前段时间,我购买了 PingZapper 应用程序,以便在 W10 1909 上降低某些游戏的延迟。没过多久,我开始遇到 BSOD,所有 BSOD 都指向同一个组件“networktunnelx64.sys”。在网上做了一些研究后,我了解到这是 PZ 的一个常见问题,PZ 是一款相当过时的应用程序(上次编译于 2016 年)。经过一段时间的努力,我最终决定删除 PZ(使用 Revo Uninstaller)以摆脱 PZ 相关的 BSOD。与此同时,我还将我的 W10 更新到了最新的 20H2 十月版。
所以现在我的电脑上没有 PZ,而且据我所知,我也没有安装任何其他 VPN 类型的应用程序(我想 Zoom、Skype 和 Discord 不算,而且在 BSOD 开始出现之前我已经使用了几个月的 AnyDesk,没有任何问题)。然而,几分钟前我又收到另一个 BSOD,指向完全相同的 networktunnelx64.sys!
这里有分析-v结果:
Microsoft (R) Windows Debugger Version 10.0.18362.1 AMD64 Copyright
(c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\MEMORY.DMP] Kernel Bitmap Dump File:
Kernel address space is available, User address space may not be
available.
Symbol search path is: srv* Executable search path is: Windows 10
Kernel Version 18362 MP (16 procs) Free x64 Product: WinNt, suite:
TerminalServer SingleUserTS Built by:
18362.1.amd64fre.19h1_release.190318-1202 Machine Name: Kernel base = 0xfffff806`06800000 PsLoadedModuleList = 0xfffff806`06c461b0 Debug
session time: Sat Nov 7 17:59:39.504 2020 (UTC - 3:00) System Uptime:
0 days 0:03:40.213 Loading Kernel Symbols
...............................................................
......Page 4050a9 not present in the dump file. Type ".hh dbgerr004"
for details ..........................................................
................................................................ ....
Loading User Symbols PEB is paged out (Peb.Ldr = 0000001e`6cf67018).
Type ".hh dbgerr001" for details Loading unloaded module list ......
For analysis of this file, run !analyze -v 0: kd!analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
UNEXPECTED_KERNEL_MODE_TRAP (7f) This means a trap occurred in kernel
mode, and it's a trap of a kind that the kernel isn't allowed to
have/catch (bound trap) or that is always instant death (double
fault). The first number in the bugcheck params is the number of the
trap (8 = double fault, etc) Consult an Intel x86 family manual to
learn more about what these traps are. Here is a *portion* of those
codes: If kv shows a taskGate
use .tss on the part before the colon, then kv. Else if kv shows a trapframe
use .trap on that value Else
.trap on the appropriate frame will show where the trap was taken
(on x86, this will be the ebp that goes with the procedure KiTrap) Endif kb will then show the corrected stack. Arguments: Arg1:
0000000000000008, EXCEPTION_DOUBLE_FAULT Arg2: fffff8060ba7ee70 Arg3:
ffffaa8602c70ff0 Arg4: fffff80606ad29bb
Debugging Details:
------------------
KEY_VALUES_STRING: 1
PROCESSES_ANALYSIS: 1
SERVICE_ANALYSIS: 1
STACKHASH_ANALYSIS: 1
TIMELINE_ANALYSIS: 1
DUMP_CLASS: 1
DUMP_QUALIFIER: 401
BUILD_VERSION_STRING: 18362.1.amd64fre.19h1_release.190318-1202
SYSTEM_MANUFACTURER: System manufacturer
SYSTEM_PRODUCT_NAME: System Product Name
SYSTEM_SKU: SKU
SYSTEM_VERSION: System Version
BIOS_VENDOR: American Megatrends Inc.
BIOS_VERSION: 5220
BIOS_DATE: 09/12/2019
BASEBOARD_MANUFACTURER: ASUSTeK COMPUTER INC.
