Arczi256 utworzono 17 listopada 2010 utworzono 17 listopada 2010 (edytowane) Bardzo proszę o pomoc z tym ustrojstwem. BSOD pojawia się podczas włączania gry "S4League". Co mogę zrobić by to naprawić? Tutaj zamieszczam zdjęcie BSOD-a. [spoiler]http://img594.imageshack.us/i/20101114059.jpg/[/spoiler] A tutaj analizę z Debugging Tools for Windows[spoiler]******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e) This is a very common bugcheck. Usually the exception address pinpoints the driver/function that caused the problem. Always note this address as well as the link date of the driver/image that contains this address. Some common problems are exception code 0x80000003. This means a hard coded breakpoint or assertion was hit, but this system was booted /NODEBUG. This is not supposed to happen as developers should never have hardcoded breakpoints in retail code, but ... If this happens, make sure a debugger gets connected, and the system is booted /DEBUG. This will let us see why this breakpoint is happening. Arguments: Arg1: c0000005, The exception code that was not handled Arg2: a25f289e, The address that the exception occurred at Arg3: 8f03fbd4, Exception Record Address Arg4: 8f03f7b0, Context Record Address[/spoiler] Mój komputer to HP Pavilion dv7 1140-ew System to Win7. Procek Intel Core2Duo T5800 2.00 Ghz, Grafika Nvidia 9600m GT Pozdrawiam Edytowane 17 listopada 2010 przez Arczi256
raazor90 komentarz 17 listopada 2010 komentarz 17 listopada 2010 Dump wykonany nieprawidłowo, ale ze screena wywnioskowałem, że może to być infekcja: [b]xdva370.sys[/b]. Udaj się do działu bezpieczeństwo, zamieść tam odpowiednie logi i jeśli koledzy wykluczą infekcję będziemy szukać dalej.
Sohei komentarz 19 listopada 2010 komentarz 19 listopada 2010 C:\Windows\System32\XDva370.sys na virustotal to wrzuć i się okaże czy infekcja czy nie. Tematu w bezpiece nie dokończyliśmy więc jeśli chcesz uzyskać dalszą szczegółową pomoc to daj o co prosiłem:) Dodatkowo razzor'owi daj do oceny nowy log z Debugging Tools for Windows
Arczi256 komentarz 24 listopada 2010 Autor komentarz 24 listopada 2010 Nie wiem jak to możliwe ale plik "XDva370.sys" zniknął. Szukam, szukam i nie ma go. A dumpa nie mogę wykonać ponieważ wyskakuje mi takie coś [spoiler] Microsoft (R) Windows Debugger Version 6.12.0002.633 X86 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [C:\Windows\Minidump\112110-19531-01.dmp] Mini Kernel Dump File: Only registers and stack trace are available Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols Executable search path is: Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Built by: 7600.16617.x86fre.win7_gdr.100618-1621 Machine Name: Kernel base = 0x83052000 PsLoadedModuleList = 0x8319a810 Debug session time: Sun Nov 21 21:08:26.451 2010 (UTC + 1:00) System Uptime: 0 days 0:14:34.184 Loading Kernel Symbols ............................................................... ................................................................ ..................................................... Loading User Symbols Loading unloaded module list .............. Unable to load image \??\C:\Windows\system32\XDva370.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for XDva370.sys *** ERROR: Module load completed but symbols could not be loaded for XDva370.sys Unable to load image \SystemRoot\system32\DRIVERS\ewusbnet.sys, Win32 error 0n2 *** WARNING: Unable to verify timestamp for ewusbnet.sys *** ERROR: Module load completed but symbols could not be loaded for ewusbnet.sys ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 1000007E, {c0000005, ad2e089e, 9f6abbd4, 9f6ab7b0} Probably caused by : XDva370.sys ( XDva370+689e ) Followup: MachineOwner[/spoiler] Po kliknięciu w "!analyze -v" [log]0: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M (1000007e) This is a very common bugcheck. Usually the exception address pinpoints the driver/function that caused the problem. Always note this address as well as the link date of the driver/image that contains this address. Some common problems are exception code 0x80000003. This means a hard coded breakpoint or assertion was hit, but this system was booted /NODEBUG. This is not supposed to happen as developers should never have hardcoded breakpoints in retail code, but ... If this happens, make sure a debugger gets connected, and the system is booted /DEBUG. This will let us see why this breakpoint is happening. Arguments: Arg1: c0000005, The exception code that was not handled Arg2: ad2e089e, The address that the exception occurred at Arg3: 9f6abbd4, Exception Record Address Arg4: 9f6ab7b0, Context Record Address Debugging Details: ------------------ EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - Instrukcja spod 0x%08lx odwo FAULTING_IP: XDva370+689e ad2e089e 8b512c mov edx,dword ptr [ecx+2Ch] EXCEPTION_RECORD: 9f6abbd4 -- (.exr 0xffffffff9f6abbd4) ExceptionAddress: ad2e089e (XDva370+0x0000689e) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 00000000 Parameter[1]: 005c0085 Attempt to read from address 005c0085 CONTEXT: 9f6ab7b0 -- (.cxr 0xffffffff9f6ab7b0) eax=89123408 ebx=8a000508 ecx=005c0059 edx=00083c20 esi=ad2e7aa8 edi=8a000698 eip=ad2e089e esp=9f6abc9c ebp=9f6abcc8 iopl=0 nv up ei pl nz na pe nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206 XDva370+0x689e: ad2e089e 8b512c mov edx,dword ptr [ecx+2Ch] ds:0023:005c0085=???????? Resetting default scope CUSTOMER_CRASH_COUNT: 1 DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT PROCESS_NAME: System CURRENT_IRQL: 0 ERROR_CODE: (NTSTATUS) 0xc0000005 - Instrukcja spod 0x%08lx odwo EXCEPTION_PARAMETER1: 00000000 EXCEPTION_PARAMETER2: 005c0085 READ_ADDRESS: GetPointerFromAddress: unable to read from 831ba718 Unable to read MiSystemVaType memory at 8319a160 005c0085 FOLLOWUP_IP: XDva370+689e ad2e089e 8b512c mov edx,dword ptr [ecx+2Ch] BUGCHECK_STR: 0x7E LAST_CONTROL_TRANSFER: from 95d277aa to ad2e089e STACK_TEXT: WARNING: Stack unwind information not available. Following frames may be wrong. 9f6abcc8 95d277aa 8308e443 89628008 891a2a50 XDva370+0x689e 9f6abcdc 95d26b6f 89628008 89628ab8 89628184 ewusbnet+0x127aa 9f6abd50 832606d3 01628008 b94105e4 00000000 ewusbnet+0x11b6f 9f6abd90 831120f9 95d266da 89628008 00000000 nt!PspSystemThreadStartup+0x9e 00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19 SYMBOL_STACK_INDEX: 0 SYMBOL_NAME: XDva370+689e FOLLOWUP_NAME: MachineOwner MODULE_NAME: XDva370 IMAGE_NAME: XDva370.sys DEBUG_FLR_IMAGE_TIMESTAMP: 4cad2487 STACK_COMMAND: .cxr 0xffffffff9f6ab7b0 ; kb FAILURE_BUCKET_ID: 0x7E_XDva370+689e BUCKET_ID: 0x7E_XDva370+689e Followup: MachineOwner ---------[/log]Rozumiem, że nic więcej nie da się zrobić?
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.