1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

help with dmp file

Discussion in 'Hardware' started by LWAL0767, Jan 19, 2011.

Thread Status:
Not open for further replies.
  1. LWAL0767

    LWAL0767 Thread Starter

    Joined:
    Jan 19, 2011
    Messages:
    2
    This is just one of many dmp files when receiving the blue screen over the past few days. I know it is most likely a driver issue. But need your help with the decipher.

    I have Windows 7/64-bit system.

    I would like to correct this without having to send in my computer and not having it for 2 weeks. I also have other dmp files from previous times when computer shut down unexpectantly.

    I am fairly good at working on computers but a step by step approach would be wonderful. I appreciate any kind of help with this issue. Once I tackle this one, I will take a look at the other dmp files and hopefully, all read the same and it is an easy fix!

    Please let me know if you need any more info.

    Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
    Copyright (c) Microsoft Corporation. All rights reserved.

    Loading Dump File [C:\Documents and Settings\lwalter\My Documents\011811-31028-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available
    WARNING: Whitespace at end of path element
    Symbol search path is: SRV*C:\tempfolder*http://msdl.microsoft.com/download/symbols http://msdl.microsoft.com/download/symbols
    Executable search path is:
    Unable to load image ntoskrnl.exe, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for ntoskrnl.exe
    *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
    Windows 7 Kernel Version 7600 MP (4 procs) Free x64
    Product: WinNt, suite: TerminalServer SingleUserTS Personal
    Machine Name:
    Kernel base = 0xfffff800`02a17000 PsLoadedModuleList = 0xfffff800`02c54e50
    Debug session time: Tue Jan 18 05:28:24.939 2011 (UTC - 5:00)
    System Uptime: 0 days 6:40:31.359
    Unable to load image ntoskrnl.exe, Win32 error 0n2
    *** WARNING: Unable to verify timestamp for ntoskrnl.exe
    *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
    Loading Kernel Symbols
    ..
    Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
    Run !sym noisy before .reload to track down problems loading symbols.
    .............................................................
    ................................................................
    ..................
    Loading User Symbols
    Loading unloaded module list
    ........
    *******************************************************************************
    * *
    * Bugcheck Analysis *
    * *
    *******************************************************************************
    Use !analyze -v to get detailed debugging information.
    BugCheck A, {28, 2, 0, fffff80002ac9518}
    ***** Kernel symbols are WRONG. Please fix symbols to do analysis.
    *************************************************************************
    *** ***
    *** ***
    *** Your debugger is not using the correct symbols ***
    *** ***
    *** In order for this command to work properly, your symbol path ***
    *** must point to .pdb files that have full type information. ***
    *** ***
    *** Certain .pdb files (such as the public OS symbols) do not ***
    *** contain the required information. Contact the group that ***
    *** provided you with these symbols if you need this command to ***
    *** work. ***
    *** ***
    *** Type referenced: nt!_KPRCB ***
    *** ***
    *************************************************************************
    *************************************************************************
    *** ***
    *** ***
    *** Your debugger is not using the correct symbols ***
    *** ***
    *** In order for this command to work properly, your symbol path ***
    *** must point to .pdb files that have full type information. ***
    *** ***
    *** Certain .pdb files (such as the public OS symbols) do not ***
    *** contain the required information. Contact the group that ***
    *** provided you with these symbols if you need this command to ***
    *** work. ***
    *** ***
    *** Type referenced: nt!_KPRCB ***
    *** ***
    *************************************************************************
    *************************************************************************
    *** ***
    *** ***
    *** Your debugger is not using the correct symbols ***
    *** ***
    *** In order for this command to work properly, your symbol path ***
    *** must point to .pdb files that have full type information. ***
    *** ***
    *** Certain .pdb files (such as the public OS symbols) do not ***
    *** contain the required information. Contact the group that ***
    *** provided you with these symbols if you need this command to ***
    *** work. ***
    *** ***
    *** Type referenced: nt!_KPRCB ***
    *** ***
    *************************************************************************
    Probably caused by : ntoskrnl.exe ( nt+b2518 )
    Followup: MachineOwner
    ---------
    3: kd> !analyze -v
    *******************************************************************************
    * *
    * Bugcheck Analysis *
