计算机蓝屏分析报告,Win7 又蓝屏了 附上分析报告，高手帮我看看！

Win7 又蓝屏了 附上分析报告，高手帮我看看！

Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64

Copyright (c) Microsoft Corporation. All rights reserved.

Loading Dump File [C:\Users\无心圆\Desktop\090910-34039-01.dmp]

Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\temp*http://msdl.microsoft.com/download/symbols

Executable search path is:

Windows 7 Kernel Version 7600 MP (2 procs) Free x64

Product: WinNt, suite: TerminalServer SingleUserTS

Built by: 7600.16617.amd64fre.win7_gdr.100618-1621

Machine Name:

Kernel base = 0xfffff800`04a55000 PsLoadedModuleList = 0xfffff800`04c92e50

Debug session time: Thu Sep  9 19:03:45.167 2010 (GMT+8)

System Uptime: 0 days 6:12:09.774

Loading Kernel Symbols

.

Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.

Run !sym noisy before .reload to track down problems loading symbols.

..............................................................

................................................................

................................................................

.......

Loading User Symbols

Loading unloaded module list

...............

*******************************************************************************

*                                                                             *

*                        Bugcheck Analysis                                    *

*                                                                             *

*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 50, {fffffa0000000002, 0, fffff80004d9910a, 7}

Could not read faulting driver name

Probably caused by : ntkrnlmp.exe ( nt!SeCaptureSecurityDescriptor+705 )

Followup: MachineOwner

---------

0: kd> !analyze -v

*******************************************************************************

*                                                                             *

*                        Bugcheck Analysis                                    *

*                                                                             *

*******************************************************************************

PAGE_FAULT_IN_NONPAGED_AREA (50)

Invalid system memory was referenced.  This cannot be protected by try-except,

it must be protected by a Probe.  Typically the address is just plain bad or it

is pointing at freed memory.

Arguments:

Arg1: fffffa0000000002, memory referenced.

Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.

Arg3: fffff80004d9910a, If non-zero, the instruction address which referenced the bad memory

address.

Arg4: 0000000000000007, (reserved)

Debugging Details:

------------------

Could not read faulting driver name

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80004cfd0e0

fffffa0000000002

FAULTING_IP:

nt!SeCaptureSecurityDescriptor+705

fffff800`04d9910a 440fb76e02      movzx   r13d,word ptr [rsi+2]

MM_INTERNAL_CODE:  7

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x50

PROCESS_NAME:  System

CURRENT_IRQL:  0

TRAP_FRAME:  fffff880047b23a0 -- (.trap 0xfffff880047b23a0)

NOTE: The trap frame does not contain all registers.

Some register values may be zeroed or incorrect.

rax=0000000000000000 rbx=0000000000000000 rcx=fffff8a0018af598

rdx=000007ffffff0000 rsi=0000000000000000 rdi=0000000000000000

rip=fffff80004d9910a rsp=fffff880047b2530 rbp=ffffffff80005b3c

r8=0000000000000000  r9=0000000000000000 r10=7d35443600000000

r11=0000000000000000 r12=0000000000000000 r13=0000000000000000

r14=0000000000000000 r15=0000000000000000

iopl=0         nv up ei pl zr na po nc

nt!SeCaptureSecurityDescriptor+0x705:

fffff800`04d9910a 440fb76e02      movzx   r13d,word ptr [rsi+2] ds:0002:00000000`00000002=????

Resetting default scope

LOCK_ADDRESS:  fffff80004cc9400 -- (!locks fffff80004cc9400)

Resource @ nt!PiEngineLock (0xfffff80004cc9400)    Available

WARNING: SystemResourcesList->Flink chain invalid. Resource may be corrupted, or already deleted.

WARNING: SystemResourcesList->Blink chain invalid. Resource may be corrupted, or already deleted.

