1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Dump Data

Discussion in 'Windows XP' started by Blackroc, 2006/11/07.

  1. 2006/11/07
    Blackroc

    Blackroc Inactive Thread Starter

    Joined:
    2006/11/07
    Messages:
    1
    Likes Received:
    0
    This is a dump form my Evo laptop. Nearly every time I start or restart the computer I get a stop: 0x message.

    Opened log file 'c:\debuglog.txt'

    Microsoft (R) Windows Debugger Version 6.6.0007.5
    Copyright (c) Microsoft Corporation. All rights reserved.


    Loading Dump File [C:\WINDOWS\Minidump\Mini110706-02.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available

    Symbol search path is: SRV*c:\symbols*http://msdl.microsoft.com/download/symbols
    Executable search path is: C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS\system32\drivers
    Windows XP Kernel Version 2600 (Service Pack 2) UP Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS Personal
    Built by: 2600.xpsp_sp2_gdr.050301-1519
    Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055a420
    Debug session time: Tue Nov 7 16:25:06.077 2006 (GMT-6)
    System Uptime: 0 days 0:00:53.657
    Loading Kernel Symbols
    ............................................................................................

    ...............................
    Loading User Symbols
    Loading unloaded module list
    .....
    *******************************************************************************
    * *
    * Bugcheck Analysis *
    * *
    *******************************************************************************

    Use !analyze -v to get detailed debugging information.

    BugCheck 100000D1, {3661365c, 2, 0, 3661365c}

    Probably caused by : ntoskrnl.exe ( nt!ObpAllocateObject+c8 )

    Followup: MachineOwner
    ---------

    kd> !analyze -v;r;kv;lmtn;.logclose;q
    *******************************************************************************
    * *
    * Bugcheck Analysis *
    * *
    *******************************************************************************

    DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1)
    An attempt was made to access a pageable (or completely invalid) address at an
    interrupt request level (IRQL) that is too high. This is usually
    caused by drivers using improper addresses.
    If kernel debugger is available get stack backtrace.
    Arguments:
    Arg1: 3661365c, memory referenced
    Arg2: 00000002, IRQL
    Arg3: 00000000, value 0 = read operation, 1 = write operation
    Arg4: 3661365c, address which referenced memory

    Debugging Details:
    ------------------


    READ_ADDRESS: 3661365c

    CURRENT_IRQL: 2

    FAULTING_IP:
    +3661365c
    3661365c ?? ???

    PROCESS_NAME: svchost.exe

    CUSTOMER_CRASH_COUNT: 2

    DEFAULT_BUCKET_ID: DRIVER_FAULT

    BUGCHECK_STR: 0xD1

    LAST_CONTROL_TRANSFER: from 867557d6 to 3661365c

    FAILED_INSTRUCTION_ADDRESS:
    +3661365c
    3661365c ?? ???

    STACK_TEXT:
    WARNING: Frame IP not in any known module. Following frames may be wrong.
    b874c914 867557d6 86899538 00000000 872a8420 0x3661365c
    b874c9e0 805645f7 80560580 80560500 ffffffff 0x867557d6
    b874ca28 8722f149 872a8420 8705c2f8 8696163f nt!ObpAllocateObject+0xc8
    00000000 00000000 00000000 00000000 00000000 0x8722f149