BASEBOARD_PRODUCT: PRIME X370-PRO
BASEBOARD_VERSION: Rev X.0x
DUMP_TYPE: 1
BUGCHECK_P1: 8
BUGCHECK_P2: fffff8060ba7ee70
BUGCHECK_P3: ffffaa8602c70ff0
BUGCHECK_P4: fffff80606ad29bb
BUGCHECK_STR: 0x7f_8
TRAP_FRAME: fffff8060ba7ee70 -- (.trap 0xfffff8060ba7ee70) NOTE: The
trap frame does not contain all registers. Some register values may be
zeroed or incorrect. rax=ffffaa8602c71018 rbx=0000000000000000
rcx=ffffaa8602c70000 rdx=0000000000000000 rsi=0000000000000000
rdi=0000000000000000 rip=fffff80606ad29bb rsp=ffffaa8602c70ff0
rbp=ffffaa8602c710b9 r8=000000000000000e r9=0000000000000000
r10=ffffaa8602c70000 r11=ffffaa8602c70000 r12=0000000000000000
r13=0000000000000000 r14=0000000000000000 r15=0000000000000000 iopl=0
nv up ei ng nz na po nc nt!MiGenerateAccessViolation+0x1f:
fffff806`06ad29bb e83044d8ff call nt!MiDeterminePoolType
(fffff806`06856df0) Resetting default scope
CPU_COUNT: 10
CPU_MHZ: f03
CPU_VENDOR: AuthenticAMD
CPU_FAMILY: 17
CPU_MODEL: 1
CPU_STEPPING: 1
BLACKBOXBSD: 1 (!blackboxbsd)
BLACKBOXNTFS: 1 (!blackboxntfs)
BLACKBOXWINLOGON: 1
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
PROCESS_NAME: conhost.exe
CURRENT_IRQL: 0
ANALYSIS_SESSION_HOST: MARTINGBB-1
ANALYSIS_SESSION_TIME: 11-09-2020 15:12:50.0666
ANALYSIS_VERSION: 10.0.18362.1 amd64fre
EXCEPTION_RECORD: ffffe584d4340640 -- (.exr 0xffffe584d4340640)
ExceptionAddress: 0000000000000000 ExceptionCode: 00000000
ExceptionFlags: 00000000 NumberParameters: 0
LAST_CONTROL_TRANSFER: from fffff8060680ed5a to fffff806069cb6d6
STACK_OVERFLOW: Stack Limit: ffffaa8602c71000. Use (kF) and
(!stackusage) to investigate stack usage.
STACKUSAGE_FUNCTION: The function at address 0xfffff80604639430 was
blamed for the stack overflow. It is using 8400 bytes of stack.
FOLLOWUP_IP: networktunnelx64+9430 fffff806`04639430 4889442430
mov qword ptr [rsp+30h],rax
STACK_TEXT: ffffaa86`02c70ff0 fffff806`06a0817a : ffffaa86`02c70000
ffffaa86`02c710b9 00000000`00000000 ffffaa86`02c711e0 :
nt!MiGenerateAccessViolation+0x1f ffffaa86`02c71020 fffff806`0689559f
: 00000000`00000000 00000000`00000000 00000000`00000000
ffffaa86`02c70000 : nt!MiSystemFault+0x19dcca ffffaa86`02c71120
fffff806`069d0d5e : 00000000`00000000 00000000`00000000
ffffaa86`02c728b0 00000000`00000000 : nt!MmAccessFault+0x34f
ffffaa86`02c712c0 fffff806`069cb6d6 : 00000000`00000000
00000000`0010000b fffff806`0680ed5a ffffaa86`02c72678 :
nt!KiPageFault+0x35e ffffaa86`02c71458 fffff806`0680ed5a :
ffffaa86`02c72678 00000000`00000000 00000000`00000003
00000000`000004d0 : nt!_chkstk+0x36 ffffaa86`02c71470
