ntoskrnl - deciphering mini.dmp

G

Guest

my system is crashing quite a bit since I installed the latest patches.
(XPPRO). My system was solid before this. Could be a coincidence. I have
d'loaded the tools and am able to view the mini.dmp but don't know how to
decipher it. Someone help....

Microsoft (R) Windows Debugger Version 6.4.0007.2
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\WINDOWS\Minidump\Mini021405-02.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: C:\WINDOWS\Symbols
Executable search path is:
Unable to load image ntoskrnl.exe, Win32 error 2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055ab20
Debug session time: Mon Feb 14 00:21:20.133 2005 (GMT-5)
System Uptime: 0 days 0:01:18.722
Unable to load image ntoskrnl.exe, Win32 error 2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
Loading Kernel Symbol
...................................................................................................................................
Loading unloaded module list
.....
Loading User Symbol
*******************************************************************************
*
*
* Bugcheck Analysis
*
*

*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 10000050, {b0823fe7, 0, 804eebc8, 0}

Unable to load image Ntfs.sys, Win32 error 2
*** WARNING: Unable to verify timestamp for Ntfs.sys

Could not read faulting driver name
Probably caused by : ntoskrnl.exe ( nt!FsRtlRemoveLargeEntry+94 )

Followup: MachineOwner
________________________________________
 
O

OShah

my system is crashing quite a bit since I installed the latest patches.
(XPPRO). My system was solid before this. Could be a coincidence. I have
d'loaded the tools and am able to view the mini.dmp but don't know how
to decipher it. Someone help....

Microsoft (R) Windows Debugger Version 6.4.0007.2
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\WINDOWS\Minidump\Mini021405-02.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: C:\WINDOWS\Symbols
Executable search path is:
Unable to load image ntoskrnl.exe, Win32 error 2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055ab20
Debug session time: Mon Feb 14 00:21:20.133 2005 (GMT-5)
System Uptime: 0 days 0:01:18.722
Unable to load image ntoskrnl.exe, Win32 error 2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
Loading Kernel Symbols
........................................................................ ..
......................................................... Loading
unloaded module list ....
Loading User Symbols
************************************************************************ *
****** *

*
* Bugcheck Analysis

*
*

*
************************************************************************ *
******

Use !analyze -v to get detailed debugging information.

BugCheck 10000050, {b0823fe7, 0, 804eebc8, 0}

Unable to load image Ntfs.sys, Win32 error 2
*** WARNING: Unable to verify timestamp for Ntfs.sys

Could not read faulting driver name
Probably caused by : ntoskrnl.exe ( nt!FsRtlRemoveLargeEntry+94 )

Followup: MachineOwner
________________________________________
Click to expand...


The Windows Kernel Debugging Tools are only recommended to people who have
created a Windows Device Driver (you need to have knowledge of C,
Assembly, the Windows DDK, Reverse engineering concepts, and have read
"Windows Internals" by M. Russinovich).

First step is to reproduce the crash with full dumps enabled (you only
have minidumps enabled). (Should be quite easy if this crash keeps
occurring to you.)

Next, make sure you've downloaded and installed the Windows Symbol Files
(it's from the same place you downloaded the debugging tools). These files
run into the gigs, so be prepared if you only have dialup.

The next step to perform is to rerun Windbg on the full memory dump, then
type the command "!analyze -v".

Ntfs is referenced in your case. Have you run a complete chkdsk?




--
------------------------------------------------------------------------
oshah [shexec32]
Control Panel -> System -> Advanced -> Error Reporting -> Choose Programs
-> Do not report errors for these programs:

Acrobat.exe
waol.exe

------------------------------------------------------------------------
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

ntoskrnl error BSOD 1
XP crashes, dmp files added. 6
HTTP blue screen error 2
bluescreen, dumpfile, please help 2
Multiple save dumps (with debug info) 4
crash dump reviews. Help 1
problems with PC crashing; help/insight requested 11
Using WinDebug 3

Top