BSOD com o Windows 7

0

Estou com um problema de BSOD aleatório. O que significa que o computador é iniciado e executado, mas a qualquer momento ele falha. Os registros dizem que o poder do kernel não me ajuda. Eu tenho o arquivo de despejo que eu não consigo ler, mas parece que o arquivo cng.sys está causando o problema, mas não tenho certeza. Você pode ajudar? obrigado Don

************************************

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Windows\Minidump1614-52500-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.18247.x86fre.win7sp1_gdr.130828-1532
Machine Name:
Kernel base = 0x8304e000 PsLoadedModuleList = 0x8318e230
Debug session time: Mon Jun 16 19:57:33.844 2014 (UTC - 5:00)
System Uptime: 0 days 1:52:20.000
Loading Kernel Symbols
...............................................................
................................................................
.........................................................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck A, {8e25f65c, 2, 0, 830e571f}

Probably caused by : cng.sys ( cng!GatherRandomKey+2d8 )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 8e25f65c, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, bitfield :
    bit 0 : value 0 = read operation, 1 = write operation
    bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: 830e571f, address which referenced memory

Debugging Details:
------------------


READ_ADDRESS: GetPointerFromAddress: unable to read from 831ad82c
Unable to read MiSystemVaType memory at 8318dd80
 8e25f65c 

CURRENT_IRQL:  2

FAULTING_IP: 
nt!ExpGetLookasideInformation+1a8
830e571f 668b51d4        mov     dx,word ptr [ecx-2Ch]

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0xA

PROCESS_NAME:  System

TRAP_FRAME:  80e49374 -- (.trap 0xffffffff80e49374)
ErrCode = 00000000
eax=83180c40 ebx=8301a700 ecx=8e25f688 edx=000002cb esi=9024bac0 edi=83180c48
eip=830e571f esp=80e493e8 ebp=80e49408 iopl=0         nv up ei pl nz na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010206
nt!ExpGetLookasideInformation+0x1a8:
830e571f 668b51d4        mov     dx,word ptr [ecx-2Ch]    ds:0023:8e25f65c=0000
Resetting default scope

LAST_CONTROL_TRANSFER:  from 830e571f to 83086b0f

STACK_TEXT:  
80e49374 830e571f badb0d00 000002cb 832b566c nt!KiTrap0E+0x1b3
80e49408 832488b3 0001fea0 80e49844 d0a25181 nt!ExpGetLookasideInformation+0x1a8
80e49874 832469b3 0000002d 00000000 00000000 nt!ExpQuerySystemInformation+0x1ef6
80e49890 83083856 0000002d 8a5b8160 0001fea0 nt!NtQuerySystemInformation+0x76
80e49890 83082229 0000002d 8a5b8160 0001fea0 nt!KiSystemServicePostCall
80e49918 8c9d2331 0000002d 8a5b8160 0001fea0 nt!ZwQuerySystemInformation+0x11
80e49c78 8c9af15e 00000000 00000000 80e49c98 cng!GatherRandomKey+0x2d8
80e49cdc 8c9af1bf 00000000 80e49d00 8323b764 cng!ReadExternalEntropyIntoPool+0x1a6
80e49ce8 8323b764 868f0b30 00000000 87ea4a30 cng!scavengingWorkItemRoutine+0x15
80e49d00 830a93ab 87ea4a30 00000000 85c67d48 nt!IopProcessWorkItem+0x2d
80e49d50 8323653a 00000001 d0a25465 00000000 nt!ExpWorkerThread+0x10d
80e49d90 830d7899 830a929e 00000001 00000000 nt!PspSystemThreadStartup+0x9e
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x19


STACK_COMMAND:  kb

FOLLOWUP_IP: 
cng!GatherRandomKey+2d8
8c9d2331 85c0            test    eax,eax

SYMBOL_STACK_INDEX:  6

SYMBOL_NAME:  cng!GatherRandomKey+2d8

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: cng

IMAGE_NAME:  cng.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  501946b4

FAILURE_BUCKET_ID:  0xA_cng!GatherRandomKey+2d8

BUCKET_ID:  0xA_cng!GatherRandomKey+2d8

Followup: MachineOwner
---------

1: kd> .trap 0xffffffff80e49374
ErrCode = 00000000
eax=83180c40 ebx=8301a700 ecx=8e25f688 edx=000002cb esi=9024bac0 edi=83180c48
eip=830e571f esp=80e493e8 ebp=80e49408 iopl=0         nv up ei pl nz na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010206
nt!ExpGetLookasideInformation+0x1a8:
830e571f 668b51d4        mov     dx,word ptr [ecx-2Ch]    ds:0023:8e25f65c=0000
1: kd> .trap 0xffffffff80e49374
ErrCode = 00000000
eax=83180c40 ebx=8301a700 ecx=8e25f688 edx=000002cb esi=9024bac0 edi=83180c48
eip=830e571f esp=80e493e8 ebp=80e49408 iopl=0         nv up ei pl nz na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010206
nt!ExpGetLookasideInformation+0x1a8:
830e571f 668b51d4        mov     dx,word ptr [ecx-2Ch]    ds:0023:8e25f65c=0000
1: kd> lmvm cng
start    end        module name
8c9a9000 8ca06000   cng        (pdb symbols)          c:\symbols\cng.pdb318E25132E4F568034FB43F84B841D1\cng.pdb
    Loaded symbol image file: cng.sys
    Mapped memory image file: c:\symbols\cng.sys1946B45d000\cng.sys
    Image path: \SystemRoot\System32\Drivers\cng.sys
    Image name: cng.sys
    Timestamp:        Wed Aug 01 10:09:40 2012 (501946B4)
    CheckSum:         00066FD9
    ImageSize:        0005D000
    File version:     6.1.7601.17919
    Product version:  6.1.7601.17919
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        3.7 Driver
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     cng.sys
    OriginalFilename: cng.sys
    ProductVersion:   6.1.7601.17919
    FileVersion:      6.1.7601.17919 (win7sp1_gdr.120801-0333)
    FileDescription:  Kernel Cryptography, Next Generation
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
    
por user338377 25.06.2014 / 01:03

2 respostas

0

Se você conseguir inicializar o computador, sugiro abrir o prompt de comando como administrador e executando:

sfc /scannow
    
por 25.06.2014 / 01:21
0

Parece que o arquivo cng.sys foi corrompido e, devido a isso, você está ficando com a tela azul. Se você conseguir acessar o prompt de comando com privilégios de administrador, execute a ferramenta Verificador de arquivos do sistema .

sfc/ scannow

É uma boa ferramenta para reparar arquivos ausentes ou corrompidos. Caso contrário, use Startup Repair caso você não consiga acessar o prompt de comando.

Se essas etapas não corrigirem o problema, reinicie o computador e inicialize no Opções Avançadas de Inicialização . Desta vez, selecione Desativar reinicialização automática na falha do sistema.

    
por 25.06.2014 / 08:20