1 total locks

PNP_TRIAGE:

Lock address  : 0xfffff80004cc9400

Thread Count  : 0

Thread address: 0x0000000000000000

Thread wait   : 0x0

LAST_CONTROL_TRANSFER:  from fffff80004b44849 to fffff80004ac5740

STACK_TEXT:

fffff880`047b2238 fffff800`04b44849 : 00000000`00000050 fffffa00`00000002 00000000`00000000 fffff880`047b23a0 : nt!KeBugCheckEx

fffff880`047b2240 fffff800`04ac382e : 00000000`00000000 00000000`00000000 fffff880`00000000 fffff8a0`018af570 : nt! ?? ::FNODOBFM::`string'+0x40e0b

fffff880`047b23a0 fffff800`04d9910a : 00000000`00000000 00000000`20206f49 00000000`00000000 00000000`00000000 : nt!KiPageFault+0x16e

fffff880`047b2530 fffff800`04e70228 : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000100 : nt!SeCaptureSecurityDescriptor+0x705

fffff880`047b2610 fffff800`04ea6ce1 : fffff880`047b2708 fffff880`00000002 fffffa80`00000001 fffff8a0`018af570 : nt!PipGetRegistrySecurityWithFallback+0xd8

fffff880`047b26b0 fffff800`04eb0ea3 : fffffa80`047ff250 fffffa80`047ff250 fffff8a0`01862d30 fffffa80`0217ca30 : nt!PipChangeDeviceObjectFromRegistryProperties+0x161

fffff880`047b27a0 fffff800`04eb2362 : fffffa80`0217ca30 fffffa80`0217ca30 00000000`00000000 fffffa80`01f20290 : nt!PipCallDriverAddDevice+0x733

fffff880`047b2950 fffff800`04eb28d8 : fffffa80`01a26770 00000000`00000000 00000000`00000000 00000000`00000000 : nt!PipProcessDevNodeTree+0x2b2

fffff880`047b2bc0 fffff800`04bc73a7 : 00000001`00000003 00000000`00000000 00000000`00000001 00000000`00000084 : nt!PiProcessReenumeration+0x98

fffff880`047b2c10 fffff800`04ad2961 : fffff800`04bc7080 fffff800`04dc1c01 fffffa80`017bab00 fffffa80`017bab60 : nt!PnpDeviceActionWorker+0x327

fffff880`047b2cb0 fffff800`04d69c06 : 9000612e`322e7376 fffffa80`017bab60 00000000`00000080 fffffa80`0179d040 : nt!ExpWorkerThread+0x111

fffff880`047b2d40 fffff800`04aa3c26 : fffff880`009ea180 fffffa80`017bab60 fffff880`009f4f40 315f7370`9000345f : nt!PspSystemThreadStartup+0x5a

fffff880`047b2d80 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxStartSystemThread+0x16

STACK_COMMAND:  kb

FOLLOWUP_IP:

nt!SeCaptureSecurityDescriptor+705

fffff800`04d9910a 440fb76e02      movzx   r13d,word ptr [rsi+2]

SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  nt!SeCaptureSecurityDescriptor+705

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4c1c44a9

FAILURE_BUCKET_ID:  X64_0x50_nt!SeCaptureSecurityDescriptor+705

BUCKET_ID:  X64_0x50_nt!SeCaptureSecurityDescriptor+705

Followup: MachineOwner

---------

0: kd> .trap 0xfffff880047b23a0

NOTE: The trap frame does not contain all registers.

Some register values may be zeroed or incorrect.

rax=0000000000000000 rbx=0000000000000000 rcx=fffff8a0018af598

rdx=000007ffffff0000 rsi=0000000000000000 rdi=0000000000000000

rip=fffff80004d9910a rsp=fffff880047b2530 rbp=ffffffff80005b3c

r8=0000000000000000  r9=0000000000000000 r10=7d35443600000000

r11=0000000000000000 r12=0000000000000000 r13=0000000000000000

r14=0000000000000000 r15=0000000000000000

iopl=0         nv up ei pl zr na po nc

nt!SeCaptureSecurityDescriptor+0x705:

fffff800`04d9910a 440fb76e02      movzx   r13d,word ptr [rsi+2] ds:0002:00000000`00000002=????

看来半天也不知道是什么问题，高手帮我看看！