    STACK_COMMAND: kb

    FOLLOWUP_IP:
    nt!ObpAllocateObject+c8
    805645f7 8bd0 mov edx,eax

    SYMBOL_STACK_INDEX: 2

    SYMBOL_NAME: nt!ObpAllocateObject+c8

    FOLLOWUP_NAME: MachineOwner

    MODULE_NAME: nt

    IMAGE_NAME: ntoskrnl.exe

    DEBUG_FLR_IMAGE_TIMESTAMP: 42250ff9

    FAILURE_BUCKET_ID: 0xD1_CODE_AV_BAD_IP_nt!ObpAllocateObject+c8

    BUCKET_ID: 0xD1_CODE_AV_BAD_IP_nt!ObpAllocateObject+c8

    Followup: MachineOwner
    ---------

    eax=3661365c ebx=869a7bfc ecx=872a8420 edx=872363e0 esi=869a7c20 edi=869a7be8
    eip=3661365c esp=b874c918 ebp=b874c9c0 iopl=0 nv up ei pl nz na pe nc
    cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206
    3661365c ?? ???
    ChildEBP RetAddr Args to Child
    WARNING: Frame IP not in any known module. Following frames may be wrong.
    b874c914 867557d6 86899538 00000000 872a8420 0x3661365c
    b874c9e0 805645f7 80560580 80560500 ffffffff 0x867557d6
    b874ca28 8722f149 872a8420 8705c2f8 8696163f nt!ObpAllocateObject+0xc8 (FPO: [Non-Fpo])
    00000000 00000000 00000000 00000000 00000000 0x8722f149
    start end module name
    804d7000 806eb100 nt ntoskrnl.exe Tue Mar 01 18:59:37 2005 (42250FF9)
    806ec000 806ffd80 hal halacpi.dll Tue Aug 03 23:59:04 2004 (41107B28)
    b8839000 b883cd80 CBTNDIS5 CBTNDIS5.SYS Wed Jul 16 08:28:00 2003 (3F1560F0)
    b8851000 b88a2480 srv srv.sys Mon Aug 14 04:34:39 2006 (44E051BF)
    b89a4000 b89d0400 mrxdav mrxdav.sys Wed Aug 04 00:00:49 2004 (41107B91)
    b8abd000 b8ac0100 cqcpu cqcpu.sys Wed Sep 30 06:36:03 1998 (361225B3)
    b8b39000 b8b4e580 irda irda.sys Wed Aug 04 00:00:50 2004 (41107B92)
    b8cfb000 b8cfe280 ndisuio ndisuio.sys Wed Aug 04 00:03:10 2004 (41107C1E)
    bad57000 bad6e480 dump_atapi dump_atapi.sys Tue Aug 03 23:59:41 2004 (41107B4D)
    bae0f000 bae2ff00 ipnat ipnat.sys Wed Sep 29 16:28:36 2004 (415B3714)
    bae58000 bae90000 klif klif.sys Fri Aug 04 05:00:23 2006 (44D328C7)
    bae90000 baefea00 mrxsmb mrxsmb.sys Fri May 05 03:41:42 2006 (445B1DD6)
    baeff000 baf29a00 rdbss rdbss.sys Fri May 05 03:47:55 2006 (445B1F4B)
    baf2a000 baf4bd00 afd afd.sys Wed Aug 04 00:14:13 2004 (41107EB5)
    baf4c000 baf73c00 netbt netbt.sys Wed Aug 04 00:14:36 2004 (41107ECC)
    baf74000 bafcc080 tcpip tcpip.sys Thu Apr 20 06:18:33 2006 (44477C19)
    bafcd000 bafdf400 ipsec ipsec.sys Wed Aug 04 00:14:27 2004 (41107EC3)
    bf800000 bf9c1180 win32k win32k.sys Wed Oct 05 18:05:44 2005 (43446A58)
    bf9c2000 bf9d3580 dxg dxg.sys Wed Aug 04 00:00:51 2004 (41107B93)
    bf9d4000 bfa10000 ati2dvag ati2dvag.dll Tue Jun 07 20:20:09 2005 (42A655D9)
    bfa10000 bfa43000 ati2cqag ati2cqag.dll Tue Jun 07 19:45:27 2005 (42A64DB7)
    bfa43000 bfa76000 atikvmag atikvmag.dll Tue Jun 07 19:51:03 2005 (42A64F07)
    bfa76000 bfcb3200 ati3duag ati3duag.dll Tue Jun 07 20:07:16 2005 (42A652D4)