fffff806`0699dabf : fffff806`06be4efc ffffaa86`00000001
ffffaa86`02c728b0 ffffaa86`02c77000 : nt!RtlUnwindEx+0xfa
ffffaa86`02c716a0 fffff806`069cbad2 : ffffaa86`02c728b0
ffffaa86`02c71c80 00000000`00000000 00000000`0010001f :
nt!_C_specific_handler+0xef ffffaa86`02c71710 fffff806`0680cca5 :
ffffaa86`02c72678 00000000`00000000 ffffaa86`02c71c80
00007fff`ffff0000 : nt!RtlpExecuteHandlerForException+0x12
ffffaa86`02c71740 fffff806`0680b33e : ffffaa86`02c72678
ffffaa86`02c723c0 ffffaa86`02c72678 00000000`00000000 :
nt!RtlDispatchException+0x4a5 ffffaa86`02c71e90 fffff806`069d4c5d :
ffffe584`d4340640 fffff806`068975a6 ffffb3d9`ecf67000
00007ff5`cfecc000 : nt!KiDispatchException+0x16e ffffaa86`02c72540
fffff806`069d0e43 : ffffe584`d4340580 00000000`000000ff
80000000`00000000 ffffce09`7a159258 : nt!KiExceptionDispatch+0x11d
ffffaa86`02c72720 fffff806`069262b3 : ffffb3bf`fae7f660
ffffe584`d4340580 00000000`00000000 00000000`00000000 :
nt!KiPageFault+0x443 ffffaa86`02c728b0 fffff806`068158e5 :
ffffb3bf`fae7f660 ffffffff`00000018 00000000`00000000
ffffffff`00000420 : nt!MiMakeProtoLeafValid+0xaf ffffaa86`02c72940
fffff806`06dcbd7b : 00007ff5`cfecc000 ffffe584`d71bdba0
ffffb701`00000f00 00000000`00000000 : nt!MiSplitPrivatePage+0x365
ffffaa86`02c72a20 fffff806`06dcb898 : ffffe584`d71bdbc8
00007ff5`cfecbc00 00000000`00000440 00007ff5`cfecbc00 :
nt!MiCopyToCfgBitMap+0x48b ffffaa86`02c72b00 fffff806`06ec9768 :
ffffb3bf`fd249778 00000000`00000000 00007ffa`49301000
fffff806`068e7caf : nt!MiPopulateCfgBitMap+0xbc ffffaa86`02c72bb0
fffff806`06dc9ff0 : ffffe584`d4340580 00000000`00000000
ffffe584`d4340640 fffff806`06868270 : nt!MiMarkPrivateOpenCfgBits+0x30
ffffaa86`02c72bf0 fffff806`06dc9ec7 : ffffe584`d76d4400
fffff806`068341ed 00000000`00000000 fffff806`06812726 :
nt!MiMarkProcessCfgBits+0x44 ffffaa86`02c72c20 fffff806`06de6f4f :
00000000`00000002 ffffaa86`02c72d21 ffffe584`d7486760
ffffaa86`00000000 : nt!MiCommitVadCfgBits+0x16f ffffaa86`02c72ca0
fffff806`06de2416 : ffffaa86`02c72f98 00000000`00000000
ffffaa86`00000006 00000000`00000001 : nt!MiReserveUserMemory+0x42f
ffffaa86`02c72d80 fffff806`06dc2056 : 00007ffa`00000000
00000000`00000000 00000000`00000000 00000000`00000000 :
nt!MiAllocateVirtualMemory+0x316 ffffaa86`02c72f10 fffff806`069d4558 :
ffffffff`80004028 ffffe584`d76d4080 00000000`00000000
ffffaa86`02c732d8 : nt!NtAllocateVirtualMemory+0x196 ffffaa86`02c730b0
fffff806`069c6b00 : fffff806`04637b76 00000000`00000000
00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28
ffffaa86`02c732b8 fffff806`04637b76 : 00000000`00000000
