TechSpot

info from minidump

By jcriver442
Jul 2, 2007
  1. ok I used the dumpchk.exe to read the mini dump file this what it said
    Loading dump file C:\WINDOWS\Minidump\Mini070207-01.dmp
    ----- 32 bit Kernel Mini Dump Analysis

    DUMP_HEADER32:
    MajorVersion 0000000f
    MinorVersion 00000a28
    DirectoryTableBase 1d66c000
    PfnDataBase 81a13000
    PsLoadedModuleList 8055a620
    PsActiveProcessHead 805606d8
    MachineImageType 0000014c
    NumberProcessors 00000001
    BugCheckCode 10000050
    BugCheckParameter1 8effe1c0
    BugCheckParameter2 00000000
    BugCheckParameter3 804ec9f6
    BugCheckParameter4 00000000
    PaeEnabled 00000000
    KdDebuggerDataBlock 8054c260
    MiniDumpFields 00000dff

    TRIAGE_DUMP32:
    ServicePackBuild 00000200
    SizeOfDump 00010000
    ValidOffset 0000fffc
    ContextOffset 00000320
    ExceptionOffset 000007d0
    MmOffset 00001068
    UnloadedDriversOffset 000010a0
    PrcbOffset 00001878
    ProcessOffset 000024c8
    ThreadOffset 00002728
    CallStackOffset 00002980
    SizeOfCallStack 00000810
    DriverListOffset 00003420
    DriverCount 00000097
    StringPoolOffset 000060f8
    StringPoolSize 00001508
    BrokenDriverOffset 00000000
    TriageOptions 00000041
    TopOfStack b6dc37f0
    DebuggerDataOffset 00003190
    DebuggerDataSize 00000290
    DataBlocksOffset 00007600
    DataBlocksCount 00000005


    Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible
    Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055a620
    Debug session time: Mon Jul 02 10:10:30 2007
    System Uptime: 0 days 0:04:00
    start end module name
    804d7000 806eb500 nt Checksum: 0021EF64 Timestamp: Wed Feb 28 04:
    10:41 2007 (45E54711)

    Unloaded modules:
    b6cb1000 b6cdc000 kmixer.sys Timestamp: unavailable (00000000)
    f7bc4000 f7bc6000 MSPQM.sys Timestamp: unavailable (00000000)
    b7d67000 b7d92000 kmixer.sys Timestamp: unavailable (00000000)
    f7d9c000 f7d9d000 drmkaud.sys Timestamp: unavailable (00000000)
    b7f27000 b7f34000 DMusic.sys Timestamp: unavailable (00000000)
    f7153000 f7161000 swmidi.sys Timestamp: unavailable (00000000)
    b7d92000 b7db5000 aec.sys Timestamp: unavailable (00000000)
    f7b8e000 f7b90000 splitter.sys Timestamp: unavailable (00000000)
    f7b2a000 f7b2e000 kbdhid.sys Timestamp: unavailable (00000000)
    f7a2e000 f7a33000 Cdaudio.SYS Timestamp: unavailable (00000000)
    f7b26000 f7b29000 Sfloppy.SYS Timestamp: unavailable (00000000)

    Finished dump check

    C:\Program Files\Support Tools>.

    where in this does it tell you what the problem is?
     
  2. jcriver442

    jcriver442 TS Rookie Topic Starter Posts: 35

    just ran a debugging this came up

    C:\Program Files\Support Tools> cd\program files\debugging tools for windows\

    C:\Program Files\Debugging Tools for Windows>kd -z C:\WINDOWS\Minidump\Mini07020
    7-01.dmp

    Microsoft (R) Windows Debugger Version 6.6.0007.5
    Copyright (c) Microsoft Corporation. All rights reserved.


    Loading Dump File [C:\WINDOWS\Minidump\Mini070207-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available

    Symbol search path is: *** Invalid ***
    ****************************************************************************
    * Symbol loading may be unreliable without a symbol search path. *
    * Use .symfix to have the debugger choose a symbol path. *
    * After setting your symbol path, use .reload to refresh symbol locations. *
    ****************************************************************************
    Executable search path is:
    *********************************************************************
    * Symbols can not be loaded because symbol path is not initialized. *
    * *
    * The Symbol Path can be set by: *
    * using the _NT_SYMBOL_PATH environment variable. *
    * using the -y <symbol_path> argument when starting the debugger. *
    * using .sympath and .sympath+ *
    *********************************************************************
    Unable to load image ntoskrnl.exe, Win32 error 2
    *** WARNING: Unable to verify timestamp for ntoskrnl.exe
    *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.ex
    e
    Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS
    Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055a620
    Debug session time: Mon Jul 2 10:10:30.906 2007 (GMT-4)
    System Uptime: 0 days 0:04:00.474
    *********************************************************************
    * Symbols can not be loaded because symbol path is not initialized. *
    * *
    * The Symbol Path can be set by: *
    * using the _NT_SYMBOL_PATH environment variable. *
    * using the -y <symbol_path> argument when starting the debugger. *
    * using .sympath and .sympath+ *
    *********************************************************************
    Unable to load image ntoskrnl.exe, Win32 error 2
    *** WARNING: Unable to verify timestamp for ntoskrnl.exe
    *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.ex
    e
    Loading Kernel Symbols
    ................................................................................
    ......................................................................
    Loading User Symbols
    Loading unloaded module list
    ...........
    *******************************************************************************
    * *
    * Bugcheck Analysis *
    * *
    *******************************************************************************

    Use !analyze -v to get detailed debugging information.