    bfcb4000 bfd4a200 ativvaxx ativvaxx.dll Tue Jun 07 20:01:31 2005 (42A6517B)
    f68a4000 f68a6900 Dxapi Dxapi.sys Fri Aug 17 14:53:19 2001 (3B7D843F)
    f68ec000 f691f200 update update.sys Tue Aug 03 23:58:32 2004 (41107B08)
    f6920000 f6930e00 psched psched.sys Wed Aug 04 00:04:16 2004 (41107C60)
    f6931000 f6947680 ndiswan ndiswan.sys Wed Aug 04 00:14:30 2004 (41107EC6)
    f6948000 f695f940 aeaudio aeaudio.sys Thu Oct 23 12:17:07 2003 (3F981B23)
    f6960000 f6983980 portcls portcls.sys Wed Aug 04 00:15:47 2004 (41107F13)
    f6984000 f6a14840 smwdm smwdm.sys Wed Dec 17 14:29:46 2003 (3FE0BCBA)
    f6a15000 f6a37680 ks ks.sys Wed Aug 04 00:15:20 2004 (41107EF8)
    f6a38000 f6a656a0 SynTP SynTP.sys Thu Nov 04 20:26:41 2004 (418AE4E1)
    f6a66000 f6a79900 parport parport.sys Tue Aug 03 23:59:04 2004 (41107B28)
    f6a7a000 f6a9ce80 USBPORT USBPORT.SYS Wed Aug 04 00:08:34 2004 (41107D62)
    f6a9d000 f6ab9c00 e100b325 e100b325.sys Tue Jun 12 11:02:45 2001 (3B264B35)
    f6aba000 f6b14c00 bcmwl5 bcmwl5.sys Fri Feb 11 21:58:29 2005 (420D7EE5)
    f6b15000 f6bafa40 ltmdmxp ltmdmxp.sys Tue Jul 01 13:32:58 2003 (3F01E1EA)
    f6bb0000 f6bc3780 VIDEOPRT VIDEOPRT.SYS Wed Aug 04 00:07:04 2004 (41107D08)
    f6bc4000 f6cfb000 ati2mtag ati2mtag.sys Tue Jun 07 20:19:50 2005 (42A655C6)
    f6cfb000 f6d04480 NDProxy NDProxy.SYS Fri Aug 17 14:55:30 2001 (3B7D84C2)
    f6d0b000 f6d14f00 termdd termdd.sys Tue Aug 03 23:58:52 2004 (41107B1C)
    f6d1b000 f6d29940 odysseyIM3 odysseyIM3.sys Sun Apr 20 22:38:08 2003 (3EA375B0)
    f6d2b000 f6d33900 msgpc msgpc.sys Wed Aug 04 00:04:11 2004 (41107C5B)
    f6d3b000 f6d46d00 raspptp raspptp.sys Wed Aug 04 00:14:26 2004 (41107EC2)
    f6d4b000 f6d55200 raspppoe raspppoe.sys Wed Aug 04 00:05:06 2004 (41107C92)
    f6d5b000 f6d67880 rasl2tp rasl2tp.sys Wed Aug 04 00:14:21 2004 (41107EBD)
    f6d6b000 f6d79b80 drmk drmk.sys Wed Aug 04 00:07:54 2004 (41107D3A)
    f755d000 f7560c80 mssmbios mssmbios.sys Wed Aug 04 00:07:47 2004 (41107D33)
    f7561000 f7563580 ndistapi ndistapi.sys Fri Aug 17 14:55:29 2001 (3B7D84C1)
    f7565000 f7567280 wmiacpi wmiacpi.sys Wed Aug 04 00:07:39 2004 (41107D2B)
    f7569000 f756c700 CmBatt CmBatt.sys Wed Aug 04 00:07:39 2004 (41107D2B)
    f759f000 f75a1c00 irenum irenum.sys Wed Aug 04 00:00:45 2004 (41107B8D)
    f75a3000 f75a6c80 serenum serenum.sys Tue Aug 03 23:59:06 2004 (41107B2A)
    f75af000 f75b1280 rasacd rasacd.sys Fri Aug 17 14:55:39 2001 (3B7D84CB)
    f7604000 f761e580 Mup Mup.sys Wed Aug 04 00:15:20 2004 (41107EF8)
    f761f000 f7636be0 snapman snapman.sys Mon Nov 07 00:38:42 2005 (436EF672)
    f7637000 f7663a80 NDIS NDIS.sys Wed Aug 04 00:14:27 2004 (41107EC3)
    f7664000 f76f0480 Ntfs Ntfs.sys Wed Aug 04 00:15:06 2004 (41107EEA)
    f76f1000 f7707780 KSecDD KSecDD.sys Tue Aug 03 23:59:45 2004 (41107B51)
    f7708000 f7719f00 sr sr.sys Wed Aug 04 00:06:22 2004 (41107CDE)
