Hey Leute bin neu hier im Forum und hab folgendes Probem ich bekomme öfters einen Bluscreen jetzt hab ich die DMP datei mal mit Windows Debugging Tool anlysiert kann damit aber nicht recht was anfagen und möchte euch deshalb um Mithilfe bitten
Danke schonmal im vorraus
MFG : Jack
Hier die Auswertung
Debugging Details:
Danke schonmal im vorraus
MFG : Jack
Hier die Auswertung
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\Jack\Desktop\Arbeit\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available
Symbol search path is: SRV*C:\Windows\Symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: C:\Windows\System32
Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6002.18327.x86fre.vistasp2_gdr.101014-0432
Machine Name:
Kernel base = 0x82a01000 PsLoadedModuleList = 0x82b18c70
Debug session time: Sun Jun 19 00:55:29.707 2011 (UTC + 2:00)
System Uptime: 0 days 16:55:57.978
Loading Kernel Symbols
...............................................................
................................................................
.......................
Loading User Symbols
PEB is paged out (Peb.Ldr = 7ffd300c). Type ".hh dbgerr001" for details
Loading unloaded module list
............
*** ERROR: Module load completed but symbols could not be loaded for EagleNT.sys
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 18, {bad0b0b0, 8586e030, 2, ffffffff}
Probably caused by : EagleNT.sys ( EagleNT+14596 )
Followup: MachineOwner
---------
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
REFERENCE_BY_POINTER (18)
Arguments:
Arg1: bad0b0b0, Object type of the object whose reference count is being lowered
Arg2: 8586e030, Object whose reference count is being lowered
Arg3: 00000002, Reserved
Arg4: ffffffff, Reserved
The reference count of an object is illegal for the current state of the object.
Each time a driver uses a pointer to an object the driver calls a kernel routine
to increment the reference count of the object. When the driver is done with the
pointer the driver calls another kernel routine to decrement the reference count.
Drivers must match calls to the increment and decrement routines. This bugcheck
can occur because an object's reference count goes to zero while there are still
open handles to the object, in which case the fourth parameter indicates the number
of opened handles. It may also occur when the object’s reference count drops below zero
whether or not there are open handles to the object, and in that case the fourth parameter
contains the actual value of the pointer references count.
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\Jack\Desktop\Arbeit\MEMORY.DMP]
Kernel Summary Dump File: Only kernel address space is available
Symbol search path is: SRV*C:\Windows\Symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: C:\Windows\System32
Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Built by: 6002.18327.x86fre.vistasp2_gdr.101014-0432
Machine Name:
Kernel base = 0x82a01000 PsLoadedModuleList = 0x82b18c70
Debug session time: Sun Jun 19 00:55:29.707 2011 (UTC + 2:00)
System Uptime: 0 days 16:55:57.978
Loading Kernel Symbols
...............................................................
................................................................
.......................
Loading User Symbols
PEB is paged out (Peb.Ldr = 7ffd300c). Type ".hh dbgerr001" for details
Loading unloaded module list
............
*** ERROR: Module load completed but symbols could not be loaded for EagleNT.sys
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 18, {bad0b0b0, 8586e030, 2, ffffffff}
Probably caused by : EagleNT.sys ( EagleNT+14596 )
Followup: MachineOwner
---------
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
REFERENCE_BY_POINTER (18)
Arguments:
Arg1: bad0b0b0, Object type of the object whose reference count is being lowered
Arg2: 8586e030, Object whose reference count is being lowered
Arg3: 00000002, Reserved
Arg4: ffffffff, Reserved
The reference count of an object is illegal for the current state of the object.
Each time a driver uses a pointer to an object the driver calls a kernel routine
to increment the reference count of the object. When the driver is done with the
pointer the driver calls another kernel routine to decrement the reference count.
Drivers must match calls to the increment and decrement routines. This bugcheck
can occur because an object's reference count goes to zero while there are still
open handles to the object, in which case the fourth parameter indicates the number
of opened handles. It may also occur when the object’s reference count drops below zero
whether or not there are open handles to the object, and in that case the fourth parameter
contains the actual value of the pointer references count.
