Se você conseguir inicializar o computador, sugiro abrir o prompt de comando como administrador e executando:
sfc /scannow
Estou com um problema de BSOD aleatório. O que significa que o computador é iniciado e executado, mas a qualquer momento ele falha. Os registros dizem que o poder do kernel não me ajuda. Eu tenho o arquivo de despejo que eu não consigo ler, mas parece que o arquivo cng.sys está causando o problema, mas não tenho certeza. Você pode ajudar? obrigado Don
************************************
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump1614-52500-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.18247.x86fre.win7sp1_gdr.130828-1532
Machine Name:
Kernel base = 0x8304e000 PsLoadedModuleList = 0x8318e230
Debug session time: Mon Jun 16 19:57:33.844 2014 (UTC - 5:00)
System Uptime: 0 days 1:52:20.000
Loading Kernel Symbols
...............................................................
................................................................
.........................................................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck A, {8e25f65c, 2, 0, 830e571f}
Probably caused by : cng.sys ( cng!GatherRandomKey+2d8 )
Followup: MachineOwner
---------
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 8e25f65c, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: 830e571f, address which referenced memory
Debugging Details:
------------------
READ_ADDRESS: GetPointerFromAddress: unable to read from 831ad82c
Unable to read MiSystemVaType memory at 8318dd80
8e25f65c
CURRENT_IRQL: 2
FAULTING_IP:
nt!ExpGetLookasideInformation+1a8
830e571f 668b51d4 mov dx,word ptr [ecx-2Ch]
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0xA
PROCESS_NAME: System
TRAP_FRAME: 80e49374 -- (.trap 0xffffffff80e49374)
ErrCode = 00000000
eax=83180c40 ebx=8301a700 ecx=8e25f688 edx=000002cb esi=9024bac0 edi=83180c48
eip=830e571f esp=80e493e8 ebp=80e49408 iopl=0 nv up ei pl nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206
nt!ExpGetLookasideInformation+0x1a8:
830e571f 668b51d4 mov dx,word ptr [ecx-2Ch] ds:0023:8e25f65c=0000
Resetting default scope
LAST_CONTROL_TRANSFER: from 830e571f to 83086b0f
STACK_TEXT:
80e49374 830e571f badb0d00 000002cb 832b566c nt!KiTrap0E+0x1b3
80e49408 832488b3 0001fea0 80e49844 d0a25181 nt!ExpGetLookasideInformation+0x1a8
80e49874 832469b3 0000002d 00000000 00000000 nt!ExpQuerySystemInformation+0x1ef6
80e49890 83083856 0000002d 8a5b8160 0001fea0 nt!NtQuerySystemInformation+0x76
80e49890 83082229 0000002d 8a5b8160 0001fea0 nt!KiSystemServicePostCall
80e49918 8c9d2331 0000002d 8a5b8160 0001fea0 nt!ZwQuerySystemInformation+0x11
80e49c78 8c9af15e 00000000 00000000 80e49c98 cng!GatherRandomKey+0x2d8
80e49cdc 8c9af1bf 00000000 80e49d00 8323b764 cng!ReadExternalEntropyIntoPool+0x1a6
80e49ce8 8323b764 868f0b30 00000000 87ea4a30 cng!scavengingWorkItemRoutine+0x15
80e49d00 830a93ab 87ea4a30 00000000 85c67d48 nt!IopProcessWorkItem+0x2d
80e49d50 8323653a 00000001 d0a25465 00000000 nt!ExpWorkerThread+0x10d
80e49d90 830d7899 830a929e 00000001 00000000 nt!PspSystemThreadStartup+0x9e
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19
STACK_COMMAND: kb
FOLLOWUP_IP:
cng!GatherRandomKey+2d8
8c9d2331 85c0 test eax,eax
SYMBOL_STACK_INDEX: 6
SYMBOL_NAME: cng!GatherRandomKey+2d8
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: cng
IMAGE_NAME: cng.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 501946b4
FAILURE_BUCKET_ID: 0xA_cng!GatherRandomKey+2d8
BUCKET_ID: 0xA_cng!GatherRandomKey+2d8
Followup: MachineOwner
---------
1: kd> .trap 0xffffffff80e49374
ErrCode = 00000000
eax=83180c40 ebx=8301a700 ecx=8e25f688 edx=000002cb esi=9024bac0 edi=83180c48
eip=830e571f esp=80e493e8 ebp=80e49408 iopl=0 nv up ei pl nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206
nt!ExpGetLookasideInformation+0x1a8:
830e571f 668b51d4 mov dx,word ptr [ecx-2Ch] ds:0023:8e25f65c=0000
1: kd> .trap 0xffffffff80e49374
ErrCode = 00000000
eax=83180c40 ebx=8301a700 ecx=8e25f688 edx=000002cb esi=9024bac0 edi=83180c48
eip=830e571f esp=80e493e8 ebp=80e49408 iopl=0 nv up ei pl nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206
nt!ExpGetLookasideInformation+0x1a8:
830e571f 668b51d4 mov dx,word ptr [ecx-2Ch] ds:0023:8e25f65c=0000
1: kd> lmvm cng
start end module name
8c9a9000 8ca06000 cng (pdb symbols) c:\symbols\cng.pdb318E25132E4F568034FB43F84B841D1\cng.pdb
Loaded symbol image file: cng.sys
Mapped memory image file: c:\symbols\cng.sys1946B45d000\cng.sys
Image path: \SystemRoot\System32\Drivers\cng.sys
Image name: cng.sys
Timestamp: Wed Aug 01 10:09:40 2012 (501946B4)
CheckSum: 00066FD9
ImageSize: 0005D000
File version: 6.1.7601.17919
Product version: 6.1.7601.17919
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 3.7 Driver
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: cng.sys
OriginalFilename: cng.sys
ProductVersion: 6.1.7601.17919
FileVersion: 6.1.7601.17919 (win7sp1_gdr.120801-0333)
FileDescription: Kernel Cryptography, Next Generation
LegalCopyright: © Microsoft Corporation. All rights reserved.
Se você conseguir inicializar o computador, sugiro abrir o prompt de comando como administrador e executando:
sfc /scannow
Parece que o arquivo cng.sys
foi corrompido e, devido a isso, você está ficando com a tela azul. Se você conseguir acessar o prompt de comando com privilégios de administrador, execute a ferramenta Verificador de arquivos do sistema .
sfc/ scannow
É uma boa ferramenta para reparar arquivos ausentes ou corrompidos.
Caso contrário, use Startup Repair
caso você não consiga acessar o prompt de comando.
Se essas etapas não corrigirem o problema, reinicie o computador e inicialize no Opções Avançadas de Inicialização . Desta vez, selecione Desativar reinicialização automática na falha do sistema.