    * *
    *******************************************************************************
    IRQL_NOT_LESS_OR_EQUAL (a)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high. This is usually
    caused by drivers using improper addresses.
    If a kernel debugger is available get the stack backtrace.
    Arguments:
    Arg1: 0000000000000028, memory referenced
    Arg2: 0000000000000002, IRQL
    Arg3: 0000000000000000, bitfield :
    bit 0 : value 0 = read operation, 1 = write operation
    bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
    Arg4: fffff80002ac9518, address which referenced memory
    Debugging Details:
    ------------------
    ***** Kernel symbols are WRONG. Please fix symbols to do analysis.
    *************************************************************************
    *** ***
    *** ***
    *** Your debugger is not using the correct symbols ***
    *** ***
    *** In order for this command to work properly, your symbol path ***
    *** must point to .pdb files that have full type information. ***
    *** ***
    *** Certain .pdb files (such as the public OS symbols) do not ***
    *** contain the required information. Contact the group that ***
    *** provided you with these symbols if you need this command to ***
    *** work. ***
    *** ***
    *** Type referenced: nt!_KPRCB ***
    *** ***
    *************************************************************************
    *************************************************************************
    *** ***
    *** ***
    *** Your debugger is not using the correct symbols ***
    *** ***
    *** In order for this command to work properly, your symbol path ***
    *** must point to .pdb files that have full type information. ***
    *** ***
    *** Certain .pdb files (such as the public OS symbols) do not ***
    *** contain the required information. Contact the group that ***
    *** provided you with these symbols if you need this command to ***
    *** work. ***
    *** ***
    *** Type referenced: nt!_KPRCB ***
    *** ***
    *************************************************************************
    *************************************************************************
    *** ***
    *** ***
    *** Your debugger is not using the correct symbols ***
    *** ***
    *** In order for this command to work properly, your symbol path ***
    *** must point to .pdb files that have full type information. ***
    *** ***
    *** Certain .pdb files (such as the public OS symbols) do not ***
    *** contain the required information. Contact the group that ***
    *** provided you with these symbols if you need this command to ***
    *** work. ***
    *** ***
    *** Type referenced: nt!_KPRCB ***
    *** ***
    *************************************************************************
    ADDITIONAL_DEBUG_TEXT:
    Use '!findthebuild' command to search for the target build information.
    If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols.
    MODULE_NAME: nt
    FAULTING_MODULE: fffff80002a17000 nt
    DEBUG_FLR_IMAGE_TIMESTAMP: 4c1c44a9
    READ_ADDRESS: unable to get nt!MmSpecialPoolStart
    unable to get nt!MmSpecialPoolEnd
    unable to get nt!MmPoolCodeStart
    unable to get nt!MmPoolCodeEnd
    0000000000000028
    CURRENT_IRQL: 0
    FAULTING_IP:
    nt+b2518
    fffff800`02ac9518 48f7412800ffffff test qword ptr [rcx+28h],0FFFFFFFFFFFFFF00h
    CUSTOMER_CRASH_COUNT: 1
    DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
    BUGCHECK_STR: 0xA
    LAST_CONTROL_TRANSFER: from fffff80002a86ca9 to fffff80002a87740
    STACK_TEXT:
    fffff880`029834b8 fffff800`02a86ca9 : 00000000`0000000a 00000000`00000028 00000000`00000002 00000000`00000000 : nt+0x70740
    fffff880`029834c0 00000000`0000000a : 00000000`00000028 00000000`00000002 00000000`00000000 fffff800`02ac9518 : nt+0x6fca9
    fffff880`029834c8 00000000`00000028 : 00000000`00000002 00000000`00000000 fffff800`02ac9518 fffff880`011ab4a2 : 0xa
    fffff880`029834d0 00000000`00000002 : 00000000`00000000 fffff800`02ac9518 fffff880`011ab4a2 00000000`00000000 : 0x28
    fffff880`029834d8 00000000`00000000 : fffff800`02ac9518 fffff880`011ab4a2 00000000`00000000 00000000`00000000 : 0x2

    STACK_COMMAND: .bugcheck ; kb
    FOLLOWUP_IP:
    nt+b2518
    fffff800`02ac9518 48f7412800ffffff test qword ptr [rcx+28h],0FFFFFFFFFFFFFF00h
    SYMBOL_NAME: nt+b2518
    FOLLOWUP_NAME: MachineOwner
    IMAGE_NAME: ntoskrnl.exe
    BUCKET_ID: WRONG_SYMBOLS
    Followup: MachineOwner
    ---------


    Thanks again for your review!

    Lisa
     
  2. bigbear

    bigbear

    Joined:
    Apr 27, 2004
    Messages:
    4,719
  3. LWAL0767

    LWAL0767 Thread Starter

    Joined:
    Jan 19, 2011
    Messages:
    2
    Will give the repair install a try this eve. I am hoping this works...Other than that, will prob uninstall AVG and replace with Microsoft Security Essentials and the last thing to try before taking it in is probably the Verifier. Any other suggestions, if these steps do not work?

    Thanks for your time in viewing and responding...

    Lisa
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/975672

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice