BSOD od kilku dni


(Brozyneq) #1

Witam, od kilku dni ciągle wyskakuje mi BSOD, nie znam się ogólnie na logach itp, wychodzi że plik svchost.exe jest za to odpowiedzialny, zaznaczę od razu że format nie rozwiązuje problemu, system jest oryginalny i aktywowany. Sterowniki aktualne. Komputer na gwarancji ale facet mówi że u niego się nic nie dzieje. Tutaj całość logu:

Microsoft (R) Windows Debugger Version 6.11.0001.404 X86

Copyright (c) Microsoft Corporation. All rights reserved.



Loading Dump File [C]

Mini Kernel Dump File: Only registers and stack trace are available


Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols

Executable search path is: 

Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64

Product: WinNt, suite: TerminalServer SingleUserTS Personal

Built by: 7601.17944.amd64fre.win7sp1_gdr.120830-0333

Machine Name:

Kernel base = 0xfffff800`0304f000 PsLoadedModuleList = 0xfffff800`03293670

Debug session time: Wed Jan 9 19:09:58.756 2013 (GMT+1)

System Uptime: 0 days 0:06:36.943

Loading Kernel Symbols

...............................................................

................................................................

...........................

Loading User Symbols

Loading unloaded module list

.....

*******************************************************************************

* *

* Bugcheck Analysis *

* *

*******************************************************************************


Use !analyze -v to get detailed debugging information.


BugCheck 1E, {ffffffffc0000005, fffff8800112d251, 0, 1000000}


Probably caused by : fltmgr.sys ( fltmgr!FltpCacheCreateNames+51 )


Followup: MachineOwner

---------


2: kd> !analyze -v

*******************************************************************************

* *

* Bugcheck Analysis *

* *

*******************************************************************************


KMODE_EXCEPTION_NOT_HANDLED (1e)

This is a very common bugcheck. Usually the exception address pinpoints

the driver/function that caused the problem. Always note this address

as well as the link date of the driver/image that contains this address.

Arguments:

Arg1: ffffffffc0000005, The exception code that was not handled

Arg2: fffff8800112d251, The address that the exception occurred at

Arg3: 0000000000000000, Parameter 0 of the exception

Arg4: 0000000001000000, Parameter 1 of the exception


Debugging Details:

------------------



EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - Instrukcja spod 0x%08lx odwo


FAULTING_IP: 

fltmgr!FltpCacheCreateNames+51

fffff880`0112d251 f60001 test byte ptr [rax],1


EXCEPTION_PARAMETER1: 0000000000000000


EXCEPTION_PARAMETER2: 0000000001000000


READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800032fd100

 0000000001000000 


CUSTOMER_CRASH_COUNT: 1


DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT


BUGCHECK_STR: 0x1E


PROCESS_NAME: svchost.exe


CURRENT_IRQL: 0


TRAP_FRAME: fffff8800970adc0 -- (.trap 0xfffff8800970adc0)

NOTE: The trap frame does not contain all registers.

Some register values may be zeroed or incorrect.

rax=0000000001000000 rbx=0000000000000000 rcx=fffffa8007719280

rdx=0000000000000011 rsi=0000000000000000 rdi=0000000000000000

rip=fffff8800112d251 rsp=fffff8800970af50 rbp=fffffa8007a9b010

 r8=0000000000000000 r9=fffff8800970afd0 r10=fffffa8007d3a228

r11=fffff8800970afc8 r12=0000000000000000 r13=0000000000000000

r14=0000000000000000 r15=0000000000000000

iopl=0 nv up ei pl zr na po nc

fltmgr!FltpCacheCreateNames+0x51:

fffff880`0112d251 f60001 test byte ptr [rax],1 ds:6b40:00000000`01000000=??

Resetting default scope


LAST_CONTROL_TRANSFER: from fffff80003118a88 to fffff800030cdfc0


STACK_TEXT:  

fffff880`0970a538 fffff800`03118a88 : 00000000`0000001e ffffffff`c0000005 fffff880`0112d251 00000000`00000000 : nt!KeBugCheckEx

fffff880`0970a540 fffff800`030cd642 : fffff880`0970ad18 00000000`00000000 fffff880`0970adc0 fffffa80`077a80e0 : nt! ?? ::FNODOBFM::`string'+0x487ad

fffff880`0970abe0 fffff800`030cc1ba : 00000000`00000000 00000000`01000000 fffffa80`07056200 00000000`00000000 : nt!KiExceptionDispatch+0xc2

fffff880`0970adc0 fffff880`0112d251 : fffffa80`07a9b010 fffffa80`07d3a220 00000000`00000001 00000000`00000000 : nt!KiPageFault+0x23a

fffff880`0970af50 fffff880`010fd6b3 : fffffa80`07d3a220 fffffa80`070e6b40 fffff880`0970b100 fffffa80`07908af0 : fltmgr!FltpCacheCreateNames+0x51

fffff880`0970afd0 fffff880`011152b9 : fffffa80`070562b0 fffffa80`07a9b010 fffffa80`07056200 fffffa80`07908af0 : fltmgr! ?? ::FNODOBFM::`string'+0x2b76

fffff880`0970b060 fffff800`033c7b35 : 00000000`00000060 fffffa80`07133cc8 fffffa80`0717ead8 fffff8a0`000701c0 : fltmgr!FltpCreate+0x2a9

fffff880`0970b110 fffff800`033c43d8 : fffffa80`078d9cd0 fffff800`00000000 fffffa80`07133b10 fffff8a0`00000000 : nt!IopParseDevice+0x5a5

fffff880`0970b2a0 fffff800`033c55f6 : 00000000`00000000 fffffa80`07133b10 fffffa80`0776dfb0 fffffa80`06a95660 : nt!ObpLookupObjectName+0x588

fffff880`0970b390 fffff800`033c6efc : fffffa80`07719280 00000000`00000000 fffffa80`070e6a00 fffff800`031f9fbd : nt!ObOpenObjectByName+0x306

fffff880`0970b460 fffff800`0336e6bb : fffff880`0970b730 fffffa80`00100000 fffff880`0970b768 fffff880`0970b738 : nt!IopCreateFile+0x2bc

fffff880`0970b500 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!IoCreateFileEx+0xfb



STACK_COMMAND: kb


FOLLOWUP_IP: 

fltmgr!FltpCacheCreateNames+51

fffff880`0112d251 f60001 test byte ptr [rax],1


SYMBOL_STACK_INDEX: 4


SYMBOL_NAME: fltmgr!FltpCacheCreateNames+51


FOLLOWUP_NAME: MachineOwner


MODULE_NAME: fltmgr


IMAGE_NAME: fltmgr.sys


DEBUG_FLR_IMAGE_TIMESTAMP: 4ce7929c


FAILURE_BUCKET_ID: X64_0x1E_fltmgr!FltpCacheCreateNames+51


BUCKET_ID: X64_0x1E_fltmgr!FltpCacheCreateNames+51


Followup: MachineOwner

---------

(rgabrysiak) #2

Cześć

Czy masz zainstalowany program antywirusowy Norton? Jeżeli tak odinstaluj go na próbę programem Norton Removal Tool i sprawdź czy problem z Blue Screenem ustąpi.

Pobierz również i zainstaluj program Malwarebytes i przeskanuj system pod kątem infekcji.


(Brozyneq) #3

Nie, i nigdy nie był instalowany, mam tylko Avirę. System jest świeżo po formacie więc nie ma raczej infekcji, dla pewności zainstalowałem Norton Removera, odpaliłem niby usunął wszystko. BSOD dalej występuje.