000 00000000`00000001 : tcpip!WfpAleCloseRemoteEndpointConnection+0x2d
fffff880`02767750 fffff880`01725e5b : fffffa80`06a4ce10 fffffa80`03b27baa fffff880`02767b40 fffffa80`06a4ce10 : tcpip! ?? ::FNODOBFM::`string'+0x20f72
fffff880`027678a0 fffff880`017261e2 : 00000000`00000000 fffffa80`03b27ae0 00000000`00000001 fffff880`02767b40 : tcpip!WfpAleHandleSendCompletion+0xeb
fffff880`027679c0 fffff880`017306b2 : fffffa80`040b7ec0 00000000`00000000 00000000`00000002 00000000`00000000 : tcpip!WfpAlepAuthorizeSendCompletion+0x32
fffff880`02767a10 fffff880`01592af2 : fffffa80`0458b820 00000000`00000000 fffffa80`03b27ae0 fffff880`02767b40 : tcpip!WfpAleCompleteOperation+0x162
fffff880`02767ab0 fffff880`02aa41cb : fffffa80`03b27ae0 fffff880`02767b40 00000000`00000000 00000000`00000000 : fwpkclnt!FwpsCompleteOperation0+0x1e
fffff880`02767ae0 fffffa80`03b27ae0 : fffff880`02767b40 00000000`00000000 00000000`00000000 fffffa80`04b99700 : fwwfp764+0x61cb
fffff880`02767ae8 fffff880`02767b40 : 00000000`00000000 00000000`00000000 fffffa80`04b99700 fffff880`02aa1392 : 0xfffffa80`03b27ae0
fffff880`02767af0 00000000`00000000 : 00000000`00000000 fffffa80`04b99700 fffff880`02aa1392 fffffa80`04c79b48 : 0xfffff880`02767b40
STACK_COMMAND: kb
FOLLOWUP_IP:
NETIO!WfpExpireEntryLru+17
fffff880`0152c9c7 488b4310 mov rax,qword ptr [rbx+10h]
SYMBOL_STACK_INDEX: 4
SYMBOL_NAME: NETIO!WfpExpireEntryLru+17
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: NETIO
IMAGE_NAME: NETIO.SYS
DEBUG_FLR_IMAGE_TIMESTAMP: 5294760d
IMAGE_VERSION: 6.1.7601.18327
FAILURE_BUCKET_ID: X64_0xA_NETIO!WfpExpireEntryLru+17
BUCKET_ID: X64_0xA_NETIO!WfpExpireEntryLru+17
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:x64_0xa_netio!wfpexpireentrylru+17
FAILURE_ID_HASH: {fcdee258-ad7b-b100-5f3a-ac9544c5fd1f}
Followup: MachineOwner
---------
我使用了 bluescreenview,它用红色标记了 ntoskrnl.exe:
`ntoskrnl.exe ntoskrnl.exe+f20d4 fffff800`02863000 fffff800`02e48000 0x005e5000 0x531590fb 04.03.2014 09:38:19 Microsoft® Windows® Operating System NT Kernel & System 6.1.7601.18409 (win7sp1_gdr.140303-2144) Microsoft Corporation C:\Windows\system32\ntoskrnl.exe
hal.dll fffff800`0281a000 fffff800`02863000 0x00049000 0x4ce7c669 20.11.2010 14:00:25 Microsoft® Windows® Operating System Hardware Abstraction Layer DLL 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation C:\Windows\system32\hal.dll
kdcom.dll fffff800`03017000 fffff800`03021000 0x0000a000 0x4d4d8061 05.02.2011 17:52:49 Microsoft® Windows® Operating System Serial Kernel Debugger 6.1.7601.17556 (win7sp1_gdr.110204-2120) Microsoft Corporation C:\Windows\system32\kdcom.dll
mcupdate_GenuineIntel.dll fffff880`00cbd000 fffff880`00d0c000 0x0004f000 0x4ce7c737 20.11.2010 14:03:51 Microsoft® Windows® Operating System Intel Microcode Update Library 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation C:\Windows\system32\mcupdate_GenuineIntel.dll
PSHED.dll fffff880`00d0c000 fffff880`00d20000 0x00014000 0x4a5be027 14.07.2009 02:32:23 Betriebssystem Microsoft® Windows® Plattformspezifischer Hardwarefehlertreiber 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\PSHED.dll