Debugging Details:
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x18
PROCESS_NAME: metin2client.bi
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from 9e798596 to 82a45d91
STACK_TEXT:
baf8fab4 9e798596 baf8fac8 9e79801d 8586e030 nt!ObfDereferenceObject+0x66
WARNING: Stack unwind information not available. Following frames may be wrong.
baf8fabc 9e79801d 8586e030 baf8fad0 9e797c78 EagleNT+0x14596
baf8fac8 9e797c78 baf8fc2c 9e7defb3 85eeed30 EagleNT+0x1401d
baf8fadc 8ae97e55 301ca186 9e786797 00000034 EagleNT+0x13c78
baf8fc2c 82a45976 85846ee8 8643e7f8 8643e7f8 Ntfs!NtfsCommonClose+0x51b
baf8fc44 82c47c33 85eeed30 8643e7f8 8643e868 nt!IofCallDriver+0x63
baf8fc64 82c483d8 85846ee8 85eeed30 00000000 nt!IopSynchronousServiceTail+0x1d9
baf8fd00 82c494a2 85846ee8 8643e7f8 00000000 nt!IopXxxControlFile+0x6b7
baf8fd34 82a4bc7a 00000424 00000000 00000000 nt!NtDeviceIoControlFile+0x2a
baf8fd34 77765ca4 00000424 00000000 00000000 nt!KiFastCallEntry+0x12a
0012cf84 00000000 00000000 00000000 00000000 0x77765ca4
STACK_COMMAND: kb
FOLLOWUP_IP:
EagleNT+14596
9e798596 5d pop ebp
SYMBOL_STACK_INDEX: 1
SYMBOL_NAME: EagleNT+14596
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: EagleNT
IMAGE_NAME: EagleNT.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4c906634
FAILURE_BUCKET_ID: 0x18_BADMEMREF_EagleNT+14596
BUCKET_ID: 0x18_BADMEMREF_EagleNT+14596
Followup: MachineOwner
---------
BUGCHECK_STR: 0x18
PROCESS_NAME: metin2client.bi
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from 9e798596 to 82a45d91
STACK_TEXT:
baf8fab4 9e798596 baf8fac8 9e79801d 8586e030 nt!ObfDereferenceObject+0x66
WARNING: Stack unwind information not available. Following frames may be wrong.
baf8fabc 9e79801d 8586e030 baf8fad0 9e797c78 EagleNT+0x14596
baf8fac8 9e797c78 baf8fc2c 9e7defb3 85eeed30 EagleNT+0x1401d
baf8fadc 8ae97e55 301ca186 9e786797 00000034 EagleNT+0x13c78
baf8fc2c 82a45976 85846ee8 8643e7f8 8643e7f8 Ntfs!NtfsCommonClose+0x51b
baf8fc44 82c47c33 85eeed30 8643e7f8 8643e868 nt!IofCallDriver+0x63
baf8fc64 82c483d8 85846ee8 85eeed30 00000000 nt!IopSynchronousServiceTail+0x1d9
baf8fd00 82c494a2 85846ee8 8643e7f8 00000000 nt!IopXxxControlFile+0x6b7
baf8fd34 82a4bc7a 00000424 00000000 00000000 nt!NtDeviceIoControlFile+0x2a
baf8fd34 77765ca4 00000424 00000000 00000000 nt!KiFastCallEntry+0x12a
0012cf84 00000000 00000000 00000000 00000000 0x77765ca4
STACK_COMMAND: kb
FOLLOWUP_IP:
EagleNT+14596
9e798596 5d pop ebp
SYMBOL_STACK_INDEX: 1
SYMBOL_NAME: EagleNT+14596
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: EagleNT
IMAGE_NAME: EagleNT.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4c906634
FAILURE_BUCKET_ID: 0x18_BADMEMREF_EagleNT+14596
BUCKET_ID: 0x18_BADMEMREF_EagleNT+14596
Followup: MachineOwner
---------
Zuletzt bearbeitet von einem Moderator: