seit ein paar Monaten kommt bei mir in unregelmäßigen Abständen ein Bluescreen.
Manchmal kommt er mehrmals pro Tag, manchmal kommt er 3 Tage lang nicht.
Laut Windows Debugger ist die tdx.sys daran schuld.
Bei Problemberichte und Lösungen steht nur das:
Zitat
Das Problem ist Kaspersky Lab bekannt; es wird so schnell wie möglich an einer Lösung gearbeitet.
Hier noch das Ergebnis vom Windows Debugger(Falls es jemander interresiert):
Microsoft ® Windows Debugger Version 6.8.0004.0 X86 Copyright © Microsoft Corporation. All rights reserved. Loading Dump File [C:\Windows\MEMORY.DMP] Kernel Summary Dump File: Only kernel address space is available Symbol search path is: SRV*C:\Windows\symbols*http://msdl.microsoft.com/download/symbols Executable search path is: Windows Kernel Version 6001 (Service Pack 1) MP (4 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Built by: 6001.18063.x86fre.vistasp1_gdr.080425-1930 Kernel base = 0x82c4f000 PsLoadedModuleList = 0x82d5c930 Debug session time: Tue Sep 9 08:02:36.121 2008 (GMT+2) System Uptime: 0 days 0:02:17.762 Loading Kernel Symbols .................................................. .................................................. . .................................................. . ....... Loading User Symbols Loading unloaded module list ....... ************************************************** ***************************** * * * Bugcheck Analysis * * * ************************************************** ***************************** Use !analyze -v to get detailed debugging information. BugCheck D1, {0, 2, 0, 0} Probably caused by : tdx.sys ( tdx!TdxEventReceiveMessagesTransportAddress+48e ) Followup: MachineOwner --------- 0: kd> !analyze -v ************************************************** ***************************** * * * Bugcheck Analysis * * * ************************************************** ***************************** DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If kernel debugger is available get stack backtrace. Arguments: Arg1: 00000000, memory referenced Arg2: 00000002, IRQL Arg3: 00000000, value 0 = read operation, 1 = write operation Arg4: 00000000, address which referenced memory Debugging Details: ------------------ READ_ADDRESS: 00000000 CURRENT_IRQL: 2 FAULTING_IP: +0 00000000 ? ? PROCESS_NAME: System DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT BUGCHECK_STR: 0xD1 TRAP_FRAME: 807c89f8 -- (.trap 0xffffffff807c89f8) ErrCode = 00000000 eax=00000016 ebx=807c8b44 ecx=00000000 edx=00000000 esi=87771040 edi=856207e0 eip=00000000 esp=807c8a6c ebp=00000001 iopl=0 nv up ei ng nz ac po nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010292 00000000 ? ? Resetting default scope LAST_CONTROL_TRANSFER: from 00000000 to 82ca9cb4 FAILED_INSTRUCTION_ADDRESS: +0 00000000 ? ? STACK_TEXT: 807c89f8 00000000 badb0d00 00000000 00000000 nt!KiTrap0E+0x2ac WARNING: Frame IP not in any known module. Following frames may be wrong. 807c8a68 86bacded 00000000 00000016 807c8b44 0x0 807c8aa8 8d5992ce 856207e0 00000016 807c8b44 0x86bacded 8d5a61e0 8d5a51dc 00000000 00000000 00000000 tdx!TdxEventReceiveMessagesTransportAddress+0x48e 8d5a7074 0cec83ec 084db60f 531c458b ff335756 tdx!WPP_ThisDir_CTLGUID_NETIO 8d5a7078 084db60f 531c458b ff335756 8909f983 0xcec83ec 8d5a707c 531c458b ff335756 8909f983 3889fc7d 0x84db60f 8d5a7080 ff335756 8909f983 3889fc7d 01ff870f 0x531c458b 8d5a7084 8909f983 3889fc7d 01ff870f b60f0000 0xff335756 8d5a7088 3889fc7d 01ff870f b60f0000 5a72b889 0x8909f983 8d5a708c 01ff870f b60f0000 5a72b889 8d24ff8d 0x3889fc7d 8d5a7090 b60f0000 5a72b889 8d24ff8d 8d5a72a8 0x1ff870f 8d5a7094 5a72b889 8d24ff8d 8d5a72a8 61883d83 0xb60f0000 8d5a7098 8d24ff8d 8d5a72a8 61883d83 8b018d5a 0x5a72b889 8d5a709c 8d5a72a8 61883d83 8b018d5a 5d8b1855 0x8d24ff8d 8d5a70ac 75f28b14 104b8b55 7601f983 1cc96b4d tdx!WppTraceCallback+0x234 8d5a70c8 45c7104d 000023fc c1820fc0 89000001 0x75f28b14 8d5a70cc 00000000 c1820fc0 89000001 e9088933 0x45c7104d STACK_COMMAND: kb FOLLOWUP_IP: tdx!TdxEventReceiveMessagesTransportAddress+48e 8d5992ce 3d160000c0 cmp eax,0C0000016h SYMBOL_STACK_INDEX: 3 SYMBOL_NAME: tdx!TdxEventReceiveMessagesTransportAddress+48e FOLLOWUP_NAME: MachineOwner MODULE_NAME: tdx IMAGE_NAME: tdx.sys DEBUG_FLR_IMAGE_TIMESTAMP: 4549b2fe FAILURE_BUCKET_ID: 0xD1_CODE_AV_NULL_IP_tdx!TdxEventReceiveMessagesTransportAddress+48e BUCKET_ID: 0xD1_CODE_AV_NULL_IP_tdx!TdxEventReceiveMessagesTransportAddress+48e Followup: MachineOwner ---------
Wie kann man das beheben?
Danke im Voraus.
mfg aerouser
Dieser Beitrag wurde von aerouser bearbeitet: 09. September 2008 - 07:24