CLFS.SYS fffff880`00d20000 fffff880`00d7e000 0x0005e000 0x4a5bc11d 14.07.2009 00:19:57 Microsoft® Windows® Operating System Common Log File System Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\CLFS.SYS
CI.dll fffff880`00e30000 fffff880`00ef0000 0x000c0000 0x4ce7c944 20.11.2010 14:12:36 Betriebssystem Microsoft® Windows® Codeintegritätsmodul 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\CI.dll
Wdf01000.sys fffff880`00ef0000 fffff880`00fb2000 0x000c2000 0x51c51641 22.06.2013 04:13:05 Betriebssystem Microsoft® Windows® Kernelmodustreiber-Frameworklaufzeit 1.11.9200.16384 (win8_rtm.120725-1247) Microsoft Corporation C:\Windows\system32\drivers\Wdf01000.sys
WDFLDR.SYS fffff880`00fb2000 fffff880`00fc2000 0x00010000 0x5010ab70 26.07.2012 03:29:04 Microsoft® Windows® Operating System Kernel Mode Driver Framework Loader 1.11.9200.16384 (win8_rtm.120725-1247) Microsoft Corporation C:\Windows\system32\drivers\WDFLDR.SYS
ACPI.sys fffff880`00d7e000 fffff880`00dd5000 0x00057000 0x4ce79294 20.11.2010 10:19:16 Betriebssystem Microsoft® Windows® ACPI-Treiber für NT 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\ACPI.sys
WMILIB.SYS fffff880`00fc2000 fffff880`00fcb000 0x00009000 0x4a5bc117 14.07.2009 00:19:51 Microsoft® Windows® Operating System WMILIB WMI support library Dll 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\WMILIB.SYS
msisadrv.sys fffff880`00fcb000 fffff880`00fd5000 0x0000a000 0x4a5bc0fe 14.07.2009 00:19:26 Microsoft® Windows® Operating System ISA Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\msisadrv.sys
pci.sys fffff880`00c00000 fffff880`00c33000 0x00033000 0x4ce7928f 20.11.2010 10:19:11 Betriebssystem Microsoft® Windows® NT-Plug & Play PCI-Enumerator 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\pci.sys
vdrvroot.sys fffff880`00fd5000 fffff880`00fe2000 0x0000d000 0x4a5bcadb 14.07.2009 01:01:31 Betriebssystem Microsoft® Windows® Stammenumerator für virtuelles Laufwerk 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation C:\Windows\system32\drivers\vdrvroot.sys
iusb3hcs.sys fffff880`00fe2000 fffff880`00feb000 0x00009000 0x4f227053 27.01.2012 10:37:23 USB 3.0 Host Controller Switch Driver Intel(R) USB 3.0 Host Controller Switch Driver 1.0.3.214 built by: WinDDK Intel Corporation C:\Windows\system32\drivers\iusb3hcs.sys
partmgr.sys fffff880`00feb000 fffff880`01000000 0x00015000 0x4f641bc1 17.03.2012 06:06:09 Microsoft® Windows® Operating System Partition Management Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\partmgr.sys
volmgr.sys fffff880`00e00000 fffff880`00e15000 0x00015000 0x4ce792a0 20.11.2010 10:19:28 Microsoft® Windows® Operating System Volume Manager Driver 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation C:\Windows\system32\drivers\volmgr.sys
volmgrx.sys fffff880`00c33000 fffff880`00c8f000 0x0005c000 0x00000000 Betriebssystem Microsoft® Windows® Treiber für Erweiterung des Volume-Managers 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\volmgrx.sys
