Analizować plik .mdp


(Rafcio 100) #1

Witam, potrzebuje pomocy w zanalizowaniu zrzuty pamięci (folder Minidump). Pliki te można otworzyć programem Debugging Tools for Windows. Zrobiłbym to jakbym miał te za***** symbole które pobrałem parę razy i nie pasują.

Że tak powiem muszę wiedzieć co temu dolega gdyż komputer często się resetuje na dzień. Już przeskanowałem i usunąłem wszelkie wirusy, sformatowałem i wgrałem system na nowo, temperatury mam w normie, wgrałem 3x inne biosy, przywróciłem ustawienia biosu domyślnie i nic nie pomogło. Jedynym rozwiązaniem to pobrać ten zrzut pamięci

http://www.speedyshare.com/395601156.html

i powiedzieć co mam nie tak z moim sprzętem lub oprogramowaniem...

Pozwolę sobie skopiować treść bez symboli tego zrzutu

Microsoft ® Windows Debugger Version 6.6.0003.5

Copyright © Microsoft Corporation. All rights reserved.

Loading Dump File [C]

Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: *** Invalid ***

****************************************************************************

* Symbol loading may be unreliable without a symbol search path. *

* Use .symfix to have the debugger choose a symbol path. *

* After setting your symbol path, use .reload to refresh symbol locations. *

****************************************************************************

Executable search path is:

*********************************************************************

* Symbols can not be loaded because symbol path is not initialized. *

* *

* The Symbol Path can be set by: *

* using the _NT_SYMBOL_PATH environment variable. *

* using the -y argument when starting the debugger. *

* using .sympath and .sympath+ *

*********************************************************************

Unable to load image ntoskrnl.exe, Win32 error 2

*** WARNING: Unable to verify timestamp for ntoskrnl.exe

*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe

Windows XP Kernel Version 2600 (Service Pack 2) MP (2 procs) Free x86 compatible

Product: WinNt, suite: TerminalServer SingleUserTS

Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055c700

Debug session time: Wed Nov 26 16:29:41.046 2008 (GMT+1)

System Uptime: 0 days 23:18:37.784

*********************************************************************

* Symbols can not be loaded because symbol path is not initialized. *

* *

* The Symbol Path can be set by: *

* using the _NT_SYMBOL_PATH environment variable. *

* using the -y argument when starting the debugger. *

* using .sympath and .sympath+ *

*********************************************************************

Unable to load image ntoskrnl.exe, Win32 error 2

*** WARNING: Unable to verify timestamp for ntoskrnl.exe

*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe

Loading Kernel Symbols

.....................................................................................................................

Loading User Symbols

Loading unloaded module list

.....................

*******************************************************************************

* *

* Bugcheck Analysis *

* *

*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1000007F, {8, bab38d70, 0, 0}

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*************************************************************************

*** ***

*** ***

*** Your debugger is not using the correct symbols ***

*** ***

*** In order for this command to work properly, your symbol path ***

*** must point to .pdb files that have full type information. ***

*** ***

*** Certain .pdb files (such as the public OS symbols) do not ***

*** contain the required information. Contact the group that ***

*** provided you with these symbols if you need this command to ***

*** work. ***

*** ***

*** Type referenced: nt!_KPRCB ***

*** ***

*************************************************************************

Followup: MachineOwner