使用WinDbg分析结果如下：
Windows Server 2003 Kernel Version 3790 (Service Pack 2) MP (2 procs) Free x86 compatible
Product: Server, suite: Enterprise TerminalServer SingleUserTS
Built by: 3790.srv03_sp2_gdr.080813-1204
Kernel base = 0x80800000 PsLoadedModuleList = 0x808af9c8
Debug session time: Sun Mar  1 21:44:01.671 2009 (GMT+8)
System Uptime: 1 days 6:30:02.457

...
BugCheck D1, {c6689ceb, d0000002, 0, b8d25ac4}
...
1: kd> !analyze -v
*******************************************************************************
*                                                                            *
*                        Bugcheck Analysis                                    *
*                                                                            *
*******************************************************************************
DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If kernel debugger is available get stack backtrace.
Arguments:
Arg1: c6689ceb, memory referenced
Arg2: d0000002, IRQL
Arg3: 00000000, value 0 = read operation, 1 = write operation
Arg4: b8d25ac4, address which referenced memory
Debugging Details:
------------------

READ_ADDRESS:  c6689ceb
CURRENT_IRQL:  2
FAULTING_IP:
rfwtdi+ac4
b8d25ac4 390e            cmp    dword ptr [esi],ecx
DEFAULT_BUCKET_ID:  DRIVER_FAULT
BUGCHECK_STR:  0xD1
PROCESS_NAME:  System
TRAP_FRAME:  f78e2a68 -- (.trap 0xfffffffff78e2a68)
ErrCode = 00000000
eax=00000000 ebx=8890cb34 ecx=86dd2f90 edx=888d6738 esi=c6689ceb edi=00000000
eip=b8d25ac4 esp=f78e2adc ebp=f78e2ae8 iopl=0        nv up ei ng nz na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000            efl=00010286
rfwtdi+0xac4:
b8d25ac4 390e            cmp    dword ptr [esi],ecx  ds:0023:c6689ceb=????????
Resetting default scope
LAST_CONTROL_TRANSFER:  from b8d25ac4 to 80836df5
STACK_TEXT: 
f78e2a68 b8d25ac4 badb0d00 888d6738 00000001 nt!KiTrap0E+0x2a7
WARNING: Stack unwind information not available. Following frames may be wrong.
f78e2ae8 f766a7c1 86dd2f90 000000bd b8d27088 rfwtdi+0xac4
f78e2b80 b8d2604c 88b42670 86c352d8 f78e2bac rsfwdrv+0x37c1
f78e2ba0 b8d26944 88b42670 86c352d8 86c35348 rfwtdi+0x104c
f78e2bc0 80840153 88b42670 86c352d8 86c352d8 rfwtdi+0x1944
f78e2bd4 8092ec0a 86dd2f78 89f72730 86dd2f90 nt!IofCallDriver+0x45
f78e2c04 8092b6af 89f8b648 88b42670 0012019f nt!IopCloseFile+0x2ae
f78e2c34 8092b852 89f8b648 00000001 89f72730 nt!ObpDecrementHandleCount+0xcc
f78e2c5c 8092b776 e1000e18 86dd2f90 000033a0 nt!ObpCloseHandleTableEntry+0x131
f78e2ca0 8092b7c1 000033a0 00000000 f78e2cbc nt!ObpCloseHandle+0x82
f78e2cb0 80833bef 800033a0 f78e2d40 8083b01c nt!NtClose+0x1b
f78e2cb0 8083b01c 800033a0 f78e2d40 8083b01c nt!KiFastCallEntry+0xfc
f78e2d2c b951ea59 800033a0 86bdc568 b951ab6b nt!ZwClose+0x11
f78e2d40 b951ead7 86bdc568 b951d788 f78e2d6c afd!AfdFreeConnectionResources+0x28
f78e2d50 b951a330 86bdc5e0 89f88660 88bdfc10 afd!AfdFreeConnection+0x69
f78e2d6c 80922975 88bdfc10 00000000 808b711c afd!AfdDoWork+0x51
f78e2d80 8082db10 88bbb3d8 00000000 89f88660 nt!IopProcessWorkItem+0x13
f78e2dac 80920833 88bbb3d8 00000000 00000000 nt!ExpWorkerThread+0xeb
f78e2ddc 8083fe9f 8082da53 00000001 00000000 nt!PspSystemThreadStartup+0x2e
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16

STACK_COMMAND:  kb
FOLLOWUP_IP:
rfwtdi+ac4
b8d25ac4 390e            cmp    dword ptr [esi],ecx
SYMBOL_STACK_INDEX:  1
SYMBOL_NAME:  rfwtdi+ac4
FOLLOWUP_NAME:  MachineOwner
MODULE_NAME: rfwtdi
IMAGE_NAME:  rfwtdi.sys
DEBUG_FLR_IMAGE_TIMESTAMP:  49755d65
FAILURE_BUCKET_ID:  0xD1_rfwtdi+ac4
BUCKET_ID:  0xD1_rfwtdi+ac4
Followup: MachineOwner
---------
1: kd> .trap 0xfffffffff78e2a68
ErrCode = 00000000
eax=00000000 ebx=8890cb34 ecx=86dd2f90 edx=888d6738 esi=c6689ceb edi=00000000
eip=b8d25ac4 esp=f78e2adc ebp=f78e2ae8 iopl=0        nv up ei ng nz na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000            efl=00010286
rfwtdi+0xac4:
b8d25ac4 390e            cmp    dword ptr [esi],ecx  ds:0023:c6689ceb=????????

使用光盘安装的瑞星2009，下面是内存转储的链接：
http://www.hexun.com.cn/dmp/MEMORY.rar

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 1.1.4322; MAXTHON 2.0)

什么系统？
先用：http://bbs.ikaka.com/showtopic-8404665.aspx这里的附件检测看看是不是冲突了

请提供防火墙版本号，以及防火墙目录下（默认为C:\Program Files\Rising\Rfw)rfwtdi.sys这个文件的版本号。

详细描述在做什么操作后重启的？

看不懂啊`！

windows2003Server的服务器，几乎每天重启，上面有几个tomcat的站点

什么时候能提供解决方案啊，服务器几乎每天重启,急！！！！！

你们分析了我提供的内存转储文件没有啊？？？

大部分都是在夜晚重启的，第二天早上来了发现重启了

该用户帖子内容已被屏蔽