mountmgr.sys fffff880`00e15000 fffff880`00e2f000 0x0001a000 0x4ce79299 20.11.2010 10:19:21 Betriebssystem Microsoft® Windows® Bereitstellungspunkt-Manager 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\mountmgr.sys
atapi.sys fffff880`00c8f000 fffff880`00c98000 0x00009000 0x4a5bc113 14.07.2009 00:19:47 Microsoft® Windows® Operating System ATAPI IDE Miniport Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\atapi.sys
ataport.SYS fffff880`00dd5000 fffff880`00dff000 0x0002a000 0x51fef9b5 05.08.2013 02:02:45 Microsoft® Windows® Operating System ATAPI Driver Extension 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\ataport.SYS
msahci.sys fffff880`00c98000 fffff880`00ca3000 0x0000b000 0x4ce7a416 20.11.2010 11:33:58 Microsoft® Windows® Operating System MS AHCI 1.0 Standard Driver 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation C:\Windows\system32\drivers\msahci.sys
PCIIDEX.SYS fffff880`00ca3000 fffff880`00cb3000 0x00010000 0x4a5bc114 14.07.2009 00:19:48 Microsoft® Windows® Operating System PCI IDE Bus Driver Extension 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\PCIIDEX.SYS
amdxata.sys fffff880`01096000 fffff880`010a1000 0x0000b000 0x4ba3a3ca 19.03.2010 17:18:18 Storage Filter Driver Storage Filter Driver 1.1.2.5 (NT.091202-1659) Advanced Micro Devices C:\Windows\system32\drivers\amdxata.sys
fltmgr.sys fffff880`010a1000 fffff880`010ed000 0x0004c000 0x4ce7929c 20.11.2010 10:19:24 Betriebssystem Microsoft® Windows® Microsoft Dateisystem-Filter-Manager 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\fltmgr.sys
fileinfo.sys fffff880`010ed000 fffff880`01101000 0x00014000 0x4a5bc481 14.07.2009 00:34:25 Microsoft® Windows® Operating System FileInfo Filter Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\fileinfo.sys
Ntfs.sys fffff880`0123f000 fffff880`013e8000 0x001a9000 0x52e1be8a 24.01.2014 02:14:50 Betriebssystem Microsoft® Windows® NT-Dateisystemtreiber 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\Ntfs.sys
msrpc.sys fffff880`01101000 fffff880`0115f000 0x0005e000 0x4ce79334 20.11.2010 10:21:56 Microsoft® Windows® Operating System Kernel Remote Procedure Call Provider 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation C:\Windows\system32\drivers\msrpc.sys
ksecdd.sys fffff880`01200000 fffff880`0121b000 0x0001b000 0x5348920e 12.04.2014 02:08:30 Microsoft® Windows® Operating System Kernel Security Support Provider Interface 6.1.7601.18443 (win7sp1_gdr.140411-1533) Microsoft Corporation C:\Windows\system32\drivers\ksecdd.sys
cng.sys fffff880`0115f000 fffff880`011d1000 0x00072000 0x50194fb7 01.08.2012 16:48:07 Microsoft® Windows® Operating System Kernel Cryptography, Next Generation 6.1.7601.17919 (win7sp1_gdr.120801-0333) Microsoft Corporation C:\Windows\system32\drivers\cng.sys
pcw.sys fffff880`0121b000 fffff880`0122c000 0x00011000 0x4a5bc0ff 14.07.2009 00:19:27 Microsoft® Windows® Operating System Performance Counters for Windows Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\pcw.sys
Fs_Rec.sys fffff880`0122c000 fffff880`01236000 0x0000a000 0x4f4eefd2 01.03.2012 04:41:06 Microsoft® Windows® Operating System File System Recognizer Driver 6.1.7601.17787 (win7sp1_gdr.120229-1502) Microsoft Corporation C:\Windows\system32\drivers\Fs_Rec.sys
ndis.sys fffff880`0140f000 fffff880`01501000 0x000f2000 0x5034f6b2 22.08.2012 16:11:46 Betriebssystem Microsoft® Windows® NDIS 6.20-Treiber 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\ndis.sys
NETIO.SYS fffff880`01501000 fffff880`01561000 0x00060000 0x5294760d 26.11.2013 11:21:01 Microsoft® Windows® Operating System Network I/O Subsystem 6.1.7601.18327 (win7sp1_gdr.131125-2337) Microsoft Corporation C:\Windows\system32\drivers\NETIO.SYS
ksecpkg.sys fffff880`01561000 fffff880`0158d000 0x0002c000 0x543c7790 14.10.2014 02:08:32 Microsoft® Windows® Operating System Kernel Security Support Provider Interface Packages 6.1.7601.18637 (win7sp1_gdr.141013-1517) Microsoft Corporation C:\Windows\system32\drivers\ksecpkg.sys
tcpip.sys fffff880`01601000 fffff880`01800000 0x001ff000 0x533f5bd4 05.04.2014 02:26:44 Betriebssystem Microsoft® Windows® TCP/IP-Treiber 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\tcpip.sys
fwpkclnt.sys fffff880`0158d000 fffff880`015d6000 0x00049000 0x533f5b09 05.04.2014 02:23:21 Microsoft® Windows® Operating System FWP/IPsec Kernel-Mode API 6.1.7601.18438 (win7sp1_gdr.140404-1535) Microsoft Corporation C:\Windows\system32\drivers\fwpkclnt.sys
vmstorfl.sys fffff880`015d6000 fffff880`015e6000 0x00010000 0x4ce79b8a 20.11.2010 10:57:30 Microsoft® Windows® Operating System Virtual Storage Filter Driver 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation C:\Windows\system32\drivers\vmstorfl.sys
volsnap.sys fffff880`01000000 fffff880`0104c000 0x0004c000 0x4ce792c8 20.11.2010 10:20:08 Betriebssystem Microsoft® Windows® Volumeschattenkopie-Treiber 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\volsnap.sys
spldr.sys fffff880`015e6000 fffff880`015ee000 0x00008000 0x4a0858bb 11.05.2009 17:56:27 Microsoft® Windows® Operating System loader for security processor 6.1.7127.0 (fbl_security_bugfix(sepbld-s).090511-0943) Microsoft Corporation C:\Windows\system32\drivers\spldr.sys
rdyboost.sys fffff880`0104c000 fffff880`01086000 0x0003a000 0x4ce7982e 20.11.2010 10:43:10 Microsoft® Windows® Operating System ReadyBoost Driver 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation C:\Windows\system32\drivers\rdyboost.sys
mup.sys fffff880`015ee000 fffff880`01600000 0x00012000 0x4a5bc201 14.07.2009 00:23:45 Microsoft® Windows® Operating System Multiple UNC Provider Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\mup.sys
hwpolicy.sys fffff880`01400000 fffff880`01409000 0x00009000 0x4ce7927e 20.11.2010 10:18:54 Microsoft® Windows® Operating System Hardware Policy Driver 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation C:\Windows\system32\drivers\hwpolicy.sys
fvevol.sys fffff880`018ff000 fffff880`01939000 0x0003a000 0x5100a65c 24.01.2013 04:11:24 Microsoft® Windows® Operating System BitLocker Drive Encryption Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\fvevol.sys
disk.sys fffff880`01939000 fffff880`0194f000 0x00016000 0x4a5bc11d 14.07.2009 00:19:57 Microsoft® Windows® Operating System PnP Disk Driver 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation C:\Windows\system32\drivers\disk.sys