    BugCheck 10000050, {8effe1c0, 0, 804ec9f6, 0}

    ***** Kernel symbols are WRONG. Please fix symbols to do analysis.

    ***** Kernel symbols are WRONG. Please fix symbols to do analysis.

    *************************************************************************
    *** ***
    *** ***
    *** Your debugger is not using the correct symbols ***
    *** ***
    *** In order for this command to work properly, your symbol path ***
    *** must point to .pdb files that have full type information. ***
    *** ***
    *** Certain .pdb files (such as the public OS symbols) do not ***
    *** contain the required information. Contact the group that ***
    *** provided you with these symbols if you need this command to ***
    *** work. ***
    *** ***
    *** Type referenced: nt!_KPRCB ***
    *** ***
    *************************************************************************
    *************************************************************************
    *** ***
    *** ***
    *** Your debugger is not using the correct symbols ***
    *** ***
    *** In order for this command to work properly, your symbol path ***
    *** must point to .pdb files that have full type information. ***
    *** ***
    *** Certain .pdb files (such as the public OS symbols) do not ***
    *** contain the required information. Contact the group that ***
    *** provided you with these symbols if you need this command to ***
    *** work. ***
    *** ***
    *** Type referenced: nt!KPRCB ***
    *** ***
    *************************************************************************
    *************************************************************************
    *** ***
    *** ***
    *** Your debugger is not using the correct symbols ***
    *** ***
    *** In order for this command to work properly, your symbol path ***
    *** must point to .pdb files that have full type information. ***
    *** ***
    *** Certain .pdb files (such as the public OS symbols) do not ***
    *** contain the required information. Contact the group that ***
    *** provided you with these symbols if you need this command to ***
    *** work. ***
    *** ***
    *** Type referenced: nt!_KPRCB ***
    *** ***
    *************************************************************************
    *************************************************************************
    *** ***
    *** ***
    *** Your debugger is not using the correct symbols ***
    *** ***
    *** In order for this command to work properly, your symbol path ***
    *** must point to .pdb files that have full type information. ***
    *** ***
    *** Certain .pdb files (such as the public OS symbols) do not ***
    *** contain the required information. Contact the group that ***
    *** provided you with these symbols if you need this command to ***
    *** work. ***
    *** ***
    *** Type referenced: nt!KPRCB ***
    *** ***
    *************************************************************************
    *************************************************************************
    *** ***
    *** ***
    *** Your debugger is not using the correct symbols ***
    *** ***
    *** In order for this command to work properly, your symbol path ***
    *** must point to .pdb files that have full type information. ***
    *** ***
    *** Certain .pdb files (such as the public OS symbols) do not ***
    *** contain the required information. Contact the group that ***
    *** provided you with these symbols if you need this command to ***
    *** work. ***
    *** ***
    *** Type referenced: nt!_KPRCB ***
    *** ***
    *************************************************************************
    *** WARNING: Unable to verify timestamp for cmdmon.sys
    *** ERROR: Module load completed but symbols could not be loaded for cmdmon.sys
    Probably caused by : cmdmon.sys ( cmdmon+8d7e )

    Followup: MachineOwner
    ---------

    kd>

    what is it telling me?
     
  3. mickzer

    mickzer TS Rookie Posts: 101

  4. jcriver442

    jcriver442 TS Rookie Topic Starter Posts: 35

    Ok that is what I thought from what I was reading the comodo is going trying zonealarm now and changing to AVG.Hope this works.
     
  5. jcriver442

    jcriver442 TS Rookie Topic Starter Posts: 35

    What does this mean ?
    Unable to load image ntoskrnl.exe, Win32 error 2
    *** WARNING: Unable to verify timestamp for ntoskrnl.exe
    *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.ex
     
  6. Tedster

    Tedster Techspot old timer..... Posts: 6,000   +15

  7. jcriver442

    jcriver442 TS Rookie Topic Starter Posts: 35

    Ok I think I have learned how to read the dumps now need a little help on fixxing it.on my other PC it dumped last night I used the debugging tools it said tcpip.sys was the cause.Now I have to cards on this PC one is onboard the other a wireless card.I have disabled on board in windows device manager.should I just disable it in the Bois so it does not show up?Could it be causing a conflict with the other card?

    P.S I install Avg anti-virus on my main PCyesterday so far no BSOD will keep fingers crossed.Thank you guys for all your help
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...