00000000`00000000 00000000`00000000 00000000`00000000 :
nt!KiServiceLinkage ffffaa86`02c732c0 fffff806`04639430 :
ffffffff`80004028 00000000`00002000 00007ffa`4919f7e0
00000000`00000000 : networktunnelx64+0x7b76 ffffaa86`02c73340
fffff806`04639a1e : ffffffff`80004028 ffffce09`88483db8
00000000`00000001 ffffe584`d4340080 : networktunnelx64+0x9430
ffffaa86`02c75410 fffff806`0463b5ea : ffffffff`80004028
ffffce09`88483db8 00000000`00000010 00000000`00040082 :
networktunnelx64+0x9a1e ffffaa86`02c75440 fffff806`0463b6ad :
ffffffff`80004028 fffff806`163bfe01 00000000`000013c0
ffffe584`d4340080 : networktunnelx64+0xb5ea ffffaa86`02c754d0
fffff806`046312d6 : 00000000`000013c0 00000000`0000000a
00000000`00000000 00000000`00000001 : networktunnelx64+0xb6ad
ffffaa86`02c75510 fffff806`06dca738 : 00000000`00001034
00000000`000013c0 ffffe584`d446a801 ffffe584`d4340080 :
networktunnelx64+0x12d6 ffffaa86`02c75540 fffff806`06dc83a3 :
ffffffff`00000000 ffffaa86`02c76330 ffffaa86`02c75c01
ffffe584`d94825d0 : nt!PspCallProcessNotifyRoutines+0x254
ffffaa86`02c75610 fffff806`06e8d804 : ffffe584`d59d7080
ffffe584`d4340080 ffffaa86`02c75dd0 ffffaa86`02c75c90 :
nt!PspInsertThread+0x68f ffffaa86`02c75700 fffff806`069d4558 :
00000000`00000000 ffffe584`c8c847a0 ffffce09`7800b040
00000001`02c764e0 : nt!NtCreateUserProcess+0x964 ffffaa86`02c763b0
fffff806`069c6b00 : fffff806`045ead4f 00000000`00000000
00000000`00001034 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x28
ffffaa86`02c765b8 fffff806`045ead4f : 00000000`00000000
00000000`00001034 00000000`00000000 ffffaa86`02c76630 :
nt!KiServiceLinkage ffffaa86`02c765c0 fffff806`045ea921 :
00000000`00000001 00000000`00000000 ffffaa86`02c76b80
00007ffa`00000000 : condrv!CdpCreateProcess+0x14f ffffaa86`02c76770
fffff806`045e8ad7 : ffffe584`d6692080 00000000`00000730
ffffe584`c8cf4bc0 00000000`004a3d60 :
condrv!CdpLaunchServerProcess+0x171 ffffaa86`02c76870
fffff806`045eae0d : 00000000`004a3d60 fffff806`045eadb0
ffffe584`d947e750 00000000`00000000 : condrv!CdpServerFastIoctl+0x167
ffffaa86`02c768b0 fffff806`06dd136b : 00000000`00000088
ffffaa86`02c76b00 ffffe584`d6692580 ffffe584`d947e750 :
condrv!CdpFastIoDeviceControl+0x5d ffffaa86`02c76900 fffff806`06dd0c36
: 00007ffa`4915bbd0 00000000`00000000 00000000`00000001
00000000`00000000 : nt!IopXxxControlFile+0x71b ffffaa86`02c76a20
fffff806`069d4558 : 00000000`00000000 00000000`00000000
00000000`00000000 00000000`0012019f : nt!NtDeviceIoControlFile+0x56
ffffaa86`02c76a90 00007ffa`4919c1a4 : 00000000`00000000
00000000`00000000 00000000`00000000 00000000`00000000 :
nt!KiSystemServiceCopyEnd+0x28 00000000`0009e518 00000000`00000000 :
00000000`00000000 00000000`00000000 00000000`00000000
00000000`00000000 : 0x00007ffa`4919c1a4
STACK_COMMAND: .trap 0xfffff8060ba7ee70 ; kb
THREAD_SHA1_HASH_MOD_FUNC: d478b5f79124d0274996d08065a1ffcd79f95f71
THREAD_SHA1_HASH_MOD_FUNC_OFFSET:
bc8be9c8d07ac0e2709b19577dd0deb4cccb0999
THREAD_SHA1_HASH_MOD: eb0f6c3622795060afedc57caa6d2b9d84beef4f
FAULT_INSTR_CODE: 24448948
SYMBOL_STACK_INDEX: 19
SYMBOL_NAME: networktunnelx64+9430
FOLLOWUP_NAME: MachineOwner
IMAGE_NAME: networktunnelx64.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 59675c14
MODULE_NAME: networktunnelx64
BUCKET_ID_FUNC_OFFSET: 9430
FAILURE_BUCKET_ID:
0x7f_8_STACK_USAGE_networktunnelx64!unknown_function
BUCKET_ID: 0x7f_8_STACK_USAGE_networktunnelx64!unknown_function
PRIMARY_PROBLEM_CLASS:
0x7f_8_STACK_USAGE_networktunnelx64!unknown_function
TARGET_TIME: 2020-11-07T20:59:39.000Z
OSBUILD: 18362
OSSERVICEPACK: 0
SERVICEPACK_NUMBER: 0
OS_REVISION: 0
SUITE_MASK: 272
PRODUCT_TYPE: 1
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: unknown_date
BUILDDATESTAMP_STR: 190318-1202
BUILDLAB_STR: 19h1_release
BUILDOSVER_STR: 10.0.18362.1.amd64fre.19h1_release.190318-1202
ANALYSIS_SESSION_ELAPSED_TIME: 20c2
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING:
km:0x7f_8_stack_usage_networktunnelx64!unknown_function
FAILURE_ID_HASH: {40c7ef30-43b9-8995-cd28-4273c4c8586d}
Followup: MachineOwner
所以这真是个意外。我以为删除 PZ 后 BSOD 就不会再发生了,但 BSOD 还是继续发生。这让我怀疑,通过安装 PZ,我是否更新了一些已经存在的“networktunnelx64.sys”文件,该文件现在已损坏,我必须恢复,但在我的 C:/ 中搜索命名文件却没有任何结果。
那么我该如何解决这个问题呢?目前,由于 Discord 是当时除了 G Chrome 之外唯一运行的“使用互联网”应用程序,并且在打开 PZ 时确实表现出特别的敌意,所以我也要卸载它,但我不希望问题出在这里。所以任何帮助都将不胜感激。
编辑:正如帮助我的好心人所问,几周前我运行过 SFC,没有发现任何错误。奇怪的是,最近我遇到了其他问题,这次运行 SFC 确实指向了错误。不过我敢打赌,这两者之间没有关联。今天我运行了 DISM,没有出现任何特殊消息表明已更正任何特定问题;它只是回复说“恢复操作已成功完成”。
好消息是,我已经很长时间没有再看到这个 BSOD 了(尽管我仍然因为其他原因而遇到它们 :())。关于这个问题的唯一重大变化是我从我的电脑上卸载了 Discord,现在我在 Chrome 中使用它的网络版本。不过,我还没有重新安装 Pingzapper,这是最后一次测试,看看这个问题是否解决了。在此之前,我要进行一次全面的驱动程序更新和 PC 物理清理。稍后我会带来结果。
答案1
Pingzapper 自 2017 年起三年内未更新,因此可视为已失效且不受支持。有许多报告称,自 2018 年开始,它会导致 Windows 10 版本崩溃。
Pingzapper 的实际用途值得怀疑,也有报道称它导致用户被禁止玩游戏。对此的一个解释是,Pingzapper 对所有用户使用相同的代理 IP 地址,因此如果其他用户因某种原因被禁止,那么您也会被禁止,因为您使用的是相同的 IP 地址。
我建议卸载 Pingzapper,最好使用 Revo 等卸载程序。验证其安装文件夹是否已被删除,通常是
C:\Program Files (x86)\Pingzapper。
如果您想提高网络速度,最好的解决方案是提高互联网连接速度或购买更好的路由器。
像 Revo 这样的卸载程序无法检测已修补或替换的 Windows 模块。如果 Pingzapper 用三年前的旧版本替换了 Windows 模块,那么这种与 Windows 文件的传输可以解释崩溃的原因。
为了解决这个问题,我看到了以下可能性:
以管理员身份运行 CMD 并输入以下命令:
DISM /Online /Cleanup-Image /RestoreHealth sfc /scannow