CLASSPNP.SYS fffff880`0194f000 fffff880`0197f000 0x00030000 0x4ce7929b 20.11.2010 10:19:23 Microsoft® Windows® Operating System SCSI Class System Dll 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation C:\Windows\system32\drivers\CLASSPNP.SYS
cdrom.sys fffff880`019b7000 fffff880`019e1000 0x0002a000 0x4ce79298 20.11.2010 10:19:20 Microsoft® Windows® Operating System SCSI CD-ROM Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\cdrom.sys
a2dix64.sys fffff880`019e1000 fffff880`019f0000 0x0000f000 0x5221c6af 31.08.2013 11:34:23
Null.SYS fffff880`019f0000 fffff880`019f9000 0x00009000 0x4a5bc109 14.07.2009 00:19:37 Microsoft® Windows® Operating System NULL Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\Null.SYS
Beep.SYS fffff880`019f9000 fffff880`01a00000 0x00007000 0x4a5bca8d 14.07.2009 01:00:13 Microsoft® Windows® Operating System BEEP Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\Beep.SYS
vga.sys fffff880`01800000 fffff880`0180e000 0x0000e000 0x4a5bc587 14.07.2009 00:38:47 Microsoft® Windows® Operating System VGA/Super VGA Video Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\vga.sys
VIDEOPRT.SYS fffff880`0180e000 fffff880`01833000 0x00025000 0x4a5bc58b 14.07.2009 00:38:51 Microsoft® Windows® Operating System Video Port Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\VIDEOPRT.SYS
watchdog.sys fffff880`01833000 fffff880`01843000 0x00010000 0x4a5bc53f 14.07.2009 00:37:35 Microsoft® Windows® Operating System Watchdog Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\watchdog.sys
RDPCDD.sys fffff880`01843000 fffff880`0184c000 0x00009000 0x4a5bce62 14.07.2009 01:16:34 Microsoft® Windows® Operating System RDP Miniport 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\RDPCDD.sys
rdpencdd.sys fffff880`0184c000 fffff880`01855000 0x00009000 0x4a5bce62 14.07.2009 01:16:34 Microsoft® Windows® Operating System RDP Encoder Miniport 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\rdpencdd.sys
rdprefmp.sys fffff880`01855000 fffff880`0185e000 0x00009000 0x4a5bce63 14.07.2009 01:16:35 Microsoft® Windows® Operating System RDP Reflector Driver Miniport 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\rdprefmp.sys
Msfs.SYS fffff880`0185e000 fffff880`01869000 0x0000b000 0x4a5bc113 14.07.2009 00:19:47 Microsoft® Windows® Operating System Mailslot driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\Msfs.SYS
Npfs.SYS fffff880`01869000 fffff880`0187a000 0x00011000 0x4a5bc114 14.07.2009 00:19:48 Microsoft® Windows® Operating System NPFS Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\Npfs.SYS
tdx.sys fffff880`0187a000 fffff880`0189c000 0x00022000 0x54616a72 11.11.2014 02:46:26 Microsoft® Windows® Operating System TDI Translation Driver 6.1.7601.18658 (win7sp1_gdr.141110-1511) Microsoft Corporation C:\Windows\system32\drivers\tdx.sys
TDI.SYS fffff880`0189c000 fffff880`018a9000 0x0000d000 0x4ce7933e 20.11.2010 10:22:06 Microsoft® Windows® Operating System TDI Wrapper 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation C:\Windows\system32\drivers\TDI.SYS