    f771a000 f7739780 fltmgr fltmgr.sys Mon Aug 21 03:14:57 2006 (44E97991)
    f773a000 f7751480 atapi atapi.sys Tue Aug 03 23:59:41 2004 (41107B4D)
    f7752000 f7770880 ftdisk ftdisk.sys Fri Aug 17 14:52:41 2001 (3B7D8419)
    f7771000 f778e480 pcmcia pcmcia.sys Wed Aug 04 00:07:45 2004 (41107D31)
    f778f000 f779fa80 pci pci.sys Wed Aug 04 00:07:45 2004 (41107D31)
    f77a0000 f77cdd80 ACPI ACPI.sys Wed Aug 04 00:07:35 2004 (41107D27)
    f77ef000 f77f7c00 isapnp isapnp.sys Fri Aug 17 14:58:01 2001 (3B7D8559)
    f77ff000 f7809500 MountMgr MountMgr.sys Tue Aug 03 23:58:29 2004 (41107B05)
    f780f000 f781bc80 VolSnap VolSnap.sys Wed Aug 04 00:00:14 2004 (41107B6E)
    f781f000 f7827e00 disk disk.sys Tue Aug 03 23:59:53 2004 (41107B59)
    f782f000 f783b200 CLASSPNP CLASSPNP.SYS Wed Aug 04 00:14:26 2004 (41107EC2)
    f783f000 f7849580 agp440 agp440.sys Wed Aug 04 00:07:40 2004 (41107D2C)
    f786f000 f7877880 Fips Fips.SYS Fri Aug 17 19:31:49 2001 (3B7DC585)
    f788f000 f789e900 Cdfs Cdfs.SYS Wed Aug 04 00:14:09 2004 (41107EB1)
    f794f000 f7957d00 intelppm intelppm.sys Tue Aug 03 23:59:19 2004 (41107B37)
    f795f000 f796ed80 serial serial.sys Wed Aug 04 00:15:51 2004 (41107F17)
    f796f000 f7977c00 smcirda smcirda.sys Tue Apr 10 13:43:35 2001 (3AD36267)
    f797f000 f798be00 i8042prt i8042prt.sys Wed Aug 04 00:14:36 2004 (41107ECC)
    f798f000 f799b180 cdrom cdrom.sys Tue Aug 03 23:59:52 2004 (41107B58)
    f799f000 f79ad080 redbook redbook.sys Tue Aug 03 23:59:34 2004 (41107B46)
    f79ef000 f79fd100 usbhub usbhub.sys Wed Aug 04 00:08:40 2004 (41107D68)
    f7a2f000 f7a37700 netbios netbios.sys Wed Aug 04 00:03:19 2004 (41107C27)
    f7a4f000 f7a57700 wanarp wanarp.sys Wed Aug 04 00:04:57 2004 (41107C89)
    f7a6f000 f7a75200 PCIIDEX PCIIDEX.SYS Tue Aug 03 23:59:40 2004 (41107B4C)
    f7a77000 f7a7b900 PartMgr PartMgr.sys Fri Aug 17 19:32:23 2001 (3B7DC5A7)
    f7a7f000 f7a83e20 PxHelp20 PxHelp20.sys Tue Feb 01 17:23:42 2005 (42000F7E)
    f7a87000 f7a8b880 TDI TDI.SYS Wed Aug 04 00:07:47 2004 (41107D33)
    f7aa7000 f7aae880 Npfs Npfs.SYS Wed Aug 04 00:00:38 2004 (41107B86)
    f7ab7000 f7abb500 watchdog watchdog.sys Wed Aug 04 00:07:32 2004 (41107D24)
    f7af7000 f7afb920 cpqdfw cpqdfw.sys Mon Aug 19 13:35:43 2002 (3D61488F)
    f7b47000 f7b4e580 Modem Modem.SYS Wed Aug 04 00:08:04 2004 (41107D44)
    f7b4f000 f7b53280 usbohci usbohci.sys Wed Aug 04 00:08:34 2004 (41107D62)
    f7b57000 f7b5d800 usbehci usbehci.sys Wed Aug 04 00:08:34 2004 (41107D62)
    f7b5f000 f7b60000 fdc fdc.sys unavailable (00000000)
    f7b67000 f7b6d000 kbdclass kbdclass.sys Tue Aug 03 23:58:32 2004 (41107B08)
    f7b6f000 f7b74a00 mouclass mouclass.sys Tue Aug 03 23:58:32 2004 (41107B08)
    f7b77000 f7b7db00 ElbyCDFL ElbyCDFL.sys Tue May 03 09:34:02 2005 (427799EA)