fwtdi64.sys fffff880`028f0000 fffff880`0299d000 0x000ad000 0x54a5a2a8 01.01.2015 20:40:24
afd.sys fffff880`02800000 fffff880`02889000 0x00089000 0x5388291c 30.05.2014 07:45:48 Betriebssystem Microsoft® Windows® Ancillary Function Driver for WinSock 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\afd.sys
netbt.sys fffff880`02889000 fffff880`028ce000 0x00045000 0x4ce79386 20.11.2010 10:23:18 Microsoft® Windows® Operating System MBT Transport driver 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation C:\Windows\system32\drivers\netbt.sys
wfplwf.sys fffff880`028ce000 fffff880`028d7000 0x00009000 0x4a5bccb6 14.07.2009 01:09:26 Microsoft® Windows® Operating System WFP NDIS 6.20 Lightweight Filter Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\wfplwf.sys
pacer.sys fffff880`0299d000 fffff880`029c3000 0x00026000 0x4ce7a862 20.11.2010 11:52:18 Betriebssystem Microsoft® Windows® QoS-Paketplaner 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\pacer.sys
netbios.sys fffff880`029c3000 fffff880`029d2000 0x0000f000 0x4a5bccb6 14.07.2009 01:09:26 Microsoft® Windows® Operating System NetBIOS interface driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\netbios.sys
serial.sys fffff880`029d2000 fffff880`029ef000 0x0001d000 0x4a5bcaa8 14.07.2009 01:00:40 Betriebssystem Microsoft® Windows® Serieller Gerätetreiber 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\serial.sys
wanarp.sys fffff880`018a9000 fffff880`018c4000 0x0001b000 0x4ce7a874 20.11.2010 11:52:36 Microsoft® Windows® Operating System MS Remote Access and Routing ARP Driver 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation C:\Windows\system32\drivers\wanarp.sys
termdd.sys fffff880`028d7000 fffff880`028eb000 0x00014000 0x4ce7ab0c 20.11.2010 12:03:40 Microsoft® Windows® Operating System Remote Desktop Server Driver 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation C:\Windows\system32\drivers\termdd.sys
rdbss.sys fffff880`02a36000 fffff880`02a87000 0x00051000 0x4ce79497 20.11.2010 10:27:51 Betriebssystem Microsoft® Windows® Subsystemtreiber für Pufferung des umgeleiteten Laufwerks 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\rdbss.sys
nsiproxy.sys fffff880`02a87000 fffff880`02a93000 0x0000c000 0x4a5bc15e 14.07.2009 00:21:02 Microsoft® Windows® Operating System NSI Proxy 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\nsiproxy.sys
mssmbios.sys fffff880`02a93000 fffff880`02a9e000 0x0000b000 0x4a5bc3be 14.07.2009 00:31:10 Microsoft® Windows® Operating System System Management BIOS Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\mssmbios.sys
fwwfp764.sys fffff880`02a9e000 fffff880`02b06000 0x00068000 0x54a5a2d6 01.01.2015 20:41:10
discache.sys fffff880`02b06000 fffff880`02b15000 0x0000f000 0x4a5bc52e 14.07.2009 00:37:18 Microsoft® Windows® Operating System System Indexer/Cache Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\discache.sys
dfsc.sys fffff880`02b15000 fffff880`02b33000 0x0001e000 0x4ce79447 20.11.2010 10:26:31 Microsoft® Windows® Operating System DFS Namespace Client Driver 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation C:\Windows\system32\drivers\dfsc.sys
ctxusbm.sys fffff880`02b33000 fffff880`02b47280 0x00014280 0x4dcc9fdc 13.05.2011 04:05:00 Citrix ICA Client Citrix USB Filter Driver 12.1.10.6 Citrix Systems, Inc. C:\Windows\system32\drivers\ctxusbm.sys
csc.sys fffff880`02b48000 fffff880`02bcb000 0x00083000 0x4ce79470 20.11.2010 10:27:12 Microsoft® Windows® Operating System Windows Client Side Caching Driver 6.1.7601.17514 (win7sp1_rtm.101119-1850) Microsoft Corporation C:\Windows\system32\drivers\csc.sys
blbdrive.sys fffff880`02bcb000 fffff880`02bdc000 0x00011000 0x4a5bc4df 14.07.2009 00:35:59 Microsoft® Windows® Operating System BLB Drive Driver 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\blbdrive.sys
a2util64.sys fffff880`02bdc000 fffff880`02be6000 0x0000a000 0x537059be 12.05.2014 06:18:54
a2ddax64.sys fffff880`02be6000 fffff880`02bf0000 0x0000a000 0x51396c04 08.03.2013 05:41:40
tunnel.sys fffff880`02a00000 fffff880`02a26000 0x00026000 0x4ce7a846 20.11.2010 11:51:50 Betriebssystem Microsoft® Windows® Microsoft-Tunnelschnittstellentreiber 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\tunnel.sys
iusb3xhc.sys fffff880`0305d000 fffff880`03121000 0x000c4000 0x4f226fe0 27.01.2012 10:35:28 USB 3.0 Device Driver Intel(R) USB 3.0 eXtensible Host Controller Driver 1.0.3.214 (iusb3drv.20120127-0133) Intel Corporation C:\Windows\system32\drivers\iusb3xhc.sys
USBD.SYS fffff880`03121000 fffff880`03122e80 0x00001e80 0x52954daf 27.11.2013 02:41:03 Microsoft® Windows® Operating System Universal Serial Bus Driver 6.1.7601.18328 (win7sp1_gdr.131126-1436) Microsoft Corporation C:\Windows\system32\drivers\USBD.SYS
HECIx64.sys fffff880`03123000 fffff880`03136000 0x00013000 0x4ff21d62 02.07.2012 23:14:58 Intel(R) Management Engine Interface Intel(R) Management Engine Interface 8.1.0.1263 built by: WinDDK Intel Corporation C:\Windows\system32\drivers\HECIx64.sys
serenum.sys fffff880`03136000 fffff880`03142000 0x0000c000 0x4a5bcaa1 14.07.2009 01:00:33 Microsoft® Windows® Operating System Serial Port Enumerator 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\drivers\serenum.sys
e1c62x64.sys fffff880`03142000 fffff880`031bb000 0x00079000 0x50258ebf 10.08.2012 23:44:15 Intel(R) Gigabit Adapter Intel(R) Gigabit Adapter NDIS 6.x driver 12.2.45.0 built by: WinDDK Intel Corporation C:\Windows\system32\drivers\e1c62x64.sys
usbehci.sys fffff880`031bb000 fffff880`031cd000 0x00012000 0x52954db7 27.11.2013 02:41:11 Microsoft® Windows® Operating System EHCI eUSB Miniport Driver 6.1.7601.18328 (win7sp1_gdr.131126-1436) Microsoft Corporation C:\Windows\system32\drivers\usbehci.sys
列表的其余部分将以评论形式显示,因为它超出了单个帖子的限制。
知道谁是罪魁祸首吗?
谢谢你的时间!
答案1
错误DRIVER_IRQL_NOT_LESS_OR_EQUAL
检查是由内核模式驱动程序尝试以过高的进程 IRQL 访问可分页内存引起的。换句话说,Windows 加载了一个驱动程序(特别是在内核模式下),该驱动程序本身行为不正常,导致 Windows 内核崩溃。
默认情况下,它导致 NETIO.sys 出现故障,即网络 I/O 子系统。这不是真正的原因,而是由其他原因导致的。通常,在大多数情况下,这种情况在 Windows 7 > 8 或 8 > 8.1 更新中经常发生,原因有两个:
- 网络驱动程序本身需要更新。
- 第三方防病毒软件、防火墙软件或其他软件导致冲突或损坏。
WinDBG 为您提供了解决此问题所需的所有信息。
调试细节:
警告:无法验证时间戳系统文件
错误:模块加载已完成,但无法加载符号系统文件
fwwfp764.sys 属于 Emsisoft 发布的软件。因此,卸载 Emsisoft 软件,崩溃问题就会消失。