    f7ba7000 f7babc80 rasirda rasirda.sys Fri Aug 17 14:51:29 2001 (3B7D83D1)
    f7baf000 f7bb3580 ptilink ptilink.sys Fri Aug 17 14:49:53 2001 (3B7D8371)
    f7bb7000 f7bbb080 raspti raspti.sys Fri Aug 17 14:55:32 2001 (3B7D84C4)
    f7bef000 f7bf4200 vga vga.sys Wed Aug 04 00:07:06 2004 (41107D0A)
    f7bf7000 f7bfba80 Msfs Msfs.SYS Wed Aug 04 00:00:37 2004 (41107B85)
    f7bff000 f7c02000 BOOTVID BOOTVID.dll Fri Aug 17 14:49:09 2001 (3B7D8345)
    f7c03000 f7c05480 compbatt compbatt.sys Fri Aug 17 14:57:58 2001 (3B7D8556)
    f7c07000 f7c0a700 BATTC BATTC.SYS Fri Aug 17 14:57:52 2001 (3B7D8550)
    f7c0b000 f7c0d640 kl1 kl1.sys Mon Feb 13 06:24:10 2006 (43F07A6A)
    f7cef000 f7cf0b80 kdcom kdcom.dll Fri Aug 17 14:49:10 2001 (3B7D8346)
    f7cf1000 f7cf2100 WMILIB WMILIB.SYS Fri Aug 17 15:07:23 2001 (3B7D878B)
    f7cf3000 f7cf4580 intelide intelide.sys Tue Aug 03 23:59:40 2004 (41107B4C)
    f7d19000 f7d1a280 USBD USBD.SYS Fri Aug 17 15:02:58 2001 (3B7D8682)
    f7d21000 f7d22100 swenum swenum.sys Tue Aug 03 23:58:41 2004 (41107B11)
    f7d4b000 f7d4cf00 Fs_Rec Fs_Rec.SYS Fri Aug 17 14:49:37 2001 (3B7D8361)
    f7d4d000 f7d4e080 Beep Beep.SYS Fri Aug 17 14:47:33 2001 (3B7D82E5)
    f7d4f000 f7d50080 mnmdd mnmdd.SYS Fri Aug 17 14:57:28 2001 (3B7D8538)
    f7d51000 f7d52080 RDPCDD RDPCDD.sys Fri Aug 17 14:46:56 2001 (3B7D82C0)
    f7d5d000 f7d5e100 dump_WMILIB dump_WMILIB.SYS Fri Aug 17 15:07:23 2001 (3B7D878B)
    f7d9d000 f7d9efa0 cq_mem cq_mem.sys Wed May 19 07:00:49 1999 (3742B601)
    f7d9f000 f7da0a80 ParVdm ParVdm.SYS Fri Aug 17 14:49:49 2001 (3B7D836D)
    f7da1000 f7da2f80 ElbyCDIO ElbyCDIO.sys Fri Apr 21 19:44:39 2006 (44498A87)
    f7de0000 f7de0c00 audstub audstub.sys Fri Aug 17 14:59:40 2001 (3B7D85BC)
    f7e4a000 f7e4ab80 Null Null.SYS Fri Aug 17 14:47:39 2001 (3B7D82EB)
    f7e7d000 f7e7dd00 dxgthk dxgthk.sys Fri Aug 17 14:53:12 2001 (3B7D8438)
    f7ed2000 f7ed2860 BANTExt BANTExt.sys Wed May 27 20:43:29 1998 (356CCF51)

    Unloaded modules:
    f7a5f000 f7a6a000 imapi.sys
    Timestamp: unavailable (00000000)
    Checksum: 00000000
    f7a3f000 f7a48000 processr.sys
    Timestamp: unavailable (00000000)
    Checksum: 00000000
    f7be7000 f7bec000 Cdaudio.SYS
    Timestamp: unavailable (00000000)
    Checksum: 00000000
    f75bf000 f75c2000 Sfloppy.SYS
    Timestamp: unavailable (00000000)
     
    Blackroc,
    #1
  2. 2006/11/07
    Bill Castner

    Bill Castner Inactive

    Joined:
    2006/08/30
    Messages:
    1,980
    Likes Received:
    0
    Your particular set of error conditions are likely due to malware.

    . Update your Antivirus definitions and do a thorough (not quick) scan of your system;

    . Download, update, and run a through anti-spyware scan with Ewido/AVG: http://www.ewido.net/
     
    Bill Castner,
    #2


  3. to hide this advert.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...